CN110224816A - Anti- quantum calculation application system and short distance energy-saving communication method and computer equipment based on key card and sequence number - Google Patents
Anti- quantum calculation application system and short distance energy-saving communication method and computer equipment based on key card and sequence number Download PDFInfo
- Publication number
- CN110224816A CN110224816A CN201910400861.1A CN201910400861A CN110224816A CN 110224816 A CN110224816 A CN 110224816A CN 201910400861 A CN201910400861 A CN 201910400861A CN 110224816 A CN110224816 A CN 110224816A
- Authority
- CN
- China
- Prior art keywords
- card
- application
- key
- sequence number
- bill
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
- H04L9/0897—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/02—Power saving arrangements
- H04W52/0209—Power saving arrangements in terminal devices
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Power Engineering (AREA)
- Computer And Data Communications (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention relates to a kind of anti-quantum calculation application system and short distance energy-saving communication method and computer equipment based on key card and sequence number, system includes application server, application terminal and apply IC card, each member of system is provided with the key card comprising sequence number pond, using IC card and application server authentication, and the first ticket requests message ciphertext is sent to application server, first ticket requests parameter includes applying for the quantity of bill, it receives and applies for that total bill obtains session key and the first short-range communication message is sent to application terminal, it is realized and application terminal short-range communication using location parameter connected applications terminal serial number pond abstraction sequence signal communication key application terminal.The use of key card reduces the possibility that key is stolen by Malware, application terminal and only needs to table look-up the shared key obtained with application server coded communication using IC card, and calculation amount is small and speed extends the service time of battery of application terminal and application IC card fastly.
Description
Technical field
It is especially a kind of based on the anti-quantum of key card and sequence number the present invention relates to intelligentized terminals technical field
Calculate application system and short distance energy-saving communication method and computer equipment.
Background technique
With the continuous development of informationization technology and social economy, people's lives level has obtained continuous raising, raw
Movable joint, which is played, also gradually to be accelerated, and people have gradually appeared the various scenes for needing short distance authentication in daily life, such as door
Taboo is swiped the card, traffic is swiped the card, attendance of going to work etc..With gradually increasing for intelligent equipment, people are to intelligentized operation and number
According to transmission safety more stringent requirements are proposed.Generally guarantee the safety of data using asymmetric-key encryption, it is asymmetric
Key encryption needs to be respectively completed encrypt and decrypt operation using different keys, and one publishes, i.e. public key, another
It is saved by user oneself is secret, i.e. private key.Information transmitter goes to encrypt with public key, and information receiver goes to decrypt with private key;Or
Person's information transmitter goes to encrypt with private key, and information receiver goes to decrypt with public key.It needs answering in general identity identifying method
With arranging key between client, since applications client is often low-performance equipment, many services can not be supported well.
Communication encryption and transmission safety traditional at present, has relied on complicated mathematical algorithm.I.e. due to calculating at present
The computing capability of machine is limited, and has little time to calculate within the period where demand as a result, it can be said that present number is close
Code system is safe.But this Safety Situation is increasingly by the threat of quantum computer.For example, for classics
Asymmetric key algorithm in cryptography, there are dedicated quantum computer algorithms (shor algorithm etc.) to be cracked.It is calculating
In face of the powerful quantum computer of ability, even advanced secret communication again, as long as all can by current means of communication
Face the possibility for being decrypted and eavesdropping.Therefore, it has been extremely urgent for establishing actually available a whole set of quantum communication network scheme
Rigid need.
As most people is understood, quantum computer has great potential in password cracking.Mainstream is non-now
Symmetrically (public key) Encryption Algorithm, such as RSA cryptographic algorithms, it is most of to be all based in factorization or the finite field of big integer
The two difficult math questions of the calculating of discrete logarithm.Their difficulty that cracks also is dependent on the efficiency solved these problems.Tradition
On computer, it is desirable that solve the two difficult math questions, the cost time is the exponential time (to crack the time with the growth of public key length
Increased with exponential), this is unacceptable in practical applications.It and is that your elegant algorithm for making to measure of quantum computer can be with
In polynomial time (time is cracked as the growth of public key length is increased with the speed of k power, wherein k is long with public key
Spend unrelated constant) carry out integer factorization or discrete logarithm and calculate, thus for RSA, discrete logarithm Encryption Algorithm it is broken
Solution provides may.
Problem of the existing technology:
(1) in the prior art, application server does not have reliable safeguard procedures.Application server is the center of application system
Network element, and have Internet networking capability, it is more likely that infected virus wooden horse, thus the information that is stolen;Or it is attacked
Cause to paralyse, so as to cause the paralysis of entire application system scheme.
(2) in the prior art, application terminal key storage is exposed to the virus of application terminal in the memory of application terminal
Under the threat of wooden horse, it can be stolen by Malware or malicious operation.
(3) corresponding private key is obtained quickly through public key due to quantum calculation function, existing foundation is in public and private key
Application system communication means on basis is easy to be cracked by quantum computer.
(4) if storage of public keys, private key, the application terminal of low-power consumption are difficult to bear its calculation amount in key card, not only
It calculates slowly, and electricity is easy to cause to be exhausted rapidly.
(5) if storing pool of symmetric keys in key card, the application server as message center needs to store multiple
Large capacity pool of symmetric keys, by the memory space of very big consumption application server.
Summary of the invention
Based on this, it is necessary in view of the above-mentioned problems, providing a kind of anti-quantum calculation application based on key card and sequence number
System and short distance energy-saving communication method and system and computer equipment.
A kind of anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, anti-quantum meter
At least one applications client that application system includes application server and connect with the application server communication is calculated, it is described to answer
Include application terminal and using IC card with client, be implemented on using IC card, the application IC card is equipped with including application IC card sequence
The key card in row number pond, the sequence number pond include sequence number and pairing person's information, the session that trust is utilized using IC card
Key is realized includes: with the application terminal short-range communication, the session key obtaining step of the trust
With application server authentication, the first communication key and application IC card generation that application server generates are confirmed
Second communication key is equal, wherein the first communication key is by utilizing the random number and server random number for applying IC card address extraction
It calculates and generates;Second communication key is by application IC card address in conjunction with the random number and service extracted using IC card sequence number pond
Device random number combination communication key table, which is looked into, to be taken;First ticket requests message ciphertext is sent to application server, first bill
Request message ciphertext encrypts the first ticket requests parameter by the second communication key, and the first ticket requests parameter includes using IC card
Location, application terminal address and the quantity for applying for bill;
It receives total bill that application server is sent and stores, total bill is made of multiple sub- bills, sub- bill number
Amount is the quantity of application bill, and interior each sub- bill includes random using IC card bill, application terminal bill, server second
Several and application terminal sequence number pond record applies the location parameter of IC card information, wherein the application IC card bill, application
Terminal bill includes the session key of communication key encryption, and the communication key includes between application server and application IC card
Fourth communication key between third communication key and application server and application terminal;Wherein third communication key/4th
Communication key is calculated by application IC card third random number/the first random number of application terminal and the second random number of server and is obtained,
Middle application IC card third random number/the first random number of application terminal passes through respective address extraction;
It extracts sub- bill and random number is calculated with one's own side's address extraction corresponding sequence number, combine communication close using the random number
Key table obtains fifth communication key, and the fifth communication key decryption obtains session key using IC card bill;
First short-range communication message is sent to application terminal, the first short-range communication message includes application terminal
Sequence number pond record apply the location parameter of IC card information, the application terminal according to the location parameter abstraction sequence number,
The 6th communication key is obtained using the sequence number combination communication key table, and then confirms that session key realizes short-range communication.
A kind of anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, anti-quantum meter
At least one applications client that application system includes application server and connect with the application server communication is calculated, it is described to answer
Include application terminal and using IC card with client, be implemented on application server, the application server is equipped with including sequence number
The key card in pond, the sequence number pond include sequence number and pairing person, which includes application server sequence number pond, answers
With terminal serial number pond and apply IC card sequence number pond, application server for distribute total bill realize it is described using IC
Card with the application terminal by the session key short-range communication of trust, distribute total bill step and include: by application server
With apply IC card authentication, the first communication key and application IC card that confirmation application server generates generate the
Two communication keys are equal, wherein the first communication key is by utilizing the random number and server random number meter using IC card address extraction
It calculates and generates;Second communication key by the random number of application IC card address extraction, look by the communication key table in conjunction with server random number
It takes;
The first ticket requests message ciphertext is received, is decrypted using the first communication key and obtains the first required parameter, this first
Ticket requests message ciphertext encrypts the first ticket requests parameter by the second communication key, and the first ticket requests parameter includes applying IC
Card address, application terminal address and the quantity for applying for bill;
It checks in the sequence number pond for the application terminal having in application server key card and matches with the presence or absence of with using IC card
Pair information, extract application terminal sequence number and simultaneously obtain the first random number of application terminal using the sequence number, and be utilized respectively and answer
Calculating is combined with IC card third random number and the first random number of application terminal with the second random number of server obtains respective communication
Key using communication key difference encrypted session key and then is obtained using IC card bill, application terminal bill, is respectively included
IC card is applied using IC card bill, application terminal bill, the second random number of server and the sequence number pond of application terminal record
The location parameter of information constitute sub- bill, multiple sub- bills constitute total bill and are sent to using IC card.
A kind of anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, anti-quantum meter
At least one applications client that application system includes application server and connect with the application server communication is calculated, it is described to answer
Include application terminal and using IC card with client, be implemented on application terminal, the application terminal is equipped with including application terminal sequence
The key card in row number pond, application terminal sequence number pond include sequence number and pairing person, the application terminal and the application
IC card passes through the session key short-range communication trusted, and the session key obtaining step of the trust includes:
Application terminal address is transmitted to it is described using IC card, for the application IC card and application server authentication
After obtain total bill, in total bill comprising by application IC card bill, application terminal bill, the second random number of server and
The sequence number pond record of application terminal constitutes sub- bill using the location parameter of the information of IC card;
The the first short-range communication message sent using IC card is received, the first short-range communication message is by application terminal
Address, using the address of IC card, application terminal sequence number pond record using the location parameter of the information of IC card M, using clothes
Business the second random number of device, application terminal bill, the first short-range communication authentication code are constituted;
Application is obtained eventually using the sequence number that the location parameter connected applications terminal serial number pond extracts application terminal
Second random number at end, using the second random number of application terminal, communication key table is extracted in conjunction with the second random number of application server
6th communication key using the 6th communication key decryption application terminal bill and then obtains the session key realization low coverage trusted
From communication.
A kind of anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, is implemented on anti-
Quantum application system, anti-quantum calculation application system include application server and connect at least with the application server communication
One applications client, the applications client include application terminal and using IC card, anti-each member of quantum calculation application system
It is provided with the key card comprising sequence number pond, the sequence number pond includes sequence number and pairing person, the sequence of the application server
Row number pond also includes application server sequence number pond, application terminal sequence number pond and application IC card sequence number pond, the application
Terminal and the session key short-range communication for passing through trust using IC card, the session key obtaining step packet of the trust
It includes:
Using IC card and application server authentication, the first communication key and apply IC that application server generates are confirmed
The second communication key for blocking generation is equal, wherein the first communication key is by utilizing the random number and service for applying IC card address extraction
Device random number, which calculates, to be generated;Second communication key is communicated in conjunction with server random number by the random number of application IC card address extraction
Key list, which is looked into, to be taken;
The first ticket requests message ciphertext is sent to application server using IC card, the first ticket requests message ciphertext
First ticket requests parameter is encrypted by the second communication key, the first ticket requests parameter includes applying IC card address, application terminal
The quantity of address and application bill;
Application server receives the first ticket requests message ciphertext, obtains the first request using the decryption of the first communication key and joins
Number;
Application server check in the sequence number pond of the application terminal having in application server key card with the presence or absence of with
Using the information that IC card is matched, extracts application terminal sequence number and obtain the first random number of application terminal using the sequence number, and
It is utilized respectively and combines calculating using IC card third random number and the first random number of application terminal with the second random number of server and obtain
Respective communication key is taken, using communication key difference encrypted session key and then is obtained using IC card bill, application terminal
Bill, it is each interior comprising applying IC card bill, application terminal bill, the second random number of server and the sequence number pond of application terminal
Record constitutes sub- bill using the location parameter of the information of IC card, and multiple sub- bills constitute total bill and are sent to using IC card;
Total bill of application server transmission is received using IC card and is stored, total bill is made of multiple sub- bills,
Sub- bill quantity is to apply for the quantity of bill;
Sub- bill is extracted using IC card and random number is calculated with one's own side's address extraction corresponding sequence number, utilizes the random number knot
Hop communication key list obtains fifth communication key, and the fifth communication key decryption obtains session key using IC card bill;
The first short-range communication message is sent to application terminal using IC card, the first short-range communication message includes
The sequence number pond record of application terminal applies the location parameter of IC card information, and the application terminal is extracted according to the location parameter
Sequence number obtains the 6th communication key using the sequence number combination communication key table, and then confirms that session key is realized closely
Communication.
The generation method of the communication key of server generation includes: in one of the embodiments,
Communication key is application server generation, and generation method includes:
Utilize the random number combination pointer letter of the random number of application IC card, the random number of application terminal and application server
Number, which extracts, applies IC card public key, application terminal public key and application server private key, and is utilized respectively using IC card public key and answers
With terminal public key, respective algorithms calculate the corresponding communication key of generation in conjunction with application server private key;
Communication key is to generate using IC card/application terminal, and generation method includes:
It is extracted using application IC card/application terminal random number, the random number of application server respectively in connection with pointer function
Corresponding private key pointer extracts corresponding communication key using the private key pointer combination communication key table.
A kind of computer equipment, including memory and processor, it is described to deposit a kind of computer equipment, including memory and place
Device is managed, the memory stores computer program, and the processor realizes any of the above-described kind of side when executing the computer program
The step of method.
A kind of anti-quantum calculation application system based on key card and sequence number, anti-quantum calculation application system include application
Server and at least one applications client connecting with the application server communication, the applications client include that application is whole
It holds and applies IC card, anti-each member of quantum calculation application system is provided with the key card comprising sequence number pond, the sequence number pond
Including sequence number and pairing person, the sequence number pond of the application server also includes application server sequence number pond, application terminal
Sequence number pond and application IC card sequence number pond, the application terminal and the session key low coverage for passing through trust using IC card
From communication,
Using IC card, for application server authentication, and send the first ticket requests message ciphertext to application clothes
Business device, the first ticket requests message ciphertext encrypt the first ticket requests parameter, the first ticket requests parameter packet by communication key
Include using IC card address, application terminal address and the quantity for applying for bill, receive apply total bill obtain session key realize with
Application terminal short-range communication;
Application server obtains first using the decryption of the first communication key for receiving the first ticket requests message ciphertext
Required parameter, the first required parameter include checking using IC card address, application terminal address and the quantity for applying for bill using clothes
With the presence or absence of the information with application IC card pairing in the sequence number pond for the application terminal having in business device key card, application is extracted eventually
Terminal sequence number simultaneously obtains the first random number of application terminal using the sequence number, and is utilized respectively using IC card third random number and answers
Calculating is combined with the first random number of terminal with two random number of server and obtains respective communication key, utilizes the communication key point
IC card bill, application terminal bill are applied in other encrypted session key and then acquisition, each interior comprising applying IC card bill, application terminal
The sequence number pond record of bill, the second random number of server and application terminal constitutes son using the location parameter of the information of IC card
Bill, multiple sub- bills constitute total bill and are sent to using IC card;
Application terminal, the first short-range communication message sent for receiving the application card, is combined using location parameter
The sequence number that application terminal sequence number pond extracts application terminal obtains the second random number of application terminal, utilizes application terminal the
Two random numbers communication key table in conjunction with the second random number of application server extracts the 6th communication key, close using the 6th communication
Key, which decrypts application terminal bill and then obtains the session key trusted, realizes short-range communication.
It is above-mentioned by the anti-quantum calculation application system and short distance energy-saving communication method of key card and sequence number and based on
Calculate machine equipment, anti-quantum calculation application system include application server and connect with the application server communication at least one
Applications client, the applications client include application terminal and apply IC card, and anti-each member of quantum calculation application system matches
There is the key card comprising sequence number pond, the sequence number pond includes sequence number and pairing person, the sequence number of the application server
Pond also includes application server sequence number pond, application terminal sequence number pond and application IC card sequence number pond, the application terminal
With it is described using IC card by trust session key short-range communication, using IC card and application server authentication, concurrently
Send the first ticket requests message ciphertext to application server, which encrypts the first ticket by communication key
According to required parameter, the first ticket requests parameter includes receiving using IC card address, application terminal address and the quantity for applying for bill
Apply for that total bill obtains session key and realizes and application terminal short-range communication;Application terminal, for receiving the application card hair
The the first short-range communication message sent extracts the sequence number of application terminal using location parameter connected applications terminal serial number pond
The second random number for obtaining application terminal, is communicated in conjunction with the second random number of application server using the second random number of application terminal
Key list extracts the 6th communication key, and the session using the 6th communication key decryption application terminal bill and then acquisition trust is close
Key realizes short-range communication.Wherein anti-quantum calculation application system member is equipped with key card and stores key, and key card is
Independent hardware device, a possibility that stealing key by Malware or malicious operation, substantially reduce, while each member's benefit
Application system member's needed for the anti-quantum calculation public key disclosed in shared user terminal is extracted in conjunction with the unsymmetrical key pond
Public key, and the public key of application system member is stored in key card, guarantees that quantum computer is unable to get client public key, Jin Erwu
Method obtains corresponding private key, therefore reduces and crack risk by quantum computer, and application terminal and application IC card do not use public key, private
Key is calculated, it is only necessary to which the shared key that can be obtained with application server coded communication of tabling look-up, calculation amount is small, and speed is fast;And
It can be its energy conservation, extend the service time of battery of application terminal and application IC card.
Detailed description of the invention
Fig. 1 is application system networking diagram provided in an embodiment of the present invention;
Fig. 2 is the structural schematic diagram of application server key card key zone;
Fig. 3 is the structural schematic diagram in sequence number pond in the present invention;
Fig. 4 is the structural schematic diagram in public key pond in application server key card key zone;
Fig. 5 is the structural schematic diagram of applications client key card key zone;
Fig. 6 is the structural schematic diagram of pool of symmetric keys in applications client key card key zone;
Fig. 7 is the flow chart provided in an embodiment of the present invention for obtaining public and private key.
Specific embodiment
In anti-quantum calculation application system closely energy saving communication plan, anti-quantum calculation application system can be all kinds of
The system of short distance authentication, including application server and several applications clients are needed, applications client includes that application is whole
It holds, using IC card, is low-performance equipment.Application server runs traffic service program, and applications client runs business client
Hold program.The application system of the present embodiment can be, but not limited to: access control system, traffic card-punching system, attendance checking system etc..It is aforementioned
In the case where three kinds of application systems, application server is respectively as follows: access control system server, traffic card-punching system server, examines
Diligent system server;Its application terminal is respectively as follows: gate inhibition's POS, the traffic POS, the attendance POS;It distinguishes using IC card
Are as follows: access card, transportation card, attendance card.It can be smart card form key card or mobile phone SDKEY using the physical form of IC card
Form key card.
Application system structure is as shown in Figure 1, application server S is used to issue key card to application terminal C and using IC card
M is also used to issue using the session key KS between IC card M and application terminal C.Application server S and application terminal C use have
Gauze network or wireless network connection, application server S pass through wireless network connection with using IC card M.Eventually using IC card M and application
C is held to connect using short-range communication mode (BLE/NFC/ is infrared).
In the present embodiment, application server address ID is IDS, and application server S uses application server key card.
The key zone specific structure of application server key card is as shown in Fig. 2, include public key pond and private key pond.Application service
In device key card, also having each applications client, (application terminal C and the SQN value using IC card M), SQN is sequence number.Initially
When change, the SQN value of different clients (application terminal C and apply IC card M) is different, and is true random number, and by sequence number
SQN value is stored respectively in application server key card, in applications client (application terminal C and apply IC card M) key card.
Sequence number SQN value at each applications client (application terminal C and application IC card M) is deposited in the form of sequence number pond
As shown in figure 3, sequence number pond includes sequence number and pairing person;And the sequence number pond of each applications client takes in application
Equally also there is portion in business device pool of keys, i.e., the sequence number pond that the described application server is furnished with includes application server sequence number
The sequence number pond of pond, application terminal sequence number pond and application IC card sequence number pond, application terminal C and application IC card M are named as
Application terminal sequence number pond and application IC card sequence number pond.
Public key pond in application server key card key zone is as shown in figure 4, the public key pond includes server public key pond and N
N number of applications client public key pond of a applications client.Server public key pond initial position is Kp0, size Ks0.Using clothes
The size in business device private key pond is also Ks0.The initial position in N number of applications client public key pond is respectively Kp1, Kp2 ... ..., KpN, N
The size in a applications client private key pond is respectively Ks1, Ks2 ... ..., KsN.The size of each pool of keys is from 1G~4096G etc..
If the cipher key number of application server is respectively 1~m, application server private key pond is { s1, s2 ... ..., sm }, server public key
Pond is { S1, S2 ... ..., Sm }.According to Diffie-Hellman agreement, a Big prime p and a several g are defined, g is mould p's
Primitive root, Big prime g sum number p are the parameter of Diffie-Hellman agreement (Diffie-Hellman).Application server according to
The application server key card matched generates truly random big integer si (i ∈ { 1,2 ... ..., m }), and as the private key of oneself,
Application server public key Si=g is obtained by calculationsiModp (i ∈ { 1,2 ... ..., m }).
Applications client includes application terminal C and applies IC card M, is low-performance equipment.In the present embodiment, using end
End address ID is IDC, is IDM using IC card address ID, using using IC card M using the application terminal key card of application terminal C
Application IC card key card.Applications client key card key zone, that is, application terminal key card key zone and application IC card key
The key zone of card, specific structure as shown in figure 5, include the applications client (application terminal C or applying IC card M) public key pond and
Pool of symmetric keys.Wherein, the specific structure of pool of symmetric keys is as shown in Figure 6.If certain applications client (application terminal C or application
IC card M) cipher key number is respectively 1~n, applications client (application terminal C or applying IC card M) private key pond be c1, c2 ... ...,
Cn }, applications client (application terminal C or applying IC card M) public key pond is { C1, C2 ... ..., Cn }, wherein according to Diffie-
Hellman agreement obtains Cj=gcjModp, j ∈ { 1,2 ... ..., n }.Key card issuer, that is, application server is application client
(application terminal C and/or application IC card M) calculates all communication key Kij at end,
Calculation is Kij=(Si)cjModp,
Wherein, Si is application server public key, and cj is applications client (application terminal C or applying IC card M) private key, is owned
Communication key Kij constitute communication key table, communication key table (i.e. the grey area Fig. 6) be copied into and answered by application server S
In the key card corresponding to terminal C or application IC card M.
The present embodiment is application terminal C and application IC card M is held consultation key by application server S, and is being communicated
The process of message authentication is carried out in journey.
The step of application server S is with application terminal C arranging key is as follows:
Application server S obtains random number rs and random number rc using application server key card.According to random number rs and
Random number rc obtains communication key Kc.Process is as shown in fig. 7, verbal description is as follows:
Application server S using random number rs combine specific application server pointer function Fs be applied server private
Key pointer Ps is extracted from the application server private key pond in application server key card by application server private key pointer Ps
Application server private key SKs.Can also by Ps plus application server public key pond initial position Ks0 be applied server public affairs
Key pointer Kss is extracted from the server public key pond in application server key card by application server public key pointer Kss and is answered
With server public key PKs.
Specific application terminal pointer function Fc is combined to be applied terminal secret key pointer Pc using random number rc, by answering
It is applied terminal with terminal secret key pointer Pc plus the application terminal public key pond initial position KsN in application server key card
Public key pointer Ksc, it is public from application terminal is extracted in application server key card in public key pond by application terminal public key pointer Ksc
Key PKc.
Calculating communication key is Kc=(PKc)SKs mod p
Wherein PKc is application terminal public key, and SKs is application server private key, and p is Big prime.
Application server S uses communication key Kc to be communicated as key encryption message with application terminal C.Application terminal
After the application terminal C receives the message file using communication key Kc encryption, application is calculated according to random number rs and random number rc
Privacy key pointer Ps and application terminal private key pointer Pc, row i and column in corresponding communication key table (i.e. the grey area Fig. 6)
J looks into communication key table and obtains communication key Kc, and the message file of the encryption is decrypted with communication key Kc, obtains message file
Realize information exchange.
Application terminal C and application IC card M are held consultation key by application server S, and are disappeared in communication process
The process for ceasing certification, includes the following steps 1~5, verbal description is as follows:
Step 1. application IC card M and application server S authentication.
Specifically, include the following steps 1.1~1.4 using IC card M and application server S authentication.
Step 1.1 application IC card M sends arranging key essential information to application server S.
Specifically: it will be sent to application server S using IC card address ID M and application terminal address ID C using IC card M,
Step includes:
Application terminal address ID C is sent to using IC card M by step 1.1.1 application terminal C.
After step 1.1.2 application IC card M is received, application terminal address ID C is sent to together with application IC card address ID M
Application server S.
Step 1.2 application server S utilizes the first random number of the first random number ra and application server using IC card M
Rb calculates the first communication key Kab and makes first message authentication code, and first message authentication code is sent to using IC card.
Specifically, including 1.2.1~1.2.4 step, steps are as follows:
After step 1.2.1 application server S receives application terminal address ID C and application IC card address ID M, according to using IC
Take out the sequence number for applying IC card M in the sequence number pond using IC card having in card address ID M connected applications server key card
SQN value, that is, sequence number SQNM is applied the public key pointer N of IC card M according to the sequence number SQNM of application IC card MSQNM,
The method for wherein obtaining public key pointer includes: to be randomly selected using the sequence number SQNM of application IC card M using IC card
A numerical value in address ID M is as the public key pointer N for applying IC card MSQNM。
Step 1.2.2 application server S calculates the first random number ra for applying IC card
Utilize the public key pointer N of application IC card MSQNMTake out the public key PKM for applying IC card MSQNM, calculate the using IC card
One random number ra=KH (SQNM, PKMSQNM), wherein KH is the HASH function with key, such as HMAC.
Step 1.2.3 application server S utilize using IC card M the first random number ra and application server it is first random
Number rb calculates the first communication key Kab.
Application server S using the randomizer in application server key card generate the first of application server with
It is close to calculate the first communication according to the first random number rb of the first random number ra of application IC card M and application server by machine number rb
Key Kab, calculating process it is similar above the process of communication key Kc is obtained according to random number rs and random number rc;Specific steps packet
It includes:
Application server S is answered using the first random number rb connected applications server pointer function Fs of application server
With privacy key pointer Ps, application server is extracted from application server private key pond by application server private key pointer Ps
Private key SKs.It can also be applied by application server private key pointer Ps plus application server public key pond initial position Ks0
Server public key pointer Kss extracts application server public key PKs by application server public key pointer Kss from public key pond.
Application server S is applied using the first random number ra connected applications IC card pointer function Fm of application IC card M
IC card private key pointer Pm is added by application IC card private key pointer Pm and is applied IC using IC card public key pond initial position KsN
Card public key pointer Ksm, by being extracted from public key pond using IC card public key pointer Ksm using IC card public key PKm.
Calculate the first communication key Kab=(PKm)SKsMod p, this first communication key are application server S and application
Communication key between IC card M.
Step 1.2.3 application server S makes first message authentication code
Application server S by the first communication key Kab, using the first random number ra of IC card, application server first
Random number rb, application server address IDS combination production first message authentication code MACba, first message authentication code MACba according to
Formula MACba=MAC Kab, ra | | rb | | IDS } calculating acquisition is carried out, wherein first message authentication code MAC is with key
HASH function, such as HMAC.
First message containing first message authentication code is transmitted to using IC card M by step 1.2.4 application server S.
Application server S is by first message IDM | | IDS | | rb | | MACba is sent to using IC card M, specifically, described
One message includes first message authentication code MACba, application server address IDS, using IC card address ID M, application server
First random number rb.
Step 1.3 application IC card M utilizes the first random number rb of the second random number ra ' and application server using IC card
The second communication key Kab ' is obtained in conjunction with communication key table, obtains second message authentication code using the second communication key Kab ',
The authentication for applying IC card M application server S is realized using second message authentication code.
Specifically, including step 1.3.1~1.3.3, steps are as follows:
Step 1.3.1 application IC card M receives the message first message IDM that application server S is sent | | IDS | | rb | |
After MACba, the second random number ra ' using IC card is calculated with mode identical in step 1.2, according to the of application IC card
The random number rb of two random number ra ' and application server, which calculates corresponding random number pointer and then looks into communication key table, obtains
Two communication key Kab ',
Detailed process is as follows:
Step 1.3.1.1 takes out application according to the sequence number pond in application IC card address ID M connected applications IC card key card
Sequence number SQN value, that is, sequence number SQNM of IC card M is applied the public key pointer N of IC card M according to sequence number SQNMSQNM, utilize
Using the public key pointer N of IC card MSQNMTake out the public key PKM for applying IC card MSQNM, calculate using IC card the second random number ra '=
KH (SQNM, PKMSQNM), wherein KH is the HASH function with key, such as HMAC.
Step 1.3.1.2 application IC card M uses the random number rb connected applications server pointer function Fs of application server
Be applied privacy key pointer Ps;
It uses using IC card M and is applied IC using the second random number ra ' connected applications IC card pointer function Fm of IC card
Card private key pointer Pm;
Step 1.3.1.3 application server private key pointer Ps and application IC card private key pointer Pm, corresponding communication key table is (i.e.
The grey area Fig. 6) in row i and column j, look into communication key table and obtain the second communication key Kab '.
Step 1.3.2 second message authentication code is compared with first message authentication code
New MAC value i.e. second message authentication code MACba ' is obtained further according to formula, MACba '=MAC Kab ', ra ' | |
rb||IDS}.Obtained first message authentication code MACba and one's own side's second message authentication code MACba ' are carried out pair using IC card M
Than being if the same proved to be successful, trusting the identity of application server S completely using IC card M, and confirm the second communication key
Equal to the first communication key, that is, Kab '=Kab.
Second message containing third message authentication code is sent to application server S by step 1.3.3 application IC card M.
Using IC card M by utilization sequence number SQNM acquisition using the second random number ra ' of IC card and the second communication key
Kab ' further calculates to obtain third message authentication code i.e. MACab=MAC { Kab ', ra ' | | rb }, and by second message IDM | |
IDS | | MACab is sent to application server S, and carries out sequence number SQNM from add operation, i.e. SQNM=SQNM+1.Work as sequence
When row number is equal to unsigned int maximum value, sequence number becomes 0 from after add operation.Wherein the second message includes third message
Authentication code MACab, application server address IDS, using IC card address ID M.
Step 1.4 application server S realizes authentication of the application server S to application IC card M.
Application server S receives the message combination second message IDM for carrying out self-application IC card M | | IDS | | after MACab, answer
It is taken according to what is had in application IC card address ID M connected applications server key card using the sequence number pond of IC card with server S
The sequence number SQN value SQNM for applying IC card M out, calculates the first random number ra=KH (SQNM, the PKM for applying IC cardSQNM), and obtain
Obtain the first communication key Kab=(PKm)SKsThe 4th message authentication code MACab ', MACab '=MAC is then calculated in mod p
Kab, ra | | rb }, and obtained third message authentication code MACab and the 4th message authentication code MACab ' are compared, if
It is identical, it is proved to be successful, application server S trusts the identity using IC card M completely.The sequence at oneself end will be present in application server S
Number SQNM is carried out from add operation, i.e. SQNM=SQNM+1.
Step 2. applies IC card M to the total bill of application server S application
First ticket requests message ciphertext is sent to application server S by step 2.1 application IC card M.
Step 2.1.1 application IC card M will be using the quantity of IC card address ID M, application terminal address ID C and application bill
Num group is combined into the first ticket requests message REQms, wherein the first ticket requests message REQms is IDM | | IDC | | Num;
The the second communication key Kab ' obtained in step 2.1.2 step 1.3 and the first ticket requests message REQms production
First ticket requests message authentication code MAC_REQms, specifically formula is MAC_REQms=MAC (Kab ', REQms);
The second communication key Kab ' of step 2.1.3 encrypts the first ticket requests parameter { REQms | | MAC_REQms } and obtains
First ticket requests message ciphertext { REQms | | MAC_REQms } Kab ', specifically, the first ticket requests parameter REQms |
| MAC_REQms } it include the first ticket requests message REQms and the first ticket requests message authentication code MAC_REQms;
The first ticket requests message ciphertext { REQms | | MAC_REQms } Kab ' is sent to application server using IC card M
S。
Step 3. application server S generates total bill and is sent to the first bill for including total bill generation message ciphertext
Using IC card M.
The first ticket requests message ciphertext is received, is decrypted using the first communication key and obtains the first required parameter, this first
Ticket requests message ciphertext encrypts the first ticket requests parameter by the second communication key, and the first ticket requests parameter includes applying IC
Card address, application terminal address and the quantity for applying for bill;
It checks in the sequence number pond for the application terminal having in application server key card and matches with the presence or absence of with using IC card
Pair information, obtained according to different situations (in the presence/absence of the information with application IC card pairing in application server key card)
Corresponding application terminal sequence number, and be applied the first random number of terminal according to the sequence number, and be utilized respectively using IC card
Third random number and the first random number of application terminal combine calculating with the second random number of server and obtain respective communication key, benefit
It with communication key difference encrypted session key and then obtains using IC card bill, application terminal bill, respectively includes using IC
Card bill, application terminal bill, the second random number of server and the sequence number pond of application terminal record apply the information of IC card
Location parameter constitute sub- bill, multiple sub- bills constitute total bill and are sent to using IC card.
Specific step is as follows:
Step 3.1 application server S receive come self-application IC card M the first ticket requests message ciphertext REQms | |
MAC_REQms}Kab';
Step 3.2 has confirmed that first communication is close in step 1.2 after application server S and application IC card M authentication
Key Kab is equal with the second communication key Kab ', decrypts the first ticket requests message ciphertext { REQms using the first communication key Kab
| | MAC_REQms } the first ticket requests parameter of Kab ' acquisition REQms | | MAC_REQms };
Step 3.3 application server S carries out message authentication, message to the first ticket requests message authentication code MAC_REQms
It authenticates and successfully then parses the first ticket requests message REQms and be applied the quantity Num of IC card M application bill;
Step 3.4 application server S obtains the first random number of the second random number rs of application server, application terminal C
Rc, the third random number rm using IC card M
It include that sequence number and pairing person, wherein sequence number and pairing person correspond according to sequence number pond, application server S
Check that the sequence number pond for having application terminal C in application server key card whether there is the information with application IC card M pairing, with
Determine the certification whether applied for the first time using IC card M with application terminal C.If it is applying for the first time, i.e., using IC card M and application
Terminal C is unpaired, then application server S from the sequence number pond of application terminal C take out at random k-th not with other application IC card M
The sequence number SQNCk of pairing, and the letter of IC card M is applied in k-th of position in the sequence number pond of application terminal C record pairing person
Breath applies IC card address ID M;It if not applying for the first time, i.e., has been matched using IC card M and application terminal C, then basis is matched
Take out the kth sequence number SQNCk of application terminal C from the sequence number pond of application terminal C using the address information IDM of IC card M to person,
In conclusion therefore K is named as the sequence number pond record of application terminal using the location parameter of IC card information.
After application server S obtains sequence number SQNCk, it is applied terminal C according to the sequence number SQNCk of application terminal C
Public key pointer NSQNCk, according to application terminal C public key pointer NSQNCkTake out the public key PKC of application terminal CSQNCk, utilize application terminal
The public key PKC of CSQNCkCalculate the first random number rc, i.e. rc=KH (SQNCk, PKC of application terminal CSQNCk), wherein KH is with close
The HASH function of key, such as HMAC.
Application server S obtains random number rs using application server key card, and uses method the same in step 1.2
Obtaining using IC card random number rm is the third random number for applying IC card,
Specifically steps are as follows:
Application server S is received using after IC card address ID M, according to application IC card address ID M from the sequence of application IC card
The sequence number SQN value, that is, sequence number SQNM for applying IC card M is taken out in number pond, is applied the public key of IC card M according to sequence number SQNM
Pointer NSQNM, wherein the method for obtaining public key pointer includes: to be randomly selected using the sequence number SQNM of application IC card M using IC card
A numerical value in address ID M is as the public key pointer N for applying IC card MSQNM.Utilize the public key pointer N of application IC card MSQNMIt takes out
Using the public key PKM of IC card MSQNM, calculate random number rm=KH (SQNM, the PKM for obtaining and applying IC cardSQNM), using IC card with
Machine number rm is the third random number using IC card.
Step 3.5 application server S utilizes the second random number of third random number rm and application server using IC card
The communication key Km between application server S and application IC card M can be calculated in rs, this communication key Km is that the third communication is close
Key, the specific steps are as follows:
Application server S is answered using the second random number rs connected applications server pointer function Fs of application server
With privacy key pointer Ps, application server is extracted from application server private key pond by application server private key pointer Ps
Private key SKs.It can also be applied by application server private key pointer Ps plus application server public key pond initial position Ks0
Server public key pointer Kss extracts application server public key PKs by application server public key pointer Kss from public key pond.
Application server S is applied using the third random number rm connected applications IC card pointer function Fm of application IC card M
IC card private key pointer Pm is added by application IC card private key pointer Pm and is applied IC using IC card public key pond initial position KsN
Card public key pointer Ksm, by being extracted from public key pond using IC card public key pointer Ksm using IC card public key PKm.
Calculate the communication key Km=(PKm) between application server S and application IC card MSKsMod p, the application clothes
The communication key Km being engaged between device S and application IC card M is third communication key.
Similarly, it is calculated and is answered using the second random number rs of the first random number rc of application terminal C and application server
With the communication key Kc of server S and application terminal C, the communication key Kc of the application server S and application terminal C is named
For fourth communication key.
Step 3.6 application server S randomly selects random number Kmc as session key using application server key card,
It is made respectively using session key Kmc using IC card bill Tm and application terminal bill Tc.
Specifically, using IC card bill Tm=Kmc | | IDC | | rm } Km, by application server S and application IC card M between
Communication key Km, that is, third communication key encryption using IC card parameter Kmc | | IDC | | rm } constitute, the application IC card parameter
Including the session key Kmc, the address ID C of application terminal, using the third random number rm of IC card;
Similarly application terminal bill Tc=Kmc | | IDM | | rc } Kc, i.e. application terminal bill Tc by application server S and
The communication key Kc of application terminal C, that is, fourth communication key encryption application terminal bill parameter Kmc | | IDM | | rc } it constitutes, institute
State application terminal bill parameter Kmc | | IDM | | rc } include session key Kmc, using the address ID M of IC card and application terminal
First random number rc;
Step 3.7 application server S makes total bill
The sequence number pond record pairing person of application terminal C is using the location parameter k of information of IC card M, application server
Second random number rs, it is named as sub- bill TICKET using the sub- bill of IC card bill Tm, application terminal bill Tc composition, the sub- ticket
According to TICKET be using IC card M to one of the bill ticket of application server S application, the sub- bill be expressed as k | |
rs||Tm||Tc}。
Because the quantity using the bill ticket of IC card M application is Num, what application server S needed to generate
The quantity of bill ticket is also Num.After generating a sub- bill TICKET every time, application server S is to sequence number SQNCk
It carries out adding operation, i.e. SQNCk=SQNCk+1, SQNM=SQNM+1 certainly with SQNM.Then updated sequence number SQNCk is used
It generates next sub- bill TICKET again according to above step with SQNM, until generating Num sub- bill TICKET, obtains
Total bill is expressed as Σ { TICKET }.So the quantity according to the bill ticket of application IC card M application is one or more, answer
The quantity for the bill ticket that need to be generated with server S is also one or more.In the present embodiment, total bill Σ { TICKET }
For the bill of application IC card M application.
Step 3.8 application server S generates total bill and the first bill for including total bill is generated message ciphertext and sends
To using IC card M.
Application server S will combine structure using IC card address ID M, application terminal address ID C and total bill Σ { TICKET }
Message RESPsm, that is, IDM is generated at the first bill | | IDC | | Σ { TICKET }.It is raw using the first communication key Kab, the first bill
The first bill, which is generated, at message RESPsm generates message authentication code MAC_RESPsm, specific formula are as follows: MAC_RESPsm=MAC
(Kab, RESPsm), then the first bill is generated into the group that message RESPsm and the first bill generate message authentication code MAC_RESPsm
Close RESPsm | | MAC_RESPsm is encrypted with the first communication key Kab, is obtained the first bill and is generated message ciphertext { RESPsm
| | MAC_RESPsm } it Kab and is sent to using IC card M.
Step 4. application IC card M obtains total bill
It receives after the first bill from application server S generates message ciphertext { RESPsm | | MAC_RESPsm } Kab,
It takes out the second communication key Kab ' and decrypts the first bill and generate message ciphertext { RESPsm | | MAC_RESPsm } Kab, to the first ticket
Message authentication is carried out according to message authentication code MAC_RESPsm is generated, message authentication success then parses the first bill and generates message
RESPsm, and then application IC card M obtains the first bill and generates message RESPsm, that is, IDM | | IDC | | Σ { TICKET } parameter value obtains
To total bill Σ { TICKET }, store it in using in IC card key card.
Step 5. application IC card M and application terminal C short-range communication
Step 5.1 application IC card M extracts sub- bill and applies IC card with one's own side's address extraction corresponding sequence number and then calculating
Random number rm ', this using IC card random number rm ' be using IC card the 4th random number, enable its combine communication key table can
It obtains and decrypts sub- bill using the fifth communication key Km between IC card M and application server S, the fifth communication key Km
TICKET obtains the session key Kmc of trust, constitutes the first short-range communication authentication code using session key Kmc, and will contain
There is the first short-range communication message of the first short-range communication authentication code to be transmitted to application terminal C.
Specifically include the following steps:
Step 5.1.1 application IC card M takes out first sub- bill TICKET, the sub- bill in total bill Σ { TICKET }
TICKET is by the sequence number pond record pairing person of application terminal C using the location parameter k of information of IC card M, application server
Second random number rs, constituted using IC card bill Tm, application terminal bill Tc bill be expressed as k | | rs | | Tm | | Tc.
Step 5.1.2 application IC card M obtains the 4th random number rm ' for applying IC card
The corresponding sequence number SQNM for applying IC card is taken out according to the address ID M of application IC card using IC card M;
It is applied IC card public key pointer N further according to the sequence number SQNM of application IC cardSQNM, the IC card that is applied public key refers to
Needle NSQNMMethod include: using application IC card M sequence number SQNM randomly select using a numerical value in IC card address ID M
Public key pointer N as application IC card MSQNM;
According to the public key pointer N of application IC card MSQNMTake out the public key PKM for applying IC card MSQNM, calculate the using IC card
Four random number rm '=KH (SQNM, PKMSQNM)。
Step 5.1.3 is obtained using the fifth communication key Km between IC card M and application server S
It is random according to the second of the 4th random number rm ' of application IC card and the application server parsed from TICKET
Corresponding application IC card private key pointer can be calculated in rs to number, application server private key pointer then looks into communication key Biao Ke get
Using the fifth communication key Km between IC card M and application server S;
Step 5.1.4 confirms session key Kmc.
It is decrypted in sub- bill TICKET and is applied using the fifth communication key Km between application IC card M and application server S
IC card bill Tm, Tm be Kmc | | IDC | | rm } Km, obtain the third random number rm of session key Kmc and application IC card.It will solution
Close obtained the 4th random number rm ' using IC card calculated using the third random number rm of IC card and using IC card M into
Row compares, and is confirmed whether equal, confirmation session key Kmc.
Step 5.1.5 using session key Kmc, using the third random number rm of IC card, the first random rc of application terminal
And the address ID M of application IC card constitutes the first short-range communication authentication code MACmc.
Specific formula are as follows: MACmc=MAC (Kmc, rm | | rc | | IDM);
Wherein the random rc of application terminal is to take out application terminal C according to the address ID C of application terminal by application IC card M
Sequence number SQN value, that is, sequence number SQNC is applied the public key pointer N of terminal C according to sequence number SQNCSQNC, wherein being answered
With the public key pointer N of terminal CSQNCMethod include: using the sequence number SQNC of application terminal C with randomly selecting application terminal C
Public key pointer N of the numerical value as application terminal C in the IDC of locationSQNC.Utilize the public key pointer N of application terminal CSQNCTaking-up is answered
With the public key PKM of terminal CSQNC, calculate random number rc=KH (SQNC, the PKM for obtaining application terminal CSQNC)。
Step 5.1.6 application IC card M is by the first short-range communication message id C | | IDM | | k | | rs | | Tc | | MACmc is sent
Give application terminal C.
First short-range communication message id C | | IDM | | k | | rs | | Tc | | MACmc by application terminal address ID C, application
The address ID M of IC card, the sequence number pond record pairing person of application terminal C apply the location parameter k of the information of IC card M, using clothes
The second random number rs, application terminal bill Tc, the first short-range communication authentication code MACmc of business device are constituted.
Step 5.2 application terminal C confirms session key Kmc
The the first short-range communication message sent using IC card is received, the first short-range communication message is by application terminal
Address, using the address of IC card, application terminal sequence number pond record using the location parameter of the information of IC card M, using clothes
Business the second random number of device, application terminal bill, the first short-range communication authentication code are constituted;
Application terminal is obtained using the sequence number that location parameter connected applications terminal serial number pond extracts application terminal
Second random number, using the second random number of application terminal, communication key table extracts the 6th in conjunction with the second random number of application server
Communication key is realized closely logical using the session key of the 6th communication key decryption application terminal bill and then acquisition trust
Letter.
Specific step is as follows:
Step 5.2.1 application terminal C receives the first short-range communication message id C for carrying out self-application IC card M | | IDM | | k |
|rs||Tc||MACmc。
Step 5.2.2 confirms session key Kmc, and the third short-range communication authentication code containing session key Kmc is passed
It transports to using IC card M.
It is found using the location parameter k of the information of IC card M using eventually using the sequence number pond record pairing person of application terminal C
K-th of unit in the sequence number pond of C is held, there are following situations:
If k-th of unit in the sequence number pond of application terminal C is to apply the information of IC card M there are pairing person's information,
Check the address ID M whether being equal to using the information i.e. ID value of IC card M using IC card M;If the sequence number pond of application terminal C
Pairing person's information is not present in k-th of unit, then without operation.In k-th of unit there are in the case where pairing person's information, application is utilized
K-th of unit in the sequence number pond of terminal C takes out the sequence number SQNCk of application terminal C, calculate the second of application terminal C with
Machine number rc ' can be calculated pair using the second random number rc ' of application terminal C and the second random number rs of application server
Answer that application terminal private key pointer, application server private key pointer then looks into communication key table can obtain application terminal C and application service
Communication key Kc between device S, by the communication key Kc between application terminal C and application server S be named as the 6th communicate it is close
Key.Using between application terminal C and application server S communication key Kc decryption application terminal bill Tc be Kmc | | IDM | |
Rc } Kc, available session key Kmc and application terminal C the first random number rc.The of the application terminal C that decryption is obtained
The second random number rc ' for the application terminal C that one random number rc and application terminal C are calculated is compared, be confirmed whether it is equal,
Confirm session key Kmc.
Application terminal C utilizes session key Kmc, the random rc of the application terminal obtained using the random rm of IC card, decryption
And the Information ID of application IC card M constitutes the second short-range communication authentication code MACmc ', specific formula are as follows: MACmc '=MAC
(Kmc, rm | | rc | | ID);It is wherein to be taken out by application terminal C according to the address ID M of application IC card using the random number rm of IC card
Using sequence number SQN value, that is, sequence number SQNM of IC card M, it is applied the public key pointer N of IC card M according to sequence number SQNMSQNM,
The public key pointer N of the IC card that is wherein applied MSQNMMethod include: to randomly select and answer using the sequence number SQNM of application IC card
Use a numerical value in IC card address ID M as the public key pointer N for applying IC card MSQNM.Utilize the public key pointer of application IC card M
NSQNMTake out the public key PKM for applying IC card MSQNM, calculate random number rm=KH (SQNM, the PKM for obtaining and applying IC card MSQNM)。
Application terminal C is by calculated second short-range communication authentication code MACmc ' and decrypts the first short-range communication message
The first obtained short-range communication authentication code MACmc is compared, equal, trusts IDM, is equal to using the Information ID of IC card M and is answered
With the address ID M of IC card M.
If pairing person's information, k-th of the sequence number pond of C in application terminal is not present in k-th of unit in sequence pond
Position record pairing person applies IC card address ID M using the information of IC card M.
The sequence number SQNCk of application terminal C is added certainly, i.e. SQNCk=SQNCk+1, using session key Kmc, using IC
The random number rc of the random number rm, application terminal C that block M obtain third short-range communication authentication code MACcm, specific formula are as follows:
MACcm=MAC (Kmc, rm | | rc), application terminal C are by the second short-range communication message id C | | IDM | | MACcm is sent to application
IC card M.
Step 5.3. application IC card M carries out authentication using one's own side's session key and application terminal C, and certification passes through rear double
Side is securely communicated using session key Kmc as encryption key.
The second short-range communication message id C from application terminal C is received using IC card M | | IDM | | after MACcm, benefit
Recognize with one's own side's session key Kmc, using random number rc the 4th short-range communication of acquisition of the random number rm, application terminal C of IC card M
Demonstrate,prove code MACcm ', specific formula are as follows: and MACcm '=MAC (Kmc, rm | | rc), compare the 4th short-range communication being calculated and recognize
Code MACcm ' and the third short-range communication authentication code MACcm from application terminal C is demonstrate,proved, application terminal C is trusted if equal.
Both sides can be used session key Kmc and securely communicate as encryption key.Finally to the sequence number SQNCk of application terminal C
It carries out from add operation, i.e. SQNCk=SQNCk+1.After completing the Authentication and Key Agreement process with application terminal C using IC card M,
Current first local sub- bill TICKET is deleted, using next sub- bill TICKET as new current first sub- bill
TICKET。
It is a kind of based on the anti-quantum calculation application system of key card and sequence number closely energy saving communication system, be applied to upper
State the anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, anti-quantum calculation application system
Including application server and at least one applications client being connect with the application server communication, the applications client packet
It includes application terminal and using IC card, anti-each member of quantum calculation application system is provided with the key card comprising sequence number pond, described
Sequence number pond includes sequence number and pairing person, the sequence number pond of the application server also include application server sequence number pond,
Application terminal sequence number pond and application IC card sequence number pond, the application terminal and the session for passing through trust using IC card
Key short-range communication, in which:
Using IC card, for application server authentication, and send the first ticket requests message ciphertext to application clothes
Business device, the first ticket requests message ciphertext encrypt the first ticket requests parameter, the first ticket requests parameter packet by communication key
Include using IC card address, application terminal address and the quantity for applying for bill, receive apply total bill obtain session key realize with
Application terminal short-range communication;
Application server obtains first using the decryption of the first communication key for receiving the first ticket requests message ciphertext
Required parameter, the first required parameter include checking using IC card address, application terminal address and the quantity for applying for bill using clothes
With the presence or absence of the information with application IC card pairing in the sequence number pond for the application terminal having in business device key card, and extract application
The sequence number pond record of terminal is combined and is answered using location parameter and application IC card address using the location parameter of the information of IC card
It is extracted with sequence number pond in server key card and applies the first random number of IC card third random number and application terminal, and utilize application
IC card third random number/the first random number of application terminal and two random number of server, which calculate, obtains respective communication key, utilizes institute
It states communication key difference encrypted session key and then obtains using IC card bill, application terminal bill, it is each interior comprising applying IC card
Bill, application terminal bill, the second random number of server and the sequence number pond of application terminal record apply the information of IC card
Location parameter constitutes sub- bill, and multiple sub- bills constitute total bill and are sent to using IC card;
Application terminal, the first short-range communication message sent for receiving the application card, is combined using location parameter
The sequence number that application terminal sequence number pond extracts application terminal obtains the second random number of application terminal, utilizes application terminal the
Two random numbers communication key table in conjunction with the second random number of application server extracts the 6th communication key, close using the 6th communication
Key, which decrypts application terminal bill and then obtains the session key trusted, realizes short-range communication.
A kind of computer equipment, the computer equipment include processor, the memory connected by system bus.Wherein,
The processor of the computer equipment is for providing calculating and control ability.The memory of the computer equipment includes non-volatile deposits
Storage media, built-in storage.The non-volatile memory medium is stored with operating system, computer program.The place of the computer equipment
Reason device realizes any of the above-described kind of anti-quantum calculation application system based on key card and sequence number when executing the computer program
The step of short distance energy-saving communication method.
Key card is combined with cryptological technique, hardware security isolation technology, quantum physics technology and (it is random to carry quantum
In the case where number generator) authentication and encryption and decryption product.The embedded chip and operating system of key card can provide close
The functions such as the secure storage of key and cryptographic algorithm.Since it is with independent data-handling capacity and good safety, key
Card becomes the safety barrier of private key and pool of keys.Each key card can have the protection of hardware PIN code, and PIN code and hardware are constituted
User uses two necessary factors of key card, i.e., so-called " double factor authentication ", and only acquirement saves correlation to user simultaneously
The key card and user's PIN code of authentication information, just can be with login system.Even if the PIN code of user is leaked, as long as user holds
Key card be not stolen, the identity of legitimate user would not be counterfeit;If the key card of user is lost, the person of picking up is not due to
Know user's PIN code, also cannot counterfeit the identity of legitimate user.In short, key card makes the top-secret information such as key not in plain text
Form appears in the disk and memory of host, so as to which the safety of top-secret information is effectively ensured.
Application system member is equipped with key card, stores key using key card, and key card is independent hardware device,
A possibility that stealing key by Malware or malicious operation substantially reduces.Meanwhile while each shared user of member's utilization
The public key of application system member needed for the disclosed anti-quantum calculation public key in end is extracted in conjunction with the unsymmetrical key pond, and apply
The public key of DBMS member is stored in key card, guarantees that quantum computer is unable to get client public key, and then be unable to get correspondence
Private key, therefore reduce and risk cracked by quantum computer.
The application terminal of low-power consumption is calculated with application IC card without using public key, private key, it is only necessary to table look-up can be obtained with
The shared key of application server coded communication, calculation amount is small, and speed is fast;And can be its energy conservation, extend application terminal and application
The service time of battery of IC card.
Application server as message center is without storing multiple large capacity pool of symmetric keys, it is only necessary to store multiple groups public key
Pond is greatly saved the memory space of application server.According to above-described embodiment, when application server increases n-th application terminal newly,
It is original to need newly-increased storage size of key identical with n-th application terminal, i.e. m*n according to pool of symmetric keys method;It only needs now
The newly-increased size of key for storing the corresponding public key pond in n-th application terminal, i.e. n, newly-increased size of key substantially reduce.Therefore above-mentioned implementation
Example is greatly saved the memory space of application server.
Diffie-Hellman agreement used in embodiment described above also could alternatively be its elliptic curve version, i.e.,
ECDH (Elliptic Curve Diffie-Hellman), effect is the same.
Each technical characteristic of embodiment described above can be combined arbitrarily, for simplicity of description, not to above-mentioned reality
It applies all possible combination of each technical characteristic in example to be all described, as long as however, the combination of these technical characteristics is not deposited
In contradiction, all should be considered as described in this specification.
The embodiments described above only express several embodiments of the present invention, and the description thereof is more specific and detailed, but simultaneously
It cannot therefore be construed as limiting the scope of the patent.It should be pointed out that coming for those of ordinary skill in the art
It says, without departing from the inventive concept of the premise, various modifications and improvements can be made, these belong to protection of the invention
Range.Therefore, the scope of protection of the patent of the invention shall be subject to the appended claims.
Claims (10)
1. a kind of anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, anti-quantum calculation
Application system includes application server and at least one applications client for connecting with the application server communication, the application
Client includes application terminal and applies IC card, is implemented on using IC card, which is characterized in that the application IC card is furnished with comprising answering
With the key card in IC card sequence number pond, the sequence number pond includes sequence number and pairing person's information, and the application IC card utilizes letter
The session key appointed is realized includes: with the application terminal short-range communication, the session key obtaining step of the trust
With application server authentication, the first communication key that application server generates and application IC card generates second is confirmed
Communication key is equal, wherein the first communication key is by utilizing the random number and server random number calculating using IC card address extraction
It generates;Second communication key by application IC card address in conjunction with it is described using IC card sequence number pond extract random number and server with
Machine number combination communication key table, which is looked into, to be taken;First ticket requests message ciphertext is sent to application server, first ticket requests
Message ciphertext by the second communication key encrypt the first ticket requests parameter, the first ticket requests parameter include using IC card address,
The quantity of application terminal address and application bill;
It receives total bill that application server is sent and stores, total bill is made of multiple sub- bills, and sub- bill quantity is
The quantity for applying for bill, in each sub- bill comprising using IC card bill, application terminal bill, the second random number of server with
And the sequence number pond record of application terminal applies the location parameter of IC card information, wherein the application IC card bill, application terminal
Bill includes the session key of communication key encryption, and the communication key includes the third between application server and application IC card
Fourth communication key between communication key and application server and application terminal;Wherein third communication key/fourth communication
Key is calculated by application IC card third random number/the first random number of application terminal and the second random number of server and is obtained, wherein answering
Pass through respective address extraction with IC card third random number/the first random number of application terminal;
It extracts sub- bill and random number is calculated with one's own side's address extraction corresponding sequence number, utilize the random number combination communication key table
Fifth communication key is obtained, the fifth communication key decryption obtains session key using IC card bill;
First short-range communication message is sent to application terminal, the first short-range communication message includes the sequence of application terminal
Row number pond record applies the location parameter of IC card information, and the application terminal is utilized according to the location parameter abstraction sequence number
The sequence number combination communication key table obtains the 6th communication key, and then confirms that session key realizes short-range communication.
2. a kind of anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, anti-quantum calculation
Application system includes application server and at least one applications client for connecting with the application server communication, the application
Client includes application terminal and applies IC card, is implemented on application server, which is characterized in that the application server is equipped with packet
The key card in the pond containing sequence number, the sequence number pond include sequence number and pairing person, which includes application server sequence
Row number pond, application terminal sequence number pond and application IC card sequence number pond, application server are realized for distributing total bill
The session key short-range communication using IC card and the application terminal by trust, the total bill step of application server distribution
Suddenly include:
It is logical with the second of the first communication key and application IC card generation that are generated using IC card authentication, confirmation application server
Believe that key is equal, wherein the first communication key is given birth to by being calculated using the random number using IC card address extraction with server random number
At;Second communication key is taken by applying the random number of IC card address extraction communication key table in conjunction with server random number to look into;
The first ticket requests message ciphertext is received, is decrypted using the first communication key and obtains the first required parameter, first bill
Request message ciphertext encrypts the first ticket requests parameter by the second communication key, and the first ticket requests parameter includes using IC card
Location, application terminal address and the quantity for applying for bill;
Checking in the sequence number pond for the application terminal having in application server key card whether there is and application IC card pairing
Information extracts application terminal sequence number and obtains the first random number of application terminal using the sequence number, and is utilized respectively using IC
Card third random number and the first random number of application terminal combine calculating with the second random number of server and obtain respective communication key,
It using communication key difference encrypted session key and then obtains using IC card bill, application terminal bill, respectively includes application
IC card bill, application terminal bill, the second random number of server and the sequence number pond of application terminal record apply the letter of IC card
The location parameter of breath constitutes sub- bill, and multiple sub- bills constitute total bill and are sent to using IC card.
3. a kind of anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, anti-quantum calculation
Application system includes application server and at least one applications client for connecting with the application server communication, the application
Client includes application terminal and applies IC card, is implemented on application terminal, which is characterized in that be furnished with comprising answering the application terminal
With the key card in terminal serial number pond, application terminal sequence number pond includes sequence number and pairing person, the application terminal with
Described to pass through the session key short-range communication trusted using IC card, the session key obtaining step of the trust includes:
Application terminal address is transmitted to it is described using IC card, for being obtained after the application IC card and application server authentication
Total bill is taken, includes by application IC card bill, application terminal bill, the second random number of server and application in total bill
The sequence number pond record of terminal constitutes sub- bill using the location parameter of the information of IC card;
Receive using IC card send the first short-range communication message, the first short-range communication message by application terminal ground
Location, using the address of IC card, application terminal sequence number pond record using the location parameter of the information of IC card, application server the
Two random numbers, application terminal bill, the first short-range communication authentication code are constituted;
Application terminal is obtained using the sequence number that the location parameter connected applications terminal serial number pond extracts application terminal
Second random number, using the second random number of application terminal, communication key table extracts the 6th in conjunction with the second random number of application server
Communication key is realized closely logical using the session key of the 6th communication key decryption application terminal bill and then acquisition trust
Letter.
4. a kind of anti-quantum calculation application system short distance energy-saving communication method based on key card and sequence number, is implemented on anti-amount
Sub- application system, anti-quantum calculation application system include application server and connect with the application server communication at least one
A applications client, the applications client include application terminal and using IC card, which is characterized in that anti-quantum calculation application system
Each member that unites is provided with the key card comprising sequence number pond, and the sequence number pond includes sequence number and pairing person, the application clothes
Business device sequence number pond also include application server sequence number pond, application terminal sequence number pond and apply IC card sequence number pond,
The application terminal and the session key short-range communication for passing through trust using IC card, the session key of the trust obtain
Step includes:
Using IC card and application server authentication, the first communication key and application IC card life that application server generates are confirmed
At the second communication key it is equal, wherein the first communication key by using using IC card address extraction random number and server with
Machine number, which calculates, to be generated;Second communication key communication key in conjunction with server random number by the random number of application IC card address extraction
Table, which is looked into, to be taken;
The first ticket requests message ciphertext is sent to application server using IC card, the first ticket requests message ciphertext is by
Two communication keys encrypt the first ticket requests parameter, and the first ticket requests parameter includes applying IC card address, application terminal address
With the quantity of application bill;
Application server receives the first ticket requests message ciphertext, is decrypted using the first communication key and obtains the first required parameter;
Application server, which is checked in the sequence number pond for the application terminal having in application server key card, whether there is and application
The information of IC card pairing extracts application terminal sequence number and obtains the first random number of application terminal using the sequence number, and respectively
Calculating, which is combined, with the second random number of server using application IC card third random number and the first random number of application terminal obtains phase
Communication key is answered, using communication key difference encrypted session key and then is obtained using IC card bill, application terminal bill,
Comprising using IC card bill, application terminal bill, the second random number of server and the sequence number pond of application terminal record in each
Sub- bill is constituted using the location parameter of the information of IC card, multiple sub- bills constitute total bill and are sent to using IC card;
Total bill of application server transmission is received using IC card and is stored, and total bill is made of multiple sub- bills, sub- ticket
Data bulk is to apply for the quantity of bill;
Sub- bill is extracted using IC card and random number is calculated with one's own side's address extraction corresponding sequence number, is combined using the random number logical
Believe that key list obtains fifth communication key, the fifth communication key decryption obtains session key using IC card bill;
The first short-range communication message is sent to application terminal using IC card, the first short-range communication message includes application
The sequence number pond record of terminal applies the location parameter of IC card information;
The application terminal obtains the 6th according to the location parameter abstraction sequence number, using the sequence number combination communication key table
Communication key, and then confirm that session key realizes short-range communication.
5. the anti-quantum calculation application system according to any one of claim 1 to 4 based on key card and sequence number is close
Apart from energy-saving communication method, which is characterized in that
Communication key is application server generation, and generation method includes:
It is mentioned using the random number combination pointer function of the random number of application IC card, the random number of application terminal and application server
It takes using IC card public key, application terminal public key and application server private key, and is utilized respectively whole using IC card public key and application
It holds public key respective algorithms in conjunction with application server private key to calculate and generates corresponding communication key;
Communication key is to generate using IC card/application terminal, and generation method includes:
It extracts and corresponds to respectively in connection with pointer function using application IC card/application terminal random number, the random number of application server
Private key pointer extracts corresponding communication key using the private key pointer combination communication key table.
6. a kind of computer equipment, including memory and processor, the memory stores computer program, which is characterized in that
The step of processor realizes claim 1 the method when executing the computer program.
7. a kind of computer equipment, including memory and processor, the memory stores computer program, which is characterized in that
The step of processor realizes claim 2 the method when executing the computer program.
8. a kind of computer equipment, including memory and processor, the memory stores computer program, which is characterized in that
The step of processor realizes claim 3 the method when executing the computer program.
9. a kind of computer equipment, including memory and processor, the memory stores computer program, which is characterized in that
The step of processor realizes claim 4 the method when executing the computer program.
10. a kind of anti-quantum calculation application system based on key card and sequence number, anti-quantum calculation application system includes application
Server and at least one applications client connecting with the application server communication, the applications client include that application is whole
Hold and apply IC card, which is characterized in that anti-each member of quantum calculation application system is provided with the key card comprising sequence number pond, institute
Stating sequence number pond includes sequence number and pairing person, and the sequence number pond of the application server also includes application server sequence number
Pond, application terminal sequence number pond and application IC card sequence number pond, the application terminal pass through trust using IC card with described
Session key short-range communication, in which:
Using IC card, for application server authentication, and send the first ticket requests message ciphertext to application server,
The first ticket requests message ciphertext encrypts the first ticket requests parameter by communication key, and the first ticket requests parameter includes application
IC card address, application terminal address and the quantity for applying for bill receive and apply for that total bill obtains session key and realizes with application eventually
Hold short-range communication;
Application server obtains the first request using the decryption of the first communication key for receiving the first ticket requests message ciphertext
Parameter, the first required parameter include checking application server using IC card address, application terminal address and the quantity for applying for bill
With the presence or absence of the information with application IC card pairing in the sequence number pond for the application terminal having in key card, application terminal sequence is extracted
Row number simultaneously obtains the first random number of application terminal using the sequence number, and is utilized respectively whole using IC card third random number and application
It holds the first random number to combine calculating with two random number of server and obtains respective communication key, added respectively using the communication key
IC card bill, application terminal bill are applied in close session key and then acquisition, each interior comprising applying IC card bill, application terminal ticket
Sub- ticket is constituted using the location parameter of the information of IC card according to the sequence number pond of, the second random number of server and application terminal record
According to multiple sub- bills constitute total bill and are sent to using IC card;
Application terminal, the first short-range communication message sent for receiving the application card, utilizes location parameter connected applications
Terminal serial number pond extract application terminal sequence number obtain application terminal the second random number, using application terminal second with
Machine number communication key table in conjunction with the second random number of application server extracts the 6th communication key, utilizes the 6th communication key solution
Close application terminal bill and then the session key realization short-range communication for obtaining trust.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910400861.1A CN110224816B (en) | 2019-05-15 | 2019-05-15 | Anti-quantum computing application system based on key fob and serial number, near-field energy-saving communication method and computer equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910400861.1A CN110224816B (en) | 2019-05-15 | 2019-05-15 | Anti-quantum computing application system based on key fob and serial number, near-field energy-saving communication method and computer equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110224816A true CN110224816A (en) | 2019-09-10 |
CN110224816B CN110224816B (en) | 2023-09-05 |
Family
ID=67821232
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910400861.1A Active CN110224816B (en) | 2019-05-15 | 2019-05-15 | Anti-quantum computing application system based on key fob and serial number, near-field energy-saving communication method and computer equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110224816B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113950049A (en) * | 2021-09-28 | 2022-01-18 | 天翼物联科技有限公司 | Internet of things quantum security method, system, device and medium based on SIM card |
CN114095183A (en) * | 2022-01-23 | 2022-02-25 | 杭州字节信息技术有限公司 | Client dual authentication method, terminal equipment and storage medium |
CN114155632A (en) * | 2021-11-30 | 2022-03-08 | 深圳市同创新佳科技有限公司 | Encryption communication key distribution method for electronic door lock of networked hotel |
CN115296847A (en) * | 2022-07-06 | 2022-11-04 | 杭州涂鸦信息技术有限公司 | Flow control method and device, computer equipment and storage medium |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2003132253A (en) * | 2001-10-22 | 2003-05-09 | Kddi Corp | Service reservation and providing method for mutual authentication by use of ticket, program therefor, and storage medium with program stored therein |
WO2018076365A1 (en) * | 2016-10-31 | 2018-05-03 | 美的智慧家居科技有限公司 | Key negotiation method and device |
-
2019
- 2019-05-15 CN CN201910400861.1A patent/CN110224816B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2003132253A (en) * | 2001-10-22 | 2003-05-09 | Kddi Corp | Service reservation and providing method for mutual authentication by use of ticket, program therefor, and storage medium with program stored therein |
WO2018076365A1 (en) * | 2016-10-31 | 2018-05-03 | 美的智慧家居科技有限公司 | Key negotiation method and device |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113950049A (en) * | 2021-09-28 | 2022-01-18 | 天翼物联科技有限公司 | Internet of things quantum security method, system, device and medium based on SIM card |
CN113950049B (en) * | 2021-09-28 | 2023-10-03 | 天翼物联科技有限公司 | Quantum security method, system, device and medium of Internet of things based on SIM card |
CN114155632A (en) * | 2021-11-30 | 2022-03-08 | 深圳市同创新佳科技有限公司 | Encryption communication key distribution method for electronic door lock of networked hotel |
CN114155632B (en) * | 2021-11-30 | 2023-10-31 | 深圳市同创新佳科技有限公司 | Method for distributing encryption communication keys of networking hotel electronic door locks |
CN114095183A (en) * | 2022-01-23 | 2022-02-25 | 杭州字节信息技术有限公司 | Client dual authentication method, terminal equipment and storage medium |
CN114095183B (en) * | 2022-01-23 | 2022-05-03 | 杭州字节信息技术有限公司 | Client dual authentication method, terminal equipment and storage medium |
CN115296847A (en) * | 2022-07-06 | 2022-11-04 | 杭州涂鸦信息技术有限公司 | Flow control method and device, computer equipment and storage medium |
CN115296847B (en) * | 2022-07-06 | 2024-02-13 | 杭州涂鸦信息技术有限公司 | Flow control method, flow control device, computer equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN110224816B (en) | 2023-09-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109495274B (en) | Decentralized intelligent lock electronic key distribution method and system | |
CN110519046B (en) | Quantum communication service station key negotiation method and system based on one-time asymmetric key pair and QKD | |
CN109951513B (en) | Quantum-resistant computing smart home quantum cloud storage method and system based on quantum key card | |
CN110224816A (en) | Anti- quantum calculation application system and short distance energy-saving communication method and computer equipment based on key card and sequence number | |
CN103124269A (en) | Bidirectional identity authentication method based on dynamic password and biologic features under cloud environment | |
CN110535626B (en) | Secret communication method and system for identity-based quantum communication service station | |
CN109495251A (en) | Anti- quantum calculation wired home cloud storage method and system based on key card | |
CN110505055A (en) | Based on unsymmetrical key pond to and key card outer net access identity authentication method and system | |
CN111416712B (en) | Quantum secret communication identity authentication system and method based on multiple mobile devices | |
CN111416715A (en) | Quantum secret communication identity authentication system and method based on secret sharing | |
EP1079565A2 (en) | Method of securely establishing a secure communication link via an unsecured communication network | |
CN106230840B (en) | A kind of command identifying method of high security | |
CN110519222A (en) | Outer net access identity authentication method and system based on disposable asymmetric key pair and key card | |
CN111245609B (en) | Secret sharing and random number based quantum secret communication key distribution and negotiation system and method thereof | |
CN110519214B (en) | Application system short-distance energy-saving communication method, system and equipment based on online and offline signature and auxiliary verification signature | |
CN109889329A (en) | Anti- quantum calculation wired home quantum communications method and system based on quantum key card | |
CN110213056B (en) | Anti-quantum computing energy-saving communication method and system and computer equipment | |
CN109299618A (en) | Anti- quantum calculation cloud storage method and system based on quantum key card | |
CN110430047B (en) | Anti-quantum computing energy-saving equipment key negotiation method and system based on asymmetric key and MQV | |
CN110048852B (en) | Quantum communication service station digital signcryption method and system based on asymmetric key pool | |
CN110061895B (en) | Close-range energy-saving communication method and system for quantum computing resisting application system based on key fob | |
CN110048920B (en) | Anti-quantum-computation intelligent home near-distance energy-saving communication method and system based on key fob | |
CN112054905B (en) | Secure communication method and system of mobile terminal | |
Wu et al. | A privacy protection scheme for facial recognition and resolution based on edge computing | |
CN110572788A (en) | Wireless sensor communication method and system based on asymmetric key pool and implicit certificate |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |