CN110380859B

CN110380859B - Quantum communication service station identity authentication method and system based on asymmetric key pool pair and DH protocol

Info

Publication number: CN110380859B
Application number: CN201910464740.3A
Authority: CN
Inventors: 富尧; 钟一民; 邱雅剑; 余秋炜
Original assignee: Ruban Quantum Technology Co Ltd
Current assignee: Ruban Quantum Technology Co Ltd
Priority date: 2019-05-30
Filing date: 2019-05-30
Publication date: 2022-10-14
Anticipated expiration: 2039-05-30
Also published as: CN110380859A

Abstract

The application discloses a quantum communication service station identity authentication method and system based on an asymmetric key pool pair and a DH protocol, wherein the system comprises an active party, a passive party, a service station QA, a service station QB and a communication network; the active side and the passive side are respectively provided with a client key fob, and a service station public key pool and a pair of client public and private keys are stored in the client key fob; the service station QA and the service station QB are respectively provided with a service station key card, and a client public key pool, a service station private key pool, a service station public key pool, a quantum communication service station public key pool and a quantum communication service station private key are stored in the service station key card. The risk that the asymmetric key is cracked is low, the key storage pressure brought to the quantum communication service station by the symmetric key pool is solved, data in the authentication process can be decrypted only by a DH private key owner, and the security of the authentication process based on the symmetric key algorithm is improved.

Description

Quantum communication service station identity authentication method and system based on asymmetric key pool pair and DH protocol

Technical Field

The application belongs to the technical field of secure communication, and particularly relates to a quantum communication identity authentication method and system based on an asymmetric key pool and a DH protocol. The identity authentication system between the client and the client under the quantum communication service station is concretely realized.

Background

The rapidly developing Internet brings great convenience to the life and work of people, and people can sit at home to receive and send e-mails, make calls, perform online shopping, bank transfer and other activities through the Internet. Meanwhile, network information security is becoming a potential huge problem. Generally, network information faces the following security risks: network information is stolen, information is tampered, an attacker impersonates information, malicious damage and the like.

Identity authentication is one of the means to protect people's network information. Identity authentication is also called as "identity verification" or "identity authentication" and refers to a process of confirming the identity of an operator in a computer and a computer network system, so as to determine whether the user has access and use authority to a certain resource, thereby enabling access policies of the computer and the network system to be reliably and effectively executed, preventing an attacker from impersonating a legitimate user to obtain the access authority of the resource, ensuring the security of the system and data, and authorizing the legitimate benefit of the accessor.

However, the current method for ensuring the success of identity authentication mainly depends on cryptographic technology, and in the field of cryptography today, there are two kinds of cryptographic systems, one is a symmetric key cryptographic system, i.e. the encryption key and the decryption key use the same key. The other is a public key cryptosystem, i.e. the encryption key and the decryption key are different, one of which may be public. At present, most of identity authentication algorithms mainly rely on a public key cryptography.

Public key cryptography systems employ different encryption keys (public keys) and decryption keys (private keys). Since the encryption key is public, the distribution and management of the key are simple, and the public key encryption system can easily implement digital signature.

Since the public key encryption was introduced, scholars have proposed a variety of public key encryption methods, the security of which is based on complex mathematical problems. Classified according to the mathematical problem on which they are based, there are three categories of systems currently considered safe and effective: large integer factorization systems (typically RSA), discrete logarithm systems (typically DSA), and elliptic discrete logarithm systems (ECC).

However, with the development of quantum computers, the classical asymmetric key encryption algorithm is no longer secure, and no matter the encryption and decryption method or the key exchange method, the quantum computer can obtain a private key through public key calculation, so that the currently used asymmetric key becomes insaniable in the quantum era. The quantum key distribution device QKD can now ensure that the negotiated key cannot be obtained. However, the QKD is mainly used for quantum trunks, and the client device to the quantum communication service station is still a classical network, so that it is difficult to ensure the security of the identity authentication process by means of an asymmetric algorithm.

Due to the potential threat of the quantum computer, the existing scheme for carrying out identity authentication based on the symmetric key pool carries out identity authentication by using the symmetric key between the quantum communication service station and the quantum key card, and abandons the use of public key cryptography so as to avoid the cracking of an identity authentication system by the quantum computer.

The problems existing in the prior art are as follows:

1. in the existing scheme for identity authentication based on a symmetric key pool, the symmetric key pool is used between a quantum communication service station and a quantum key card, so that the capacity of the symmetric key pool is huge, and pressure is brought to key storage of the quantum communication service station;

2. in the existing scheme for performing identity authentication based on the symmetric key pool, due to the huge key capacity of the symmetric key pool, the quantum communication service station has to encrypt and store the key in a common storage medium such as a hard disk, but cannot store the key in a key fob of the quantum communication service station;

3. the existing scheme for identity authentication based on the symmetric key pool causes troubles for key backup because the key capacity of the symmetric key pool is huge.

Disclosure of Invention

In view of the foregoing, it is necessary to provide a method and a system for authenticating an identity of a quantum communication service station based on an asymmetric key pool pair and a DH protocol.

The application discloses an identity authentication method of a quantum communication service station based on an asymmetric key pool pair and a DH protocol, which is implemented on an active side, and comprises the following steps:

generating a first authentication parameter X and sending the first authentication parameter X to a passive party; the first authentication parameter X is used for the passive party to obtain a first authentication message in combination with a second authentication parameter Y generated by the own party, and the first authentication message is used for the service station QB to obtain a second authentication message after being forwarded to the service station QB by the passive party;

receiving a second authentication message from a passive party, generating a third authentication message according to the second authentication message and a first authentication parameter X, obtaining a QA public key PKQA5 and a private key SKA of a service station from a key card of a self party, generating a DH key K5 by using the QA public key PKQA5 and the private key SKA of the self party, and obtaining an encrypted third message authentication code and an encrypted third authentication message by using the DH key K5;

transmitting the encrypted third message authentication code and the encrypted third authentication message to the service station QA; the third message authentication code is used for the service station QA to trust the third authentication message after verification, the third authentication message is used for the service station QA to obtain a fourth authentication message, and the fourth authentication message comprises a fourth signature obtained by the service station QA by utilizing a private key of a self party to sign the first authentication parameter X and the second authentication parameter Y;

acquiring an encrypted fourth authentication message from a service station QA, acquiring a service station QA public key PKQA6 and a private key SKA of a self party from a key fob of the self party, generating a DH key K6 by using the service station QA public key PKQA6 and the private key SKA of the self party, and decrypting by using the DH key K6 to obtain the fourth authentication message;

sending the fourth authentication message to a passive party; and the fourth authentication message is forwarded to the service station QB by the passive party and then is analyzed by the service station QB to obtain the fourth signature, the fourth signature is used for obtaining an identity authentication result after the service station QB checks the signature, and the identity authentication result is used for being received and confirmed by the passive party.

The application discloses a quantum communication service station identity authentication method based on an asymmetric key pool pair and a DH protocol, which is implemented on a passive side, and the quantum communication service station identity authentication method comprises the following steps:

acquiring a first authentication parameter X from an active party, generating a second authentication parameter Y at a self party, acquiring a first authentication message according to the first authentication parameter X and the second authentication parameter Y, acquiring a service station QB public key PKQB2 and a self party private key SKB from a self party key card, generating a DH key K2 by using the service station QB public key PKQB2 and the self party private key SKB, and acquiring an encrypted first message authentication code and an encrypted first authentication message by using the DH key K2; the first authentication parameter X is generated by a master;

sending the encrypted first message authentication code and the encrypted first authentication message to the service station QB; the first message authentication code is used for trusting the first authentication message after the service station QB passes the verification, and the first authentication message is used for obtaining a second authentication message by the service station QB;

acquiring the encrypted second authentication message from a service station QB, acquiring a service station QB public key PKQB3 and a own private key SKB from a own secret key card, generating a DH secret key K3 by using the service station QB public key PKQB3 and the own private key SKB, and decrypting by using the DH secret key K3 to obtain the second authentication message;

sending the second authentication message to an active party; the second authentication message is used for the active party to generate a third authentication message in combination with the first authentication parameter X, the third authentication message is used for the service station QA to obtain a fourth authentication message, and the fourth authentication message comprises a fourth signature obtained by the service station QA by signing the first authentication parameter X and the second authentication parameter Y by using a private key of the own party;

acquiring a fourth authentication message from the active party, and encrypting the fourth authentication message;

sending an encrypted fourth authentication message to the serving station QB; the fourth authentication message is used for the service station QB to analyze to obtain the fourth signature, and the fourth signature is used for the service station QB to check to obtain an identity authentication result;

an identity authentication result from the serving station QB is received.

The application discloses a quantum communication service station identity authentication method based on an asymmetric key pool pair and a DH protocol, which is implemented in a service station QB, and the quantum communication service station identity authentication method comprises the following steps:

acquiring an encrypted first message authentication code and an encrypted first authentication message from a passive party;

obtaining a passive party public key PKB and a private key SKQB2 of a own party from a key fob of the own party, generating a DH key K2 by using the passive party public key PKB and the private key SKQB2 of the own party, decrypting by using the DH key K2 to obtain a first message authentication code and a first authentication message, and trusting the first authentication message after the first message authentication code passes verification;

obtaining a second authentication message according to the first authentication message, obtaining a passive party public key PKB and a private key SKQB3 of a own party from a key fob of the own party, generating a DH key K3 by using the passive party public key PKB and the private key SKQB3 of the own party, and encrypting the second authentication message by using the DH key K3;

sending the encrypted second authentication message to a passive party; after the second authentication message is forwarded to the active party by the passive party, the active party generates a third authentication message by combining with the first authentication parameter X, the third authentication message is used for the service station QA to obtain a fourth authentication message, and the fourth authentication message comprises a fourth signature obtained by the service station QA by utilizing a private key of the own party to sign the first authentication parameter X and the second authentication parameter Y;

receiving an encrypted fourth authentication message from the passive party, decrypting the fourth authentication message, obtaining a fourth signature according to the fourth authentication message, and verifying the fourth signature to obtain an identity authentication result; the fourth authentication message is forwarded to the passive party by the active party;

and sending the identity authentication result to the passive party.

The application discloses a quantum communication service station identity authentication method based on an asymmetric key pool pair and a DH protocol, which is implemented in a service station QA, and comprises the following steps:

receiving an encrypted third message authentication code and an encrypted third authentication message from the active party;

obtaining an active party public key PKA and an own private key SKQA5 from an own secret key card, generating a DH secret key K5 by using the active party public key PKA and the own private key SKQA5, decrypting by using the DH secret key K5 to obtain a third message authentication code and a third authentication message, and trusting the third authentication message after the third message authentication code passes verification;

obtaining a first authentication parameter X and a second authentication parameter Y according to the third authentication message, obtaining a fourth signature by signing the first authentication parameter X and the second authentication parameter Y by using a private key of a self party, obtaining a fourth authentication message according to the fourth signature, obtaining a public key PKA of an active party and a private key SKQA6 of the self party from a key card of the self party, generating a DH secret key K6 by using the public key PKA of the active party and the private key SKQA6 of the self party, and encrypting the fourth authentication message by using the DH secret key K6;

sending the encrypted fourth authentication message to the active side; the fourth authentication message is forwarded to the passive party through the active party, the fourth authentication message is forwarded to the service station QB through the passive party and then is analyzed by the service station QB to obtain the fourth signature, the fourth signature is used for obtaining an identity authentication result after being checked by the service station QB, and the identity authentication result is used for being received and confirmed by the passive party.

The application discloses an identity authentication method of a quantum communication service station based on an asymmetric key pool pair and a DH protocol, which comprises the following steps:

the active party generates a first authentication parameter X and sends the first authentication parameter X to the passive party;

the passive party acquires a first authentication parameter X from the active party, generates a second authentication parameter Y on the own party, obtains a first authentication message according to the first authentication parameter X and the second authentication parameter Y, obtains a service station QB public key PKQB2 and an own private key SKB from the own key fob, generates a DH key K2 by using the service station QB public key PKQB2 and the own private key SKB, and obtains an encrypted first message authentication code and an encrypted first authentication message by using the DH key K2 and sends the encrypted first message authentication code and the encrypted first authentication message to the service station QB;

the service station QB acquires an encrypted first message authentication code and an encrypted first authentication message from a passive party, obtains a passive party public key PKB and a private key SKQB2 of the own party from a key fob of the own party, generates a DH key K2 by using the passive party public key PKB and the private key SKQB2 of the own party, decrypts by using the DH key K2 to obtain the first message authentication code and the first authentication message, trusts the first authentication message after verifying the first message authentication code, obtains a second authentication message according to the first authentication message, obtains a passive party public key PKB and a private key QB3 of the own party from the key fob of the own party, generates a DH key K3 by using the passive party public key PKB and the private key SKQB3 of the own party, encrypts the second authentication message by using the DH key K3, and sends the encrypted second authentication message to the passive party;

the passive party acquires the encrypted second authentication message from the service station QB, acquires a service station QB public key PKQB3 and a private key SKB of the own party from a key card of the own party, generates a DH key K3 by using the service station QB public key PKQB3 and the private key SKB of the own party, decrypts by using the DH key K3 to obtain the second authentication message, and sends the second authentication message to the active party;

the active side receives a second authentication message from the passive side, generates a third authentication message according to the second authentication message and a first authentication parameter X, obtains a QA public key PKQA5 and a private key SKA of the own side from a key card of the own side, generates a DH key K5 by using the QA public key PKQA5 and the private key SKA of the own side, and obtains an encrypted third message authentication code and an encrypted third authentication message by using the DH key K5 and sends the encrypted third authentication message to the QA of the service station;

the QA receives an encrypted third message authentication code and an encrypted third authentication message from an active party, obtains an active party public key PKA and a private key SKQA5 of the own party from a key fob of the own party, generates a DH key K5 by using the active party public key PKA and the private key SKQA5 of the own party, decrypts the DH key K5 to obtain a third message authentication code and a third authentication message, verifies the third authentication code and trusts the third authentication message, obtains a first authentication parameter X and a second authentication parameter Y according to the third authentication message, signs the first authentication parameter X and the second authentication parameter Y by using the private key of the own party to obtain a fourth signature, obtains a fourth authentication message according to the fourth signature, obtains an active party public key PKA and a private key SKQA6 of the own party from the key fob, encrypts the fourth authentication message by using the private key K6 and transmits the fourth authentication message to the key DH 6;

the active side acquires an encrypted fourth authentication message from a service station QA, acquires a service station QA public key PKQA6 and a private key SKA of a self-side from a key fob of the self-side, generates a DH key K6 by using the service station QA public key PKQA6 and the private key SKA of the self-side, decrypts by using the DH key K6 to acquire the fourth authentication message, and sends the fourth authentication message to a passive side;

the passive side acquires a fourth authentication message from the active side, encrypts the fourth authentication message and sends the encrypted fourth authentication message to the service station QB;

the service station QB receives an encrypted fourth authentication message from the passive party, obtains a fourth signature according to the fourth authentication message after decryption, checks the fourth signature to obtain an identity authentication result and sends the identity authentication result to the passive party;

the passive party receives the identity authentication result from the service station QB.

Further, the active side and the passive side are respectively configured with a client key fob, and a service station public key pool and a pair of client public and private keys are stored in the client key fob; the QA and QB service stations are respectively configured with a service station key card, and a client public key pool, a service station private key pool, a service station public key pool, a quantum communication service station public key pool and a quantum communication service station private key are stored in the service station key card.

Further, the step of generating the DH key Ki comprises:

if the service station public key is PKQi, the service station private key is SKQi, the client public key is PK and the client private key is SK, the service station public key PKQi and the client private key SK are utilized to generate a DH key Ki = PKQi ^ SK mod p; generating a DH secret key Ki' = PK ^ SKQi mod p by utilizing a client public key PK and a service station private key SKQi;

according to the Diffie-Hellman protocol, PKQi ^ SK mod p = PK ^ SKQi mod p, i.e., ki = Ki'.

The application also discloses computer equipment which comprises a memory and a processor, wherein the memory stores computer programs, and the processor realizes the steps of the quantum communication service station identity authentication method when executing the computer programs.

The application also discloses a quantum communication service station identity authentication system based on the asymmetric key pool pair and the DH protocol, which comprises an active party, a passive party, a service station QA, a service station QB and a communication network; the active party and the passive party are respectively provided with a client key fob, and a service station public key pool and a pair of client public and private keys are stored in the client key fob; the QA and QB service stations are respectively provided with a service station key card, and a client public key pool, a service station private key pool, a service station public key pool, a quantum communication service station public key pool and a quantum communication service station private key are stored in the service station key card;

and the active party, the passive party, the service station QA and the service station QB realize the identity authentication method of the quantum communication service station through the communication network.

In the present application, the key fob used is a stand-alone hardware isolation device. The public key, the private key and other related parameters are stored in a data security zone in the key fob, so that the possibility of stealing the key by malicious software or malicious operations is greatly reduced, and the key cannot be acquired and cracked by a quantum computer. Meanwhile, the asymmetric key pool solves the problem that the symmetric key pool brings key storage pressure to the quantum communication service station, and the storage cost is reduced. And the authentication process based on the symmetric key algorithm is improved, so that data in the authentication process, such as a random number and a digital signature interacted between the B and the service station, are encrypted and protected by the symmetric key obtained by the DH algorithm. The symmetric key obtained by the DH algorithm can only be calculated by two communication parties, namely, the data in the authentication process can only be decrypted by a DH private key owner, and any other person can not decrypt the data, so that the security of the authentication process based on the symmetric key algorithm is improved.

Drawings

Fig. 1 is a schematic diagram of key pool distribution of a service station key fob in the present application;

FIG. 2 is a schematic diagram of key pool distribution for a client key fob according to the present application;

fig. 3 is a flowchart of identity authentication in embodiment 1.

Detailed Description

The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

For a better description and illustration of embodiments of the application, reference may be made to one or more of the drawings, but additional details or examples used in describing the drawings should not be construed as limiting the scope of any of the inventive concepts of the present application, the presently described embodiments, or the preferred versions.

It should be understood that steps may be performed in other sequences unless explicitly stated otherwise. Moreover, at least a portion of the steps may include multiple sub-steps or multiple stages that are not necessarily performed at the same time, but may be performed at different times, and the order of performance of the sub-steps or stages is not necessarily sequential, but may be performed in turn or alternating with other steps or at least a portion of the sub-steps or stages of other steps.

In an embodiment, an authentication method for a quantum communication service station based on an asymmetric key pool pair and a DH protocol is provided, and is implemented on a master, where the authentication method for the quantum communication service station includes:

acquiring an encrypted fourth authentication message from a service station QA, acquiring a service station QA public key PKQA6 and an own private key SKA from an own secret key card, generating a DH secret key K6 by using the service station QA public key PKQA6 and the own private key SKA, and decrypting by using the DH secret key K6 to obtain the fourth authentication message;

sending the fourth authentication message to a passive party; and the fourth authentication message is forwarded to the service station QB by the passive party and then is analyzed by the service station QB to obtain the fourth signature, the fourth signature is used for the service station QB to check the signature and then obtain an identity authentication result, and the identity authentication result is used for being received and confirmed by the passive party.

In this embodiment, messages transmitted by each party during a session are encrypted and protected by a DH key obtained by a DH algorithm, and the DH key can only be calculated by both communication parties, so that the security of an authentication process based on a symmetric key algorithm is improved.

