CN110138548B - Quantum communication service station key negotiation method and system based on asymmetric key pool pair and DH protocol - Google Patents

Quantum communication service station key negotiation method and system based on asymmetric key pool pair and DH protocol Download PDF

Info

Publication number
CN110138548B
CN110138548B CN201910324294.6A CN201910324294A CN110138548B CN 110138548 B CN110138548 B CN 110138548B CN 201910324294 A CN201910324294 A CN 201910324294A CN 110138548 B CN110138548 B CN 110138548B
Authority
CN
China
Prior art keywords
key
service station
party
parameter
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910324294.6A
Other languages
Chinese (zh)
Other versions
CN110138548A (en
Inventor
富尧
钟一民
杨羽成
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruban Quantum Technology Co Ltd
Original Assignee
Ruban Quantum Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ruban Quantum Technology Co Ltd filed Critical Ruban Quantum Technology Co Ltd
Priority to CN201910324294.6A priority Critical patent/CN110138548B/en
Publication of CN110138548A publication Critical patent/CN110138548A/en
Application granted granted Critical
Publication of CN110138548B publication Critical patent/CN110138548B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The application relates to a quantum communication service station key agreement method and a system based on an asymmetric key pool pair and DH protocol. The public key, the private key and other related parameters are stored in a data security area in the key fob, so that the possibility of stealing the key by malicious software or malicious operation is greatly reduced, and the key cannot be acquired and cracked by a quantum computer. The application improves the authentication flow based on the symmetric key algorithm, so that the data in the authentication flow, such as the random number and the TICKET interacted between the B and the service station, are encrypted and protected by the symmetric key obtained by the DH algorithm. The symmetric key obtained by the DH algorithm can only be calculated by both communication parties, namely, the data in the authentication process can only be decrypted by the DH private key owner, and any other person can not decrypt the data, so that the security of the authentication process based on the symmetric key algorithm is improved.

Description

Quantum communication service station key negotiation method and system based on asymmetric key pool pair and DH protocol
Technical Field
The application relates to the technical field of secure communication, in particular to a quantum communication service station key negotiation method and system based on an asymmetric key pool pair and DH protocol.
Background
The rapidly developed Internet brings great convenience to the life and work of people, and people can sit at home to send and receive e-mails, make calls, conduct online shopping, bank transfer and other activities through the Internet. At the same time, network information security is becoming a potential huge problem. Generally, network information faces the following security risks: network information is stolen, information is tampered with, attacker counterfeits information, maliciously destroyed, etc.
Identity authentication is one of the means for protecting network information of people. Identity authentication is also called "identity verification" or "identity authentication," which refers to the process of confirming the identity of an operator in a computer and a computer network system, so as to determine whether the user has access and use rights to a certain resource, further enable the access policies of the computer and the network system to be reliably and effectively executed, prevent an attacker from impersonating a legal user to obtain the access rights of the resource, ensure the security of the system and data, and authorize the legal interests of the visitor.
While the current guarantee of successful authentication mainly depends on cryptography, in the field of cryptography today there are mainly two types of cryptosystems, namely symmetric key cryptosystems, i.e. the encryption key and decryption key use the same. The other is a public key cryptosystem, i.e. the encryption key and the decryption key are different, one of which can be disclosed. Most of the identity authentication using algorithms currently mainly rely on public key cryptography.
The encryption key (public key) and the decryption key (private key) employed by the public key encryption system are different. Since the encryption key is public, distribution and management of keys is simple, and the public key encryption system can easily implement digital signatures.
Since the advent of public key encryption, scholars have proposed many public key encryption methods, the security of which is based on complex mathematical problems. Classified according to the mathematical problem on which it is based, there are three types of systems currently considered safe and effective: large integer factorization systems (typically RSA), discrete logarithmic systems (typically DSA), and elliptic discrete logarithmic systems (ECC).
However, with the development of a quantum computer, the classical asymmetric key encryption algorithm is no longer safe, and the quantum computer can obtain a private key through public key calculation no matter encryption and decryption or a key exchange method, so that the currently commonly used asymmetric key becomes incomparable in the quantum age. The current quantum key distribution device QKD can ensure that the negotiated key cannot be obtained. But QKD is mainly used for quantum trunk, and the user equipment to quantum communication service station is still a classical network, so it is difficult to guarantee the security of the identity authentication process by means of asymmetric algorithm.
Problems of the prior art:
1. the symmetric key pool is used between the quantum communication service station and the quantum key card, the capacity is huge, and the key storage of the quantum communication service station is stressed;
2. because of the huge key capacity of the symmetric key pool, the quantum communication service station has to store the key in a common storage medium such as a hard disk in an encrypted manner, but cannot store the key in a key fob of the quantum communication service station;
3. the key backup is troublesome because of the huge key capacity of the symmetric key pool.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a method and system for quantum communication service station key agreement based on an asymmetric key pool pair and DH protocol.
The application discloses a quantum communication service station key negotiation method based on an asymmetric key pool pair and DH protocol, which is implemented on an active side, and comprises the following steps:
generating and transmitting information M1 to a passive party, wherein the information M1 comprises an authentication parameter NA and a device parameter IDA; the information M1 is used for the service station to generate a session key KAB and a bill TICKETA for the verification of the initiative;
acquiring a ticket TICKETA from a passive party, and encrypting an authentication parameter NC and an authentication parameter NA by using a session key KAB, wherein the ticket TICKETA is encrypted by using an encryption parameter Ka and contains the authentication parameter NA; generating an encryption parameter Ka by using a public key PKQa of a service station and a private key SKA of an active party, decrypting a bill TICKETA by using the encryption parameter Ka, verifying an authentication parameter NA, then trusting a session key KAB, and verifying the authentication parameter NA by using the session key KAB, then authenticating the passive party; transmitting an authentication parameter NC encrypted by using a session key KAB to the passive party;
The authentication parameter NC is used for the passive party to authenticate the active party.
The application discloses a quantum communication service station key negotiation method based on an asymmetric key pool pair and DH protocol, which is implemented in a service station, and comprises the following steps:
acquiring an authentication code MAC (M2_0, AK2) encrypted by an encryption key EK2 from a passive party, wherein the device parameter IDB of the passive party; the encryption key EK2 is generated by using a public key PKQ2 of the service station, the authentication code MAC (m2_0, ak2) is generated by using the public key PKQ2 of the service station and includes an authentication parameter NB generated by the passive party, the message M1 and a device parameter IDB of the passive party, and the information M1 includes an authentication parameter NA generated by the active party and a device parameter IDA of the active party;
generating a session key KAB after decrypting and verifying the authentication code MAC (M2_0, AK2), generating an encryption parameter Ka by using a service station private key SKQa and an active party public key PKA, generating an encryption parameter Kb by using the service station private key SKQb and a passive party public key PKB, and manufacturing a ticket TICKETA and a ticket TICKETE B, wherein the ticket TICKETA comprises an authentication parameter NA, a device parameter IDA, a device parameter IDB and the session key KAB encrypted by using the encryption parameter Ka; the bill TICKETB comprises an authentication parameter NB encrypted by an encryption parameter Kb, a device parameter IDA, a device parameter IDB and a session key KAB;
Generating an encryption parameter K3 by using a private key SKQ3 of a service station, splitting the encryption parameter K3 into an authentication key AK3 and an encryption key EK3, generating information M3_0 containing a bill TICKETA and a bill TICKETP B, generating an authentication code MAC (M3_0, AK3) for the information M3_0 by using the authentication key AK3, and transmitting the information M3_0 and the authentication code MAC (M3_0, AK3) encrypted by using the encryption key EK3 to a passive party;
ticket TICKETA and ticket TICKETB within the authentication code MAC (m3_0, ak3) are used for the active and passive party to verify and trust the session key KAB.
The application discloses a quantum communication service station key negotiation method based on an asymmetric key pool pair and DH protocol, which is implemented on a passive side, and comprises the following steps:
acquiring a message M1 from an active party, wherein the message M1 comprises an authentication parameter NA generated by the active party and a device parameter IDA of the active party; generating an authentication parameter NB and a message M2_0, wherein the message M2_0 comprises the authentication parameter NB, the message M1 and a device parameter IDB of a passive party; generating an encryption parameter K2 by using a public key PKQ2 of a service station stored by the service station, splitting the encryption parameter K2 into an authentication key AK2 and an encryption key EK2, manufacturing an authentication code MAC (M2_0, AK2) for the message M2_0 by using the authentication key AK2, and transmitting the authentication code MAC (M2_0, AK2) encrypted by using the encryption key EK2 to the service station, wherein the device parameter IDB of a passive party;
Acquiring the information m3_0 encrypted by an encryption key EK3 from the service station and an authentication code MAC (m3_0, ak3), the encryption key EK3 being generated by a service station private key SKQ3, the authentication code MAC (m3_0, ak3) being made by the service station private key SKQ3 and containing a ticket TICKETA and a ticket TICKETB, the ticket TICKETA including an authentication parameter NA encrypted by an encryption parameter Ka, a device parameter IDA, a device parameter IDB, a session key KAB; the bill TICKETB comprises an authentication parameter NB encrypted by an encryption parameter Kb, a device parameter IDA, a device parameter IDB and a session key KAB; the encryption parameter Ka is generated by using a private key SKQa of the service station and a public key PKA of the active party, the encryption parameter Ka is generated by using a private key SKQb of the service station and a public key PKB of the passive party, and the session key KAB is generated by the service station; obtaining a bill TICKETA and a bill TICKETP B after decryption, verifying an authentication parameter NB in the bill TICKETP B, then trusting a session key KAB, generating an authentication parameter NC, and sending information M4 to the initiative party, wherein the information M4 comprises the bill TICKETA, and the authentication parameter NC and the authentication parameter NA encrypted by using the session key KAB;
and acquiring an authentication parameter NC encrypted by using a session key KAB from the initiative, and completing verification of the initiative after decrypting and verifying the authentication parameter NC.
The application discloses a quantum communication service station key negotiation method based on an asymmetric key pool pair and DH protocol, which comprises the following steps:
the method comprises the steps that an active party generates and sends information M1 to a passive party, wherein the information M1 comprises an authentication parameter NA generated by the active party and a device parameter IDA of the active party;
the method comprises the steps that after the passive party obtains the authentication parameters NB and a message M2_0, the message M2_0 comprises the authentication parameters NB, and the message M1 and the device parameters IDB of the passive party; generating an encryption parameter K2 by using a public key PKQ2 of a service station stored by the service station, splitting the encryption parameter K2 into an authentication key AK2 and an encryption key EK2, manufacturing an authentication code MAC (M2_0, AK2) for the message M2_0 by using the authentication key AK2, and transmitting the authentication code MAC (M2_0, AK2) encrypted by using the encryption key EK2 to the service station, wherein the device parameter IDB of a passive party;
the service station acquires, decrypts and verifies the authentication code MAC (M2_0, AK2) and then generates a session key KAB, generates an encryption parameter Ka by using a service station private key SKQa and an active party public key PKA, generates an encryption parameter Kb by using the service station private key SKQb and a passive party public key PKB, and prepares a ticket TICKETA and a ticket TICKETE B, wherein the ticket TICKETA comprises an authentication parameter NA encrypted by using the encryption parameter Ka, a device parameter IDA, a device parameter IDB and the session key KAB; the bill TICKETB comprises an authentication parameter NB encrypted by an encryption parameter Kb, a device parameter IDA, a device parameter IDB and a session key KAB; generating an encryption parameter K3 by using a private key SKQ3 of a service station, splitting the encryption parameter K3 into an authentication key AK3 and an encryption key EK3, generating information M3_0 containing a bill TICKETA and a bill TICKETP B, generating an authentication code MAC (M3_0, AK3) for the information M3_0 by using the authentication key AK3, and transmitting the information M3_0 and the authentication code MAC (M3_0, AK3) encrypted by using the encryption key EK3 to a passive party;
The passive party obtains a bill TICKETA and a bill TICKETP B after obtaining and decrypting, verifies an authentication parameter NB in the bill TICKETP and trusts a session key KAB to generate an authentication parameter NC, and sends information M4 to the active party, wherein the information M4 comprises the bill TICKETA, and the authentication parameter NC and the authentication parameter NA encrypted by using the session key KAB;
the active party acquires and decrypts the ticket TICKETA and verifies the authentication parameter NA and then trusts the session key KAB, and the passive party is authenticated after the authentication parameter NA is verified by using the session key KAB; transmitting an authentication parameter NC encrypted by using a session key KAB to the passive party;
the passive party acquires an authentication parameter NC encrypted by using a session key KAB from the active party, and the authentication of the active party is completed after decrypting and verifying the authentication parameter NC.
Further, the service station is divided into a service station QA and a service station QB, wherein the active party is a sub-device of the service station QA, and the passive party is a sub-device of the service station QB;
the service station QB acquires the authentication code MAC (m2_0, ak2 ') encrypted with the encryption key EK2' from the passive party, the device parameter IDB of the passive party; generating an encryption parameter K2' by using a service station QB private key SKQB2 and a passive public key, splitting the encryption parameter K2' into an authentication key AK2' and an encryption key EK2', decrypting by using the encryption key EK2', verifying an authentication code MAC (M2_0, AK2 ') by using the authentication key AK2', generating information M3', wherein the information M3' comprises information M2_0, carrying out encryption communication with the service station QA to obtain an encryption parameter K3', splitting the encryption parameter K3' into an authentication key AK3' and an encryption key EK3', and encrypting and transmitting information M3' encrypted by using the encryption parameter K3' and an authentication code MAC (M3 ', AK3 ') to the service station QA, wherein the authentication code MAC (M3 ', AK3 ') is manufactured by using the authentication key AK3' and the information M3 ';
The service station QA acquires and decrypts the verification authentication code MAC (M3 ', AK 3'); generating an encryption parameter Ka' by using an initiative public key PKA and a service station QA private key SKQAa, and generating a session key KAB; generating a ticket TICKETA ', wherein the ticket TICKETA ' comprises a device parameter IDB encrypted by an encryption parameter Ka ', an authentication parameter NA, a device parameter IDA and a session key KAB; generating information M4', the information M4' comprising the utilization ticket TICKETA ' and the session key KAB; encryption communication with the service station QB is carried out to obtain an encryption parameter K4', the encryption parameter K4' is split into an authentication key AK4 'and an encryption key EK4', information M4 'encrypted by the encryption parameter K4' and an authentication code MAC (M4 ', AK 4') are sent to the service station QB in an encrypted mode, and the authentication code MAC (M4 ', AK 4') is manufactured by the authentication key AK4 'and the information M4';
the service station QB acquires and decrypts the verification authentication code MAC (M4 ', AK4 '), and generates an encryption parameter Kb ' by using the passive public key PKB and the service station QB private key SKQBb to generate a session key KAB; generating a ticket TICKETB ', wherein the ticket TICKETB ' comprises a device parameter IDB encrypted by an encryption parameter Kb ', an authentication parameter NB, a device parameter IDA and a session key KAB; generating an encryption parameter K5' by using a private key SKQB5 of a service station and a public key PKB of a passive party, splitting the encryption parameter K5' into an authentication key AK5' and an encryption key EK5', generating information M5' _0 containing a bill TICKETP ' and a bill TICKETA ', and transmitting the information M5' _0 encrypted by using the encryption key EK5' and an authentication code MAC (M5 ' _0, AK5 ') to the passive terminal, wherein the authentication code MAC (M5 ' _0, AK5 ') is generated by using the authentication key AK5' and the information M5' _0;
Ticket TICKETA 'is used for the active party to trust session key KAB and ticket TICKETB' is used for the passive party to trust session key KAB.
Further, the session key KAB is split into a message encryption and decryption key KABE and a message authentication key KABA.
The application discloses an initiative side device, which comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the steps of the key negotiation method of the quantum communication service station in the technical scheme when executing the computer program.
The application discloses service station equipment, which comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the steps of the quantum communication service station key negotiation method in the technical scheme when executing the computer program.
The application discloses passive equipment, which comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the steps of the key negotiation method of the quantum communication service station in the technical scheme when executing the computer program.
The application discloses a quantum communication service station identity authentication system based on an asymmetric key pool, which comprises an active party, a passive party, a service station and a communication network, wherein the active party and the passive party are arranged in the system; the master is provided with a master key card, and a service station public key pool, a master public key and a master private key are stored in the master key card; the passive party is provided with a passive party key card, and a service station public key pool, a passive party public key and a passive party private key are stored in the passive party key card; the service station is configured with a service station key card, and a service station private key pool, an active party public key pool and a passive party public key pool are stored in the service station key card;
The active party, the passive party and the service station realize the key negotiation method of the quantum communication service station in the technical scheme through the communication network.
In the application, the key fob used is a stand-alone hardware isolation device. The public key, the private key and other related parameters are stored in a data security area in the key fob, so that the possibility of stealing the key by malicious software or malicious operation is greatly reduced, and the key cannot be acquired and cracked by a quantum computer. Because the classical network does not involve the transmission of public and private keys and algorithm parameters, the risk of cracking the asymmetric key is low, and in addition, the QKD is adopted between the service stations for encrypting and transmitting the message, so that the safety of the message is greatly ensured. The key fob ensures the communication safety of both communication parties in the group, and greatly improves the safety of identity authentication. Meanwhile, the asymmetric key pool solves the problem that the symmetric key pool brings key storage pressure to the quantum communication service station, and reduces storage cost. For example, the size of the symmetric key pool of the original user is 1G, the number of users is N, the quantum communication service station needs to store the key pool of N G, and if the asymmetric key pool is stored, the size of the client storage key pool is also 1G, and the quantum communication service station also only needs to store the key pool with the size of 1G.
Meanwhile, the application improves the authentication flow based on the symmetric key algorithm, so that data in the authentication flow, such as the random number and the TICKET interacted between the B and the service station, are encrypted and protected by the symmetric key obtained by the DH algorithm. The symmetric key obtained by the DH algorithm can only be calculated by both communication parties, namely, the data in the authentication process can only be decrypted by the DH private key owner, and any other person can not decrypt the data, so that the security of the authentication process based on the symmetric key algorithm is improved.
Drawings
FIG. 1 is a schematic diagram of key pool distribution of a server key fob according to the present application;
FIG. 2 is a schematic diagram of a key pool distribution of a client key fob according to the present application;
FIG. 3 is a flowchart of authentication in embodiment 1;
fig. 4 is an authentication flow chart of embodiment 2.
Detailed Description
The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application. The service stations in the application are all quantum communication service stations under the condition of not making special description, and all names in the application are based on letter and number combination, for example, Q, the service station represents the same meaning hereinafter, namely the service station Q; for another example, the authentication parameter NA, NA means hereinafter the same meaning, i.e., the authentication parameter NA, and the remaining names are the same.
The application discloses a quantum communication service station key negotiation method based on an asymmetric key pool pair and DH protocol, which is implemented on an active side and comprises the following steps:
generating and transmitting information M1 to a passive party, wherein the information M1 comprises an authentication parameter NA and a device parameter IDA; the information M1 is used for the service station to generate a session key KAB and a bill TICKETA for verification by the initiative;
acquiring a bill TICKETA from a passive party, encrypting an authentication parameter NC and an authentication parameter NA by using a session key KAB, and encrypting the bill TICKETA by using an encryption parameter Ka and comprising the authentication parameter NA; generating an encryption parameter Ka by using a public key PKQa of the service station and a private key SKA of the active party, decrypting a bill TICKETA by using the encryption parameter Ka, verifying an authentication parameter NA, then trusting a session key KAB, and verifying the authentication parameter NA by using the session key KAB, then authenticating the passive party; transmitting an authentication parameter NC encrypted by using a session key KAB to a passive party;
the authentication parameter NC is used for the passive party to authenticate the active party.
The application discloses a quantum communication service station key negotiation method based on an asymmetric key pool pair and DH protocol, which is implemented in a service station and comprises the following steps:
acquiring an authentication code MAC (M2_0, AK2) encrypted by an encryption key EK2 from a passive party, wherein the device parameter IDB of the passive party; the encryption key EK2 is generated by using a public key PKQ2 of the service station, and the authentication code MAC (M2_0, AK2) is generated by using the public key PKQ2 of the service station and comprises an authentication parameter NB generated by a passive party, a message M1 and a device parameter IDB of the passive party, wherein the message M1 comprises an authentication parameter NA generated by an active party and the device parameter IDA of the active party;
Generating a session key KAB after decrypting and verifying the authentication code MAC (M2_0, AK2), generating an encryption parameter Ka by using a service station private key SKQa and an active party public key PKA, generating an encryption parameter Kb by using the service station private key SKQb and a passive party public key PKB, and manufacturing a ticket TICKETA and a ticket TICKETE B, wherein the ticket TICKETA comprises an authentication parameter NA encrypted by using the encryption parameter Ka, a device parameter IDA, a device parameter IDB and the session key KAB; the bill TICKETB comprises an authentication parameter NB encrypted by an encryption parameter Kb, a device parameter IDA, a device parameter IDB and a session key KAB;
generating an encryption parameter K3 by using a private key SKQ3 of a service station, splitting the encryption parameter K3 into an authentication key AK3 and an encryption key EK3, generating information M3_0 containing a bill TICKETA and a bill TICKETP B, generating an authentication code MAC (M3_0, AK3) for the information M3_0 by using the authentication key AK3, and transmitting the information M3_0 encrypted by using the encryption key EK3 and the authentication code MAC (M3_0, AK3) to a passive party;
ticket TICKETA and ticket TICKETB within the authentication code MAC (m3_0, ak3) are used for the active and passive party to verify and trust the session key KAB.
The application discloses a quantum communication service station key negotiation method based on an asymmetric key pool pair and DH protocol, which is implemented on a passive side and comprises the following steps:
Acquiring a message M1 from an active party, wherein the message M1 comprises an authentication parameter NA generated by the active party and a device parameter IDA of the active party; generating an authentication parameter NB and a message M2_0, wherein the message M2_0 comprises the authentication parameter NB, the message M1 and a device parameter IDB of a passive party; generating an encryption parameter K2 by using a public key PKQ2 of a service station stored by the service station, splitting the encryption parameter K2 into an authentication key AK2 and an encryption key EK2, manufacturing an authentication code MAC (M2_0, AK2) on a message M2_0 by using the authentication key AK2, and transmitting the authentication code MAC (M2_0, AK2) encrypted by using the encryption key EK2 to the service station, wherein the device parameter IDB of a passive party;
acquiring information M3_0 encrypted by an encryption key EK3 and an authentication code MAC (M3_0, AK3) from a service station, wherein the encryption key EK3 is generated by a service station private key SKQ3, and the authentication code MAC (M3_0, AK3) is manufactured by the service station private key SKQ3 and comprises a ticket TICKETA and a ticket TICKETP B, and the ticket TICKETA comprises an authentication parameter NA encrypted by an encryption parameter Ka, a device parameter IDA, a device parameter IDB and a session key KAB; the bill TICKETB comprises an authentication parameter NB encrypted by an encryption parameter Kb, a device parameter IDA, a device parameter IDB and a session key KAB; the encryption parameter Ka is generated by using a private key SKQa of the service station and a public key PKA of the active party, the encryption parameter Ka is generated by using a private key SKQb of the service station and a public key PKB of the passive party, and the session key KAB is generated by the service station; obtaining a bill TICKETA and a bill TICKETP B after decryption, verifying an authentication parameter NB in the bill TICKETP B, then trusting a session key KAB, generating an authentication parameter NC, and sending information M4 to an active party, wherein the information M4 comprises the bill TICKETA, and the authentication parameter NC and the authentication parameter NA encrypted by using the session key KAB;
And acquiring an authentication parameter NC encrypted by using the session key KAB from the master, and completing verification of the master after decrypting the authentication parameter NC.
The application discloses a quantum communication service station key negotiation method based on an asymmetric key pool pair and DH protocol, which comprises the following steps:
the method comprises the steps that an active party generates and sends information M1 to a passive party, wherein the information M1 comprises an authentication parameter NA generated by the active party and a device parameter IDA of the active party;
the passive party obtains the authentication parameters NB and the message M2_0, wherein the message M2_0 comprises the authentication parameters NB, the message M1 and the device parameters IDB of the passive party; generating an encryption parameter K2 by using a public key PKQ2 of a service station stored by the service station, splitting the encryption parameter K2 into an authentication key AK2 and an encryption key EK2, manufacturing an authentication code MAC (M2_0, AK2) on a message M2_0 by using the authentication key AK2, and transmitting the authentication code MAC (M2_0, AK2) encrypted by using the encryption key EK2 to the service station, wherein the device parameter IDB of a passive party;
the server station obtains, decrypts and verifies the authentication code MAC (M2_0, AK2) and then generates a session key KAB, generates an encryption parameter Ka by using a server station private key SKQa and an active party public key PKA, generates an encryption parameter Kb by using the server station private key SKQb and a passive party public key PKB, and generates a ticket TICKETA and a ticket TICKETE B, wherein the ticket TICKETA comprises an authentication parameter NA encrypted by using the encryption parameter Ka, a device parameter IDA, a device parameter IDB and the session key KAB; the bill TICKETB comprises an authentication parameter NB encrypted by an encryption parameter Kb, a device parameter IDA, a device parameter IDB and a session key KAB; generating an encryption parameter K3 by using a private key SKQ3 of a service station, splitting the encryption parameter K3 into an authentication key AK3 and an encryption key EK3, generating information M3_0 containing a bill TICKETA and a bill TICKETP B, generating an authentication code MAC (M3_0, AK3) for the information M3_0 by using the authentication key AK3, and transmitting the information M3_0 and the authentication code MAC (M3_0, AK3) encrypted by using the encryption key EK3 to a passive party;
The passive party obtains a bill TICKETA and a bill TICKETP B after obtaining and decrypting, verifies an authentication parameter NB in the bill TICKETP B and trusts a session key KAB, generates an authentication parameter NC, and sends information M4 to the active party, wherein the information M4 comprises the bill TICKETA, and the authentication parameter NC and the authentication parameter NA encrypted by the session key KAB;
the active party acquires and decrypts the ticket TICKETA, verifies the authentication parameter NA and then trusts the session key KAB, and verifies the authentication parameter NA by using the session key KAB and then authenticates the passive party; transmitting an authentication parameter NC encrypted by using a session key KAB to a passive party;
the passive party acquires the authentication parameter NC encrypted by the session key KAB from the active party, and the authentication of the active party is completed after decrypting the authentication parameter NC.
In an embodiment, for example, in embodiment 2, the service station is divided into a service station QA and a service station QB, the active party is a subset of the service station QA, and the passive party is a subset of the service station QB;
the service station QB acquires the authentication code MAC (m2_0, ak2 ') encrypted with the encryption key EK2' from the passive party, the device parameter IDB of the passive party; generating an encryption parameter K2' by using a service station QB private key SKQB2 and a passive public key, splitting the encryption parameter K2' into an authentication key AK2' and an encryption key EK2', decrypting by using the encryption key EK2', verifying an authentication code MAC (M2_0, AK2 ') by using the authentication key AK2', generating information M3', wherein the information M3' comprises information M2_0, carrying out encryption communication with the service station QA to obtain an encryption parameter K3', splitting the encryption parameter K3' into an authentication key AK3' and an encryption key EK3', and encrypting and transmitting information M3' encrypted by using the encryption parameter K3' and an authentication code MAC (M3 ', AK3 ') to the service station QA, wherein the authentication code MAC (M3 ', AK3 ') is manufactured by using the authentication key AK3' and the information M3 ';
The service station QA acquires and decrypts the verification authentication code MAC (M3 ', AK 3'); generating an encryption parameter Ka' by using an initiative public key PKA and a service station QA private key SKQAa, and generating a session key KAB; generating a ticket TICKETA ', wherein the ticket TICKETA ' comprises a device parameter IDB encrypted by an encryption parameter Ka ', an authentication parameter NA, a device parameter IDA and a session key KAB; generating information M4', the information M4' comprising the utilization ticket TICKETA ' and the session key KAB; encryption communication with the service station QB is carried out to obtain an encryption parameter K4', the encryption parameter K4' is split into an authentication key AK4 'and an encryption key EK4', information M4 'encrypted by the encryption parameter K4' and an authentication code MAC (M4 ', AK 4') are sent to the service station QB in an encrypted mode, and the authentication code MAC (M4 ', AK 4') is manufactured by the authentication key AK4 'and the information M4';
the service station QB acquires and decrypts the verification authentication code MAC (M4 ', AK4 '), and generates an encryption parameter Kb ' by using the passive public key PKB and the service station QB private key SKQBb to generate a session key KAB; generating a ticket TICKETB ', wherein the ticket TICKETB ' comprises a device parameter IDB encrypted by an encryption parameter Kb ', an authentication parameter NB, a device parameter IDA and a session key KAB; generating an encryption parameter K5' by using a private key SKQB5 of a service station and a public key PKB of a passive party, splitting the encryption parameter K5' into an authentication key AK5' and an encryption key EK5', generating information M5' _0 containing a bill TICKETP ' and a bill TICKETA ', and transmitting the information M5' _0 encrypted by using the encryption key EK5' and an authentication code MAC (M5 ' _0, AK5 ') to the passive terminal, wherein the authentication code MAC (M5 ' _0, AK5 ') is generated by using the authentication key AK5' and the information M5' _0;
Ticket TICKETA 'is used for the active party to trust session key KAB and ticket TICKETB' is used for the passive party to trust session key KAB.
Further, the session key KAB is split into a message encrypting and decrypting key KABE and a message authenticating key KABA.
The application discloses an initiative side device, which comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the steps of the key negotiation method of the quantum communication service station in the technical scheme when executing the computer program.
The application discloses service station equipment, which comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the steps of the quantum communication service station key negotiation method in the technical scheme when executing the computer program.
The application discloses passive side equipment, which comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the steps of the key negotiation method of the quantum communication service station in the technical scheme when executing the computer program.
The application discloses a quantum communication service station key negotiation system based on an asymmetric key pool pair and DH protocol, which comprises an active party, a passive party, a service station and a communication network; the master is provided with a master key card, and a service station public key pool, a master public key and a master private key are stored in the master key card; the passive party is provided with a passive party key card, and a service station public key pool, a passive party public key and a passive party private key are stored in the passive party key card; the service station is configured with a service station key card, and a service station private key pool, an active party public key pool and a passive party public key pool are stored in the service station key card;
The active party, the passive party and the service station realize the key negotiation method of the quantum communication service station in the technical scheme through a communication network.
The implementation scene of the application is that any two objects A, B based on an asymmetric key pool system perform mutual identity authentication. Each object in the key pool system has a key card, can store keys with large data volume, and also has the capability of processing information. In the application, algorithms with corresponding requirements exist in the local systems of the object A and the object B.
The description of the key fob is found in application number "201610843210.6". In the case of a mobile terminal, the key fob is preferably a key SD card; in the case of a fixed terminal, the key fob is preferably a key usb key or a host key fob.
The mechanism of issuance of the key fob is similar as compared to the application number "201610843210.6". The key card issuer of the application is the master of the key card, and is generally the management department of a group, such as the management department of a certain enterprise or public institution; the issuer of the key fob is a member managed by the master of the key fob, typically a staff of a certain enterprise or business. The client first applies for an account opening to the principal of the key fob. When the client registers for approval, a key fob (with a unique key fob ID) will be obtained. The key fob stores customer registration information. The public key pools in the client key fobs under the same quantum communication service station are all downloaded from the same key management server, and the public key pools stored in each client key fobs issued by the public key fobs are completely consistent. Preferably, the key pool size stored in the key fob may be 1G, 2G, 4G, 8G, 16G, 32G, 64G, 128G, 256G, 512G, 1024G, 2048G, 4096G, and so on.
The key fob is developed from the smart card technology and is an identity authentication and encryption and decryption product combining cryptography technology, hardware security isolation technology and quantum physics technology (in the case of carrying a quantum random number generator). The embedded chip and the operating system of the key fob can provide the functions of secure storage of keys, cryptographic algorithms, and the like. Because of its independent data processing capability and good security, the key fob becomes a secure carrier for private keys and key pools. Each key fob is protected by a hardware PIN code, which constitutes two necessary factors for the user to use the key fob. The "two-factor authentication" is a process in which a user can log in to a system only by acquiring a key fob and a user PIN code that store related authentication information at the same time. Even if the PIN code of the user is revealed, the identity of the legal user cannot be imitated as long as the key fob held by the user is not stolen; if the key fob of the user is lost, the pick-up cannot impersonate the identity of the legitimate user because the user PIN code is not known. In a word, the key fob makes the secret information such as the key not appear in the disk and the memory of the host in a plaintext form, thereby effectively ensuring the safety of the secret information.
In the present application, the key fob is divided into a server key fob and a client key fob. As shown in fig. 1, the key area of the service station key fob mainly stores a client public key pool and a service station private key pool; as shown in fig. 2, the key area of the client key fob mainly stores a service station public key pool and a pair of public and private key pairs. The key fobs are issued by a key management server.
The key management server may select an algorithm that supports both encryption and decryption and signing prior to issuing the key fob. The key management server generates a corresponding number of numbers meeting the algorithm specification as a private key and a public key according to the number of clients. The key management server generates a corresponding number of IDs, selects a corresponding number of public and private key pairs, combines the public key and the IDs to obtain an ID/public key, and writes the ID/public key into the same file to form a public key pool file, namely the public key pool of the client. Meanwhile, the key management server writes the corresponding private key into the file in the same way to form a private key pool file, namely a client private key pool. The ID of each private key in the client private key pool is the same as the ID of the corresponding public key in the client public key pool. The key management server again generates a large number of numbers meeting the algorithm specification as private and public keys. The key management server writes the public and private keys into two files to form a service station public key pool and a service station private key pool. The public key in the service station public key pool corresponds to the private key in the same position in the service station private key pool. The key management server defines the first key fob issued as a service station key fob and writes the service station private key pool and client public key pool and associated algorithm parameters to the key zone of the key fob. The key cards issued by the key management server subsequently are all client-side key cards. The key management server randomly selects an unassigned ID to be assigned to the key fob, and writes the public and private keys of the client public key pool and the client private key Chi Quxiang with the ID into the key area of the key fob together with the service station public key pool, and writes the relevant parameters into the key fob.
The random numbers described herein are true random numbers, preferably quantum random numbers.
According to the Diffie-Hellman protocol, a large prime number p and a number g are defined, g is the primitive root of modulo p, and g and p are parameters of the Diffie-Hellman protocol. Taking the client a and the service station QA as examples, the client a generates a true random large integer SKA as a DH private key of the client a according to the matched key fob, and obtains the DH public key pka=g through calculation SKA mod p. Service station QA generates a true random large integer SKQAi (i epsilon {1,2, … …, m }) as a DH private key of a service station QA according to the matched key fob, and obtains a DH public key PKQAi=g through calculation SKQAi mod p(i∈{1,2,……,m})。
According to the Diffie-Hellman protocol, PKQAi SKA mod p=PKA SKQAi mod p. Hereinafter, the part of mod p is omitted, using PKQAi SKA Refer to PKQAi SKA mod p, the remainder are the same.
Example 1
System description
The scenario of this embodiment is shown in fig. 4, where the scenario includes an active party corresponding to a claim of a client a, a passive party corresponding to a claim of a client B, and a quantum communication service station Q corresponding to a service station, abbreviated as service station Q. Both client a and client B are provided with a client key fob and quantum communication service station Q is provided with a service station key fob. The key cards are all key cards of the same batch issued by the same key management server.
Step 1: client a initiates a negotiation key request to client B.
The client a generates a random number NA from a random number generator in the matched key fob, and transmits the random number NA to the client B as M1 together with its ID, IDA.
Step 2: client B encrypts M1 and forwards to quantum communication service station Q.
After receiving M1, client B generates random number NB according to random number generator in key fob matched with itself, NB together with M1 and IDB are formed into M2_0, can be represented as M1I IDB I NB.
The client B generates a random number R2 according to a random number generator in the matched key fob, uses the R2 to combine with a pointer function to obtain a pointer P2, and extracts PKQ2 from a public key pool of the service station through the pointer P2. Let k2=pkq2 SKB, then split K2 into EK2 and AK2. Message authentication code MAC (m2_0, ak2) is made for m2_0 using AK2. Wherein MAC (m, k) represents a message authentication code with m as a message and k as a key. M2_0 and its message authentication code are then encrypted using EK2 and sent to the service station Q as M2 along with R2 and IDB. M2 may be represented as R2 IDB M2_0||mac (m2_0, ak2) } ek2.
Step 3: service station Q generates and transmits to client B.
After receiving M2, the service station Q uses R2 to combine with a pointer function to obtain a pointer P2, extracts SKQ2 from its own private key pool by the pointer, extracts PKB from the client public key pool according to IDB, and calculates k2=pkb SKQ2 . And splitting K2 into EK2 and AK2, and decrypting by using EK2 to obtain M2_0 and a message verification code thereof. And calculating the message authentication code by using AK2 to M2-0, and obtaining IDA, NA, IDB and NB after the comparison verification is passed.
The server Q generates random numbers Ra and Rb according to a random number generator in the matched key fob, uses Ra and Rb to combine pointer functions to obtain pointers Pa and Pb, extracts SKQa and SKQb in a server private key pool through Pa and Pb respectively, extracts public key PKA of the client A and public key PKB of the client B in a client public key pool according to IDA and IDB respectively, and calculates Ka=PKA SKQa ,Kb=PKB SKQb
The server Q generates a session key KAB from a random number generator in the matched key fob, encrypts KAB using Ka, and also encrypts IDA, NA and IDB. The encrypted portion and Ra are combined into TICKETA, which may be expressed as Ra|{ IDA|NA|IDB|KAB } Ka. The method is similar to the process for preparing the TICKETB, may be expressed as rb|{ idb|nb|ida|kab } Kb.
The service station Q generates a random number R3 according to a random number generator in the matched key fob, uses the R3 to combine with a pointer function to obtain a pointer P3, extracts SKQ3 from a service station private key pool through the pointer P3, and calculates K3=PKB SKQ3 . K3 was split into EK3 and AK3. Let m3_0=ticketa||ticketb. Message authentication code MAC (m3_0, ak3) is made for m3_0 using AK3. M3_0 and its message authentication code are then encrypted using EK3 and sent to client B as M3 along with R3. M3 may be represented as r3|| { m3_0||mac (m3_0, ak3) } ek3.
Step 4: client B verifies the TICKETB.
And after receiving the message, the client B. Obtaining a pointer P3 by combining R3 with a pointer function, extracting PKQ3 from a public key pool of a service station by P3, and calculating k3=pkq3 SKB . And splitting K3 into EK3 and AK3, and decrypting by using EK3 to obtain M3_0 and a message verification code thereof. UsingAnd AK3 calculates M3-0 to obtain a message authentication code, and after the comparison verification is passed, obtaining TICKETA and TICKETB.
Client B verifies the TICKETB. The client B uses Rb in combination with the pointer function to obtain a pointer Pb, extracts PKQb from the service station public key pool through Pb, calculates kb=pkqb SKB . Decrypting the encrypted portion of the TICKETB using Kb obtains IDB, NB, IDA and KAB. Client B authenticates whether NB is equal to the local NB, and if so, trusts session key KAB as the key for communication with client a. The client B generates a random number NC according to a random number generator in the matched key fob, encrypts NA and NC received in the step 1 by using KAB, and sends the NA and NC to the client A together with TICKETA as M4. M4 may be expressed as TICKETA| { NA||NC } KAB.
Step 5: client a verifies the TICKETA.
After receiving M4, the client a obtains a pointer Pa by combining Ra with a pointer function, extracts PKQa from the public key pool of the service station through Pa, and calculates ka=pkqa SKA . The encrypted portion of the TICKETA was decrypted using Ka to obtain IDA, NA, IDB and KAB. Client a authenticates whether NA is equal to the local NA and if so, trusts session key KAB as the key for communication with client B.
And the client A decrypts the session key KAB to obtain NA and NC, compares the NA with the local NA, and completes authentication of the client B if the NA passes the local NA.
Client a encrypts NC using KAB and sends to client B as M5. M5 may be represented as { NC } KAB.
Step 6: client B authenticates client a.
After receiving M5, client B decrypts the NC using KAB. And comparing the NC with the local NC, and if the NC passes the local NC, finishing authentication of the client A.
Step 7: client a communicates securely with client B.
The client A and the client B can utilize the key KAB to encrypt and decrypt the message and authenticate the message. Preferably, KAB is split into KABE and KABA, which are used as message encryption and decryption and message authentication keys, respectively.
Example 2
System description
The scenario of this embodiment is shown in fig. 3, where the scenario includes an active party corresponding to a claim of a client a, a passive party corresponding to a claim of a client B, and a service station including a quantum communication service station QA and a quantum communication service station QB, which are simply referred to as service station QA and service station QB. QA and QB are provided with respective key management servers. Both client a and client B are provided with a client key fob and quantum communication service station QA and quantum communication service station QB are provided with a service station key fob. The client a belongs to the quantum communication service station QA, and the client B belongs to the quantum communication service station QB, that is, the key fob of A, B is issued by the key management servers of QA and QB, respectively.
Step 1: client a initiates a negotiation key request to client B.
The client a generates a random number NA from a random number generator in the matched key fob, and transmits the random number NA to the client B as M1 together with its ID, IDA.
Step 2: client B encrypts M1 and forwards to quantum communication service station QB.
After receiving M1, client B generates random number NB according to random number generator in key fob matched with itself, NB together with M1 and IDB are formed into M2_0, can be represented as M1I IDB I NB.
The client B generates a random number R2 according to a random number generator in the matched key fob, uses the R2 to combine with a pointer function to obtain a pointer P2, and extracts PKQB2 from a public key pool of the service station through the pointer P2. Let K2 '=pkqb 2SKB, then split K2' into EK2 'and AK2'. A message authentication code MAC (m2_0, ak2 ') is made for m2_0 using AK2'. Wherein MAC (m, k) represents a message authentication code with m as a message and k as a key. M2_0 and its message authentication code are then encrypted using EK2' and sent to the service station QB as M2 along with R2 and IDB. M2 may be represented as R2 IDB M2 0 MAC (m2_0, ak2 ') } ek2'.
Step 3: the service station QB verifies the message and forwards it to the service station QA.
After receiving M2, the service station QB obtains a pointer P2 by combining R2 with a pointer function, extracts SKQB2 from its own private key pool by P2, extracts PKB from the client public key pool according to IDB, and calculates K2' =pkb SKQB2 . Splitting K2 'into EK2' and AK2', and decrypting by using EK2' to obtain M2_0 and a message verification code thereof. The message authentication code is calculated by using AK2' for M2_0, and after the comparison verification is passed, let M3' =m2_0, i.e., M3' may be represented as IDA NA NB.
The service station QB and the service station QA obtain a key K3 'through QKD negotiation, split K3' into EK3 'and AK3', calculate a message authentication code MAC (M3 ', AK 3') for M3 'using AK3', and then encrypt M3 'and its message authentication code using EK3'. The message transmitted to the service station QA may be expressed as { M3'||mac (M3', AK3 ') } EK3'.
Step 4: the quantum communication service station QA makes a time' and transmits to the quantum communication service station QB.
After receiving the message encrypted by the QKD key, the service station QA splits the QKD key K3' into EK3' and AK3', decrypts the message using the EK3' to obtain M3' and its message authentication code, and verifies the message authentication code. After verification, the service station QA generates a random number Ra ' according to a random number generator in the matched key fob, uses Ra ' in combination with a pointer function to obtain a pointer Pa, extracts SKQAa from a service station private key pool through Pa, extracts public key PKA of a client a from a client public key pool according to IDA, and calculates Ka ' =pka SKQAa
The service station QA generates a session key KAB from a random number generator in the matched key fob, encrypts KAB using Ka', and also encrypts IDA, NA and IDB. Combining the encrypted portion with Ra 'to form a TICKETA', can be expressed as Ra '||{ IDA| | NA IDB KAB Ka'.
The TICKETA ' and KAB are combined into M4', and the M4' is encrypted using the QKD key K4 and sent to the service station QB in the same manner as described above. The transmitted message may be represented as { M4'||MAC (M4', AK 4) } EK4.
Step 5: the quantum communication service station QB transmits the TICKETA 'and the TICKETB' to the client B.
After receiving the QKD key encrypted message, the service station QB decrypts, and verifies the message in the same manner as described above using the QKD key. The service station QB obtains M4', i.e. the timeta' and KAB. The service station QB generates random number according to the matched key fobGenerating a random number Rb ', combining Rb ' with a pointer function to obtain a pointer Pb, extracting SKQBb from a private key pool of a service station through Pb, extracting a public key PKB of a client B from a public key pool of the client according to IDB, and calculating Kb ' =PKB SKQBb . KAB is encrypted using Kb', and IDB, NB, and IDA are also encrypted. Combining the encrypted portion with Rb ' to form TICKETP B ', can be expressed as Rb ' |{ IDB| ' NB idakab Kb '.
The service station QB generates a random number R5' according to a random number generator in the matched key fob, uses the R5' to combine with a pointer function to obtain a pointer P5, extracts SKQB5 from a service station private key pool through the pointer P5, and calculates K5' =PKB SKQB5 . K5' was split into EK5' and AK5'. Let m5' _0=ticketa: ' TICKETB '. Message authentication codes MAC (M5 '_0, AK 5') are made for M5'_0 using AK5'. Then, the EK5 'is used to encrypt M5' _0 and its message authentication code, and then sent to client B as M5 'along with R5'. M5 'may be represented as R5' || { M5 '|0|MAC (M5' |0, AK5 ') } EK5'.
Step 6: client B verifies TICKETB'.
And after receiving M5', the client B receives the M5'. Obtaining a pointer P5 by combining R5 'with a pointer function, extracting PKQB5 from a public key pool of a service station by using the pointer P5, and calculating K5' =pkqb 5 SKB . Splitting K5' into EK5' and AK5', and decrypting by using EK5' to obtain M5' _0 and a message verification code thereof. And calculating M5'_0 by using AK5', and obtaining the TICKETA 'and the TICKETB' after the comparison verification is passed.
Client B verifies the TICKETB'. The client B uses Rb 'in combination with the pointer function to obtain a pointer Pb, extracts PKQBb from the service station public key pool by Pb, calculates Kb' =pkqbb SKB . Decrypting the encrypted portion of the TICKETB 'using Kb' yields IDB, NB, IDA and KAB. Client B authenticates whether NB is equal to the local NB, and if so, trusts session key KAB as the key for communication with client a. The client B generates a random number NC according to a random number generator in the matched key fob, encrypts NA and NC received in the step 1 by using KAB, and sends the NA and NC to the client A together with TICKETA 'as M6'. M6 'may be represented as TICKETA' NA NC KAB.
Step 7: client a verifies the TICKETA'.
After receiving M6', the client a obtains a pointer Pa by combining Ra ' with a pointer function, extracts PKQAa from the public key pool of the service station by Pa, and calculates Ka ' =pkqaa SKA . The encrypted portion of the TICKETA 'was decrypted using Ka' to obtain IDA, NA, IDB and KAB. Client a authenticates whether NA is equal to the local NA and if so, trusts session key KAB as the key for communication with client B.
And the client A decrypts the session key KAB to obtain NA and NC, compares the NA with the local NA, and completes authentication of the client B if the NA passes the local NA.
Client a encrypts NC using KAB and sends to client B as M7'. M7' may be denoted as { NC } KAB.
Step 8: client B authenticates client a.
After receiving M7', client B decrypts the NC by using KAB. And comparing the NC with the local NC, and if the NC passes the local NC, finishing authentication of the client A.
Step 9: client a communicates securely with client B.
The client A and the client B can utilize the key KAB to encrypt and decrypt the message and authenticate the message. Preferably, KAB is split into KABE and KABA, which are used as message encryption and decryption and message authentication keys, respectively.
Specific limitations regarding the active device, the passive device, and the service station device and system can be found in the above description of the quantum communication service station authentication method, and will not be repeated here. The various modules in the various devices described above may be implemented in whole or in part in software, hardware, and combinations thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In one embodiment, a computer device is provided, which may be a server, the internal structure of which may be as shown in fig. 3. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer device is used for storing relevant data of identity authentication. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program when executed by a processor implements a quantum communication service station key agreement method based on an asymmetric key pool pair and a DH protocol.
The summary of the specific steps according to the above disclosed technical solution may obtain a quantum communication service station key negotiation method based on an asymmetric key pool pair and DH protocol implemented on an active side, a quantum communication service station key negotiation method based on an asymmetric key pool pair and DH protocol implemented on a passive side, and a quantum communication service station key negotiation method based on an asymmetric key pool pair and DH protocol implemented on a service station in the claims, so that the description is omitted.
It will be appreciated by those skilled in the art that the structure shown in FIG. 3 is merely a block diagram of some of the structures associated with the present inventive arrangements and is not limiting of the computer device to which the present inventive arrangements may be applied, and that a particular computer device may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.
The summary of the specific steps according to the above disclosed technical solution may obtain a quantum communication service station key negotiation method based on an asymmetric key pool pair and DH protocol implemented on an active side, a quantum communication service station key negotiation method based on an asymmetric key pool pair and DH protocol implemented on a passive side, and a quantum communication service station key negotiation method based on an asymmetric key pool pair and DH protocol implemented on a service station in the claims, so that the description is omitted.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in embodiments provided herein may include non-volatile and/or volatile memory. The nonvolatile memory can include Read Only Memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double Data Rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous Link DRAM (SLDRAM), memory bus direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), among others.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The above examples illustrate only a few embodiments of the application, which are described in detail and are not to be construed as limiting the scope of the application. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the application, which are all within the scope of the application. Accordingly, the scope of protection of the present application is to be determined by the appended claims.

Claims (8)

1. The quantum communication service station key negotiation method based on the asymmetric key pool pair and DH protocol is characterized by being implemented by an active party, a passive party, a service station and a communication network, wherein the active party is configured with an active party key card, and the active party key card stores a service station public key pool, an active party public key and an active party private key; the passive party is provided with a passive party key card, and a service station public key pool, a passive party public key and a passive party private key are stored in the passive party key card; the service station is configured with a service station key card, and a service station private key pool, an active party public key pool and a passive party public key pool are stored in the service station key card;
The quantum communication service station key agreement method comprises the following steps implemented on an active party:
generating and transmitting information M1 to a passive party, wherein the information M1 comprises an authentication parameter NA generated by an active party and a device parameter IDA of the active party;
acquiring a ticket TICKETA from a passive party, wherein the ticket TICKETA is encrypted by using a session key KAB and comprises an authentication parameter NA, the ticket TICKETA is encrypted by using an encryption parameter Ka, the session key KAB is generated by a service station, the authentication parameter NC is generated by the passive party, and the encryption parameter Ka is generated by using a public key PKQa of the service station and a private key SKA of an active party;
decrypting the ticket TICKETA by using the encryption parameter Ka, verifying the authentication parameter NA, then trusting the session key KAB, and verifying the authentication parameter NA by using the session key KAB, then authenticating the passive party; transmitting an authentication parameter NC encrypted by using a session key KAB to the passive party;
the authentication parameter NC is used for the passive party to authenticate the active party.
2. The quantum communication service station key negotiation method based on the asymmetric key pool pair and DH protocol is characterized by being implemented by an active party, a passive party, a service station and a communication network, wherein the active party is configured with an active party key card, and the active party key card stores a service station public key pool, an active party public key and an active party private key; the passive party is provided with a passive party key card, and a service station public key pool, a passive party public key and a passive party private key are stored in the passive party key card; the service station is configured with a service station key card, and a service station private key pool, an active party public key pool and a passive party public key pool are stored in the service station key card;
The quantum communication service station key agreement method comprises the following steps implemented in a service station:
acquiring an authentication code MAC (M2_0, AK2) encrypted by an encryption key EK2 from a passive party, wherein the device parameter IDB of the passive party; the encryption key EK2 is generated by using a public key PKQ2 of the service station, the authentication code MAC (m2_0, ak2) is generated by using the public key PKQ2 of the service station and includes an authentication parameter NB generated by the passive party, information M1 and a device parameter IDB of the passive party, where the information M1 includes an authentication parameter NA generated by the active party and a device parameter IDA of the active party;
generating a session key KAB after decrypting and verifying the authentication code MAC (M2_0, AK2), generating an encryption parameter Ka by using a service station private key SKQa and an active party public key PKA, generating an encryption parameter Kb by using the service station private key SKQb and a passive party public key PKB, and manufacturing a ticket TICKETA and a ticket TICKETE B, wherein the ticket TICKETA comprises an authentication parameter NA, a device parameter IDA, a device parameter IDB and the session key KAB which are encrypted by using the encryption parameter Ka; the bill TICKETB comprises an authentication parameter NB, a device parameter IDA, a device parameter IDB and a session key KAB which are encrypted by utilizing an encryption parameter Kb;
generating an encryption parameter K3 by using a private key SKQ3 of a service station, splitting the encryption parameter K3 into an authentication key AK3 and an encryption key EK3, generating information M3_0 containing a bill TICKETA and a bill TICKETP B, generating an authentication code MAC (M3_0, AK3) for the information M3_0 by using the authentication key AK3, and transmitting the information M3_0 and the authentication code MAC (M3_0, AK3) which are encrypted by using the encryption key EK3 to a passive party;
Ticket TICKETA and ticket TICKETB within the authentication code MAC (m3_0, ak3) are used for the active and passive party to verify and trust the session key KAB, respectively.
3. The quantum communication service station key negotiation method based on the asymmetric key pool pair and DH protocol is characterized by being implemented by an active party, a passive party, a service station and a communication network, wherein the active party is configured with an active party key card, and the active party key card stores a service station public key pool, an active party public key and an active party private key; the passive party is provided with a passive party key card, and a service station public key pool, a passive party public key and a passive party private key are stored in the passive party key card; the service station is configured with a service station key card, and a service station private key pool, an active party public key pool and a passive party public key pool are stored in the service station key card;
the quantum communication service station key agreement method comprises the following steps implemented on a passive party:
acquiring information M1 from an active party, wherein the information M1 comprises an authentication parameter NA generated by the active party and a device parameter IDA of the active party; generating an authentication parameter NB and a message M2_0, wherein the message M2_0 comprises the authentication parameter NB, the information M1 and a device parameter IDB of a passive party; generating an encryption parameter K2 by using a public key PKQ2 of a service station stored by the service station, splitting the encryption parameter K2 into an authentication key AK2 and an encryption key EK2, manufacturing an authentication code MAC (M2_0, AK2) for the message M2_0 by using the authentication key AK2, and transmitting the authentication code MAC (M2_0, AK2) encrypted by using the encryption key EK2 to the service station, wherein the device parameter IDB of a passive party;
Acquiring information M3_0 and an authentication code MAC (M3_0, AK3) which are all encrypted by an encryption key EK3 from a service station, wherein the encryption key EK3 is generated by a service station private key SKQ3, the authentication code MAC (M3_0, AK3) is manufactured by the service station private key SKQ3 and comprises a bill TICKETA and a bill TICKETP B, and the bill TICKETA comprises an authentication parameter NA, a device parameter IDA, a device parameter IDB and a session key KAB which are all encrypted by an encryption parameter Ka; the bill TICKETB comprises an authentication parameter NB, a device parameter IDA, a device parameter IDB and a session key KAB which are encrypted by utilizing an encryption parameter Kb; wherein the encryption parameter Ka is generated by using a private key SKQa of the service station and a public key PKA of the initiative, and the session key KAB is generated by the service station; obtaining a bill TICKETA and a bill TICKETP B after decryption, verifying an authentication parameter NB in the bill TICKETP B, then trusting a session key KAB, generating an authentication parameter NC, and sending information M4 to the initiative party, wherein the information M4 comprises the bill TICKETA, and the authentication parameter NC and the authentication parameter NA encrypted by the session key KAB;
and acquiring an authentication parameter NC encrypted by using a session key KAB from the initiative, and completing verification of the initiative after decrypting and verifying the authentication parameter NC.
4. The quantum communication service station key negotiation method based on the asymmetric key pool pair and DH protocol is characterized by being implemented by an active party, a passive party, a service station and a communication network, wherein the active party is configured with an active party key card, and the active party key card stores a service station public key pool, an active party public key and an active party private key; the passive party is provided with a passive party key card, and a service station public key pool, a passive party public key and a passive party private key are stored in the passive party key card; the service station is configured with a service station key card, a service station private key pool, an active party public key pool and a passive party public key pool are stored in the service station key card, and the quantum communication service station key negotiation method comprises the following steps:
the method comprises the steps that an active party generates and sends information M1 to a passive party, wherein the information M1 comprises an authentication parameter NA generated by the active party and a device parameter IDA of the active party;
the method comprises the steps that after the passive party obtains the authentication parameters NB and a message M2_0, the message M2_0 comprises the authentication parameters NB, the information M1 and the device parameters IDB of the passive party; generating an encryption parameter K2 by using a public key PKQ2 of a service station stored by the service station, splitting the encryption parameter K2 into an authentication key AK2 and an encryption key EK2, manufacturing an authentication code MAC (M2_0, AK2) for the message M2_0 by using the authentication key AK2, and transmitting the authentication code MAC (M2_0, AK2) encrypted by using the encryption key EK2 to the service station, wherein the device parameter IDB of a passive party;
The service station acquires, decrypts and verifies the authentication code MAC (M2_0, AK2) and then generates a session key KAB, generates an encryption parameter Ka by using a service station private key SKQa and an active party public key PKA, generates an encryption parameter Kb by using the service station private key SKQb and a passive party public key PKB, and prepares a ticket TICKETA and a ticket TICKETE B, wherein the ticket TICKETA comprises an authentication parameter NA, a device parameter IDA, a device parameter IDB and a session key KAB which are encrypted by using the encryption parameter Ka; the bill TICKETB comprises an authentication parameter NB, a device parameter IDA, a device parameter IDB and a session key KAB which are encrypted by utilizing an encryption parameter Kb; generating an encryption parameter K3 by using a private key SKQ3 of a service station, splitting the encryption parameter K3 into an authentication key AK3 and an encryption key EK3, generating information M3_0 containing a bill TICKETA and a bill TICKETP B, generating an authentication code MAC (M3_0, AK3) for the information M3_0 by using the authentication key AK3, and transmitting the information M3_0 and the authentication code MAC (M3_0, AK3) which are encrypted by using the encryption key EK3 to a passive party;
the passive party obtains a bill TICKETA and a bill TICKETP B after obtaining and decrypting, verifies an authentication parameter NB in the bill TICKETP and trusts a session key KAB to generate an authentication parameter NC, and sends information M4 to the active party, wherein the information M4 comprises the bill TICKETA, and the authentication parameter NC and the authentication parameter NA encrypted by the session key KAB are used;
The active party acquires and decrypts the ticket TICKETA and verifies the authentication parameter NA and then trusts the session key KAB, and the passive party is authenticated after the authentication parameter NA is verified by using the session key KAB; transmitting an authentication parameter NC encrypted by using a session key KAB to the passive party;
the passive party acquires an authentication parameter NC encrypted by using a session key KAB from the active party, and the authentication of the active party is completed after decrypting and verifying the authentication parameter NC.
5. A quantum communication service station key agreement method according to any one of claims 1 to 4, wherein the session key KAB is split into a message encrypting and decrypting key KABE and a message authenticating key KABA.
6. An active device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor, when executing the computer program, implements the steps of the quantum communication service station key agreement method of claim 1.
7. A service station device comprising a memory and a processor, said memory storing a computer program, characterized in that the processor, when executing said computer program, implements the steps of the quantum communication service station key agreement method as claimed in claim 2.
8. A passive party device comprising a memory and a processor, said memory storing a computer program, characterized in that said processor, when executing said computer program, implements the steps of the quantum communication service station key agreement method of claim 3.
CN201910324294.6A 2019-04-22 2019-04-22 Quantum communication service station key negotiation method and system based on asymmetric key pool pair and DH protocol Active CN110138548B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910324294.6A CN110138548B (en) 2019-04-22 2019-04-22 Quantum communication service station key negotiation method and system based on asymmetric key pool pair and DH protocol

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910324294.6A CN110138548B (en) 2019-04-22 2019-04-22 Quantum communication service station key negotiation method and system based on asymmetric key pool pair and DH protocol

Publications (2)

Publication Number Publication Date
CN110138548A CN110138548A (en) 2019-08-16
CN110138548B true CN110138548B (en) 2023-09-01

Family

ID=67570616

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910324294.6A Active CN110138548B (en) 2019-04-22 2019-04-22 Quantum communication service station key negotiation method and system based on asymmetric key pool pair and DH protocol

Country Status (1)

Country Link
CN (1) CN110138548B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP4274157A3 (en) 2019-09-26 2024-04-17 General Electric Company Communicating securely with devices in a distributed control system
CN111245609B (en) * 2020-01-17 2023-02-28 南京如般量子科技有限公司 Secret sharing and random number based quantum secret communication key distribution and negotiation system and method thereof
CN111953675B (en) * 2020-08-10 2022-10-25 四川阵风科技有限公司 Key management method based on hardware equipment
CN112600669B (en) * 2020-12-16 2022-08-12 航天恒星科技有限公司 Cipher algorithm and conformity verification system
CN113452687B (en) * 2021-06-24 2022-12-09 中电信量子科技有限公司 Method and system for encrypting sent mail based on quantum security key

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108400867A (en) * 2017-02-07 2018-08-14 中国科学院沈阳计算技术研究所有限公司 A kind of authentication method based on public encryption system
CN108809636A (en) * 2018-04-26 2018-11-13 如般量子科技有限公司 The communication system and communication means of message authentication between member are realized based on group's type quantum key card
CN108964897A (en) * 2018-06-28 2018-12-07 如般量子科技有限公司 Identity authorization system and method based on group communication
CN109450623A (en) * 2018-10-16 2019-03-08 如般量子科技有限公司 Anti- quantum calculation cryptographic key negotiation method based on unsymmetrical key pond

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB0822254D0 (en) * 2008-12-05 2009-01-14 Qinetiq Ltd Method of performing authentication between network nodes

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108400867A (en) * 2017-02-07 2018-08-14 中国科学院沈阳计算技术研究所有限公司 A kind of authentication method based on public encryption system
CN108809636A (en) * 2018-04-26 2018-11-13 如般量子科技有限公司 The communication system and communication means of message authentication between member are realized based on group's type quantum key card
CN108964897A (en) * 2018-06-28 2018-12-07 如般量子科技有限公司 Identity authorization system and method based on group communication
CN109450623A (en) * 2018-10-16 2019-03-08 如般量子科技有限公司 Anti- quantum calculation cryptographic key negotiation method based on unsymmetrical key pond

Also Published As

Publication number Publication date
CN110138548A (en) 2019-08-16

Similar Documents

Publication Publication Date Title
US10903991B1 (en) Systems and methods for generating signatures
CN110519046B (en) Quantum communication service station key negotiation method and system based on one-time asymmetric key pair and QKD
CN106548345B (en) Method and system for realizing block chain private key protection based on key partitioning
CN110138548B (en) Quantum communication service station key negotiation method and system based on asymmetric key pool pair and DH protocol
CN110380845B (en) Quantum secret communication alliance chain transaction method, system and equipment based on group symmetric key pool
CN110505055B (en) External network access identity authentication method and system based on asymmetric key pool pair and key fob
CN109936456B (en) Anti-quantum computation digital signature method and system based on private key pool
CN107920052B (en) Encryption method and intelligent device
CN110380859B (en) Quantum communication service station identity authentication method and system based on asymmetric key pool pair and DH protocol
CN109921905B (en) Anti-quantum computation key negotiation method and system based on private key pool
CN110535626B (en) Secret communication method and system for identity-based quantum communication service station
CN112351037B (en) Information processing method and device for secure communication
CN110493177B (en) Method and system for quantum communication service station AKA key negotiation based on asymmetric key pool pair and serial number
CN110098925B (en) Quantum communication service station key negotiation method and system based on asymmetric key pool pair and random number
JP2010231404A (en) System, method, and program for managing secret information
CN114143108A (en) Session encryption method, device, equipment and storage medium
CN111416712B (en) Quantum secret communication identity authentication system and method based on multiple mobile devices
CN110176989B (en) Quantum communication service station identity authentication method and system based on asymmetric key pool
TWI476629B (en) Data security and security systems and methods
CN110519222B (en) External network access identity authentication method and system based on disposable asymmetric key pair and key fob
CN110365472B (en) Quantum communication service station digital signature method and system based on asymmetric key pool pair
CN117081736A (en) Key distribution method, key distribution device, communication method, and communication device
US9641333B2 (en) Authentication methods, systems, devices, servers and computer program products, using a pairing-based cryptographic approach
CN110266483B (en) Quantum communication service station key negotiation method, system and device based on asymmetric key pool pair and QKD
CN110880969B (en) Method and system for generating QKD network authentication key based on alliance chain and implicit certificate

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant