CN108111301A - The method and its system for realizing SSH agreements are exchanged based on rear quantum key - Google Patents
The method and its system for realizing SSH agreements are exchanged based on rear quantum key Download PDFInfo
- Publication number
- CN108111301A CN108111301A CN201711326036.9A CN201711326036A CN108111301A CN 108111301 A CN108111301 A CN 108111301A CN 201711326036 A CN201711326036 A CN 201711326036A CN 108111301 A CN108111301 A CN 108111301A
- Authority
- CN
- China
- Prior art keywords
- client
- server
- key
- interim conversation
- public key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/08—Protocols specially adapted for terminal emulation, e.g. Telnet
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention belongs to information technology fields, and in particular to the method and system for realizing SSH agreements are exchanged based on rear quantum key.This method includes:Client and server calculates public and private key pair respectively;Client interim conversation public key is calculated, and client public key and client interim conversation public key are sent to server;Server carries out authentication to client;Calculation server interim conversation public key;Calculation server interim conversation variable and interim conversation disappear wrong variable and server shared key initial seed;Quantum algorithm generates the final server shared key of this session after server by utilizing;Client carries out authentication according to server public key to server;Client calculates client interim conversation variable and client shared key initial seed by the authentication of server;Client generates the End-Customer end shared key of this session using rear quantum algorithm.This method and its system are highly resistant to quantum computer attack, ensure network security.
Description
Technical field
The invention belongs to information technology fields, and in particular to a kind of that the side for realizing SSH agreements is exchanged based on rear quantum key
Method and the system that realization SSH agreements are exchanged based on rear quantum key.
Background technology
With the continuous development of computer network, network size also becomes increasing, and people are to Telnet function
Demand is also promoted therewith, such as configuration, management to remote server etc..SSH (Secure Shel l) is current using the most
One of extensive Telnet, compared with the agreement of other offer Telnets, SSH is capable of providing communicating pair identity and tests
A variety of security services such as card, encryption of communicated data transmission and completeness check.
SSH consensus standards define the hierarchical architecture of SSH, shown in SSH diagram of protocol architecture as shown in Figure 1, bag
It is located at the bottom of SSH, Neng Gouti containing transport layer protocol, user authentication and connection layer protocol three parts, wherein transport layer protocol
It is the basis that SSH is capable of providing secure remote login for security services such as key agreement, data encryption, authentications.At present
Key agreement part is completed by DH (Diffie-Hellman) algorithm in SSH transport layers, i.e., communicating pair utilizes DH algorithms in public affairs
A shared key is negotiated on common network network, which is used for all data to be transmitted after encryption and decryption, ensures session
Security.Cipher key agreement algorithm has very important status in SSH agreements, it is necessary to have sufficiently high security, at present
DH algorithms security dependent on solve discrete logarithm difficulty.Discrete logarithm problem is using current computer condition
Under, it can only can be just solved within the exponential time.But with the appearance of quantum computer and quantum algorithm, discrete logarithm problem
Have been demonstrated that available quantum computer solves in polynomial time, this also mean that DH algorithms the quantum epoch will no longer that
Safety.
On the one hand, DH algorithms are subject to man-in-the-middle attack in order to prevent, and SSH will not only support DH to calculate in key agreement phase
Method, it is also necessary to support RSA, SHA256 scheduling algorithm, complexity is relatively high.On the other hand, quantum cryptology technology is grown rapidly.
The research serious threat of these quanta cryptology techniques the public-key cryptosystem for currently relying on Digital Theory, gives SSH securities
Serious threat is brought, and the proposition of Shor algorithms is so that the cryptographic algorithm dependent on discrete logarithm difficulty is no longer so pacified
Entirely, DH algorithms also face huge challenge therewith, if DH algorithms cannot be guaranteed the security of communicating pair negotiating about cipher key shared, that
SSH provides security service and does not just know where to begin.With the further investigation of quantum algorithm so that solving discrete logarithm problem becomes light
Pine also just becomes an easy thing with easily, cracking the shared key of DH negotiating algorithms, and SSH, which provides security service, will be subject to seriously
Query.
In addition, SSH has also been produced many security breaches, especially SSH agreements during connection is established at this stage,
Not to communicating pair whether by illegal invasion or control verify, communicating pair can not determine the trusted status of opposite end, nothing
Method determines whether other side is invaded by attacker or illegally control, and carrying out attack for attacker provides chance.Although SSH at this stage
Agreement has many advantages, such as, possesses numerous users, but is also implicitly present in some loopholes and deficiency, for example is easily subject to select ciphertext
Attack, SQL injection etc., to these it is existing the problem of be improved as a technical problem to be solved urgently.
The content of the invention
The technical problems to be solved by the invention are for above-mentioned deficiency in the prior art, are provided after one kind is based on
Quantum key is exchanged the method for realizing SSH agreements and the system for realizing SSH agreements is exchanged based on rear quantum key, uses quantum
Cryptography knowwhy ensures network security to achieve the purpose that resist quantum computer attack.
Technical solution is that this exchanges realization SSH agreements based on rear quantum key used by solving present invention problem
Method, including cipher key exchange step, which includes:
Client and server calculates the public and private key of client from stochastical sampling in the Gaussian Profile of the first parameter respectively
Pair and server public and private key pair;
Client calculates client interim conversation public key from stochastical sampling in the Gaussian Profile of the second parameter, and by client
End public key and client interim conversation public key are sent to server;
Server receives client public key and client interim conversation public key, authentication is carried out to client, if tested
Card cannot be by, otherwise server carries out direct break link in next step;
Stochastical sampling from the Gaussian Profile of the second parameter, calculation server interim conversation public key;
Server according to client interim conversation public key, client vector, server interim conversation public key, server to
The stochastical sampling of amount and server in the Gaussian Profile of the first parameter and the second parameter, calculation server interim conversation become
Amount and interim conversation disappear wrong variable, and then calculate service according to server interim conversation variable and the interim conversation wrong variable that disappears
Device shared key initial seed;
Server is public according to client vector, server vector, client interim conversation public key, server interim conversation
Key, interim conversation disappear wrong variable and server shared key initial seed, and the final of this session is generated using rear quantum algorithm
Server shared key;
Client carries out authentication according to server public key to server;
Client by the authentication of server, according to client interim conversation public key, client vector, server to
Amount, the stochastical sampling of server interim conversation public key and client in the Gaussian Profile of the first parameter and the second parameter, meter
It calculates client interim conversation variable, and then client is calculated according to disappear wrong variable of client interim conversation variable and interim conversation
Shared key initial seed;
Client is public according to client vector, server vector, client interim conversation public key, server interim conversation
Key, interim conversation disappear wrong variable and client shared key initial seed, and the final of this session is generated using rear quantum algorithm
Client shared key;
Server or any authentication of client cannot be by the way that then key, which exchanges, terminates.
Preferably, server interim conversation public key ksFor:
ks=(pcc+x)(ssd+rs)+2gs
Wherein:
C=H1(client, server, x) is client vector;
X=arc+2fc, it is client interim conversation public key;
rciAnd fciThe Gaussian Profile χ for being β from the second parameter for clientβOn stochastical sampling value, q is positive integer;
D=H1(server, client, y, x) is server vector;
Y=ars+2fs, it is server interim conversation public key;
rsi, fsi, gsiThe Gaussian Profile χ for being β from the second parameter for serverβOn stochastical sampling value, q is positive integer;
pc=asc+2ec, it is client public key;
sciAnd eciFor client from the first parameter be α Gaussian Profiles χαOn stochastical sampling value, q is positive integer, scStill it is
Client private key;
And the interim conversation wrong variable w that disappears is:
W=Cha (ks)
Wherein:Cha () is characterized correlation function.
Preferably, according to (w, y, ps), server shared key initial seed σsFor:
σs=Mod2(ks,w)
Wherein:Mod2() be 2 function of mould, Mod2(v, w)=(v+w (q-1)/2) modqmod 2, qmod2n=1,Unit matrixv∈Mq, w ∈ { 0,1 };
Server shared key sksFor:
sks=H (client, server, x, y, w, σs)。
Preferably, client interim conversation variable kcFor:
kc=(psd+y)(scc+rc)+2gc
Wherein:
gciThe Gaussian Profile χ for being β from the second parameter for serverβOn stochastical sampling value, q is positive integer;
ps=ass+2es, it is server public key;
ssiAnd esiFor server from the first parameter be α Gaussian Profiles χαOn stochastical sampling value, q is positive integer, ssStill it is
Privacy key.
5. according to claim 4 exchange the method for realizing SSH agreements based on rear quantum key, which is characterized in that
According to (w, y, ps), client shared key initial seed σcFor:
σc=Mod2(kc,w)
Wherein:Mod2() be 2 function of mould, Mod2(v, w)=(v+w (q-1)/2) modqmod 2, qmod2n=1,Unit matrixv∈Mq, w ∈ { 0,1 };
Client shared key skcFor:
skc=H (client, server, x, y, w, σc)。
Preferably, before cipher key exchange step, further include:The step of trusted status of verification communicating pair, it is:
The request of verification client trusted status is sent to server;
After server receives the request of client, the first random number of random generation one M, by the first random number with testing
The request of itself trusted status is demonstrate,proved to client, wherein M is natural number;
After client receives the first random number and checking request, corresponding the second random number for generating one M, then to can
Letter request integrity measurement, and the first random number and configuration register value, metrics logs SML are encrypted, by encrypted result, second
Random number and TPM public keys are sent collectively to server;
After server receives data, judge whether this client is first client for asking to establish SSH connections, if
Be check it is local with the presence or absence of trusted voucher, if it is local there are trusted voucher and the trusted vouchers still before the deadline,
It directly carries out in next step;Otherwise, then need first to the machine trusted request integrity measurement, then by the second random number and oneself
Configuration register value, metrics logs SML encryptions, client is sent collectively to by encrypted result and TPM public keys;
The trusted status for the data verification client that server is sent according to client, if the verification passes, generation is credible
Voucher is verified, which includes client ip, client unique identifier, the IP of local server and identifier, generation
The time of the voucher, the voucher term of validity, and be encrypted using the TPM public keys that client is sent, encrypted result is logical with verification
It crosses information and is sent collectively to client;
After client receives data, the trusted status of authentication server, if the verification passes after, client similarly generates one
A trusted voucher, content include server ip, server unique identifiers, the IP of the machine client and identifier, generation this with
The time of card, the voucher term of validity, and be encrypted using the TPM public keys that server is sent, by encrypted result and it is verified letter
Breath is sent collectively to server;
After server receives credible authority, the credible authority is decrypted using the TPM private keys of oneself, and saves it in this
Ground, so then the trusted status of both sides to be verified, otherwise directly disconnects.
A kind of that the system for realizing SSH agreements is exchanged based on rear quantum key, including key exchange module, which hands over
Changing the mold block includes first key unit, the second cipher key unit and the first authentication unit, the second authentication unit, wherein:
The first key unit, positioned at server, for completing following function:
From stochastical sampling in the Gaussian Profile of the first parameter, the public and private key pair of calculation server;
After first authentication unit is by the authentication of client, from random in the Gaussian Profile of the second parameter
Sampling, calculation server interim conversation public key;
According to client interim conversation public key, client vector, client staging server vector and server the
Stochastical sampling in the Gaussian Profile of one parameter and the second parameter, calculation server interim conversation variable and interim conversation disappear mistake
Variable;
It is and initial according to server interim conversation variable and the interim conversation wrong variable calculation server shared key that disappears
Seed;
According to client vector, server vector, client interim conversation public key, server interim conversation public key, interim
Session disappears wrong variable and server shared key initial seed, and the final server that this session is generated using rear quantum algorithm is total to
Enjoy key;
First authentication unit, it is right for receiving client public key and client interim conversation public key positioned at server
Client carries out authentication, if verification cannot be by, otherwise direct break link is carried out subsequent authentication by server;
Second cipher key unit, positioned at client, for completing following function:
From stochastical sampling in the Gaussian Profile of the first parameter, the public and private key pair of client is calculated;
From stochastical sampling in the Gaussian Profile of the second parameter, client interim conversation public key is calculated, and by client public key
Server is sent to client interim conversation public key;
After second authentication unit is by the authentication of server, according to client interim conversation public key, client
End vector, server vector, server interim conversation public key and client are in the first parameter and the Gaussian Profile of the second parameter
On stochastical sampling, calculate client interim conversation variable, and then disappeared according to client interim conversation variable and interim conversation
Wrong variable calculates client shared key initial seed;
And according to client vector, server vector, client interim conversation public key, server interim conversation public key,
Interim conversation disappears wrong variable and client shared key initial seed, and the final service of this session is generated using rear quantum algorithm
Device shared key;
Second authentication unit, positioned at client, for carrying out authentication to server according to server public key, such as
Fruit verification cannot be by terminating key and exchanging, otherwise carry out subsequent authentication.
Preferably, in the first key unit:
Server interim conversation public key ksFor:
ks=(pcc+x)(ssd+rs)+2gs
Wherein:
C=H1(client, server, x) is client vector;
X=arc+2fc, it is client interim conversation public key;
rciAnd fciThe Gaussian Profile χ for being β from the second parameter for clientβOn stochastical sampling value, q is positive integer;
D=H1(server, client, y, x) is server vector;
Y=ars+2fs, it is server interim conversation public key;
rsi, fsi, gsiThe Gaussian Profile χ for being β from the second parameter for serverβOn stochastical sampling value, q is positive integer;
pc=asc+2ec, it is client public key;
sciAnd eciFor client from the first parameter be α Gaussian Profiles χαOn stochastical sampling value, q is positive integer, scStill it is
Client private key;
And the interim conversation wrong variable w that disappears is:
W=Cha (ks)
Wherein:Cha () is characterized correlation function;
According to (w, y, ps), server shared key initial seed σsFor:
σs=Mod2(ks,w)
Wherein:Mod2() be 2 function of mould, Mod2(v, w)=(v+w (q-1)/2) modqmod 2, qmod2n=1,Unit matrixv∈Mq, w ∈ { 0,1 };
Server shared key sksFor:
sks=H (client, server, x, y, w, σs)。
Preferably, in second cipher key unit,
Client interim conversation variable kcFor:
kc=(psd+y)(scc+rc)+2gc
Wherein:
gciThe Gaussian Profile χ for being β from the second parameter for serverβOn stochastical sampling value, q is positive integer;
ps=ass+2es, it is server public key;
ssiAnd esiFor server from the first parameter be α Gaussian Profiles χαOn stochastical sampling value, q is positive integer, ssStill it is
Privacy key;
And according to (w, y, ps), client shared key initial seed σcFor:
σc=Mod2(kc,w)
Wherein:Mod2() be 2 function of mould, Mod2(v, w)=(v+w (q-1)/2) modqmod 2, qmod2n=1,Unit matrixv∈Mq, w ∈ { 0,1 };
Client shared key skcFor:
skc=H (client, server, x, y, w, σc)。
Preferably, verification trusted module is further included, to verify the trusted status of communicating pair, the verification trusted module
The first untrusted location including being located at server and the second untrusted location positioned at client, for completing following function:
Second untrusted location sends the request of verification client trusted status to first untrusted location;
After first untrusted location receives the request of client, the first random number of random generation one M, by first
To second untrusted location, wherein M is natural number for the request of itself trusted status of random number with verification;
Second untrusted location receives the first random number and after checking request, the second of corresponding generation one M is random
Then number asks integrity measurement to TPM, and the first random number and configuration register value, metrics logs SML is encrypted, will add
Close result, the second random number and TPM public keys are sent collectively to first untrusted location;
After first untrusted location receives data, judge whether this client is ask to establish SSH connections first
Client if so, checking locally with the presence or absence of trusted voucher, still to exist if locally there are trusted vouchers and the trusted voucher
In the term of validity, then directly carry out in next step;Otherwise, then need first to the machine trusted request integrity measurement, then by second with
Machine number and the configuration register value of oneself, metrics logs SML encryptions, described the is sent collectively to by encrypted result and TPM public keys
Two untrusted locations;
The trusted status for the data verification client that first untrusted location sends according to second untrusted location, such as
Fruit is verified, and generation trust authentication includes client ip, client unique identifier, native service by voucher, the voucher
The IP of device and identifier, the time for generating the voucher, the voucher term of validity, and be encrypted using the TPM public keys that client is sent,
Encrypted result is sent collectively to client with being verified information;
After client receives data, the trusted status of authentication server, if the verification passes after, second untrusted location
A trusted voucher is similarly generated, content includes server ip, server unique identifiers, the IP of the machine client and mark
Accord with, generate time, the voucher term of validity of the voucher, and be encrypted using the TPM public keys that server is sent, by encrypted result with
It is verified information and is sent collectively to first untrusted location;
After first untrusted location receives credible authority, the credible authority is decrypted using the TPM private keys of oneself, and by its
Local is stored in, so then the trusted status of both sides to be verified, otherwise directly disconnects.
The beneficial effects of the invention are as follows:This is exchanged based on rear quantum key realizes the method for SSH agreements and based on rear quantum
Key exchanges the system for realizing SSH agreements, is dived using rear quantum key exchange agreement and authentic authentication method to solve SSH agreements
Some threat.Quantum key exchange agreement can solve being total to for cipher key exchange phase in current SSH agreements after therein
The problem of key may be broken is enjoyed, it is incredible that authentic authentication can solve the both sides' platform to communicate using SSH agreements
Problem.
Description of the drawings
Fig. 1 is SSH protocol infrastructure schematic diagrames;
Fig. 2 is existing SSH protocol remotes login process figure;
Fig. 3 exchanges key in the method for realizing SSH agreements based on rear quantum key for the embodiment of the present invention 1 and exchanges flow
Figure;
Fig. 4 exchanges credible proof flow in the method for realizing SSH agreements for the embodiment of the present invention 1 based on rear quantum key
Figure.
Specific embodiment
For those skilled in the art is made to more fully understand technical scheme, below in conjunction with the accompanying drawings and specific embodiment party
Formula realizes the method for SSH agreements to being exchanged the present invention is based on rear quantum key and exchanges realization SSH agreements based on rear quantum key
System be described in further detail.
The technical concept of the present invention is:By the end of current, the improvement project to SSH agreements at this stage is all to utilize the modern times
The improvement that cryptological technique carries out, also never relates to the use of quantum cryptology technology and is improved.The present invention is i.e. close using quantum
Code technology to it is above-mentioned the technical issues of be improved.Discrete logarithm can be solved in polynomial time using quantum algorithm to ask
Topic, the state that communicating pair is also ensured before SSH connections are established is believable, to take into account the security of SSH agreements and credible
Property.
The present invention provides a kind of improved method of the trusted SSH protocol authentication based on rear quantum key exchange algorithm, when
When user carries out telnet server using improved SSH agreements, client and server divides after version negotiation is carried out
Credible proof is not sent to opposite end to ask, integrity measurement then is carried out to itself and sends the result to opposite end, last basis
The trusted status for the data verification other side that opposite end is sent.Trust authentication by rear SSH will using rear quantum key exchange algorithm come
The key agreement phase between client and remote server and both sides' authentication stage are completed, these change user need not
Bottom layer realization principle is concerned about, without the login method before change.Not only user's transparency is strong for this method, and speed is fast, algorithm
It is simple readily understood, additionally it is possible on the premise of original SSH Telnets security is not reduced, quantum computer after on the one hand providing
Function prevents the shared key that communicating pair generates from being broken through by quantum computer;On the other hand it is possible to verify that client and
The trusted status of two side of server.
Embodiment 1:
The present embodiment provides a kind of methods for being exchanged based on rear quantum key and realizing SSH agreements, can effectively prevent communication
The shared key of client and server generation is broken through by quantum computer;On the other hand it is possible to verify that client and server
The trusted status of two sides.
Protocol architecture to SSH improvement projects is Three-tider architecture framework, specific protocol infrastructure as defined in current SSH agreements
With reference to figure 1.SSH is followed successively by transport layer, user authentication, establishes connection from down to up, and session establishment flow includes version negotiation, calculates
Method is consulted and key agreement, user authentication and request connection.
At present, communicating pair is as shown in Figure 2 using the flow of SSH agreements progress Telnet.
The first step, version negotiation:Client sends mutually the protocol version of oneself with server, software version number carries out
Version negotiation to determine whether to continue session, follows the steps below after version negotiation success.The information that this stage sends is with bright
Literary mode is transmitted;
Second step, negotiating algorithm:Client and server sends the public key algorithm list of oneself support, Encryption Algorithm respectively
List, compression algorithm list etc., both sides go out this session and will eventually use according to opposite end and the negotiating algorithm itself supported
All kinds of algorithms.Wherein, for cipher key agreement algorithm, although can theoretically consult, in fact, SSH at present must
Must and what is uniquely supported is exactly DH algorithms;
3rd step, key agreement:Client and server is held consultation shared key using DH Diffie-Hellman.This rank
Section needs RSA Algorithm, SHA256 algorithms to be assisted, to reduce the probability being broken;
4th step, user authentication:User password is sent to server by client in the form of ciphertext, server then to
The identity at family carries out legitimacy certification;
5th step establishes connection:After user authentication success, client sends session request, and server is for client
Request type is reacted, and both sides establish connection, carry out data transmission.
It is held consultation key using DH algorithms in SSH agreements at this stage, while is subject to man-in-the-middle attack in order to prevent, utilized
RSA Algorithm and SHA256 algorithms carry out signature authentication, to ensure the legitimacy of communicating pair identity.The collaborative work of these algorithms
The high security of shared key is ensured.But the rapid development constantly closed on computer technology in quantum epoch at any time, SSH
Huge challenge and risk will be faced with.
Based on above-mentioned present situation, the present embodiment proposes a kind of trusted SSH certification based on rear quantum key exchange agreement and changes
Into scheme, SSH cipher key exchange phases to be enable to resist the attack of quantum computer, the security of SSH is promoted, continues SSH and exists
The existence service life in quantum epoch.The specifically case theory based on quantum cryptology, R-LWE (Ring-Learning With
Errors) problem complexity may finally stipulations to SVP on lattice (Shortest Vectors Problem) problem, and SVP is asked
Topic has proved to be NP difficulties.Therefore, the authentication key exchange algorithm based on R-LWE can be good at resisting quantum calculation
Attack, and it also has many advantages, such as that calculating speed is fast, should be readily appreciated that.
The present embodiment exchanges the method for realizing SSH agreements based on rear quantum key, when client and server establish SSH
During connection, both sides send credible proof to opposite end first and ask, and then to the trusted request of oneself, (TPM is asked, and TPM is respectively
Trusted Platform Module, credible platform module) integrity measurement, and relevant information is sent to opposite end and is tested
The trusted status of opposite end is demonstrate,proved, after the trusted status of both sides is verified, both sides start ciphersuite negotiation.Carry out key agreement
When, both sides from stochastical sampling in the identical Gaussian Profile of parameter, calculate the public and private key pair of oneself, afterwards by the public affairs of oneself respectively
Key is sent to opposite end and receives the public key of other side, and verifies the identity of other side, then calculates the interim public and private key of this session
Pair and some other required variable, send data to other side after the completion of calculating, while calculate oneself this time session and be total to
Enjoy key.So as to fulfill the trusted status for ensuring terminal and realize resist quantum computer key agreement flow, provide
The Telnet flow of high security.
As shown in figure 3, the core procedure in the method for realizing SSH agreements should be exchanged based on rear quantum key, i.e. key is handed over
Changing step includes:
Client and server calculates the public and private key of client from stochastical sampling in the Gaussian Profile of the first parameter respectively
Pair and server public and private key pair;
Client calculates client interim conversation public key from stochastical sampling in the Gaussian Profile of the second parameter, and by client
End public key and client interim conversation public key are sent to server;
Server receives client public key and client interim conversation public key, authentication is carried out to client, if tested
Card cannot be by, otherwise server carries out direct break link in next step;
Server is by the authentication of client, the stochastical sampling from the Gaussian Profile of the second parameter, calculates service
Device interim conversation public key;
Server according to client interim conversation public key, client vector, server interim conversation public key, server to
The stochastical sampling of amount and server in the Gaussian Profile of the first parameter and the second parameter, calculation server interim conversation become
Amount and interim conversation disappear wrong variable, and then calculate service according to server interim conversation variable and the interim conversation wrong variable that disappears
Device shared key initial seed;
Server is public according to client vector, server vector, client interim conversation public key, server interim conversation
Key, interim conversation disappear wrong variable and server shared key initial seed, and the final of this session is generated using rear quantum algorithm
Server shared key;
Client carries out authentication according to server public key to server;
Client by the authentication of server, according to client interim conversation public key, client vector, server to
Amount, the stochastical sampling of server interim conversation public key and client in the Gaussian Profile of the first parameter and the second parameter, meter
It calculates client interim conversation variable, and then client is calculated according to disappear wrong variable of client interim conversation variable and interim conversation
Shared key initial seed;
Client is public according to client vector, server vector, client interim conversation public key, server interim conversation
Key, interim conversation disappear wrong variable and client shared key initial seed, and the final of this session is generated using rear quantum algorithm
Client shared key;
Server or any authentication of client cannot be by the way that then key, which exchanges, terminates.
In server side, server interim conversation public key ksFor:
ks=(pcc+x)(ssd+rs)+2gs
Wherein:
C=H1(client, server, x) is client vector, and client is client host, and server is server
Host;
X=arc+2fc, it is client interim conversation public key;
rciAnd fciThe Gaussian Profile χ for being β from the second parameter for clientβOn stochastical sampling value, q is positive integer (such as q
=5);Here by multiple repairing weld, by the sum of result of multiple repairing weld as a result, to increase the randomness of sampling.
D=H1(server, client, y, x) is server vector;
Y=ars+2fs, it is server interim conversation public key;
rsi, fsi, gsiThe Gaussian Profile χ for being β from the second parameter for serverβOn stochastical sampling value, q be positive integer (example
Such as q=5);
pc=asc+2ec, it is client public key;
sciAnd eciFor client from the first parameter be α Gaussian Profiles χαOn stochastical sampling value, q is positive integer (such as q=
5), scStill it is client private key;
And the interim conversation wrong variable w that disappears is:
W=Cha (ks)
Wherein:Cha () is characterized correlation function;
According to (w, y, ps), server shared key initial seed σsFor:
σs=Mod2(ks,w)
Wherein:Mod2() be 2 function of mould, Mod2(v, w)=(v+w (q-1)/2) modqmod 2, qmod2n=1,Unit matrixv∈Mq, w ∈ { 0,1 };
Server shared key sksFor:
sks=H (client, server, x, y, w, σs)。
In client tier, client interim conversation variable kcFor:
kc=(psd+y)(scc+rc)+2gc
Wherein:
gciThe Gaussian Profile χ for being β from the second parameter for serverβOn stochastical sampling value, q is positive integer (such as q=
5);
ps=ass+2es, it is server public key;
ssiAnd esiFor server from the first parameter be α Gaussian Profiles χαOn stochastical sampling value, q is positive integer (such as q=
5), ssStill it is privacy key;
According to (w, y, ps), client shared key initial seed σcFor:
σc=Mod2(kc,w)
Wherein:Mod2() be 2 function of mould, Mod2(v, w)=(v+w (q-1)/2) modqmod 2, qmod2n=1,Unit matrixv∈Mq, w ∈ { 0,1 };
Client shared key skcFor:
skc=H (client, server, x, y, w, σc)。
Preferably, before cipher key exchange step, further include:The step of trusted status of verification communicating pair, it is:
The request of verification client trusted status is sent to server;
After server receives the request of client, the first random number of random generation one M, by the first random number with testing
The request of itself trusted status is demonstrate,proved to client, wherein M is natural number;
After client receives the first random number and checking request, corresponding the second random number for generating one M, then to can
Letter request integrity measurement, and the first random number and configuration register value, metrics logs SML are encrypted, by encrypted result, second
Random number and TPM public keys are sent collectively to server;
After server receives data, judge whether this client is first client for asking to establish SSH connections, if
Be check it is local with the presence or absence of trusted voucher, if it is local there are trusted voucher and the trusted vouchers still before the deadline,
It directly carries out in next step;Otherwise, then need first to the machine trusted request integrity measurement, then by the second random number and oneself
Configuration register value, metrics logs SML encryptions, client is sent collectively to by encrypted result and TPM public keys;
The trusted status for the data verification client that server is sent according to client, if the verification passes, generation is credible
Voucher is verified, which includes client ip, client unique identifier, the IP of local server and identifier, generation
The time of the voucher, the voucher term of validity, and be encrypted using the TPM public keys that client is sent, encrypted result is logical with verification
It crosses information and is sent collectively to client;
After client receives data, the trusted status of authentication server, if the verification passes after, client similarly generates one
A trusted voucher, content include server ip, server unique identifiers, the IP of the machine client and identifier, generation this with
The time of card, the voucher term of validity, and be encrypted using the TPM public keys that server is sent, by encrypted result and it is verified letter
Breath is sent collectively to server;
After server receives credible authority, the credible authority is decrypted using the TPM private keys of oneself, and saves it in this
Ground, so then the trusted status of both sides to be verified, otherwise directly disconnects.
Below by the method that SSH agreements are realized to being exchanged in the present embodiment based on rear quantum key to establish SSH long-range
Connection procedure is described in detail, and is divided into six steps:
The first step:Version negotiation.
Before version negotiation, both sides initially set up TCP connection:TCP request connections are sent by user end to server.
After TCP connection is successfully established, client enters loitering phase.Server will send first message to client
End, message content are SSH protocol versions and software version number.Wherein protocol version includes major version number and secondary version number,
Message content is as follows:
“SSH-<Master agreement version number>.<Secondary protocol version>-<Software version number>\n”
After client receives message, one message of server is returned to, content is the associated release number of oneself, and lattice of content
Formula is consistent with the message that server is sent.
After server receives the version number that client sends over, compared with the version number of oneself, to determine whether
It is compatible.If incompatible, TCP connection is directly disconnected, if compatible, server generates a number, and identifying this client is
Which asks to establish the host that SSH is connected with oneself, then into next stage.
Second step:It verifies credible.
The trust authentication of communicating pair starts since system power-up, application program to the end, each between this always
Step will all measure, and metric is expanded to PCR (Platform Configure Register, platform configuration deposit
Device) in.Meanwhile the metric operations of each step, measurement results and these intermediate state are also saved into storage measurement day by both sides
In will SML (Storage Measure Log).
Verify the trusted status detailed process of communicating pair as shown in figure 4, being described as follows:
1 client is sent first verifies the request of itself trusted status to server;
After 2 servers receive the request of client, random generation one M (, M is natural number, is generally first 160)
Random number R andNum1, then by first random number with verifying the request of itself trusted status to client;
After 3 clients receive the first random number and checking request, it is preferred also random it is corresponding generate the second of one M with
Then machine number RandNum2 asks integrity measurement to TPM, and by the first random number R andNum1 and PCR value, metrics logs
SML is encrypted, and encrypted result, the second random number R andNum2 and TPM public key finally are sent collectively to server;
After 4 servers receive data, first have to judge whether this client is first client for asking to establish SSH connections
End, if so, check it is local with the presence or absence of trusted voucher, if local there are trusted voucher and the trusted voucher is still effective
In phase, then directly carry out in next step;Otherwise, then need first to ask integrity measurement to the machine TPM, then by random number
RandNum2 and the PCR value of oneself, metrics logs SML encryptions, client is sent collectively to by encrypted result and TPM public keys;
The trusted status for the data verification client that 5 servers are sent according to client, if the verification passes, generation is credible
Voucher is verified, which includes client ip, client unique identifier, the IP of local server and identifier, generation
The time of the voucher, the voucher term of validity, and these information are encrypted using the TPM public keys that client is sent, encryption is tied
Fruit is sent collectively to client with being verified information;
After 6 clients receive data, the trusted status of authentication server, similarly, if the verification passes after, client is similary
A trusted voucher is generated, content includes server ip, server unique identifiers, the IP of the machine client and identifier, life
Time, the voucher term of validity into the voucher, and these information are encrypted using the TPM public keys that server is sent, it will encrypt
As a result it is sent collectively to server with being verified information;
After 7 servers receive credible authority, the credible authority is decrypted using the TPM private keys of oneself, and saves it in this
Ground.At this point, the trusted status of both sides to be verified, can carry out following step, otherwise directly disconnect.
3rd step:Negotiating algorithm.
Due to the flexibility of SSH designs, there are many kinds of the algorithm species that SSH can consult at present, for example, data encryption is calculated
Method, Diffie-Hellman, compression algorithm, authentication algorithm and integrity check algorithm etc..Client and server will be certainly
The algorithm list that oneself supports is sent to opposite end, the first algorithm of each algorithm types list is preference algorithm, and server with
The algorithm priority of client is as consideration.If a certain algorithm types of both sides do not have common algorithm, then this time session will
It terminates.
The present embodiment is to complete key agreement using the rear quantum authentication Diffie-Hellman based on R-LWE, therefore sets
Put the preference algorithm that the rear quantum authentication Diffie-Hellman based on R-LWE is key agreement.
4th step:Key agreement.
Entire key exchange process is broadly divided into three steps, exchanges data twice, flow can refer to Fig. 3.
In order to facilitate the whole process that description key exchanges, parameter is defined as follows:
N is security parameter, and n must be 2 exponential, function f (x)=xn+1;
Q is an odd prime, defines q=2w(logn);
Definition R=Z [x]/<f(x)>, it is a ring of all polynomial module f (x) on Z [x], similarly defines Rq=Zq
[x]/<f(x)>。
Function H1Definition such as formula (1-1) shown in:
By formula (1-1) it can be seen that function H1Effect be to arrive a character string mapsOn one sampling knot
Fruit χγ, wherein γ is an arithmetic number.The definition of function H is H:{0,1}*→{0,1}k, it is key-function, generally
Hash function uses different hash functions, it is possible to obtain the key of not isotopic number.
It is the whole process that key exchange is discussed in detail below:
1 client firstly generates the public and private key pair of oneself:It is α Gaussian Profiles χ from the first parameterαUpper stochastical sampling is led to
It crosses and s is calculatedcAnd ec, then calculate pc=asc+2ec, by s after calculating successfullycAnd pcRespectively as oneself private key and public affairs
Key, i.e. client private key scWith client public key pc, and the two is all stored in local.Here it will be understood that this implementation
Example achievees the purpose that resist quantum computer attack using Gaussian Profile, and following each calculation formula is corresponding with Gaussian Profile.
What 2 servers carried out first is also to generate the public and private key pair of oneself:It is α from first parameter identical with client
Gaussian Profile χαSimultaneously s is calculated in upper stochastical samplingsAnd es, and calculate ps=ass+2es, by s after calculating successfullysAnd psRespectively
As oneself private key and public key, i.e. privacy key ssWith server public key ps, and by the two and it is stored in local.This stage
It can be carried out at the same time with client.
3 clients are successfully generated the public and private key of oneself to rear, from the Gaussian Profile χ that the second parameter is ββIt is upper random multiple
R is calculated in samplingcAnd fc, calculate client interim conversation public key x=arc+2fc, it is finally that result of calculation, that is, client is interim
Session public key x and client public key pcServer is sent to together.And the public and private key of oneself has been calculated to rear entrance in server
Loitering phase.
After 4 servers receive the data that client sends over, the client public key p that first sends over clientc
It is compared with the local data base of oneself, verifies the identity of client host.If the client is not present in local data base
Corresponding client public key pc, explanation is to connect for the first time, then by client public key pc, IP and client name be saved in this
In ground database.Under normal conditions, there is no identity not by possibility, for the first time connection only need the number that other side is sended over
According to preservation, connection is then proceeded to.
If it does, and after client identity is verified, similarly in the Gaussian Profile χ that the second parameter is ββOn with
Machine samples and r is calculateds、fsAnd gs, calculation server interim conversation public key y=ars+2fs。
Simultaneously according to formula (1-2) calculation server interim conversation variable ks:
ks=(pcc+x)(ssd+rs)+2gs (1-2)
Wherein:Client vector c=H1(client, server, x), server vector d=H1(server,client,y,
X), interim conversation variable has been merely the temporary public key that just generates of this time session, is just automatically deleted after conversation end, with guarantee compared with
High security.
Then, server is to eliminate mistake, and preferably calculating interim conversation according to formula (1-3) disappears wrong variable w.
W=Cha (ks) (1-3)
Wherein:Cha () is characterized correlation function, is defined as follows:
If qmod2n=1,Unit matrixThen defined feature closes
Join function Cha () calculation formula such as shown in (1-4):
Wherein:v∈Mq, i.e. v is MqIn element.
After server successfully calculates these data, by result of calculation (w, y, ps) client is sent to together.Data are sent out
After going out, server by utilizing formula (1-5) calculation server shared key initial seed σs。
σs=Mod2(ks,w) (1-5)
Wherein:Mod2() is 2 function of mould, is defined as follows:
If qmod2n=1,Unit matrixThen define modular function
The calculation formula of Mod2 is such as shown in (1-6):
Mod2(v, w)=(v+w (q-1)/2) modqmod 2 (1-6)
Wherein v ∈ Mq, w ∈ { 0,1 }.For MqIn any one element v, simple computation, that is, provable u=can be passed through
V+Cha (v) (q-1)/2mod q are the elements in E.
Here it will be understood that although shared key initial seed can be considered as being total to of finally consulting to a certain extent
Key is enjoyed, but is in order at security consideration, it may be calculated by attacker according to the information that both sides exchange, so cannot
Shared key is directly used in, first carries out additional processing using hash function here.
Finally, server by utilizing data calculation server shared key calculated above, calculation formula is such as shown in (1-7):
sks=H (client, server, x, y, w, σs) (1-7)
Wherein:H () function is generally hash function, such as SHA256 hash functions.
Server shared key sk at this timesIt is exactly the shared key that cipher key agreement algorithm is finally calculated, to add
The close data subsequently to be transmitted ensure the safety of this session.
5 clients receive data (w, y, the p that server sends overs) after, what is carried out first is authentication, will be serviced
Device public key psIt is compared with the local relevant database of server public key that preserves, if the server is not present in local data base
Relevant information, then by server public key ps, IP and title be stored in local data base.If it does, and authentication
By then from stochastical sampling g on the Gaussian Profile χ β that the second parameter is βc, client interim conversation is calculated according to formula (1-8)
Variable kc:
kc=(psd+y)(scc+rc)+2gc (1-8)
Likewise, define c=H1(client, server, x), d=H1(server,client,y,x)
Finally, client calculates client shared key initial seed σcWith client shared key skc, calculation formula point
Not as shown in formula (1-9) and formula (1-10):
σc=Mod2(kc,w) (1-9)
skc=H (client, server, x, y, w, σc) (1-10)
skcThe as client shared key of client key negotiation phase generation.
Client and server sends SSH2_MSG_ after the shared key of oneself is successfully calculated, to opposite end
NEWKEYS message tells that shared key has generated other side oneself, and so far key agreement phase terminates.It can carry out in next step
Suddenly.
Herein below will first verify above-mentioned calculating process:
From formula (1-7) and formula (1-10), client shared key skcWith server shared key sksCalculating
Function is identical, and function parameter type is essentially identical, only σcAnd σsIt is different, therefore to prove skcAnd sksIt is equal, so that it may
σ is proved to be converted tocAnd σsIt is equal.σcAnd σsCalculation formula be respectively shown in formula (1-11) and formula (1-12):
σc=Mod2(kc,w) (1-11)
σs=Mod2(ks,w) (1-12)
The σ it can be seen from formula (1-11) and formula (1-12)cAnd σsAll it is to use function Mod2(k, v), and function
Second input parameter w be also it is identical, in other words, i.e. σcAnd σsIt is whether equal by first input parameter kcAnd ksTo determine
It is fixed.So judge σcAnd σsWhether equal can be converted to judges kcAnd ksIt is whether identical.Client and server calculates kcWith
ksMethod be respectively shown in formula (1-13) and formula (1-14).
Wherein:And
With reference to formula (1-13) and formula (1-14) andWithIt can obtain formula (1-15):
When, then it is assumed that kiAnd kjIt is equal.Therefore, in practical applications, during Selecting All Parameters, choosing is paid attention to
The parameter taken disclosure satisfy that this condition can ensure kcAnd ksIt is equal.Therefore, simultaneous formula (1-11)-formula (1-15), σcAnd σs
It is equal, therefore skcAnd sksIt is equal.
The security of this Diffie-Hellman depends on the difficulty of R_LWE search type problems.I.e. in R-LWE distributions,
Given aiAnd bi, solve and disclosure satisfy that equation bi=<ai,s>+eiVectorial s be extremely difficult, even if using quantum computer
It is calculated, can only also be solved within the exponential time, and cipher key exchange phase need not support other authentications
Under conditions of algorithm, the authentication to communicating pair is also completed, prevents man-in-the-middle attack, improve the peace of SSH transport layers
Quan Xing.
In addition, SSH supports multiple encryption algorithms, such as DES, 3DES, AES etc., the required key of these Encryption Algorithm
Digit is different, and is exactly not necessarily 256, but the shared key ultimately generated in such as this programme is fixed 256, that
In order to use the key well, it is necessary to continue with this shared key.Compare when required key is less than 256
It is convenient, it is only necessary to take out the required digit in front, such as Encryption Algorithm needs 128 keys, then to take out shared close
Preceding 128 data of key are as encryption key.But when required key is more than 256, it is necessary to carry out additional
Computing.Specific computational methods are such as shown in (1-16)-(1-18):
k1=SHA256 (sk | | session_id) (1-16)
k2=SHA256 (sk | | k1) (1-17)
k3=SHA256 (sk | | k1||k2) (1-18)
When the key of needs is more than 256, k is calculated according to formula (1-16)1, encryption key K=sk | | k1;
Key if necessary is more than 512, then calculates k according to formula (1-17)2, encryption key K=sk | | k1||k2;
If desired key length according to formula (1-17) calculate or it is inadequate, then according to formula (1-18) calculate k3, add
Key K=sk | | k1||k2||k3。
And so on, until lengthening key according to the method described above until the key length needed.
In this way, after client and server successfully calculates shared key, respectively by the version number of the two, shared close
The information such as key calculate the ID of this session as the input of cryptographic Hash, which will no longer during current entire session
Change.Calculation formula is such as shown in (1-19):
Hash=SHA256 (C_V | | S_V | | pc||y||w||ps||x||sk) (1-19)
Wherein C_V and S_V is respectively version number's character string of client and server, and sk is shared key, | | for connection
Symbol.
5th step:User authentication.
After successful negotiation goes out shared key, both sides enter authentication phase.Client transmission user authentication, which please arrive, first asks
After server receives the request, the authentication mode list of oneself support is returned to client, while checks oneself to recognizing for server
The configuration information of card time-out and the certification number upper limit.It is first that subsequent client selects oneself from the authentication list that server is supported
Then the required information of the authentication mode is sent to server and is authenticated by the authentication method of choosing, if certification success, double
Side enters next stage.Otherwise, disconnect.
SSH mainly supports two kinds of authentication modes:The authentication mode of Intrusion Detection based on host and the authentication mode based on password.But by
The identity of client and server has been authenticated in key agreement part, therefore, the user authentication mode in this stage
No longer suggest the authentication mode using Intrusion Detection based on host, it is recommended to use the authentication mode based on password, because so not only completing
Authentication to communication host, additionally it is possible to be authenticated to the identity for using user, further improve the security intensity of communication.
6th step:Request connection.
After certification success, client then sends session request, and server is handled in time after receiving client request.Meeting
Words request includes following a few classes:Pseudo-terminal is asked, shel l is opened, performs order, start X forwardings, start TCP/IP ports turn
Hair, application compressed data start authentication proxy etc..
To sum up, it should be exchanged based on rear quantum key and realize that the method for SSH agreements is provided one kind and recognized based on quantum after R-LWE
Demonstrate,prove the trusted SSH improved method of Diffie-Hellman:When client and server is remotely connected using SSH, Shuan Fangxian
The information such as the protocol version of oneself, software version number are sent to opposite end and carry out version negotiation.After version negotiation success, both sides
Credible proof request is sent to opposite end and verify the trusted status of other side respectively, after the trusted status of both sides is verified,
Both sides start negotiating algorithm and key agreement.Key agreement phase both sides up-sample from the discrete Gaussian Profile of same parameters,
The public and private key pair and other required intermediate variables of oneself are calculated, afterwards by the public key of oneself and other data sendings extremely
Opposite end, completes authentication and the generation of shared key, this shared key are generated by rear quantum algorithm, can resist quantum and attack
It hits, improves the security of key agreement phase, prevent shared key from being cracked by third party.After shared key generation, both sides utilize
The data to be transmitted after the encryption of this key, complete user authentication and connection request part.
As it can be seen that the method for realizing SSH agreements should be exchanged based on rear quantum key, by utilizing base in the SSH transport layer stages
The scheme of SSH is improved in the rear quantum authentication Diffie-Hellman and reliable computing technology of R-LWE, first with trust computing
Technology verifies the trusted status of communicating pair, to prevent that wherein a side may be by hacker attack and another before SSH negotiating algorithms
Secondly the situation that one side does not know completely completes key agreement and body using the rear quantum authentication Diffie-Hellman based on R-LWE
Part certification, is then finally completed remote security service process using the shared key negotiated to Data Encryption Transmission.So as to,
Rear quantum authentication Diffie-Hellman based on R-LWE and reliable computing technology are integrated into SSH agreements, simplify SSH keys
Negotiation phase, raising establish connection speed, prevent shared key from being cracked by quantum computer, promote SSH resistance quantum calculations and attack
The ability hit.The trusted status of host is demonstrated simultaneously, improves SSH secure sessions, has been greatly reduced one side's quilt of communication
The possibility that the opposing party illegally controls.
Embodiment 2:
A kind of system for being exchanged based on rear quantum key and realizing SSH agreements is present embodiments provided, can effectively prevent communication
Client and server generation shared key broken through by quantum computer;On the other hand it is possible to verify that client and service
The trusted status of two side of device.
This is exchanged based on rear quantum key realizes that the system of SSH agreements includes key exchange module, key exchange module bag
First key unit, the second cipher key unit and the first authentication unit, the second authentication unit are included, wherein:
First key unit, positioned at server, for completing following function:
From stochastical sampling in the Gaussian Profile of the first parameter, the public and private key pair of calculation server;
After the first authentication unit is by the authentication of client, from adopting at random in the Gaussian Profile of the second parameter
Sample, calculation server interim conversation public key;
According to client interim conversation public key, client vector, client staging server vector and server the
Stochastical sampling in the Gaussian Profile of one parameter and the second parameter, calculation server interim conversation variable and interim conversation disappear mistake
Variable;
It is and initial according to server interim conversation variable and the interim conversation wrong variable calculation server shared key that disappears
Seed;
According to client vector, server vector, client interim conversation public key, server interim conversation public key, interim
Session disappears wrong variable and server shared key initial seed, and the final server that this session is generated using rear quantum algorithm is total to
Enjoy key;
First authentication unit, positioned at server, for receiving client public key and client interim conversation public key, to client
End carries out authentication, if verification cannot be by, otherwise direct break link is carried out subsequent authentication by server;
Second cipher key unit, positioned at client, for completing following function:
From stochastical sampling in the Gaussian Profile of the first parameter, the public and private key pair of client is calculated;
From stochastical sampling in the Gaussian Profile of the second parameter, client interim conversation public key is calculated, and by client public key
Server is sent to client interim conversation public key;
After the second authentication unit is by the authentication of server, according to client interim conversation public key, client to
Amount, server vector, server interim conversation public key and client are in the Gaussian Profile of the first parameter and the second parameter
Stochastical sampling, calculates client interim conversation variable, and then is disappeared wrong become according to client interim conversation variable and interim conversation
Amount calculates client shared key initial seed;
And according to client vector, server vector, client interim conversation public key, server interim conversation public key,
Interim conversation disappears wrong variable and client shared key initial seed, and the final service of this session is generated using rear quantum algorithm
Device shared key;
Second authentication unit, positioned at client, for carrying out authentication to server according to server public key, if tested
Card cannot be by terminating key and exchanging, otherwise carry out subsequent authentication.
In first key unit:
Server interim conversation public key ksFor:
ks=(pcc+x)(ssd+rs)+2gs
Wherein:
C=H1(client, server, x) is client vector;
X=arc+2fc, it is client interim conversation public key;
rciAnd fciThe Gaussian Profile χ for being β from the second parameter for clientβOn stochastical sampling value, q is positive integer (such as q
=5);
D=H1(server, client, y, x) is server vector;
Y=ars+2fs, it is server interim conversation public key;
rsi, fsi, gsiThe Gaussian Profile χ for being β from the second parameter for serverβOn stochastical sampling value, q be positive integer (example
Such as q=5);
pc=asc+2ec, it is client public key;
sciAnd eciFor client from the first parameter be α Gaussian Profiles χαOn stochastical sampling value, q is positive integer (such as q=
5), scStill it is client private key;
And the interim conversation wrong variable w that disappears is:
W=Cha (ks)
Wherein:Cha () is characterized correlation function;
According to (w, y, ps), server shared key initial seed σsFor:
σs=Mod2(ks,w)
Wherein:Mod2() be 2 function of mould, Mod2(v, w)=(v+w (q-1)/2) modqmod 2, qmod2n=1,Unit matrixv∈Mq, w ∈ { 0,1 };
Server shared key sksFor:
sks=H (client, server, x, y, w, σs)。
In the second cipher key unit,
Client interim conversation variable kcFor:
kc=(psd+y)(scc+rc)+2gc
Wherein:
gciThe Gaussian Profile χ for being β from the second parameter for serverβOn stochastical sampling value, q is positive integer (such as q=
5);
ps=ass+2es, it is server public key;
ssiAnd esiFor server from the first parameter be α Gaussian Profiles χαOn stochastical sampling value, q is positive integer (such as q=
5), ssStill it is privacy key;
And according to (w, y, ps), client shared key initial seed σcFor:
σc=Mod2(kc,w)
Wherein:Mod2() be 2 function of mould, Mod2(v, w)=(v+w (q-1)/2) modqmod 2, qmod2n=1,Unit matrixv∈Mq, w ∈ { 0,1 };
Client shared key skcFor:
skc=H (client, server, x, y, w, σc)。
Preferably, it should be exchanged based on rear quantum key and realize that the system of SSH agreements further includes verification trusted module, to test
The trusted status of communicating pair is demonstrate,proved, due to adding verification trusted module, then just need built in each communication host of requirement
TPM (Trusted Platform Module, credible platform module) chip.Verify that trusted module includes the positioned at server
One untrusted location and the second untrusted location positioned at client, for completing following function:
Second untrusted location sends the request of verification client trusted status to the first untrusted location;
After first untrusted location receives the request of client, the first random number of random generation one M is random by first
To the second untrusted location, wherein M is natural number for the request of itself trusted status of number with verification;
Second untrusted location receives the second random number that the first random number generates one M with after checking request, corresponding to, so
Backward TPM requests integrity measurement, and the first random number and configuration register value, metrics logs SML are encrypted, encryption is tied
Fruit, the second random number and TPM public keys are sent collectively to the first untrusted location;
After first untrusted location receives data, judge whether this client is first client for asking to establish SSH connections
End, if so, check it is local with the presence or absence of trusted voucher, if local there are trusted voucher and the trusted voucher is still effective
In phase, then directly carry out in next step;Otherwise, then need first to the machine trusted request integrity measurement, then by the second random number
Configuration register value, metrics logs SML encryptions with oneself, the second credible list is sent collectively to by encrypted result and TPM public keys
Member;
The trusted status for the data verification client that first untrusted location sends according to the second untrusted location, if verification is logical
Cross, generation trust authentication by voucher, the voucher include client ip, client unique identifier, local server IP with
Identifier, the time for generating the voucher, the voucher term of validity, and be encrypted using the TPM public keys that client is sent, encryption is tied
Fruit is sent collectively to client with being verified information;
After client receives data, the trusted status of authentication server, if the verification passes after, the second untrusted location is similary
A trusted voucher is generated, content includes server ip, server unique identifiers, the IP of the machine client and identifier, life
Time, the voucher term of validity into the voucher, and be encrypted using the TPM public keys that server is sent, by encrypted result and verification
First untrusted location is sent collectively to by information;
After first untrusted location receives credible authority, the credible authority is decrypted using the TPM private keys of oneself, and is preserved
In local, so then the trusted status of both sides to be verified, otherwise directly disconnects.
The trusted SSH agreement improved method based on rear quantum key exchange algorithm of the present embodiment, when user uses improvement
When SSH agreements afterwards carry out telnet server, whether SSH is credible by the host for first verifying that communicating pair, then sharp again
Recognized with rear quantum key exchange algorithm to complete key agreement phase between client and remote server and both sides' identity
Card stage, these processes user need not be concerned about bottom layer realization principle, without the login method before change.This method is not only used
The family transparency is strong, and speed is fast, and algorithm is simply readily understood, additionally it is possible on the premise of original SSH Telnets security is not reduced,
Credible proof and rear quantum computer function are provided, further enhance the security of SSH.
It is understood that the principle that embodiment of above is intended to be merely illustrative of the present and the exemplary implementation that uses
Mode, however the present invention is not limited thereto.For those skilled in the art, the essence of the present invention is not being departed from
In the case of refreshing and essence, various changes and modifications can be made therein, these variations and modifications are also considered as protection scope of the present invention.
Claims (10)
1. a kind of exchange the method for realizing SSH agreements based on rear quantum key, including cipher key exchange step, which is characterized in that close
Key exchange step includes:
Client and server from stochastical sampling in the Gaussian Profile of the first parameter, calculate respectively client public and private key pair and
The public and private key pair of server;
Client calculates client interim conversation public key from stochastical sampling in the Gaussian Profile of the second parameter, and client is public
Key and client interim conversation public key are sent to server;
Server receives client public key and client interim conversation public key, and authentication is carried out to client, if verification is not
Can be by, otherwise server carries out direct break link in next step;
Stochastical sampling from the Gaussian Profile of the second parameter, calculation server interim conversation public key;
Server according to client interim conversation public key, client vector, server interim conversation public key, server vector, with
And stochastical sampling of the server in the Gaussian Profile of the first parameter and the second parameter, calculation server interim conversation variable and
Interim conversation disappears wrong variable, and then is shared according to server interim conversation variable and the interim conversation wrong variable calculation server that disappears
Key initial seed;
Server according to client vector, server vector, client interim conversation public key, server interim conversation public key, face
When session disappear wrong variable and server shared key initial seed, the final server of this session is generated using rear quantum algorithm
Shared key;
Client carries out authentication according to server public key to server;
Client by the authentication of server, according to client interim conversation public key, client vector, server vector,
The stochastical sampling of server interim conversation public key and client in the Gaussian Profile of the first parameter and the second parameter calculates
Client interim conversation variable, and then calculate client according to disappear wrong variable of client interim conversation variable and interim conversation and be total to
Enjoy key initial seed;
Client according to client vector, server vector, client interim conversation public key, server interim conversation public key, face
When session disappear wrong variable and client shared key initial seed, the End-Customer end of this session is generated using rear quantum algorithm
Shared key;
Server or any authentication of client cannot be by the way that then key, which exchanges, terminates.
2. according to claim 1 exchange the method for realizing SSH agreements based on rear quantum key, which is characterized in that service
Device interim conversation public key ksFor:
ks=(pcc+x)(ssd+rs)+2gs
Wherein:
C=H1(client, server, x) is client vector;
X=arc+2fc, it is client interim conversation public key;
rciAnd fciThe Gaussian Profile χ for being β from the second parameter for clientβOn stochastical sampling value, q is positive integer;
D=H1(server, client, y, x) is server vector;
Y=ars+2fs, it is server interim conversation public key;
rsi, fsi, gsiThe Gaussian Profile χ for being β from the second parameter for serverβOn stochastical sampling value, q is positive integer;
pc=asc+2ec, it is client public key;
sciAnd eciFor client from the first parameter be α Gaussian Profiles χαOn stochastical sampling value, q is positive integer, scStill it is client
Hold private key;
And the interim conversation wrong variable w that disappears is:
W=Cha (ks)
Wherein:Cha () is characterized correlation function.
3. according to claim 2 exchange the method for realizing SSH agreements based on rear quantum key, which is characterized in that according to
(w,y,ps), server shared key initial seed σsFor:
σs=Mod2(ks,w)
Wherein:Mod2() be 2 function of mould, Mod2(v, w)=(v+w (q-1)/2) modqmod 2, qmod2n=1,Unit matrixv∈Mq, w ∈ { 0,1 };
Server shared key sksFor:
sks=H (client, server, x, y, w, σs)。
4. according to claim 2 exchange the method for realizing SSH agreements based on rear quantum key, which is characterized in that client
Hold interim conversation variable kcFor:
kc=(psd+y)(scc+rc)+2gc
Wherein:
gciThe Gaussian Profile χ for being β from the second parameter for serverβOn stochastical sampling value, q is positive integer;
ps=ass+2es, it is server public key;
ssiAnd esiFor server from the first parameter be α Gaussian Profiles χαOn stochastical sampling value, q is positive integer, ssIt is still service
Device private key.
5. according to claim 4 exchange the method for realizing SSH agreements based on rear quantum key, which is characterized in that according to
(w,y,ps), client shared key initial seed σcFor:
σc=Mod2(kc,w)
Wherein:Mod2() be 2 function of mould, Mod2(v, w)=(v+w (q-1)/2) modqmod 2, qmod2n=1,Unit matrixv∈Mq, w ∈ { 0,1 };
Client shared key skcFor:
skc=H (client, server, x, y, w, σc)。
6. exchanging the method for realizing SSH agreements based on rear quantum key according to claim 1-5 any one of them, feature exists
In before cipher key exchange step, further including:The step of trusted status of verification communicating pair, it is:
The request of verification client trusted status is sent to server;
After server receives the request of client, the first random number of random generation one M, by the first random number with verification certainly
To client, wherein M is natural number for the request of body trusted status;
Client receives the first random number and after checking request, then corresponding the second random number for generating one M is asked to credible
Integrity measurement is sought, and the first random number and configuration register value, metrics logs SML are encrypted, by encrypted result, second at random
Number and TPM public keys are sent collectively to server;
After server receives data, judge whether this client is first client for asking to establish SSH connections, if so,
Check it is local with the presence or absence of trusted voucher, if it is local there are trusted voucher and the trusted vouchers still before the deadline, directly
Tap into row in next step;Otherwise, then need first to the machine trusted request integrity measurement, then by the second random number and oneself match somebody with somebody
Register value, metrics logs SML encryptions are put, encrypted result and TPM public keys are sent collectively to client;
The trusted status for the data verification client that server is sent according to client if the verification passes, generates trust authentication
By voucher, the voucher include client ip, client unique identifier, the IP of local server and identifier, generation this with
The time of card, the voucher term of validity, and be encrypted using the TPM public keys that client is sent, by encrypted result and it is verified letter
Breath is sent collectively to client;
After client receives data, the trusted status of authentication server, if the verification passes after, client similarly generates one can
Believe voucher, content includes server ip, server unique identifiers, the IP of the machine client and identifier, generates the voucher
Time, the voucher term of validity, and be encrypted using the TPM public keys that server is sent, by encrypted result and it is verified information one
It rises and is sent to server;
After server receives credible authority, the credible authority is decrypted using the TPM private keys of oneself, and saves it in local, such as
Otherwise the trusted status of this then both sides directly disconnects to be verified.
7. a kind of exchange the system for realizing SSH agreements based on rear quantum key, including key exchange module, which is characterized in that institute
Stating key exchange module includes first key unit, the second cipher key unit and the first authentication unit, the second authentication unit, wherein:
The first key unit, positioned at server, for completing following function:
From stochastical sampling in the Gaussian Profile of the first parameter, the public and private key pair of calculation server;
After first authentication unit is by the authentication of client, from adopting at random in the Gaussian Profile of the second parameter
Sample, calculation server interim conversation public key;
According to client interim conversation public key, client vector, client staging server vector and server in the first ginseng
Stochastical sampling in the Gaussian Profiles of number and the second parameter, calculation server interim conversation variable and interim conversation disappear wrong become
Amount;
And disappeared wrong initial kind of variable calculation server shared key according to server interim conversation variable and interim conversation
Son;
According to client vector, server vector, client interim conversation public key, server interim conversation public key, interim conversation
Disappear wrong variable and server shared key initial seed, using rear quantum algorithm generate this session final server share it is close
Key;
First authentication unit, positioned at server, for receiving client public key and client interim conversation public key, to client
End carries out authentication, if verification cannot be by, otherwise direct break link is carried out subsequent authentication by server;
Second cipher key unit, positioned at client, for completing following function:
From stochastical sampling in the Gaussian Profile of the first parameter, the public and private key pair of client is calculated;
From stochastical sampling in the Gaussian Profile of the second parameter, client interim conversation public key is calculated, and by client public key and visitor
Family end interim conversation public key is sent to server;
After second authentication unit is by the authentication of server, according to client interim conversation public key, client to
Amount, server vector, server interim conversation public key and client are in the Gaussian Profile of the first parameter and the second parameter
Stochastical sampling, calculates client interim conversation variable, and then is disappeared wrong become according to client interim conversation variable and interim conversation
Amount calculates client shared key initial seed;
And according to client vector, server vector, client interim conversation public key, server interim conversation public key, interim
Session disappears wrong variable and client shared key initial seed, and the final server that this session is generated using rear quantum algorithm is total to
Enjoy key;
Second authentication unit, positioned at client, for carrying out authentication to server according to server public key, if tested
Card cannot be by terminating key and exchanging, otherwise carry out subsequent authentication.
8. according to claim 7 exchange the system for realizing SSH agreements based on rear quantum key, which is characterized in that in institute
It states in first key unit:
Server interim conversation public key ksFor:
ks=(pcc+x)(ssd+rs)+2gs
Wherein:
C=H1(client, server, x) is client vector;
X=arc+2fc, it is client interim conversation public key;
rciAnd fciThe Gaussian Profile χ for being β from the second parameter for clientβOn stochastical sampling value, q is positive integer;
D=H1(server, client, y, x) is server vector;
Y=ars+2fs, it is server interim conversation public key;
rsi, fsi, gsiThe Gaussian Profile χ for being β from the second parameter for serverβOn stochastical sampling value, q is positive integer;
pc=asc+2ec, it is client public key;
sciAnd eciFor client from the first parameter be α Gaussian Profiles χαOn stochastical sampling value, q is positive integer, scStill it is client
Hold private key;
And the interim conversation wrong variable w that disappears is:
W=Cha (ks)
Wherein:Cha () is characterized correlation function;
According to (w, y, ps), server shared key initial seed σsFor:
σs=Mod2(ks,w)
Wherein:Mod2() be 2 function of mould, Mod2(v, w)=(v+w (q-1)/2) modqmod 2, qmod2n=1,Unit matrixv∈Mq, w ∈ { 0,1 };
Server shared key sksFor:
sks=H (client, server, x, y, w, σs)。
9. according to claim 8 exchange the system for realizing SSH agreements based on rear quantum key, which is characterized in that in institute
It states in the second cipher key unit,
Client interim conversation variable kcFor:
kc=(psd+y)(scc+rc)+2gc
Wherein:
gciThe Gaussian Profile χ for being β from the second parameter for serverβOn stochastical sampling value, q is positive integer;
ps=ass+2es, it is server public key;
ssiAnd esiFor server from the first parameter be α Gaussian Profiles χαOn stochastical sampling value, q is positive integer, ssIt is still service
Device private key;
And according to (w, y, ps), client shared key initial seed σcFor:
σc=Mod2(kc,w)
Wherein:Mod2() be 2 function of mould, Mod2(v, w)=(v+w (q-1)/2) modqmod 2, qmod2n=1,Unit matrixv∈Mq, w ∈ { 0,1 };
Client shared key skcFor:
skc=H (client, server, x, y, w, σc)。
10. the system for realizing SSH agreements, feature are exchanged based on rear quantum key according to claim 7-9 any one of them
It is, further includes verification trusted module, to verify the trusted status of communicating pair, the verification trusted module includes being located at service
First untrusted location of device and the second untrusted location positioned at client, for completing following function:
Second untrusted location sends the request of verification client trusted status to first untrusted location;
After first untrusted location receives the request of client, the first random number of random generation one M is random by first
To second untrusted location, wherein M is natural number for the request of itself trusted status of number with verification;
Second untrusted location receives the second random number that the first random number generates one M with after checking request, corresponding to, so
Backward TPM requests integrity measurement, and the first random number and configuration register value, metrics logs SML are encrypted, encryption is tied
Fruit, the second random number and TPM public keys are sent collectively to first untrusted location;
After first untrusted location receives data, judge whether this client is first client for asking to establish SSH connections
End, if so, check it is local with the presence or absence of trusted voucher, if local there are trusted voucher and the trusted voucher is still effective
In phase, then directly carry out in next step;Otherwise, then need first to the machine trusted request integrity measurement, then by the second random number
Configuration register value, metrics logs SML encryptions with oneself, encrypted result and TPM public keys are sent collectively to described second can
Believe unit;
The trusted status for the data verification client that first untrusted location sends according to second untrusted location, if tested
Card passes through, and by voucher, which includes client ip, client unique identifier, local server for generation trust authentication
IP and identifier, the time for generating the voucher, the voucher term of validity, and be encrypted using the TPM public keys that client is sent, it will add
Close result is sent collectively to client with being verified information;
After client receives data, the trusted status of authentication server, if the verification passes after, second untrusted location is similary
A trusted voucher is generated, content includes server ip, server unique identifiers, the IP of the machine client and identifier, life
Time, the voucher term of validity into the voucher, and be encrypted using the TPM public keys that server is sent, by encrypted result and verification
First untrusted location is sent collectively to by information;
After first untrusted location receives credible authority, the credible authority is decrypted using the TPM private keys of oneself, and is preserved
In local, so then the trusted status of both sides to be verified, otherwise directly disconnects.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711326036.9A CN108111301B (en) | 2017-12-13 | 2017-12-13 | Method and system for realizing SSH protocol based on post-quantum key exchange |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711326036.9A CN108111301B (en) | 2017-12-13 | 2017-12-13 | Method and system for realizing SSH protocol based on post-quantum key exchange |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108111301A true CN108111301A (en) | 2018-06-01 |
| CN108111301B CN108111301B (en) | 2021-06-15 |
Family
ID=62216657
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711326036.9A Active CN108111301B (en) | 2017-12-13 | 2017-12-13 | Method and system for realizing SSH protocol based on post-quantum key exchange |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108111301B (en) |
Cited By (26)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108964890A (en) * | 2018-06-15 | 2018-12-07 | 南京南瑞国盾量子技术有限公司 | Based on tree-shaped identifiable multi-party quantum key distribution method layered |
| CN109101811A (en) * | 2018-08-10 | 2018-12-28 | 成都安恒信息技术有限公司 | A kind of O&M and auditing method of the controllable Oracle session based on the tunnel SSH |
| CN109617686A (en) * | 2019-01-10 | 2019-04-12 | 江苏理工学院 | A kind of improved Key Exchange Protocol algorithm based on lattice |
| CN109756500A (en) * | 2019-01-11 | 2019-05-14 | 如般量子科技有限公司 | Anti- quantum calculation https traffic method and system based on multiple unsymmetrical key ponds |
| CN110808829A (en) * | 2019-09-27 | 2020-02-18 | 国电南瑞科技股份有限公司 | SSH authentication method based on key distribution center |
| CN111464289A (en) * | 2020-01-13 | 2020-07-28 | 华中科技大学 | Implementation method and application of post-quantum key exchange protocol |
| CN111800467A (en) * | 2020-06-04 | 2020-10-20 | 河南信大网御科技有限公司 | Remote synchronous communication method, data interaction method, equipment and readable storage medium |
| CN111970270A (en) * | 2020-08-14 | 2020-11-20 | 山东省计算中心(国家超级计算济南中心) | SIP security authentication method and system based on-loop error learning problem |
| CN113094721A (en) * | 2021-03-16 | 2021-07-09 | 中国科学院信息工程研究所 | Post-quantum password authentication key exchange method based on modular error learning |
| CN113141327A (en) * | 2020-01-02 | 2021-07-20 | 中国移动通信有限公司研究院 | Information processing method, device and equipment |
| US11240014B1 (en) | 2019-09-10 | 2022-02-01 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| CN114024676A (en) * | 2022-01-05 | 2022-02-08 | 华中科技大学 | Post-quantum encryption and decryption method, system, equipment and medium based on identity identification |
| US11258617B1 (en) * | 2020-12-04 | 2022-02-22 | Salesforce.Com, Inc. | Device identity using key agreement |
| CN114095229A (en) * | 2021-11-15 | 2022-02-25 | 中国电力科学研究院有限公司 | Method, device and system for constructing data transmission protocol of energy Internet |
| CN114124496A (en) * | 2021-11-12 | 2022-03-01 | 福州汇思博信息技术有限公司 | SSH remote login method based on server issued key and server |
| CN114143031A (en) * | 2021-11-01 | 2022-03-04 | 北京银盾泰安网络科技有限公司 | Remote encryption platform based on Web and SSH and encryption method thereof |
| US11322050B1 (en) | 2020-01-30 | 2022-05-03 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| US11343270B1 (en) | 2019-09-10 | 2022-05-24 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| CN114629646A (en) * | 2022-05-06 | 2022-06-14 | 确信信息股份有限公司 | Safe transmission method and system based on mixed quantum key encapsulation and negotiation |
| CN114765531A (en) * | 2020-12-30 | 2022-07-19 | 科大国盾量子技术股份有限公司 | Authentication method, quantum key calling method, device and quantum cryptography network |
| US11449799B1 (en) | 2020-01-30 | 2022-09-20 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| US11477016B1 (en) | 2019-09-10 | 2022-10-18 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| US11533175B1 (en) | 2020-01-30 | 2022-12-20 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography on a smartcard |
| US11626983B1 (en) | 2019-09-10 | 2023-04-11 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| CN110176991B (en) * | 2019-05-15 | 2023-09-05 | 如般量子科技有限公司 | Anti-quantum computing application system near field energy-saving communication method and system based on signcryption, and computer equipment |
| US11838410B1 (en) | 2020-01-30 | 2023-12-05 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101741842A (en) * | 2009-12-07 | 2010-06-16 | 北京交通大学 | Method for realizing dependable SSH based on dependable computing |
| CN101789939A (en) * | 2010-01-25 | 2010-07-28 | 北京交通大学 | Effective realization method for credible OpenSSH |
| US20170048213A1 (en) * | 2015-03-27 | 2017-02-16 | International Business Machines Corporation | Runtime instantiation of broadcast encryption schemes |
-
2017
- 2017-12-13 CN CN201711326036.9A patent/CN108111301B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101741842A (en) * | 2009-12-07 | 2010-06-16 | 北京交通大学 | Method for realizing dependable SSH based on dependable computing |
| CN101789939A (en) * | 2010-01-25 | 2010-07-28 | 北京交通大学 | Effective realization method for credible OpenSSH |
| US20170048213A1 (en) * | 2015-03-27 | 2017-02-16 | International Business Machines Corporation | Runtime instantiation of broadcast encryption schemes |
Non-Patent Citations (2)
| Title |
|---|
| 刘伟: "基于抗量子密钥交换协议的SSH协议的研究与实现", 《中国优秀硕士学位论文全文数据库,信息科技辑》 * |
| 张亚奇: "可信SSH协议的设计与实现", 《中国优秀硕士学位论文全文数据库,信息科技辑》 * |
Cited By (41)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108964890B (en) * | 2018-06-15 | 2021-06-04 | 南京南瑞国盾量子技术有限公司 | Authenticable multi-party quantum key distribution method based on tree type hierarchical structure |
| CN108964890A (en) * | 2018-06-15 | 2018-12-07 | 南京南瑞国盾量子技术有限公司 | Based on tree-shaped identifiable multi-party quantum key distribution method layered |
| CN109101811B (en) * | 2018-08-10 | 2021-10-15 | 成都安恒信息技术有限公司 | Operation, maintenance and audit method of controllable Oracle session based on SSH tunnel |
| CN109101811A (en) * | 2018-08-10 | 2018-12-28 | 成都安恒信息技术有限公司 | A kind of O&M and auditing method of the controllable Oracle session based on the tunnel SSH |
| CN109617686A (en) * | 2019-01-10 | 2019-04-12 | 江苏理工学院 | A kind of improved Key Exchange Protocol algorithm based on lattice |
| CN109756500A (en) * | 2019-01-11 | 2019-05-14 | 如般量子科技有限公司 | Anti- quantum calculation https traffic method and system based on multiple unsymmetrical key ponds |
| CN110176991B (en) * | 2019-05-15 | 2023-09-05 | 如般量子科技有限公司 | Anti-quantum computing application system near field energy-saving communication method and system based on signcryption, and computer equipment |
| US11750378B1 (en) | 2019-09-10 | 2023-09-05 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| US11902431B1 (en) | 2019-09-10 | 2024-02-13 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| US11736281B1 (en) | 2019-09-10 | 2023-08-22 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| US11626983B1 (en) | 2019-09-10 | 2023-04-11 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| US11240014B1 (en) | 2019-09-10 | 2022-02-01 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| US11477016B1 (en) | 2019-09-10 | 2022-10-18 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| US11343270B1 (en) | 2019-09-10 | 2022-05-24 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| CN110808829A (en) * | 2019-09-27 | 2020-02-18 | 国电南瑞科技股份有限公司 | SSH authentication method based on key distribution center |
| CN113141327A (en) * | 2020-01-02 | 2021-07-20 | 中国移动通信有限公司研究院 | Information processing method, device and equipment |
| US11316682B2 (en) | 2020-01-13 | 2022-04-26 | Huazhong University Of Science And Technology | Method for implementation of post-quantum key exchange protocol and application thereof |
| CN111464289A (en) * | 2020-01-13 | 2020-07-28 | 华中科技大学 | Implementation method and application of post-quantum key exchange protocol |
| CN111464289B (en) * | 2020-01-13 | 2021-07-27 | 华中科技大学 | Method, equipment and system for realizing post-quantum key exchange protocol |
| US11449799B1 (en) | 2020-01-30 | 2022-09-20 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| US11838410B1 (en) | 2020-01-30 | 2023-12-05 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| US11322050B1 (en) | 2020-01-30 | 2022-05-03 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| US11727829B1 (en) | 2020-01-30 | 2023-08-15 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| US11533175B1 (en) | 2020-01-30 | 2022-12-20 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography on a smartcard |
| US11727310B1 (en) | 2020-01-30 | 2023-08-15 | Wells Fargo Bank, N.A. | Systems and methods for post-quantum cryptography optimization |
| CN111800467A (en) * | 2020-06-04 | 2020-10-20 | 河南信大网御科技有限公司 | Remote synchronous communication method, data interaction method, equipment and readable storage medium |
| CN111800467B (en) * | 2020-06-04 | 2023-02-14 | 河南信大网御科技有限公司 | Remote synchronous communication method, data interaction method, equipment and readable storage medium |
| CN111970270A (en) * | 2020-08-14 | 2020-11-20 | 山东省计算中心(国家超级计算济南中心) | SIP security authentication method and system based on-loop error learning problem |
| CN111970270B (en) * | 2020-08-14 | 2022-08-02 | 山东省计算中心(国家超级计算济南中心) | SIP security authentication method and system based on-loop error learning problem |
| US11258617B1 (en) * | 2020-12-04 | 2022-02-22 | Salesforce.Com, Inc. | Device identity using key agreement |
| CN114765531A (en) * | 2020-12-30 | 2022-07-19 | 科大国盾量子技术股份有限公司 | Authentication method, quantum key calling method, device and quantum cryptography network |
| CN113094721A (en) * | 2021-03-16 | 2021-07-09 | 中国科学院信息工程研究所 | Post-quantum password authentication key exchange method based on modular error learning |
| CN113094721B (en) * | 2021-03-16 | 2022-06-24 | 中国科学院信息工程研究所 | Post-quantum password authentication key exchange method based on modular error learning |
| CN114143031B (en) * | 2021-11-01 | 2023-07-07 | 北京银盾泰安网络科技有限公司 | Remote encryption platform based on Web and SSH |
| CN114143031A (en) * | 2021-11-01 | 2022-03-04 | 北京银盾泰安网络科技有限公司 | Remote encryption platform based on Web and SSH and encryption method thereof |
| CN114124496A (en) * | 2021-11-12 | 2022-03-01 | 福州汇思博信息技术有限公司 | SSH remote login method based on server issued key and server |
| CN114124496B (en) * | 2021-11-12 | 2023-11-24 | 福建汇思博数字科技有限公司 | SSH remote login method based on server issued key and server |
| CN114095229A (en) * | 2021-11-15 | 2022-02-25 | 中国电力科学研究院有限公司 | Method, device and system for constructing data transmission protocol of energy Internet |
| CN114024676A (en) * | 2022-01-05 | 2022-02-08 | 华中科技大学 | Post-quantum encryption and decryption method, system, equipment and medium based on identity identification |
| CN114024676B (en) * | 2022-01-05 | 2022-03-22 | 华中科技大学 | Post-quantum encryption and decryption method, system, equipment and medium based on identity identification |
| CN114629646A (en) * | 2022-05-06 | 2022-06-14 | 确信信息股份有限公司 | Safe transmission method and system based on mixed quantum key encapsulation and negotiation |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108111301B (en) | 2021-06-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108111301A (en) | The method and its system for realizing SSH agreements are exchanged based on rear quantum key | |
| Halevi et al. | Public-key cryptography and password protocols | |
| CN103763631B (en) | Authentication method, server and television set | |
| CN104023013B (en) | Data transmission method, server side and client | |
| Boyd et al. | Protocols for authentication and key establishment | |
| Li et al. | Applying biometrics to design three‐factor remote user authentication scheme with key agreement | |
| CN110069918B (en) | Efficient double-factor cross-domain authentication method based on block chain technology | |
| CN107948189A (en) | Asymmetric cryptography authentication identifying method, device, computer equipment and storage medium | |
| US9118661B1 (en) | Methods and apparatus for authenticating a user using multi-server one-time passcode verification | |
| CN101902476B (en) | Method for authenticating identity of mobile peer-to-peer user | |
| EP1913728B1 (en) | Total exchange session security | |
| CN111756529B (en) | Quantum session key distribution method and system | |
| CN101860546A (en) | Method for improving SSL handshake protocol | |
| CN107733657A (en) | A kind of high in the clouds is based on PTPM and without CertPubKey signature double factor authentication method | |
| CN113411187B (en) | Identity authentication method and system, storage medium and processor | |
| CN108632042A (en) | A kind of class AKA identity authorization systems and method based on pool of symmetric keys | |
| CN106789032A (en) | The single password tripartite authentication method of privacy sharing between server and mobile device | |
| CN108599926A (en) | A kind of HTTP-Digest modified AKA identity authorization systems and method based on pool of symmetric keys | |
| CN114915396B (en) | Hopping key digital communication encryption system and method based on national encryption algorithm | |
| CN106230840B (en) | A kind of command identifying method of high security | |
| Di Pietro et al. | A two-factor mobile authentication scheme for secure financial transactions | |
| CN108616350A (en) | A kind of HTTP-Digest class AKA identity authorization systems and method based on pool of symmetric keys | |
| CN110866754A (en) | Pure software DPVA (distributed data authentication and privacy infrastructure) identity authentication method based on dynamic password | |
| CN116743372A (en) | Quantum security protocol implementation method and system based on SSL protocol | |
| CN113545004A (en) | Authentication system with reduced attack surface |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |