CN109495244A - Anti- quantum calculation cryptographic key negotiation method based on pool of symmetric keys - Google Patents

Anti- quantum calculation cryptographic key negotiation method based on pool of symmetric keys Download PDF

Info

Publication number
CN109495244A
CN109495244A CN201811203092.8A CN201811203092A CN109495244A CN 109495244 A CN109495244 A CN 109495244A CN 201811203092 A CN201811203092 A CN 201811203092A CN 109495244 A CN109495244 A CN 109495244A
Authority
CN
China
Prior art keywords
key
user
pool
parameter
keys
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811203092.8A
Other languages
Chinese (zh)
Inventor
富尧
钟民
钟一民
余秋炜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruban Quantum Technology Co Ltd
Original Assignee
Ruban Quantum Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ruban Quantum Technology Co Ltd filed Critical Ruban Quantum Technology Co Ltd
Priority to CN201811203092.8A priority Critical patent/CN109495244A/en
Publication of CN109495244A publication Critical patent/CN109495244A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to a kind of anti-quantum calculation cryptographic key negotiation method based on pool of symmetric keys, including a plurality of clients, identical pool of keys is stored in the quantum key card of each user terminal configuration, and it interacts to obtain equal arranging key by each side's parameter and one's own side's pool of keys, and then realize the key agreement of user terminal two-by-two, quantum key card is independent hardware isolated equipment, substantially reduce Malware or a possibility that malicious operation steals key, it will not be obtained and be cracked by quantum computer, key agreement is realized using pool of keys between a plurality of clients, and then the key for realizing communicating pair is shared, communication security of the communicating pair in group is ensured.

Description

Anti- quantum calculation cryptographic key negotiation method based on pool of symmetric keys
Technical field
The present invention relates to public-key cryptosystems and symmetric key pool technology, and in particular to field is Diffie-Hellman.This Internet Key Exchange of the invention between communicating pair in realization group.
Background technique
The Internet of rapid development brings huge convenience to people's lives, work, and people can be sitting in family It sent and received e-mail, made a phone call by Internet, carrying out the activities such as shopping online, bank transfer.The network information security simultaneously It is increasingly becoming a potential huge problem.In general the network information is faced with following several security risks: the network information It is stolen, information is tampered, attacker palms off information, malicious sabotage etc..
The key technology of the current guarantee network information security is exactly cryptographic technique, and in field of cryptography of today, it is main Will there are two types of cryptographic system, first is that symmetric key cryptosystem, i.e. encryption key and decruption key use it is same.The other is Public key cryptosystem, i.e. encryption key and decruption key difference, one of them can be disclosed.
The safety of symmetric key cryptosystem relies on following two factor.First, Encryption Algorithm must be it is sufficiently strong, Being based only on ciphertext itself and removing solution confidential information is impossible in practice;Second, the safety of encryption method is from key Secret, rather than the secret of algorithm.The problem of symmetric encryption system maximum be key distribution and management it is extremely complex, It is of a high price.Symmetric encipherment algorithm, which has another disadvantage that, is not easily accomplished digital signature.So in current mobile e-business Encryption Algorithm realization in field depends primarily on RSA arithmetic.
The encryption key pair (public key) and decryption key (private key) that Public Key Cryptographic Systems uses are different.Due to encryption Key be it is disclosed, the distribution of key and management are just very simple, and Public Key Cryptographic Systems can also be easily carried out number Signature.
Since public key encryption comes out, scholars propose many kinds of public key encryption methods, their safety is all base In complicated difficult math question.Classified according to the difficult math question being based on, have following three classes system be presently believed to be safety and It is effective: big integer factorization system (representative to have RSA), Discrete log systems (representative to have DSA) and ellipse from It dissipates Logarithmic system (ECC).
But with the development of quantum computer, classical asymmetric-key encryption algorithm will be no longer safe, no matter encryption and decryption Or private key can be calculated in key exchange method, quantum computer by public key, therefore currently used asymmetric close Key will become cannot withstand a single blow in the quantum epoch.
Summary of the invention
A kind of anti-quantum calculation cryptographic key negotiation method based on pool of symmetric keys, including a plurality of clients, each user terminal are matched It is stored with identical pool of keys in the quantum key card set, and by each side's parameter and one's own side's pool of keys interacts to obtain equal Arranging key, and then realize the key agreement of user terminal two-by-two.
The description of quantum key card is visible, and application No. is the patents of " 201610843210.6 ".When for mobile terminal, amount Sub-key card is preferably quantum key SD card;When for fixed terminal, quantum key card is preferably quantum key USBkey or master Machine quantum key board.
In the present embodiment, the quantum key card side of issuing is the supervisor side of quantum key card, the generally administrative department of group, Such as the administrative department of certain enterprise or public institution;The quantum key card side of being awarded is managed by the supervisor side of quantum key card The employees at different levels of member, generally certain enterprise or public institution.Supervisor side's application that user terminal arrives quantum key card first is opened an account. After user terminal carries out registering granted, quantum key card will be obtained (there is unique quantum key card ID).Quantum key Card stores client enrollment register information, is also built-in with identity authentication protocol, includes at least key schedule and certification letter Several or other algorithms relevant to authentication.User side key in quantum key card is all downloaded from down the same quantum network Service station, and for the supervisor side of the same quantum key card, the pool of keys stored in each quantum key card issued It is completely the same.Preferably, the pool of keys size stored in quantum key card can be 1G, 2G, 4G, 8G, 16G, 32G, 64G, 128G, 256G, 512G, 1024G, 2048G, 4096G etc..Its capacity depends on requirement of the supervisor side to safety, capacity Bigger safety is higher.
Quantum key card is independent hardware isolated equipment, other relevant parameters such as public key, private key and true random number exist It stores or generates in quantum key card, a possibility that stealing key by Malware or malicious operation substantially reduces, will not be by Quantum computer is obtained and is cracked.In a plurality of clients, key agreement is realized using pool of keys between object, and then realize logical Believe that the key of both sides is shared, has ensured communication security of the communicating pair in group.
Preferably, user A and user B realizes that the key agreement step of user terminal two-by-two includes:
The side's A parameter and the side's A public key encryption are sent to user B by the pool of keys of one's own side by user A;
User B decrypts to obtain the side's A parameter and the side's A public key, and obtains the side's B public key according to the side's B parameter and the side's A parameter;
User's B combination side A public key, the side's A parameter and the side's B parameter generate the side's B arranging key;Simultaneously user B by the side's B public key with The key combining encryption that one's own side's pool of keys generates is transmitted to user A;
User A produces the side's A arranging key using the side's B public key and the side's A parameter;
Wherein, the side's A arranging key and the side's B arranging key are equal, mutually referred to as symmetric key.
Pool of symmetric keys in the present embodiment is made of the true random number of big data quantity, and data volume is 1GB or more, is stored in In quantum key card.Wherein, quantum key card not only can store a large amount of data, also have the ability of processing information.For example, All there is the algorithm of corresponding demand in the local system of user A and user B in the present embodiment.
Preferably, the side's A parameter is made of at least one of user A custom parameter, function and one's own side's true random number;B Square parameter is made of at least one of user B custom parameter, function and one's own side's true random number.
Preferably, the function is basic function or custom function.
Preferably, it includes: user A that user A, which encrypts the encryption method of the side's A parameter and the side's A public key by the pool of keys of one's own side, The side's A true random number combination key indicator algorithm is obtained into key seed pointer, using the key seed pointer from one's own side's pool of keys It is middle to take out corresponding random number sequence as key seed, and it is close using key schedule calculating random number sequence to obtain the side A Key, which encrypts the side's A parameter and the side's A public key obtains the side's A ciphertext.
Preferably, user A is by the pool of keys of one's own side by the hair for being sent to user B after the side's A parameter and the side's A public key encryption Sending mode includes: that the side's A true random number and the side's A ciphertext are transmitted to the user B by user A.
Preferably, user B decrypts to obtain the side's A parameter and the method for the side's A public key to include: that the user B reception side A is truly random The several and side's A ciphertext, obtains key seed pointer using the side's A true random number and corresponding key indicator algorithm, utilizes the key kind Sub- pointer takes out corresponding random number sequence as key seed from one's own side's pool of keys, and using key schedule calculate with Machine Number Sequence obtains the corresponding side's A key;It decrypts to obtain the side's A parameter and the side's A public key using the key pair side A, the side A cryptogram computation.
Preferably, user B by the side's B public key and one's own side's pool of keys combining encryption be transmitted to user's step A include: the side B very with Machine number combination one's own side's pool of keys generates the side's B key, and key encryption side's B public key in the side's B obtains the side's B ciphertext.
The above-mentioned anti-quantum calculation cryptographic key negotiation method based on pool of symmetric keys, including a plurality of clients, each user terminal are matched It is stored with identical pool of keys in the quantum key card set, and by each side's parameter and one's own side's pool of keys interacts to obtain equal Arranging key, and then realize the key agreement of user terminal two-by-two, quantum key card is independent hardware isolated equipment, drops significantly A possibility that low Malware or malicious operation steal key will not be obtained and be cracked by quantum computer, in multiple users Key agreement is realized using pool of keys between end, and then the key for realizing communicating pair is shared, has ensured communicating pair in group In communication security.
Detailed description of the invention
Fig. 1 is that the key of embodiment 1 exchanges flow chart;
Fig. 2 is the schematic diagram of encryption key generating process;
Fig. 3 is that the key of embodiment 2 exchanges flow chart.
Specific embodiment
The present invention realize scene be any two user possessed in identical pool of symmetric keys group at one, as user A, User B.Pool of symmetric keys is made of the true random number of big data quantity, and data volume is 1GB or more, is stored in quantum key card. Preferably, true random number is quantum random number.Quantum key card not only can store a large amount of data, also have processing information Ability.In the present invention, to the algorithm that all there is corresponding demand in the local system of weevil and object second.
Embodiment 1
Step 1.1: user A generates public key and relevant parameter is sent to user B
Step 1.1.1: user A, which defines required parameter, calculates the side's A public key: user A defines an a Big prime p and several g, G is the primitive root of mould p.User A generates private key of the truly random big integer a as the side A, and the side A public key A=g^ is obtained by calculation Amod p, wherein a Big prime p and several g, the side A private key a be the side's A parameter.
Step 1.1.2: user A generates the side's A random number, and generate the side's A key: user A generates the side an A true random number r1, Key seed pointer kp1 is obtained by key indicator algorithm fkp.User A is according to pointer kp1 from the symmetric key of local system Corresponding random number sequence R1 is taken out in pond as key seed.User A calculates random number sequence using key schedule fk R1 obtains the side A key k1.
Step 1.1.3: the user A encryption side's A public key and the side's A parameter, and it is sent to user B: user A is calculated The side A key k1 encrypts the data splitting of { g, p, A } to obtain the side A ciphertext MA.User A is by the combination of { r1, MA } as association Quotient's message is sent to user B.
Step 1.2: user B decryption parsing message simultaneously generates the side's B public key, the side's B privacy key is calculated, by the B of encryption Square public key is sent to user A.Wherein privacy key is arranging key.
Step 1.2.1: user B reception message simultaneously parses: the negotiation that user B receives the key exchange from user A disappears Breath { r1, MA } ' and r1 ' and MA are split out by rule '.
Step 1.2.2: user B is calculated the corresponding side's A key and decrypts the side's A ciphertext: user B is obtained using fractionation Random sequence r1 ' obtains key seed pointer kp1 ' by corresponding key indicator algorithm fkp.User B is according to pointer kp1 ' Corresponding random number sequence R1 ' is taken out from the pool of symmetric keys of local system as key seed.User B is generated using key Algorithm fk calculates random number sequence R1 ' and obtains key k1 '.User B calculates decryption to ciphertext MA ' using key k1 ' and obtains data { g, p, A } '.It splits data { g, p, A } ' and obtains Big prime p ', number g ' and public key A '.
Step 1.2.3: user B calculates the side's B public key: user B generates private key of the truly random big integer b as the side B, leads to It crosses and the side B public key B=g ' ^b mod p ' is calculated, wherein the side's B parameter includes truly random big integer b.
Step 1.2.4: user B is calculated privacy key (side's B arranging key): privacy key Kb is calculated in user B =A ' ^b modp '.
Step 1.2.5: user B generates the side's B random number, and generate the side's B key: user B generates the side's B true random number r2, passes through Key indicator algorithm fkp obtains key seed pointer kp2.User B is according to pointer kp2 from the pool of symmetric keys of local system Corresponding random number sequence R2 is taken out as key seed.User B calculates random number sequence R2 using key schedule fk and obtains To the side B key k2.
Step 1.2.6: the user B encryption side's B public key, and it is sent to user A: user B k2 pairs of calculated key Public key B is encrypted to obtain the side B ciphertext MB.The combination of { r2, MB } is sent to user A as the side's B negotiation message by user B.
Step 1.3: user A decryption parsing message simultaneously calculates arranging key
Step 1.3.1: user A reception message simultaneously parses: the negotiation that user A receives the key exchange from user B disappears Breath { r2, MB } ' and r2 ' and MB are split out by rule '.
Step 1.3.2: user A is calculated key and decrypts the side's B ciphertext: the random number sequence that user A is obtained using fractionation It arranges r2 ' and key seed pointer kp2 ' is obtained by corresponding key indicator algorithm fkp.User A is according to pointer kp2 ' from local Corresponding random number sequence R2 ' is taken out in the pool of symmetric keys of system as key seed.User A utilizes key schedule fk It calculates random number sequence R2 ' and obtains key k2 '.User A calculates decryption to the side B ciphertext MB ' using key k2 ' and obtains public key data B’。
Step 1.3.3: user A is calculated the side's A privacy key (side's A arranging key): privacy key is calculated in user A Ka=B ' ^amodp.
The privacy key Kb that the privacy key Ka and user B that user A is obtained are obtained is equal to g^ (a*b) modp, for each other Symmetric key.
Embodiment 2
Step 2.1: user A generates the side's A public key and relevant parameter is sent to user B
Step 2.1.1: user A, which defines required parameter, calculates the side's A public key: user A defines prime number p > 3 and simultaneously selects two Nonnegative integer a and b less than p.Construct elliptic curve E:y2=x3+ax+b.Meet 4a simultaneously3+27b2(modp) ≠ 0, this is ellipse The rank n of circular curve is prime number, and n ≠ p, n ≠ pk- 1,1≤k≤20.User A defines oval group Ep (a, b).User A is selected A first point out, i.e. basic point P (x, y).User A generates private key of the truly random integer e less than p as the side A, passes through calculating Obtain the side A public key A=eP.The process of this step is with the calculation for existing elliptic curve.The side's A parameter includes Ep (a, b), base Point P (x, y).
Step 2.1.2: user A generates the side's A random number, and generate the side's A key: user A generates the side an A true random number r1, Key seed pointer kp1 is obtained by key indicator algorithm fkp.User A is according to pointer kp1 from the symmetric key of local system Corresponding random number sequence R1 is taken out in pond as key seed.User A calculates random number sequence using key schedule fk R1 obtains the side A key k1.
Step 2.1.3: the user A encryption side's A public key and relevant parameter, and be sent to user B: user A utilization and be calculated The side A key k1 the data splitting of { Ep (a, b), P (x, y), A } is encrypted to obtain the side A ciphertext MA.User A is by { r1, MA } Combination be sent to user B as negotiation message.
Step 2.2: user B decryption parsing message simultaneously generates the side's B public key, the side's B privacy key is calculated, by the B of encryption Square public key is sent to user A
Step 2.2.1: user B reception message simultaneously parses: the negotiation that user B receives the key exchange from user A disappears Breath { r1, MA } ' and r1 ' and MA are split out by rule '.
Step 2.2.2: user B is calculated the corresponding side's A key and decrypts the side's A ciphertext: user B is obtained using fractionation Random sequence r1 ' obtains key seed pointer kp1 ' by corresponding key indicator algorithm fkp.User B is according to pointer kp1 ' Corresponding random number sequence R1 ' is taken out from the pool of symmetric keys of local system as key seed.User B is generated using key Algorithm fk calculates random number sequence R1 ' and obtains key k1 '.User B calculates decryption to ciphertext MA ' using key k1 ' and obtains data { Ep (a, b), P (x, y), A } '.It splits data { Ep (a, b), P (x, y), A } ' and obtains oval group Ep ' (a, b), basic point P ' (x, y) With public key A '.
Step 2.2.3: user B calculates public key: user B generates private key of the truly random big integer f as the side B, passes through The side B public key B=fP ' is calculated.
Step 2.2.4: user B is calculated the side's B privacy key (side's B arranging key): privacy key is calculated in user B Kb=fA '.
Step 2.2.5: user B generates random number, and generate the side's B key: user B generates the side's B true random number r2, passes through key Pointer algorithm fkp obtains key seed pointer kp2.User B takes out from the pool of symmetric keys of local system according to pointer kp2 Corresponding random number sequence R2 is as key seed.User B calculates random number sequence R2 using key schedule fk and obtains the side B Key k2.
Step 2.2.6: the user B encryption side's B public key, and it is sent to user A: user B k2 pairs of calculated key Public key B is encrypted to obtain the side B ciphertext MB.The combination of { r2, MB } is sent to user A as the side's B negotiation message by user B.
Step 2.3: user A decryption parsing message simultaneously calculates arranging key
Step 2.3.1: user A reception message simultaneously parses: the negotiation that user A receives the key exchange from user B disappears Breath { r2, MB } ' and r2 ' and MB are split out by rule '.
Step 2.3.2: user A is calculated key and decrypts ciphertext: the random number sequence that user A is obtained using fractionation R2 ' obtains key seed pointer kp2 ' by corresponding key indicator algorithm fkp.User A is according to pointer kp2 ' from local system Corresponding random number sequence R2 ' is taken out in the pool of symmetric keys of system as key seed.User A is counted using key schedule fk It calculates random number sequence R2 ' and obtains key k2 '.User A calculates decryption to ciphertext MB ' using key k2 ' and obtains public key data B '.
Step 2.3.3: privacy key is calculated in user A: privacy key Ka=eB ' is calculated in user A.
The privacy key Ka that user A is obtained is equal with the privacy key Kb that user B is obtained, and is mutually symmetrical key.
Wherein, privacy key is arranging key.
Quantum key card is developed from smart card techniques, is combined with quantum physics technology and (it is random to be carried quantum In the case where number generator), cryptological technique, the authentication of hardware security isolation technology and encryption and decryption product.Quantum key The embedded chip and operating system of card can provide the functions such as secure storage and the cryptographic algorithm of key.Since it is with independent Data-handling capacity and good safety, quantum key card become the safety barrier of private key and pool of keys.Each quantum is close Key card has the protection of hardware PIN code, and PIN code and hardware constitute two necessary factors that user uses quantum key card.That is institute It calls " double factor authentication ", user only has while obtaining the quantum key card and user's PIN code that save relevant authentication information, just may be used With login system.Even if the PIN code of user is leaked, as long as the quantum key card that user holds is not stolen, legitimate user's Identity would not be counterfeit;If the quantum key card of user is lost, the person of picking up can not also imitate due to not knowing user's PIN code Emit the identity of legitimate user.
In the present invention, the quantum key card used is independent hardware isolated equipment.Public key, private key and true random number etc. its A possibility that his relevant parameter stores in quantum key card or generates, steal key by Malware or malicious operation is significantly It reduces, will not be obtained and be cracked by quantum computer.Due to public key and relevant parameter be in the form of ciphertext in a network Transmission, the encryption key of every message is different, so ciphertext content is stolen, a possibility that cracking is lower.It is right in group As realizing key agreement using an asymmetric key exchange mode, the key for realizing communicating pair is shared, has ensured that communication is double Communication security of the side in group.
Disclosed above is only the embodiment of the present invention, but the present invention is not limited to this, those skilled in the art Various changes and modifications can be made to the invention without departing from the spirit and scope of the present invention.These obvious modification and variations are equal Should belong to the present invention claims protection scope protection in.In addition, although being used some specific terms in this specification, this A little terms merely for convenience of description, are not constituted the present invention any specifically limited.

Claims (8)

1. a kind of anti-quantum calculation cryptographic key negotiation method based on pool of symmetric keys, which is characterized in that including a plurality of clients, respectively It is stored with identical pool of keys in the quantum key card of user terminal configuration, and is interacted by each side's parameter and one's own side's pool of keys Equal arranging key is obtained, and then realizes the key agreement of user terminal two-by-two.
2. the anti-quantum calculation cryptographic key negotiation method according to claim 1 based on pool of symmetric keys, which is characterized in that use Family A and user B realizes that the key agreement step of user terminal two-by-two includes:
The side's A parameter and the side's A public key encryption are sent to user B by the pool of keys of one's own side by user A;
User B decrypts to obtain the side's A parameter and the side's A public key, and obtains the side's B public key according to the side's B parameter and the side's A parameter;
User's B combination side A public key, the side's A parameter and the side's B parameter generate the side's B arranging key;User B is by the side's B public key and one's own side simultaneously The key combining encryption that pool of keys generates is transmitted to user A;
User A produces the side's A arranging key using the side's B public key and the side's A parameter;
Wherein, the side's A arranging key and the side's B arranging key are equal, mutually referred to as symmetric key.
3. the anti-quantum calculation cryptographic key negotiation method according to claim 2 based on pool of symmetric keys, which is characterized in that A Square parameter is made of at least one of user A custom parameter, function and one's own side's true random number;The side's B parameter is made by oneself by user B At least one of adopted parameter, function and one's own side's true random number composition.
4. the anti-quantum calculation cryptographic key negotiation method according to claim 3 based on pool of symmetric keys, which is characterized in that institute Stating function is basic function or custom function.
5. the anti-quantum calculation cryptographic key negotiation method according to claim 3 based on pool of symmetric keys, which is characterized in that use Family A includes: that user A combines the side's A true random number by the encryption method that the pool of keys of one's own side encrypts the side's A parameter and the side's A public key Key indicator algorithm obtains key seed pointer, is taken out from one's own side's pool of keys using the key seed pointer corresponding random Number Sequence calculates random number sequence using key schedule and obtains the side's A key as key seed, the side's A key encryption The side's A parameter and the side's A public key obtain the side's A ciphertext.
6. the anti-quantum calculation cryptographic key negotiation method according to claim 5 based on pool of symmetric keys, which is characterized in that use The sending method for being sent to user B after the side's A parameter and the side's A public key encryption is included: user A by the pool of keys of one's own side by family A The side's A true random number and the side's A ciphertext are transmitted to the user B.
7. the anti-quantum calculation cryptographic key negotiation method according to claim 6 based on pool of symmetric keys, which is characterized in that use Family B decrypts to obtain the side's A parameter and the method for the side's A public key to include: that user B receives the side's A true random number and the side's A ciphertext, utilizes A Square true random number and corresponding key indicator algorithm obtain key seed pointer, using the key seed pointer from one's own side's pool of keys It is middle to take out corresponding random number sequence as key seed, and obtained using key schedule calculating random number sequence corresponding The side's A key;It decrypts to obtain the side's A parameter and the side's A public key using the key pair side A, the side A cryptogram computation.
8. the anti-quantum calculation cryptographic key negotiation method according to claim 7 based on pool of symmetric keys, which is characterized in that use It includes: one's own side's pool of keys in conjunction with the side's B true random number that the side's B public key is transmitted to user's step A with one's own side's pool of keys combining encryption by family B The side's B key is generated, key encryption side's B public key in the side's B obtains the side's B ciphertext.
CN201811203092.8A 2018-10-16 2018-10-16 Anti- quantum calculation cryptographic key negotiation method based on pool of symmetric keys Pending CN109495244A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811203092.8A CN109495244A (en) 2018-10-16 2018-10-16 Anti- quantum calculation cryptographic key negotiation method based on pool of symmetric keys

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811203092.8A CN109495244A (en) 2018-10-16 2018-10-16 Anti- quantum calculation cryptographic key negotiation method based on pool of symmetric keys

Publications (1)

Publication Number Publication Date
CN109495244A true CN109495244A (en) 2019-03-19

Family

ID=65689827

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811203092.8A Pending CN109495244A (en) 2018-10-16 2018-10-16 Anti- quantum calculation cryptographic key negotiation method based on pool of symmetric keys

Country Status (1)

Country Link
CN (1) CN109495244A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110061980A (en) * 2019-04-02 2019-07-26 如般量子科技有限公司 Anti- quantum calculation wired home energy-saving communication method and system based on key card
CN110266483A (en) * 2019-06-25 2019-09-20 如般量子科技有限公司 Based on unsymmetrical key pond to and the quantum communications service station cryptographic key negotiation method of QKD, system, equipment
CN110519046A (en) * 2019-07-12 2019-11-29 如般量子科技有限公司 Quantum communications service station cryptographic key negotiation method and system based on disposable asymmetric key pair and QKD
CN110601845A (en) * 2019-08-28 2019-12-20 如般量子科技有限公司 Anti-quantum computation RFID authentication method and system based on symmetric key pool and ECC

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101383699A (en) * 2008-10-22 2009-03-11 广州大学 Cipher key pre-distributing method for sensor network
US20090092252A1 (en) * 2007-04-12 2009-04-09 Landon Curt Noll Method and System for Identifying and Managing Keys
CN105024807A (en) * 2014-04-30 2015-11-04 宇龙计算机通信科技(深圳)有限公司 Data processing method and system
CN106452740A (en) * 2016-09-23 2017-02-22 浙江神州量子网络科技有限公司 Quantum communication service station, quantum key management device, key configuration network, and key configuration method
CN107086907A (en) * 2016-02-15 2017-08-22 阿里巴巴集团控股有限公司 Key synchronization, encapsulation transmission method and device for quantum key distribution process
CN107947933A (en) * 2018-01-11 2018-04-20 浙江九州量子信息技术股份有限公司 A kind of first hyposynchronous method of key between terminal system
CN108173649A (en) * 2018-01-10 2018-06-15 如般量子科技有限公司 A kind of message authentication method and system based on quantum key card
CN108540436A (en) * 2018-01-10 2018-09-14 如般量子科技有限公司 The communication system and communication means of the transmission of information encryption and decryption are realized based on quantum network
CN108599926A (en) * 2018-03-20 2018-09-28 如般量子科技有限公司 A kind of HTTP-Digest modified AKA identity authorization systems and method based on pool of symmetric keys
CN108616350A (en) * 2018-03-20 2018-10-02 如般量子科技有限公司 A kind of HTTP-Digest class AKA identity authorization systems and method based on pool of symmetric keys
CN108632042A (en) * 2018-03-20 2018-10-09 如般量子科技有限公司 A kind of class AKA identity authorization systems and method based on pool of symmetric keys

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090092252A1 (en) * 2007-04-12 2009-04-09 Landon Curt Noll Method and System for Identifying and Managing Keys
CN101383699A (en) * 2008-10-22 2009-03-11 广州大学 Cipher key pre-distributing method for sensor network
CN105024807A (en) * 2014-04-30 2015-11-04 宇龙计算机通信科技(深圳)有限公司 Data processing method and system
CN107086907A (en) * 2016-02-15 2017-08-22 阿里巴巴集团控股有限公司 Key synchronization, encapsulation transmission method and device for quantum key distribution process
CN106452740A (en) * 2016-09-23 2017-02-22 浙江神州量子网络科技有限公司 Quantum communication service station, quantum key management device, key configuration network, and key configuration method
CN108173649A (en) * 2018-01-10 2018-06-15 如般量子科技有限公司 A kind of message authentication method and system based on quantum key card
CN108540436A (en) * 2018-01-10 2018-09-14 如般量子科技有限公司 The communication system and communication means of the transmission of information encryption and decryption are realized based on quantum network
CN107947933A (en) * 2018-01-11 2018-04-20 浙江九州量子信息技术股份有限公司 A kind of first hyposynchronous method of key between terminal system
CN108599926A (en) * 2018-03-20 2018-09-28 如般量子科技有限公司 A kind of HTTP-Digest modified AKA identity authorization systems and method based on pool of symmetric keys
CN108616350A (en) * 2018-03-20 2018-10-02 如般量子科技有限公司 A kind of HTTP-Digest class AKA identity authorization systems and method based on pool of symmetric keys
CN108632042A (en) * 2018-03-20 2018-10-09 如般量子科技有限公司 A kind of class AKA identity authorization systems and method based on pool of symmetric keys

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
ZHAO JINCHAO ET AL.: ""Research on Key Predistribution Scheme of Wireless Sensor Networks"", 《2012 FIFTH INTERNATIONAL CONFERENCE ON INTELLIGENT COMPUTATION TECHNOLOGY AND AUTOMATION》 *
孙茂华: "《集合运算中的隐私保护问题研究》", 31 May 2018 *
曾萍 等: ""WSN 中基于ECC的轻量级认证密钥协商协议"", 《计算机工程与应用》 *
杨庚 等: ""一种有效的无线传感器网络密钥协商方案"", 《电子学报》 *
谷利泽 等: "《现代密码学教程》", 31 March 2015 *

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110061980A (en) * 2019-04-02 2019-07-26 如般量子科技有限公司 Anti- quantum calculation wired home energy-saving communication method and system based on key card
CN110266483A (en) * 2019-06-25 2019-09-20 如般量子科技有限公司 Based on unsymmetrical key pond to and the quantum communications service station cryptographic key negotiation method of QKD, system, equipment
CN110266483B (en) * 2019-06-25 2023-06-06 如般量子科技有限公司 Quantum communication service station key negotiation method, system and device based on asymmetric key pool pair and QKD
CN110519046A (en) * 2019-07-12 2019-11-29 如般量子科技有限公司 Quantum communications service station cryptographic key negotiation method and system based on disposable asymmetric key pair and QKD
CN110519046B (en) * 2019-07-12 2023-10-13 如般量子科技有限公司 Quantum communication service station key negotiation method and system based on one-time asymmetric key pair and QKD
CN110601845A (en) * 2019-08-28 2019-12-20 如般量子科技有限公司 Anti-quantum computation RFID authentication method and system based on symmetric key pool and ECC
CN110601845B (en) * 2019-08-28 2022-11-15 如般量子科技有限公司 Anti-quantum computation RFID authentication method and system based on symmetric key pool and ECC

Similar Documents

Publication Publication Date Title
CN106961336B (en) A kind of key components trustship method and system based on SM2 algorithm
CN109450623A (en) Anti- quantum calculation cryptographic key negotiation method based on unsymmetrical key pond
CN109728906B (en) Anti-quantum-computation asymmetric encryption method and system based on asymmetric key pool
CN109818749B (en) Quantum computation resistant point-to-point message transmission method and system based on symmetric key pool
CN109151053A (en) Anti- quantum calculation cloud storage method and system based on public asymmetric key pond
CN107124268A (en) A kind of privacy set common factor computational methods for resisting malicious attack
CN103124269A (en) Bidirectional identity authentication method based on dynamic password and biologic features under cloud environment
CN109921905B (en) Anti-quantum computation key negotiation method and system based on private key pool
CN109495244A (en) Anti- quantum calculation cryptographic key negotiation method based on pool of symmetric keys
CN110519046A (en) Quantum communications service station cryptographic key negotiation method and system based on disposable asymmetric key pair and QKD
CN109787758B (en) Anti-quantum computation MQV key agreement method and system based on private key pool and Elgamal
CN109936456B (en) Anti-quantum computation digital signature method and system based on private key pool
CN106130716A (en) Cipher key exchange system based on authentication information and method
CN110535626B (en) Secret communication method and system for identity-based quantum communication service station
CN109660338A (en) Anti- quantum calculation digital signature method and anti-quantum calculation digital signature system based on pool of symmetric keys
CN109905229B (en) Anti-quantum computing Elgamal encryption and decryption method and system based on group asymmetric key pool
CN110519226B (en) Quantum communication server secret communication method and system based on asymmetric key pool and implicit certificate
CN109728905B (en) Anti-quantum computation MQV key negotiation method and system based on asymmetric key pool
CN109951274A (en) The point-to-point method for message transmission of anti-quantum calculation and system based on private key pond
CN102594551A (en) Method for reliable statistics of privacy data on radio frequency identification (RFID) tag
CN109347923A (en) Anti- quantum calculation cloud storage method and system based on unsymmetrical key pond
CN110176989A (en) Quantum communications service station identity identifying method and system based on unsymmetrical key pond
US20040120519A1 (en) Method for enhancing security of public key encryption schemas
EP3711255A1 (en) Device, system and method for secure data communication
CN110519040B (en) Anti-quantum computation digital signature method and system based on identity

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20190319