In an embodiment, an authentication method for a quantum communication service station based on an asymmetric key pool pair and a DH protocol is provided, and is implemented in a passive party, where the authentication method for the quantum communication service station includes:

sending the second authentication message to an active party; the second authentication message is used for the active party to generate a third authentication message by combining with the first authentication parameter X, the third authentication message is used for the service station QA to obtain a fourth authentication message, and the fourth authentication message comprises a fourth signature obtained by the service station QA by utilizing a private key of the own party to sign the first authentication parameter X and the second authentication parameter Y;

acquiring a fourth authentication message from the active side, and encrypting the fourth authentication message;

sending the encrypted fourth authentication message to the serving station QB; the fourth authentication message is used for the service station QB to analyze to obtain the fourth signature, and the fourth signature is used for the service station QB to check to obtain an identity authentication result;

an identity authentication result is received from the serving station QB.

In an embodiment, a quantum communication service station identity authentication method based on an asymmetric key pool pair and a DH protocol is implemented in a service station QB, and includes:

acquiring an encrypted first message authentication code and an encrypted first authentication message from a passive party, acquiring a passive party public key PKB and a private key SKQB2 of the own party from a key card of the own party, generating a DH key K2 by using the passive party public key PKB and the private key SKQB2 of the own party, decrypting by using the DH key K2 to obtain the first message authentication code and the first authentication message, trusting the first authentication message after the first message authentication code is verified, obtaining a second authentication message according to the first authentication message, acquiring the passive party public key PKB and the private key SKQB3 of the own party from the key card of the own party, generating a key K3 by using the passive party public key PKB and the private key SKQB3 of the own party, and encrypting the second authentication message by using the DH key K3;

and sending the identity authentication result to the passive party.

In an embodiment, a quantum communication service station identity authentication method based on an asymmetric key pool pair and a DH protocol is provided, and is implemented in a service station QA, where the quantum communication service station identity authentication method includes:

receiving an encrypted third message authentication code and an encrypted third authentication message from an active party, obtaining an active party public key PKA and a private key SKQA5 of the own party from a key fob of the own party, generating a DH key K5 by using the active party public key PKA and the private key SKQA5 of the own party, decrypting by using the DH key K5 to obtain a third message authentication code and a third authentication message, verifying the third message by trusting the third authentication code, obtaining a first authentication parameter X and a second authentication parameter Y according to the third authentication message, signing by using the private key of the own party to obtain a fourth signature, obtaining a fourth authentication message according to the fourth signature, obtaining an active party public key PKA and a private key SKQA6 of the own party from the key fob of the own party, generating a key K6 by using the active party public key PKA and the private key SKQA6 of the own party, and encrypting the fourth authentication message by using the DH 6;

In an embodiment, a method for authenticating an identity of a quantum communication service station based on an asymmetric key pool pair and a DH protocol is provided, where the method includes:

the active side generates a first authentication parameter X and sends the first authentication parameter X to the passive side;

the passive party acquires a first authentication parameter X from the active party, generates a second authentication parameter Y at the own party, obtains a first authentication message according to the first authentication parameter X and the second authentication parameter Y, obtains a service station QB public key PKQB2 and an own private key SKB from the own private key card, generates a DH key K2 by using the service station QB public key PKQB2 and the own private key SKB, and obtains an encrypted first message authentication code and an encrypted first authentication message by using the DH key K2 and sends the encrypted first authentication code and the encrypted first authentication message to the service station QB;

the passive party acquires the encrypted second authentication message from the service station QB, acquires a service station QB public key PKQB3 and a private key SKB of the own party from a key fob of the own party, generates a DH key K3 by using the service station QB public key PKQB3 and the private key SKB of the own party, decrypts the second authentication message by using the DH key K3, and sends the second authentication message to the active party;

the active side receives a second authentication message from the passive side, generates a third authentication message according to the second authentication message and the first authentication parameter X, obtains a QA public key PKQA5 and a private key SKA of the own side from a key card of the own side, generates a DH key K5 by using the QA public key PKQA5 and the private key SKA of the own side, and obtains an encrypted third message authentication code and an encrypted third authentication message by using the DH key K5 and sends the encrypted third authentication message to the QA of the service station;

In another embodiment, the active party and the passive party are respectively configured with a client key fob, and a service station public key pool and a pair of client public and private keys are stored in the client key fob; the QA and QB service stations are respectively configured with a service station key card, and a client public key pool, a service station private key pool, a service station public key pool, a quantum communication service station public key pool and a quantum communication service station private key are stored in the service station key card.

In this embodiment, only one pair of client public and private key pairs and the corresponding public key pools of the quantum communication service station are stored in the key fobs of the active party and the passive party, respectively, so that the quantum communication service station only needs to store the private key pool corresponding to the public key pool of the quantum communication service station and the client public key pool of the quantum communication service station, and the key storage of the quantum communication service station does not need to store a plurality of large-capacity symmetric key pools of different clients like a symmetric key pool scheme, thereby greatly reducing the key storage pressure brought to the quantum communication service station and reducing the storage cost. In another embodiment, the step of generating the DH key Ki comprises:

setting a service station public key as PKQi, a service station private key as SKQi, a client public key as PK and a client private key as SK, and generating a DH key Ki = PKQi ^ SK mod p by using the service station public key PKQi and the client private key SK; generating a DH secret key Ki' = PK ^ SKQi mod p by utilizing a client public key PK and a service station private key SKQi;

In this embodiment, the symmetric key obtained by the DH algorithm can only be calculated by both communication parties, that is, data in the authentication process can only be decrypted by the DH private key owner, and any other person cannot decrypt the data, so that the security of the authentication process based on the symmetric key algorithm is improved.

In another embodiment, the calculating the message Mi by using the DH key Ki to obtain the encrypted ith message authentication code and the encrypted message Mi includes:

splitting a DH key Ki by using a splitting algorithm to obtain EKi and AKi, calculating an ith message authentication code MAC (Mi, AKi) by using AKi, forming a message Mi | | | MAC (Mi, AKi) by using the message Mi and the ith message authentication code MAC (Mi, AKi), and encrypting the message Mi | | MAC (Mi, AKi) to obtain an encrypted ith message authentication code and an encrypted message Mi, namely { Mi | | MAC (Mi, AKi) } EKi.

In another embodiment, decrypting the DH key Ki to obtain the ith message authentication code and the message Mi, and verifying the ith message authentication code to obtain the trusted message Mi after the verification passes includes:

splitting a DH secret key Ki by using a splitting algorithm to obtain EKi and AKi, decrypting an encrypted ith message authentication code and an encrypted message Mi by using the EKi, namely { Mi | | MAC (Mi, AKi) } EKi to obtain Mi | | MAC (Mi, AKi), calculating the message Mi by using AKi to obtain an ith message authentication code MAC (Mi, AKi), verifying whether the calculated ith message authentication code and the decrypted ith message authentication code are the same, and if the calculated ith message authentication code and the decrypted ith message authentication code are the same, verifying that the message Mi is passed and trusted; otherwise, the verification fails.

In this embodiment, the DH key obtained by calculation is further split, and the split parameters are used to calculate or encrypt the message authentication code, thereby increasing the link of message transmission verification and further improving the security. In another embodiment, the obtaining, by the serving station QB, the second authentication message according to the first authentication message includes:

analyzing to obtain a first authentication parameter X and a second authentication parameter Y in the first authentication message;

obtaining a message M3_1 according to the first authentication parameter X and the second authentication parameter Y, generating a true random number Rq, taking out a QKD negotiation key Kq from a self-party quantum communication key pool according to the true random number Rq, and calculating the message M3_1 by using the QKD negotiation key Kq to obtain an encrypted message authentication code and an encrypted message M3_1;

obtaining a second authentication message by using the true random number Rq, the encrypted message authentication code and the encrypted message M3_1;

the service station QA obtains a first authentication parameter X and a second authentication parameter Y according to the third authentication message, including:

analyzing the third authentication message to obtain a second authentication message and a first authentication parameter X;

and obtaining a true random number Rq, an encrypted message authentication code and an encrypted message M3_1 according to the second authentication message, taking out a QKD negotiated key Kq from a personal quantum communication key pool according to the true random number Rq, carrying out decryption verification by using the QKD negotiated key Kq to obtain a message M3_1, and analyzing the message M3_1 to obtain a second authentication parameter Y.

In this embodiment, the QKD is used between the QA and QB to encrypt and transmit the message, so that the security of message transmission is greatly guaranteed.

An application scenario of the present application may be that any two objects A, B under an asymmetric key pool system perform mutual identity authentication. Each object in the key pool system of the application is provided with a key card, so that keys with large data volumes can be stored, and the key pool system also has the capability of processing information. In the present application, there are algorithms with corresponding requirements in the local systems of the object a and the object B.

A description of a key fob can be found in the patent application No. 201610843210.6. When the mobile terminal is used, the key fob is preferably a key SD card; when a fixed terminal is used, the key fob is preferably a key USBKey or a host key fob.

The issuance mechanism for key fobs is similar to that of the' 201610843210.6 patent application. The key fob issuer of this patent is the owner of the key fob, typically the management of a group, such as the management of a business or institution; the key fob is issued as a member of the key fob's master management, typically a staff of all levels of a business or institution. The user first applies for an account opening to the key fob's supervisor. When the user side has approved registration, a key fob (having a unique key fob ID) will be obtained. The key fob stores customer registration information. Public key pools in the client key fobs under the same quantum communication service station are downloaded from the same key management server, and the public key pools stored in each client key fob issued by the client key fobs are completely consistent. Preferably, the key pool size stored in the key fob can be 1G, 2G, 4G, 8G, 16G, 32G, 64G, 128G, 256G, 512G, 1024G, 2048G, 4096G, and so forth.

Key fobs have evolved from smart card technology as identity authentication and encryption/decryption products that incorporate true random number generators (preferably quantum random number generators), cryptography, and hardware security isolation techniques. The embedded chip and operating system of the key fob may provide secure storage of keys and cryptographic algorithms, among other functions. Due to its independent data processing capabilities and good security, the key fob becomes a secure carrier for private keys and key pools. Each key fob is protected by a hardware PIN code, the PIN code and hardware constituting two essential factors for the user to use the key fob. So-called "two-factor authentication", a user can log in to the system only by simultaneously acquiring a key fob and a user PIN code, which store relevant authentication information. Even if the PIN code of the user is leaked, the identity of the legal user cannot be counterfeited as long as the key fob held by the user is not stolen; if the key card of the user is lost, the finder can not imitate the identity of the legal user because the user PIN code is not known.

In the present application, key fobs are divided into a service station key fob and a client key fob. As shown in fig. 1, the key zone of the service station key fob mainly stores a client public key pool, a service station private key pool, a service station public key pool, a quantum communication service station public key pool, and a quantum communication service station private key; as shown in fig. 2, the key region of the client key fob primarily stores a pool of service station public keys and a pair of client public and private keys. The key fobs are each issued by a key management server.

The key management server selects the DH protocol and its algorithm parameters before issuing the key fob. The key management server generates corresponding numbers according to the number of the clients and numbers conforming to the algorithm specification as the private key and the public key. The key management server generates ID with corresponding quantity, selects public and private key pairs with corresponding quantity, combines the public key and the ID to obtain ID/public key, and writes the ID/public key into the same file to form a public key pool file, namely the client public key pool. Meanwhile, the key management server writes the corresponding private key into the file in the same way to form a private key pool file, namely a client private key pool. The ID of each private key in the client private key pool is the same as the ID of the corresponding public key in the client public key pool. The key management server again generates a large number of numbers that meet the algorithm specification as the private and public keys. And the key management server writes the public and private keys into the two files respectively to form a service station public key pool and a service station private key pool. And the public key in the service station public key pool corresponds to the private key at the same position in the service station private key pool. And the key management server defines the issued first key fob as a service station key fob and writes a service station private key pool and a client public key pool and related algorithm parameters into a key zone of the key fob. The key fobs subsequently issued by the key management server are client key fobs. The key management server randomly selects an unassigned ID to be assigned to the key fob, and takes a public and private key with the same ID from the client public key pool and the client private key pool and writes the public and private keys and the service station public key pool into a key zone of the key fob, and the related parameters are written into the key fob together.

The quantum communication service station management server is a key management mechanism of all quantum communication service stations, and comprises a quantum communication key management server which is responsible for issuing a public key pool of the quantum communication service stations and private keys of all the quantum communication service stations. The quantum communication key management server selects an algorithm that supports signing before issuing the key to the quantum communication service station. And the quantum communication key management server generates corresponding numbers according to the number of the quantum communication service stations and takes the numbers which conform to the algorithm specification as a private key and a public key. The quantum communication key management server generates a corresponding number of IDs as IDs of the quantum communication service station, selects a corresponding number of public and private key pairs, combines the public keys with the IDs to obtain ID/public keys, and writes the ID/public keys into the same file to form a public key pool file, namely the public key pool of the quantum communication service station. Meanwhile, the quantum communication key management server writes the corresponding private key into the file in the same way to form a private key pool file, namely a quantum communication service station private key pool. And the ID of each private key in the private key pool of the quantum communication service station is the same as the ID of the corresponding public key in the public key pool of the quantum communication service station. The quantum communication key management server randomly selects an unassigned ID to be assigned to a certain quantum communication service station, and transmits the ID, a public key pool of the quantum communication service station, a private key corresponding to the ID and related parameters to the quantum communication service station in a QKD (quantum key distribution) mode. And the quantum communication service station writes the received ID, the public key pool of the quantum communication service station, the private key corresponding to the ID and the related parameters into a key area of the key card of the service station.

The random numbers are true random numbers, and are preferably quantum random numbers. It should be noted that the active party and the passive party do not serve as a limitation to the client, but are to facilitate distinguishing different identities of the client in one authentication.

In the case where no specific description is given, each name in the present application is based on a combination of letters and numbers, for example, QB, a quantum communication service station, QB, which hereinafter means the same meaning, that is, QB; as with X, the random number X, the first authentication parameter X hereinafter refers to the same meaning, i.e., the random number X; as another example, the public key PKB, the passive public key PKB, hereinafter denoted the same meaning, i.e. the passive public key PKB; the rest names are the same. Moreover, X, Y in the expressions of the first authentication parameter X, the second authentication parameter Y, etc. is only for convenience of distinction and description, and no additional limitation is imposed on the parameters themselves, such as the quantum communication service station QB, QB in the client a, and a; also as information M3_0, true random number Rq, and M3_0, rq, and K3 in DH key K3; the other same principles are adopted.

Example 1

The scenario of the present embodiment is shown in fig. 3, and includes a client a (active party), a client B (passive party), a quantum communication service station QA, and a quantum communication service station QB (simply referred to as a service station QA and a service station QB). QA and QB each have their own key management server. Both the client a and the client B are provided with client key fobs, and the quantum communication service station QA and the quantum communication service station QB are provided with service station key fobs. The client a belongs to the quantum communication service station QA, the client B belongs to the quantum communication service station QB, that is, the key cards of A, B are issued by the key management servers of QA and QB, respectively.

According to the Diffie-Hellman protocol, a large prime number p and a number g are defined, g is the primitive root of modulo p, and g and p are both parameters of the Diffie-Hellman protocol. Taking the client A and the QA as an example, the client A generates a true random large integer SKA as a DH private key of the client A according to the matched key card, and a DH public key PKA = g ^ SKA mod p is obtained through calculation, and ^ is a power operation symbol. The service station QA generates a true random large integer SKQai (i belongs to {1,2, … …, m }) according to the matched key card to serve as a DH private key of the service station QA, and a DH public key PKQai = g ^ SKQai mod p (i belongs to {1,2, … …, m }) is obtained through calculation.

According to the Diffie-Hellman protocol, PKQai ^ SKA mod p = PKA ^ SKQai mod p. Therefore, PKQAI mod p and PKA SKQAI mod p can be used as the information exchange key. Hereinafter, the part of mod p is omitted for convenience of description, PKQai ^ SKA is used to refer to PKQai ^ SKA mod p, and the same holds.

The steps of the identity authentication of the client A and the client B comprise:

step 1: the client A initiates an identity authentication request to the client B.

The client a generates a random number X, i.e. a first authentication parameter X, according to the matched key fob, and sends the random number X, i.e. the first authentication parameter X, together with its ID, i.e. IDA, as M1 to the client B, i.e. M1= IDA | | X.

And 2, step: the client B forwards the request information of A to QB to request verification.

After receiving M1, party B generates a true random Y, i.e., a second authentication parameter Y, according to the matched key fob, and forms new information M2_0 with its ID, i.e., IDB and M1, i.e., a first authentication message M2_0= M1| | IDB | | Y.

Party B generates a true random number R2 based on the matching key fob. And the B party calculates a key position pointer according to the R2 through a key pointer function, takes out a public key PKQB2 of the QB from a service station public key pool of the own party key area according to the key position pointer, simultaneously takes out a self private key SKB of the B party, and obtains a DH key K2 through a specific algorithm, wherein K2= PKQB2^ SKB.

The B party splits K2 into EK2 and AK2, and calculates the first message authentication code MAC (M2 _0, AK2) on M2_0 by using AK2, wherein the MAC (M, K) format represents the message authentication code with M as a message and K as a key. The B party forms a message M2_0| | MAC (M2 _0, AK2) by M2_0 and MAC (M2 _0, AK2), and then uses EK2 to encrypt the M2_0| | MAC (M2 _0, AK2) to obtain { M2_0| | MAC (M2 _0, AK2) } EK2.

The B party finally recombines the key information into information M2, i.e., M2= IDB | | R2| { M2_0| | MAC (M2 _0, ak2) } EK2, and sends the information M2 to the serving station QB.

And step 3: the serving station QB receives the B information and processes the forwarding back to B.

After receiving the B-party information M2, the service station QB extracts R2, IDB, { M2_0| | MAC (M2 _0, ak2) } EK2 in M2. And calculating a key position pointer through a key pointer function according to the R2, and taking out a private key SKQB2 of the QB from a private key pool of the service station in the own key area by the service station QB according to the key position pointer. The service station QB takes out the public key PKB of the B party in a client public key pool of a key area of the service station QB according to the IDB information, and K2 is obtained through calculation of a specific algorithm, namely K2= PKB ^ SKQB2.

The QB splits K2 into EK2 and AK2, the EK2 is used for decrypting { M2_0| | MAC (M2 _0, AK2) } EK2 to obtain M2_0 and MAC (M2 _0, AK2), the AK2 is used for calculating M2_0 to obtain a message authentication code, whether the MAC (M2 _0, AK2) verification is the same or not is compared, X and Y in M2_0 are provided after the verification is passed, and X, Y is combined into information M3_0, namely M3_0=X | | Y.

The service station QB SIGNs M3_0 with the private key SKQB to obtain SIGNB, i.e. SIGNB = SIGN (M3 _0, SKQB). The QB composes IDB, Y, SIGNB into information M3_1, i.e. M3_1= IDB | | Y | | | SIGNB.

Between QA and QB, because of setting up QKD key distribution network, besides having the function of generating QKD key instantly, two service stations also generate the QKD symmetric key pool of the buffer memory, namely the quantum communication key pool used for QA and QB secure communication. The quantum communication key pool periodically replaces the earlier generated QKD keys with the newly generated QKD keys. The QB generates a true random number Rq, the QKD negotiation key Kq in the quantum communication key pool is taken out according to the Rq as a key index, and the Kq is divided into EKq and AKq. The service station QB calculates M3_1 by using the obtained AKq to obtain a message authentication code MAC (M3 _1, AKq), forms information M3_1| | MAC (M3 _1, AKq) by using M3_1 and MAC (M3 _1, AKq), and encrypts the M3_1| | MAC (M3 _1, AKq) by using the obtained Ekq to obtain { M3_1| | MAC (M3 _1, AKq) } EKq. The service station then reassembles the key information into M3_2 and M3_3, i.e. the second authentication message M3_2=idqb | | IDQA | | Rq | { M3_1| | | MAC (M3 _1, akq) } EKq, and the message M3_3= ida | | | IDB | | M3_2.

The service station QB generates a true random number R3, the QB calculates a key position pointer through a key pointer function according to the R3, obtains a service station private key SKQB3 from a service station private key pool according to the key position pointer, obtains a public key PKB of the B from a client public key pool of a QB key area, and obtains K3 through calculation by combining a self private key through a specific algorithm, namely the DH key K3= PKB ^ SKQB3.

The service station QB splits K3 into AK3 and EK3, calculates M3_3 by using the obtained AK3 to obtain a message authentication code MAC (M3 _3, AK3), recombines the message authentication and M3_3 to obtain M3_3| | | MAC (M3 _3, AK3), and encrypts the M3_3| | | MAC (M3 _3, AK3) by using the obtained EK3 to obtain { M3_3| | | MAC (M3 _3, AK3) } EK3. The QB reassembles the key information into a message M3 to the client B, i.e. M3= R3| { M3_3| | { MAC (M3 _3, ak3) } EK3.

And 4, step 4: client B receives QB information and processes the forwarding back to A

After receiving the information M3 of the service station QB, the party B performs parsing to obtain R3, { M3_3| | MAC (M3 _3, ak3) } EK3. And calculating a key position pointer through a key pointer function according to the R3, taking out a public key PKQB3 of the QB from a service station public key pool of the own key area by the B party according to the key position pointer, taking out a private key SKB by the B party, and calculating to obtain K3 through a specific algorithm, namely K3= PKQB3^ SKB.

The B party splits K3 into EK3 and AK3, decrypts { M3_3| | | MAC (M3 _3, AK3) } EK3 by using the obtained EK3 to obtain M3_3 and MAC (M3 _3, AK3), calculates M3_3 by using AK3 to obtain a message authentication code, compares whether MAC (M3 _3, AK3) verification is the same, analyzes M3_3 and recombines information after verification is passed to obtain information M4, namely M4= IDB | | | M3_2. Party B, M4, is directed to client a.

And 5: the client A receives the information of the B, processes and forwards the information to the QA

After receiving M4, party a, according to X cached locally, forms new information M5_0 with its own ID, i.e., IDA and M4, i.e., third authentication message M5_0= M4| | IDA | | X.

Party a generates a true random number R5 based on the matching key fob. And the A party calculates a key position pointer through a key pointer function according to the R5, extracts a public key PKQA5 of the QA from a service station public key pool of the own party key area according to the key position pointer, simultaneously extracts a self private key SKA of the A party, and obtains a DH key K5 through a specific algorithm, namely K5= PKQA5^ SKA.

The party A divides the K5 into EK5 and AK5, and calculates a third message authentication code MAC (M5 _0, AK5) on the M5_0 by using the AK 5. The party A combines M5_0 and MAC (M5 _0, AK5) into a message M5_0| | MAC (M5 _0, AK5), and then uses EK5 to encrypt the M5_0| | MAC (M5 _0, AK5) to obtain { M5_0| | MAC (M5 _0, AK5) } EK5.

The party a finally recombines the key information into information M5, i.e. M5= IDA | | | R5| { M5_0| | MAC (M5 _0, ak5) } EK5, and sends the information M5 to the serving station QA.

Step 6: QA receives a's information and processes reply a.

After receiving the party a information M5, the serving station QA extracts R5, IDA, and { M5_0| | MAC (M5 _0, ak5) } EK5 in M5. And calculating a key position pointer through a key pointer function according to the R5, and taking out a private key SKQA5 of the QA from a service station private key pool of the key area of the QA by the QA according to the key position pointer. The QA takes out the public key PKA of the party A from the public key pool of the client side of the key area of the QA according to the IDA information, and K5 is obtained through calculation of a specific algorithm, namely K5= PKA ^ SKQA5.

The service station QA splits K5 into split EK5 and AK5, decrypts { M5_0| | | MAC (M5 _0, AK5) } EK5 by using the obtained EK5 to obtain M5_0 and MAC (M5 _0, AK5), then calculates M5_0 by using the AK5 to obtain a message authentication code, compares whether the MAC (M5 _0, AK5) verification is the same, and extracts M3_ 2| = IDQB | | | | IDQA | | | Rq | { M3_1| | | | | | MAC (M3 _1, AKq) } EKq information and X in the M5_0 after the verification passes.

And the QA takes out the QKD negotiation key Kq in the quantum communication key pool of the QA according to the Rq as a key index, and splits the Kq into EKq and AKq. The QA decrypts { M3_1| | | MAC (M3 _1, AKq) } Ekq by using the obtained EKq to obtain M3_1| | MAC (M3 _1, AKq), calculates M3_1 by using AKq to obtain a message authentication code, verifies whether the MAC (M3 _1, AKq) are the same or not by comparison, and analyzes the information of M3_1, namely IDB, Y and SIGNB, after the verification is passed. The service station QA extracts the public key of the QB to verify and SIGN SIGNB = SIGN (M3 _0, SKQB), and the next step is carried out after the verification is passed.

The service station QA constitutes information M6_0, i.e., M6_0=X | | Y. The QA SIGNs M6_0 with its private key to obtain a fourth signature SIGNA = SIGN (M6 _0, skqa), and the QA composes information M6_1 from IDA and SIGNA, that is, M6_1= IDA | | | SIGNA.

The QA calculates M6_1 by AKq to obtain a message authentication code MAC (M6 _1, AKq), forms information M6_1| | | MAC (M6 _1, AKq) by M6_1 and MAC (M6 _1, AKq), and encrypts the M6_1| | MAC (M6 _1, AKq) by EKq to obtain { M6_1| | MAC (M6 _1, AKq) } EKq. The service station then reassembles the key information into M6_2 and M6_3, i.e. the fourth authentication message M6_2= idqa | | IDQB | | Rq | { M6_1| | MAC (M6 _1, akq) } EKq, and the message M6_3= ida | | IDB | | M6_2.

The QA of the service station generates a true random number R6, the QA calculates a key position pointer through a key pointer function according to the R6, obtains a private key SKQA6 of the service station from a private key pool of the service station according to the key position pointer, obtains a public key PKA of the A from a public key pool of a client side of a QA key area, and obtains K6 through calculation of a specific algorithm by combining a self private key, namely the DH key K6= PKA ^ SKQA6.

The service station QA splits K6 into AK6 and EK6, calculates M6_3 by using the obtained AK6 to obtain a message authentication code MAC (M6 _3, AK6), recombines the message authentication and M6_3 to obtain M6_3| | | MAC (M6 _3, AK6), and encrypts the M6_3| | | MAC (M6 _3, AK6) by using the obtained EK6 to obtain { M6_3| | | MAC (M6 _3, AK6) } EK6. The QA reassembles the key information into a message M6 to the client a, i.e. M6= R6| { M6_3| | MAC (M6 _3, ak6) } EK6.

And 7: a accepts QA information and processes it to be forwarded to B

After receiving the information M6 of the serving station QA, party a parses it to obtain R6, { M6_3| | MAC (M6 _3, ak6) } EK6. And calculating a key position pointer through a key pointer function according to R6, taking out a public key PKQA6 of QA from a service station public key pool of the own party key area according to the key position pointer by the party A, taking out a private key SKA by the party A, and calculating to obtain K6 through a specific algorithm, namely K6= PKQA6^ SKA.

The party A splits K6 into EK6 and AK6, decrypts { M6_3| | | MAC (M6 _3, AK6) } EK6 by using the obtained EK6 to obtain M6_3 and MAC (M6 _3, AK6), then calculates M6_3 by using AK6 to obtain a message authentication code, compares whether the verification of the MAC (M6 _3, AK6) is the same or not, analyzes M6_3 after the verification is passed, and recombines information to obtain information M7, namely M7= IDA | | | M6_2. Party B sends information M7 to client B.

And 8: the client B receives the information of the party A and sends the information to the QB after processing

After receiving the M7 forwarded by a, the B carries the IDB information and M7 to generate M8_0 information by recombination, that is, M8_0= IDB | | | M7.

Party B generates a true random number R8 based on the matching key fob. And the B party calculates a key position pointer according to the R8 through a key pointer function, takes out a public key PKQB8 of the QB from a service station public key pool of the own party key area according to the key position pointer, simultaneously takes out a self private key SKB of the B party, and obtains K8 through a specific algorithm, namely the DH key K8= PKQB8^ SKB.

The B party splits K8 into EK8 and AK8, and calculates the message authentication code MAC (M8 _0, AK8) for M8_0 by using AK 8. The B party composes the M8_0 and the MAC (M8 _0 and AK8) into a message M8_0| | MAC (M8 _0 and AK8), and then uses the EK8 to encrypt the M8_0| | MAC (M8 _0 and AK8) to obtain { M8_0| | MAC (M8 _0 and AK8) } EK8.

The B party finally recombines the key information into information M8, i.e. M8= IDB | | R8| { M8_0| | MAC (M8 _0, ak8) } EK8, and sends the information M8 to the serving station QB.

And step 9: the QB receives the information from B and processes the reply B result

After receiving the B-party information M8, the service station QB extracts R8, IDB, { M8_0| | MAC (M8 _0, ak8) } EK8 in M8. And calculating a key position pointer through a key pointer function according to the R8, and taking out a private key SKQB8 of the QB from a service station private key pool of the key area of the QB by the QB according to the key position pointer. And the service station QB takes out the public key PKB of the B party from the client public key pool of the key area of the service station QB according to the IDB information, and K8 is obtained through calculation of a specific algorithm, namely K8= PKB ^ SKQB8.

The service station QB splits K8 into split EK8 and AK8 by calculation, decrypts { M8_0| | MAC (M8 _0, AK8) } EK8 by using the obtained EK8 to obtain M8_0 and MAC (M8 _0, AK8), then obtains a message authentication code by using the AK8 to calculate M8_0, compares whether the MAC (M8 _0, AK8) verification is the same, and extracts the information of M6_2= IDQA | | | IDQB | | | Rq | { M6_1| | | | MAC (M6 _1, AKq) } EKq in the M8_0 after the verification is passed.

And the service station QB analyzes the M6_2 information, takes out the QKD negotiation key Kq in the self quantum communication key pool according to the random number Rq in the M6_2, and splits the Kq into EKq and AKq. The service station QB decrypts { M6_1| | | MAC (M6 _1, AKq) } EKq by using the obtained EKq to obtain M6_1| | MAC (M6 _1, AKq), calculates M6_1 by using AKq to obtain a message authentication code, verifies whether the MAC (M6 _1, AKq) is the same or not by comparison, and analyzes the information of the M6_1, namely IDA and SIGNA after the verification is passed.

The QB takes out the public key PKQA of the QA from the public key pool of the QB to verify and SIGN SIGNA = SIGN (M6 _0, SKQA). After verifying the SIGNA, the service station QB generates identity authentication result information REP = OK/FAIL, and recombines the information REP, IDA, and IDB into information M9_0, that is, M9_0= IDA | | | IDB | | | REP.

The service station QB generates a true random number R9, the QB calculates a key position pointer according to the R9 through a key pointer function, obtains a service station private key SKQB9 from a service station private key pool according to the key position pointer, obtains a public key PKB of the B from a client public key pool of a QB key area, and obtains K9 through calculation by combining the private key SKQB9 per se through a specific algorithm, namely the DH key K9= PKB ^ SKQB9.

The service station QB splits K9 into AK9 and EK9, calculates M9_0 by using the obtained AK9 to obtain a message authentication code MAC (M9 _0, AK9), recombines the message authentication and M9_0 to obtain M9_0| | | MAC (M9 _0, AK9), and encrypts the M9_0| | | MAC (M9 _0, AK9) by using the obtained EK9 to obtain { M9_0| | | MAC (M9 _0, AK9) } EK9. The QB reassembles the critical information into a message M9 to the client B, i.e. M9= R9| { M9_0| | { MAC (M9 _0, ak9) } EK9.

Step 10: client B receives reply of service station QB and confirms authentication

After receiving the information M9 from the service station QB, the B-party performs parsing to obtain R9, { M9_0| | MAC (M9 _0, ak9) } EK9. And calculating a key position pointer through a key pointer function according to R9, taking out a public key PKQB9 of the QB from a service station public key pool of a private key area of the own party by the party B according to the key position pointer, taking out a private key SKB of the own party by the party B, and calculating to obtain K9 through a specific algorithm, namely K9= PKQB9^ SKB.

The B party splits K9 into EK9 and AK9, decrypts { M9_0| | | MAC (M9 _0, AK9) } EK9 by using the obtained EK9 to obtain M9_0, M9_0| | | MAC (M9 _0, AK9), then calculates the M9_0 by using the AK9 to obtain a message authentication code, compares whether the verification of the M9_0| | MAC (M9 _0, AK9) is the same or not, analyzes the M9_0 after the verification to obtain IDA, IDB and REP, and the B party determines the identities of the A party and the own party and identity authentication result information according to the IDA, IDB and REP information, namely the success or failure of the identity authentication.

The present embodiment may be regarded as directed to the respective embodiments described above with respect to each step, and may also be regarded as a combination of the respective embodiments described above with respect to all steps.

In the present application, the key fob used is a stand-alone hardware isolation device. The public key, the private key and other related parameters are stored in a data security zone in the key fob, so that the possibility of stealing the key by malicious software or malicious operations is greatly reduced, and the key cannot be acquired and cracked by a quantum computer. In addition, the QKD is adopted between the service stations to encrypt and transmit messages, so that the safety of the messages is greatly guaranteed. The key fob guarantees the communication security of both communication parties in the group, and also greatly improves the security of identity authentication. Meanwhile, the asymmetric key pool solves the problem that the symmetric key pool brings key storage pressure to the quantum communication service station, and the storage cost is reduced. For example, the size of the symmetric key pool of the original user is 1G, and the number of the users is N, the quantum communication service station needs to store the key pool of N G, and if the asymmetric key pool is stored, the size of the client storage key pool is also 1G, and the quantum communication service station also only needs to store the key pool of 1G.

Meanwhile, the authentication process based on the symmetric key algorithm is improved, so that data in the authentication process are safer, for example, a random number and a digital signature interacted between the B and the service station are encrypted and protected by the symmetric key obtained by the DH algorithm. The symmetric key obtained by the DH algorithm can only be calculated by two communication parties, namely, the data in the authentication process can only be decrypted by a DH private key owner, and any other person can not decrypt the data, so that the security of the authentication process based on the symmetric key algorithm is improved.

In one embodiment, the present application further provides a computer device, which may be an active device, a passive device, a serving station QA device, or a serving station QB device. The computer device comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the steps of the quantum communication service station identity authentication method when executing the computer program.

For specific limitations of the computer device, reference may be made to the above limitations of the quantum communication service station identity authentication method, which is not described herein again. The various modules in the computer device described above may be implemented in whole or in part by software, hardware, and combinations thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.

The computer device may be a terminal whose internal structure may include a processor, memory, network interface, display screen, and input means connected by a system bus. Wherein the processor of the computer device is used to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to realize the above-mentioned quantum communication service station identity authentication method based on the asymmetric key pool pair and the DH protocol. The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, a key, a track ball or a touch pad arranged on the shell of the computer equipment, an external keyboard, a touch pad or a mouse and the like.

In another embodiment, a quantum communication service station identity authentication system based on asymmetric key pool pair and DH protocol is provided, which comprises an active party, a passive party, a service station QA, a service station QB and a communication network; the active party and the passive party are respectively provided with a client key fob, and a service station public key pool and a pair of client public and private keys are stored in the client key fob; the QA and QB service stations are respectively provided with a service station key card, and a client public key pool, a service station private key pool, a service station public key pool, a quantum communication service station public key pool and a quantum communication service station private key are stored in the service station key card;

For specific limitations of the quantum communication service station identity authentication system based on the asymmetric key pool pair and the DH protocol, reference may be made to the above limitations of the quantum communication service station identity authentication method based on the asymmetric key pool pair and the DH protocol, and details are not described here again.

The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.

The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims

1. The quantum communication service station identity authentication method based on the asymmetric key pool pair and the DH protocol is implemented on an active side and is characterized in that the active side and a passive side are respectively provided with a client key fob, and a service station public key pool and a pair of client public and private keys are stored in the client key fob; a service station QA and a service station QB are respectively provided with a service station key card, and a client public key pool, a service station private key pool, a service station public key pool, a quantum communication service station public key pool and a quantum communication service station private key are stored in the service station key card;

the identity authentication method of the quantum communication service station comprises the following steps:

generating a first authentication parameter X and sending the first authentication parameter X to a passive party; the first authentication parameter X is used for the passive party to obtain a first authentication message by combining a second authentication parameter Y generated by the passive party;

the first authentication message is used for the service station QB to obtain a second authentication message after being forwarded to the service station QB by the passive party, and specifically includes: analyzing to obtain a first authentication parameter X and a second authentication parameter Y in the first authentication message, obtaining a message M3_1 according to the first authentication parameter X and the second authentication parameter Y, generating a true random number Rq, taking out a QKD negotiation key Kq from a personal quantum communication key pool according to the true random number Rq, calculating the message M3_1 by using the QKD negotiation key Kq to obtain an encrypted message authentication code and an encrypted message M3_1, and obtaining a second authentication message by using the true random number Rq, the encrypted message authentication code and the encrypted message M3_1;

receiving a second authentication message from a passive party, and generating a third authentication message according to the second authentication message and a first authentication parameter X;

obtaining a QA public key PKQA5 and a private key SKA of the own party from the key fob of the own party, generating a DH key K5 by using the QA public key PKQA5 and the private key SKA of the own party, and obtaining an encrypted third message authentication code and an encrypted third authentication message by using the DH key K5;

calculating the message Mi by using the DH secret key Ki to obtain an encrypted ith message authentication code and an encrypted message Mi, wherein the method comprises the following steps of: splitting a DH secret key Ki by using a splitting algorithm to obtain EKi and AKi, calculating a message Mi by using AKi to obtain an ith message authentication code MAC (Mi, AKi), forming the message Mi and the ith message authentication code MAC (Mi, AKi) into a message Mi | | | MAC (Mi, AKi), and encrypting the message Mi | | MAC (Mi, AKi) to obtain an encrypted ith message authentication code and an encrypted message Mi, namely { Mi | | MAC (Mi, AKi) } EKi;

the active side generates a true random number R5 according to the matched key card, the active side calculates a key position pointer through a key pointer function according to the true random number R5, a public key PKQA5 of a service station QA is taken out from a service station public key pool of an own key area according to the key position pointer, meanwhile, the active side takes out a self private key SKA, a DH key K5 is obtained through a specific algorithm, namely K5= PKQA5^ SKA, specifically: the active side splits K5 into EK5 and AK5, calculates M5_0 with AK5 to obtain a third message authentication code MAC (M5 _0, ak5), the active side combines M5_0 and MAC (M5 _0, ak5) into a message M5_0| | | MAC (M5 _0, ak5), encrypts M5_0| | | MAC (M5 _0, ak5) with EK5 to obtain { M5_0| | | MAC (M5 _0, ak5) } EK5, and finally recombines key information into information M5, namely M5= IDA | | | | R5| | { M5_0| | MAC (M5 _0, ak5) } EK5, and sends the information M5 to the serving station QA;

transmitting the encrypted third message authentication code and the encrypted third authentication message to the service station QA;

the third message authentication code is used for the QA of the service station to trust the third authentication message after passing the verification, and the DH key Ki is used for decryption to obtain the ith message authentication code and the message Mi, and the trust message Mi after passing the verification of the ith message authentication code comprises the following steps: splitting a DH secret key Ki by using a splitting algorithm to obtain EKi and AKi, decrypting an encrypted ith message authentication code and an encrypted message Mi by using the EKi, namely { Mi | | MAC (Mi, AKi) } EKi to obtain Mi | | MAC (Mi, AKi), calculating the message Mi by using AKi to obtain an ith message authentication code MAC (Mi, AKi), verifying whether the calculated ith message authentication code and the decrypted ith message authentication code are the same, and if the calculated ith message authentication code and the decrypted ith message authentication code are the same, verifying that the message Mi is passed and trusted; otherwise, the verification fails;

the third authentication message is used for the service station QA to obtain a fourth authentication message, and the fourth authentication message comprises a fourth signature obtained by the service station QA by using a private key of a self party to sign the first authentication parameter X and the second authentication parameter Y;

acquiring an encrypted fourth authentication message from a service station QA, acquiring a service station QA public key PKQA6 and an own private key SKA from an own secret key card, generating a DH secret key K6 by using the service station QA public key PKQA6 and the own private key SKA, and decrypting by using the DH secret key K6 to obtain the fourth authentication message, wherein the fourth authentication message comprises: the method comprises the steps that an active side receives information M6 of a service station QA and analyzes the information to obtain true random numbers R6, { M6_3| | MAC (M6 _3, AK6) } EK6, a key position pointer is calculated through a key pointer function according to the true random numbers R6, the active side takes out a public key PKQA6 of the QA from a service station public key pool of a key area of the active side according to the key position pointer, the active side takes out a private key SKA, a DH key K6 is obtained through calculation through a specific algorithm, namely K6= PKQA6^ SKA, the active side divides the DH key K6 into EK6 and AK6, the obtained EK6 is used for decrypting the { M6_3| | MAC (M6 _3, AK6) } EK6 to obtain M6_3, MAC (M6 _3, AK6), the M6_3 is used for calculating to obtain a message code, the message code is compared with the MAC (M6 _3, AK6) is verified whether the same or not, and the message is verified through verification, namely the M6_ 7 | message analysis is obtained by comparing the M7;

2. The quantum communication service station identity authentication method based on the asymmetric key pool pair and the DH protocol is implemented on a passive side and is characterized in that an active side and the passive side are respectively provided with a client key fob, and a service station public key pool and a pair of client public and private keys are stored in the client key fob; a service station QA and a service station QB are respectively provided with a service station key card, and a client public key pool, a service station private key pool, a service station public key pool, a quantum communication service station public key pool and a quantum communication service station private key are stored in the service station key card;

acquiring a first authentication parameter X from an active party, generating a second authentication parameter Y at the own party, and acquiring a first authentication message according to the first authentication parameter X and the second authentication parameter Y;

obtaining a service station QB public key PKQB2 and a own private key SKB from a own secret key card, generating a DH secret key K2 by using the service station QB public key PKQB2 and the own private key SKB, and obtaining an encrypted first message authentication code and an encrypted first authentication message by using the DH secret key K2; the first authentication parameter X is generated by the master, and specifically includes: calculating the message Mi by using the DH secret key Ki to obtain an encrypted ith message authentication code and an encrypted message Mi, wherein the method comprises the following steps: splitting a DH key Ki by using a splitting algorithm to obtain EKi and AKi, calculating an ith message authentication code MAC (Mi, AKi) by using AKi, forming a message Mi | MAC (Mi, AKi) by using the message Mi and the ith message authentication code MAC (Mi, AKi), and encrypting the message Mi | MAC (Mi, AKi) to obtain an encrypted ith message authentication code and an encrypted message Mi, namely { Mi | MAC (Mi, AKi) } EKi;

after receiving the first authentication parameter X, the passive party generates a true random Y, i.e., a second authentication parameter Y, according to the matched key fob, and forms new information M2_0 together with its ID, i.e., IDB, and the first authentication parameter X, i.e., the first authentication message M2_0= the first authentication parameter X | | IDB | | | Y;

the passive party generates a true random number R2 according to the matched key card, the passive party calculates a key position pointer according to the true random number R2 through a key pointer function, a public key PKQB2 of the QB is taken out from a service station public key pool of a key area of the own party according to the key position pointer, meanwhile, the passive party takes out a private key SKB of the passive party, and a DH key K2 is obtained through a specific algorithm, wherein K2= PKQB2^ SKB;

the passive party splits K2 into EK2 and AK2, calculates M2_0 with AK2 to obtain a first message authentication code MAC (M2 _0, ak2), wherein the MAC (M, K) format represents a message authentication code with M as a message and K as a key, the passive party combines M2_0 and MAC (M2 _0, ak2) into a message M2_0| | | MAC (M2 _0, ak2), encrypts the M2_0| | MAC (M2 _0, ak2) with EK2 to obtain { M2_0| | | MAC (M2 _0, ak2) } EK2, and finally recombines key information into information M2, i.e., M2= IDB | R2| { M2_0| MAC (M2 _0, ak2) | } EK2, and sends the information M2 to the service station;

sending the encrypted first message authentication code and the encrypted first authentication message to the service station QB;

the first message authentication code is used for the service station QB to trust the first authentication message after verification passes, and the first authentication message is used for the service station QB to obtain a second authentication message, which specifically includes: decrypting by using a DH secret key Ki to obtain an ith message authentication code and a message Mi, and trusting the message Mi after the ith message authentication code passes verification, wherein the steps of: splitting a DH key Ki by using a splitting algorithm to obtain EKi and AKi, decrypting an encrypted ith message authentication code and an encrypted message Mi by using EKi, namely { Mi | | MAC (Mi, AKi) } EKi to obtain Mi | | | MAC (Mi, AKi), calculating the message Mi by using AKi to obtain an ith message authentication code MAC (Mi, AKi), verifying whether the calculated ith message authentication code and the decrypted ith message authentication code are the same, and if the calculated ith message authentication code and the decrypted ith message Mi are the same, verifying that the message Mi is passed and trusted; otherwise, the verification fails;

acquiring the encrypted second authentication message from the service station QB, acquiring a service station QB public key PKQB3 and a own private key SKB from a own key fob, generating a DH key K3 by using the service station QB public key PKQB3 and the own private key SKB, and decrypting by using the DH key K3 to obtain the second authentication message, wherein the steps comprise: the passive side receives the information second authentication message M3 of the service station QB and then analyzes the information second authentication message to obtain a true random number R3, { M3_3| | MAC (M3 _3, AK3) } EK3, a key position pointer is calculated according to the true random number R3 through a key pointer function, the passive side takes out a public key PKQB3 of the QB from a service station public key pool of a key area of the own side according to the key position pointer, the passive side takes out a private key SKB, a DH key K3 is obtained through calculation of a specific algorithm, namely K3= PKQB3^ SKB, the DH key K3 is split into EK3 and AK3 by the passive side, and the obtained EK3 is used for decrypting { M3_3| | MAC (M3 _3, AK3) } EK3 to obtain M3_3, MAC (M3 _3, AK3);

acquiring a fourth authentication message from the active party, encrypting the fourth authentication message, and sending the encrypted fourth authentication message to the service station QB, wherein the fourth authentication message comprises: after receiving the fourth authentication message M7 forwarded by the active party, the passive party carries the IDB information of the passive party and M7 to generate M8_0 information by recombination, that is, M8_0=idb | | M7, the passive party generates a true random number R8 according to the matched key fob, the passive party calculates a key position pointer according to the true random number R8 through a key pointer function, extracts a public key PKQB8 of QB from a service station public key pool of the key area of the active party according to the key position pointer, simultaneously extracts a private key SKB of the passive party, obtains K8 through a specific algorithm, namely, a DH key K8= PKQB8^ SKB, the passive side splits K8 into EK8 and AK8, AK8 is used for calculating M8_0 to obtain a message authentication code MAC (M8 _0, AK8), the passive side forms the message M8_0| | MAC (M8 _0, AK8) by M8_0 and MAC (M8 _0, AK8), and then uses EK8 to encrypt M8_0| | MAC (M8 _0, AK8) to obtain { M8_0| | | | MAC (M8 _0, AK8) } EK8, and finally recombines key information into information M8, namely M8= IDB | R8| { M8_0| MAC (M8 _0, AK8) } EK8, and sends the information M8 to the service station;

the fourth authentication message is used for the service station QB to analyze to obtain the fourth signature, and the fourth signature is used for the service station QB to check to obtain an identity authentication result;

an identity authentication result is received from the serving station QB.

3. The quantum communication service station identity authentication method based on the asymmetric key pool pair and the DH protocol is implemented in a service station QB and is characterized in that an active party and a passive party are respectively provided with a client key card, and a service station public key pool and a pair of client public and private keys are stored in the client key card; a service station QA and a service station QB are respectively provided with a service station key card, and a client public key pool, a service station private key pool, a service station public key pool, a quantum communication service station public key pool and a quantum communication service station private key are stored in the service station key card;

obtaining a passive party public key PKB and a private key SKQB2 of a own party from a key fob of the own party, generating a DH key K2 by using the passive party public key PKB and the private key SKQB2 of the own party, decrypting by using the DH key K2 to obtain a first message authentication code and a first authentication message, and trusting the first authentication message after the first message authentication code passes verification, which specifically comprises: after receiving the B-party information M2, the service station QB extracts R2, IDB, and { M2_0| | MAC (M2 _0, ak2) } EK2 in M2, calculates a key position pointer according to the R2 through a key pointer function, extracts a private key SKQB2 of QB from a service station private key pool of a key area of the own party according to the key position pointer, extracts a public key PKB of the B party from a client public key pool of the key area of the service station QB according to the IDB information, calculates K2 through a specific algorithm, i.e., K2= PKB ^ SKQB2, the service station QB splits K2 into split EK2 and AK2, decrypts { M2_0| | MAC (M2 _0, ak2) } EK2 to obtain M2_0, MAC (M2 _0, ak2) } EK2, and calculates M2_0, obtains an authentication code, and compares M2_0 with 3238, i.e., extracts the same information Y _3, i.e., M2_0 — 3238 — zft 2 is extracted through X3238, and Y _3, and Y _ z _3 is extracted through the same information;

the passive party receives the second authentication message M3 of the service station QB information and then analyzes the second authentication message to obtain a true random number R3, { M3_3| | MAC (M3 _3, AK3) } EK3, a key position pointer is calculated through a key pointer function according to the true random number R3, the passive party takes out a public key PKQB3 of QB from a service station public key pool of a key area of the own party according to the key position pointer, the passive party takes out a private key SKB, a DH key K3 is obtained through calculation by a specific algorithm, namely K3= PKB 3^ SKB, the passive party splits the DH key K3 into EK3 and AK3, and the obtained EK3 is used for decrypting { M3_3| MAC (M3 _3, AK3) } EK 3) to obtain M3_3, MAC (M3 _3, and MAC (M3 _3, AK3);

the service station QB obtains a second authentication message according to the first authentication message, including: analyzing to obtain a first authentication parameter X and a second authentication parameter Y in the first authentication message; obtaining a message M3_1 according to the first authentication parameter X and the second authentication parameter Y, generating a true random number Rq, taking out a QKD (quantum key distribution) negotiation key Kq from a personal quantum communication key pool according to the true random number Rq, and calculating the message M3_1 by using the QKD negotiation key Kq to obtain an encrypted message authentication code and an encrypted message M3_1; obtaining a second authentication message by using the true random number Rq, the encrypted message authentication code and the encrypted message M3_1;

calculating the message Mi by using the DH secret key Ki to obtain an encrypted ith message authentication code and an encrypted message Mi, wherein the method comprises the following steps: splitting a DH key Ki by using a splitting algorithm to obtain EKi and AKi, calculating an ith message authentication code MAC (Mi, AKi) by using AKi, forming a message Mi | MAC (Mi, AKi) by using the message Mi and the ith message authentication code MAC (Mi, AKi), and encrypting the message Mi | MAC (Mi, AKi) to obtain an encrypted ith message authentication code and an encrypted message Mi, namely { Mi | MAC (Mi, AKi) } EKi;

receiving an encrypted fourth authentication message from the passive party, decrypting the fourth authentication message to obtain a fourth signature according to the fourth authentication message, verifying the fourth signature to obtain an identity authentication result, and forwarding the fourth authentication message to the passive party by the active party, wherein the method specifically comprises the following steps: after receiving the passive party information M8, the service station QB extracts R8, IDB and { M8_0| | MAC (M8 _0, AK8) } EK8 in the M8, calculates a key position pointer through a key pointer function according to the R8, takes out a private key SKQB8 of the QB from a service station private key pool of a self key area according to the key position pointer, takes out a public key PKB of the passive party from a client public key pool of the self key area according to the IDB information, calculates and obtains K8 through a specific algorithm, namely K8= PKB ^ SKQB8, the service station QB splits K8 into EK8 and AK8 by calculation, the EK8 is used for decrypting { M8_0| | MAC (M8 _0, AK8) } EK8 to obtain M8_0 and MAC (M8 _0, AK8), the AK8 is used for calculating M8_0 to obtain a message authentication code, whether the MAC (M8 _0, AK8) verification is the same or not is compared, and after the verification is passed, M6_2= IDQA | | | | QBII | | Rq | { M6_1| MAC (M6 _1, AKq) } EKq information is extracted from M8_ 0;

and sending the identity authentication result to the passive party.

4. The quantum communication service station identity authentication method based on the asymmetric key pool pair and the DH protocol is implemented in a service station QA, and is characterized in that an active party and a passive party are respectively provided with a client key fob, and a service station public key pool and a pair of client public and private keys are stored in the client key fob; a service station QA and a service station QB are respectively provided with a service station key card, and a client public key pool, a service station private key pool, a service station public key pool, a quantum communication service station public key pool and a quantum communication service station private key are stored in the service station key card;

receiving an encrypted third message authentication code and an encrypted third authentication message from an active party, obtaining an active party public key PKA and a private party key SKQA5 from a private party key card, generating a DH key K5 by using the active party public key PKA and the private party key SKQA5, decrypting by using the DH key K5 to obtain a third message authentication code and a third authentication message, and trusting the third authentication message after the third message authentication code is verified, which specifically comprises:

after receiving the B-party information M2, the service station QB extracts R2, IDB, and { M2_0| | MAC (M2 _0, ak2) } EK2 in M2, calculates a key position pointer according to the R2 through a key pointer function, extracts a private key SKQB2 of QB from a service station private key pool of a key area of the own party according to the key position pointer, extracts a public key PKB of the B party from a client public key pool of the key area of the service station QB according to the IDB information, calculates K2 through a specific algorithm, i.e., K2= PKB ^ SKQB2, the service station QB splits K2 into split EK2 and AK2, decrypts { M2_0| | MAC (M2 _0, ak2) } EK2 to obtain M2_0, MAC (M2 _0, ak2) } EK2, and calculates M2_0, obtains an authentication code, and compares M2_0 with 3238, i.e., extracts the same information Y _3, i.e., M2_0 — 3238 — zft 2 is extracted through X3238, and Y _3, and Y _ z _3 is extracted through the same information;

after receiving the information of the active party M5, the service station QA extracts R5, IDA and { M5_0| | MAC (M5 _0, AK5) } EK5 in the M5, calculates a key position pointer according to the R5 through a key pointer function, the service station QA takes out a private key SKQA5 of the service station QA from a service station private key pool of a self key area according to the key position pointer, the service station QA takes out a public key PKA of the active party from a client public key pool of the self key area according to the IDA information, calculating by a specific algorithm to obtain K5, namely K5= PKA ^ SKQA5, the service station QA divides K5 into EK5 and AK5, decrypting { M5_0| | MAC (M5 _0, AK5) } EK5 by using the obtained EK5 to obtain M5_0 and MAC (M5 _0, AK5), calculating by using AK5 to obtain a message authentication code, comparing whether the MAC (M5 _0, AK5) is the same or not, and extracting M3_2= IDQB | | | IDQA | | | Rq | | { M3_1| MAC (M3 _1, AKq) } 78 zxft 8978 information and X in M5_0 after the authentication is passed;

obtaining a first authentication parameter X and a second authentication parameter Y according to the third authentication message, obtaining a fourth signature by signing the first authentication parameter X and the second authentication parameter Y by using a private key of a self-party, obtaining a fourth authentication message according to the fourth signature, obtaining a public key PKA of an active party and a private key SKQA6 of the self-party from a key fob of the self-party, generating a DH key K6 by using the public key PKA of the active party and the private key SKQA6 of the self-party, and encrypting the fourth authentication message by using the DH key K6;

the service station QA obtains a first authentication parameter X and a second authentication parameter Y according to the third authentication message, including: analyzing the third authentication message to obtain a second authentication message and a first authentication parameter X; obtaining a true random number Rq, an encrypted message authentication code and an encrypted message M3_1 according to the second authentication message, taking out a QKD negotiation key Kq from a self-party quantum communication key pool according to the true random number Rq, carrying out decryption verification by using the QKD negotiation key Kq to obtain a message M3_1, and analyzing the message M3_1 to obtain a second authentication parameter Y;

the QA of the service station forms information M6_0, namely M6_0=X | Y, the QA of the service station SIGNs the M6_0 by using a self private key to obtain a fourth signature SIGNA = SIGN (M6 _0, SKQA), the QA forms the information M6_1, namely M6_1=IDA | | | SIGNA by using IDA and SIGNA, the QA of the service station calculates the M6_1 by using 3562 to obtain a message authentication code MAC (M6 _1, AKq), and forms the information M6_1| | | | | MAC (M6 _1, AKq) by using the M6_1 and the MAC (M6 _1, AKq), then, the obtained EKq is used for encrypting the M6_1| | MAC (M6 _1, akq) to obtain { M6_1| MAC (M6 _1, akq) } EKq, the service station reconstructs the key information into M6_2 and M6_3, namely, a fourth authentication message M6_2= idqa | | IDQB | Rq | { M6_1| | MAC (M6 _1, akq) } EKq and a message M6_3= IDA | | IDB | M6_2;

the method comprises the steps that a service station QA generates a true random number R6, the service QA calculates a key position pointer according to the R6 through a key pointer function, obtains a service station private key SKQA6 from a service station private key pool according to the key position pointer, obtains a public key PKA of A from a client public key pool of a QA key area, obtains K6 through specific algorithm calculation by combining a self private key, namely DH key K6= PKA ^ SKQA6, the service station QA splits K6 into AK6 and EK6, obtains message authentication codes MAC (M6 _3, AK6) through calculation of the obtained AK6 on M6_3, obtains M6_3| | MAC (M6 _3, AK6) through message authentication and M6_3 recombination information, and encrypts the M6_3| MAC (M6 _3, AK6) through the obtained EK6 to obtain { M6_3| MAC (M6 _3, AK 6) } EK6;

5. The method for authenticating the identity of the quantum communication service station based on the asymmetric key pool pair and the DH protocol according to any one of claims 1 to 4, wherein the step of generating the DH key Ki comprises:

6. A computer device comprising a memory and a processor, the memory storing a computer program, wherein the processor when executing the computer program implements the steps of the quantum communication service station identity authentication method according to any one of claims 1 to 4.