CN106357396A - Digital signature method, digital signature system and quantum key card - Google Patents

Digital signature method, digital signature system and quantum key card Download PDF

Info

Publication number
CN106357396A
CN106357396A CN201610843134.9A CN201610843134A CN106357396A CN 106357396 A CN106357396 A CN 106357396A CN 201610843134 A CN201610843134 A CN 201610843134A CN 106357396 A CN106357396 A CN 106357396A
Authority
CN
China
Prior art keywords
key
quantum
signature
client
network service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610843134.9A
Other languages
Chinese (zh)
Other versions
CN106357396B (en
Inventor
富尧
钟民
钟一民
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Divine Land Zhejiang Quantum Network Science And Technology Ltd
Original Assignee
Divine Land Zhejiang Quantum Network Science And Technology Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Divine Land Zhejiang Quantum Network Science And Technology Ltd filed Critical Divine Land Zhejiang Quantum Network Science And Technology Ltd
Priority to CN201610843134.9A priority Critical patent/CN106357396B/en
Publication of CN106357396A publication Critical patent/CN106357396A/en
Application granted granted Critical
Publication of CN106357396B publication Critical patent/CN106357396B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/068Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Abstract

The invention discloses a digital signature method, a digital signature system and a quantum key card. The digital signature system comprises quantum network service stations, signature client sides, authentication client sides and quantum key cards, wherein the quantum network service stations are configured on the network side, and the signature client sides and the authentication client sides are configured on the user side. The digital signature method includes that a true random number is generated on the network side and then stored in the corresponding quantum key card and on the network side respectively to form a corresponding user-side key; the quantum key card matching with the signature client side uses the stored user-side key to generate a signature file, the signature file is sent to the authentication client side via the signature client side, and the authentication client side sends the received signature file to the current quantum network service station, acquires the corresponding user-side key from the network side to perform signature authentication on the signature file and sends signature authentication results to the corresponding authentication client side. The digital signature method, the digital signature system and the quantum key card have the advantage that key seeds are stored in the quantum key cards and the quantum network service stations, so that the problems of access use and safety of quantum network terminals are solved.

Description

Digital signature method and system and quantum key card
Technical field
The invention belongs to Technique on Quantum Communication field and in particular to a kind of based on quantum random number and quantum key distribution Digital signature method and system.
Background technology
Signature and to signature identification be an indispensable part in daily social life and economic transaction dealing, tradition Signature be to carry out writing sign or seal etc. on paper document to operate to show that the document obtained the confirmation of client, its There is certain act of law.The today's society developing rapidly in information technology and network, the mankind have begun to enter with no paper at all In the epoch, increasing transaction is all to complete in a network, is further continued for continuing to use traditional signature scheme and can not meet society Demand.
Digital signature technology, as a kind of effective and feasible method, is widely used in solving the safety of information transfer on network Sex chromosome mosaicism.Digital signature technology adopts certain crypto-operation, generates series of sign and code to replace writing signature or to print Chapter, which ensure that the non-repudiation of the confidentiality of information transfer in network, integrity and sender's signature.
The digital signature method of main flow is to utilize asymmetric arithmetic to realize to information based on public key cryptosystem now Digital signature, but public-key cryptosystem is the safety to guarantee information of complexity based on mathematical calculation, with quantum meter The development of calculation technology, the safety of its asymmetric arithmetic being adopted will be by great threat, and unsymmetrical key encryption and decryption Speed is slow, and authentication efficiency is low, is not suitable for large-scale promotion and uses.Symmetric key algorithm may also be used for realizing digital signature, its There is compared with asymmetric key algorithm occupancy resource few, the advantages of fast operation, but symmetric key algorithm is difficult to solve Cipher key distribution problem, modal way is in both sides' pre-stored symmetric key, but uses same group of symmetric key for a long time Have the risk revealed and be cracked, be that the patent documentation proposition that the displosure number is cn101282222a is a kind of symmetrical using combination The method to realize digital signature for the cipher key technique, it reaches signature key using the seed key prestoring with reference to key schedule The effect of one time one change, although the method is directly slightly carried using the method security that prestored secret key realizes encryption and decryption before comparing Rise, but its seed key can't be updated, and after being used for multiple times, still has the risk being cracked.
Content of the invention
The present invention provides a kind of digital signature system based on quantum random number and quantum key distribution, using packaged type The access that quantum key card solves quantum network terminal uses and safety problem.
A kind of digital signature system, including the quantum network service station being configured at network side and the label being configured at user side Name client and Authentication Client, are additionally provided with quantum key card, and network side generates true random number in quantum key card and network side Store respectively to form corresponding user side key;The user side key of the quantum key Cali storage of signature client coupling Generate signature file signed client to send to Authentication Client, Authentication Client by the signature file receiving send to Current quantum network service station, obtains corresponding user side key in network side and carries out signature authentication to described signature file, then Signature authentication result is sent to Authentication Client.
Described true random number is generated by the quantum network service station of network side, and in described quantum key card and this quantum net Network service station stores respectively to form corresponding user side key.
Comparatively described signature client and Authentication Client are, only according to the type of service occurring Fixed, signature client is at least to should have an Authentication Client.Preferably, described signature client and certification client End is respectively provided with the data transmission interface matching with quantum key card.
It can be understood as setting up communication link when signature client and Authentication Client are matched with respective quantum key card Connect.For signature client, it is necessary to first set up communication connection with a quantum key card before it is digitally signed.
Preferably, described current quantum network service station is sent signature authentication result to certification client with encrypted test mode End, current quantum network service station is close to carrying out by corresponding user side key with the quantum key card that Authentication Client mates The Encrypt and Decrypt of literary composition.
For realize signature authentication result with encrypted test mode transmit, Authentication Client before it carries out signature authentication it is necessary to Communication connection set up by one quantum key card, and the quantum key card that Authentication Client and signature client are mated can not be same One.
Preferably, described quantum key card is usbkey or pluggable board/chip, it has data storage and process Function, can be realized based on existing hardware technology for itself.
Described quantum key be stuck in corresponding quantum network service station be registered for auditing granted after issue, there is unique amount Sub-key card id, points to the quantum network service station issuing this quantum key card.Described quantum key card is stored with relative users Identity information, and the information issuing the quantum network service station of this quantum key card.
Because quantum key card and owning user are mutually bound, the relevant information of therefore quantum key card memory storage can also It is used for doing authenticating user identification.Optionally, quantum key card and exclusive client id are mutually bound, now in quantum key card The relevant information of storage is also used as the authentication of exclusive client.
Described user side key can also be directly used as required key during digital signature and signature authentication, but makees For preferred, as key seed, described quantum key card and quantum network service station are stored with accordingly described user side key Key schedule, be respectively used to generate required key during digital signature and signature authentication.
Described quantum key card and quantum network service station are stored with corresponding Digital Signature Algorithm, are respectively used to numeral Signature and signature authentication.Key seed in quantum key card can come from different quantum network service stations, but key life Algorithm, Digital Signature Algorithm and the AES being possible with is become to be stored in quantum key card and each quantum network service In standing.
When key schedule and Digital Signature Algorithm have multiple, when client is communicated with quantum network service station, can By forms such as algorithm label or indexes it is intended that identical algorithm.
Key seed in quantum key card both can be downloaded in the quantum network service station issuing quantum key card, also may be used To download in other quantum network service stations, in order to identify separate sources, in described quantum key card, there is tagged keys seed Key seed id in source, in order to point to the quantum network service station storing this key seed, can also take in this quantum network Positioning key seed storage address in business station.While quantum network service station is by user side key write quantum key card, It is stored in this service station for calling.
In order to improve safety, need not move through certain client when downloading key seed and carry out, but quantum key card Directly set up communication connection with generating true random number in quantum network service station.Only digital signature, signature authentication, encryption and decryption or During other concrete business, quantum key card need to be communicated to connect with quantum network service station by client.
Key seed in described quantum key card is divided into some key seed collection, same key seed according to source difference The key seed of collection is derived from same quantum network service station, and different key seed collection carries different key seed id.
Because quantum key card is corresponding with the user side key of network side, therefore user side key use when, quantum Key seed between key card and key seed id sensing quantum network service station is synchronous, when key seed is synchronous when taking:
Optionally, quantum key card and quantum network service station are digitally signed with identical algorithm picks key seed And signature authentication.
Optionally, quantum key card sends the label information being used for the key seed of digital signature to quantum network service Stand, during with signature authentication, choose corresponding key seed.
In order to improve safety, key seed of the present invention is renewable, when key seed updates:
Optionally, client sends to update and applies for quantum key card and notify quantum network service station, quantum key card Receive renewal to apply for and update key seed, the corresponding key seed of quantum network service station synchronized update by pre-defined rule.
Optionally, count key seed access times, when access times reach threshold value when quantum key card with corresponding The corresponding key seed of quantum network service station synchronized update.
Access times threshold value is pre-set, is stored concurrently in quantum network service station and quantum key card, makes both Counted and synchronous.
Optionally, the key seed quantity that quantum key card statistics is not used by, reaches and is pointed out during marginal value, client Download new user side key in quantum network service station on demand.
When key seed updates, it is to enter between the quantum network service station pointed by quantum key card and key seed id OK.Certainly, if downloading new key seed, then quantum network service station is not strictly limited.
Digital signature system of the present invention can be implemented in LAN, and the quantum network service station of network side includes:
Quantum service centre, for being connected with each client communication of user side by classic network;
Quantum random number generator, generates described true random number;
User side Key Management server, is communicated to connect with quantum service centre, for being estimated one's own ability future according to user's request The true random number of sub- randomizer stores respectively to corresponding quantum key card and this quantum network service station, as Corresponding user side key.
When multiple quantum network service stations constitute wide area network, digital signature system of the present invention can be implemented in wide area network, Network side, two quantum network service stations being connected are equipped with corresponding quantum key control centre, quantum key control centre With the quantum service centre communication connection in place quantum network service station, corresponding Liang Ge quantum key control centre is by quantum Network carries out key distribution, in order to form quantum key between station between two quantum network service stations being connected.
In the present invention, quantum service centre and quantum key control centre can using existing framework and with quantum skill Art combines, and such as quantum key control centre is provided with the quantum key distribution equipment implementing qkd;Quantum service centre includes counting Word signature server, signature authentication server and encryption and decryption server are respectively utilized to complete corresponding business.
Described user side Key Management server stores the true random number from quantum random number generator respectively to phase As user side key in the quantum key card answered and this quantum network service station, and in quantum network service station, this use Family side key is storable in user side Key Management server and/or quantum service centre, described user side key management clothes Business device and quantum service centre communicate to connect, and with responding, user side key are called.
Optionally, the current quantum network service station communicating with Authentication Client and the quantum key of signature client coupling Be stored between card corresponding user side key, when carrying out signature authentication, directly invokes this user side key in station, utilizes This user side key completes signature authentication.
Optionally, the current quantum network service station communicating with Authentication Client and the quantum key of Authentication Client coupling Be stored between card corresponding user side key, when sending signature authentication result, directly invokes this user side key in station Signature authentication result is encrypted, to generate the signature authentication result of ciphertext form.
Optionally, the current quantum network service station communicating with Authentication Client and the quantum key of Authentication Client coupling There is no corresponding user side key, when sending signature authentication result, in other quantum network service stations of network side between card Ask this user side key, signature authentication result is encrypted, to generate the signature authentication result of ciphertext form.Current quantum network Service station from the signature file that Authentication Client receives, key seed id with key seed used by signature algorithm, when Corresponding user side key, according to this key seed id, is asked to the quantum network service station pointed in front quantum network service station.
Optionally, the current quantum network service station communicating with Authentication Client and the quantum key of signature client coupling There is no corresponding user side key between card, when carrying out signature authentication, signature file is sent to the relative users side that is stored with Other quantum network service stations of key, request carries out signature authentication and return authentication result.
Current quantum network service station from the signature file that Authentication Client receives, with key used by signature algorithm Key seed id of seed, current quantum network service station, please to the quantum network service station pointed to according to this key seed id Ask signature authentication and return authentication result.
Optionally, the current quantum network service station communicating with Authentication Client and the quantum key of signature client coupling There is no corresponding user side key, when carrying out signature authentication, in other quantum network service stations of network side request between card This user side key is to complete signature authentication
Current quantum network service station from the signature file that Authentication Client receives, with key used by signature algorithm Key seed id of seed, current quantum network service station, please to the quantum network service station pointed to according to this key seed id Seek corresponding user side key.
User side key passes between the quantum network service station that key seed id is pointed to and current quantum network service station When sending, it is possible to use between standing, quantum key carries out Encrypt and Decrypt transmission in itself to user side key.
If also will be passed through it between the quantum network service station of key seed id sensing and current quantum network service station His network node transfer, then between described station, quantum key is interpreted as the two quantum network service stations connecting in direction communication Quantum key between the station being formed by corresponding quantum key distribution equipment between (or network node), and not refer in particular to key kind Quantum key between the station between the quantum network service station of sub- id sensing and current quantum network service station.
In the same manner, current quantum network service station to the quantum network service station that key seed id is pointed to ask for an autograph certification with And during return authentication result, also with station between quantum key stood between data transfer.
The present invention also provides a kind of digital signature method, is applied to digital signature system of the present invention.Message authentication Concrete scheme in method can refer to the relevant narration in message authentication system.
Digital signature method of the present invention:
During digital signature, signature client proposes signature application to affiliated quantum network service station, from affiliated quantum network Service station obtains random number and signature time, and sends to corresponding quantum key card together with file to be signed;Quantum key card According to key seed and generating random number signature use key treat signature file carry out signature process obtain signature file, then general Signature file sends to Authentication Client.
During signature authentication, signature file is sent to affiliated quantum network service station and is parsed and sign by Authentication Client Certification;After signature authentication success, Authentication Client is notified with ciphertext form.
The present invention also provides a kind of digital signature method implemented based on quantum key card, comprising:
Step 1, the signature request of response signature client, using random number and user side key production key;
Step 2, carries out signature using described key to the file to be signed from signature client and obtains signature file;
Described random number is derived from the current quantum network service station with signature client communication, described user side key conduct Key seed is stored in quantum key card, and downloads automatic network side, in order to implement digital signature and corresponding signature authentication.
The present invention also provides a kind of quantum key card for digital signature, comprising:
Module 1, for the signature request of response signature client, generates key using random number and key seed;
Module 2, obtains signature literary composition for carrying out signature using described key to the file to be signed from signature client Part;;
Described random number is derived from the current quantum network service station with signature client communication, described user side key conduct Key seed is stored in quantum key card, and downloads automatic network side, in order to implement digital signature and corresponding signature authentication.
After completing signature, signature file is returned to signature client, then send to specified certification visitor via classic network Family end.
Quantum key card of the present invention issue mode, the synchronization of using method and key seed or update all can be according to this The scheme of invention is implemented.
User side key is separately stored in quantum key card and quantum network service station the present invention, solves quantum network The access of terminal uses and safety problem, and in addition described key seed can actively update as needed, or by system prompt quilt Dynamic renewal, reduces the risk being cracked further.
Brief description
Fig. 1 is digital signature flow chart;
Fig. 2 is the flow chart of signature authentication;
Fig. 3 is the quantum network schematic diagram of embodiment 2 application scenarios.
Specific embodiment
Embodiment 1
The digital signature system of the present embodiment includes primary centre, secondary switching center and the quantum net configuring successively Network service station.
Wherein, primary centre can refer to the quantum network core station of a prefecture-level city or suitable size area, passes through It is preferably star topology network to be connected with described secondary switching center.Wherein, primary centre can be handed over multiple two grades Switching center9 is utilized respectively quantum key distribution equipment and realizes between station the distribution of quantum key and shared, and wherein cipher key distribution system can With integrated using a set of or many set.
Wherein, secondary switching center can refer to the quantum network core station of a county-level city or small towns size area, passes through It is preferably star topology network to be connected with quantum network service station.Wherein, secondary switching center can be with multiple quantum networks Service station is utilized respectively quantum key distribution equipment and realizes between station the distribution of quantum key and shared, and wherein quantum key distribution sets For using, a set of or many set is integrated.
Wherein, quantum network service station refers to the quantum network station of residential communities or suitable size area.
Quantum network service station includes:
Quantum service centre, be mainly used in being connected with each client communication of user side by classic network and and other Quantum network service station communicates to connect;Classic network includes but is not limited to telecommunications network, the Internet, broadcasting and television network or other are logical Communication network etc..
Quantum key distribution equipment, be mainly used in by qkd mode realize standing between quantum key shared.
Quantum random number generator, the application key request proposing for receive user side Key Management server, generate User side key, and it is sent to user side Key Management server;Adopt herein for true random number.It can be based on circuit Real random number generator, the real random number generator based on physical resource and other kinds of truly random generator.
User side Key Management server, deposits, manages the true random number generating from quantum random number generator, Ke Yijie Enter portable quantum key card, the hair fastener of realization, registration, copy user side key, quantum service centre can also be received The application key request proposing, the user side key sending corresponding length is to quantum service centre.
Wherein quantum service centre includes: digital signature server, signature verification service device and encryption and decryption server, can root According to needing to arrange other servers.
Encryption and decryption server obtains close according to demand from quantum key management server or user side Key Management server Key, the encryption information coming from client transmissions is deciphered, or needing to be transferred to the data encryption of client.
The quantum key card having is mated with quantum network service station, it is possible to achieve with quantum network service when client is communicated The authentication stood, can also be continuously generated newly by the use of the user side key being provided by quantum network service station as key seed Key.
It is configured with client, client a1~client an of such as in figure, and client under each quantum network service station End b1~client bn.In the present embodiment different servers or other devices can also carry out as needed on hardware whole Close.
Signature client, file to be signed is sent to matches the amount of (setting up communication connection by the interface of coupling) Sub-key card simultaneously obtains corresponding signature file after being digitally signed via this quantum key Cali user side key, then will The signature file obtaining is sent to corresponding Authentication Client.
Authentication Client, the signature file receiving is forwarded to current quantum network service station, and via current quantum Network service station carries out signature authentication to obtain authentication result using the user side key corresponding to signature client.
After the authentication result that current quantum network service station will be encrypted using the user side key with respect to Authentication Client Return to Authentication Client, the authentication result that authentication authorization and accounting client receives is corresponding ciphertext, Authentication Client needs phase The quantum key card joined is using the authentication result just obtaining plaintext after corresponding user side secret key decryption.
In the present embodiment Authentication Client and signature client between and Authentication Client and current quantum network service Between standing, signature client all carried out by classic network with the data interaction in current quantum network service station.
Authentication Client and signature client are to access the equipment of quantum network, can be mobile terminal, or are fixed terminal. When for mobile terminal, quantum key card is preferably quantum sd card;When for fixed terminal, quantum key card is preferably usbkey.
Obtain quantum key card after the quantum network service station that client goes to region is registered, be granted (there is unique quantum key card id).Quantum key card stores client enrollment register information, is also built-in with key and generates calculation Method and Digital Signature Algorithm, Digital Signature Algorithm include symmetric key algorithm, digital digest algorithm or other with carry out numeral The related algorithm of signature.
Also there are key schedule and Digital Signature Algorithm in each quantum network service station of network side accordingly, if Each algorithm exist two or more, quantum key be stuck in quantum network service station pass through when algorithm label can be sent to quantum net Network service station, chooses for quantum network service station.
User side key in quantum key card may be downloaded from down different quantum network service stations, therefore can be by different next There are different key seed and concentrate in source, client can take key seed to generate key by rule set in advance.Different Key seed collection there is unique key seed id, be stored with corresponding key kind in its quantum network service station pointed to Son.
The digital signature method that the present embodiment provides includes two parts, and a part is that file is digitally signed, separately A part is signature authentication.In conjunction with Fig. 3, client a1, as signature client, belongs to quantum network service station a, is carrying out Need through authentication before digital signature business;Client b1, as Authentication Client, belongs to quantum network service station b, with Reason also needs through authentication before carrying out signature authentication business.
Digital signature includes:
Step 1. signature application: by affiliated quantum key card insertion signature client, sign signer client client End sends digital signature application to a of quantum network service station.
Step 2. signature key generates: when the digital signature server of quantum network service station a sends random number r and signature Between st give signature client, random number and signature time st are proceeded to the signature quantum key that matches of client by signature client In card, quantum key card chooses key seed and key schedule as, and quantum key card according to the key seed chosen and connects The random number r receiving generates key k using the key schedule as choosing.
Step 3. signature generates: document text f0 is carried out the numeral that digital digest algorithm ah forms original text by quantum key card Fingerprint fp, and using key k, digital finger-print fp and document text fo is carried out respectively with symmetric encipherment algorithm ac encryption formation numeral Signature sg and ciphertext fc.Wherein digital digest algorithm ah and symmetric encipherment algorithm ac all can use existing algorithm.
Step 4. signature file generate: quantum key card by digital signature sg, random number r, key seed id, signature the time St and ciphertext fc are grouped together into signature file fs.
Step 5. signature file sends: signature file fs is sent to signature client by quantum key card, then by classics Network sends to Authentication Client.
Signature authentication includes that (if following steps no specified otherwise, " quantum key card " refers both to the amount belonging to authenticating party client Sub-key card):
Step 1. parses signature file: Authentication Client is by signature file fs and close with the quantum that Authentication Client matches Key seed id that will use in key card and signature algorithm label (if following steps no specified otherwise, " quantum key card " Refer both to the quantum key card belonging to authenticating party client) it is sent to the quantum network service station being connected with current authentication client communication Signature authentication server, signature authentication server parse from signature file fs digital signature sg, random number r, signature when Between st, key seed id and ciphertext fc.
Step 2. server searches decryption information and key generates:
If key seed id point to quantum network service station b, stand in transfer corresponding key seed, according to sign the time St determines corresponding key schedule as ', digital digest algorithm ah ' and symmetric key algorithm ac ', can will sign in the present embodiment Name time st is considered as algorithm label, in order to that one kind adopting when determining digital signature in many algorithms.Quantum network services The b that stands obtains key k ' according to key seed, random number r and key schedule as ' by computing.
If key seed id is not pointed towards quantum network service station b, and points to other quantum network service stations, quantum network Service station b then sends request to the quantum network service station that key seed id is pointed to, and includes at least key seed id in request.
The quantum network service station that key seed id is pointed to is found corresponding in station according to key seed id receiving Key seed, using station between quantum key with encrypted test mode, key seed is sent to quantum network service station b.
Step 3. server authentication signing messages: the signature authentication server of quantum network service station b obtains key seed, Extract key schedule as ', with reference to random number r, key k ' is obtained by computing, digital signature deciphering being arrived using key k ' Sg and ciphertext fc are decrypted with symmetric encipherment algorithm ac ', obtain digital finger-print fp and document text fo.Then former to file Civilian fo carries out digital digest computing using digital digest algorithm ah ' and forms digital finger-print fp '.By digital finger-print fp and digital finger-print Fp ' is compared, if equal, signature authentication success.
Otherwise signature authentication failure, this signature authentication server sends to the Authentication Client proposing signature authentication application and signs Name authentication failure message.
Signature authentication is successfully meant that: this document is not tampered with;This document is actually from this signature client.Due to closing The symmetric encipherment algorithm of method client and digital digest algorithm are identical with legitimate signature certificate server, i.e. symmetric encipherment algorithm Ac ' is consistent with symmetric encipherment algorithm ac, and digital digest algorithm ah ' is consistent with digital digest algorithm ah.
Step 4. server for encrypting signing messages: if signature authentication success, signature authentication server generate random number q and Signature authentication time qt.
Quantum network service station b has corresponding user side key with the quantum key card that authenticating party client is mated, Signature authentication server obtains corresponding user side key as key kind according to key seed id of quantum key card in station Son, obtains key m using key schedule qs with reference to random number q computing.
Corresponding user side is not stored close in the quantum key card that quantum network service station b is mated with authenticating party client Key, quantum network service station b is according to key seed id in quantum key card, the quantum network service pointed to key seed id Transmission of standing is asked, and includes at least key seed id in request.
The quantum network service station that key seed id is pointed to is found corresponding in station according to key seed id receiving Key seed, using station between quantum key with encrypted test mode, key seed is sent to quantum network service station b.
Quantum network service station b receives key seed, extracts key schedule qs and is obtained by computing with reference to random number q Key m.
The signature authentication server of quantum network service station b using key m to step 1 parsing obtain digital signature sg, The document text fo that random number r, signature time st, quantum key card id and step 3 deciphering obtain carries out symmetric encipherment algorithm qc Form ciphertext fw after encryption.
Step 5. server send signing messages: signature authentication server send signature authentication success message, random number q, Signature authentication time qt and ciphertext fw are to Authentication Client.
Step 6. decodes ciphertext: Authentication Client receives the signature authentication sending from signature authentication server and successfully disappears Breath, signature authentication time qt, random number q and ciphertext fw.
Random number q, signature authentication time qt and ciphertext fw are imported quantum key card, quantum key card is according to signature authentication Time qt chooses key schedule qs ' and symmetric encipherment algorithm qc '.
By the key seed in card with the random number q that receives uses key schedule qs ' computing to generate key m ', and with close Key m ' and symmetric encipherment algorithm qc ' the decrypting ciphertext fw choosing obtains corresponding digital signature information.
Key seed life-time service or reuse have the probability being cracked, for improving the peace of this message authentication system Quan Xing, key seed needs timing to update.
Update mode in the present embodiment is:
Client is set up after communication connection with the quantum key card mating, and it is close to quantum that client passes through upper level applications Key card sends and updates application, and this renewal application is also sent to quantum service centre simultaneously.
Key storage clamping is received after updating application, by Policy Updates key seed set in advance, for example, makes a part Used key seed does failure indication, does not use, and enables new key seed.
Quantum service centre receives after updating application, by Policy Updates quantum net consensus with quantum key card in advance The key seed of respective stored in network service station, realizes constantly corresponding with quantum key card.
Embodiment 2
Same as Example 1, except that, if key seed id is not pointed towards quantum network service station b, and point to it His quantum network service station, the signature file receiving is sent to key via quantum network service station b by Authentication Client b1 The quantum network service station that seed id points to, and signature authentication is carried out by the quantum network service station of this sensing, obtain certification knot Fruit is sent to Authentication Client b1 via quantum network service station b.
The signature file receiving is sent to key seed id via quantum network service station b and points to by Authentication Client b1 The transmission path in quantum network service station in may will also include other quantum networks in addition to the b of quantum network service station Service station, this transmission path determines with specific reference to the annexation in each quantum network service station of network side.
Further, the quantum network service station that key seed id is pointed to will obtain authentication result and be sent to Authentication Client b1 When transmission path in, quantum network service station and quantum network service station b that in signature, key seed id that uses is pointed to Between must also have the quantum network clothes of same key subset through the quantum key card that matches with Authentication Client b1 Business station, the annexation with specific reference to each quantum network service station of network side determines.And authentication result is with ciphertext form transmission, In transmitting procedure, using the station in two quantum network service stations arbitrarily adjacent in this transmission path between quantum key with encrypted test mode Authentication result is sent to the quantum key card being matched with Authentication Client b1 the quantum network with same key subset Service station, then this quantum network service station will decipher the authentication result that obtains and adopt the key kind in this same key subset It is sent to Authentication Client b1 after son encryption.

Claims (19)

1. a kind of digital signature system, including the quantum network service station being configured at network side and the signature being configured at user side , it is characterised in that being additionally provided with quantum key card, network side generates true random number in quantum key card for client and Authentication Client Store respectively with network side to form corresponding user side key;The use of the quantum key Cali storage of signature client coupling Family side key generates signature file and signed client sends to Authentication Client, and Authentication Client is civilian by the signature receiving Part sends to current quantum network service station, obtains corresponding user side key in network side and described signature file is signed Certification, then signature authentication result is sent to Authentication Client.
2. digital signature system as claimed in claim 1 it is characterised in that described true random number by network side quantum network Service station generates, and stores close to form corresponding user side respectively in described quantum key card and this quantum network service station Key.
3. digital signature system as claimed in claim 2 is it is characterised in that described signature client and Authentication Client are equal There is the data transmission interface matching with quantum key card.
4. digital signature system as claimed in claim 2 is it is characterised in that described current quantum network service station is with ciphertext side Formula sends signature authentication result to Authentication Client, the quantum key that current quantum network service station is mated with Authentication Client Card is by corresponding user side key to the Encrypt and Decrypt carrying out ciphertext.
5. digital signature system as claimed in claim 2 is it is characterised in that described quantum key is stuck in corresponding quantum network Service station be registered for auditing granted after issue, there is unique quantum key card id, point to the quantum issuing this quantum key card Network service station.
6. digital signature system as claimed in claim 2 is it is characterised in that described user side key is as key seed, institute State quantum key card and quantum network service station be stored with corresponding key schedule, be respectively used to generate digital signature with And required key during signature authentication.
7. digital signature system as claimed in claim 6 is it is characterised in that have tagged keys kind in described quantum key card Key seed id in son source, in order to point to the quantum network service station storing this key seed, quantum network service station will be used While the key write quantum key card of family side, it also is stored in this service station for calling.
8., it is characterised in that key seed is renewable, key seed is more for digital signature system as claimed in claim 7 When new:
Client sends to update applies for quantum key card and notifies quantum network service station, and quantum key clamping is received and updated application And press pre-defined rule renewal key seed, the corresponding key seed of quantum network service station synchronized update;
Or the access times of statistics key seed, when access times reach threshold value, quantum key card is taken with corresponding quantum network The business station corresponding key seed of synchronized update;
Or the key seed quantity that quantum key card statistics is not used by, reach and pointed out during marginal value, client exists on demand New user side key is downloaded in quantum network service station.
9. digital signature system as claimed in claim 2 is it is characterised in that the quantum network service station of network side includes:
Quantum service centre, for being connected with the client communication of user side by classic network;
Quantum random number generator, generates described true random number;
User side Key Management server, with quantum service centre communication connection, for according to user's request will from quantum with The true random number of machine number generator stores respectively to corresponding quantum key card and this quantum network service station, as corresponding User side key.
10. digital signature system as claimed in claim 9 is it is characterised in that in network side, two quantum networks being connected take Business station is equipped with corresponding quantum key control centre, and quantum key control centre is taken with the quantum in place quantum network service station Business center to center communications connects, and corresponding Liang Ge quantum key control centre carries out key distribution by quantum network, in order to be connected Form quantum key between station between the two quantum network service stations connecing.
11. digital signature systems as described in claim 9 or 10 are it is characterised in that the current amount that communicates with Authentication Client Be stored between the quantum key card of sub-network service station and signature client coupling corresponding user side key, is being signed During certification, directly invoke this user side key in station, complete signature authentication using this user side key.
12. digital signature systems as described in claim 9 or 10 are it is characterised in that the current amount that communicates with Authentication Client Be stored between the quantum key card of sub-network service station and Authentication Client coupling corresponding user side key, is sending signature During authentication result, directly invoke this user side key in station and signature authentication result is encrypted, to generate the signature of ciphertext form Authentication result.
13. digital signature systems as claimed in claim 10 are it is characterised in that the current quantum net that communicates with Authentication Client There is no corresponding user side key between the quantum key card of network service station and Authentication Client coupling, sending signature authentication knot During fruit, ask this user side key in other quantum network service stations of network side, signature authentication result is encrypted, close to generate The signature authentication result of civilian form.
14. digital signature systems as claimed in claim 10 are it is characterised in that the current quantum net that communicates with Authentication Client There is no corresponding user side key between the quantum key card of network service station and signature client coupling, carrying out signature authentication When, signature file is sent to other quantum network service stations of the relative users side key that is stored with, request carries out signature authentication And return authentication result.
15. digital signature systems as claimed in claim 10 are it is characterised in that the current quantum net that communicates with Authentication Client There is no corresponding user side key between the quantum key card of network service station and signature client coupling, carrying out signature authentication When, ask this user side key to complete signature authentication in other quantum network service stations of network side.
A kind of 16. digital signature methods are it is characterised in that be applied to the digital signature as described in any one of claim 1~15 System.
It is characterised in that during digital signature, signature client is to affiliated for 17. digital signature methods as claimed in claim 16 Quantum network service station proposes signature application, obtains random number and signature time from affiliated quantum network service station, and together with treating Signature file sends to corresponding quantum key card;Quantum key card is according to the key of key seed and generating random number signature Treat signature file to carry out signature and process obtaining signature file, then signature file is sent to Authentication Client;
During signature authentication, signature file is sent to that affiliated quantum network service station is parsed and signature is recognized by Authentication Client Card;After signature authentication success, Authentication Client is notified with ciphertext form.
A kind of 18. digital signature methods implemented based on quantum key card, comprising:
Step 1, the signature request of response signature client, using random number and user side key production key;
Step 2, carries out signature using described key to the file to be signed from signature client and obtains signature file;
Described random number is derived from the current quantum network service station with signature client communication, and described user side key is as key Seed is stored in quantum key card, and downloads automatic network side, in order to implement digital signature and corresponding signature authentication.
A kind of 19. quantum key cards for digital signature, comprising:
Module 1, for the signature request of response signature client, generates key using random number and key seed;
Module 2, obtains signature file for carrying out signature using described key to the file to be signed from signature client;
Described random number is derived from the current quantum network service station with signature client communication, and described user side key is as key Seed is stored in quantum key card, and downloads automatic network side, in order to implement digital signature and corresponding signature authentication.
CN201610843134.9A 2016-09-23 2016-09-23 Digital signature method and system and quantum key card Active CN106357396B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610843134.9A CN106357396B (en) 2016-09-23 2016-09-23 Digital signature method and system and quantum key card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610843134.9A CN106357396B (en) 2016-09-23 2016-09-23 Digital signature method and system and quantum key card

Publications (2)

Publication Number Publication Date
CN106357396A true CN106357396A (en) 2017-01-25
CN106357396B CN106357396B (en) 2019-11-12

Family

ID=57858721

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610843134.9A Active CN106357396B (en) 2016-09-23 2016-09-23 Digital signature method and system and quantum key card

Country Status (1)

Country Link
CN (1) CN106357396B (en)

Cited By (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107333263A (en) * 2017-06-12 2017-11-07 浙江神州量子网络科技有限公司 A kind of follow-on SIM card and mobile communication personal identification method and system
CN107453868A (en) * 2017-09-01 2017-12-08 中国电子科技集团公司第三十研究所 A kind of safe and efficient quantum key method of servicing
CN107741947A (en) * 2017-08-30 2018-02-27 浙江九州量子信息技术股份有限公司 The storage of random number key based on HDFS file system and acquisition methods
CN107809311A (en) * 2017-09-30 2018-03-16 飞天诚信科技股份有限公司 The method and system that a kind of unsymmetrical key based on mark is signed and issued
CN107888376A (en) * 2017-10-23 2018-04-06 浙江神州量子网络科技有限公司 NFC Verification Systems based on quantum communication network
CN108173649A (en) * 2018-01-10 2018-06-15 如般量子科技有限公司 A kind of message authentication method and system based on quantum key card
CN108737076A (en) * 2017-04-13 2018-11-02 山东量子科学技术研究院有限公司 A kind of identity authorization system and identity identifying method
CN108737323A (en) * 2017-04-13 2018-11-02 山东量子科学技术研究院有限公司 A kind of digital signature method, apparatus and system
CN108900298A (en) * 2018-07-11 2018-11-27 长春大学 Privately owned block chain honesty entity authentication cut-in method based on quantum cryptography watermark
CN109067705A (en) * 2018-06-28 2018-12-21 如般量子科技有限公司 Modified Kerberos identity authorization system and method based on group communication
CN109104271A (en) * 2017-06-20 2018-12-28 山东量子科学技术研究院有限公司 A kind of methods, devices and systems of digital signature
CN109104276A (en) * 2018-07-31 2018-12-28 如般量子科技有限公司 A kind of cloud storage method of controlling security and system based on pool of keys
CN109151053A (en) * 2018-09-20 2019-01-04 如般量子科技有限公司 Anti- quantum calculation cloud storage method and system based on public asymmetric key pond
CN109299618A (en) * 2018-09-20 2019-02-01 如般量子科技有限公司 Anti- quantum calculation cloud storage method and system based on quantum key card
CN109450623A (en) * 2018-10-16 2019-03-08 如般量子科技有限公司 Anti- quantum calculation cryptographic key negotiation method based on unsymmetrical key pond
CN109525390A (en) * 2018-11-20 2019-03-26 江苏亨通问天量子信息研究院有限公司 Quantum key wireless dispatch method and system for terminal device secret communication
CN109586917A (en) * 2018-10-31 2019-04-05 如般量子科技有限公司 The signature method and sealing system of anti-quantum calculation based on unsymmetrical key pond
CN109670826A (en) * 2018-11-29 2019-04-23 如般量子科技有限公司 Anti- quantum calculation block chain method of commerce based on unsymmetrical key pond
CN109670827A (en) * 2018-11-29 2019-04-23 如般量子科技有限公司 Anti- quantum calculation block chain method of commerce based on pool of symmetric keys
CN109842490A (en) * 2017-11-28 2019-06-04 广东国盾量子科技有限公司 Digital signature generation/transmission/verification method, terminal and computer storage medium
CN109889329A (en) * 2019-01-11 2019-06-14 如般量子科技有限公司 Anti- quantum calculation wired home quantum communications method and system based on quantum key card
CN109951513A (en) * 2019-01-11 2019-06-28 如般量子科技有限公司 Anti- quantum calculation wired home quantum cloud storage method and system based on quantum key card
CN110086627A (en) * 2019-04-22 2019-08-02 如般量子科技有限公司 Based on unsymmetrical key pond to and timestamp quantum communications service station cryptographic key negotiation method and system
CN110176997A (en) * 2019-05-15 2019-08-27 如般量子科技有限公司 Based on unsymmetrical key pond to and digital signature quantum communications service station AKA cryptographic key negotiation method and system, computer equipment
CN110365472A (en) * 2019-05-30 2019-10-22 如般量子科技有限公司 Quantum communications service station digital signature method based on unsymmetrical key pond pair, system

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101282222A (en) * 2008-05-28 2008-10-08 胡祥义 Digital signature method based on CSK
CN102196425A (en) * 2011-07-01 2011-09-21 安徽量子通信技术有限公司 Quantum-key-distribution-network-based mobile encryption system and communication method thereof
CN102833075A (en) * 2012-09-05 2012-12-19 北京市科学技术情报研究所 Identity authentication and digital signature method based on three-layered overlapping type key management technology
US20130083926A1 (en) * 2011-09-30 2013-04-04 Los Alamos National Security, Llc Quantum key management
CN105007158A (en) * 2015-07-09 2015-10-28 中国科学技术大学先进技术研究院 Quantum digital signing method and system
CN105812367A (en) * 2016-03-15 2016-07-27 浙江神州量子网络科技有限公司 Authentication system and authentication method of network access device in quantum network
WO2016118359A1 (en) * 2015-01-22 2016-07-28 Alibaba Group Holding Limited Method, apparatus, and system for quantum key distribution

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101282222A (en) * 2008-05-28 2008-10-08 胡祥义 Digital signature method based on CSK
CN102196425A (en) * 2011-07-01 2011-09-21 安徽量子通信技术有限公司 Quantum-key-distribution-network-based mobile encryption system and communication method thereof
US20130083926A1 (en) * 2011-09-30 2013-04-04 Los Alamos National Security, Llc Quantum key management
CN102833075A (en) * 2012-09-05 2012-12-19 北京市科学技术情报研究所 Identity authentication and digital signature method based on three-layered overlapping type key management technology
WO2016118359A1 (en) * 2015-01-22 2016-07-28 Alibaba Group Holding Limited Method, apparatus, and system for quantum key distribution
CN105007158A (en) * 2015-07-09 2015-10-28 中国科学技术大学先进技术研究院 Quantum digital signing method and system
CN105812367A (en) * 2016-03-15 2016-07-27 浙江神州量子网络科技有限公司 Authentication system and authentication method of network access device in quantum network

Cited By (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108737323B (en) * 2017-04-13 2021-06-18 山东量子科学技术研究院有限公司 Digital signature method, device and system
CN108737323A (en) * 2017-04-13 2018-11-02 山东量子科学技术研究院有限公司 A kind of digital signature method, apparatus and system
CN108737076A (en) * 2017-04-13 2018-11-02 山东量子科学技术研究院有限公司 A kind of identity authorization system and identity identifying method
CN107333263A (en) * 2017-06-12 2017-11-07 浙江神州量子网络科技有限公司 A kind of follow-on SIM card and mobile communication personal identification method and system
CN109104271A (en) * 2017-06-20 2018-12-28 山东量子科学技术研究院有限公司 A kind of methods, devices and systems of digital signature
CN107741947A (en) * 2017-08-30 2018-02-27 浙江九州量子信息技术股份有限公司 The storage of random number key based on HDFS file system and acquisition methods
CN107741947B (en) * 2017-08-30 2020-04-24 浙江九州量子信息技术股份有限公司 Method for storing and acquiring random number key based on HDFS file system
CN107453868A (en) * 2017-09-01 2017-12-08 中国电子科技集团公司第三十研究所 A kind of safe and efficient quantum key method of servicing
CN107453868B (en) * 2017-09-01 2019-09-24 中国电子科技集团公司第三十研究所 A kind of safe and efficient quantum key method of servicing
CN107809311A (en) * 2017-09-30 2018-03-16 飞天诚信科技股份有限公司 The method and system that a kind of unsymmetrical key based on mark is signed and issued
CN107809311B (en) * 2017-09-30 2020-01-03 飞天诚信科技股份有限公司 Asymmetric key issuing method and system based on identification
CN107888376B (en) * 2017-10-23 2020-08-11 浙江神州量子网络科技有限公司 NFC authentication system based on quantum communication network
CN107888376A (en) * 2017-10-23 2018-04-06 浙江神州量子网络科技有限公司 NFC Verification Systems based on quantum communication network
CN109842490A (en) * 2017-11-28 2019-06-04 广东国盾量子科技有限公司 Digital signature generation/transmission/verification method, terminal and computer storage medium
CN108173649B (en) * 2018-01-10 2020-08-11 如般量子科技有限公司 Message authentication method and system based on quantum key card
CN108173649A (en) * 2018-01-10 2018-06-15 如般量子科技有限公司 A kind of message authentication method and system based on quantum key card
CN109067705B (en) * 2018-06-28 2020-12-01 如般量子科技有限公司 Improved Kerberos identity authentication system and method based on group communication
CN109067705A (en) * 2018-06-28 2018-12-21 如般量子科技有限公司 Modified Kerberos identity authorization system and method based on group communication
CN108900298B (en) * 2018-07-11 2020-09-18 长春大学 Quantum cipher watermark-based private block chain honest node authentication access method
CN108900298A (en) * 2018-07-11 2018-11-27 长春大学 Privately owned block chain honesty entity authentication cut-in method based on quantum cryptography watermark
CN109104276A (en) * 2018-07-31 2018-12-28 如般量子科技有限公司 A kind of cloud storage method of controlling security and system based on pool of keys
CN109104276B (en) * 2018-07-31 2021-10-22 如般量子科技有限公司 Cloud storage security control method and system based on key pool
CN109299618A (en) * 2018-09-20 2019-02-01 如般量子科技有限公司 Anti- quantum calculation cloud storage method and system based on quantum key card
CN109151053B (en) * 2018-09-20 2021-08-10 如般量子科技有限公司 Anti-quantum computing cloud storage method and system based on public asymmetric key pool
CN109151053A (en) * 2018-09-20 2019-01-04 如般量子科技有限公司 Anti- quantum calculation cloud storage method and system based on public asymmetric key pond
CN109450623A (en) * 2018-10-16 2019-03-08 如般量子科技有限公司 Anti- quantum calculation cryptographic key negotiation method based on unsymmetrical key pond
CN109586917A (en) * 2018-10-31 2019-04-05 如般量子科技有限公司 The signature method and sealing system of anti-quantum calculation based on unsymmetrical key pond
CN109586917B (en) * 2018-10-31 2021-07-27 如般量子科技有限公司 Anti-quantum-computation signature method and system based on asymmetric key pool
CN109525390A (en) * 2018-11-20 2019-03-26 江苏亨通问天量子信息研究院有限公司 Quantum key wireless dispatch method and system for terminal device secret communication
CN109670827A (en) * 2018-11-29 2019-04-23 如般量子科技有限公司 Anti- quantum calculation block chain method of commerce based on pool of symmetric keys
CN109670826A (en) * 2018-11-29 2019-04-23 如般量子科技有限公司 Anti- quantum calculation block chain method of commerce based on unsymmetrical key pond
CN109670827B (en) * 2018-11-29 2020-11-17 如般量子科技有限公司 Anti-quantum computation blockchain transaction method based on symmetric key pool
CN109670826B (en) * 2018-11-29 2020-11-17 如般量子科技有限公司 Anti-quantum computation block chain transaction method based on asymmetric key pool
CN109951513B (en) * 2019-01-11 2021-10-22 如般量子科技有限公司 Quantum-resistant computing smart home quantum cloud storage method and system based on quantum key card
CN109889329A (en) * 2019-01-11 2019-06-14 如般量子科技有限公司 Anti- quantum calculation wired home quantum communications method and system based on quantum key card
CN109951513A (en) * 2019-01-11 2019-06-28 如般量子科技有限公司 Anti- quantum calculation wired home quantum cloud storage method and system based on quantum key card
CN110086627A (en) * 2019-04-22 2019-08-02 如般量子科技有限公司 Based on unsymmetrical key pond to and timestamp quantum communications service station cryptographic key negotiation method and system
CN110176997A (en) * 2019-05-15 2019-08-27 如般量子科技有限公司 Based on unsymmetrical key pond to and digital signature quantum communications service station AKA cryptographic key negotiation method and system, computer equipment
CN110365472A (en) * 2019-05-30 2019-10-22 如般量子科技有限公司 Quantum communications service station digital signature method based on unsymmetrical key pond pair, system

Also Published As

Publication number Publication date
CN106357396B (en) 2019-11-12

Similar Documents

Publication Publication Date Title
CN106357396B (en) Digital signature method and system and quantum key card
CN106411525B (en) Message authentication method and system
CN106357649A (en) User identity authentication system and method
CN101090316B (en) Identify authorization method between storage card and terminal equipment at off-line state
CN104735068A (en) SIP security authentication method based on commercial passwords
CN102404347A (en) Mobile internet access authentication method based on public key infrastructure
CN109257180A (en) A kind of method and device for depositing card based on the intellectual property file of block chain
CN104424446A (en) Safety verification and transmission method and system
Tan et al. Comments on “dual authentication and key management techniques for secure data transmission in vehicular ad hoc networks”
US20110320359A1 (en) secure communication method and device based on application layer for mobile financial service
CN108810895A (en) Wireless Mesh netword identity identifying method based on block chain
CN109218825A (en) A kind of video encryption system
CN108306732A (en) A kind of random digit generation method, relevant device and system
CN108768653A (en) Identity authorization system based on quantum key card
JP2001177513A (en) Authenticating method in communication system, center equipment, and recording medium with authentication program recorded thereon
CN108599925A (en) A kind of modified AKA identity authorization systems and method based on quantum communication network
CN108964897B (en) Identity authentication system and method based on group communication
CN104200154A (en) Identity based installation package signing method and identity based installation package signing device
CN108632042A (en) A kind of class AKA identity authorization systems and method based on pool of symmetric keys
Gürgens et al. On the security of fair non-repudiation protocols
CN108964896B (en) Kerberos identity authentication system and method based on group key pool
CN103873257A (en) Secrete key updating, digital signature and signature verification method and device
CN108566273A (en) Identity authorization system based on quantum network
CN111080299B (en) Anti-repudiation method for transaction information, client and server
CN104915689B (en) A kind of smart card information processing method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant