CN109495244A - Anti- quantum calculation cryptographic key negotiation method based on pool of symmetric keys - Google Patents
Anti- quantum calculation cryptographic key negotiation method based on pool of symmetric keys Download PDFInfo
- Publication number
- CN109495244A CN109495244A CN201811203092.8A CN201811203092A CN109495244A CN 109495244 A CN109495244 A CN 109495244A CN 201811203092 A CN201811203092 A CN 201811203092A CN 109495244 A CN109495244 A CN 109495244A
- Authority
- CN
- China
- Prior art keywords
- key
- user
- pool
- parameter
- keys
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to a kind of anti-quantum calculation cryptographic key negotiation method based on pool of symmetric keys, including a plurality of clients, identical pool of keys is stored in the quantum key card of each user terminal configuration, and it interacts to obtain equal arranging key by each side's parameter and one's own side's pool of keys, and then realize the key agreement of user terminal two-by-two, quantum key card is independent hardware isolated equipment, substantially reduce Malware or a possibility that malicious operation steals key, it will not be obtained and be cracked by quantum computer, key agreement is realized using pool of keys between a plurality of clients, and then the key for realizing communicating pair is shared, communication security of the communicating pair in group is ensured.
Description
Technical field
The present invention relates to public-key cryptosystems and symmetric key pool technology, and in particular to field is Diffie-Hellman.This
Internet Key Exchange of the invention between communicating pair in realization group.
Background technique
The Internet of rapid development brings huge convenience to people's lives, work, and people can be sitting in family
It sent and received e-mail, made a phone call by Internet, carrying out the activities such as shopping online, bank transfer.The network information security simultaneously
It is increasingly becoming a potential huge problem.In general the network information is faced with following several security risks: the network information
It is stolen, information is tampered, attacker palms off information, malicious sabotage etc..
The key technology of the current guarantee network information security is exactly cryptographic technique, and in field of cryptography of today, it is main
Will there are two types of cryptographic system, first is that symmetric key cryptosystem, i.e. encryption key and decruption key use it is same.The other is
Public key cryptosystem, i.e. encryption key and decruption key difference, one of them can be disclosed.
The safety of symmetric key cryptosystem relies on following two factor.First, Encryption Algorithm must be it is sufficiently strong,
Being based only on ciphertext itself and removing solution confidential information is impossible in practice;Second, the safety of encryption method is from key
Secret, rather than the secret of algorithm.The problem of symmetric encryption system maximum be key distribution and management it is extremely complex,
It is of a high price.Symmetric encipherment algorithm, which has another disadvantage that, is not easily accomplished digital signature.So in current mobile e-business
Encryption Algorithm realization in field depends primarily on RSA arithmetic.
The encryption key pair (public key) and decryption key (private key) that Public Key Cryptographic Systems uses are different.Due to encryption
Key be it is disclosed, the distribution of key and management are just very simple, and Public Key Cryptographic Systems can also be easily carried out number
Signature.
Since public key encryption comes out, scholars propose many kinds of public key encryption methods, their safety is all base
In complicated difficult math question.Classified according to the difficult math question being based on, have following three classes system be presently believed to be safety and
It is effective: big integer factorization system (representative to have RSA), Discrete log systems (representative to have DSA) and ellipse from
It dissipates Logarithmic system (ECC).
But with the development of quantum computer, classical asymmetric-key encryption algorithm will be no longer safe, no matter encryption and decryption
Or private key can be calculated in key exchange method, quantum computer by public key, therefore currently used asymmetric close
Key will become cannot withstand a single blow in the quantum epoch.
Summary of the invention
A kind of anti-quantum calculation cryptographic key negotiation method based on pool of symmetric keys, including a plurality of clients, each user terminal are matched
It is stored with identical pool of keys in the quantum key card set, and by each side's parameter and one's own side's pool of keys interacts to obtain equal
Arranging key, and then realize the key agreement of user terminal two-by-two.
The description of quantum key card is visible, and application No. is the patents of " 201610843210.6 ".When for mobile terminal, amount
Sub-key card is preferably quantum key SD card;When for fixed terminal, quantum key card is preferably quantum key USBkey or master
Machine quantum key board.
In the present embodiment, the quantum key card side of issuing is the supervisor side of quantum key card, the generally administrative department of group,
Such as the administrative department of certain enterprise or public institution;The quantum key card side of being awarded is managed by the supervisor side of quantum key card
The employees at different levels of member, generally certain enterprise or public institution.Supervisor side's application that user terminal arrives quantum key card first is opened an account.
After user terminal carries out registering granted, quantum key card will be obtained (there is unique quantum key card ID).Quantum key
Card stores client enrollment register information, is also built-in with identity authentication protocol, includes at least key schedule and certification letter
Several or other algorithms relevant to authentication.User side key in quantum key card is all downloaded from down the same quantum network
Service station, and for the supervisor side of the same quantum key card, the pool of keys stored in each quantum key card issued
It is completely the same.Preferably, the pool of keys size stored in quantum key card can be 1G, 2G, 4G, 8G, 16G, 32G,
64G, 128G, 256G, 512G, 1024G, 2048G, 4096G etc..Its capacity depends on requirement of the supervisor side to safety, capacity
Bigger safety is higher.
Quantum key card is independent hardware isolated equipment, other relevant parameters such as public key, private key and true random number exist
It stores or generates in quantum key card, a possibility that stealing key by Malware or malicious operation substantially reduces, will not be by
Quantum computer is obtained and is cracked.In a plurality of clients, key agreement is realized using pool of keys between object, and then realize logical
Believe that the key of both sides is shared, has ensured communication security of the communicating pair in group.
Preferably, user A and user B realizes that the key agreement step of user terminal two-by-two includes:
The side's A parameter and the side's A public key encryption are sent to user B by the pool of keys of one's own side by user A;
User B decrypts to obtain the side's A parameter and the side's A public key, and obtains the side's B public key according to the side's B parameter and the side's A parameter;
User's B combination side A public key, the side's A parameter and the side's B parameter generate the side's B arranging key;Simultaneously user B by the side's B public key with
The key combining encryption that one's own side's pool of keys generates is transmitted to user A;
User A produces the side's A arranging key using the side's B public key and the side's A parameter;
Wherein, the side's A arranging key and the side's B arranging key are equal, mutually referred to as symmetric key.
Pool of symmetric keys in the present embodiment is made of the true random number of big data quantity, and data volume is 1GB or more, is stored in
In quantum key card.Wherein, quantum key card not only can store a large amount of data, also have the ability of processing information.For example,
All there is the algorithm of corresponding demand in the local system of user A and user B in the present embodiment.
Preferably, the side's A parameter is made of at least one of user A custom parameter, function and one's own side's true random number;B
Square parameter is made of at least one of user B custom parameter, function and one's own side's true random number.
Preferably, the function is basic function or custom function.
Preferably, it includes: user A that user A, which encrypts the encryption method of the side's A parameter and the side's A public key by the pool of keys of one's own side,
The side's A true random number combination key indicator algorithm is obtained into key seed pointer, using the key seed pointer from one's own side's pool of keys
It is middle to take out corresponding random number sequence as key seed, and it is close using key schedule calculating random number sequence to obtain the side A
Key, which encrypts the side's A parameter and the side's A public key obtains the side's A ciphertext.
Preferably, user A is by the pool of keys of one's own side by the hair for being sent to user B after the side's A parameter and the side's A public key encryption
Sending mode includes: that the side's A true random number and the side's A ciphertext are transmitted to the user B by user A.
Preferably, user B decrypts to obtain the side's A parameter and the method for the side's A public key to include: that the user B reception side A is truly random
The several and side's A ciphertext, obtains key seed pointer using the side's A true random number and corresponding key indicator algorithm, utilizes the key kind
Sub- pointer takes out corresponding random number sequence as key seed from one's own side's pool of keys, and using key schedule calculate with
Machine Number Sequence obtains the corresponding side's A key;It decrypts to obtain the side's A parameter and the side's A public key using the key pair side A, the side A cryptogram computation.
Preferably, user B by the side's B public key and one's own side's pool of keys combining encryption be transmitted to user's step A include: the side B very with
Machine number combination one's own side's pool of keys generates the side's B key, and key encryption side's B public key in the side's B obtains the side's B ciphertext.
The above-mentioned anti-quantum calculation cryptographic key negotiation method based on pool of symmetric keys, including a plurality of clients, each user terminal are matched
It is stored with identical pool of keys in the quantum key card set, and by each side's parameter and one's own side's pool of keys interacts to obtain equal
Arranging key, and then realize the key agreement of user terminal two-by-two, quantum key card is independent hardware isolated equipment, drops significantly
A possibility that low Malware or malicious operation steal key will not be obtained and be cracked by quantum computer, in multiple users
Key agreement is realized using pool of keys between end, and then the key for realizing communicating pair is shared, has ensured communicating pair in group
In communication security.
Detailed description of the invention
Fig. 1 is that the key of embodiment 1 exchanges flow chart;
Fig. 2 is the schematic diagram of encryption key generating process;
Fig. 3 is that the key of embodiment 2 exchanges flow chart.
Specific embodiment
The present invention realize scene be any two user possessed in identical pool of symmetric keys group at one, as user A,
User B.Pool of symmetric keys is made of the true random number of big data quantity, and data volume is 1GB or more, is stored in quantum key card.
Preferably, true random number is quantum random number.Quantum key card not only can store a large amount of data, also have processing information
Ability.In the present invention, to the algorithm that all there is corresponding demand in the local system of weevil and object second.
Embodiment 1
Step 1.1: user A generates public key and relevant parameter is sent to user B
Step 1.1.1: user A, which defines required parameter, calculates the side's A public key: user A defines an a Big prime p and several g,
G is the primitive root of mould p.User A generates private key of the truly random big integer a as the side A, and the side A public key A=g^ is obtained by calculation
Amod p, wherein a Big prime p and several g, the side A private key a be the side's A parameter.
Step 1.1.2: user A generates the side's A random number, and generate the side's A key: user A generates the side an A true random number r1,
Key seed pointer kp1 is obtained by key indicator algorithm fkp.User A is according to pointer kp1 from the symmetric key of local system
Corresponding random number sequence R1 is taken out in pond as key seed.User A calculates random number sequence using key schedule fk
R1 obtains the side A key k1.
Step 1.1.3: the user A encryption side's A public key and the side's A parameter, and it is sent to user B: user A is calculated
The side A key k1 encrypts the data splitting of { g, p, A } to obtain the side A ciphertext MA.User A is by the combination of { r1, MA } as association
Quotient's message is sent to user B.
Step 1.2: user B decryption parsing message simultaneously generates the side's B public key, the side's B privacy key is calculated, by the B of encryption
Square public key is sent to user A.Wherein privacy key is arranging key.
Step 1.2.1: user B reception message simultaneously parses: the negotiation that user B receives the key exchange from user A disappears
Breath { r1, MA } ' and r1 ' and MA are split out by rule '.
Step 1.2.2: user B is calculated the corresponding side's A key and decrypts the side's A ciphertext: user B is obtained using fractionation
Random sequence r1 ' obtains key seed pointer kp1 ' by corresponding key indicator algorithm fkp.User B is according to pointer kp1 '
Corresponding random number sequence R1 ' is taken out from the pool of symmetric keys of local system as key seed.User B is generated using key
Algorithm fk calculates random number sequence R1 ' and obtains key k1 '.User B calculates decryption to ciphertext MA ' using key k1 ' and obtains data
{ g, p, A } '.It splits data { g, p, A } ' and obtains Big prime p ', number g ' and public key A '.
Step 1.2.3: user B calculates the side's B public key: user B generates private key of the truly random big integer b as the side B, leads to
It crosses and the side B public key B=g ' ^b mod p ' is calculated, wherein the side's B parameter includes truly random big integer b.
Step 1.2.4: user B is calculated privacy key (side's B arranging key): privacy key Kb is calculated in user B
=A ' ^b modp '.
Step 1.2.5: user B generates the side's B random number, and generate the side's B key: user B generates the side's B true random number r2, passes through
Key indicator algorithm fkp obtains key seed pointer kp2.User B is according to pointer kp2 from the pool of symmetric keys of local system
Corresponding random number sequence R2 is taken out as key seed.User B calculates random number sequence R2 using key schedule fk and obtains
To the side B key k2.
Step 1.2.6: the user B encryption side's B public key, and it is sent to user A: user B k2 pairs of calculated key
Public key B is encrypted to obtain the side B ciphertext MB.The combination of { r2, MB } is sent to user A as the side's B negotiation message by user B.
Step 1.3: user A decryption parsing message simultaneously calculates arranging key
Step 1.3.1: user A reception message simultaneously parses: the negotiation that user A receives the key exchange from user B disappears
Breath { r2, MB } ' and r2 ' and MB are split out by rule '.
Step 1.3.2: user A is calculated key and decrypts the side's B ciphertext: the random number sequence that user A is obtained using fractionation
It arranges r2 ' and key seed pointer kp2 ' is obtained by corresponding key indicator algorithm fkp.User A is according to pointer kp2 ' from local
Corresponding random number sequence R2 ' is taken out in the pool of symmetric keys of system as key seed.User A utilizes key schedule fk
It calculates random number sequence R2 ' and obtains key k2 '.User A calculates decryption to the side B ciphertext MB ' using key k2 ' and obtains public key data
B’。
Step 1.3.3: user A is calculated the side's A privacy key (side's A arranging key): privacy key is calculated in user A
Ka=B ' ^amodp.
The privacy key Kb that the privacy key Ka and user B that user A is obtained are obtained is equal to g^ (a*b) modp, for each other
Symmetric key.
Embodiment 2
Step 2.1: user A generates the side's A public key and relevant parameter is sent to user B
Step 2.1.1: user A, which defines required parameter, calculates the side's A public key: user A defines prime number p > 3 and simultaneously selects two
Nonnegative integer a and b less than p.Construct elliptic curve E:y2=x3+ax+b.Meet 4a simultaneously3+27b2(modp) ≠ 0, this is ellipse
The rank n of circular curve is prime number, and n ≠ p, n ≠ pk- 1,1≤k≤20.User A defines oval group Ep (a, b).User A is selected
A first point out, i.e. basic point P (x, y).User A generates private key of the truly random integer e less than p as the side A, passes through calculating
Obtain the side A public key A=eP.The process of this step is with the calculation for existing elliptic curve.The side's A parameter includes Ep (a, b), base
Point P (x, y).
Step 2.1.2: user A generates the side's A random number, and generate the side's A key: user A generates the side an A true random number r1,
Key seed pointer kp1 is obtained by key indicator algorithm fkp.User A is according to pointer kp1 from the symmetric key of local system
Corresponding random number sequence R1 is taken out in pond as key seed.User A calculates random number sequence using key schedule fk
R1 obtains the side A key k1.
Step 2.1.3: the user A encryption side's A public key and relevant parameter, and be sent to user B: user A utilization and be calculated
The side A key k1 the data splitting of { Ep (a, b), P (x, y), A } is encrypted to obtain the side A ciphertext MA.User A is by { r1, MA }
Combination be sent to user B as negotiation message.
Step 2.2: user B decryption parsing message simultaneously generates the side's B public key, the side's B privacy key is calculated, by the B of encryption
Square public key is sent to user A
Step 2.2.1: user B reception message simultaneously parses: the negotiation that user B receives the key exchange from user A disappears
Breath { r1, MA } ' and r1 ' and MA are split out by rule '.
Step 2.2.2: user B is calculated the corresponding side's A key and decrypts the side's A ciphertext: user B is obtained using fractionation
Random sequence r1 ' obtains key seed pointer kp1 ' by corresponding key indicator algorithm fkp.User B is according to pointer kp1 '
Corresponding random number sequence R1 ' is taken out from the pool of symmetric keys of local system as key seed.User B is generated using key
Algorithm fk calculates random number sequence R1 ' and obtains key k1 '.User B calculates decryption to ciphertext MA ' using key k1 ' and obtains data
{ Ep (a, b), P (x, y), A } '.It splits data { Ep (a, b), P (x, y), A } ' and obtains oval group Ep ' (a, b), basic point P ' (x, y)
With public key A '.
Step 2.2.3: user B calculates public key: user B generates private key of the truly random big integer f as the side B, passes through
The side B public key B=fP ' is calculated.
Step 2.2.4: user B is calculated the side's B privacy key (side's B arranging key): privacy key is calculated in user B
Kb=fA '.
Step 2.2.5: user B generates random number, and generate the side's B key: user B generates the side's B true random number r2, passes through key
Pointer algorithm fkp obtains key seed pointer kp2.User B takes out from the pool of symmetric keys of local system according to pointer kp2
Corresponding random number sequence R2 is as key seed.User B calculates random number sequence R2 using key schedule fk and obtains the side B
Key k2.
Step 2.2.6: the user B encryption side's B public key, and it is sent to user A: user B k2 pairs of calculated key
Public key B is encrypted to obtain the side B ciphertext MB.The combination of { r2, MB } is sent to user A as the side's B negotiation message by user B.
Step 2.3: user A decryption parsing message simultaneously calculates arranging key
Step 2.3.1: user A reception message simultaneously parses: the negotiation that user A receives the key exchange from user B disappears
Breath { r2, MB } ' and r2 ' and MB are split out by rule '.
Step 2.3.2: user A is calculated key and decrypts ciphertext: the random number sequence that user A is obtained using fractionation
R2 ' obtains key seed pointer kp2 ' by corresponding key indicator algorithm fkp.User A is according to pointer kp2 ' from local system
Corresponding random number sequence R2 ' is taken out in the pool of symmetric keys of system as key seed.User A is counted using key schedule fk
It calculates random number sequence R2 ' and obtains key k2 '.User A calculates decryption to ciphertext MB ' using key k2 ' and obtains public key data B '.
Step 2.3.3: privacy key is calculated in user A: privacy key Ka=eB ' is calculated in user A.
The privacy key Ka that user A is obtained is equal with the privacy key Kb that user B is obtained, and is mutually symmetrical key.
Wherein, privacy key is arranging key.
Quantum key card is developed from smart card techniques, is combined with quantum physics technology and (it is random to be carried quantum
In the case where number generator), cryptological technique, the authentication of hardware security isolation technology and encryption and decryption product.Quantum key
The embedded chip and operating system of card can provide the functions such as secure storage and the cryptographic algorithm of key.Since it is with independent
Data-handling capacity and good safety, quantum key card become the safety barrier of private key and pool of keys.Each quantum is close
Key card has the protection of hardware PIN code, and PIN code and hardware constitute two necessary factors that user uses quantum key card.That is institute
It calls " double factor authentication ", user only has while obtaining the quantum key card and user's PIN code that save relevant authentication information, just may be used
With login system.Even if the PIN code of user is leaked, as long as the quantum key card that user holds is not stolen, legitimate user's
Identity would not be counterfeit;If the quantum key card of user is lost, the person of picking up can not also imitate due to not knowing user's PIN code
Emit the identity of legitimate user.
In the present invention, the quantum key card used is independent hardware isolated equipment.Public key, private key and true random number etc. its
A possibility that his relevant parameter stores in quantum key card or generates, steal key by Malware or malicious operation is significantly
It reduces, will not be obtained and be cracked by quantum computer.Due to public key and relevant parameter be in the form of ciphertext in a network
Transmission, the encryption key of every message is different, so ciphertext content is stolen, a possibility that cracking is lower.It is right in group
As realizing key agreement using an asymmetric key exchange mode, the key for realizing communicating pair is shared, has ensured that communication is double
Communication security of the side in group.
Disclosed above is only the embodiment of the present invention, but the present invention is not limited to this, those skilled in the art
Various changes and modifications can be made to the invention without departing from the spirit and scope of the present invention.These obvious modification and variations are equal
Should belong to the present invention claims protection scope protection in.In addition, although being used some specific terms in this specification, this
A little terms merely for convenience of description, are not constituted the present invention any specifically limited.
Claims (8)
1. a kind of anti-quantum calculation cryptographic key negotiation method based on pool of symmetric keys, which is characterized in that including a plurality of clients, respectively
It is stored with identical pool of keys in the quantum key card of user terminal configuration, and is interacted by each side's parameter and one's own side's pool of keys
Equal arranging key is obtained, and then realizes the key agreement of user terminal two-by-two.
2. the anti-quantum calculation cryptographic key negotiation method according to claim 1 based on pool of symmetric keys, which is characterized in that use
Family A and user B realizes that the key agreement step of user terminal two-by-two includes:
The side's A parameter and the side's A public key encryption are sent to user B by the pool of keys of one's own side by user A;
User B decrypts to obtain the side's A parameter and the side's A public key, and obtains the side's B public key according to the side's B parameter and the side's A parameter;
User's B combination side A public key, the side's A parameter and the side's B parameter generate the side's B arranging key;User B is by the side's B public key and one's own side simultaneously
The key combining encryption that pool of keys generates is transmitted to user A;
User A produces the side's A arranging key using the side's B public key and the side's A parameter;
Wherein, the side's A arranging key and the side's B arranging key are equal, mutually referred to as symmetric key.
3. the anti-quantum calculation cryptographic key negotiation method according to claim 2 based on pool of symmetric keys, which is characterized in that A
Square parameter is made of at least one of user A custom parameter, function and one's own side's true random number;The side's B parameter is made by oneself by user B
At least one of adopted parameter, function and one's own side's true random number composition.
4. the anti-quantum calculation cryptographic key negotiation method according to claim 3 based on pool of symmetric keys, which is characterized in that institute
Stating function is basic function or custom function.
5. the anti-quantum calculation cryptographic key negotiation method according to claim 3 based on pool of symmetric keys, which is characterized in that use
Family A includes: that user A combines the side's A true random number by the encryption method that the pool of keys of one's own side encrypts the side's A parameter and the side's A public key
Key indicator algorithm obtains key seed pointer, is taken out from one's own side's pool of keys using the key seed pointer corresponding random
Number Sequence calculates random number sequence using key schedule and obtains the side's A key as key seed, the side's A key encryption
The side's A parameter and the side's A public key obtain the side's A ciphertext.
6. the anti-quantum calculation cryptographic key negotiation method according to claim 5 based on pool of symmetric keys, which is characterized in that use
The sending method for being sent to user B after the side's A parameter and the side's A public key encryption is included: user A by the pool of keys of one's own side by family A
The side's A true random number and the side's A ciphertext are transmitted to the user B.
7. the anti-quantum calculation cryptographic key negotiation method according to claim 6 based on pool of symmetric keys, which is characterized in that use
Family B decrypts to obtain the side's A parameter and the method for the side's A public key to include: that user B receives the side's A true random number and the side's A ciphertext, utilizes A
Square true random number and corresponding key indicator algorithm obtain key seed pointer, using the key seed pointer from one's own side's pool of keys
It is middle to take out corresponding random number sequence as key seed, and obtained using key schedule calculating random number sequence corresponding
The side's A key;It decrypts to obtain the side's A parameter and the side's A public key using the key pair side A, the side A cryptogram computation.
8. the anti-quantum calculation cryptographic key negotiation method according to claim 7 based on pool of symmetric keys, which is characterized in that use
It includes: one's own side's pool of keys in conjunction with the side's B true random number that the side's B public key is transmitted to user's step A with one's own side's pool of keys combining encryption by family B
The side's B key is generated, key encryption side's B public key in the side's B obtains the side's B ciphertext.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811203092.8A CN109495244A (en) | 2018-10-16 | 2018-10-16 | Anti- quantum calculation cryptographic key negotiation method based on pool of symmetric keys |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811203092.8A CN109495244A (en) | 2018-10-16 | 2018-10-16 | Anti- quantum calculation cryptographic key negotiation method based on pool of symmetric keys |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109495244A true CN109495244A (en) | 2019-03-19 |
Family
ID=65689827
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811203092.8A Pending CN109495244A (en) | 2018-10-16 | 2018-10-16 | Anti- quantum calculation cryptographic key negotiation method based on pool of symmetric keys |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109495244A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110061980A (en) * | 2019-04-02 | 2019-07-26 | 如般量子科技有限公司 | Anti- quantum calculation wired home energy-saving communication method and system based on key card |
CN110266483A (en) * | 2019-06-25 | 2019-09-20 | 如般量子科技有限公司 | Based on unsymmetrical key pond to and the quantum communications service station cryptographic key negotiation method of QKD, system, equipment |
CN110519046A (en) * | 2019-07-12 | 2019-11-29 | 如般量子科技有限公司 | Quantum communications service station cryptographic key negotiation method and system based on disposable asymmetric key pair and QKD |
CN110601845A (en) * | 2019-08-28 | 2019-12-20 | 如般量子科技有限公司 | Anti-quantum computation RFID authentication method and system based on symmetric key pool and ECC |
Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101383699A (en) * | 2008-10-22 | 2009-03-11 | 广州大学 | Cipher key pre-distributing method for sensor network |
US20090092252A1 (en) * | 2007-04-12 | 2009-04-09 | Landon Curt Noll | Method and System for Identifying and Managing Keys |
CN105024807A (en) * | 2014-04-30 | 2015-11-04 | 宇龙计算机通信科技(深圳)有限公司 | Data processing method and system |
CN106452740A (en) * | 2016-09-23 | 2017-02-22 | 浙江神州量子网络科技有限公司 | Quantum communication service station, quantum key management device, key configuration network, and key configuration method |
CN107086907A (en) * | 2016-02-15 | 2017-08-22 | 阿里巴巴集团控股有限公司 | Key synchronization, encapsulation transmission method and device for quantum key distribution process |
CN107947933A (en) * | 2018-01-11 | 2018-04-20 | 浙江九州量子信息技术股份有限公司 | A kind of first hyposynchronous method of key between terminal system |
CN108173649A (en) * | 2018-01-10 | 2018-06-15 | 如般量子科技有限公司 | A kind of message authentication method and system based on quantum key card |
CN108540436A (en) * | 2018-01-10 | 2018-09-14 | 如般量子科技有限公司 | The communication system and communication means of the transmission of information encryption and decryption are realized based on quantum network |
CN108599926A (en) * | 2018-03-20 | 2018-09-28 | 如般量子科技有限公司 | A kind of HTTP-Digest modified AKA identity authorization systems and method based on pool of symmetric keys |
CN108616350A (en) * | 2018-03-20 | 2018-10-02 | 如般量子科技有限公司 | A kind of HTTP-Digest class AKA identity authorization systems and method based on pool of symmetric keys |
CN108632042A (en) * | 2018-03-20 | 2018-10-09 | 如般量子科技有限公司 | A kind of class AKA identity authorization systems and method based on pool of symmetric keys |
-
2018
- 2018-10-16 CN CN201811203092.8A patent/CN109495244A/en active Pending
Patent Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090092252A1 (en) * | 2007-04-12 | 2009-04-09 | Landon Curt Noll | Method and System for Identifying and Managing Keys |
CN101383699A (en) * | 2008-10-22 | 2009-03-11 | 广州大学 | Cipher key pre-distributing method for sensor network |
CN105024807A (en) * | 2014-04-30 | 2015-11-04 | 宇龙计算机通信科技(深圳)有限公司 | Data processing method and system |
CN107086907A (en) * | 2016-02-15 | 2017-08-22 | 阿里巴巴集团控股有限公司 | Key synchronization, encapsulation transmission method and device for quantum key distribution process |
CN106452740A (en) * | 2016-09-23 | 2017-02-22 | 浙江神州量子网络科技有限公司 | Quantum communication service station, quantum key management device, key configuration network, and key configuration method |
CN108173649A (en) * | 2018-01-10 | 2018-06-15 | 如般量子科技有限公司 | A kind of message authentication method and system based on quantum key card |
CN108540436A (en) * | 2018-01-10 | 2018-09-14 | 如般量子科技有限公司 | The communication system and communication means of the transmission of information encryption and decryption are realized based on quantum network |
CN107947933A (en) * | 2018-01-11 | 2018-04-20 | 浙江九州量子信息技术股份有限公司 | A kind of first hyposynchronous method of key between terminal system |
CN108599926A (en) * | 2018-03-20 | 2018-09-28 | 如般量子科技有限公司 | A kind of HTTP-Digest modified AKA identity authorization systems and method based on pool of symmetric keys |
CN108616350A (en) * | 2018-03-20 | 2018-10-02 | 如般量子科技有限公司 | A kind of HTTP-Digest class AKA identity authorization systems and method based on pool of symmetric keys |
CN108632042A (en) * | 2018-03-20 | 2018-10-09 | 如般量子科技有限公司 | A kind of class AKA identity authorization systems and method based on pool of symmetric keys |
Non-Patent Citations (5)
Title |
---|
ZHAO JINCHAO ET AL.: ""Research on Key Predistribution Scheme of Wireless Sensor Networks"", 《2012 FIFTH INTERNATIONAL CONFERENCE ON INTELLIGENT COMPUTATION TECHNOLOGY AND AUTOMATION》 * |
孙茂华: "《集合运算中的隐私保护问题研究》", 31 May 2018 * |
曾萍 等: ""WSN 中基于ECC的轻量级认证密钥协商协议"", 《计算机工程与应用》 * |
杨庚 等: ""一种有效的无线传感器网络密钥协商方案"", 《电子学报》 * |
谷利泽 等: "《现代密码学教程》", 31 March 2015 * |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110061980A (en) * | 2019-04-02 | 2019-07-26 | 如般量子科技有限公司 | Anti- quantum calculation wired home energy-saving communication method and system based on key card |
CN110266483A (en) * | 2019-06-25 | 2019-09-20 | 如般量子科技有限公司 | Based on unsymmetrical key pond to and the quantum communications service station cryptographic key negotiation method of QKD, system, equipment |
CN110266483B (en) * | 2019-06-25 | 2023-06-06 | 如般量子科技有限公司 | Quantum communication service station key negotiation method, system and device based on asymmetric key pool pair and QKD |
CN110519046A (en) * | 2019-07-12 | 2019-11-29 | 如般量子科技有限公司 | Quantum communications service station cryptographic key negotiation method and system based on disposable asymmetric key pair and QKD |
CN110519046B (en) * | 2019-07-12 | 2023-10-13 | 如般量子科技有限公司 | Quantum communication service station key negotiation method and system based on one-time asymmetric key pair and QKD |
CN110601845A (en) * | 2019-08-28 | 2019-12-20 | 如般量子科技有限公司 | Anti-quantum computation RFID authentication method and system based on symmetric key pool and ECC |
CN110601845B (en) * | 2019-08-28 | 2022-11-15 | 如般量子科技有限公司 | Anti-quantum computation RFID authentication method and system based on symmetric key pool and ECC |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106961336B (en) | A kind of key components trustship method and system based on SM2 algorithm | |
CN109450623A (en) | Anti- quantum calculation cryptographic key negotiation method based on unsymmetrical key pond | |
CN109728906B (en) | Anti-quantum-computation asymmetric encryption method and system based on asymmetric key pool | |
CN109818749B (en) | Quantum computation resistant point-to-point message transmission method and system based on symmetric key pool | |
CN109151053A (en) | Anti- quantum calculation cloud storage method and system based on public asymmetric key pond | |
CN107124268A (en) | A kind of privacy set common factor computational methods for resisting malicious attack | |
CN103124269A (en) | Bidirectional identity authentication method based on dynamic password and biologic features under cloud environment | |
CN109921905B (en) | Anti-quantum computation key negotiation method and system based on private key pool | |
CN109495244A (en) | Anti- quantum calculation cryptographic key negotiation method based on pool of symmetric keys | |
CN110519046A (en) | Quantum communications service station cryptographic key negotiation method and system based on disposable asymmetric key pair and QKD | |
CN109787758B (en) | Anti-quantum computation MQV key agreement method and system based on private key pool and Elgamal | |
CN109936456B (en) | Anti-quantum computation digital signature method and system based on private key pool | |
CN106130716A (en) | Cipher key exchange system based on authentication information and method | |
CN110535626B (en) | Secret communication method and system for identity-based quantum communication service station | |
CN109660338A (en) | Anti- quantum calculation digital signature method and anti-quantum calculation digital signature system based on pool of symmetric keys | |
CN109905229B (en) | Anti-quantum computing Elgamal encryption and decryption method and system based on group asymmetric key pool | |
CN110519226B (en) | Quantum communication server secret communication method and system based on asymmetric key pool and implicit certificate | |
CN109728905B (en) | Anti-quantum computation MQV key negotiation method and system based on asymmetric key pool | |
CN109951274A (en) | The point-to-point method for message transmission of anti-quantum calculation and system based on private key pond | |
CN102594551A (en) | Method for reliable statistics of privacy data on radio frequency identification (RFID) tag | |
CN109347923A (en) | Anti- quantum calculation cloud storage method and system based on unsymmetrical key pond | |
CN110176989A (en) | Quantum communications service station identity identifying method and system based on unsymmetrical key pond | |
US20040120519A1 (en) | Method for enhancing security of public key encryption schemas | |
EP3711255A1 (en) | Device, system and method for secure data communication | |
CN110519040B (en) | Anti-quantum computation digital signature method and system based on identity |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190319 |