CN110224816A - Anti- quantum calculation application system and short distance energy-saving communication method and computer equipment based on key card and sequence number - Google Patents

Anti- quantum calculation application system and short distance energy-saving communication method and computer equipment based on key card and sequence number Download PDF

Info

Publication number
CN110224816A
CN110224816A CN201910400861.1A CN201910400861A CN110224816A CN 110224816 A CN110224816 A CN 110224816A CN 201910400861 A CN201910400861 A CN 201910400861A CN 110224816 A CN110224816 A CN 110224816A
Authority
CN
China
Prior art keywords
card
application
key
sequence number
bill
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910400861.1A
Other languages
Chinese (zh)
Other versions
CN110224816B (en
Inventor
富尧
钟一民
汪仲祥
杨羽成
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruban Quantum Technology Co Ltd
Original Assignee
Ruban Quantum Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ruban Quantum Technology Co Ltd filed Critical Ruban Quantum Technology Co Ltd
Priority to CN201910400861.1A priority Critical patent/CN110224816B/en
Publication of CN110224816A publication Critical patent/CN110224816A/en
Application granted granted Critical
Publication of CN110224816B publication Critical patent/CN110224816B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W52/00Power management, e.g. TPC [Transmission Power Control], power saving or power classes
    • H04W52/02Power saving arrangements
    • H04W52/0209Power saving arrangements in terminal devices
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Power Engineering (AREA)
  • Computer And Data Communications (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention relates to a kind of anti-quantum calculation application system and short distance energy-saving communication method and computer equipment based on key card and sequence number, system includes application server, application terminal and apply IC card, each member of system is provided with the key card comprising sequence number pond, using IC card and application server authentication, and the first ticket requests message ciphertext is sent to application server, first ticket requests parameter includes applying for the quantity of bill, it receives and applies for that total bill obtains session key and the first short-range communication message is sent to application terminal, it is realized and application terminal short-range communication using location parameter connected applications terminal serial number pond abstraction sequence signal communication key application terminal.The use of key card reduces the possibility that key is stolen by Malware, application terminal and only needs to table look-up the shared key obtained with application server coded communication using IC card, and calculation amount is small and speed extends the service time of battery of application terminal and application IC card fastly.

Description

Anti- quantum calculation application system and closely energy conservation based on key card and sequence number Communication means and computer equipment
Technical field
It is especially a kind of based on the anti-quantum of key card and sequence number the present invention relates to intelligentized terminals technical field Calculate application system and short distance energy-saving communication method and computer equipment.
Background technique
With the continuous development of informationization technology and social economy, people's lives level has obtained continuous raising, raw Movable joint, which is played, also gradually to be accelerated, and people have gradually appeared the various scenes for needing short distance authentication in daily life, such as door Taboo is swiped the card, traffic is swiped the card, attendance of going to work etc..With gradually increasing for intelligent equipment, people are to intelligentized operation and number According to transmission safety more stringent requirements are proposed.Generally guarantee the safety of data using asymmetric-key encryption, it is asymmetric Key encryption needs to be respectively completed encrypt and decrypt operation using different keys, and one publishes, i.e. public key, another It is saved by user oneself is secret, i.e. private key.Information transmitter goes to encrypt with public key, and information receiver goes to decrypt with private key;Or Person's information transmitter goes to encrypt with private key, and information receiver goes to decrypt with public key.It needs answering in general identity identifying method With arranging key between client, since applications client is often low-performance equipment, many services can not be supported well.
Communication encryption and transmission safety traditional at present, has relied on complicated mathematical algorithm.I.e. due to calculating at present The computing capability of machine is limited, and has little time to calculate within the period where demand as a result, it can be said that present number is close Code system is safe.But this Safety Situation is increasingly by the threat of quantum computer.For example, for classics Asymmetric key algorithm in cryptography, there are dedicated quantum computer algorithms (shor algorithm etc.) to be cracked.It is calculating In face of the powerful quantum computer of ability, even advanced secret communication again, as long as all can by current means of communication Face the possibility for being decrypted and eavesdropping.Therefore, it has been extremely urgent for establishing actually available a whole set of quantum communication network scheme Rigid need.
As most people is understood, quantum computer has great potential in password cracking.Mainstream is non-now Symmetrically (public key) Encryption Algorithm, such as RSA cryptographic algorithms, it is most of to be all based in factorization or the finite field of big integer The two difficult math questions of the calculating of discrete logarithm.Their difficulty that cracks also is dependent on the efficiency solved these problems.Tradition On computer, it is desirable that solve the two difficult math questions, the cost time is the exponential time (to crack the time with the growth of public key length Increased with exponential), this is unacceptable in practical applications.It and is that your elegant algorithm for making to measure of quantum computer can be with In polynomial time (time is cracked as the growth of public key length is increased with the speed of k power, wherein k is long with public key Spend unrelated constant) carry out integer factorization or discrete logarithm and calculate, thus for RSA, discrete logarithm Encryption Algorithm it is broken Solution provides may.
Problem of the existing technology:
(1) in the prior art, application server does not have reliable safeguard procedures.Application server is the center of application system Network element, and have Internet networking capability, it is more likely that infected virus wooden horse, thus the information that is stolen;Or it is attacked Cause to paralyse, so as to cause the paralysis of entire application system scheme.
(2) in the prior art, application terminal key storage is exposed to the virus of application terminal in the memory of application terminal Under the threat of wooden horse, it can be stolen by Malware or malicious operation.
(3) corresponding private key is obtained quickly through public key due to quantum calculation function, existing foundation is in public and private key Application system communication means on basis is easy to be cracked by quantum computer.
(4) if storage of public keys, private key, the application terminal of low-power consumption are difficult to bear its calculation amount in key card, not only It calculates slowly, and electricity is easy to cause to be exhausted rapidly.
(5) if storing pool of symmetric keys in key card, the application server as message center needs to store multiple Large capacity pool of symmetric keys, by the memory space of very big consumption application server.
Summary of the invention
Based on this, it is necessary in view of the above-mentioned problems, providing a kind of anti-quantum calculation application based on key card and sequence number System and short distance energy-saving communication method and system and computer equipment.
A kind of anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, anti-quantum meter At least one applications client that application system includes application server and connect with the application server communication is calculated, it is described to answer Include application terminal and using IC card with client, be implemented on using IC card, the application IC card is equipped with including application IC card sequence The key card in row number pond, the sequence number pond include sequence number and pairing person's information, the session that trust is utilized using IC card Key is realized includes: with the application terminal short-range communication, the session key obtaining step of the trust
With application server authentication, the first communication key and application IC card generation that application server generates are confirmed Second communication key is equal, wherein the first communication key is by utilizing the random number and server random number for applying IC card address extraction It calculates and generates;Second communication key is by application IC card address in conjunction with the random number and service extracted using IC card sequence number pond Device random number combination communication key table, which is looked into, to be taken;First ticket requests message ciphertext is sent to application server, first bill Request message ciphertext encrypts the first ticket requests parameter by the second communication key, and the first ticket requests parameter includes using IC card Location, application terminal address and the quantity for applying for bill;
It receives total bill that application server is sent and stores, total bill is made of multiple sub- bills, sub- bill number Amount is the quantity of application bill, and interior each sub- bill includes random using IC card bill, application terminal bill, server second Several and application terminal sequence number pond record applies the location parameter of IC card information, wherein the application IC card bill, application Terminal bill includes the session key of communication key encryption, and the communication key includes between application server and application IC card Fourth communication key between third communication key and application server and application terminal;Wherein third communication key/4th Communication key is calculated by application IC card third random number/the first random number of application terminal and the second random number of server and is obtained, Middle application IC card third random number/the first random number of application terminal passes through respective address extraction;
It extracts sub- bill and random number is calculated with one's own side's address extraction corresponding sequence number, combine communication close using the random number Key table obtains fifth communication key, and the fifth communication key decryption obtains session key using IC card bill;
First short-range communication message is sent to application terminal, the first short-range communication message includes application terminal Sequence number pond record apply the location parameter of IC card information, the application terminal according to the location parameter abstraction sequence number, The 6th communication key is obtained using the sequence number combination communication key table, and then confirms that session key realizes short-range communication.
A kind of anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, anti-quantum meter At least one applications client that application system includes application server and connect with the application server communication is calculated, it is described to answer Include application terminal and using IC card with client, be implemented on application server, the application server is equipped with including sequence number The key card in pond, the sequence number pond include sequence number and pairing person, which includes application server sequence number pond, answers With terminal serial number pond and apply IC card sequence number pond, application server for distribute total bill realize it is described using IC Card with the application terminal by the session key short-range communication of trust, distribute total bill step and include: by application server
With apply IC card authentication, the first communication key and application IC card that confirmation application server generates generate the Two communication keys are equal, wherein the first communication key is by utilizing the random number and server random number meter using IC card address extraction It calculates and generates;Second communication key by the random number of application IC card address extraction, look by the communication key table in conjunction with server random number It takes;
The first ticket requests message ciphertext is received, is decrypted using the first communication key and obtains the first required parameter, this first Ticket requests message ciphertext encrypts the first ticket requests parameter by the second communication key, and the first ticket requests parameter includes applying IC Card address, application terminal address and the quantity for applying for bill;
It checks in the sequence number pond for the application terminal having in application server key card and matches with the presence or absence of with using IC card Pair information, extract application terminal sequence number and simultaneously obtain the first random number of application terminal using the sequence number, and be utilized respectively and answer Calculating is combined with IC card third random number and the first random number of application terminal with the second random number of server obtains respective communication Key using communication key difference encrypted session key and then is obtained using IC card bill, application terminal bill, is respectively included IC card is applied using IC card bill, application terminal bill, the second random number of server and the sequence number pond of application terminal record The location parameter of information constitute sub- bill, multiple sub- bills constitute total bill and are sent to using IC card.
A kind of anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, anti-quantum meter At least one applications client that application system includes application server and connect with the application server communication is calculated, it is described to answer Include application terminal and using IC card with client, be implemented on application terminal, the application terminal is equipped with including application terminal sequence The key card in row number pond, application terminal sequence number pond include sequence number and pairing person, the application terminal and the application IC card passes through the session key short-range communication trusted, and the session key obtaining step of the trust includes:
Application terminal address is transmitted to it is described using IC card, for the application IC card and application server authentication After obtain total bill, in total bill comprising by application IC card bill, application terminal bill, the second random number of server and The sequence number pond record of application terminal constitutes sub- bill using the location parameter of the information of IC card;
The the first short-range communication message sent using IC card is received, the first short-range communication message is by application terminal Address, using the address of IC card, application terminal sequence number pond record using the location parameter of the information of IC card M, using clothes Business the second random number of device, application terminal bill, the first short-range communication authentication code are constituted;
Application is obtained eventually using the sequence number that the location parameter connected applications terminal serial number pond extracts application terminal Second random number at end, using the second random number of application terminal, communication key table is extracted in conjunction with the second random number of application server 6th communication key using the 6th communication key decryption application terminal bill and then obtains the session key realization low coverage trusted From communication.
A kind of anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, is implemented on anti- Quantum application system, anti-quantum calculation application system include application server and connect at least with the application server communication One applications client, the applications client include application terminal and using IC card, anti-each member of quantum calculation application system It is provided with the key card comprising sequence number pond, the sequence number pond includes sequence number and pairing person, the sequence of the application server Row number pond also includes application server sequence number pond, application terminal sequence number pond and application IC card sequence number pond, the application Terminal and the session key short-range communication for passing through trust using IC card, the session key obtaining step packet of the trust It includes:
Using IC card and application server authentication, the first communication key and apply IC that application server generates are confirmed The second communication key for blocking generation is equal, wherein the first communication key is by utilizing the random number and service for applying IC card address extraction Device random number, which calculates, to be generated;Second communication key is communicated in conjunction with server random number by the random number of application IC card address extraction Key list, which is looked into, to be taken;
The first ticket requests message ciphertext is sent to application server using IC card, the first ticket requests message ciphertext First ticket requests parameter is encrypted by the second communication key, the first ticket requests parameter includes applying IC card address, application terminal The quantity of address and application bill;
Application server receives the first ticket requests message ciphertext, obtains the first request using the decryption of the first communication key and joins Number;
Application server check in the sequence number pond of the application terminal having in application server key card with the presence or absence of with Using the information that IC card is matched, extracts application terminal sequence number and obtain the first random number of application terminal using the sequence number, and It is utilized respectively and combines calculating using IC card third random number and the first random number of application terminal with the second random number of server and obtain Respective communication key is taken, using communication key difference encrypted session key and then is obtained using IC card bill, application terminal Bill, it is each interior comprising applying IC card bill, application terminal bill, the second random number of server and the sequence number pond of application terminal Record constitutes sub- bill using the location parameter of the information of IC card, and multiple sub- bills constitute total bill and are sent to using IC card;
Total bill of application server transmission is received using IC card and is stored, total bill is made of multiple sub- bills, Sub- bill quantity is to apply for the quantity of bill;
Sub- bill is extracted using IC card and random number is calculated with one's own side's address extraction corresponding sequence number, utilizes the random number knot Hop communication key list obtains fifth communication key, and the fifth communication key decryption obtains session key using IC card bill;
The first short-range communication message is sent to application terminal using IC card, the first short-range communication message includes The sequence number pond record of application terminal applies the location parameter of IC card information, and the application terminal is extracted according to the location parameter Sequence number obtains the 6th communication key using the sequence number combination communication key table, and then confirms that session key is realized closely Communication.
The generation method of the communication key of server generation includes: in one of the embodiments,
Communication key is application server generation, and generation method includes:
Utilize the random number combination pointer letter of the random number of application IC card, the random number of application terminal and application server Number, which extracts, applies IC card public key, application terminal public key and application server private key, and is utilized respectively using IC card public key and answers With terminal public key, respective algorithms calculate the corresponding communication key of generation in conjunction with application server private key;
Communication key is to generate using IC card/application terminal, and generation method includes:
It is extracted using application IC card/application terminal random number, the random number of application server respectively in connection with pointer function Corresponding private key pointer extracts corresponding communication key using the private key pointer combination communication key table.
A kind of computer equipment, including memory and processor, it is described to deposit a kind of computer equipment, including memory and place Device is managed, the memory stores computer program, and the processor realizes any of the above-described kind of side when executing the computer program The step of method.
A kind of anti-quantum calculation application system based on key card and sequence number, anti-quantum calculation application system include application Server and at least one applications client connecting with the application server communication, the applications client include that application is whole It holds and applies IC card, anti-each member of quantum calculation application system is provided with the key card comprising sequence number pond, the sequence number pond Including sequence number and pairing person, the sequence number pond of the application server also includes application server sequence number pond, application terminal Sequence number pond and application IC card sequence number pond, the application terminal and the session key low coverage for passing through trust using IC card From communication,
Using IC card, for application server authentication, and send the first ticket requests message ciphertext to application clothes Business device, the first ticket requests message ciphertext encrypt the first ticket requests parameter, the first ticket requests parameter packet by communication key Include using IC card address, application terminal address and the quantity for applying for bill, receive apply total bill obtain session key realize with Application terminal short-range communication;
Application server obtains first using the decryption of the first communication key for receiving the first ticket requests message ciphertext Required parameter, the first required parameter include checking using IC card address, application terminal address and the quantity for applying for bill using clothes With the presence or absence of the information with application IC card pairing in the sequence number pond for the application terminal having in business device key card, application is extracted eventually Terminal sequence number simultaneously obtains the first random number of application terminal using the sequence number, and is utilized respectively using IC card third random number and answers Calculating is combined with the first random number of terminal with two random number of server and obtains respective communication key, utilizes the communication key point IC card bill, application terminal bill are applied in other encrypted session key and then acquisition, each interior comprising applying IC card bill, application terminal The sequence number pond record of bill, the second random number of server and application terminal constitutes son using the location parameter of the information of IC card Bill, multiple sub- bills constitute total bill and are sent to using IC card;
Application terminal, the first short-range communication message sent for receiving the application card, is combined using location parameter The sequence number that application terminal sequence number pond extracts application terminal obtains the second random number of application terminal, utilizes application terminal the Two random numbers communication key table in conjunction with the second random number of application server extracts the 6th communication key, close using the 6th communication Key, which decrypts application terminal bill and then obtains the session key trusted, realizes short-range communication.
It is above-mentioned by the anti-quantum calculation application system and short distance energy-saving communication method of key card and sequence number and based on Calculate machine equipment, anti-quantum calculation application system include application server and connect with the application server communication at least one Applications client, the applications client include application terminal and apply IC card, and anti-each member of quantum calculation application system matches There is the key card comprising sequence number pond, the sequence number pond includes sequence number and pairing person, the sequence number of the application server Pond also includes application server sequence number pond, application terminal sequence number pond and application IC card sequence number pond, the application terminal With it is described using IC card by trust session key short-range communication, using IC card and application server authentication, concurrently Send the first ticket requests message ciphertext to application server, which encrypts the first ticket by communication key According to required parameter, the first ticket requests parameter includes receiving using IC card address, application terminal address and the quantity for applying for bill Apply for that total bill obtains session key and realizes and application terminal short-range communication;Application terminal, for receiving the application card hair The the first short-range communication message sent extracts the sequence number of application terminal using location parameter connected applications terminal serial number pond The second random number for obtaining application terminal, is communicated in conjunction with the second random number of application server using the second random number of application terminal Key list extracts the 6th communication key, and the session using the 6th communication key decryption application terminal bill and then acquisition trust is close Key realizes short-range communication.Wherein anti-quantum calculation application system member is equipped with key card and stores key, and key card is Independent hardware device, a possibility that stealing key by Malware or malicious operation, substantially reduce, while each member's benefit Application system member's needed for the anti-quantum calculation public key disclosed in shared user terminal is extracted in conjunction with the unsymmetrical key pond Public key, and the public key of application system member is stored in key card, guarantees that quantum computer is unable to get client public key, Jin Erwu Method obtains corresponding private key, therefore reduces and crack risk by quantum computer, and application terminal and application IC card do not use public key, private Key is calculated, it is only necessary to which the shared key that can be obtained with application server coded communication of tabling look-up, calculation amount is small, and speed is fast;And It can be its energy conservation, extend the service time of battery of application terminal and application IC card.
Detailed description of the invention
Fig. 1 is application system networking diagram provided in an embodiment of the present invention;
Fig. 2 is the structural schematic diagram of application server key card key zone;
Fig. 3 is the structural schematic diagram in sequence number pond in the present invention;
Fig. 4 is the structural schematic diagram in public key pond in application server key card key zone;
Fig. 5 is the structural schematic diagram of applications client key card key zone;
Fig. 6 is the structural schematic diagram of pool of symmetric keys in applications client key card key zone;
Fig. 7 is the flow chart provided in an embodiment of the present invention for obtaining public and private key.
Specific embodiment
In anti-quantum calculation application system closely energy saving communication plan, anti-quantum calculation application system can be all kinds of The system of short distance authentication, including application server and several applications clients are needed, applications client includes that application is whole It holds, using IC card, is low-performance equipment.Application server runs traffic service program, and applications client runs business client Hold program.The application system of the present embodiment can be, but not limited to: access control system, traffic card-punching system, attendance checking system etc..It is aforementioned In the case where three kinds of application systems, application server is respectively as follows: access control system server, traffic card-punching system server, examines Diligent system server;Its application terminal is respectively as follows: gate inhibition's POS, the traffic POS, the attendance POS;It distinguishes using IC card Are as follows: access card, transportation card, attendance card.It can be smart card form key card or mobile phone SDKEY using the physical form of IC card Form key card.
Application system structure is as shown in Figure 1, application server S is used to issue key card to application terminal C and using IC card M is also used to issue using the session key KS between IC card M and application terminal C.Application server S and application terminal C use have Gauze network or wireless network connection, application server S pass through wireless network connection with using IC card M.Eventually using IC card M and application C is held to connect using short-range communication mode (BLE/NFC/ is infrared).
In the present embodiment, application server address ID is IDS, and application server S uses application server key card.
The key zone specific structure of application server key card is as shown in Fig. 2, include public key pond and private key pond.Application service In device key card, also having each applications client, (application terminal C and the SQN value using IC card M), SQN is sequence number.Initially When change, the SQN value of different clients (application terminal C and apply IC card M) is different, and is true random number, and by sequence number SQN value is stored respectively in application server key card, in applications client (application terminal C and apply IC card M) key card.
Sequence number SQN value at each applications client (application terminal C and application IC card M) is deposited in the form of sequence number pond As shown in figure 3, sequence number pond includes sequence number and pairing person;And the sequence number pond of each applications client takes in application Equally also there is portion in business device pool of keys, i.e., the sequence number pond that the described application server is furnished with includes application server sequence number The sequence number pond of pond, application terminal sequence number pond and application IC card sequence number pond, application terminal C and application IC card M are named as Application terminal sequence number pond and application IC card sequence number pond.
Public key pond in application server key card key zone is as shown in figure 4, the public key pond includes server public key pond and N N number of applications client public key pond of a applications client.Server public key pond initial position is Kp0, size Ks0.Using clothes The size in business device private key pond is also Ks0.The initial position in N number of applications client public key pond is respectively Kp1, Kp2 ... ..., KpN, N The size in a applications client private key pond is respectively Ks1, Ks2 ... ..., KsN.The size of each pool of keys is from 1G~4096G etc.. If the cipher key number of application server is respectively 1~m, application server private key pond is { s1, s2 ... ..., sm }, server public key Pond is { S1, S2 ... ..., Sm }.According to Diffie-Hellman agreement, a Big prime p and a several g are defined, g is mould p's Primitive root, Big prime g sum number p are the parameter of Diffie-Hellman agreement (Diffie-Hellman).Application server according to The application server key card matched generates truly random big integer si (i ∈ { 1,2 ... ..., m }), and as the private key of oneself, Application server public key Si=g is obtained by calculationsiModp (i ∈ { 1,2 ... ..., m }).
Applications client includes application terminal C and applies IC card M, is low-performance equipment.In the present embodiment, using end End address ID is IDC, is IDM using IC card address ID, using using IC card M using the application terminal key card of application terminal C Application IC card key card.Applications client key card key zone, that is, application terminal key card key zone and application IC card key The key zone of card, specific structure as shown in figure 5, include the applications client (application terminal C or applying IC card M) public key pond and Pool of symmetric keys.Wherein, the specific structure of pool of symmetric keys is as shown in Figure 6.If certain applications client (application terminal C or application IC card M) cipher key number is respectively 1~n, applications client (application terminal C or applying IC card M) private key pond be c1, c2 ... ..., Cn }, applications client (application terminal C or applying IC card M) public key pond is { C1, C2 ... ..., Cn }, wherein according to Diffie- Hellman agreement obtains Cj=gcjModp, j ∈ { 1,2 ... ..., n }.Key card issuer, that is, application server is application client (application terminal C and/or application IC card M) calculates all communication key Kij at end,
Calculation is Kij=(Si)cjModp,
Wherein, Si is application server public key, and cj is applications client (application terminal C or applying IC card M) private key, is owned Communication key Kij constitute communication key table, communication key table (i.e. the grey area Fig. 6) be copied into and answered by application server S In the key card corresponding to terminal C or application IC card M.
The present embodiment is application terminal C and application IC card M is held consultation key by application server S, and is being communicated The process of message authentication is carried out in journey.
The step of application server S is with application terminal C arranging key is as follows:
Application server S obtains random number rs and random number rc using application server key card.According to random number rs and Random number rc obtains communication key Kc.Process is as shown in fig. 7, verbal description is as follows:
Application server S using random number rs combine specific application server pointer function Fs be applied server private Key pointer Ps is extracted from the application server private key pond in application server key card by application server private key pointer Ps Application server private key SKs.Can also by Ps plus application server public key pond initial position Ks0 be applied server public affairs Key pointer Kss is extracted from the server public key pond in application server key card by application server public key pointer Kss and is answered With server public key PKs.
Specific application terminal pointer function Fc is combined to be applied terminal secret key pointer Pc using random number rc, by answering It is applied terminal with terminal secret key pointer Pc plus the application terminal public key pond initial position KsN in application server key card Public key pointer Ksc, it is public from application terminal is extracted in application server key card in public key pond by application terminal public key pointer Ksc Key PKc.
Calculating communication key is Kc=(PKc)SKs mod p
Wherein PKc is application terminal public key, and SKs is application server private key, and p is Big prime.
Application server S uses communication key Kc to be communicated as key encryption message with application terminal C.Application terminal After the application terminal C receives the message file using communication key Kc encryption, application is calculated according to random number rs and random number rc Privacy key pointer Ps and application terminal private key pointer Pc, row i and column in corresponding communication key table (i.e. the grey area Fig. 6) J looks into communication key table and obtains communication key Kc, and the message file of the encryption is decrypted with communication key Kc, obtains message file Realize information exchange.
Application terminal C and application IC card M are held consultation key by application server S, and are disappeared in communication process The process for ceasing certification, includes the following steps 1~5, verbal description is as follows:
Step 1. application IC card M and application server S authentication.
Specifically, include the following steps 1.1~1.4 using IC card M and application server S authentication.
Step 1.1 application IC card M sends arranging key essential information to application server S.
Specifically: it will be sent to application server S using IC card address ID M and application terminal address ID C using IC card M, Step includes:
Application terminal address ID C is sent to using IC card M by step 1.1.1 application terminal C.
After step 1.1.2 application IC card M is received, application terminal address ID C is sent to together with application IC card address ID M Application server S.
Step 1.2 application server S utilizes the first random number of the first random number ra and application server using IC card M Rb calculates the first communication key Kab and makes first message authentication code, and first message authentication code is sent to using IC card.
Specifically, including 1.2.1~1.2.4 step, steps are as follows:
After step 1.2.1 application server S receives application terminal address ID C and application IC card address ID M, according to using IC Take out the sequence number for applying IC card M in the sequence number pond using IC card having in card address ID M connected applications server key card SQN value, that is, sequence number SQNM is applied the public key pointer N of IC card M according to the sequence number SQNM of application IC card MSQNM,
The method for wherein obtaining public key pointer includes: to be randomly selected using the sequence number SQNM of application IC card M using IC card A numerical value in address ID M is as the public key pointer N for applying IC card MSQNM
Step 1.2.2 application server S calculates the first random number ra for applying IC card
Utilize the public key pointer N of application IC card MSQNMTake out the public key PKM for applying IC card MSQNM, calculate the using IC card One random number ra=KH (SQNM, PKMSQNM), wherein KH is the HASH function with key, such as HMAC.
Step 1.2.3 application server S utilize using IC card M the first random number ra and application server it is first random Number rb calculates the first communication key Kab.
Application server S using the randomizer in application server key card generate the first of application server with It is close to calculate the first communication according to the first random number rb of the first random number ra of application IC card M and application server by machine number rb Key Kab, calculating process it is similar above the process of communication key Kc is obtained according to random number rs and random number rc;Specific steps packet It includes:
Application server S is answered using the first random number rb connected applications server pointer function Fs of application server With privacy key pointer Ps, application server is extracted from application server private key pond by application server private key pointer Ps Private key SKs.It can also be applied by application server private key pointer Ps plus application server public key pond initial position Ks0 Server public key pointer Kss extracts application server public key PKs by application server public key pointer Kss from public key pond.
Application server S is applied using the first random number ra connected applications IC card pointer function Fm of application IC card M IC card private key pointer Pm is added by application IC card private key pointer Pm and is applied IC using IC card public key pond initial position KsN Card public key pointer Ksm, by being extracted from public key pond using IC card public key pointer Ksm using IC card public key PKm.
Calculate the first communication key Kab=(PKm)SKsMod p, this first communication key are application server S and application Communication key between IC card M.
Step 1.2.3 application server S makes first message authentication code
Application server S by the first communication key Kab, using the first random number ra of IC card, application server first Random number rb, application server address IDS combination production first message authentication code MACba, first message authentication code MACba according to Formula MACba=MAC Kab, ra | | rb | | IDS } calculating acquisition is carried out, wherein first message authentication code MAC is with key HASH function, such as HMAC.
First message containing first message authentication code is transmitted to using IC card M by step 1.2.4 application server S.
Application server S is by first message IDM | | IDS | | rb | | MACba is sent to using IC card M, specifically, described One message includes first message authentication code MACba, application server address IDS, using IC card address ID M, application server First random number rb.
Step 1.3 application IC card M utilizes the first random number rb of the second random number ra ' and application server using IC card The second communication key Kab ' is obtained in conjunction with communication key table, obtains second message authentication code using the second communication key Kab ', The authentication for applying IC card M application server S is realized using second message authentication code.
Specifically, including step 1.3.1~1.3.3, steps are as follows:
Step 1.3.1 application IC card M receives the message first message IDM that application server S is sent | | IDS | | rb | | After MACba, the second random number ra ' using IC card is calculated with mode identical in step 1.2, according to the of application IC card The random number rb of two random number ra ' and application server, which calculates corresponding random number pointer and then looks into communication key table, obtains Two communication key Kab ',
Detailed process is as follows:
Step 1.3.1.1 takes out application according to the sequence number pond in application IC card address ID M connected applications IC card key card Sequence number SQN value, that is, sequence number SQNM of IC card M is applied the public key pointer N of IC card M according to sequence number SQNMSQNM, utilize Using the public key pointer N of IC card MSQNMTake out the public key PKM for applying IC card MSQNM, calculate using IC card the second random number ra '= KH (SQNM, PKMSQNM), wherein KH is the HASH function with key, such as HMAC.
Step 1.3.1.2 application IC card M uses the random number rb connected applications server pointer function Fs of application server Be applied privacy key pointer Ps;
It uses using IC card M and is applied IC using the second random number ra ' connected applications IC card pointer function Fm of IC card Card private key pointer Pm;
Step 1.3.1.3 application server private key pointer Ps and application IC card private key pointer Pm, corresponding communication key table is (i.e. The grey area Fig. 6) in row i and column j, look into communication key table and obtain the second communication key Kab '.
Step 1.3.2 second message authentication code is compared with first message authentication code
New MAC value i.e. second message authentication code MACba ' is obtained further according to formula, MACba '=MAC Kab ', ra ' | | rb||IDS}.Obtained first message authentication code MACba and one's own side's second message authentication code MACba ' are carried out pair using IC card M Than being if the same proved to be successful, trusting the identity of application server S completely using IC card M, and confirm the second communication key Equal to the first communication key, that is, Kab '=Kab.
Second message containing third message authentication code is sent to application server S by step 1.3.3 application IC card M.
Using IC card M by utilization sequence number SQNM acquisition using the second random number ra ' of IC card and the second communication key Kab ' further calculates to obtain third message authentication code i.e. MACab=MAC { Kab ', ra ' | | rb }, and by second message IDM | | IDS | | MACab is sent to application server S, and carries out sequence number SQNM from add operation, i.e. SQNM=SQNM+1.Work as sequence When row number is equal to unsigned int maximum value, sequence number becomes 0 from after add operation.Wherein the second message includes third message Authentication code MACab, application server address IDS, using IC card address ID M.
Step 1.4 application server S realizes authentication of the application server S to application IC card M.
Application server S receives the message combination second message IDM for carrying out self-application IC card M | | IDS | | after MACab, answer It is taken according to what is had in application IC card address ID M connected applications server key card using the sequence number pond of IC card with server S The sequence number SQN value SQNM for applying IC card M out, calculates the first random number ra=KH (SQNM, the PKM for applying IC cardSQNM), and obtain Obtain the first communication key Kab=(PKm)SKsThe 4th message authentication code MACab ', MACab '=MAC is then calculated in mod p Kab, ra | | rb }, and obtained third message authentication code MACab and the 4th message authentication code MACab ' are compared, if It is identical, it is proved to be successful, application server S trusts the identity using IC card M completely.The sequence at oneself end will be present in application server S Number SQNM is carried out from add operation, i.e. SQNM=SQNM+1.
Step 2. applies IC card M to the total bill of application server S application
First ticket requests message ciphertext is sent to application server S by step 2.1 application IC card M.
Step 2.1.1 application IC card M will be using the quantity of IC card address ID M, application terminal address ID C and application bill Num group is combined into the first ticket requests message REQms, wherein the first ticket requests message REQms is IDM | | IDC | | Num;
The the second communication key Kab ' obtained in step 2.1.2 step 1.3 and the first ticket requests message REQms production First ticket requests message authentication code MAC_REQms, specifically formula is MAC_REQms=MAC (Kab ', REQms);
The second communication key Kab ' of step 2.1.3 encrypts the first ticket requests parameter { REQms | | MAC_REQms } and obtains First ticket requests message ciphertext { REQms | | MAC_REQms } Kab ', specifically, the first ticket requests parameter REQms | | MAC_REQms } it include the first ticket requests message REQms and the first ticket requests message authentication code MAC_REQms;
The first ticket requests message ciphertext { REQms | | MAC_REQms } Kab ' is sent to application server using IC card M S。
Step 3. application server S generates total bill and is sent to the first bill for including total bill generation message ciphertext Using IC card M.
The first ticket requests message ciphertext is received, is decrypted using the first communication key and obtains the first required parameter, this first Ticket requests message ciphertext encrypts the first ticket requests parameter by the second communication key, and the first ticket requests parameter includes applying IC Card address, application terminal address and the quantity for applying for bill;
It checks in the sequence number pond for the application terminal having in application server key card and matches with the presence or absence of with using IC card Pair information, obtained according to different situations (in the presence/absence of the information with application IC card pairing in application server key card) Corresponding application terminal sequence number, and be applied the first random number of terminal according to the sequence number, and be utilized respectively using IC card Third random number and the first random number of application terminal combine calculating with the second random number of server and obtain respective communication key, benefit It with communication key difference encrypted session key and then obtains using IC card bill, application terminal bill, respectively includes using IC Card bill, application terminal bill, the second random number of server and the sequence number pond of application terminal record apply the information of IC card Location parameter constitute sub- bill, multiple sub- bills constitute total bill and are sent to using IC card.
Specific step is as follows:
Step 3.1 application server S receive come self-application IC card M the first ticket requests message ciphertext REQms | | MAC_REQms}Kab';
Step 3.2 has confirmed that first communication is close in step 1.2 after application server S and application IC card M authentication Key Kab is equal with the second communication key Kab ', decrypts the first ticket requests message ciphertext { REQms using the first communication key Kab | | MAC_REQms } the first ticket requests parameter of Kab ' acquisition REQms | | MAC_REQms };
Step 3.3 application server S carries out message authentication, message to the first ticket requests message authentication code MAC_REQms It authenticates and successfully then parses the first ticket requests message REQms and be applied the quantity Num of IC card M application bill;
Step 3.4 application server S obtains the first random number of the second random number rs of application server, application terminal C Rc, the third random number rm using IC card M
It include that sequence number and pairing person, wherein sequence number and pairing person correspond according to sequence number pond, application server S Check that the sequence number pond for having application terminal C in application server key card whether there is the information with application IC card M pairing, with Determine the certification whether applied for the first time using IC card M with application terminal C.If it is applying for the first time, i.e., using IC card M and application Terminal C is unpaired, then application server S from the sequence number pond of application terminal C take out at random k-th not with other application IC card M The sequence number SQNCk of pairing, and the letter of IC card M is applied in k-th of position in the sequence number pond of application terminal C record pairing person Breath applies IC card address ID M;It if not applying for the first time, i.e., has been matched using IC card M and application terminal C, then basis is matched Take out the kth sequence number SQNCk of application terminal C from the sequence number pond of application terminal C using the address information IDM of IC card M to person, In conclusion therefore K is named as the sequence number pond record of application terminal using the location parameter of IC card information.
After application server S obtains sequence number SQNCk, it is applied terminal C according to the sequence number SQNCk of application terminal C Public key pointer NSQNCk, according to application terminal C public key pointer NSQNCkTake out the public key PKC of application terminal CSQNCk, utilize application terminal The public key PKC of CSQNCkCalculate the first random number rc, i.e. rc=KH (SQNCk, PKC of application terminal CSQNCk), wherein KH is with close The HASH function of key, such as HMAC.
Application server S obtains random number rs using application server key card, and uses method the same in step 1.2 Obtaining using IC card random number rm is the third random number for applying IC card,
Specifically steps are as follows:
Application server S is received using after IC card address ID M, according to application IC card address ID M from the sequence of application IC card The sequence number SQN value, that is, sequence number SQNM for applying IC card M is taken out in number pond, is applied the public key of IC card M according to sequence number SQNM Pointer NSQNM, wherein the method for obtaining public key pointer includes: to be randomly selected using the sequence number SQNM of application IC card M using IC card A numerical value in address ID M is as the public key pointer N for applying IC card MSQNM.Utilize the public key pointer N of application IC card MSQNMIt takes out Using the public key PKM of IC card MSQNM, calculate random number rm=KH (SQNM, the PKM for obtaining and applying IC cardSQNM), using IC card with Machine number rm is the third random number using IC card.
Step 3.5 application server S utilizes the second random number of third random number rm and application server using IC card The communication key Km between application server S and application IC card M can be calculated in rs, this communication key Km is that the third communication is close Key, the specific steps are as follows:
Application server S is answered using the second random number rs connected applications server pointer function Fs of application server With privacy key pointer Ps, application server is extracted from application server private key pond by application server private key pointer Ps Private key SKs.It can also be applied by application server private key pointer Ps plus application server public key pond initial position Ks0 Server public key pointer Kss extracts application server public key PKs by application server public key pointer Kss from public key pond.
Application server S is applied using the third random number rm connected applications IC card pointer function Fm of application IC card M IC card private key pointer Pm is added by application IC card private key pointer Pm and is applied IC using IC card public key pond initial position KsN Card public key pointer Ksm, by being extracted from public key pond using IC card public key pointer Ksm using IC card public key PKm.
Calculate the communication key Km=(PKm) between application server S and application IC card MSKsMod p, the application clothes The communication key Km being engaged between device S and application IC card M is third communication key.
Similarly, it is calculated and is answered using the second random number rs of the first random number rc of application terminal C and application server With the communication key Kc of server S and application terminal C, the communication key Kc of the application server S and application terminal C is named For fourth communication key.
Step 3.6 application server S randomly selects random number Kmc as session key using application server key card, It is made respectively using session key Kmc using IC card bill Tm and application terminal bill Tc.
Specifically, using IC card bill Tm=Kmc | | IDC | | rm } Km, by application server S and application IC card M between Communication key Km, that is, third communication key encryption using IC card parameter Kmc | | IDC | | rm } constitute, the application IC card parameter Including the session key Kmc, the address ID C of application terminal, using the third random number rm of IC card;
Similarly application terminal bill Tc=Kmc | | IDM | | rc } Kc, i.e. application terminal bill Tc by application server S and The communication key Kc of application terminal C, that is, fourth communication key encryption application terminal bill parameter Kmc | | IDM | | rc } it constitutes, institute State application terminal bill parameter Kmc | | IDM | | rc } include session key Kmc, using the address ID M of IC card and application terminal First random number rc;
Step 3.7 application server S makes total bill
The sequence number pond record pairing person of application terminal C is using the location parameter k of information of IC card M, application server Second random number rs, it is named as sub- bill TICKET using the sub- bill of IC card bill Tm, application terminal bill Tc composition, the sub- ticket According to TICKET be using IC card M to one of the bill ticket of application server S application, the sub- bill be expressed as k | | rs||Tm||Tc}。
Because the quantity using the bill ticket of IC card M application is Num, what application server S needed to generate The quantity of bill ticket is also Num.After generating a sub- bill TICKET every time, application server S is to sequence number SQNCk It carries out adding operation, i.e. SQNCk=SQNCk+1, SQNM=SQNM+1 certainly with SQNM.Then updated sequence number SQNCk is used It generates next sub- bill TICKET again according to above step with SQNM, until generating Num sub- bill TICKET, obtains Total bill is expressed as Σ { TICKET }.So the quantity according to the bill ticket of application IC card M application is one or more, answer The quantity for the bill ticket that need to be generated with server S is also one or more.In the present embodiment, total bill Σ { TICKET } For the bill of application IC card M application.
Step 3.8 application server S generates total bill and the first bill for including total bill is generated message ciphertext and sends To using IC card M.
Application server S will combine structure using IC card address ID M, application terminal address ID C and total bill Σ { TICKET } Message RESPsm, that is, IDM is generated at the first bill | | IDC | | Σ { TICKET }.It is raw using the first communication key Kab, the first bill The first bill, which is generated, at message RESPsm generates message authentication code MAC_RESPsm, specific formula are as follows: MAC_RESPsm=MAC (Kab, RESPsm), then the first bill is generated into the group that message RESPsm and the first bill generate message authentication code MAC_RESPsm Close RESPsm | | MAC_RESPsm is encrypted with the first communication key Kab, is obtained the first bill and is generated message ciphertext { RESPsm | | MAC_RESPsm } it Kab and is sent to using IC card M.
Step 4. application IC card M obtains total bill
It receives after the first bill from application server S generates message ciphertext { RESPsm | | MAC_RESPsm } Kab, It takes out the second communication key Kab ' and decrypts the first bill and generate message ciphertext { RESPsm | | MAC_RESPsm } Kab, to the first ticket Message authentication is carried out according to message authentication code MAC_RESPsm is generated, message authentication success then parses the first bill and generates message RESPsm, and then application IC card M obtains the first bill and generates message RESPsm, that is, IDM | | IDC | | Σ { TICKET } parameter value obtains To total bill Σ { TICKET }, store it in using in IC card key card.
Step 5. application IC card M and application terminal C short-range communication
Step 5.1 application IC card M extracts sub- bill and applies IC card with one's own side's address extraction corresponding sequence number and then calculating Random number rm ', this using IC card random number rm ' be using IC card the 4th random number, enable its combine communication key table can It obtains and decrypts sub- bill using the fifth communication key Km between IC card M and application server S, the fifth communication key Km TICKET obtains the session key Kmc of trust, constitutes the first short-range communication authentication code using session key Kmc, and will contain There is the first short-range communication message of the first short-range communication authentication code to be transmitted to application terminal C.
Specifically include the following steps:
Step 5.1.1 application IC card M takes out first sub- bill TICKET, the sub- bill in total bill Σ { TICKET } TICKET is by the sequence number pond record pairing person of application terminal C using the location parameter k of information of IC card M, application server Second random number rs, constituted using IC card bill Tm, application terminal bill Tc bill be expressed as k | | rs | | Tm | | Tc.
Step 5.1.2 application IC card M obtains the 4th random number rm ' for applying IC card
The corresponding sequence number SQNM for applying IC card is taken out according to the address ID M of application IC card using IC card M;
It is applied IC card public key pointer N further according to the sequence number SQNM of application IC cardSQNM, the IC card that is applied public key refers to Needle NSQNMMethod include: using application IC card M sequence number SQNM randomly select using a numerical value in IC card address ID M Public key pointer N as application IC card MSQNM
According to the public key pointer N of application IC card MSQNMTake out the public key PKM for applying IC card MSQNM, calculate the using IC card Four random number rm '=KH (SQNM, PKMSQNM)。
Step 5.1.3 is obtained using the fifth communication key Km between IC card M and application server S
It is random according to the second of the 4th random number rm ' of application IC card and the application server parsed from TICKET Corresponding application IC card private key pointer can be calculated in rs to number, application server private key pointer then looks into communication key Biao Ke get Using the fifth communication key Km between IC card M and application server S;
Step 5.1.4 confirms session key Kmc.
It is decrypted in sub- bill TICKET and is applied using the fifth communication key Km between application IC card M and application server S IC card bill Tm, Tm be Kmc | | IDC | | rm } Km, obtain the third random number rm of session key Kmc and application IC card.It will solution Close obtained the 4th random number rm ' using IC card calculated using the third random number rm of IC card and using IC card M into Row compares, and is confirmed whether equal, confirmation session key Kmc.
Step 5.1.5 using session key Kmc, using the third random number rm of IC card, the first random rc of application terminal And the address ID M of application IC card constitutes the first short-range communication authentication code MACmc.
Specific formula are as follows: MACmc=MAC (Kmc, rm | | rc | | IDM);
Wherein the random rc of application terminal is to take out application terminal C according to the address ID C of application terminal by application IC card M Sequence number SQN value, that is, sequence number SQNC is applied the public key pointer N of terminal C according to sequence number SQNCSQNC, wherein being answered With the public key pointer N of terminal CSQNCMethod include: using the sequence number SQNC of application terminal C with randomly selecting application terminal C Public key pointer N of the numerical value as application terminal C in the IDC of locationSQNC.Utilize the public key pointer N of application terminal CSQNCTaking-up is answered With the public key PKM of terminal CSQNC, calculate random number rc=KH (SQNC, the PKM for obtaining application terminal CSQNC)。
Step 5.1.6 application IC card M is by the first short-range communication message id C | | IDM | | k | | rs | | Tc | | MACmc is sent Give application terminal C.
First short-range communication message id C | | IDM | | k | | rs | | Tc | | MACmc by application terminal address ID C, application The address ID M of IC card, the sequence number pond record pairing person of application terminal C apply the location parameter k of the information of IC card M, using clothes The second random number rs, application terminal bill Tc, the first short-range communication authentication code MACmc of business device are constituted.
Step 5.2 application terminal C confirms session key Kmc
The the first short-range communication message sent using IC card is received, the first short-range communication message is by application terminal Address, using the address of IC card, application terminal sequence number pond record using the location parameter of the information of IC card M, using clothes Business the second random number of device, application terminal bill, the first short-range communication authentication code are constituted;
Application terminal is obtained using the sequence number that location parameter connected applications terminal serial number pond extracts application terminal Second random number, using the second random number of application terminal, communication key table extracts the 6th in conjunction with the second random number of application server Communication key is realized closely logical using the session key of the 6th communication key decryption application terminal bill and then acquisition trust Letter.
Specific step is as follows:
Step 5.2.1 application terminal C receives the first short-range communication message id C for carrying out self-application IC card M | | IDM | | k | |rs||Tc||MACmc。
Step 5.2.2 confirms session key Kmc, and the third short-range communication authentication code containing session key Kmc is passed It transports to using IC card M.
It is found using the location parameter k of the information of IC card M using eventually using the sequence number pond record pairing person of application terminal C K-th of unit in the sequence number pond of C is held, there are following situations:
If k-th of unit in the sequence number pond of application terminal C is to apply the information of IC card M there are pairing person's information, Check the address ID M whether being equal to using the information i.e. ID value of IC card M using IC card M;If the sequence number pond of application terminal C Pairing person's information is not present in k-th of unit, then without operation.In k-th of unit there are in the case where pairing person's information, application is utilized K-th of unit in the sequence number pond of terminal C takes out the sequence number SQNCk of application terminal C, calculate the second of application terminal C with Machine number rc ' can be calculated pair using the second random number rc ' of application terminal C and the second random number rs of application server Answer that application terminal private key pointer, application server private key pointer then looks into communication key table can obtain application terminal C and application service Communication key Kc between device S, by the communication key Kc between application terminal C and application server S be named as the 6th communicate it is close Key.Using between application terminal C and application server S communication key Kc decryption application terminal bill Tc be Kmc | | IDM | | Rc } Kc, available session key Kmc and application terminal C the first random number rc.The of the application terminal C that decryption is obtained The second random number rc ' for the application terminal C that one random number rc and application terminal C are calculated is compared, be confirmed whether it is equal, Confirm session key Kmc.
Application terminal C utilizes session key Kmc, the random rc of the application terminal obtained using the random rm of IC card, decryption And the Information ID of application IC card M constitutes the second short-range communication authentication code MACmc ', specific formula are as follows: MACmc '=MAC (Kmc, rm | | rc | | ID);It is wherein to be taken out by application terminal C according to the address ID M of application IC card using the random number rm of IC card Using sequence number SQN value, that is, sequence number SQNM of IC card M, it is applied the public key pointer N of IC card M according to sequence number SQNMSQNM, The public key pointer N of the IC card that is wherein applied MSQNMMethod include: to randomly select and answer using the sequence number SQNM of application IC card Use a numerical value in IC card address ID M as the public key pointer N for applying IC card MSQNM.Utilize the public key pointer of application IC card M NSQNMTake out the public key PKM for applying IC card MSQNM, calculate random number rm=KH (SQNM, the PKM for obtaining and applying IC card MSQNM)。
Application terminal C is by calculated second short-range communication authentication code MACmc ' and decrypts the first short-range communication message The first obtained short-range communication authentication code MACmc is compared, equal, trusts IDM, is equal to using the Information ID of IC card M and is answered With the address ID M of IC card M.
If pairing person's information, k-th of the sequence number pond of C in application terminal is not present in k-th of unit in sequence pond Position record pairing person applies IC card address ID M using the information of IC card M.
The sequence number SQNCk of application terminal C is added certainly, i.e. SQNCk=SQNCk+1, using session key Kmc, using IC The random number rc of the random number rm, application terminal C that block M obtain third short-range communication authentication code MACcm, specific formula are as follows: MACcm=MAC (Kmc, rm | | rc), application terminal C are by the second short-range communication message id C | | IDM | | MACcm is sent to application IC card M.
Step 5.3. application IC card M carries out authentication using one's own side's session key and application terminal C, and certification passes through rear double Side is securely communicated using session key Kmc as encryption key.
The second short-range communication message id C from application terminal C is received using IC card M | | IDM | | after MACcm, benefit Recognize with one's own side's session key Kmc, using random number rc the 4th short-range communication of acquisition of the random number rm, application terminal C of IC card M Demonstrate,prove code MACcm ', specific formula are as follows: and MACcm '=MAC (Kmc, rm | | rc), compare the 4th short-range communication being calculated and recognize Code MACcm ' and the third short-range communication authentication code MACcm from application terminal C is demonstrate,proved, application terminal C is trusted if equal. Both sides can be used session key Kmc and securely communicate as encryption key.Finally to the sequence number SQNCk of application terminal C It carries out from add operation, i.e. SQNCk=SQNCk+1.After completing the Authentication and Key Agreement process with application terminal C using IC card M, Current first local sub- bill TICKET is deleted, using next sub- bill TICKET as new current first sub- bill TICKET。
It is a kind of based on the anti-quantum calculation application system of key card and sequence number closely energy saving communication system, be applied to upper State the anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, anti-quantum calculation application system Including application server and at least one applications client being connect with the application server communication, the applications client packet It includes application terminal and using IC card, anti-each member of quantum calculation application system is provided with the key card comprising sequence number pond, described Sequence number pond includes sequence number and pairing person, the sequence number pond of the application server also include application server sequence number pond, Application terminal sequence number pond and application IC card sequence number pond, the application terminal and the session for passing through trust using IC card Key short-range communication, in which:
Using IC card, for application server authentication, and send the first ticket requests message ciphertext to application clothes Business device, the first ticket requests message ciphertext encrypt the first ticket requests parameter, the first ticket requests parameter packet by communication key Include using IC card address, application terminal address and the quantity for applying for bill, receive apply total bill obtain session key realize with Application terminal short-range communication;
Application server obtains first using the decryption of the first communication key for receiving the first ticket requests message ciphertext Required parameter, the first required parameter include checking using IC card address, application terminal address and the quantity for applying for bill using clothes With the presence or absence of the information with application IC card pairing in the sequence number pond for the application terminal having in business device key card, and extract application The sequence number pond record of terminal is combined and is answered using location parameter and application IC card address using the location parameter of the information of IC card It is extracted with sequence number pond in server key card and applies the first random number of IC card third random number and application terminal, and utilize application IC card third random number/the first random number of application terminal and two random number of server, which calculate, obtains respective communication key, utilizes institute It states communication key difference encrypted session key and then obtains using IC card bill, application terminal bill, it is each interior comprising applying IC card Bill, application terminal bill, the second random number of server and the sequence number pond of application terminal record apply the information of IC card Location parameter constitutes sub- bill, and multiple sub- bills constitute total bill and are sent to using IC card;
Application terminal, the first short-range communication message sent for receiving the application card, is combined using location parameter The sequence number that application terminal sequence number pond extracts application terminal obtains the second random number of application terminal, utilizes application terminal the Two random numbers communication key table in conjunction with the second random number of application server extracts the 6th communication key, close using the 6th communication Key, which decrypts application terminal bill and then obtains the session key trusted, realizes short-range communication.
A kind of computer equipment, the computer equipment include processor, the memory connected by system bus.Wherein, The processor of the computer equipment is for providing calculating and control ability.The memory of the computer equipment includes non-volatile deposits Storage media, built-in storage.The non-volatile memory medium is stored with operating system, computer program.The place of the computer equipment Reason device realizes any of the above-described kind of anti-quantum calculation application system based on key card and sequence number when executing the computer program The step of short distance energy-saving communication method.
Key card is combined with cryptological technique, hardware security isolation technology, quantum physics technology and (it is random to carry quantum In the case where number generator) authentication and encryption and decryption product.The embedded chip and operating system of key card can provide close The functions such as the secure storage of key and cryptographic algorithm.Since it is with independent data-handling capacity and good safety, key Card becomes the safety barrier of private key and pool of keys.Each key card can have the protection of hardware PIN code, and PIN code and hardware are constituted User uses two necessary factors of key card, i.e., so-called " double factor authentication ", and only acquirement saves correlation to user simultaneously The key card and user's PIN code of authentication information, just can be with login system.Even if the PIN code of user is leaked, as long as user holds Key card be not stolen, the identity of legitimate user would not be counterfeit;If the key card of user is lost, the person of picking up is not due to Know user's PIN code, also cannot counterfeit the identity of legitimate user.In short, key card makes the top-secret information such as key not in plain text Form appears in the disk and memory of host, so as to which the safety of top-secret information is effectively ensured.
Application system member is equipped with key card, stores key using key card, and key card is independent hardware device, A possibility that stealing key by Malware or malicious operation substantially reduces.Meanwhile while each shared user of member's utilization The public key of application system member needed for the disclosed anti-quantum calculation public key in end is extracted in conjunction with the unsymmetrical key pond, and apply The public key of DBMS member is stored in key card, guarantees that quantum computer is unable to get client public key, and then be unable to get correspondence Private key, therefore reduce and risk cracked by quantum computer.
The application terminal of low-power consumption is calculated with application IC card without using public key, private key, it is only necessary to table look-up can be obtained with The shared key of application server coded communication, calculation amount is small, and speed is fast;And can be its energy conservation, extend application terminal and application The service time of battery of IC card.
Application server as message center is without storing multiple large capacity pool of symmetric keys, it is only necessary to store multiple groups public key Pond is greatly saved the memory space of application server.According to above-described embodiment, when application server increases n-th application terminal newly, It is original to need newly-increased storage size of key identical with n-th application terminal, i.e. m*n according to pool of symmetric keys method;It only needs now The newly-increased size of key for storing the corresponding public key pond in n-th application terminal, i.e. n, newly-increased size of key substantially reduce.Therefore above-mentioned implementation Example is greatly saved the memory space of application server.
Diffie-Hellman agreement used in embodiment described above also could alternatively be its elliptic curve version, i.e., ECDH (Elliptic Curve Diffie-Hellman), effect is the same.
Each technical characteristic of embodiment described above can be combined arbitrarily, for simplicity of description, not to above-mentioned reality It applies all possible combination of each technical characteristic in example to be all described, as long as however, the combination of these technical characteristics is not deposited In contradiction, all should be considered as described in this specification.
The embodiments described above only express several embodiments of the present invention, and the description thereof is more specific and detailed, but simultaneously It cannot therefore be construed as limiting the scope of the patent.It should be pointed out that coming for those of ordinary skill in the art It says, without departing from the inventive concept of the premise, various modifications and improvements can be made, these belong to protection of the invention Range.Therefore, the scope of protection of the patent of the invention shall be subject to the appended claims.

Claims (10)

1. a kind of anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, anti-quantum calculation Application system includes application server and at least one applications client for connecting with the application server communication, the application Client includes application terminal and applies IC card, is implemented on using IC card, which is characterized in that the application IC card is furnished with comprising answering With the key card in IC card sequence number pond, the sequence number pond includes sequence number and pairing person's information, and the application IC card utilizes letter The session key appointed is realized includes: with the application terminal short-range communication, the session key obtaining step of the trust
With application server authentication, the first communication key that application server generates and application IC card generates second is confirmed Communication key is equal, wherein the first communication key is by utilizing the random number and server random number calculating using IC card address extraction It generates;Second communication key by application IC card address in conjunction with it is described using IC card sequence number pond extract random number and server with Machine number combination communication key table, which is looked into, to be taken;First ticket requests message ciphertext is sent to application server, first ticket requests Message ciphertext by the second communication key encrypt the first ticket requests parameter, the first ticket requests parameter include using IC card address, The quantity of application terminal address and application bill;
It receives total bill that application server is sent and stores, total bill is made of multiple sub- bills, and sub- bill quantity is The quantity for applying for bill, in each sub- bill comprising using IC card bill, application terminal bill, the second random number of server with And the sequence number pond record of application terminal applies the location parameter of IC card information, wherein the application IC card bill, application terminal Bill includes the session key of communication key encryption, and the communication key includes the third between application server and application IC card Fourth communication key between communication key and application server and application terminal;Wherein third communication key/fourth communication Key is calculated by application IC card third random number/the first random number of application terminal and the second random number of server and is obtained, wherein answering Pass through respective address extraction with IC card third random number/the first random number of application terminal;
It extracts sub- bill and random number is calculated with one's own side's address extraction corresponding sequence number, utilize the random number combination communication key table Fifth communication key is obtained, the fifth communication key decryption obtains session key using IC card bill;
First short-range communication message is sent to application terminal, the first short-range communication message includes the sequence of application terminal Row number pond record applies the location parameter of IC card information, and the application terminal is utilized according to the location parameter abstraction sequence number The sequence number combination communication key table obtains the 6th communication key, and then confirms that session key realizes short-range communication.
2. a kind of anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, anti-quantum calculation Application system includes application server and at least one applications client for connecting with the application server communication, the application Client includes application terminal and applies IC card, is implemented on application server, which is characterized in that the application server is equipped with packet The key card in the pond containing sequence number, the sequence number pond include sequence number and pairing person, which includes application server sequence Row number pond, application terminal sequence number pond and application IC card sequence number pond, application server are realized for distributing total bill The session key short-range communication using IC card and the application terminal by trust, the total bill step of application server distribution Suddenly include:
It is logical with the second of the first communication key and application IC card generation that are generated using IC card authentication, confirmation application server Believe that key is equal, wherein the first communication key is given birth to by being calculated using the random number using IC card address extraction with server random number At;Second communication key is taken by applying the random number of IC card address extraction communication key table in conjunction with server random number to look into;
The first ticket requests message ciphertext is received, is decrypted using the first communication key and obtains the first required parameter, first bill Request message ciphertext encrypts the first ticket requests parameter by the second communication key, and the first ticket requests parameter includes using IC card Location, application terminal address and the quantity for applying for bill;
Checking in the sequence number pond for the application terminal having in application server key card whether there is and application IC card pairing Information extracts application terminal sequence number and obtains the first random number of application terminal using the sequence number, and is utilized respectively using IC Card third random number and the first random number of application terminal combine calculating with the second random number of server and obtain respective communication key, It using communication key difference encrypted session key and then obtains using IC card bill, application terminal bill, respectively includes application IC card bill, application terminal bill, the second random number of server and the sequence number pond of application terminal record apply the letter of IC card The location parameter of breath constitutes sub- bill, and multiple sub- bills constitute total bill and are sent to using IC card.
3. a kind of anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, anti-quantum calculation Application system includes application server and at least one applications client for connecting with the application server communication, the application Client includes application terminal and applies IC card, is implemented on application terminal, which is characterized in that be furnished with comprising answering the application terminal With the key card in terminal serial number pond, application terminal sequence number pond includes sequence number and pairing person, the application terminal with Described to pass through the session key short-range communication trusted using IC card, the session key obtaining step of the trust includes:
Application terminal address is transmitted to it is described using IC card, for being obtained after the application IC card and application server authentication Total bill is taken, includes by application IC card bill, application terminal bill, the second random number of server and application in total bill The sequence number pond record of terminal constitutes sub- bill using the location parameter of the information of IC card;
Receive using IC card send the first short-range communication message, the first short-range communication message by application terminal ground Location, using the address of IC card, application terminal sequence number pond record using the location parameter of the information of IC card, application server the Two random numbers, application terminal bill, the first short-range communication authentication code are constituted;
Application terminal is obtained using the sequence number that the location parameter connected applications terminal serial number pond extracts application terminal Second random number, using the second random number of application terminal, communication key table extracts the 6th in conjunction with the second random number of application server Communication key is realized closely logical using the session key of the 6th communication key decryption application terminal bill and then acquisition trust Letter.
4. a kind of anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, is implemented on anti-amount Sub- application system, anti-quantum calculation application system include application server and connect with the application server communication at least one A applications client, the applications client include application terminal and using IC card, which is characterized in that anti-quantum calculation application system Each member that unites is provided with the key card comprising sequence number pond, and the sequence number pond includes sequence number and pairing person, the application clothes Business device sequence number pond also include application server sequence number pond, application terminal sequence number pond and apply IC card sequence number pond, The application terminal and the session key short-range communication for passing through trust using IC card, the session key of the trust obtain Step includes:
Using IC card and application server authentication, the first communication key and application IC card life that application server generates are confirmed At the second communication key it is equal, wherein the first communication key by using using IC card address extraction random number and server with Machine number, which calculates, to be generated;Second communication key communication key in conjunction with server random number by the random number of application IC card address extraction Table, which is looked into, to be taken;
The first ticket requests message ciphertext is sent to application server using IC card, the first ticket requests message ciphertext is by Two communication keys encrypt the first ticket requests parameter, and the first ticket requests parameter includes applying IC card address, application terminal address With the quantity of application bill;
Application server receives the first ticket requests message ciphertext, is decrypted using the first communication key and obtains the first required parameter;
Application server, which is checked in the sequence number pond for the application terminal having in application server key card, whether there is and application The information of IC card pairing extracts application terminal sequence number and obtains the first random number of application terminal using the sequence number, and respectively Calculating, which is combined, with the second random number of server using application IC card third random number and the first random number of application terminal obtains phase Communication key is answered, using communication key difference encrypted session key and then is obtained using IC card bill, application terminal bill, Comprising using IC card bill, application terminal bill, the second random number of server and the sequence number pond of application terminal record in each Sub- bill is constituted using the location parameter of the information of IC card, multiple sub- bills constitute total bill and are sent to using IC card;
Total bill of application server transmission is received using IC card and is stored, and total bill is made of multiple sub- bills, sub- ticket Data bulk is to apply for the quantity of bill;
Sub- bill is extracted using IC card and random number is calculated with one's own side's address extraction corresponding sequence number, is combined using the random number logical Believe that key list obtains fifth communication key, the fifth communication key decryption obtains session key using IC card bill;
The first short-range communication message is sent to application terminal using IC card, the first short-range communication message includes application The sequence number pond record of terminal applies the location parameter of IC card information;
The application terminal obtains the 6th according to the location parameter abstraction sequence number, using the sequence number combination communication key table Communication key, and then confirm that session key realizes short-range communication.
5. the anti-quantum calculation application system according to any one of claim 1 to 4 based on key card and sequence number is close Apart from energy-saving communication method, which is characterized in that
Communication key is application server generation, and generation method includes:
It is mentioned using the random number combination pointer function of the random number of application IC card, the random number of application terminal and application server It takes using IC card public key, application terminal public key and application server private key, and is utilized respectively whole using IC card public key and application It holds public key respective algorithms in conjunction with application server private key to calculate and generates corresponding communication key;
Communication key is to generate using IC card/application terminal, and generation method includes:
It extracts and corresponds to respectively in connection with pointer function using application IC card/application terminal random number, the random number of application server Private key pointer extracts corresponding communication key using the private key pointer combination communication key table.
6. a kind of computer equipment, including memory and processor, the memory stores computer program, which is characterized in that The step of processor realizes claim 1 the method when executing the computer program.
7. a kind of computer equipment, including memory and processor, the memory stores computer program, which is characterized in that The step of processor realizes claim 2 the method when executing the computer program.
8. a kind of computer equipment, including memory and processor, the memory stores computer program, which is characterized in that The step of processor realizes claim 3 the method when executing the computer program.
9. a kind of computer equipment, including memory and processor, the memory stores computer program, which is characterized in that The step of processor realizes claim 4 the method when executing the computer program.
10. a kind of anti-quantum calculation application system based on key card and sequence number, anti-quantum calculation application system includes application Server and at least one applications client connecting with the application server communication, the applications client include that application is whole Hold and apply IC card, which is characterized in that anti-each member of quantum calculation application system is provided with the key card comprising sequence number pond, institute Stating sequence number pond includes sequence number and pairing person, and the sequence number pond of the application server also includes application server sequence number Pond, application terminal sequence number pond and application IC card sequence number pond, the application terminal pass through trust using IC card with described Session key short-range communication, in which:
Using IC card, for application server authentication, and send the first ticket requests message ciphertext to application server, The first ticket requests message ciphertext encrypts the first ticket requests parameter by communication key, and the first ticket requests parameter includes application IC card address, application terminal address and the quantity for applying for bill receive and apply for that total bill obtains session key and realizes with application eventually Hold short-range communication;
Application server obtains the first request using the decryption of the first communication key for receiving the first ticket requests message ciphertext Parameter, the first required parameter include checking application server using IC card address, application terminal address and the quantity for applying for bill With the presence or absence of the information with application IC card pairing in the sequence number pond for the application terminal having in key card, application terminal sequence is extracted Row number simultaneously obtains the first random number of application terminal using the sequence number, and is utilized respectively whole using IC card third random number and application It holds the first random number to combine calculating with two random number of server and obtains respective communication key, added respectively using the communication key IC card bill, application terminal bill are applied in close session key and then acquisition, each interior comprising applying IC card bill, application terminal ticket Sub- ticket is constituted using the location parameter of the information of IC card according to the sequence number pond of, the second random number of server and application terminal record According to multiple sub- bills constitute total bill and are sent to using IC card;
Application terminal, the first short-range communication message sent for receiving the application card, utilizes location parameter connected applications Terminal serial number pond extract application terminal sequence number obtain application terminal the second random number, using application terminal second with Machine number communication key table in conjunction with the second random number of application server extracts the 6th communication key, utilizes the 6th communication key solution Close application terminal bill and then the session key realization short-range communication for obtaining trust.
CN201910400861.1A 2019-05-15 2019-05-15 Anti-quantum computing application system based on key fob and serial number, near-field energy-saving communication method and computer equipment Active CN110224816B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910400861.1A CN110224816B (en) 2019-05-15 2019-05-15 Anti-quantum computing application system based on key fob and serial number, near-field energy-saving communication method and computer equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910400861.1A CN110224816B (en) 2019-05-15 2019-05-15 Anti-quantum computing application system based on key fob and serial number, near-field energy-saving communication method and computer equipment

Publications (2)

Publication Number Publication Date
CN110224816A true CN110224816A (en) 2019-09-10
CN110224816B CN110224816B (en) 2023-09-05

Family

ID=67821232

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910400861.1A Active CN110224816B (en) 2019-05-15 2019-05-15 Anti-quantum computing application system based on key fob and serial number, near-field energy-saving communication method and computer equipment

Country Status (1)

Country Link
CN (1) CN110224816B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113950049A (en) * 2021-09-28 2022-01-18 天翼物联科技有限公司 Internet of things quantum security method, system, device and medium based on SIM card
CN114095183A (en) * 2022-01-23 2022-02-25 杭州字节信息技术有限公司 Client dual authentication method, terminal equipment and storage medium
CN114155632A (en) * 2021-11-30 2022-03-08 深圳市同创新佳科技有限公司 Encryption communication key distribution method for electronic door lock of networked hotel
CN115296847A (en) * 2022-07-06 2022-11-04 杭州涂鸦信息技术有限公司 Flow control method and device, computer equipment and storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003132253A (en) * 2001-10-22 2003-05-09 Kddi Corp Service reservation and providing method for mutual authentication by use of ticket, program therefor, and storage medium with program stored therein
WO2018076365A1 (en) * 2016-10-31 2018-05-03 美的智慧家居科技有限公司 Key negotiation method and device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003132253A (en) * 2001-10-22 2003-05-09 Kddi Corp Service reservation and providing method for mutual authentication by use of ticket, program therefor, and storage medium with program stored therein
WO2018076365A1 (en) * 2016-10-31 2018-05-03 美的智慧家居科技有限公司 Key negotiation method and device

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113950049A (en) * 2021-09-28 2022-01-18 天翼物联科技有限公司 Internet of things quantum security method, system, device and medium based on SIM card
CN113950049B (en) * 2021-09-28 2023-10-03 天翼物联科技有限公司 Quantum security method, system, device and medium of Internet of things based on SIM card
CN114155632A (en) * 2021-11-30 2022-03-08 深圳市同创新佳科技有限公司 Encryption communication key distribution method for electronic door lock of networked hotel
CN114155632B (en) * 2021-11-30 2023-10-31 深圳市同创新佳科技有限公司 Method for distributing encryption communication keys of networking hotel electronic door locks
CN114095183A (en) * 2022-01-23 2022-02-25 杭州字节信息技术有限公司 Client dual authentication method, terminal equipment and storage medium
CN114095183B (en) * 2022-01-23 2022-05-03 杭州字节信息技术有限公司 Client dual authentication method, terminal equipment and storage medium
CN115296847A (en) * 2022-07-06 2022-11-04 杭州涂鸦信息技术有限公司 Flow control method and device, computer equipment and storage medium
CN115296847B (en) * 2022-07-06 2024-02-13 杭州涂鸦信息技术有限公司 Flow control method, flow control device, computer equipment and storage medium

Also Published As

Publication number Publication date
CN110224816B (en) 2023-09-05

Similar Documents

Publication Publication Date Title
CN109495274B (en) Decentralized intelligent lock electronic key distribution method and system
CN110519046B (en) Quantum communication service station key negotiation method and system based on one-time asymmetric key pair and QKD
CN109951513B (en) Quantum-resistant computing smart home quantum cloud storage method and system based on quantum key card
CN110224816A (en) Anti- quantum calculation application system and short distance energy-saving communication method and computer equipment based on key card and sequence number
CN103124269A (en) Bidirectional identity authentication method based on dynamic password and biologic features under cloud environment
CN110535626B (en) Secret communication method and system for identity-based quantum communication service station
CN109495251A (en) Anti- quantum calculation wired home cloud storage method and system based on key card
CN110505055A (en) Based on unsymmetrical key pond to and key card outer net access identity authentication method and system
CN111416712B (en) Quantum secret communication identity authentication system and method based on multiple mobile devices
CN111416715A (en) Quantum secret communication identity authentication system and method based on secret sharing
EP1079565A2 (en) Method of securely establishing a secure communication link via an unsecured communication network
CN106230840B (en) A kind of command identifying method of high security
CN110519222A (en) Outer net access identity authentication method and system based on disposable asymmetric key pair and key card
CN111245609B (en) Secret sharing and random number based quantum secret communication key distribution and negotiation system and method thereof
CN110519214B (en) Application system short-distance energy-saving communication method, system and equipment based on online and offline signature and auxiliary verification signature
CN109889329A (en) Anti- quantum calculation wired home quantum communications method and system based on quantum key card
CN110213056B (en) Anti-quantum computing energy-saving communication method and system and computer equipment
CN109299618A (en) Anti- quantum calculation cloud storage method and system based on quantum key card
CN110430047B (en) Anti-quantum computing energy-saving equipment key negotiation method and system based on asymmetric key and MQV
CN110048852B (en) Quantum communication service station digital signcryption method and system based on asymmetric key pool
CN110061895B (en) Close-range energy-saving communication method and system for quantum computing resisting application system based on key fob
CN110048920B (en) Anti-quantum-computation intelligent home near-distance energy-saving communication method and system based on key fob
CN112054905B (en) Secure communication method and system of mobile terminal
Wu et al. A privacy protection scheme for facial recognition and resolution based on edge computing
CN110572788A (en) Wireless sensor communication method and system based on asymmetric key pool and implicit certificate

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant