CN106357396A - Digital signature method, digital signature system and quantum key card - Google Patents
Digital signature method, digital signature system and quantum key card Download PDFInfo
- Publication number
- CN106357396A CN106357396A CN201610843134.9A CN201610843134A CN106357396A CN 106357396 A CN106357396 A CN 106357396A CN 201610843134 A CN201610843134 A CN 201610843134A CN 106357396 A CN106357396 A CN 106357396A
- Authority
- CN
- China
- Prior art keywords
- quantum
- key
- signature
- network service
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/068—Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Abstract
The invention discloses a digital signature method, a digital signature system and a quantum key card. The digital signature system comprises quantum network service stations, signature client sides, authentication client sides and quantum key cards, wherein the quantum network service stations are configured on the network side, and the signature client sides and the authentication client sides are configured on the user side. The digital signature method includes that a true random number is generated on the network side and then stored in the corresponding quantum key card and on the network side respectively to form a corresponding user-side key; the quantum key card matching with the signature client side uses the stored user-side key to generate a signature file, the signature file is sent to the authentication client side via the signature client side, and the authentication client side sends the received signature file to the current quantum network service station, acquires the corresponding user-side key from the network side to perform signature authentication on the signature file and sends signature authentication results to the corresponding authentication client side. The digital signature method, the digital signature system and the quantum key card have the advantage that key seeds are stored in the quantum key cards and the quantum network service stations, so that the problems of access use and safety of quantum network terminals are solved.
Description
Technical field
The invention belongs to Technique on Quantum Communication field and in particular to a kind of based on quantum random number and quantum key distribution
Digital signature method and system.
Background technology
Signature and to signature identification be an indispensable part in daily social life and economic transaction dealing, tradition
Signature be to carry out writing sign or seal etc. on paper document to operate to show that the document obtained the confirmation of client, its
There is certain act of law.The today's society developing rapidly in information technology and network, the mankind have begun to enter with no paper at all
In the epoch, increasing transaction is all to complete in a network, is further continued for continuing to use traditional signature scheme and can not meet society
Demand.
Digital signature technology, as a kind of effective and feasible method, is widely used in solving the safety of information transfer on network
Sex chromosome mosaicism.Digital signature technology adopts certain crypto-operation, generates series of sign and code to replace writing signature or to print
Chapter, which ensure that the non-repudiation of the confidentiality of information transfer in network, integrity and sender's signature.
The digital signature method of main flow is to utilize asymmetric arithmetic to realize to information based on public key cryptosystem now
Digital signature, but public-key cryptosystem is the safety to guarantee information of complexity based on mathematical calculation, with quantum meter
The development of calculation technology, the safety of its asymmetric arithmetic being adopted will be by great threat, and unsymmetrical key encryption and decryption
Speed is slow, and authentication efficiency is low, is not suitable for large-scale promotion and uses.Symmetric key algorithm may also be used for realizing digital signature, its
There is compared with asymmetric key algorithm occupancy resource few, the advantages of fast operation, but symmetric key algorithm is difficult to solve
Cipher key distribution problem, modal way is in both sides' pre-stored symmetric key, but uses same group of symmetric key for a long time
Have the risk revealed and be cracked, be that the patent documentation proposition that the displosure number is cn101282222a is a kind of symmetrical using combination
The method to realize digital signature for the cipher key technique, it reaches signature key using the seed key prestoring with reference to key schedule
The effect of one time one change, although the method is directly slightly carried using the method security that prestored secret key realizes encryption and decryption before comparing
Rise, but its seed key can't be updated, and after being used for multiple times, still has the risk being cracked.
Content of the invention
The present invention provides a kind of digital signature system based on quantum random number and quantum key distribution, using packaged type
The access that quantum key card solves quantum network terminal uses and safety problem.
A kind of digital signature system, including the quantum network service station being configured at network side and the label being configured at user side
Name client and Authentication Client, are additionally provided with quantum key card, and network side generates true random number in quantum key card and network side
Store respectively to form corresponding user side key;The user side key of the quantum key Cali storage of signature client coupling
Generate signature file signed client to send to Authentication Client, Authentication Client by the signature file receiving send to
Current quantum network service station, obtains corresponding user side key in network side and carries out signature authentication to described signature file, then
Signature authentication result is sent to Authentication Client.
Described true random number is generated by the quantum network service station of network side, and in described quantum key card and this quantum net
Network service station stores respectively to form corresponding user side key.
Comparatively described signature client and Authentication Client are, only according to the type of service occurring
Fixed, signature client is at least to should have an Authentication Client.Preferably, described signature client and certification client
End is respectively provided with the data transmission interface matching with quantum key card.
It can be understood as setting up communication link when signature client and Authentication Client are matched with respective quantum key card
Connect.For signature client, it is necessary to first set up communication connection with a quantum key card before it is digitally signed.
Preferably, described current quantum network service station is sent signature authentication result to certification client with encrypted test mode
End, current quantum network service station is close to carrying out by corresponding user side key with the quantum key card that Authentication Client mates
The Encrypt and Decrypt of literary composition.
For realize signature authentication result with encrypted test mode transmit, Authentication Client before it carries out signature authentication it is necessary to
Communication connection set up by one quantum key card, and the quantum key card that Authentication Client and signature client are mated can not be same
One.
Preferably, described quantum key card is usbkey or pluggable board/chip, it has data storage and process
Function, can be realized based on existing hardware technology for itself.
Described quantum key be stuck in corresponding quantum network service station be registered for auditing granted after issue, there is unique amount
Sub-key card id, points to the quantum network service station issuing this quantum key card.Described quantum key card is stored with relative users
Identity information, and the information issuing the quantum network service station of this quantum key card.
Because quantum key card and owning user are mutually bound, the relevant information of therefore quantum key card memory storage can also
It is used for doing authenticating user identification.Optionally, quantum key card and exclusive client id are mutually bound, now in quantum key card
The relevant information of storage is also used as the authentication of exclusive client.
Described user side key can also be directly used as required key during digital signature and signature authentication, but makees
For preferred, as key seed, described quantum key card and quantum network service station are stored with accordingly described user side key
Key schedule, be respectively used to generate required key during digital signature and signature authentication.
Described quantum key card and quantum network service station are stored with corresponding Digital Signature Algorithm, are respectively used to numeral
Signature and signature authentication.Key seed in quantum key card can come from different quantum network service stations, but key life
Algorithm, Digital Signature Algorithm and the AES being possible with is become to be stored in quantum key card and each quantum network service
In standing.
When key schedule and Digital Signature Algorithm have multiple, when client is communicated with quantum network service station, can
By forms such as algorithm label or indexes it is intended that identical algorithm.
Key seed in quantum key card both can be downloaded in the quantum network service station issuing quantum key card, also may be used
To download in other quantum network service stations, in order to identify separate sources, in described quantum key card, there is tagged keys seed
Key seed id in source, in order to point to the quantum network service station storing this key seed, can also take in this quantum network
Positioning key seed storage address in business station.While quantum network service station is by user side key write quantum key card,
It is stored in this service station for calling.
In order to improve safety, need not move through certain client when downloading key seed and carry out, but quantum key card
Directly set up communication connection with generating true random number in quantum network service station.Only digital signature, signature authentication, encryption and decryption or
During other concrete business, quantum key card need to be communicated to connect with quantum network service station by client.
Key seed in described quantum key card is divided into some key seed collection, same key seed according to source difference
The key seed of collection is derived from same quantum network service station, and different key seed collection carries different key seed id.
Because quantum key card is corresponding with the user side key of network side, therefore user side key use when, quantum
Key seed between key card and key seed id sensing quantum network service station is synchronous, when key seed is synchronous when taking:
Optionally, quantum key card and quantum network service station are digitally signed with identical algorithm picks key seed
And signature authentication.
Optionally, quantum key card sends the label information being used for the key seed of digital signature to quantum network service
Stand, during with signature authentication, choose corresponding key seed.
In order to improve safety, key seed of the present invention is renewable, when key seed updates:
Optionally, client sends to update and applies for quantum key card and notify quantum network service station, quantum key card
Receive renewal to apply for and update key seed, the corresponding key seed of quantum network service station synchronized update by pre-defined rule.
Optionally, count key seed access times, when access times reach threshold value when quantum key card with corresponding
The corresponding key seed of quantum network service station synchronized update.
Access times threshold value is pre-set, is stored concurrently in quantum network service station and quantum key card, makes both
Counted and synchronous.
Optionally, the key seed quantity that quantum key card statistics is not used by, reaches and is pointed out during marginal value, client
Download new user side key in quantum network service station on demand.
When key seed updates, it is to enter between the quantum network service station pointed by quantum key card and key seed id
OK.Certainly, if downloading new key seed, then quantum network service station is not strictly limited.
Digital signature system of the present invention can be implemented in LAN, and the quantum network service station of network side includes:
Quantum service centre, for being connected with each client communication of user side by classic network;
Quantum random number generator, generates described true random number;
User side Key Management server, is communicated to connect with quantum service centre, for being estimated one's own ability future according to user's request
The true random number of sub- randomizer stores respectively to corresponding quantum key card and this quantum network service station, as
Corresponding user side key.
When multiple quantum network service stations constitute wide area network, digital signature system of the present invention can be implemented in wide area network,
Network side, two quantum network service stations being connected are equipped with corresponding quantum key control centre, quantum key control centre
With the quantum service centre communication connection in place quantum network service station, corresponding Liang Ge quantum key control centre is by quantum
Network carries out key distribution, in order to form quantum key between station between two quantum network service stations being connected.
In the present invention, quantum service centre and quantum key control centre can using existing framework and with quantum skill
Art combines, and such as quantum key control centre is provided with the quantum key distribution equipment implementing qkd;Quantum service centre includes counting
Word signature server, signature authentication server and encryption and decryption server are respectively utilized to complete corresponding business.
Described user side Key Management server stores the true random number from quantum random number generator respectively to phase
As user side key in the quantum key card answered and this quantum network service station, and in quantum network service station, this use
Family side key is storable in user side Key Management server and/or quantum service centre, described user side key management clothes
Business device and quantum service centre communicate to connect, and with responding, user side key are called.
Optionally, the current quantum network service station communicating with Authentication Client and the quantum key of signature client coupling
Be stored between card corresponding user side key, when carrying out signature authentication, directly invokes this user side key in station, utilizes
This user side key completes signature authentication.
Optionally, the current quantum network service station communicating with Authentication Client and the quantum key of Authentication Client coupling
Be stored between card corresponding user side key, when sending signature authentication result, directly invokes this user side key in station
Signature authentication result is encrypted, to generate the signature authentication result of ciphertext form.
Optionally, the current quantum network service station communicating with Authentication Client and the quantum key of Authentication Client coupling
There is no corresponding user side key, when sending signature authentication result, in other quantum network service stations of network side between card
Ask this user side key, signature authentication result is encrypted, to generate the signature authentication result of ciphertext form.Current quantum network
Service station from the signature file that Authentication Client receives, key seed id with key seed used by signature algorithm, when
Corresponding user side key, according to this key seed id, is asked to the quantum network service station pointed in front quantum network service station.
Optionally, the current quantum network service station communicating with Authentication Client and the quantum key of signature client coupling
There is no corresponding user side key between card, when carrying out signature authentication, signature file is sent to the relative users side that is stored with
Other quantum network service stations of key, request carries out signature authentication and return authentication result.
Current quantum network service station from the signature file that Authentication Client receives, with key used by signature algorithm
Key seed id of seed, current quantum network service station, please to the quantum network service station pointed to according to this key seed id
Ask signature authentication and return authentication result.
Optionally, the current quantum network service station communicating with Authentication Client and the quantum key of signature client coupling
There is no corresponding user side key, when carrying out signature authentication, in other quantum network service stations of network side request between card
This user side key is to complete signature authentication
Current quantum network service station from the signature file that Authentication Client receives, with key used by signature algorithm
Key seed id of seed, current quantum network service station, please to the quantum network service station pointed to according to this key seed id
Seek corresponding user side key.
User side key passes between the quantum network service station that key seed id is pointed to and current quantum network service station
When sending, it is possible to use between standing, quantum key carries out Encrypt and Decrypt transmission in itself to user side key.
If also will be passed through it between the quantum network service station of key seed id sensing and current quantum network service station
His network node transfer, then between described station, quantum key is interpreted as the two quantum network service stations connecting in direction communication
Quantum key between the station being formed by corresponding quantum key distribution equipment between (or network node), and not refer in particular to key kind
Quantum key between the station between the quantum network service station of sub- id sensing and current quantum network service station.
In the same manner, current quantum network service station to the quantum network service station that key seed id is pointed to ask for an autograph certification with
And during return authentication result, also with station between quantum key stood between data transfer.
The present invention also provides a kind of digital signature method, is applied to digital signature system of the present invention.Message authentication
Concrete scheme in method can refer to the relevant narration in message authentication system.
Digital signature method of the present invention:
During digital signature, signature client proposes signature application to affiliated quantum network service station, from affiliated quantum network
Service station obtains random number and signature time, and sends to corresponding quantum key card together with file to be signed;Quantum key card
According to key seed and generating random number signature use key treat signature file carry out signature process obtain signature file, then general
Signature file sends to Authentication Client.
During signature authentication, signature file is sent to affiliated quantum network service station and is parsed and sign by Authentication Client
Certification;After signature authentication success, Authentication Client is notified with ciphertext form.
The present invention also provides a kind of digital signature method implemented based on quantum key card, comprising:
Step 1, the signature request of response signature client, using random number and user side key production key;
Step 2, carries out signature using described key to the file to be signed from signature client and obtains signature file;
Described random number is derived from the current quantum network service station with signature client communication, described user side key conduct
Key seed is stored in quantum key card, and downloads automatic network side, in order to implement digital signature and corresponding signature authentication.
The present invention also provides a kind of quantum key card for digital signature, comprising:
Module 1, for the signature request of response signature client, generates key using random number and key seed;
Module 2, obtains signature literary composition for carrying out signature using described key to the file to be signed from signature client
Part;;
Described random number is derived from the current quantum network service station with signature client communication, described user side key conduct
Key seed is stored in quantum key card, and downloads automatic network side, in order to implement digital signature and corresponding signature authentication.
After completing signature, signature file is returned to signature client, then send to specified certification visitor via classic network
Family end.
Quantum key card of the present invention issue mode, the synchronization of using method and key seed or update all can be according to this
The scheme of invention is implemented.
User side key is separately stored in quantum key card and quantum network service station the present invention, solves quantum network
The access of terminal uses and safety problem, and in addition described key seed can actively update as needed, or by system prompt quilt
Dynamic renewal, reduces the risk being cracked further.
Brief description
Fig. 1 is digital signature flow chart;
Fig. 2 is the flow chart of signature authentication;
Fig. 3 is the quantum network schematic diagram of embodiment 2 application scenarios.
Specific embodiment
Embodiment 1
The digital signature system of the present embodiment includes primary centre, secondary switching center and the quantum net configuring successively
Network service station.
Wherein, primary centre can refer to the quantum network core station of a prefecture-level city or suitable size area, passes through
It is preferably star topology network to be connected with described secondary switching center.Wherein, primary centre can be handed over multiple two grades
Switching center9 is utilized respectively quantum key distribution equipment and realizes between station the distribution of quantum key and shared, and wherein cipher key distribution system can
With integrated using a set of or many set.
Wherein, secondary switching center can refer to the quantum network core station of a county-level city or small towns size area, passes through
It is preferably star topology network to be connected with quantum network service station.Wherein, secondary switching center can be with multiple quantum networks
Service station is utilized respectively quantum key distribution equipment and realizes between station the distribution of quantum key and shared, and wherein quantum key distribution sets
For using, a set of or many set is integrated.
Wherein, quantum network service station refers to the quantum network station of residential communities or suitable size area.
Quantum network service station includes:
Quantum service centre, be mainly used in being connected with each client communication of user side by classic network and and other
Quantum network service station communicates to connect;Classic network includes but is not limited to telecommunications network, the Internet, broadcasting and television network or other are logical
Communication network etc..
Quantum key distribution equipment, be mainly used in by qkd mode realize standing between quantum key shared.
Quantum random number generator, the application key request proposing for receive user side Key Management server, generate
User side key, and it is sent to user side Key Management server;Adopt herein for true random number.It can be based on circuit
Real random number generator, the real random number generator based on physical resource and other kinds of truly random generator.
User side Key Management server, deposits, manages the true random number generating from quantum random number generator, Ke Yijie
Enter portable quantum key card, the hair fastener of realization, registration, copy user side key, quantum service centre can also be received
The application key request proposing, the user side key sending corresponding length is to quantum service centre.
Wherein quantum service centre includes: digital signature server, signature verification service device and encryption and decryption server, can root
According to needing to arrange other servers.
Encryption and decryption server obtains close according to demand from quantum key management server or user side Key Management server
Key, the encryption information coming from client transmissions is deciphered, or needing to be transferred to the data encryption of client.
The quantum key card having is mated with quantum network service station, it is possible to achieve with quantum network service when client is communicated
The authentication stood, can also be continuously generated newly by the use of the user side key being provided by quantum network service station as key seed
Key.
It is configured with client, client a1~client an of such as in figure, and client under each quantum network service station
End b1~client bn.In the present embodiment different servers or other devices can also carry out as needed on hardware whole
Close.
Signature client, file to be signed is sent to matches the amount of (setting up communication connection by the interface of coupling)
Sub-key card simultaneously obtains corresponding signature file after being digitally signed via this quantum key Cali user side key, then will
The signature file obtaining is sent to corresponding Authentication Client.
Authentication Client, the signature file receiving is forwarded to current quantum network service station, and via current quantum
Network service station carries out signature authentication to obtain authentication result using the user side key corresponding to signature client.
After the authentication result that current quantum network service station will be encrypted using the user side key with respect to Authentication Client
Return to Authentication Client, the authentication result that authentication authorization and accounting client receives is corresponding ciphertext, Authentication Client needs phase
The quantum key card joined is using the authentication result just obtaining plaintext after corresponding user side secret key decryption.
In the present embodiment Authentication Client and signature client between and Authentication Client and current quantum network service
Between standing, signature client all carried out by classic network with the data interaction in current quantum network service station.
Authentication Client and signature client are to access the equipment of quantum network, can be mobile terminal, or are fixed terminal.
When for mobile terminal, quantum key card is preferably quantum sd card;When for fixed terminal, quantum key card is preferably
usbkey.
Obtain quantum key card after the quantum network service station that client goes to region is registered, be granted
(there is unique quantum key card id).Quantum key card stores client enrollment register information, is also built-in with key and generates calculation
Method and Digital Signature Algorithm, Digital Signature Algorithm include symmetric key algorithm, digital digest algorithm or other with carry out numeral
The related algorithm of signature.
Also there are key schedule and Digital Signature Algorithm in each quantum network service station of network side accordingly, if
Each algorithm exist two or more, quantum key be stuck in quantum network service station pass through when algorithm label can be sent to quantum net
Network service station, chooses for quantum network service station.
User side key in quantum key card may be downloaded from down different quantum network service stations, therefore can be by different next
There are different key seed and concentrate in source, client can take key seed to generate key by rule set in advance.Different
Key seed collection there is unique key seed id, be stored with corresponding key kind in its quantum network service station pointed to
Son.
The digital signature method that the present embodiment provides includes two parts, and a part is that file is digitally signed, separately
A part is signature authentication.In conjunction with Fig. 3, client a1, as signature client, belongs to quantum network service station a, is carrying out
Need through authentication before digital signature business;Client b1, as Authentication Client, belongs to quantum network service station b, with
Reason also needs through authentication before carrying out signature authentication business.
Digital signature includes:
Step 1. signature application: by affiliated quantum key card insertion signature client, sign signer client client
End sends digital signature application to a of quantum network service station.
Step 2. signature key generates: when the digital signature server of quantum network service station a sends random number r and signature
Between st give signature client, random number and signature time st are proceeded to the signature quantum key that matches of client by signature client
In card, quantum key card chooses key seed and key schedule as, and quantum key card according to the key seed chosen and connects
The random number r receiving generates key k using the key schedule as choosing.
Step 3. signature generates: document text f0 is carried out the numeral that digital digest algorithm ah forms original text by quantum key card
Fingerprint fp, and using key k, digital finger-print fp and document text fo is carried out respectively with symmetric encipherment algorithm ac encryption formation numeral
Signature sg and ciphertext fc.Wherein digital digest algorithm ah and symmetric encipherment algorithm ac all can use existing algorithm.
Step 4. signature file generate: quantum key card by digital signature sg, random number r, key seed id, signature the time
St and ciphertext fc are grouped together into signature file fs.
Step 5. signature file sends: signature file fs is sent to signature client by quantum key card, then by classics
Network sends to Authentication Client.
Signature authentication includes that (if following steps no specified otherwise, " quantum key card " refers both to the amount belonging to authenticating party client
Sub-key card):
Step 1. parses signature file: Authentication Client is by signature file fs and close with the quantum that Authentication Client matches
Key seed id that will use in key card and signature algorithm label (if following steps no specified otherwise, " quantum key card "
Refer both to the quantum key card belonging to authenticating party client) it is sent to the quantum network service station being connected with current authentication client communication
Signature authentication server, signature authentication server parse from signature file fs digital signature sg, random number r, signature when
Between st, key seed id and ciphertext fc.
Step 2. server searches decryption information and key generates:
If key seed id point to quantum network service station b, stand in transfer corresponding key seed, according to sign the time
St determines corresponding key schedule as ', digital digest algorithm ah ' and symmetric key algorithm ac ', can will sign in the present embodiment
Name time st is considered as algorithm label, in order to that one kind adopting when determining digital signature in many algorithms.Quantum network services
The b that stands obtains key k ' according to key seed, random number r and key schedule as ' by computing.
If key seed id is not pointed towards quantum network service station b, and points to other quantum network service stations, quantum network
Service station b then sends request to the quantum network service station that key seed id is pointed to, and includes at least key seed id in request.
The quantum network service station that key seed id is pointed to is found corresponding in station according to key seed id receiving
Key seed, using station between quantum key with encrypted test mode, key seed is sent to quantum network service station b.
Step 3. server authentication signing messages: the signature authentication server of quantum network service station b obtains key seed,
Extract key schedule as ', with reference to random number r, key k ' is obtained by computing, digital signature deciphering being arrived using key k '
Sg and ciphertext fc are decrypted with symmetric encipherment algorithm ac ', obtain digital finger-print fp and document text fo.Then former to file
Civilian fo carries out digital digest computing using digital digest algorithm ah ' and forms digital finger-print fp '.By digital finger-print fp and digital finger-print
Fp ' is compared, if equal, signature authentication success.
Otherwise signature authentication failure, this signature authentication server sends to the Authentication Client proposing signature authentication application and signs
Name authentication failure message.
Signature authentication is successfully meant that: this document is not tampered with;This document is actually from this signature client.Due to closing
The symmetric encipherment algorithm of method client and digital digest algorithm are identical with legitimate signature certificate server, i.e. symmetric encipherment algorithm
Ac ' is consistent with symmetric encipherment algorithm ac, and digital digest algorithm ah ' is consistent with digital digest algorithm ah.
Step 4. server for encrypting signing messages: if signature authentication success, signature authentication server generate random number q and
Signature authentication time qt.
Quantum network service station b has corresponding user side key with the quantum key card that authenticating party client is mated,
Signature authentication server obtains corresponding user side key as key kind according to key seed id of quantum key card in station
Son, obtains key m using key schedule qs with reference to random number q computing.
Corresponding user side is not stored close in the quantum key card that quantum network service station b is mated with authenticating party client
Key, quantum network service station b is according to key seed id in quantum key card, the quantum network service pointed to key seed id
Transmission of standing is asked, and includes at least key seed id in request.
The quantum network service station that key seed id is pointed to is found corresponding in station according to key seed id receiving
Key seed, using station between quantum key with encrypted test mode, key seed is sent to quantum network service station b.
Quantum network service station b receives key seed, extracts key schedule qs and is obtained by computing with reference to random number q
Key m.
The signature authentication server of quantum network service station b using key m to step 1 parsing obtain digital signature sg,
The document text fo that random number r, signature time st, quantum key card id and step 3 deciphering obtain carries out symmetric encipherment algorithm qc
Form ciphertext fw after encryption.
Step 5. server send signing messages: signature authentication server send signature authentication success message, random number q,
Signature authentication time qt and ciphertext fw are to Authentication Client.
Step 6. decodes ciphertext: Authentication Client receives the signature authentication sending from signature authentication server and successfully disappears
Breath, signature authentication time qt, random number q and ciphertext fw.
Random number q, signature authentication time qt and ciphertext fw are imported quantum key card, quantum key card is according to signature authentication
Time qt chooses key schedule qs ' and symmetric encipherment algorithm qc '.
By the key seed in card with the random number q that receives uses key schedule qs ' computing to generate key m ', and with close
Key m ' and symmetric encipherment algorithm qc ' the decrypting ciphertext fw choosing obtains corresponding digital signature information.
Key seed life-time service or reuse have the probability being cracked, for improving the peace of this message authentication system
Quan Xing, key seed needs timing to update.
Update mode in the present embodiment is:
Client is set up after communication connection with the quantum key card mating, and it is close to quantum that client passes through upper level applications
Key card sends and updates application, and this renewal application is also sent to quantum service centre simultaneously.
Key storage clamping is received after updating application, by Policy Updates key seed set in advance, for example, makes a part
Used key seed does failure indication, does not use, and enables new key seed.
Quantum service centre receives after updating application, by Policy Updates quantum net consensus with quantum key card in advance
The key seed of respective stored in network service station, realizes constantly corresponding with quantum key card.
Embodiment 2
Same as Example 1, except that, if key seed id is not pointed towards quantum network service station b, and point to it
His quantum network service station, the signature file receiving is sent to key via quantum network service station b by Authentication Client b1
The quantum network service station that seed id points to, and signature authentication is carried out by the quantum network service station of this sensing, obtain certification knot
Fruit is sent to Authentication Client b1 via quantum network service station b.
The signature file receiving is sent to key seed id via quantum network service station b and points to by Authentication Client b1
The transmission path in quantum network service station in may will also include other quantum networks in addition to the b of quantum network service station
Service station, this transmission path determines with specific reference to the annexation in each quantum network service station of network side.
Further, the quantum network service station that key seed id is pointed to will obtain authentication result and be sent to Authentication Client b1
When transmission path in, quantum network service station and quantum network service station b that in signature, key seed id that uses is pointed to
Between must also have the quantum network clothes of same key subset through the quantum key card that matches with Authentication Client b1
Business station, the annexation with specific reference to each quantum network service station of network side determines.And authentication result is with ciphertext form transmission,
In transmitting procedure, using the station in two quantum network service stations arbitrarily adjacent in this transmission path between quantum key with encrypted test mode
Authentication result is sent to the quantum key card being matched with Authentication Client b1 the quantum network with same key subset
Service station, then this quantum network service station will decipher the authentication result that obtains and adopt the key kind in this same key subset
It is sent to Authentication Client b1 after son encryption.
Claims (19)
1. a kind of digital signature system, including the quantum network service station being configured at network side and the signature being configured at user side
, it is characterised in that being additionally provided with quantum key card, network side generates true random number in quantum key card for client and Authentication Client
Store respectively with network side to form corresponding user side key;The use of the quantum key Cali storage of signature client coupling
Family side key generates signature file and signed client sends to Authentication Client, and Authentication Client is civilian by the signature receiving
Part sends to current quantum network service station, obtains corresponding user side key in network side and described signature file is signed
Certification, then signature authentication result is sent to Authentication Client.
2. digital signature system as claimed in claim 1 it is characterised in that described true random number by network side quantum network
Service station generates, and stores close to form corresponding user side respectively in described quantum key card and this quantum network service station
Key.
3. digital signature system as claimed in claim 2 is it is characterised in that described signature client and Authentication Client are equal
There is the data transmission interface matching with quantum key card.
4. digital signature system as claimed in claim 2 is it is characterised in that described current quantum network service station is with ciphertext side
Formula sends signature authentication result to Authentication Client, the quantum key that current quantum network service station is mated with Authentication Client
Card is by corresponding user side key to the Encrypt and Decrypt carrying out ciphertext.
5. digital signature system as claimed in claim 2 is it is characterised in that described quantum key is stuck in corresponding quantum network
Service station be registered for auditing granted after issue, there is unique quantum key card id, point to the quantum issuing this quantum key card
Network service station.
6. digital signature system as claimed in claim 2 is it is characterised in that described user side key is as key seed, institute
State quantum key card and quantum network service station be stored with corresponding key schedule, be respectively used to generate digital signature with
And required key during signature authentication.
7. digital signature system as claimed in claim 6 is it is characterised in that have tagged keys kind in described quantum key card
Key seed id in son source, in order to point to the quantum network service station storing this key seed, quantum network service station will be used
While the key write quantum key card of family side, it also is stored in this service station for calling.
8., it is characterised in that key seed is renewable, key seed is more for digital signature system as claimed in claim 7
When new:
Client sends to update applies for quantum key card and notifies quantum network service station, and quantum key clamping is received and updated application
And press pre-defined rule renewal key seed, the corresponding key seed of quantum network service station synchronized update;
Or the access times of statistics key seed, when access times reach threshold value, quantum key card is taken with corresponding quantum network
The business station corresponding key seed of synchronized update;
Or the key seed quantity that quantum key card statistics is not used by, reach and pointed out during marginal value, client exists on demand
New user side key is downloaded in quantum network service station.
9. digital signature system as claimed in claim 2 is it is characterised in that the quantum network service station of network side includes:
Quantum service centre, for being connected with the client communication of user side by classic network;
Quantum random number generator, generates described true random number;
User side Key Management server, with quantum service centre communication connection, for according to user's request will from quantum with
The true random number of machine number generator stores respectively to corresponding quantum key card and this quantum network service station, as corresponding
User side key.
10. digital signature system as claimed in claim 9 is it is characterised in that in network side, two quantum networks being connected take
Business station is equipped with corresponding quantum key control centre, and quantum key control centre is taken with the quantum in place quantum network service station
Business center to center communications connects, and corresponding Liang Ge quantum key control centre carries out key distribution by quantum network, in order to be connected
Form quantum key between station between the two quantum network service stations connecing.
11. digital signature systems as described in claim 9 or 10 are it is characterised in that the current amount that communicates with Authentication Client
Be stored between the quantum key card of sub-network service station and signature client coupling corresponding user side key, is being signed
During certification, directly invoke this user side key in station, complete signature authentication using this user side key.
12. digital signature systems as described in claim 9 or 10 are it is characterised in that the current amount that communicates with Authentication Client
Be stored between the quantum key card of sub-network service station and Authentication Client coupling corresponding user side key, is sending signature
During authentication result, directly invoke this user side key in station and signature authentication result is encrypted, to generate the signature of ciphertext form
Authentication result.
13. digital signature systems as claimed in claim 10 are it is characterised in that the current quantum net that communicates with Authentication Client
There is no corresponding user side key between the quantum key card of network service station and Authentication Client coupling, sending signature authentication knot
During fruit, ask this user side key in other quantum network service stations of network side, signature authentication result is encrypted, close to generate
The signature authentication result of civilian form.
14. digital signature systems as claimed in claim 10 are it is characterised in that the current quantum net that communicates with Authentication Client
There is no corresponding user side key between the quantum key card of network service station and signature client coupling, carrying out signature authentication
When, signature file is sent to other quantum network service stations of the relative users side key that is stored with, request carries out signature authentication
And return authentication result.
15. digital signature systems as claimed in claim 10 are it is characterised in that the current quantum net that communicates with Authentication Client
There is no corresponding user side key between the quantum key card of network service station and signature client coupling, carrying out signature authentication
When, ask this user side key to complete signature authentication in other quantum network service stations of network side.
A kind of 16. digital signature methods are it is characterised in that be applied to the digital signature as described in any one of claim 1~15
System.
It is characterised in that during digital signature, signature client is to affiliated for 17. digital signature methods as claimed in claim 16
Quantum network service station proposes signature application, obtains random number and signature time from affiliated quantum network service station, and together with treating
Signature file sends to corresponding quantum key card;Quantum key card is according to the key of key seed and generating random number signature
Treat signature file to carry out signature and process obtaining signature file, then signature file is sent to Authentication Client;
During signature authentication, signature file is sent to that affiliated quantum network service station is parsed and signature is recognized by Authentication Client
Card;After signature authentication success, Authentication Client is notified with ciphertext form.
A kind of 18. digital signature methods implemented based on quantum key card, comprising:
Step 1, the signature request of response signature client, using random number and user side key production key;
Step 2, carries out signature using described key to the file to be signed from signature client and obtains signature file;
Described random number is derived from the current quantum network service station with signature client communication, and described user side key is as key
Seed is stored in quantum key card, and downloads automatic network side, in order to implement digital signature and corresponding signature authentication.
A kind of 19. quantum key cards for digital signature, comprising:
Module 1, for the signature request of response signature client, generates key using random number and key seed;
Module 2, obtains signature file for carrying out signature using described key to the file to be signed from signature client;
Described random number is derived from the current quantum network service station with signature client communication, and described user side key is as key
Seed is stored in quantum key card, and downloads automatic network side, in order to implement digital signature and corresponding signature authentication.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610843134.9A CN106357396B (en) | 2016-09-23 | 2016-09-23 | Digital signature method and system and quantum key card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610843134.9A CN106357396B (en) | 2016-09-23 | 2016-09-23 | Digital signature method and system and quantum key card |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106357396A true CN106357396A (en) | 2017-01-25 |
| CN106357396B CN106357396B (en) | 2019-11-12 |
Family
ID=57858721
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610843134.9A Active CN106357396B (en) | 2016-09-23 | 2016-09-23 | Digital signature method and system and quantum key card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106357396B (en) |
Cited By (35)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107070663A (en) * | 2017-03-28 | 2017-08-18 | 浙江神州量子网络科技有限公司 | A kind of on-site verification method and on-site verification system based on mobile terminal |
| CN107333263A (en) * | 2017-06-12 | 2017-11-07 | 浙江神州量子网络科技有限公司 | A kind of follow-on SIM card and mobile communication personal identification method and system |
| CN107453868A (en) * | 2017-09-01 | 2017-12-08 | 中国电子科技集团公司第三十研究所 | A kind of safe and efficient quantum key method of servicing |
| CN107741947A (en) * | 2017-08-30 | 2018-02-27 | 浙江九州量子信息技术股份有限公司 | The storage of random number key based on HDFS file system and acquisition methods |
| CN107809311A (en) * | 2017-09-30 | 2018-03-16 | 飞天诚信科技股份有限公司 | The method and system that a kind of unsymmetrical key based on mark is signed and issued |
| CN107888376A (en) * | 2017-10-23 | 2018-04-06 | 浙江神州量子网络科技有限公司 | NFC Verification Systems based on quantum communication network |
| CN108173649A (en) * | 2018-01-10 | 2018-06-15 | 如般量子科技有限公司 | A kind of message authentication method and system based on quantum key card |
| CN108737076A (en) * | 2017-04-13 | 2018-11-02 | 山东量子科学技术研究院有限公司 | A kind of identity authorization system and identity identifying method |
| CN108737323A (en) * | 2017-04-13 | 2018-11-02 | 山东量子科学技术研究院有限公司 | A kind of digital signature method, apparatus and system |
| CN108900298A (en) * | 2018-07-11 | 2018-11-27 | 长春大学 | Privately owned block chain honesty entity authentication cut-in method based on quantum cryptography watermark |
| CN109067705A (en) * | 2018-06-28 | 2018-12-21 | 如般量子科技有限公司 | Modified Kerberos identity authorization system and method based on group communication |
| CN109104276A (en) * | 2018-07-31 | 2018-12-28 | 如般量子科技有限公司 | A kind of cloud storage method of controlling security and system based on pool of keys |
| CN109104271A (en) * | 2017-06-20 | 2018-12-28 | 山东量子科学技术研究院有限公司 | A kind of methods, devices and systems of digital signature |
| CN109151053A (en) * | 2018-09-20 | 2019-01-04 | 如般量子科技有限公司 | Anti- quantum calculation cloud storage method and system based on public asymmetric key pond |
| CN109299618A (en) * | 2018-09-20 | 2019-02-01 | 如般量子科技有限公司 | Anti- quantum calculation cloud storage method and system based on quantum key card |
| CN109450623A (en) * | 2018-10-16 | 2019-03-08 | 如般量子科技有限公司 | Anti- quantum calculation cryptographic key negotiation method based on unsymmetrical key pond |
| CN109525390A (en) * | 2018-11-20 | 2019-03-26 | 江苏亨通问天量子信息研究院有限公司 | Quantum key wireless dispatch method and system for terminal device secret communication |
| CN109586917A (en) * | 2018-10-31 | 2019-04-05 | 如般量子科技有限公司 | The signature method and sealing system of anti-quantum calculation based on unsymmetrical key pond |
| CN109670827A (en) * | 2018-11-29 | 2019-04-23 | 如般量子科技有限公司 | Anti- quantum calculation block chain method of commerce based on pool of symmetric keys |
| CN109670826A (en) * | 2018-11-29 | 2019-04-23 | 如般量子科技有限公司 | Anti- quantum calculation block chain method of commerce based on unsymmetrical key pond |
| CN109842490A (en) * | 2017-11-28 | 2019-06-04 | 广东国盾量子科技有限公司 | Digital signature generation/transmission/verification method, terminal and computer storage medium |
| CN109889329A (en) * | 2019-01-11 | 2019-06-14 | 如般量子科技有限公司 | Anti- quantum calculation wired home quantum communications method and system based on quantum key card |
| CN109951513A (en) * | 2019-01-11 | 2019-06-28 | 如般量子科技有限公司 | Anti- quantum calculation wired home quantum cloud storage method and system based on quantum key card |
| PL424144A1 (en) * | 2017-12-30 | 2019-07-01 | Compsecur Spółka Z Ograniczoną Odpowiedzialnością | Entanglement quantum digital signature |
| CN110086627A (en) * | 2019-04-22 | 2019-08-02 | 如般量子科技有限公司 | Based on unsymmetrical key pond to and timestamp quantum communications service station cryptographic key negotiation method and system |
| CN110138546A (en) * | 2019-03-29 | 2019-08-16 | 如般量子科技有限公司 | Wired home Signcryption method and system based on unsymmetrical key pond |
| CN110176997A (en) * | 2019-05-15 | 2019-08-27 | 如般量子科技有限公司 | Based on unsymmetrical key pond to and digital signature quantum communications service station AKA cryptographic key negotiation method and system, computer equipment |
| CN110336666A (en) * | 2019-07-17 | 2019-10-15 | 武汉信安珞珈科技有限公司 | A method of random number randomness in enhancing SSL/TLS agreement |
| CN110365472A (en) * | 2019-05-30 | 2019-10-22 | 如般量子科技有限公司 | Quantum communications service station digital signature method based on unsymmetrical key pond pair, system |
| CN110380859A (en) * | 2019-05-30 | 2019-10-25 | 如般量子科技有限公司 | Based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method and system |
| CN110519309A (en) * | 2019-10-15 | 2019-11-29 | 中国建设银行股份有限公司 | Data transmission method, device, terminal, server and storage medium |
| CN110620666A (en) * | 2019-01-11 | 2019-12-27 | 科大国盾量子技术股份有限公司 | Quantum signature system and method |
| CN111988142A (en) * | 2020-08-25 | 2020-11-24 | 合肥美菱物联科技有限公司 | Intelligent refrigerator key programming system and method |
| CN114124370A (en) * | 2021-10-14 | 2022-03-01 | 阿里云计算有限公司 | Key generation method and device |
| CN114244565A (en) * | 2021-11-16 | 2022-03-25 | 广东电网有限责任公司 | Key distribution method, device, equipment, storage medium and computer program product |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101282222A (en) * | 2008-05-28 | 2008-10-08 | 胡祥义 | Digital signature method based on CSK |
| CN102196425A (en) * | 2011-07-01 | 2011-09-21 | 安徽量子通信技术有限公司 | Quantum-key-distribution-network-based mobile encryption system and communication method thereof |
| CN102833075A (en) * | 2012-09-05 | 2012-12-19 | 北京市科学技术情报研究所 | Identity authentication and digital signature method based on three-layered overlapping type key management technology |
| US20130083926A1 (en) * | 2011-09-30 | 2013-04-04 | Los Alamos National Security, Llc | Quantum key management |
| CN105007158A (en) * | 2015-07-09 | 2015-10-28 | 中国科学技术大学先进技术研究院 | Quantum digital signing method and system |
| CN105812367A (en) * | 2016-03-15 | 2016-07-27 | 浙江神州量子网络科技有限公司 | Authentication system and authentication method of network access device in quantum network |
| WO2016118359A1 (en) * | 2015-01-22 | 2016-07-28 | Alibaba Group Holding Limited | Method, apparatus, and system for quantum key distribution |
-
2016
- 2016-09-23 CN CN201610843134.9A patent/CN106357396B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101282222A (en) * | 2008-05-28 | 2008-10-08 | 胡祥义 | Digital signature method based on CSK |
| CN102196425A (en) * | 2011-07-01 | 2011-09-21 | 安徽量子通信技术有限公司 | Quantum-key-distribution-network-based mobile encryption system and communication method thereof |
| US20130083926A1 (en) * | 2011-09-30 | 2013-04-04 | Los Alamos National Security, Llc | Quantum key management |
| CN102833075A (en) * | 2012-09-05 | 2012-12-19 | 北京市科学技术情报研究所 | Identity authentication and digital signature method based on three-layered overlapping type key management technology |
| WO2016118359A1 (en) * | 2015-01-22 | 2016-07-28 | Alibaba Group Holding Limited | Method, apparatus, and system for quantum key distribution |
| CN105007158A (en) * | 2015-07-09 | 2015-10-28 | 中国科学技术大学先进技术研究院 | Quantum digital signing method and system |
| CN105812367A (en) * | 2016-03-15 | 2016-07-27 | 浙江神州量子网络科技有限公司 | Authentication system and authentication method of network access device in quantum network |
Cited By (57)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107070663A (en) * | 2017-03-28 | 2017-08-18 | 浙江神州量子网络科技有限公司 | A kind of on-site verification method and on-site verification system based on mobile terminal |
| CN107070663B (en) * | 2017-03-28 | 2023-08-18 | 浙江神州量子网络科技有限公司 | Mobile terminal-based field authentication method and field authentication system |
| CN108737076A (en) * | 2017-04-13 | 2018-11-02 | 山东量子科学技术研究院有限公司 | A kind of identity authorization system and identity identifying method |
| CN108737323B (en) * | 2017-04-13 | 2021-06-18 | 山东量子科学技术研究院有限公司 | Digital signature method, device and system |
| CN108737323A (en) * | 2017-04-13 | 2018-11-02 | 山东量子科学技术研究院有限公司 | A kind of digital signature method, apparatus and system |
| CN107333263A (en) * | 2017-06-12 | 2017-11-07 | 浙江神州量子网络科技有限公司 | A kind of follow-on SIM card and mobile communication personal identification method and system |
| CN109104271A (en) * | 2017-06-20 | 2018-12-28 | 山东量子科学技术研究院有限公司 | A kind of methods, devices and systems of digital signature |
| CN109104271B (en) * | 2017-06-20 | 2022-02-18 | 山东量子科学技术研究院有限公司 | Digital signature method, device and system |
| CN107741947B (en) * | 2017-08-30 | 2020-04-24 | 浙江九州量子信息技术股份有限公司 | Method for storing and acquiring random number key based on HDFS file system |
| CN107741947A (en) * | 2017-08-30 | 2018-02-27 | 浙江九州量子信息技术股份有限公司 | The storage of random number key based on HDFS file system and acquisition methods |
| CN107453868B (en) * | 2017-09-01 | 2019-09-24 | 中国电子科技集团公司第三十研究所 | A kind of safe and efficient quantum key method of servicing |
| CN107453868A (en) * | 2017-09-01 | 2017-12-08 | 中国电子科技集团公司第三十研究所 | A kind of safe and efficient quantum key method of servicing |
| CN107809311B (en) * | 2017-09-30 | 2020-01-03 | 飞天诚信科技股份有限公司 | Asymmetric key issuing method and system based on identification |
| CN107809311A (en) * | 2017-09-30 | 2018-03-16 | 飞天诚信科技股份有限公司 | The method and system that a kind of unsymmetrical key based on mark is signed and issued |
| CN107888376A (en) * | 2017-10-23 | 2018-04-06 | 浙江神州量子网络科技有限公司 | NFC Verification Systems based on quantum communication network |
| CN107888376B (en) * | 2017-10-23 | 2020-08-11 | 浙江神州量子网络科技有限公司 | NFC authentication system based on quantum communication network |
| CN109842490A (en) * | 2017-11-28 | 2019-06-04 | 广东国盾量子科技有限公司 | Digital signature generation/transmission/verification method, terminal and computer storage medium |
| PL424144A1 (en) * | 2017-12-30 | 2019-07-01 | Compsecur Spółka Z Ograniczoną Odpowiedzialnością | Entanglement quantum digital signature |
| CN108173649A (en) * | 2018-01-10 | 2018-06-15 | 如般量子科技有限公司 | A kind of message authentication method and system based on quantum key card |
| CN108173649B (en) * | 2018-01-10 | 2020-08-11 | 如般量子科技有限公司 | Message authentication method and system based on quantum key card |
| CN109067705B (en) * | 2018-06-28 | 2020-12-01 | 如般量子科技有限公司 | Improved Kerberos identity authentication system and method based on group communication |
| CN109067705A (en) * | 2018-06-28 | 2018-12-21 | 如般量子科技有限公司 | Modified Kerberos identity authorization system and method based on group communication |
| CN108900298B (en) * | 2018-07-11 | 2020-09-18 | 长春大学 | Quantum cipher watermark-based private block chain honest node authentication access method |
| CN108900298A (en) * | 2018-07-11 | 2018-11-27 | 长春大学 | Privately owned block chain honesty entity authentication cut-in method based on quantum cryptography watermark |
| CN109104276B (en) * | 2018-07-31 | 2021-10-22 | 如般量子科技有限公司 | Cloud storage security control method and system based on key pool |
| CN109104276A (en) * | 2018-07-31 | 2018-12-28 | 如般量子科技有限公司 | A kind of cloud storage method of controlling security and system based on pool of keys |
| CN109299618A (en) * | 2018-09-20 | 2019-02-01 | 如般量子科技有限公司 | Anti- quantum calculation cloud storage method and system based on quantum key card |
| CN109151053A (en) * | 2018-09-20 | 2019-01-04 | 如般量子科技有限公司 | Anti- quantum calculation cloud storage method and system based on public asymmetric key pond |
| CN109151053B (en) * | 2018-09-20 | 2021-08-10 | 如般量子科技有限公司 | Anti-quantum computing cloud storage method and system based on public asymmetric key pool |
| CN109450623A (en) * | 2018-10-16 | 2019-03-08 | 如般量子科技有限公司 | Anti- quantum calculation cryptographic key negotiation method based on unsymmetrical key pond |
| CN109586917B (en) * | 2018-10-31 | 2021-07-27 | 如般量子科技有限公司 | Anti-quantum-computation signature method and system based on asymmetric key pool |
| CN109586917A (en) * | 2018-10-31 | 2019-04-05 | 如般量子科技有限公司 | The signature method and sealing system of anti-quantum calculation based on unsymmetrical key pond |
| CN109525390A (en) * | 2018-11-20 | 2019-03-26 | 江苏亨通问天量子信息研究院有限公司 | Quantum key wireless dispatch method and system for terminal device secret communication |
| CN109670826B (en) * | 2018-11-29 | 2020-11-17 | 如般量子科技有限公司 | Anti-quantum computation block chain transaction method based on asymmetric key pool |
| CN109670826A (en) * | 2018-11-29 | 2019-04-23 | 如般量子科技有限公司 | Anti- quantum calculation block chain method of commerce based on unsymmetrical key pond |
| CN109670827B (en) * | 2018-11-29 | 2020-11-17 | 如般量子科技有限公司 | Anti-quantum computation blockchain transaction method based on symmetric key pool |
| CN109670827A (en) * | 2018-11-29 | 2019-04-23 | 如般量子科技有限公司 | Anti- quantum calculation block chain method of commerce based on pool of symmetric keys |
| CN109951513B (en) * | 2019-01-11 | 2021-10-22 | 如般量子科技有限公司 | Quantum-resistant computing smart home quantum cloud storage method and system based on quantum key card |
| CN109951513A (en) * | 2019-01-11 | 2019-06-28 | 如般量子科技有限公司 | Anti- quantum calculation wired home quantum cloud storage method and system based on quantum key card |
| CN109889329A (en) * | 2019-01-11 | 2019-06-14 | 如般量子科技有限公司 | Anti- quantum calculation wired home quantum communications method and system based on quantum key card |
| CN110620666A (en) * | 2019-01-11 | 2019-12-27 | 科大国盾量子技术股份有限公司 | Quantum signature system and method |
| CN110138546A (en) * | 2019-03-29 | 2019-08-16 | 如般量子科技有限公司 | Wired home Signcryption method and system based on unsymmetrical key pond |
| CN110138546B (en) * | 2019-03-29 | 2023-06-06 | 如般量子科技有限公司 | Intelligent household digital signcryption method and system based on asymmetric key pool |
| CN110086627A (en) * | 2019-04-22 | 2019-08-02 | 如般量子科技有限公司 | Based on unsymmetrical key pond to and timestamp quantum communications service station cryptographic key negotiation method and system |
| CN110086627B (en) * | 2019-04-22 | 2023-08-04 | 如般量子科技有限公司 | Quantum communication service station key negotiation method and system based on asymmetric key pool pair and time stamp |
| CN110176997B (en) * | 2019-05-15 | 2023-03-10 | 如般量子科技有限公司 | Quantum communication service station AKA key negotiation method and system |
| CN110176997A (en) * | 2019-05-15 | 2019-08-27 | 如般量子科技有限公司 | Based on unsymmetrical key pond to and digital signature quantum communications service station AKA cryptographic key negotiation method and system, computer equipment |
| CN110380859B (en) * | 2019-05-30 | 2022-10-14 | 如般量子科技有限公司 | Quantum communication service station identity authentication method and system based on asymmetric key pool pair and DH protocol |
| CN110380859A (en) * | 2019-05-30 | 2019-10-25 | 如般量子科技有限公司 | Based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method and system |
| CN110365472A (en) * | 2019-05-30 | 2019-10-22 | 如般量子科技有限公司 | Quantum communications service station digital signature method based on unsymmetrical key pond pair, system |
| CN110365472B (en) * | 2019-05-30 | 2023-08-04 | 如般量子科技有限公司 | Quantum communication service station digital signature method and system based on asymmetric key pool pair |
| CN110336666A (en) * | 2019-07-17 | 2019-10-15 | 武汉信安珞珈科技有限公司 | A method of random number randomness in enhancing SSL/TLS agreement |
| CN110519309A (en) * | 2019-10-15 | 2019-11-29 | 中国建设银行股份有限公司 | Data transmission method, device, terminal, server and storage medium |
| CN111988142A (en) * | 2020-08-25 | 2020-11-24 | 合肥美菱物联科技有限公司 | Intelligent refrigerator key programming system and method |
| CN114124370A (en) * | 2021-10-14 | 2022-03-01 | 阿里云计算有限公司 | Key generation method and device |
| CN114244565A (en) * | 2021-11-16 | 2022-03-25 | 广东电网有限责任公司 | Key distribution method, device, equipment, storage medium and computer program product |
| CN114244565B (en) * | 2021-11-16 | 2023-09-19 | 广东电网有限责任公司 | Key distribution method, device, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106357396B (en) | 2019-11-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106357396B (en) | Digital signature method and system and quantum key card | |
| CN106411525B (en) | Message authentication method and system | |
| CN101090316B (en) | Identify authorization method between storage card and terminal equipment at off-line state | |
| CN106357649A (en) | User identity authentication system and method | |
| Tan et al. | Comments on “dual authentication and key management techniques for secure data transmission in vehicular ad hoc networks” | |
| CN108683501B (en) | Multiple identity authentication system and method with timestamp as random number based on quantum communication network | |
| CN104735068A (en) | SIP security authentication method based on commercial passwords | |
| CN109257180A (en) | A kind of method and device for depositing card based on the intellectual property file of block chain | |
| CN108599925A (en) | A kind of modified AKA identity authorization systems and method based on quantum communication network | |
| CN108768653A (en) | Identity authorization system based on quantum key card | |
| CN108306732A (en) | A kind of random digit generation method, relevant device and system | |
| CN109218825A (en) | A kind of video encryption system | |
| CN108566273A (en) | Identity authorization system based on quantum network | |
| US20110320359A1 (en) | secure communication method and device based on application layer for mobile financial service | |
| CN108964896B (en) | Kerberos identity authentication system and method based on group key pool | |
| CN109151508A (en) | A kind of video encryption method | |
| CN111080299B (en) | Anti-repudiation method for transaction information, client and server | |
| CN108632042A (en) | A kind of class AKA identity authorization systems and method based on pool of symmetric keys | |
| CN108650028A (en) | Multiple identity authorization system and method based on quantum communication network and true random number | |
| JP2001177513A (en) | Authenticating method in communication system, center equipment, and recording medium with authentication program recorded thereon | |
| CN108964897A (en) | Identity authorization system and method based on group communication | |
| CN108809636A (en) | The communication system and communication means of message authentication between member are realized based on group's type quantum key card | |
| CN108964895B (en) | User-to-User identity authentication system and method based on group key pool and improved Kerberos | |
| CN108600152A (en) | Modified Kerberos identity authorization systems based on quantum communication network and method | |
| CN104200154A (en) | Identity based installation package signing method and identity based installation package signing device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |