CN109274485A - A kind of data ciphering method, data authentication method and relevant device and system - Google Patents

A kind of data ciphering method, data authentication method and relevant device and system Download PDF

Info

Publication number
CN109274485A
CN109274485A CN201710581995.9A CN201710581995A CN109274485A CN 109274485 A CN109274485 A CN 109274485A CN 201710581995 A CN201710581995 A CN 201710581995A CN 109274485 A CN109274485 A CN 109274485A
Authority
CN
China
Prior art keywords
data
encrypted
qkd
terminal
certified
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710581995.9A
Other languages
Chinese (zh)
Other versions
CN109274485B (en
Inventor
程节
汤艳琳
赵梅生
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Quantumctek Co Ltd
Anhui Quantum Communication Technology Co Ltd
Original Assignee
Anhui Quantum Communication Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anhui Quantum Communication Technology Co Ltd filed Critical Anhui Quantum Communication Technology Co Ltd
Priority to CN201710581995.9A priority Critical patent/CN109274485B/en
Publication of CN109274485A publication Critical patent/CN109274485A/en
Application granted granted Critical
Publication of CN109274485B publication Critical patent/CN109274485B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Abstract

This application discloses a kind of data ciphering method, data authentication method and relevant device and systems, which comprises determines the number of bits N of be-encrypted data;Determine the number of bits m that encrypted data are carried out to be-encrypted data;The m rank primitive polynomial of LFSR shifting function is chosen, and obtains the initial displacement data of m bit;At least two submatrixs to be encrypted for belonging to matrix to be encrypted and at least two random sub-matrix for belonging to random matrix are handled, to obtain the matrix data after matrix to be encrypted is multiplied with random matrix;Wherein, matrix to be encrypted is 1 column matrix of N row being made of the N-bit position of be-encrypted data, random matrix is the Toeplitz matrix by m+N-1 number of bits according to the m row N column constituted, and m+N-1 number of bits realizes that newly-generated N-1 number of bits evidence is answered in N-1 displacement according to the initial displacement data for including m bit and based on m rank primitive polynomial.The application can be improved the accuracy of data integrity certification.

Description

A kind of data ciphering method, data authentication method and relevant device and system
Technical field
This application involves quantum key distribution technical field more particularly to a kind of data ciphering methods, data authentication method And relevant device and system.
Background technique
Quantum key distribution (Quantum Key Distribution, abbreviation QKD) and classic key system are not It is same to be, carrier of the different quantum states of photon as key is used, which ensure that by quantum-mechanical basic principle Can not eavesdrop, can not the property decoded, to provide a kind of safer key code system.
In QKD system in the specific implementation, to guarantee that its safety needs to consider various possible attacks, a kind of possibility Attack be exactly man-in-the-middle attack, specifically, when listener-in Eve possesses the equipment that can entirely complete QKD agreement, for close Method communicating pair, i.e. QKD terminal Alice and Bob, listener-in Eve can be truncated Alice and issue the communication information of Bob, and emit Filling oneself is Bob, and a shared key oneself is being set up between Alice, meanwhile, Eve can also be truncated Bob and issue The communication information of Alice oneself is setting up another shared key between Bob, in this way, logical between Alice and Bob Interrogate information, so that it may be stolen and be distorted by Eve.
Man-in-the-middle attack in order to prevent, existing QKD data authentication algorithm have CRC32 (32 cyclic redundancy check) verification Algorithm carries out CRC calculating to classic network interaction data using the algorithm, obtains 32bits check value, and Alice, Bob both sides are logical The CRC check value of comparison interaction data is crossed to determine whether interaction data is tampered.But verified using CRC algorithm The collision probability of method, CRC check value is higher, and therefore, listener-in is easy forgery interaction data and CRC check is passed through, cannot Play good data integrity validation function.Experiments verify that calculate CRC check value using random generation data and count, It was found that 18,200,000 data, number of collisions have reached 38638, it is not able to satisfy the demand of QKD terminal data certification.
Summary of the invention
In view of this, the main purpose of the application is to provide a kind of data ciphering method, data authentication method and correlation Equipment and system can be improved the accuracy of data integrity certification.
In a first aspect, this application provides a kind of data ciphering methods, comprising:
Determine the number of bits N of be-encrypted data;
Determine that the number of bits m, m that carry out encrypted data to the be-encrypted data are less than N;
The m rank primitive polynomial for realizing linear feedback shift register LFSR shifting function is chosen, and obtains m bit Initial displacement data;
To at least two submatrixs to be encrypted for belonging to matrix to be encrypted and belong to random matrix it is at least two random Submatrix is handled, to obtain the matrix data after the matrix to be encrypted is multiplied with the random matrix, the matrix function According to being to carry out encrypted data to the be-encrypted data;
Wherein, the matrix to be encrypted is 1 column matrix of N row being made of the N-bit position of the be-encrypted data;It is described with Machine matrix is the Toeplitz matrix by m+N-1 number of bits according to the m row N column constituted, and the m+N-1 number of bits is according to including institute It states the initial displacement data of m bit and realizes that newly-generated N-1 ratio is answered in N-1 displacement based on the m rank primitive polynomial Special position data.
Second aspect, this application provides a kind of data authentication method, the method is applied to a kind of QKD system, described QKD system includes the first QKD terminal and the 2nd QKD terminal communicated by classic network, which comprises
The data ciphering method that the first QKD terminal is provided using above-mentioned first aspect carries out the first data to be certified Encryption;Wherein, the described first data to be certified include in preset period of time the first QKD terminal sent out to the 2nd QKD terminal The first QKD terminal is from the received data of the 2nd QKD terminal in the data and the preset period of time sent;
The data ciphering method that the 2nd QKD terminal is provided using above-mentioned first aspect carries out the second data to be certified Encryption;Wherein, the described second data to be certified include in the preset period of time the 2nd QKD terminal it is whole to the first QKD Hold in the data and the preset period of time that send the 2nd QKD terminal from the received data of the first QKD terminal;
The first QKD terminal according to the cryptographic calculation result of local terminal and the cryptographic calculation of the 2nd QKD terminal as a result, Determine whether the described first data to be certified are tampered;
The 2nd QKD terminal according to the cryptographic calculation result of local terminal and the cryptographic calculation of the first QKD terminal as a result, Determine whether the described second data to be certified are tampered.
The third aspect, this application provides a kind of data encryption equipments, comprising:
Number of bits determination unit, for determining the number of bits N of be-encrypted data, determine to the be-encrypted data into The number of bits m, m of the encrypted data of row are less than N;
Shift parameters acquiring unit, for choosing the m rank basis for realizing linear feedback shift register LFSR shifting function Multinomial, and obtain the initial displacement data of m bit;
Encryption data generation unit, for at least two submatrixs to be encrypted for belonging to matrix to be encrypted and belong to At least two random sub-matrix of machine matrix are handled, to obtain after the matrix to be encrypted is multiplied with the random matrix Matrix data, the matrix data are to carry out encrypted data to the be-encrypted data;Wherein, the matrix to be encrypted is 1 column matrix of N row being made of the N-bit position of the be-encrypted data;The random matrix is by m+N-1 number of bits according to constituting M row N column Toeplitz matrix, the m+N-1 number of bits according to the initial displacement data for including the m bit and Realize that newly-generated N-1 number of bits evidence is answered in N-1 displacement based on the m rank primitive polynomial.
Fourth aspect, this application provides a kind of QKD system, the QKD system includes being communicated by classic network The first QKD terminal and the 2nd QKD terminal;
The first QKD terminal, the data encryption equipment for being provided using the above-mentioned third aspect is to the first number to be certified According to being encrypted;Wherein, the described first data to be certified include in preset period of time the first QKD terminal to the 2nd QKD The first QKD terminal is from the received data of the 2nd QKD terminal in the data and the preset period of time that terminal is sent;
The 2nd QKD terminal, the data encryption equipment for being provided using the above-mentioned third aspect is to the second number to be certified According to being encrypted;Wherein, the described second data to be certified include in the preset period of time the 2nd QKD terminal to described first The 2nd QKD terminal is from the received number of the first QKD terminal in the data and the preset period of time that QKD terminal is sent According to;
The first QKD terminal, for according to the cryptographic calculation result of local terminal and the cryptographic calculation of the 2nd QKD terminal As a result, determining whether first data to be certified are tampered;
The 2nd QKD terminal, for according to the cryptographic calculation result of local terminal and the cryptographic calculation of the first QKD terminal As a result, determining whether second data to be certified are tampered.
This application provides a kind of data ciphering method, data authentication method and relevant device and systems, have used and have belonged to The random sub-matrix of Toeplitz matrix is treated authentication data and is encrypted, and compared with prior art, can reduce number after encryption According to collision rate, to improve the randomness of encrypted data, and then improve the safety of encrypted data, therefore, When carrying out data integrity validation using its encrypted result, the encrypted result of local terminal QKD terminal is transmitted to opposite end QKD terminal In the process, the decrypted risk of encrypted result is reduced, the percent of pass of data authentication is improved.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is the application Some embodiments for those of ordinary skill in the art without creative efforts, can also basis These attached drawings obtain other attached drawings.
Fig. 1 is quantum key distribution system schematic diagram provided by the embodiments of the present application;
Fig. 2 is a kind of flow diagram of data ciphering method provided by the embodiments of the present application;
Fig. 3 is encryption flow schematic diagram provided by the embodiments of the present application;
Fig. 4 is LFSR shifting principle schematic diagram provided by the embodiments of the present application;
Fig. 5 is a kind of flow diagram of data authentication method provided by the embodiments of the present application;
Fig. 6 is a kind of composition schematic diagram of data encryption equipment provided by the embodiments of the present application;
Fig. 7 is a kind of composition schematic diagram of QKD system provided by the embodiments of the present application.
Specific embodiment
To keep the purposes, technical schemes and advantages of the embodiment of the present application clearer, below in conjunction with the embodiment of the present application In attached drawing, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described embodiment is Some embodiments of the present application, instead of all the embodiments.Based on the embodiment in the application, those of ordinary skill in the art Every other embodiment obtained without making creative work, shall fall in the protection scope of this application.
Quantum key distribution system schematic diagram shown in Figure 1, quantum key distribution (Quantum Key Distribution, abbreviation QKD) two QKD terminal Alice and Bob in system, for generating identical quantum key.Tool Body, primary key data are sent to Bob by quantum channel by Alice, and later, Alice and Bob are carried out using classical channel Communication, the extraction consistent data of basic vector are from primary key data to complete data screening, key Sifted after being screened Key reuses error correction algorithm, has the Sifted Key negotiation of certain mistake to reach consistent at both ends, obtains key after error correction Corrected Key finally carries out secrecy enhancing to Corrected Key according to the compression factor of assessment, obtains final key Final Key is simultaneously exported.
Special case of the Toeplitz matrix as Two-Universal family of functions, with simpler building method and more Few resource consumption, suitable for being encrypted to the classic network interaction data QKD system, for example, to basic vector pair shown in Fig. 1 Interaction data than the stage is encrypted, so as to carry out integrity verification to interaction data based on encrypted result.
Toeplitz matrix size is depending on the data length of encryption front and back, that is, when the bit bit length of be-encrypted data Degree is N, and when being m to the encrypted bit length of be-encrypted data progress, Toeplitz matrix is then a m row N column matrix. Since every element from upper left to the oblique line of bottom right is all the same in Toeplitz matrix, so, only need m+N-1 bit Position data describe.This m+N-1 number of bits is being got after, Toeplitz matrix T can be constructedm*N, structure is as follows It is shown:
Wherein, Tm*NIn each matrix element Ti,j=tj-i+m
In order to obtain for describing Toeplitz matrix Tm*NM+N-1 number of bits evidence, the embodiment of the present application is according to linear The shifting principle of feedback shift register (Linear Feedback Shift Register, abbreviation LFSR), it is initial in m bit On the basis of shifted data, new N-1 number of bits evidence is generated, utilizes m bit initial displacement data and new N-1 bit Data describe Toeplitz matrix Tm*N
Since the number of bits of be-encrypted data is N, 1 column matrix of N row (DJM) can be constructedN*1, pass through square Battle array operation (JM)m*1=Tm*N×(DJM)N*1, encrypted data (JM) can be obtainedm*1.But, it is contemplated that Toeplitz matrix Tm*NIt is usually bigger, it is unfavorable for storing, and matrix Tm*N(DJM)N*1Multiplication processes in, need with matrix element to be single Position is calculated one by one, causes to take long time.Therefore, in order to save memory space and accelerate data processing speed, the application A kind of data ciphering method that embodiment provides, does not pre-generate entire Toeplitz matrix Tm*N, also not directly by Tm*NWith (DJM)N*1Carry out matrix multiple, but according to current LFSR data and based on current LFSR data carry out LFSR displacement and it is new The number of bits evidence of generation, successively construction belongs to Toeplitz matrix Tm*NM row n column submatrix, while utilize be-encrypted data The submatrix to be encrypted that construction n row 1 arranges obtains T by carrying out splicing calculating to these submatrixsm*N(DJM)N*1Matrix Calculated result (JM)m*1, (JM)m*1Matrix data is to carry out encrypted data to be-encrypted data.
Embodiment one
It referring to fig. 2, is a kind of flow diagram of data ciphering method provided by the embodiments of the present application, this method comprises:
S201: the number of bits N of be-encrypted data is determined.
S202: determine that the number of bits m, m that carry out encrypted data to the be-encrypted data are less than N.
S203: the m rank primitive polynomial for realizing linear feedback shift register LFSR shifting function is chosen, and obtains m ratio The initial displacement data of special position.
The number of bits m according to encrypted data is needed, a m rank primitive polynomial, example are chosen in LFSR family of functions Such as, 64 rank primitive polynomial x^64+x^7+x^6+x^5+x^4+x^2+x+1, the purpose is to utilize m according to LFSR shifting principle Rank primitive polynomial generates new number of bits evidence.It is understood that can choose the higher primitive polynomial of order, this Sample, LFSR pseudo-random sequence generator can export more different pseudo random numbers according to shifting principle, and subsequent step is utilizing m When+N-1 pseudo random number bit encrypt be-encrypted data, encrypted data have more randomness, thus safer.
It should be noted that the present embodiment do not limit S201 and S202 execute sequence, S201 can be first carried out and executed again S202 can also first carry out S202 and execute S201 again.
S204: at least two submatrixs to be encrypted for belonging to matrix to be encrypted and belong at least two of random matrix Random sub-matrix is handled, to obtain the matrix data after the matrix to be encrypted is multiplied with the random matrix, the square Battle array data are to carry out encrypted data to the be-encrypted data.
Wherein, the matrix to be encrypted is 1 column matrix of N row being made of the N-bit position of the be-encrypted data;It is described with Machine matrix is the Toeplitz matrix by m+N-1 number of bits according to the m row N column constituted, and the m+N-1 number of bits is according to including institute It states the initial displacement data of m bit and realizes that newly-generated N-1 ratio is answered in N-1 displacement based on the m rank primitive polynomial Special position data.
In S204, be according to current LFSR data and based on current LFSR data carry out LFSR displacement and it is newly-generated Number of bits evidence, successively construction belongs to Toeplitz matrix Tm*NM row n column submatrix, while using be-encrypted data construct n The submatrix to be encrypted that row 1 arranges obtains T by carrying out splicing calculating to these submatrixsm*N(DJM)N*1Matrix calculate knot Fruit (JM)m*1, (JM)m*1Matrix data is to carry out encrypted data to be-encrypted data.
To sum up, the data ciphering method that the present embodiment one provides, has used the random sub-matrix for belonging to Toeplitz matrix Be-encrypted data is encrypted, compared with prior art, the collision rate of encrypted data can be reduced, to improve encryption The randomness of data afterwards, and then improve the safety of encrypted data.
In a kind of embodiment of the application, S204 can specifically include (encryption flow signal shown in Figure 3 Figure):
S301: reading n-bit position data from the data not being read in be-encrypted data, and construction n row 1 arranges to be added Close submatrix.
By all number of bits of be-encrypted data according to being grouped, each grouping includes nbits data, is therefrom read first Take first packet data.For example, it is assumed that n=16, first reading 16bits data, the submatrix to be encrypted of construction 16 row x1 column DJM 116*1:
S302: according to LFSR shifting principle and the m rank primitive polynomial, determine that carrying out n times shifting function answers new life At n-bit position data.
LFSR shifting principle schematic diagram shown in Figure 4, the existing key S for the use of length being first m0,S1,...Sm-1 LFSR is initialized, S0,S1,...Sm-1Initial displacement data in as S203.One new number of bits evidence of every generation When, all bits in LFSR move right one, wherein one bit of rightmost removes LFSR, one bit of Far Left Position is by new number of bits according to filling.
In the present embodiment, actual shift operation can not be carried out using LFSR, but according to LFSR shifting principle, conversion The number of bits evidence that shifting function should be newly-generated out, in order to construct above-mentioned Toeplitz matrix Tm*NSubmatrix, i.e., construction m The random sub-matrix of row n column can generate n new number of bits evidences every time.
Specifically, in a kind of embodiment of the application, S302 be can specifically include: use field programmable gate array (Field-Programmable Gate Array, abbreviation FPGA) carries out parallel processing, in the clock cycle of preset quantity Newly-generated n-bit position data are answered in interior determining progress n times shifting function.In the present embodiment, for example, it is assumed that m rank sheet When former multinomial is a 64 rank primitive polynomials and n=16, when using the 64 rank primitive polynomial, shifted according to LFSR Principle can design FPGA code, within 1 clock cycle parallel computation go out 16 new number of bits evidences, this parallel place Reason mode, can increase substantially the renewal speed of random sub-matrix, namely improve this Hash calculation process bandwidth.
In addition, for the m rank primitive polynomial of selection, there may be coefficient is equal in order to quickly update n-bit position data out For 0 continuous high-order term.For example, 64 rank primitive polynomials are chosen, for example, x^64+x^7+x^6+x^5+x^4+x^2+x+1, by Continuous multiple high-order coefficients are 0 in the primitive polynomial, and the coefficient of only low 8 items is non-zero, this makes LFSR shifting function Calculation amount it is less, therefore, can derive new 16bits data faster based on current LFSR data.
S303: the n-1 that the m number of bits before being shifted using the n times in LFSR accordingly and in S302 should be formerly newly-generated Number of bits evidence, the random sub-matrix of construction m row n column.
As m=64, LFSR initial value is 64bits initial displacement data lfsr_seed [63:0], i.e. S in Fig. 40, S1,...S63;Based on LFSR initial value, is updated within 1 clock cycle and obtains 16bits data lfsr_update [15:0], In coded sequence be bit genesis sequence.
Take { lfsr_update [14:0], lfsr_seed [63:0] } total 79bits data, constitute 64 row x 16 column with Loom matrix T164*16:
Wherein, the 0bit in lfsr_seed corresponds to T1 to 63bit64*16In S0To S63, in lfsr_update 0bit corresponds to T1 to 14bit64*16In S64To S78
It should be noted that the present embodiment can first carry out S301, execute S302-S303 again, S302- can also be first carried out S303, S301 is executed again.
S304: the random sub-matrix is multiplied with the submatrix to be encrypted, obtains submatrix multiplied result.
By above-mentioned submatrix T164*16With DJM 116*1Matrix multiple is carried out, first sub- matrix multiple result JM is obtained 164*1:
In this way, just obtaining the first round iteration Hash result of first packet data (16bits data) in be-encrypted data JM 164*1, bit wide 64bits, by JM 164*1It is expressed as Tag.
S305: judge whether at least to calculate submatrix multiplied result twice;If it is, executing S306;If it is not, then Illustrate only to calculate a submatrix multiplied result, obtains new submatrix multiplied result by executing S301-S304 at this time.
If only calculating a submatrix multiplied result at present, second packet data is read from be-encrypted data (16bits data), the submatrix DJM 2 to be encrypted of construction 16 row x 1 column16*1:
Also, it updates random sub-matrix and specifically LFSR current value is denoted as lfsr [79:16] comprising lfsr_ Seed [63:16] and lfsr_update [15:0] newly-generated recently, wherein the corresponding lfsr of lfsr_seed [63:16] Lfsr [79:64] in lfsr [63:16] in [79:16], lfsr_update [15:0] corresponding lfsr [79:16];Then, Based on LFSR current value lfsr [79:16], is updated again within 1 clock cycle and obtain 16bits data lfsr_update [15:0]。
Take { lfsr_update [14:0], lfsr_seed [63:0] } total 79bits data, constitute 64 row x 16 column with Loom matrix T264*16:
By above-mentioned submatrix T264*16With DJM 216*1Matrix multiple is carried out, second sub- matrix multiple result JM is obtained 264*1:
In this way, just obtaining the second wheel iteration Hash result of second packet data (16bits data) in be-encrypted data JM 264*1, bit wide 64bits, by JM 264*1It is expressed as Tag and the Tag for obtaining last computation is expressed as Tag_old.
S306: when at least calculating submatrix multiplied result twice, by this submatrix multiplied result and last time Submatrix multiplied result carry out XOR operation, obtain include m number of bits evidence operation result;S301 is continued to execute, until The be-encrypted data is by until all having read.
The Tag that this is calculated carries out exclusive or with the Tag_old being calculated before, obtains Tag_new, i.e. Tag_ New=Tag ⊕ Tag_old.
In the manner described above, continue to read third packet data (16bits data) from be-encrypted data, construction 16 The submatrix DJM 3 to be encrypted that row x 1 is arranged16*1, while updating and obtaining random sub-matrix T364*16, by above-mentioned submatrix T364*16With DJM 316*1Matrix multiple is carried out, the sub- matrix multiple result JM 3 of third is obtained64*1... ...;By the above loop iteration step, Become only until all 16bits packet datas in be-encrypted data all have been calculated, finally obtained is 64bits's Data_Tag, the Data_Tag are to carry out encrypted data to be-encrypted data.It should be noted that if number to be encrypted Last grouping data deficiencies 16bits in, then obtain 16bits by zero padding, have no effect on final calculation result in this way.
Further, in order to improve the safety of be-encrypted data, can also include: after S306
S307: it using preset-key data as the be-encrypted data, continues to execute described from the be-encrypted data N-bit position data are read in the data not being read, until the be-encrypted data has all been read.
Continue the example quoted in Fig. 3 step, can not using the Data_Tag of above-mentioned 64bits as final encryption after Data, but using Data_Tag as Tag_old;Then, a preset-key data are obtained, for example, 64bits key Key, it will It is divided into 4 groups of 16bits, and every group of data respectively constitute the submatrix to be encrypted of 16 row x 1 column, execute the above S301-S306 again Loop iteration step, iteration result Encrypt_Tag is to carry out encrypted data to be-encrypted data.
In addition, in a kind of embodiment of the application, initial displacement data in S203 and presetting in S307 are close Key data can be and extract from the key data having not been used in cipher key cache area, wherein in the cipher key cache area Store the quantum key data of pre-assigned key data and QKD system output.In the present embodiment, such as Fig. 1 institute Show, the corresponding quantum key management terminal A of Alice, is the enough key datas of Alice quantity allotted in advance, and by these Key data is stored in advance in the cipher key cache area of Alice, and similarly, Bob also corresponds to a quantum key management terminal B, It is in advance the enough key datas of Bob quantity allotted, and these key datas is stored in advance in the cipher key cache area of Bob, These key datas are identical as the key data for being pre-assigned to Alice;In addition, the both ends that Alice and Bob will also be generated every time Consistent quantum key also is stored in the cipher key cache area of oneself, to constantly update oneself cipher key cache area;In this way, working as It, can be from respective key when Alice and Bob encrypts respective data to be certified for realization data integrity validation Identical key data is read in buffer area as the initial displacement data or the preset-key data.
Embodiment two
Above-described embodiment one describes the method that a kind of pair of be-encrypted data is encrypted, and the present embodiment two describes one kind The method that integrated authentication is carried out to be-encrypted data based on encrypted result.
It is a kind of flow diagram of data authentication method provided by the embodiments of the present application, the data authentication side referring to Fig. 5 Method is applied to a kind of QKD system, which includes the first QKD terminal communicated by classic network and the 2nd QKD whole End.The data authentication method the following steps are included:
S501: the first QKD terminal encrypts the first data to be certified;Wherein, the described first data to be certified Including the first QKD terminal described in preset period of time into the data A and the preset period of time that the 2nd QKD terminal is sent The first QKD terminal is from the received data B of the 2nd QKD terminal.
Wherein, the first QKD terminal is Alice shown in FIG. 1, and the 2nd QKD terminal is Bob shown in FIG. 1.
In the present embodiment, can be using the first data to be certified as be-encrypted data, and use the data of embodiment one Encryption method encrypts the first data to be certified.
In the first data to be certified, about the first QKD terminal from the received data B of the 2nd QKD terminal, be pass through through That allusion quotation channel is transmitted and there is the risk that is tampered in transmission process, therefore, data B may be to be tampered with Data are also likely to be the data being not tampered with.
S502: the 2nd QKD terminal encrypts the second data to be certified;Wherein, the described second data to be certified Data B from the 2nd QKD terminal described in the preset period of time to the first QKD terminal that sent including and it is described default when The 2nd QKD terminal is from the received data A of the first QKD terminal in section.
In the present embodiment, can be using the second data to be certified as be-encrypted data, and use the data of embodiment one Encryption method encrypts the second data to be certified.
In the second data to be certified, about the 2nd QKD terminal from the received data A of the first QKD terminal, be pass through through That allusion quotation channel is transmitted and there is the risk that is tampered in transmission process, therefore, data A may be to be tampered with Data are also likely to be the data being not tampered with.
In the present embodiment, the above-mentioned first data to be certified and the second data to be certified can be QKD system in basic vector pair , can be such as 1 second by fixed data interaction duration than the classic network interaction data in stage or other stages, it is pre- as one If the period, to carry out data integrity validation to interior interaction data per second.
It is understood that if the interaction data of the first QKD terminal and the 2nd QKD terminal is by classical transmission When be not tampered, then the first data to be certified and the second data to be certified are identical data;, whereas if the first QKD terminal with The interaction data of 2nd QKD terminal is tampered when by classical transmission, then the first data to be certified and second to be certified Data are different data.
S503: the first QKD terminal is according to the cryptographic calculation result of local terminal and the cryptographic calculation of the 2nd QKD terminal As a result, determining whether first data to be certified are tampered.
S504: the 2nd QKD terminal is according to the cryptographic calculation result of local terminal and the cryptographic calculation of the first QKD terminal As a result, determining whether second data to be certified are tampered.
Step S503 and S504 realizes bi-directional data certification, that is, two QKD terminals are respectively according to the cryptographic calculation of local terminal As a result with the cryptographic calculation of opposite end as a result, judging whether the data to be certified of local terminal are tampered, if the data to be certified at both ends It is not tampered with, illustrates that the interaction data of two QKD terminals has passed through data integrity validation, it is otherwise, unverified.
To sum up, the present embodiment two provide data authentication method, using the method for embodiment one treat authentication data into Row encryption, that is, used the random sub-matrix for belonging to Toeplitz matrix to treat authentication data and encrypted, with prior art phase Than that can reduce the collision rate of encrypted data, to improve the randomness of encrypted data, and then improve number after encryption According to safety, therefore, using its encrypted result carry out data integrity validation when, by the encrypted result of local terminal QKD terminal During being transmitted to opposite end QKD terminal, the decrypted risk of encrypted result is reduced, the percent of pass of data authentication is improved.
Specifically, above-mentioned data authentication method can use any one following specific embodiment.
In the first embodiment, since the first QKD terminal and the 2nd QKD terminal respectively correspond to a quantum key management Terminal can be in advance corresponding three different key datas of QKD terminal distribution, be respectively first key, the second key and Third key.
S501 can specifically include: the first QKD terminal is based on first key and encrypts to the first data to be certified, obtains First cryptographic Hash;It is encrypted using the first cryptographic Hash described in the second key pair, the first obtained ciphertext is sent to the 2nd QKD Terminal.Wherein, the first key can be the preset-key data in one S307 of embodiment, and first cryptographic Hash can be with It is the encrypted result Data_Tag1 or Encrypt_Tag1 that the first QKD terminal is carried out using the data ciphering method of embodiment one; And when being encrypted to the first cryptographic Hash, it can be encrypted using symmetric encipherment algorithm.
S502 can specifically include: the 2nd QKD terminal is based on the first key and encrypts to the second data to be certified, Obtain the second cryptographic Hash;It is encrypted using the second cryptographic Hash described in the third key pair different from second key, will To the second ciphertext be sent to the first QKD terminal.Wherein, second cryptographic Hash equally can be the 2nd QKD terminal using real Apply encrypted result Data_Tag2 or Encrypt_Tag2 that the data ciphering method of example one carries out;And the second cryptographic Hash is carried out When encryption, it can equally be encrypted using symmetric encipherment algorithm.
S503 can specifically include: the first QKD terminal is decrypted using the second ciphertext described in the third key pair;Sentence Whether the cryptographic Hash and first cryptographic Hash after disconnected decryption are identical;If they are the same, it is determined that first data to be certified not by It distorts;If it is different, then determining that the described first data to be certified are tampered.In this step, the first QKD terminal is needed to from second Received second ciphertext of QKD terminal is decrypted, if the cryptographic Hash that decryption obtains is identical as the first cryptographic Hash of local terminal, the One QKD terminal thinks that the first data to be certified of local terminal were not tampered with, and authentication authorization and accounting passes through, and does not pass through conversely, then authenticating.
S504 can specifically include: the 2nd QKD terminal is decrypted using the first ciphertext described in second key pair;Sentence Whether the cryptographic Hash and second cryptographic Hash after disconnected decryption are identical;If they are the same, it is determined that second data to be certified not by It distorts;If it is different, then determining that the described second data to be certified are tampered.In this step, the 2nd QKD terminal is needed to from first Received first ciphertext of QKD terminal is decrypted, if the cryptographic Hash that decryption obtains is identical as the second cryptographic Hash of local terminal, the Two QKD terminals think that the second data to be certified of local terminal were not tampered with, and authentication authorization and accounting passes through, and does not pass through conversely, then authenticating.
In the second embodiment, since the first QKD terminal and the 2nd QKD terminal respectively correspond to a quantum key management Terminal can be in advance corresponding two different key datas of QKD terminal distribution, be the 4th key and the 5th key respectively.
S501 can specifically include: the first QKD terminal is based on the 4th the first data to be certified of key pair and is encrypted, and obtains Third cryptographic Hash;And encrypted based on the first data to be certified described in the 5th key pair, obtain the 4th cryptographic Hash;By described Four cryptographic Hash are sent to the 2nd QKD terminal.Wherein, when the 4th key is the preset-key data in one S307 of embodiment, then The third cryptographic Hash can be using embodiment one data ciphering method progress encrypted result Data_Tag3 or Encrypt_Tag3;Likewise, when the 5th key is the preset-key data in one S307 of embodiment, then the 4th Hash Value can be the encrypted result Data_Tag4 or Encrypt_Tag4 of the data ciphering method progress using embodiment one.
S502 can specifically include: the 2nd QKD terminal is based on the 4th key pair second data to be certified and is encrypted, Obtain the 5th cryptographic Hash;And encrypted based on the second data to be certified described in the 5th key pair, obtain the 6th cryptographic Hash; 5th cryptographic Hash is sent to the first QKD terminal.Wherein, when the preset-key number that the 4th key is in one S307 of embodiment According to when, then the 5th cryptographic Hash can be using embodiment one data ciphering method progress encrypted result Data_Tag5 Or Encrypt_Tag5;Likewise, when the 5th key is also the preset-key data in one S307 of embodiment, then the described 6th Cryptographic Hash can be the encrypted result Data_Tag6 or Encrypt_Tag6 of the data ciphering method progress using embodiment one.
S503 can specifically include: the first QKD terminal judge the third cryptographic Hash and the 5th cryptographic Hash whether phase Together;If they are the same, it is determined that first data to be certified are not tampered;If it is different, then determining the described first data quilt to be certified It distorts.In this step, after the first QKD terminal receives the 5th cryptographic Hash from the 2nd QKD terminal, with the third cryptographic Hash of local terminal into Row comparison, since third cryptographic Hash and the 5th cryptographic Hash are all to be encrypted using the 4th key as a result, if the two is identical, Then the first QKD terminal thinks that the first data to be certified of local terminal were not tampered with, and authentication authorization and accounting passes through, conversely, then authenticating obstructed It crosses.
S504 can specifically include: the 2nd QKD terminal judges whether four cryptographic Hash and the 6th cryptographic Hash are identical; If they are the same, it is determined that second data to be certified are not tampered;If it is different, then determining that the described second data to be certified are usurped Change.In this step, the 2nd QKD terminal carries out after the first QKD terminal the 4th cryptographic Hash of reception with the 6th cryptographic Hash of local terminal Comparison, since the 4th cryptographic Hash and the 6th cryptographic Hash are all to be encrypted using the 5th key as a result, if the two is identical, 2nd QKD terminal thinks that the second data to be certified of local terminal were not tampered with, and authentication authorization and accounting passes through, and does not pass through conversely, then authenticating.
Further, to prevent fake equipment from accessing QKD system shown in Fig. 1, in a kind of embodiment of the application, institute State the first data to be certified further include: the first QKD terminal is from the received terminal identification information of the 2nd QKD terminal;Institute State the second data to be certified further include: the 2nd QKD terminal is from the received terminal identification information of the first QKD terminal;Its In, the terminal identification information includes the terminal iidentification of the first QKD terminal and the 2nd QKD terminal.
In the present embodiment, when the first QKD terminal and the 2nd QKD terminal are respectively Alice and Bob shown in FIG. 1, The terminal iidentification of Alice and Bob are sent to Alice in advance by the corresponding quantum key management terminal of Alice, likewise, Bob pairs The terminal iidentification of Alice and Bob are also sent to Bob in advance by the quantum key management terminal answered, so that Alice and Bob are obtained Local device mark and opposite equip. mark are got, in this way, sending classic network interaction to opposite equip. in Alice or Bob While data, the device identification of Alice and Bob is also sent to opposite equip..In this case, if there is fake equipment connects Enter QKD system and Alice or Bob is pretended to be to be communicated, fake equipment needs to forge the end of Alice and Bob in data to be certified End mark, if Alice or Bob determine that the data to be certified of this side are also likely to be in data to be certified not over certification The terminal iidentification of Alice and/or Bob is tampered, in this manner it is possible to identify that fake equipment accesses QKD system.
Embodiment three
It is a kind of composition schematic diagram of data encryption equipment provided by the embodiments of the present application referring to Fig. 6, which sets Standby 600 include:
Number of bits determination unit 601 is determined for determining the number of bits N of be-encrypted data to the number to be encrypted It is less than N according to the number of bits m, m that carry out encrypted data;
Shift parameters acquiring unit 602, for choosing the m rank sheet for realizing linear feedback shift register LFSR shifting function Former multinomial, and obtain the initial displacement data of m bit;
Encryption data generation unit 603, for at least two submatrixs and category to be encrypted for belonging to matrix to be encrypted It is handled at least two random sub-matrix of random matrix, is multiplied with obtaining the matrix to be encrypted with the random matrix Matrix data afterwards, the matrix data are to carry out encrypted data to the be-encrypted data;Wherein, the square to be encrypted Battle array is 1 column matrix of N row being made of the N-bit position of the be-encrypted data;The random matrix is by m+N-1 number of bits evidence The Toeplitz matrix of the m row N column of composition, the m+N-1 number of bits according to include the m bit initial displacement data, And realize that newly-generated N-1 number of bits evidence is answered in N-1 displacement based on the m rank primitive polynomial.
In a kind of embodiment of the application, the encryption data generation unit 603 may include:
Submatrix multiplication subelement, for reading n-bit position from the data not being read in the be-encrypted data Data, the submatrix to be encrypted that construction n row 1 arranges;According to LFSR shifting principle and the m rank primitive polynomial, determines and carry out n Newly-generated n-bit position data are answered in secondary shifting function, and the m number of bits before being shifted using the n times in LFSR is accordingly and the n Number of bits answers formerly newly-generated n-1 number of bits evidence, the random sub-matrix of construction m row n column in;It will be described with loom square Battle array is multiplied with the submatrix to be encrypted, obtains submatrix multiplied result;
The submatrix multiplication subelement is also used to when only calculating a submatrix multiplied result, execute again with Upper step obtains new submatrix multiplied result;
Circular treatment subelement, for when at least calculating submatrix multiplied result twice, by this submatrix phase Multiply result and last submatrix multiplied result carry out XOR operation, obtain include m number of bits evidence operation result;It calls The submatrix multiplication subelement, until the be-encrypted data all read and obtain include m number of bits evidence fortune Until calculating result.
In a kind of embodiment of the application, the circular treatment subelement, be also used to using preset-key data as The be-encrypted data, and the submatrix multiplication subelement is called, until the be-encrypted data has all been read and is obtained Until the operation result for including m number of bits evidence.
In a kind of embodiment of the application, the initial displacement data and the preset-key data are slow from key It deposits and is extracted in the key data being had not been used in area, wherein in the cipher key cache area store pre-assigned key Data and the quantum key data of quantum key distribution QKD system output.
In a kind of embodiment of the application, the submatrix multiplication subelement is specifically used for using field-programmable Gate array FPGA carries out parallel processing, to determine that carrying out n times shifting function answers newly-generated n within the clock cycle of preset quantity Number of bits evidence.
In a kind of embodiment of the application, there are the continuous high orders that coefficient is 0 in the m rank primitive polynomial ?.
It should be noted that the present embodiment is third is that the corresponding data encryption equipment of method provided with above-described embodiment one, Related place refers to the related introduction of embodiment one, and details are not described herein.
Example IV
It is a kind of composition schematic diagram of QKD system provided by the embodiments of the present application referring to Fig. 7, the QKD system 700 wraps Include the first QKD terminal 701 and the 2nd QKD terminal 702 communicated by classic network;
The first QKD terminal 701, for be certified to first using the data encryption equipment 600 of above-described embodiment three Data are encrypted;Wherein, the described first data to be certified include in preset period of time the first QKD terminal 701 to described The first QKD terminal 701 is from the 2nd QKD terminal in the data and the preset period of time that two QKD terminals 702 are sent 702 received data;
The 2nd QKD terminal 702, for be certified to second using the data encryption equipment 600 of above-described embodiment three Data are encrypted;Wherein, the described second data to be certified include in the preset period of time the 2nd QKD terminal 702 to institute The 2nd QKD terminal 702 is stated in the data and the preset period of time of the first QKD terminal 701 transmission from the first QKD The received data of terminal 701;
The first QKD terminal 701, for according to the cryptographic calculation result of local terminal and adding for the 2nd QKD terminal 702 Close operation result, determines whether the described first data to be certified are tampered;
The 2nd QKD terminal 702, for according to the cryptographic calculation result of local terminal and adding for the first QKD terminal 701 Close operation result, determines whether the described second data to be certified are tampered.
In a kind of embodiment of the application, by the preset-key data in above-described embodiment three be known as first key, Second key or third key, then:
The first QKD terminal 701, specifically can be used for based on the first key to the described first data to be certified into Row encryption, obtains the first cryptographic Hash;It is encrypted using the first cryptographic Hash described in the second key pair, the first obtained ciphertext is sent out It send to the 2nd QKD terminal 702;
Correspondingly, the 2nd QKD terminal 702 specifically can be used for based on the first key to described second wait recognize Card data are encrypted, and the second cryptographic Hash is obtained;Utilize the second Hash described in the third key pair different from second key Value is encrypted, and the second obtained ciphertext is sent to the first QKD terminal 701;
Correspondingly, the first QKD terminal 701 specifically can be used for utilizing the second ciphertext described in the third key pair It is decrypted;Whether the cryptographic Hash and first cryptographic Hash after judging decryption are identical;If they are the same, it is determined that described first wait recognize Card data are not tampered;If it is different, then determining that the described first data to be certified are tampered;
Correspondingly, the 2nd QKD terminal 702 specifically can be used for utilizing the first ciphertext described in second key pair It is decrypted;Whether the cryptographic Hash and second cryptographic Hash after judging decryption are identical;If they are the same, it is determined that described second wait recognize Card data are not tampered;If it is different, then determining that the described second data to be certified are tampered.
In a kind of embodiment of the application, by the preset-key data in above-described embodiment three be known as the 4th key or 5th key, the 4th key are different key datas from the 5th key, then,
The first QKD terminal 701, specifically can be used for based on the first data to be certified described in the 4th key pair into Row encryption, obtains third cryptographic Hash;And encrypted based on the first data to be certified described in the 5th key pair, obtain the 4th Cryptographic Hash;4th cryptographic Hash is sent to the 2nd QKD terminal 702;
Correspondingly, the 2nd QKD terminal 702 specifically can be used for based on described in the 4th key pair second wait recognize Card data are encrypted, and the 5th cryptographic Hash is obtained;And encrypted based on the second data to be certified described in the 5th key pair, Obtain the 6th cryptographic Hash;5th cryptographic Hash is sent to the first QKD terminal 701;
Correspondingly, the first QKD terminal 701 specifically can be used for judging that the third cryptographic Hash and the described 5th is breathed out Whether uncommon value is identical;If they are the same, it is determined that first data to be certified are not tampered;If it is different, then determine described first to Authentication data is tampered;
Correspondingly, the 2nd QKD terminal 702 specifically can be used for judging four cryptographic Hash and the 6th Hash Whether identical it is worth;If they are the same, it is determined that second data to be certified are not tampered;If it is different, then determining described second wait recognize Card data are tampered.
In a kind of embodiment of the application, first data to be certified can also include: the first QKD terminal 701 from the received terminal identification information of the 2nd QKD terminal 702;Second data to be certified can also include: described Two QKD terminals 702 are from the received terminal identification information of the first QKD terminal 701;Wherein, the terminal identification information includes The terminal iidentification of the first QKD terminal 701 and the 2nd QKD terminal 702.
It should be noted that the present embodiment is fourth is that the corresponding QKD system of method provided with above-described embodiment two, correlation Place refers to the related introduction of embodiment two, and details are not described herein.
As seen through the above description of the embodiments, those skilled in the art can be understood that above-mentioned implementation All or part of the steps in example method can be realized by means of software and necessary general hardware platform.Based on such Understand, substantially the part that contributes to existing technology can be in the form of software products in other words for the technical solution of the application It embodies, which can store in storage medium, such as ROM/RAM, magnetic disk, CD, including several Instruction is used so that a computer equipment (can be the network communications such as personal computer, server, or Media Gateway Equipment, etc.) execute method described in certain parts of each embodiment of the application or embodiment.
It should be noted that each embodiment in this specification is described in a progressive manner, each embodiment emphasis is said Bright is the difference from other embodiments, and the same or similar parts in each embodiment may refer to each other.For reality For applying equipment and system disclosed in example, since it is corresponded to the methods disclosed in the examples, so being described relatively simple, phase Place is closed referring to method part illustration.
It should also be noted that, herein, relational terms such as first and second and the like are used merely to one Entity or operation are distinguished with another entity or operation, without necessarily requiring or implying between these entities or operation There are any actual relationship or orders.Moreover, the terms "include", "comprise" or its any other variant are intended to contain Lid non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or equipment Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that There is also other identical elements in process, method, article or equipment including the element.
The foregoing description of the disclosed embodiments makes professional and technical personnel in the field can be realized or use the application. Various modifications to these embodiments will be readily apparent to those skilled in the art, as defined herein General Principle can be realized in other embodiments without departing from the spirit or scope of the application.Therefore, the application It is not intended to be limited to the embodiments shown herein, and is to fit to and the principles and novel features disclosed herein phase one The widest scope of cause.

Claims (12)

1. a kind of data ciphering method characterized by comprising
Determine the number of bits N of be-encrypted data;
Determine that the number of bits m, m that carry out encrypted data to the be-encrypted data are less than N;
The m rank primitive polynomial for realizing linear feedback shift register LFSR shifting function is chosen, and obtains the initial of m bit Shifted data;
To at least two submatrixs to be encrypted for belonging to matrix to be encrypted and belong to random matrix at least two with loom square Battle array is handled, and to obtain the matrix data after the matrix to be encrypted is multiplied with the random matrix, the matrix data is Encrypted data are carried out to the be-encrypted data;
Wherein, the matrix to be encrypted is 1 column matrix of N row being made of the N-bit position of the be-encrypted data;The random square Battle array is the Toeplitz matrix by m+N-1 number of bits according to the m row N column constituted, and the m+N-1 number of bits is according to including the m The initial displacement data of bit and based on the m rank primitive polynomial realize N-1 displacement answer newly-generated N-1 bit Position data.
2. the method according to claim 1, wherein described pair belongs at least two to be encrypted of matrix to be encrypted Submatrix and at least two random sub-matrix for belonging to random matrix are handled, comprising:
N-bit position data, the son to be encrypted that construction n row 1 arranges are read from the data not being read in the be-encrypted data Matrix;According to LFSR shifting principle and the m rank primitive polynomial, determine that carrying out n times shifting function answers newly-generated n-bit Position data, the m number of bits before being shifted using the n times in LFSR accordingly and in the data of the n-bit position should be formerly newly-generated N-1 number of bits evidence, construction m row n column random sub-matrix;By the random sub-matrix and the submatrix phase to be encrypted Multiply, obtains submatrix multiplied result;
When only calculating a submatrix multiplied result, above step is executed again and obtains new submatrix multiplied result;
When at least calculating submatrix multiplied result twice, by this submatrix multiplied result and last submatrix phase Multiply result carry out XOR operation, obtain include m number of bits evidence operation result;Circulation executes described from the be-encrypted data In read n-bit position data and its subsequent step in the data that were not read, until the be-encrypted data is all read It is complete and obtain include m number of bits evidence operation result until.
3. according to the method described in claim 2, it is characterized in that, the method also includes:
Using preset-key data as the be-encrypted data, circulation execution is described not to be read from the be-encrypted data Data in read n-bit position data and its subsequent step, until the be-encrypted data has all been read and obtains including m Until the operation result of number of bits evidence.
4. according to the method described in claim 3, it is characterized in that,
The initial displacement data and the preset-key data are from the key data having not been used in cipher key cache area It extracts, wherein store pre-assigned key data in the cipher key cache area and quantum key distribution QKD system is defeated Quantum key data out.
5. according to the method described in claim 2, it is characterized in that, newly-generated n ratio is answered in the determining progress n times shifting function Special position data, comprising:
Parallel processing is carried out using on-site programmable gate array FPGA, carries out n times to determine within the clock cycle of preset quantity Newly-generated n-bit position data are answered in shifting function.
6. method according to any one of claims 1 to 5, which is characterized in that there are coefficients in the m rank primitive polynomial It is 0 continuous high-order term.
7. a kind of data authentication method, which is characterized in that the method is applied to a kind of QKD system, and the QKD system includes logical Cross the first QKD terminal and the 2nd QKD terminal that classic network is communicated, which comprises
The first QKD terminal encrypts the first data to be certified using method as claimed in any one of claims 1 to 6; Wherein, the described first data to be certified include the number that the first QKD terminal is sent to the 2nd QKD terminal in preset period of time According to and the preset period of time in the first QKD terminal from the received data of the 2nd QKD terminal;
The 2nd QKD terminal encrypts the second data to be certified using method as claimed in any one of claims 1 to 6; Wherein, the described second data to be certified include in the preset period of time the 2nd QKD terminal sent to the first QKD terminal Data and the preset period of time in the 2nd QKD terminal from the received data of the first QKD terminal;
The first QKD terminal is according to the cryptographic calculation result of local terminal and the cryptographic calculation of the 2nd QKD terminal as a result, determining Whether first data to be certified are tampered;
The 2nd QKD terminal is according to the cryptographic calculation result of local terminal and the cryptographic calculation of the first QKD terminal as a result, determining Whether second data to be certified are tampered.
8. the method according to the description of claim 7 is characterized in that by the preset-key number in claim 3 or 4 the methods Be stated to be first key, the second key or third key, then:
It is described that first data to be certified are encrypted, comprising:
The first QKD terminal is based on the first key and encrypts to the described first data to be certified, obtains the first Hash Value;It is encrypted using the first cryptographic Hash described in the second key pair, it is whole that the first obtained ciphertext is sent to the 2nd QKD End;
It is correspondingly, described that second data to be certified are encrypted, comprising:
The 2nd QKD terminal is based on the first key and encrypts to the described second data to be certified, obtains the second Hash Value;It is encrypted using the second cryptographic Hash described in the third key pair different from second key, the second ciphertext that will be obtained It is sent to the first QKD terminal;
Correspondingly, the first QKD terminal is according to the cryptographic calculation result of local terminal and the cryptographic calculation knot of the 2nd QKD terminal Fruit, determines whether the described first data to be certified are tampered, comprising:
The first QKD terminal is decrypted using the second ciphertext described in the third key pair;Cryptographic Hash after judgement decryption It is whether identical as first cryptographic Hash;If they are the same, it is determined that first data to be certified are not tampered;If it is different, then really Fixed first data to be certified are tampered;
Correspondingly, the 2nd QKD terminal is according to the cryptographic calculation result of local terminal and the cryptographic calculation knot of the first QKD terminal Fruit, determines whether the described second data to be certified are tampered, comprising:
The 2nd QKD terminal is decrypted using the first ciphertext described in second key pair;Cryptographic Hash after judgement decryption It is whether identical as second cryptographic Hash;If they are the same, it is determined that second data to be certified are not tampered;If it is different, then really Fixed second data to be certified are tampered.
9. the method according to the description of claim 7 is characterized in that by the preset-key number in claim 3 or 4 the methods It is stated to be the 4th key or the 5th key, the 4th key is different key datas from the 5th key, then,
It is described that first data to be certified are encrypted, comprising:
The first QKD terminal is based on the first data to be certified described in the 4th key pair and is encrypted, and obtains third Hash Value;And encrypted based on the first data to be certified described in the 5th key pair, obtain the 4th cryptographic Hash;Described 4th is breathed out Uncommon value is sent to the 2nd QKD terminal;
It is correspondingly, described that second data to be certified are encrypted, comprising:
The 2nd QKD terminal is based on the second data to be certified described in the 4th key pair and is encrypted, and obtains the 5th Hash Value;And encrypted based on the second data to be certified described in the 5th key pair, obtain the 6th cryptographic Hash;Described 5th is breathed out Uncommon value is sent to the first QKD terminal;
Correspondingly, the first QKD terminal is according to the cryptographic calculation result of local terminal and the cryptographic calculation knot of the 2nd QKD terminal Fruit, determines whether the described first data to be certified are tampered, comprising:
The first QKD terminal judges whether the third cryptographic Hash and the 5th cryptographic Hash are identical;If they are the same, it is determined that institute The first data to be certified are stated not to be tampered;If it is different, then determining that the described first data to be certified are tampered;
Correspondingly, the 2nd QKD terminal is according to the cryptographic calculation result of local terminal and the cryptographic calculation knot of the first QKD terminal Fruit, determines whether the described second data to be certified are tampered, comprising:
The 2nd QKD terminal judges whether four cryptographic Hash and the 6th cryptographic Hash are identical;If they are the same, it is determined that described Second data to be certified are not tampered;If it is different, then determining that the described second data to be certified are tampered.
10. method according to any one of claims 7 to 9, which is characterized in that
First data to be certified further include: the first QKD terminal is believed from the received terminal iidentification of the 2nd QKD terminal Breath;
Second data to be certified further include: the 2nd QKD terminal is believed from the received terminal iidentification of the first QKD terminal Breath;
Wherein, the terminal identification information includes the terminal iidentification of the first QKD terminal and the 2nd QKD terminal.
11. a kind of data encryption equipment characterized by comprising
Number of bits determination unit, for determining the number of bits N of be-encrypted data, determination adds the be-encrypted data The number of bits m, m of data after close are less than N;
Shift parameters acquiring unit, for choosing the m rank primitive polynomial for realizing linear feedback shift register LFSR shifting function Formula, and obtain the initial displacement data of m bit;
Encryption data generation unit, for at least two submatrixs to be encrypted for belonging to matrix to be encrypted and belonging to random square At least two random sub-matrix of battle array are handled, to obtain the matrix after the matrix to be encrypted is multiplied with the random matrix Data, the matrix data are to carry out encrypted data to the be-encrypted data;Wherein, the matrix to be encrypted is by institute State 1 column matrix of N row that the N-bit position of be-encrypted data is constituted;The random matrix is by m+N-1 number of bits according to the m constituted The Toeplitz matrix of row N column, the m+N-1 number of bits is according to the initial displacement data for including the m bit and is based on The m rank primitive polynomial realizes that newly-generated N-1 number of bits evidence is answered in N-1 displacement.
12. a kind of QKD system, which is characterized in that the QKD system includes the first QKD end communicated by classic network End and the 2nd QKD terminal;
The first QKD terminal, for being carried out using the data encryption equipment described in claim 11 to the first data to be certified Encryption;Wherein, the described first data to be certified include in preset period of time the first QKD terminal sent out to the 2nd QKD terminal The first QKD terminal is from the received data of the 2nd QKD terminal in the data and the preset period of time sent;
The 2nd QKD terminal, for being carried out using the data encryption equipment described in claim 11 to the second data to be certified Encryption;Wherein, the described second data to be certified include in the preset period of time the 2nd QKD terminal it is whole to the first QKD Hold in the data and the preset period of time that send the 2nd QKD terminal from the received data of the first QKD terminal;
The first QKD terminal, for according to the cryptographic calculation result of local terminal and the cryptographic calculation knot of the 2nd QKD terminal Fruit, determines whether the described first data to be certified are tampered;
The 2nd QKD terminal, for according to the cryptographic calculation result of local terminal and the cryptographic calculation knot of the first QKD terminal Fruit, determines whether the described second data to be certified are tampered.
CN201710581995.9A 2017-07-17 2017-07-17 Data encryption method, data authentication method, related equipment and system Active CN109274485B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710581995.9A CN109274485B (en) 2017-07-17 2017-07-17 Data encryption method, data authentication method, related equipment and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710581995.9A CN109274485B (en) 2017-07-17 2017-07-17 Data encryption method, data authentication method, related equipment and system

Publications (2)

Publication Number Publication Date
CN109274485A true CN109274485A (en) 2019-01-25
CN109274485B CN109274485B (en) 2021-06-15

Family

ID=65147867

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710581995.9A Active CN109274485B (en) 2017-07-17 2017-07-17 Data encryption method, data authentication method, related equipment and system

Country Status (1)

Country Link
CN (1) CN109274485B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110048833A (en) * 2019-03-04 2019-07-23 全球能源互联网研究院有限公司 Power business encryption method and device based on quantum satellite key network
CN113055184A (en) * 2021-03-22 2021-06-29 中国工商银行股份有限公司 Data encryption and decryption method and device
CN113204771A (en) * 2021-04-21 2021-08-03 北京连山科技股份有限公司 Efficient method for improving defects of block cipher CBC mode by using SM3 cipher
CN113300843A (en) * 2021-06-22 2021-08-24 上海循态信息科技有限公司 Privacy enhancement method and system for use in quantum key distribution
CN115080929A (en) * 2022-07-20 2022-09-20 深圳研控自动化科技股份有限公司 Encryption method, decryption method, system and storage medium of FPGA program
CN115348018A (en) * 2022-07-26 2022-11-15 陕西洲盾软件科技有限公司 Data processing method, device and storage medium

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113839772B (en) * 2021-09-18 2023-05-05 哲库科技(北京)有限公司 Processing circuit, chip and terminal of tuo-pu Li Ciha Hi algorithm

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006045114A2 (en) * 2004-10-13 2006-04-27 The Regents Of The University Of California Cryptographic primitives, error coding, and pseudo-random number improvement methods using quasigroups
CN1914851A (en) * 2004-02-10 2007-02-14 三菱电机株式会社 Quantum key delivering method and communication device
US7631190B2 (en) * 2004-05-27 2009-12-08 Silverbrook Research Pty Ltd Use of variant and base keys with two entities
US8516269B1 (en) * 2010-07-28 2013-08-20 Sandia Corporation Hardware device to physical structure binding and authentication
CN103440119A (en) * 2013-07-08 2013-12-11 中国航空无线电电子研究所 M sequence generator-based primitive polynomial pseudo-random sequence generator
WO2014088392A1 (en) * 2012-12-05 2014-06-12 Mimos Berhad Method for information reconciliation in quantum key distribution
CN104270247A (en) * 2014-05-23 2015-01-07 中国人民解放军信息工程大学 Efficient generic Hash function authentication scheme suitable for quantum cryptography system
CN104506313A (en) * 2015-01-19 2015-04-08 中国人民解放军国防科学技术大学 Quantum secret key distribution privacy amplification method supporting large-scale dynamic changes
CN105071929A (en) * 2015-07-15 2015-11-18 清华大学 Postprocessing method for quantum key distribution
CN106533673A (en) * 2016-12-08 2017-03-22 浙江神州量子网络科技有限公司 Privacy amplification method suitable for multi-party quantum communication
US10291399B2 (en) * 2013-09-30 2019-05-14 Traid National Security, LLC Quantum-secured communications overlay for optical fiber communications networks

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1914851A (en) * 2004-02-10 2007-02-14 三菱电机株式会社 Quantum key delivering method and communication device
US7631190B2 (en) * 2004-05-27 2009-12-08 Silverbrook Research Pty Ltd Use of variant and base keys with two entities
WO2006045114A2 (en) * 2004-10-13 2006-04-27 The Regents Of The University Of California Cryptographic primitives, error coding, and pseudo-random number improvement methods using quasigroups
US8516269B1 (en) * 2010-07-28 2013-08-20 Sandia Corporation Hardware device to physical structure binding and authentication
WO2014088392A1 (en) * 2012-12-05 2014-06-12 Mimos Berhad Method for information reconciliation in quantum key distribution
CN103440119A (en) * 2013-07-08 2013-12-11 中国航空无线电电子研究所 M sequence generator-based primitive polynomial pseudo-random sequence generator
US10291399B2 (en) * 2013-09-30 2019-05-14 Traid National Security, LLC Quantum-secured communications overlay for optical fiber communications networks
CN104270247A (en) * 2014-05-23 2015-01-07 中国人民解放军信息工程大学 Efficient generic Hash function authentication scheme suitable for quantum cryptography system
CN104506313A (en) * 2015-01-19 2015-04-08 中国人民解放军国防科学技术大学 Quantum secret key distribution privacy amplification method supporting large-scale dynamic changes
CN105071929A (en) * 2015-07-15 2015-11-18 清华大学 Postprocessing method for quantum key distribution
CN106533673A (en) * 2016-12-08 2017-03-22 浙江神州量子网络科技有限公司 Privacy amplification method suitable for multi-party quantum communication

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
朱淑芹 等: ""对改进的基于DNA编码和混沌的图像加密算法的安全性分析"", 《计算机应用研究》 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110048833A (en) * 2019-03-04 2019-07-23 全球能源互联网研究院有限公司 Power business encryption method and device based on quantum satellite key network
CN110048833B (en) * 2019-03-04 2021-10-29 全球能源互联网研究院有限公司 Electric power service encryption method and device based on quantum satellite key network
CN113055184A (en) * 2021-03-22 2021-06-29 中国工商银行股份有限公司 Data encryption and decryption method and device
CN113055184B (en) * 2021-03-22 2022-11-29 中国工商银行股份有限公司 Data encryption and decryption method and device
CN113204771A (en) * 2021-04-21 2021-08-03 北京连山科技股份有限公司 Efficient method for improving defects of block cipher CBC mode by using SM3 cipher
CN113204771B (en) * 2021-04-21 2022-02-22 北京连山科技股份有限公司 Efficient method for improving defects of block cipher CBC mode by using SM3 cipher
CN113300843A (en) * 2021-06-22 2021-08-24 上海循态信息科技有限公司 Privacy enhancement method and system for use in quantum key distribution
CN115080929A (en) * 2022-07-20 2022-09-20 深圳研控自动化科技股份有限公司 Encryption method, decryption method, system and storage medium of FPGA program
CN115080929B (en) * 2022-07-20 2022-11-11 深圳研控自动化科技股份有限公司 Encryption method, decryption method, system and storage medium of FPGA program
CN115348018A (en) * 2022-07-26 2022-11-15 陕西洲盾软件科技有限公司 Data processing method, device and storage medium

Also Published As

Publication number Publication date
CN109274485B (en) 2021-06-15

Similar Documents

Publication Publication Date Title
CN109274485A (en) A kind of data ciphering method, data authentication method and relevant device and system
CN105046636B (en) Digital image encryption method based on chaotic system and nucleotide sequence database
CN107147487B (en) Symmetric key random block cipher
CN106850221B (en) Information encryption and decryption method and device
CN104270247B (en) Suitable for the efficient general Hash functions authentication method of quantum cryptography system
CN104488218B (en) Encryption device, decryption device, encryption method, decryption method
CN109274480B (en) Data authentication method and quantum key distribution system based on HMAC-SM3 algorithm
CN108964872B (en) Encryption method and device based on AES
CN109274484B (en) A kind of pair of data carry out the method and quantum key distribution terminal of secrecy enhancing
CN110663216B (en) Cryptographic device and method
CN106656475A (en) Novel symmetric key algorithm for high speed encryption
CN105095695B (en) The incorrect behaviour realized via white box, which is realized, to be authorized
CN102449951B (en) For performing the method for cryptographic tasks in electronic building brick
US9391770B2 (en) Method of cryption
CN113268762B (en) Unconditional security authentication method based on LFSR hash
CN107147494A (en) A kind of method of the quantum dual signature based on the phased cryptographic operation of chain type
MAQABLEH Analysis and design security primitives based on chaotic systems for ecommerce
Faraoun Design of fast one-pass authenticated and randomized encryption schema using reversible cellular automata
CN105099693A (en) Transmission method and transmission device
CN113475034B (en) Circuit compiling apparatus and circuit evaluating apparatus
Tarawneh Cryptography: Recent Advances and Research Perspectives
Joshi et al. A randomized approach for cryptography
Chapman Using Graphic Based Systems to Improve Cryptographic Algorithms
Harrison et al. Tandem coding and cryptography on wiretap channels: EXIT chart analysis
Kumar et al. Chaotic dynamical systems based image encryption model

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant