CN110380859A

CN110380859A - Based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method and system

Info

Publication number: CN110380859A
Application number: CN201910464740.3A
Authority: CN
Inventors: 富尧; 钟一民; 邱雅剑; 余秋炜
Original assignee: Ruban Quantum Technology Co Ltd
Current assignee: Ruban Quantum Technology Co Ltd
Priority date: 2019-05-30
Filing date: 2019-05-30
Publication date: 2019-10-25
Anticipated expiration: 2039-05-30
Also published as: CN110380859B

Abstract

This application discloses it is a kind of based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method and system, system includes masters, passive side, service station QA, service station QB and communication network；Masters and passive side are each configured with client key card, and service station public key pond and a pair of of client public and private key are stored in client key card；Service station QA and service station QB is each configured with service station key card, and client public key pond, service station private key pond, service station public key pond, quantum communications service station public key pond and quantum communications service station private key are stored in the key card of service station.The risk that unsymmetrical key in the application is cracked is low, and it solves pool of symmetric keys and gives quantum communications service station bring key storage pressure, data in identifying procedure can only be decrypted by DH private key owner, improve the safety of the identifying procedure based on symmetric key algorithm.

Description

Based on unsymmetrical key pond to and DH agreement quantum communications service station authentication side Method and system

Technical field

The application belongs to safety communication technology field, and in particular to the quantum communications based on unsymmetrical key pond and DH agreement Identity identifying method and system.Implement the identity authorization system under quantum communications service station between client and client.

Background technique

The Internet of rapid development brings huge convenience to people's lives, work, and people can be sitting in family It sent and received e-mail, made a phone call by Internet, carrying out the activities such as shopping online, bank transfer.The network information security simultaneously It is increasingly becoming a potential huge problem.In general the network information is faced with following several security risks: the network information It is stolen, information is tampered, attacker palms off information, malicious sabotage etc..

Wherein authentication is a kind of means of one of protection people's network information.Authentication is also referred to as " identity Verifying " or " identity identification ", refer to the process of confirmation operation person's identity in computer and computer network system, so that it is determined that Whether the user has access and access right to certain resource, and then enables the access strategy of computer and networks system It reliably and efficiently executes, prevents attacker from palming off the access authority that legitimate user obtains resource, guarantee the peace of system and data Entirely, and authorization visitor legitimate interests.

And currently ensure that authentication successfully mainly relies on cryptographic technique, and in field of cryptography of today, it is main Will there are two types of cryptographic system, first is that symmetric key cryptosystem, i.e. encryption key and decruption key use it is same.The other is Public key cryptosystem, i.e. encryption key and decruption key difference, one of them can be disclosed.Current most identity is recognized Card relies primarily on public key cryptography system using algorithm.

The encryption key pair (public key) and decryption key (private key) that Public Key Cryptographic Systems uses are different.Due to encryption Key be it is disclosed, the distribution of key and management are just very simple, and Public Key Cryptographic Systems can also be easily carried out number Signature.

Since public key encryption comes out, scholars propose many kinds of public key encryption methods, their safety is all base In complicated difficult math question.Classified according to the difficult math question being based on, have following three classes system be presently believed to be safety and It is effective: big integer factorization system (representative to have RSA), Discrete log systems (representative to have DSA) and ellipse from It dissipates Logarithmic system (ECC).

But with the development of quantum computer, classical asymmetric-key encryption algorithm will be no longer safe, no matter encryption and decryption Or private key can be calculated in key exchange method, quantum computer by public key, therefore currently used asymmetric close Key will become cannot withstand a single blow in the quantum epoch.Quantum key distribution equipment QKD can ensure that the key of negotiation can not be acquired at present. But QKD is mainly used for quantum main line, client device to quantum communications service station is still classic network, therefore by non-right Claim algorithm it is difficult to ensure that authentication procedures safety.

Due to the potential threat of quantum computer, the existing scheme that authentication is carried out based on pool of symmetric keys, utilization Symmetric key between sub- communication service station and quantum key card carries out authentication, abandons using public key cryptography, to avoid Identity authorization system is cracked by quantum computer.

Problem of the existing technology:

1. the existing scheme for carrying out authentication based on pool of symmetric keys, between quantum communications service station and quantum key card Using pool of symmetric keys, capacity is huge, brings pressure to the key storage in quantum communications service station；

2. the existing scheme that authentication is carried out based on pool of symmetric keys, since pool of symmetric keys key capacity is huge, amount Sub- communication service station, which has to encrypt key, to be stored in common storage such as hard disk, and can not be stored in quantum communications In the key card in service station；

3. the existing scheme for carrying out authentication based on pool of symmetric keys is given since pool of symmetric keys key capacity is huge Cipher key backup causes trouble.

Summary of the invention

Based on this, it is necessary in view of the above technical problems, provide it is a kind of based on unsymmetrical key pond to and DH agreement amount Sub- communication service station identity identifying method and system.

This application discloses based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method, it is real It applies in masters, the quantum communications service station identity identifying method, comprising:

It generates the first parameters for authentication X and is sent to passive side；The first parameters for authentication X is used for raw in conjunction with one's own side for passive side At the second parameters for authentication Y obtain the first certification message, the first certification message is used to be forwarded to service station QB through passive side The second certification message is obtained for service station QB afterwards；

The second certification message from passive side is received, is generated according to the second certification message and the first parameters for authentication X Third authenticates message, service station QA public key PKQA5 and one's own side private key SKA is obtained from one's own side's key card, and utilize the service The QA public key PKQA5 and one's own side's private key SKA that stands generates DH key K5, the third message authentication encrypted using the DH key K5 Code and the third of encryption authenticate message；

The third message authentication code of encryption and the third certification message of encryption are sent to service station QA；The third message is recognized Card code is used for for trusting the third certification message, the third certification message after being verified for service station QA for service station QA obtains the 4th certification message, and the 4th certification message includes using one's own side's private key by service station QA to the first parameters for authentication X The 4th signature signed with the second parameters for authentication Y；

The 4th certification message for obtaining the encryption from service station QA, obtains service station QA public key from one's own side's key card PKQA6 and one's own side private key SKA, and DH key K6 is generated using the service station QA public key PKQA6 and one's own side's private key SKA, it utilizes The DH key K6 decrypts to obtain the 4th certification message；

The 4th certification message is sent to passive side；The 4th certification message is after passive side is forwarded to service station QB It parses to obtain the 4th signature for service station QB, the 4th signature is for for obtaining authentication knot after the QB sign test of service station Fruit, the identity authentication result for passive side for being received and confirmed by.

This application discloses based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method, it is real It applies in passive side, the quantum communications service station identity identifying method, comprising:

The first parameters for authentication X from masters is obtained, generates the second parameters for authentication Y in one's own side, and according to described first Parameters for authentication X and the second parameters for authentication Y obtain the first certification message, and service station QB public key PKQB2 is obtained from one's own side's key card With one's own side private key SKB, and DH key K2 is generated using the service station QB public key PKQB2 and one's own side's private key SKB, utilizes the DH First certification message of the first message authentication code that key K2 is encrypted and encryption；The first parameters for authentication X is by masters It generates；

The first message authentication code of encryption and the first certification message of encryption are sent to service station QB；The first message is recognized Card code is used for for trusting the first certification message, the first certification message after being verified for service station QB for service station QB obtains the second certification message；

The the second certification message for obtaining the encryption from service station QB, obtains service station QB public affairs from one's own side's key card Key PKQB3 and one's own side private key SKB, and DH key K3, benefit are generated using the service station QB public key PKQB3 and one's own side's private key SKB It is decrypted to obtain the second certification message with the DH key K3；

The second certification message is sent to masters；The second certification message is used to combine the first certification for masters Parameter X generates third and authenticates message, and third certification message is used to obtain the 4th certification message for service station QA, and the described 4th Certification message includes the to be signed using one's own side's private key to the first parameters for authentication X and the second parameters for authentication Y by service station QA Four signatures；

The 4th certification message from masters is obtained, the 4th certification message is encrypted；

The 4th certification message of encryption is sent to service station QB；The 4th certification message for service station QB for parsing To the 4th signature, the 4th signature is for for obtaining identity authentication result after the QB sign test of service station；

Receive the identity authentication result from service station QB.

This application discloses based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method, it is real It applies in service station QB, the quantum communications service station identity identifying method, comprising:

Obtain the first message authentication code of the encryption from passive side and the first certification message of encryption；

Passive side's public key PKB and one's own side private key SKQB2 are obtained from one's own side's key card, and utilize passive side's public key PKB and one's own side's private key SKQB2 generate DH key K2, decrypt to obtain the first message authentication code and the using the DH key K2 One certification message trusts the first certification message after passing through to the first message authentication code verifying；

The second certification message is obtained according to the first certification message, passive side's public key PKB is obtained from one's own side's key card With one's own side private key SKQB3, and DH key K3 is generated using passive side's public key PKB and one's own side's private key SKQB3, utilizes the DH Key K3 is to the second certification message encryption；

The second certification message of encryption is sent to passive side；The second certification message is forwarded to actively through passive side It combines the first parameters for authentication X to generate third for masters behind side and authenticates message, the third certification message is used for for service station QA Obtain the 4th certification message, the 4th certification message include by service station QA using one's own side's private key to the first parameters for authentication X and The 4th signature that second parameters for authentication Y signs；

The 4th certification message for receiving the encryption from passive side obtains after decryption according to the 4th certification message described 4th signature, and identity authentication result is obtained after carrying out sign test to the 4th signature；The 4th certification message is by masters It is forwarded to passive side；

The identity authentication result is sent to passive side.

This application discloses based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method, it is real It applies in service station QA, the quantum communications service station identity identifying method, comprising:

The third of the third message authentication code and encryption that receive the encryption from masters authenticates message；

Masters public key PKA and one's own side private key SKQA5 are obtained from one's own side's key card, and utilize the masters public key PKA and one's own side's private key SKQA5 generates DH key K5, decrypts to obtain third message authentication code using the DH key K5 and third is recognized Message is demonstrate,proved, the third certification message is trusted after passing through to third message authentication code verifying；

Message is authenticated according to the third and obtains the first parameters for authentication X and the second parameters for authentication Y, and utilizes one's own side's private key pair The 4th signature that first parameters for authentication X and the second parameters for authentication Y sign obtains the 4th certification according to the 4th signature and disappears Breath obtains masters public key PKA and one's own side private key SKQA6 from one's own side's key card, and utilizes the masters public key PKA and oneself Square private key SKQA6 generates DH key K6, encrypts the 4th certification message using the DH key K6；

The 4th certification message of encryption is sent to masters；The 4th certification message is forwarded to passive side through masters, The 4th certification message parses to obtain the 4th signature for service station QB after passive side is forwarded to service station QB, and described the Four signatures are for for obtaining identity authentication result after the QB sign test of service station, the identity authentication result to be used to receive simultaneously for passive side Confirmation.

This application discloses based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method, institute The quantum communications service station identity identifying method stated, comprising:

The masters generate the first parameters for authentication X and are sent to passive side；

The passive side obtains the first parameters for authentication X from masters, generates the second parameters for authentication Y, and root in one's own side The first certification message is obtained according to the first parameters for authentication X and the second parameters for authentication Y, service station QB is obtained from one's own side's key card Public key PKQB2 and one's own side private key SKB, and DH key K2 is generated using the service station QB public key PKQB2 and one's own side's private key SKB, The first message authentication code encrypted using the DH key K2 and the first certification message of encryption are sent to service station QB；

The service station QB obtains the first message authentication code of the encryption from passive side and the first certification message of encryption, Passive side's public key PKB and one's own side private key SKQB2 are obtained from one's own side's key card, and utilize passive side's public key PKB and one's own side Private key SKQB2 generates DH key K2, decrypts to obtain the first message authentication code using the DH key K2 and the first certification disappears Breath trusts the first certification message after passing through to the first message authentication code verifying, obtained according to the first certification message To the second certification message, passive side's public key PKB and one's own side private key SKQB3 are obtained from one's own side's key card, and utilization is described passive Square public key PKB and one's own side's private key SKQB3 generates DH key K3, authenticates message encryption to described second using the DH key K3, The second certification message of encryption is sent to passive side；

The passive side obtains the second certification message of the encryption from service station QB, obtains from one's own side's key card Service station QB public key PKQB3 and one's own side private key SKB, and DH is generated using the service station QB public key PKQB3 and one's own side's private key SKB Key K3, decrypts to obtain the second certification message using the DH key K3, sends the second certification message to masters；

The masters receive the second certification message from passive side, according to the second certification message and the first certification Parameter X generates third and authenticates message, service station QA public key PKQA5 and one's own side private key SKA is obtained from one's own side's key card, and utilize The service station QA public key PKQA5 and one's own side's private key SKA generates DH key K5, the third encrypted using the DH key K5 Message authentication code and the third of encryption certification message are sent to service station QA；

The service station QA receives the third message authentication code of the encryption from masters and the third of encryption authenticates message, Masters public key PKA and one's own side private key SKQA5 are obtained from one's own side's key card, and utilize the masters public key PKA and one's own side Private key SKQA5 generates DH key K5, decrypts to obtain third message authentication code using the DH key K5 and third authenticates message, right Third message authentication code verifying trusts the third certification message after passing through, authenticate message according to the third and obtain the first certification Parameter X and the second parameters for authentication Y, and to be signed using one's own side's private key to the first parameters for authentication X and the second parameters for authentication Y Four signatures obtain the 4th certification message according to the 4th signature, masters public key PKA and one's own side are obtained from one's own side's key card Private key SKQA6, and DH key K6 is generated using the masters public key PKA and one's own side's private key SKQA6, utilize the DH key K6 It encrypts the 4th certification message and is sent to masters；

The masters obtain the 4th certification message of the encryption from service station QA, are serviced from one's own side's key card Stand QA public key PKQA6 and one's own side private key SKA, and generates DH key using the service station QA public key PKQA6 and one's own side's private key SKA K6, decrypts to obtain the 4th certification message using the DH key K6, sends the 4th certification message to passive side；

The passive side obtains the 4th certification message from masters, carries out at encryption to the 4th certification message Reason sends the 4th certification message of encryption to service station QB；

The service station QB receives the 4th certification message of the encryption from passive side, according to the 4th certification after decryption Message obtains the 4th signature, and is sent to passive side to identity authentication result is obtained after the 4th signature progress sign test；

The passive side receives the identity authentication result from service station QB.

Further, the masters and passive side are each configured with client key card, in the client key card It is stored with service station public key pond and a pair of of client public and private key；The service station QA and service station QB are each configured with service station It is logical to be stored with client public key pond, service station private key pond, service station public key pond, quantum in the service station key card for key card Telecommunications services station public key pond and quantum communications service station private key.

Further, the step of generation DH key Ki includes:

If service station public key be PKQi, service station private key be SKQi, client public key PK, client private key SK, then DH key Ki=PKQi^SK mod p is generated using the service station public key PKQi and client private key SK；Utilize client public affairs Key PK and service station private key SKQi generates DH key Ki '=PK^SKQi mod p；

It can be obtained according to Diffie-Hellman agreement, PKQi^SK mod p=PK^SKQi mod p, i.e. Ki=Ki '.

Disclosed herein as well is a kind of computer equipment, including memory and processor, the memory is stored with calculating Machine program, the processor realize the step of the quantum communications service station identity identifying method when executing the computer program Suddenly.

Disclosed herein as well is it is a kind of based on unsymmetrical key pond to and DH agreement the authentication of quantum communications service station System, including masters, passive side, service station QA, service station QB and communication network；The masters and passive side match respectively It is equipped with client key card, service station public key pond and a pair of of client public and private key are stored in the client key card；It is described Service station QA and service station QB is each configured with service station key card, is stored with client public key in the service station key card Pond, service station private key pond, service station public key pond, quantum communications service station public key pond and quantum communications service station private key；

The masters, passive side, service station QA and service station QB realize that the quantum is logical by the communication network The step of telecommunications services station identity identifying method.

In the application, the key card used is independent hardware isolated equipment.Public key, private key and other relevant parameters are deposited A possibility that storing up the data safety area in key card, stealing key by Malware or malicious operation substantially reduces, will not It is obtained and is cracked by quantum computer.Simultaneously unsymmetrical key pond solve pool of symmetric keys brought to quantum communications service station it is close Key stores pressure, reduces carrying cost.And the identifying procedure based on symmetric key algorithm is improved, so that identifying procedure In data, such as between B and service station interaction random number and digital signature, the symmetric key encryption obtained by DH algorithm protects Shield.Since the symmetric key that DH algorithm obtains can only calculate gained by communicating pair, the data in authentication authorization and accounting process can only be by DH Private key owner decryption, all other men can not decrypt, therefore improve the peace of the identifying procedure based on symmetric key algorithm Quan Xing.

Detailed description of the invention

Fig. 1 is the pool of keys distribution schematic diagram of service station key card in the application；

Fig. 2 is the pool of keys distribution schematic diagram of client key card in the application；

Fig. 3 is the authentication process figure of embodiment 1.

Specific embodiment

Below in conjunction with the attached drawing in the embodiment of the present application, technical solutions in the embodiments of the present application carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of embodiments of the present application, instead of all the embodiments.It is based on Embodiment in the application, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall in the protection scope of this application.

In order to better describe and illustrate embodiments herein, one or more attached drawing can refer to, but attached for describing The additional detail or example of figure are not construed as to present invention creation, current described embodiment or preferred side The limitation of the range of any one in formula.

It should be understood that there is no stringent sequences to limit for the execution of each step unless expressly stating otherwise herein, These steps can execute in other order.Moreover, at least part step may include multiple sub-steps or multiple ranks Section, these sub-steps or stage are not necessarily to execute completion in synchronization, but can execute at different times, this The execution sequence in a little step perhaps stage be also not necessarily successively carry out but can be with other steps or other steps Sub-step or at least part in stage execute in turn or alternately.

In one embodiment, provide it is a kind of based on unsymmetrical key pond to and the quantum communications service station identity of DH agreement recognize Card method is implemented in masters, the quantum communications service station identity identifying method, comprising:

In the present embodiment, the DH key encipherment protection that the message transmitted when each side conversates is obtained by DH algorithm, due to DH key can only be calculated by communicating pair, to improve the safety of the identifying procedure based on symmetric key algorithm.

In one embodiment, provide it is a kind of based on unsymmetrical key pond to and the quantum communications service station identity of DH agreement recognize Card method is implemented in passive side, the quantum communications service station identity identifying method, comprising:

Receive the identity authentication result from service station QB.

In one embodiment, provide it is a kind of based on unsymmetrical key pond to and the quantum communications service station identity of DH agreement recognize Card method is implemented in service station QB, the quantum communications service station identity identifying method, comprising:

The first message authentication code of the encryption from passive side and the first certification message of encryption are obtained, from one's own side's key card In obtain passive side's public key PKB and one's own side private key SKQB2, and generated using passive side's public key PKB and one's own side's private key SKQB2 DH key K2 decrypts to obtain the first message authentication code and the first certification message using the DH key K2, to described first Message authentication code verifying trusts the first certification message after passing through, obtain the second certification according to the first certification message and disappear Breath obtains passive side's public key PKB and one's own side private key SKQB3 from one's own side's key card, and utilizes passive side's public key PKB and oneself Square private key SKQB3 generates DH key K3, using the DH key K3 to the second certification message encryption；

The identity authentication result is sent to passive side.

In one embodiment, provide it is a kind of based on unsymmetrical key pond to and the quantum communications service station identity of DH agreement recognize Card method is implemented in service station QA, the quantum communications service station identity identifying method, comprising:

The third of the third message authentication code and encryption that receive the encryption from masters authenticates message, from one's own side's key card In obtain masters public key PKA and one's own side private key SKQA5, and generated using the masters public key PKA and one's own side's private key SKQA5 DH key K5 is decrypted to obtain third message authentication code and third is authenticated message, to third message authentication using the DH key K5 Code trusts the third certification message after being verified, authenticate message according to the third and obtain the first parameters for authentication X and second Parameters for authentication Y, and the 4th signature signed using one's own side's private key to the first parameters for authentication X and the second parameters for authentication Y, according to 4th signature obtains the 4th certification message, and masters public key PKA and one's own side private key SKQA6 are obtained from one's own side's key card, And DH key K6 is generated using the masters public key PKA and one's own side's private key SKQA6, described the is encrypted using the DH key K6 Four certification message；

In one embodiment, provide it is a kind of based on unsymmetrical key pond to and the quantum communications service station identity of DH agreement recognize Card method, the quantum communications service station identity identifying method, comprising:

In another embodiment, the masters and passive side are each configured with client key card, and the client is close Service station public key pond and a pair of of client public and private key are stored in key card；The service station QA and service station QB are each configured with Service station key card, be stored in the service station key card client public key pond, service station private key pond, service station public key pond, Quantum communications service station public key pond and quantum communications service station private key.

Only stored respectively in the present embodiment, in the key card of masters and passive side a pair of of client public private key pair and its The public key pond in corresponding quantum communications service station, it is right that this makes quantum communications service station only need to store its own public key pond institute The client public key pond in the private key pond and this quantum communications service station answered, so that the key storage in quantum communications service station is not necessarily to picture Pool of symmetric keys scheme equally stores multiple large capacity pool of symmetric keys of different clients, significantly reduces to quantum communications Service station bring key storage pressure, reduces carrying cost.In another embodiment, the step of generating DH key Ki is wrapped It includes:

In the present embodiment obtained by the symmetric key that DH algorithm obtains can only be calculated by communicating pair, in authentication authorization and accounting process Data can only be decrypted by DH private key owner, all other men can not decrypt, therefore improve based on symmetric key algorithm Identifying procedure safety.

In another embodiment, using DH key Ki to message Mi be calculated encryption the i-th message authentication code and The message Mi of encryption, comprising:

It is split DH key Ki to obtain EKi and AKi using algorithm is split, i-th is calculated to message Mi using AKi Message Mi and the i-th message authentication code MAC (Mi, AKi) is formed message Mi by message authentication code MAC (Mi, AKi) | | MAC (Mi, AKi), EKi encryption message Mi is reused | | the message Mi of MAC (Mi, AKi) the i-th message authentication code encrypted and encryption, i.e., {Mi||MAC(Mi,AKi)}EKi。

In another embodiment, it decrypts to obtain the i-th message authentication code and message Mi using DH key Ki, disappear to described i-th Breath authentication code verifying passes through rear trust messages Mi, comprising:

It is split DH key Ki to obtain EKi and AKi using algorithm is split, using EKi to the i-th message authentication of encryption The message Mi of code and encryption, i.e. { Mi | | MAC (Mi, AKi) } EKi are decrypted to obtain Mi | | MAC (Mi, AKi) uses AKi pairs The i-th message authentication code MAC (Mi, AKi) is calculated in message Mi, verifies the i-th message authentication code being calculated and decryption obtains The i-th message authentication code it is whether identical, be then verified if they are the same and trust messages Mi；Otherwise authentication failed.

The DH key being calculated further is split in the present embodiment, and carries out message authentication using the parameter after splitting Code calculates or encryption, increases the verifying link of message transmission, further promotes safety.In another embodiment, the clothes Business station QB obtains the second certification message according to the first certification message, comprising:

Parsing obtains the first parameters for authentication X and the second parameters for authentication Y in the first certification message；

Obtain message M3_1 according to the first parameters for authentication X and the second parameters for authentication Y, generate true random number Rq, according to very with Machine number Rq takes out QKD arranging key Kq from one's own side's quantum communications pool of keys, is calculated using QKD arranging key Kq message M3_1 The message M3_1 of the message authentication code encrypted and encryption；

The second certification message is obtained using the message M3_1 of true random number Rq, the message authentication code of encryption and encryption；

The service station QA authenticates message according to the third and obtains the first parameters for authentication X and the second parameters for authentication Y, wraps It includes:

Parsing third certification message obtains the second certification message and the first parameters for authentication X；

The message M3_1 of true random number Rq, the message authentication code of encryption and encryption are obtained according to the second certification message, according to True random number Rq takes out QKD arranging key Kq from one's own side's quantum communications pool of keys, is decrypted and is tested using QKD arranging key Kq Message M3_1 is obtained after card, and is parsed message M3_1 and obtained the second parameters for authentication Y.

In the present embodiment, encrypted transmission message is carried out using QKD between service station QA and service station QB, so that message is transmitted Safety greatly ensured.

The application scenarios of the application can be at one based on any two object under unsymmetrical key pond body system A, B carries out mutual authentication.Each object has key card in the pool of keys system of the application, can store big data quantity Key, also have processing information ability.In the application, all there is corresponding demand in the local system of object A and object B Algorithm.

The description of key card is visible, and application No. is the patents of " 201610843210.6 ".When for mobile terminal, key card Preferably key SD card；When for fixed terminal, key card is preferably key USBkey or host key board.

With application No. is compared with the patent of " 201610843210.6 ", key card to issue mechanism similar.This patent The key card side of issuing be key card supervisor side, the generally administrative department of group, such as the pipe of certain enterprise or public institution Reason department；The member's that the key card side of being awarded is managed by the supervisor side of key card, generally certain enterprise or public institution is each Grade employee.Supervisor side's application that user terminal arrives key card first is opened an account.After user terminal carries out registering granted, it will obtain close Key card (has unique key card ID).Key card stores client enrollment register information.Under same quantum communications service station Public key pond in client key card is all downloaded from down the same Key Management server, and its each client key card for issuing The public key pond of middle storage is completely the same.Preferably, the pool of keys size stored in key card can be 1G, 2G, 4G, 8G, 16G, 32G, 64G, 128G, 256G, 512G, 1024G, 2048G, 4096G etc..

Key card is developed from smart card techniques, is combined with real random number generator (preferably quantum random number Generator), cryptological technique, the authentication of hardware security isolation technology and encryption and decryption product.The embedded chip of key card and Operating system can provide the functions such as secure storage and the cryptographic algorithm of key.Due to it with independent data-handling capacity and Good safety, key card become the safety barrier of private key and pool of keys.Each key card has the protection of hardware PIN code, PIN code and hardware constitute two necessary factors that user uses key card.I.e. so-called " double factor authentication ", user is only simultaneously The key card and user's PIN code for saving relevant authentication information are obtained, it just can be with login system.Even if the PIN code of user is let out Dew, as long as the key card that user holds is not stolen, the identity of legitimate user would not be counterfeit；If the key card of user is lost It loses, the person of picking up also cannot counterfeit the identity of legitimate user due to not knowing user's PIN code.

In the application, key card is divided into service station key card and client key card.As shown in figure 1, service station key card Key zone be mainly stored with client public key pond, service station private key pond, service station public key pond, quantum communications service station public key pond and Quantum communications service station private key；In Fig. 2, the key zone of client key card is mainly stored with service station public key pond and a pair of visitor Family end public private key pair.The key card is issued by Key Management server.

Key Management server can select DH agreement before issuing key card and its algorithm parameter.Cipher key management services Device generates respective numbers according to the quantity of client and meets the number of the algorithm specification as private key and public key.Cipher key management services Device generates the ID of respective numbers, and chooses the public private key pair of respective numbers, and public key therein and ID is taken to be combined to obtain ID/ public affairs Key is written to formation public key pond file, i.e., above-mentioned client public key pond in same file in the form of ID/ public key.Meanwhile key Corresponding private key is also written to formation private key pond file, i.e. client private key in file by management server in an identical manner Pond.The ID of each private key is identical as the ID of corresponding public key in client public key pond in client private key pond.Key Management server The number for largely meeting the algorithm specification is generated again as private key and public key.Public and private key is respectively written by Key Management server Service station public key pond and service station private key pond are formed in two files.Public key and service station private key pond in the public key pond of service station The private key of middle same position is corresponding.The first key card issued is defined as service station key card by Key Management server, and will The key zone of service station private key pond and client public key pond and related algorithm parameter write-in key card.After Key Management server The continuous key card issued is client key card.Key Management server randomly selects a unappropriated ID and distributes to key Card, and take the public and private key of identical ID that the close of key card is written with service station public key pond from client public key pond and client private key pond Key area, relevant parameter are written in key card together.

Quantum communications service station management server is the cipher key authority in all quantum communications service stations, wherein including amount Sub- communication key management server is responsible for issuing the private key in quantum communications service station public key pond and each quantum communications service station.? A kind of algorithm for supporting signature can be selected to quantum communications Key Management server before quantum communications service station by issuing key.Amount Sub- communication key management server generates respective numbers according to the quantity in quantum communications service station and meets the number of the algorithm specification As private key and public key.Quantum communications Key Management server generates the ID of respective numbers, as the ID in quantum communications service station, And the public private key pair of respective numbers is chosen, take public key therein and ID to be combined to obtain ID/ public key, in the form of ID/ public key It is written to formation public key pond file, i.e., above-mentioned quantum communications service station public key pond in same file.Meanwhile quantum communications key pipe Corresponding private key is also written to formation private key pond file, i.e. quantum communications service station in file by reason server in an identical manner Private key pond.The ID of the ID of each private key and corresponding public key in the public key pond of quantum communications service station in the private key pond of quantum communications service station It is identical.Quantum communications Key Management server randomly selects a unappropriated ID and distributes to some quantum communications service station, and ID, quantum communications service station public key pond, the corresponding private key of the ID, relevant parameter are transferred to quantum communications using the mode of QKD Service station.Quantum communications service station is joined by the ID received, quantum communications service station public key pond, the corresponding private key of the ID, correlation The key zone of number write service station key card.

Random number described herein is true random number, preferably quantum random number.It should be noted that masters and by It is dynamic square not as the limitation to client, but for the ease of distinguishing the different identity of the client in one-time identity authentication.

Each title in the case where not doing specified otherwise in the application is subject to letter and number and is combined, such as QB, clothes QB, quantum communications service station QB hereinafter indicate same meaning, i.e. quantum communications service station QB at business station；For another example X, random number X, First parameters for authentication X hereinafter indicates same meaning, i.e. random number X；For another example PKB, public key PKB, passive side's public key PKB is under Same meaning, i.e. passive side's public key PKB are indicated in text；Remaining title is similarly.And the first parameters for authentication X, second parameters for authentication Y etc. X, Y in statement are intended merely to facilitate differentiation and narration, do not have additional qualification, such as quantum communications service to parameter itself Stand QB, QB, A in customer end A；For another example M3_0, Rq and K3 in information M3_0, true random number Rq and DH key K3；Other are same Reason.

Embodiment 1

The scene of the present embodiment is as shown in figure 3, include customer end A (masters), customer end B (passive side), quantum communications Service station QA and quantum communications service station QB (referred to as service station QA and service station QB).QA and QB is respectively provided with respective key Management server.Customer end A and customer end B are equipped with client key card, quantum communications service station QA and quantum communications service The QB that stands is furnished with service station key card.Customer end A belongs to quantum communications service station QA, and customer end B belongs to quantum communications service Stand QB, i.e., the key card of A, B are issued by the Key Management server of QA, QB respectively.

According to Diffie-Hellman agreement, a Big prime p and a several g are defined, g is the primitive root of mould p, and g and p are The parameter of Diffie-Hellman agreement.By taking customer end A and service station QA as an example, customer end A is generated according to matched key card DH private key of the truly random big integer SKA as customer end A, it is power that DH public key PKA=g^SKA mod p, ^, which is obtained by calculation, Oeprator.Service station QA generates truly random big integer SKQAi (i ∈ { 1,2 ... ..., m }) as clothes according to matched key card The DH private key of business station QA, is obtained by calculation DH public key PKQAi=g^SKQAi mod p (i ∈ { 1,2 ... ..., m }).

According to Diffie-Hellman agreement, PKQAi^SKA mod p=PKA^SKQAi mod p.Therefore it can be by PKQAi^ SKA mod p and PKA^SKQAi mod p is as information exchange key.Hereinafter, the portion of mod p is omitted for ease of description Point, PKQAi^SKA mod p is referred to using PKQAi^SKA, remaining is similarly.

The step of customer end A and customer end B authentication includes:

Step 1: customer end A initiates ID authentication request to customer end B.

Customer end A generates a random number X according to matched key card, i.e. the first parameters for authentication X, the ID with oneself is IDA is sent to customer end B, i.e. M1=IDA together as M1 | | X.

Step 2: the solicited message of A is transmitted to QB requests verification by customer end B.

After the side B receives M1, a truly random Y, i.e. the second parameters for authentication Y, with oneself are generated according to matched key card ID, that is, IDB and M1 form new information M2_0, i.e., the first certification message M2_0=M1 | | IDB | | Y.

B root generates a true random number R2 according to matched key card.B root is calculated according to R2 by key indicator function Cipher key location pointer out takes out the public key PKQB2 of QB according to cipher key location pointer from the service station public key pond of one's own side's key zone, The side B takes out own private key SKB simultaneously, obtains DH key K2, K2=PKQB2^SKB by special algorithm.

K2 is split into EK2 and AK2 by the side B, using AK2 to M2_0 be calculated first message authentication code MAC (M2_0, AK2), wherein MAC (m, k) format is indicated using m as message, using k as the message authentication code of key.The side B by M2_0 and MAC (M2_0, AK2) form message M2_0 | | MAC (M2_0, AK2) reuse EK2 encryption M2_0 | | MAC (M2_0, AK2) obtain M2_0 | | MAC (M2_0,AK2)}EK2。

Key message is finally reassembled into information M2, i.e. M2=IDB by the side B | | R2 | | M2_0 | | MAC (M2_0, AK2) } EK2, and information M2 is sent to service station QB.

Step 3: service station QB receives B information and processing forward returns B.

After service station QB receives the side B information M2, R2, IDB, { M2_0 | | MAC (M2_0, AK2) } inside M2 are extracted EK2.Cipher key location pointer is calculated by key indicator function according to R2, service station QB is close from one's own side according to cipher key location pointer The private key SKQB2 of QB is taken out in the service station private key pond in key area.Client of the service station QB according to IDB information in own key area The public key PKB that the side B is taken out in public key pond, is calculated K2, i.e. K2=PKB^SKQB2 by special algorithm.

K2 is splitted into and is split EK2 and AK2 by service station QB, using obtain EK2 to { M2_0 | | MAC (M2_0, AK2) } EK2 into Row decryption obtains M2_0, MAC (M2_0, AK2), reuses AK2 and is calculated message authentication code to M2_0, comparison MAC (M2_0, AK2) verify whether it is identical, after being verified, propose M2_0 in X and Y, and by X, Y form information M3_0, i.e. M3_0=X | | Y。

Service station QB signs M3_0 using private key SKQB to obtain SIGNB, i.e. SIGNB=SIGN (M3_0, SKQB).QB will IDB, Y, SIGNB form information M3_1, i.e. M3_1=IDB | | Y | | SIGNB.

Between service station QA and QB, due to having built QKD key distribution network, in addition to in-time generatin QKD key Outside function, two service stations also generate the QKD pool of symmetric keys for having caching, that is, are used for the quantum communications key of QA and QB secure communication Pond.The QKD key that early stage generates periodically is replaced with the QKD key being newly generated by the quantum communications pool of keys.Service station QB is produced A raw true random number Rq takes out the QKD arranging key Kq in itself quantum communications pool of keys according to Rq as cipher key index, And Kq is split into EKq and AKq.Service station QB carries out M3_1 using obtained AKq message authentication code MAC (M3_ is calculated 1, AKq), and by M3_1 and MAC (M3_1, AKq) information M3_1 is formed | | MAC (M3_1, AKq), Ekq pairs recycled M3_1 | | MAC (M3_1, AKq), which is encrypted, to be obtained M3_1 | | and MAC (M3_1, AKq) } EKq.Service station is again by key message weight Form M3_2 and M3_3, i.e., the second certification message M3_2=IDQB | | IDQA | | Rq | | and M3_1 | | MAC (M3_1, AKq) } EKq, And message M3_3=IDA | | IDB | | M3_2.

Service station QB generation one true random number R3, QB calculate cipher key location by key indicator function according to R3 and refer to Needle, and private key SKQB3 in service station is obtained from the private key pond of service station according to cipher key location pointer, and from the client of QB key zone The public key PKB that B is taken out in public key pond, is calculated K3, i.e. DH key K3=PKB^ by special algorithm in conjunction with own private key SKQB3。

K3 is split into AK3 and EK3 by service station QB, using AK3 is obtained carries out that message authentication code MAC is calculated to M3_3 Message authentication and M3_3 recombination message are obtained M3_3 by (M3_3, AK3) | | MAC (M3_3, AK3), recycling obtain EK3 to M3_ 3 | | MAC (M3_3, AK3), which is encrypted, to be obtained M3_3 | | and MAC (M3_3, AK3) } EK3.Key message is reassembled into message M3 by QB It is sent to customer end B, i.e. M3=R3 | | and M3_3 | | MAC (M3_3, AK3) } EK3.

Step 4: customer end B receives QB information and processing forward returns A

The side B, which receives, is parsed to obtain R3, { M3_3 | | MAC (M3_3, AK3) } EK3 after the information M3 of service station QB.Root Cipher key location pointer is calculated by key indicator function according to R3, B root is according to cipher key location pointer from the service of one's own side's key zone It stands and takes out the public key PKQB3 of QB in public key pond, the side B takes out private key SKB, K3, i.e. K3=PKQB3 is calculated by special algorithm ^SKB。

K3 is split into EK3 and AK3 by the side B, and { M3_3 | | MAC (M3_3, AK3) } EK3 is decrypted using obtained EK3 It obtains M3_3, MAC (M3_3, AK3), AK3 is recycled be calculated message authentication code to M3_3, comparison MAC (M3_3, AK3) verify whether identical, M3_3 and shuffling information parsed after being verified and obtains information M4, i.e. M4=IDB | | M3_2.The side B M4 It is sent to customer end A.

Step 5: customer end A receives the information of B and processing forward to QA

After the side A receives M4, according to the X of local cache, new information M5_0 is formed with oneself ID, that is, IDA and M4, i.e., Third authenticates message M5_0=M4 | | IDA | | X.

A root generates a true random number R5 according to matched key card.A root is calculated according to R5 by key indicator function Cipher key location pointer out takes out the public key PKQA5 of QA according to cipher key location pointer from the service station public key pond of one's own side's key zone, The side A takes out own private key SKA simultaneously, obtains DH key K5, i.e. K5=PKQA5^SKA by special algorithm.

K5 is split into EK5 and AK5 by the side A, using AK5 to M5_0 be calculated third message authentication code MAC (M5_0, AK5).M5_0 and MAC (M5_0, AK5) is formed message M5_0 by the side A | | MAC (M5_0, AK5) reuses EK5 encryption M5_0 | | MAC (M5_0, AK5) obtains { M5_0 | | MAC (M5_0, AK5) } EK5.

Key message is finally reassembled into information M5, i.e. M5=IDA by the side A | | R5 | | M5_0 | | MAC (M5_0, AK5) } EK5, and information M5 is sent to service station QA.

Step 6:QA, which receives the information of A and handles, replys A.

After service station QA receives the side A information M5, R5, IDA, { M5_0 | | MAC (M5_0, AK5) } inside M5 are extracted EK5.Cipher key location pointer is calculated by key indicator function according to R5, QA is according to cipher key location pointer from own key area The private key SKQA5 of QA is taken out in the private key pond of service station.Service station QA according to IDA information own key area client public key pond The middle public key PKA for taking out the side A, is calculated K5, i.e. K5=PKA^SKQA5 by special algorithm.

K5 is splitted into and is split EK5 and AK5 by service station QA, using obtain EK5 to { M5_0 | | MAC (M5_0, AK5) } EK5 into Row decryption obtains M5_0, MAC (M5_0, AK5), reuses AK5 and is calculated message authentication code to M5_0, comparison MAC (M5_0, AK5) verify whether it is identical, after being verified, extract M5_0 in M3_2=IDQB | | IDQA | | Rq | | M3_1 | | MAC (M3_ 1, AKq) } EKq information and X.

Service station QA, as cipher key index, takes out the QKD arranging key Kq in itself quantum communications pool of keys according to Rq, and Kq is split into EKq and AKq.Service station QA is decrypted { M3_1 | | MAC (M3_1, AKq) } Ekq using obtained EKq To M3_1 | | MAC (M3_1, AKq) recycles AKq to carry out that message authentication code is calculated to M3_1, compares MAC (M3_1, AKq) It verifies whether identical, the information of M3_1, i.e. IDB, Y, SIGNB is parsed after being verified.The public key pair of service station QA taking-up QB SIGNB=SIGN (M3_0, SKQB) carries out verifying signature, carries out in next step after being verified.

Service station QA forms information M6_0, i.e. M6_0=X | | Y.QA signs M6_0 using own private key to obtain the 4th label IDA, SIGNA are formed information M6_1, i.e. M6_1=IDA by name SIGNA=SIGN (M6_0, SKQA), QA | | SIGNA.

Service station QA be calculated message authentication code MAC (M6_1, AKq) to M6_1 using AKq, and by M6_1, MAC (M6_1, AKq) form information M6_1 | | MAC (M6_1, AKq), the EKq recycled is to M6_1 | | MAC (M6_1, AKq) into Row encryption obtains { M6_1 | | MAC (M6_1, AKq) } EKq.Key message is reassembled into M6_2 and M6_3, i.e., the 4th again by service station Authenticate message M6_2=IDQA | | IDQB | | Rq | | { M6_1 | | MAC (M6_1, AKq) } EKq and message M6_3=IDA | | IDB ||M6_2。

Service station QA generation one true random number R6, QA calculate cipher key location by key indicator function according to R6 and refer to Needle, and private key SKQA6 in service station is obtained from the private key pond of service station according to cipher key location pointer, and from the client of QA key zone The public key PKA that A is taken out in public key pond, is calculated K6, i.e. DH key K6=PKA^ by special algorithm in conjunction with own private key SKQA6。

K6 is split into AK6 and EK6 by service station QA, using AK6 is obtained carries out that message authentication code MAC is calculated to M6_3 Message authentication and M6_3 recombination message are obtained M6_3 by (M6_3, AK6) | | MAC (M6_3, AK6), recycling obtain EK6 to M6_ 3 | | MAC (M6_3, AK6), which is encrypted, to be obtained M6_3 | | and MAC (M6_3, AK6) } EK6.Key message is reassembled into message M6 by QA It is sent to customer end A, i.e. M6=R6 | | and M6_3 | | MAC (M6_3, AK6) } EK6.

Step 7:A receives the information of QA and processing forward to B

The side A, which receives, is parsed to obtain R6, { M6_3 | | MAC (M6_3, AK6) } EK6 after the information M6 of service station QA.Root Cipher key location pointer is calculated by key indicator function according to R6, A root is according to cipher key location pointer from the service of one's own side's key zone It stands and takes out the public key PKQA6 of QA in public key pond, the side A takes out private key SKA, K6, i.e. K6=PKQA6 is calculated by special algorithm ^SKA。

K6 is split into EK6 and AK6 by the side A, and { M6_3 | | MAC (M6_3, AK6) } EK6 is decrypted using obtained EK6 It obtains M6_3, MAC (M6_3, AK6), AK6 is recycled be calculated message authentication code to M6_3, comparison MAC (M6_3, AK6) verify whether identical, M6_3 and shuffling information parsed after being verified and obtains information M7, i.e. M7=IDA | | M6_2.It the side B will Information M7 is sent to customer end B.

Step 8: customer end B is sent to QB after receiving the information processing of the side A

After the side B receives the M7 that A is forwarded, takes oneself IDB information and M7 recombination generates M8_0 information, i.e. M8_0= IDB||M7。

B root generates a true random number R8 according to matched key card.B root is calculated according to R8 by key indicator function Cipher key location pointer out takes out the public key PKQB8 of QB according to cipher key location pointer from the service station public key pond of one's own side's key zone, The side B takes out own private key SKB simultaneously, obtains K8, i.e. DH key K8=PKQB8^SKB by special algorithm.

K8 is split into EK8 and AK8 by the side B, and message authentication code MAC (M8_0, AK8) is calculated to M8_0 using AK8.B M8_0, MAC (M8_0, AK8) is formed message M8_0 by side | | MAC (M8_0, AK8) reuses EK8 encryption M8_0 | | MAC (M8_ 0, AK8) obtain M8_0 | | MAC (M8_0, AK8) } EK8.

Key message is finally reassembled into information M8, i.e. M8=IDB by the side B | | R8 | | M8_0 | | MAC (M8_0, AK8) } EK8, and information M8 is sent to service station QB.

Step 9:QB, which receives the information that B is sent and handles, replys B result

After service station QB receives the side B information M8, R8, IDB, { M8_0 | | MAC (M8_0, AK8) } inside M8 are extracted EK8.Cipher key location pointer is calculated by key indicator function according to R8, QB is according to cipher key location pointer from own key area The private key SKQB8 of QB is taken out in the private key pond of service station.Service station QB according to IDB information own key area client public key pond The middle public key PKB for taking out the side B, is calculated K8, i.e. K8=PKB^SKQB8 by special algorithm.

Service station QB by calculate by K8 split into split EK8 and AK8, using obtain EK8 to M8_0 | | MAC (M8_0, AK8) } EK8 is decrypted to obtain M8_0, MAC (M8_0, AK8), reuses AK8 and message authentication code is calculated to M8_0, comparison MAC (M8_0, AK8) verify whether it is identical, after being verified, extract M8_0 in M6_2=IDQA | | IDQB | | Rq | | M6_1 | | MAC (M6_1, AKq) } EKq information.

Service station QB parses M6_2 information, is taken out in itself quantum communications pool of keys according to the random number R q in M6_2 QKD arranging key Kq, and Kq is split into EKq and AKq.Service station QB using obtained EKq to M6_1 | | MAC (M6_1, AKq) } EKq is decrypted to obtain M6_1 | | MAC (M6_1, AKq) recycles AKq to carry out that message authentication is calculated to M6_1 Code, comparison MAC (M6_1, AKq) verifies whether identical, and the information of M6_1, i.e. IDA, SIGNA are parsed after being verified.

Service station QB takes out the public key PKQA of service station QA to SIGNA=from itself quantum communications service station public key pond SIGN (M6_0, SKQA) carries out verifying signature.Service station QB recognizes the identity that sign test success or failure are generated after SIGNA sign test Result information REP=OK/FAIL is demonstrate,proved, information REP, IDA, IDB are reassembled into information M9_0, i.e. M9_0=IDA | | IDB | | REP.

Service station QB generation one true random number R9, QB calculate cipher key location by key indicator function according to R9 and refer to Needle, and private key SKQB9 in service station is obtained from the private key pond of service station according to cipher key location pointer, and from the client of QB key zone The public key PKB that B is taken out in public key pond, is calculated K9, i.e. DH key K9=by special algorithm in conjunction with own private key SKQB9 PKB^SKQB9。

K9 is split into AK9 and EK9 by service station QB, using AK9 is obtained carries out that message authentication code MAC is calculated to M9_0 Message authentication and M9_0 recombination message are obtained M9_0 by (M9_0, AK9) | | MAC (M9_0, AK9), recycling obtain EK9 to M9_ 0 | | MAC (M9_0, AK9), which is encrypted, to be obtained M9_0 | | and MAC (M9_0, AK9) } EK9.Key message is reassembled into message M9 by QB It is sent to customer end B, i.e. M9=R9 | | and M9_0 | | MAC (M9_0, AK9) } EK9.

Step 10: customer end B receives the reply of service station QB and confirms certification

The side B, which receives, is parsed to obtain R9, { M9_0 | | MAC (M9_0, AK9) } EK9 after the information M9 of service station QB.Root Cipher key location pointer is calculated by key indicator function according to R9, B root is according to cipher key location pointer from the service of one's own side's key zone It stands and takes out the public key PKQB9 of QB in public key pond, the side B takes out one's own side's private key SKB, K9, i.e. K9=is calculated by special algorithm PKQB9^SKB。

K9 is split into EK9 and AK9 by the side B, and { M9_0 | | MAC (M9_0, AK9) } EK9 is decrypted using obtained EK9 Obtain M9_0, M9_0 | | MAC (M9_0, AK9) recycles AK9 to carry out that message authentication code is calculated to M9_0, compares M9_0 | | MAC (M9_0, AK9) verifies whether identical, and M9_0 is parsed after being verified and obtains IDA, IDB, REP, B root according to IDA, IDB, REP information determines the identity and identity authentication result information of the side A and one's own side, i.e. authentication success or failure.

The present embodiment is can be considered for each step for aforementioned corresponding embodiment, also visual for all steps For the combination of aforementioned corresponding embodiment.

In the application, the key card used is independent hardware isolated equipment.Public key, private key and other relevant parameters are deposited A possibility that storing up the data safety area in key card, stealing key by Malware or malicious operation substantially reduces, will not It is obtained and is cracked by quantum computer.It is non-since nothing is related to the transmitting of public and private key and algorithm parameter in classic network The risk that symmetric key is cracked is very low, in addition, encrypted transmission message is carried out using QKD between service station and service station, so The safety of message is greatly ensured.Key card has ensured communication security of the communicating pair in group, also greatly mentions The high safety of authentication.Unsymmetrical key pond solves pool of symmetric keys and brings key to quantum communications service station simultaneously Pressure is stored, carrying cost is reduced.For example, the pool of symmetric keys size of original users is 1G, user's number is N, then measures Sub- communication service station needs to store the pool of keys of N G, and if storage unsymmetrical key pond, it is same that client stores pool of keys size Sample is 1G, and quantum communications service station equally only needs to store the pool of keys of 1G size.

Meanwhile the application improves the identifying procedure based on symmetric key algorithm, so that the data in identifying procedure It is safer, for example, random number and digital signature interactive between B and service station, the symmetric key encryption guarantor obtained by DH algorithm Shield.Since the symmetric key that DH algorithm obtains can only calculate gained by communicating pair, the data in authentication authorization and accounting process can only be by DH Private key owner decryption, all other men can not decrypt, therefore improve the peace of the identifying procedure based on symmetric key algorithm Quan Xing.

In one embodiment, the application also provides a kind of computer equipment, the computer equipment can be active method, apparatus, Passive method, apparatus, service station QA equipment or service station QB equipment.Computer equipment includes memory and processor, the memory It is stored with computer program, the processor realizes the quantum communications service station authentication when executing the computer program The step of method.

Specific restriction about computer equipment may refer to above to quantum communications service station identity identifying method It limits, details are not described herein.Modules in above-mentioned computer equipment can be fully or partially through software, hardware and combinations thereof To realize.Above-mentioned each module can be embedded in the form of hardware or independently of in the processor in computer equipment, can also be with soft Part form is stored in the memory in computer equipment, executes the corresponding behaviour of the above modules in order to which processor calls Make.

Computer equipment can be terminal, and internal structure may include the processor connected by system bus, storage Device, network interface, display screen and input unit.Wherein, the processor of computer equipment is for providing calculating and control ability.Meter The memory for calculating machine equipment includes non-volatile memory medium, built-in storage.The non-volatile memory medium is stored with operation system System and computer program.The built-in storage provides for the operation of operating system and computer program in non-volatile memory medium Environment.The network interface of computer equipment is used to communicate with external terminal by network connection.The computer program is processed Device execute when with realize it is above-mentioned based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method.It calculates The display screen of machine equipment can be liquid crystal display or electric ink display screen, and the input unit of computer equipment can be aobvious The touch layer covered in display screen is also possible to the key being arranged on computer equipment shell, trace ball or Trackpad, can also be External keyboard, Trackpad or mouse etc..

In another embodiment, provide it is a kind of based on unsymmetrical key pond to and DH agreement quantum communications service station body Part Verification System, including masters, passive side, service station QA, service station QB and communication network；The masters and passive side It is each configured with client key card, service station public key pond is stored in the client key card and a pair of of client is public, private Key；The service station QA and service station QB is each configured with service station key card, is stored with client in the service station key card Hold public key pond, service station private key pond, service station public key pond, quantum communications service station public key pond and quantum communications service station private key；

About based on unsymmetrical key pond to and DH agreement quantum communications service station identity authorization system specific restriction May refer to above for based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method limit Fixed, details are not described herein.

Each technical characteristic of embodiment described above can be combined arbitrarily, for simplicity of description, not to above-mentioned reality It applies all possible combination of each technical characteristic in example to be all described, as long as however, the combination of these technical characteristics is not present Contradiction all should be considered as described in this specification.

The several embodiments of the application above described embodiment only expresses, the description thereof is more specific and detailed, but simultaneously It cannot therefore be construed as limiting the scope of the patent.It should be pointed out that coming for those of ordinary skill in the art It says, without departing from the concept of this application, various modifications and improvements can be made, these belong to the protection of the application Range.Therefore, the scope of protection shall be subject to the appended claims for the application patent.

Claims

1. based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method, implement in masters, It is characterized in that, the quantum communications service station identity identifying method, comprising:

It generates the first parameters for authentication X and is sent to passive side；The first parameters for authentication X is used to combine one's own side to generate for passive side Second parameters for authentication Y obtains the first certification message, and the first certification message after passive side is forwarded to service station QB for supplying Service station QB obtains the second certification message；

The second certification message from passive side is received, third is generated according to the second certification message and the first parameters for authentication X Message is authenticated, service station QA public key PKQA5 and one's own side private key SKA are obtained from one's own side's key card, and utilize the service station QA Public key PKQA5 and one's own side's private key SKA generate DH key K5, using the DH key K5 third message authentication code encrypted and The third of encryption authenticates message；

The third message authentication code of encryption and the third certification message of encryption are sent to service station QA；The third message authentication code For trusting the third certification message after being verified for service station QA, the third certification message for service station QA for obtaining To the 4th certification message, the 4th certification message includes using one's own side's private key by service station QA to the first parameters for authentication X and the The 4th signature that two parameters for authentication Y sign；

The 4th certification message for obtaining the encryption from service station QA, obtains service station QA public key PKQA6 from one's own side's key card With one's own side private key SKA, and DH key K6 is generated using the service station QA public key PKQA6 and one's own side's private key SKA, utilizes the DH Key K6 decrypts to obtain the 4th certification message；

The 4th certification message is sent to passive side；The 4th certification message is after passive side is forwarded to service station QB for clothes Business station QB parses to obtain the 4th signature, the 4th signature for for obtaining identity authentication result after the QB sign test of service station, The identity authentication result for passive side for being received and confirmed by.

2. based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method, implement in passive side, It is characterized in that, the quantum communications service station identity identifying method, comprising:

The first parameters for authentication X from masters is obtained, generates the second parameters for authentication Y in one's own side, and according to first certification Parameter X and the second parameters for authentication Y obtain the first certification message, and service station QB public key PKQB2 and oneself are obtained from one's own side's key card Square private key SKB, and DH key K2 is generated using the service station QB public key PKQB2 and one's own side's private key SKB, utilize the DH key First certification message of the first message authentication code that K2 is encrypted and encryption；The first parameters for authentication X is generated by masters；

The first message authentication code of encryption and the first certification message of encryption are sent to service station QB；The first message authentication code For trusting the first certification message after being verified for service station QB, the first certification message for service station QB for obtaining To the second certification message；

The the second certification message for obtaining the encryption from service station QB, obtains service station QB public key from one's own side's key card PKQB3 and one's own side private key SKB, and DH key K3 is generated using the service station QB public key PKQB3 and one's own side's private key SKB, it utilizes The DH key K3 decrypts to obtain the second certification message；

The second certification message is sent to masters；The second certification message is used to combine the first parameters for authentication for masters X generates third and authenticates message, and the third certification message is used to obtain the 4th certification message, the 4th certification for service station QA Message includes the 4th label signed using one's own side's private key to the first parameters for authentication X and the second parameters for authentication Y by service station QA Name；

The 4th certification message of encryption is sent to service station QB；The 4th certification message for service station QB for parsing to obtain institute The 4th signature is stated, the 4th signature is for for obtaining identity authentication result after the QB sign test of service station；

Receive the identity authentication result from service station QB.

3. based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method, implement in service station QB, It is characterized in that, the quantum communications service station identity identifying method, comprising:

Obtain passive side's public key PKB and one's own side private key SKQB2 from one's own side's key card, and using passive side's public key PKB and One's own side's private key SKQB2 generates DH key K2, decrypts to obtain the first message authentication code and first using the DH key K2 and recognize Message is demonstrate,proved, the first certification message is trusted after passing through to the first message authentication code verifying；

The second certification message is obtained according to the first certification message, passive side's public key PKB and oneself are obtained from one's own side's key card Square private key SKQB3, and DH key K3 is generated using passive side's public key PKB and one's own side's private key SKQB3, utilize the DH key K3 is to the second certification message encryption；

The second certification message of encryption is sent to passive side；The second certification message is after passive side is forwarded to masters It combines the first parameters for authentication X to generate third for masters and authenticates message, the third certification message for service station QA for obtaining 4th certification message, the 4th certification message includes using one's own side's private key by service station QA to the first parameters for authentication X and second The 4th signature that parameters for authentication Y signs；

The 4th certification message for receiving the encryption from passive side, obtains the described 4th according to the 4th certification message after decryption Signature, and identity authentication result is obtained after carrying out sign test to the 4th signature；The 4th certification message is forwarded by masters To passive side；

The identity authentication result is sent to passive side.

4. based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method, implement in service station QA, It is characterized in that, the quantum communications service station identity identifying method, comprising:

Obtain masters public key PKA and one's own side private key SKQA5 from one's own side's key card, and using the masters public key PKA and One's own side's private key SKQA5 generates DH key K5, decrypts to obtain third message authentication code using the DH key K5 and third certification disappears Breath trusts the third certification message after passing through to third message authentication code verifying；

Message is authenticated according to the third and obtains the first parameters for authentication X and the second parameters for authentication Y, and using one's own side's private key to first The 4th signature that parameters for authentication X and the second parameters for authentication Y sign obtains the 4th certification message according to the 4th signature, Masters public key PKA and one's own side private key SKQA6 are obtained from one's own side's key card, and utilize the masters public key PKA and one's own side Private key SKQA6 generates DH key K6, encrypts the 4th certification message using the DH key K6；

The 4th certification message of encryption is sent to masters；The 4th certification message is forwarded to passive side through masters, described 4th certification message parses to obtain the 4th signature, the 4th label for service station QB after passive side is forwarded to service station QB For for obtaining identity authentication result after the QB sign test of service station, the identity authentication result is used to receive for passive side and true name Recognize.

5. based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method, which is characterized in that it is described Quantum communications service station identity identifying method, comprising:

The passive side obtains the first parameters for authentication X from masters, generates the second parameters for authentication Y in one's own side, and according to institute It states the first parameters for authentication X and the second parameters for authentication Y obtains the first certification message, service station QB public key is obtained from one's own side's key card PKQB2 and one's own side private key SKB, and DH key K2 is generated using the service station QB public key PKQB2 and one's own side's private key SKB, it utilizes The first message authentication code that the DH key K2 is encrypted and the first certification message of encryption are sent to service station QB；

The service station QB obtains the first message authentication code of the encryption from passive side and the first certification message of encryption, from oneself Passive side's public key PKB and one's own side private key SKQB2 are obtained in square key card, and utilize passive side's public key PKB and one's own side's private key SKQB2 generates DH key K2, decrypts to obtain the first message authentication code and the first certification message using the DH key K2, right The first message authentication code verifying trusts the first certification message after passing through, obtain second according to the first certification message Message is authenticated, passive side's public key PKB and one's own side private key SKQB3 are obtained from one's own side's key card, and utilize passive side's public key PKB and one's own side's private key SKQB3 generate DH key K3, using the DH key K3 to the second certification message encryption, to passive Side sends the second certification message of encryption；

The passive side obtains the second certification message of the encryption from service station QB, is serviced from one's own side's key card Stand QB public key PKQB3 and one's own side private key SKB, and generates DH key using the service station QB public key PKQB3 and one's own side's private key SKB K3, decrypts to obtain the second certification message using the DH key K3, sends the second certification message to masters；

The masters receive the second certification message from passive side, according to the second certification message and the first parameters for authentication X generates third and authenticates message, service station QA public key PKQA5 and one's own side private key SKA is obtained from one's own side's key card, and described in utilization Service station QA public key PKQA5 and one's own side's private key SKA generate DH key K5, the third message encrypted using the DH key K5 Authentication code and the third of encryption certification message are sent to service station QA；

The service station QA receives the third message authentication code of the encryption from masters and the third of encryption authenticates message, from oneself Masters public key PKA and one's own side private key SKQA5 are obtained in square key card, and utilize the masters public key PKA and one's own side's private key SKQA5 generates DH key K5, decrypts to obtain third message authentication code using the DH key K5 and third authenticates message, to third Message authentication code verifying trusts the third certification message after passing through, authenticate message according to the third and obtain the first parameters for authentication X and the second parameters for authentication Y, and the 4th label signed using one's own side's private key to the first parameters for authentication X and the second parameters for authentication Y Name obtains the 4th certification message according to the 4th signature, masters public key PKA and one's own side's private key is obtained from one's own side's key card SKQA6, and DH key K6 is generated using the masters public key PKA and one's own side's private key SKQA6, it is encrypted using the DH key K6 The 4th certification message is sent to masters；

The masters obtain the 4th certification message of the encryption from service station QA, and service station QA is obtained from one's own side's key card Public key PKQA6 and one's own side private key SKA, and DH key K6 is generated using the service station QA public key PKQA6 and one's own side's private key SKA, It decrypts to obtain the 4th certification message using the DH key K6, sends the 4th certification message to passive side；

The passive side obtains the 4th certification message from masters, and the 4th certification message is encrypted, to Service station QB sends the 4th certification message of encryption；

The service station QB receives the 4th certification message of the encryption from passive side, according to the 4th certification message after decryption The 4th signature is obtained, and is sent to passive side to identity authentication result is obtained after the 4th signature progress sign test；

6. as it is according to any one of claims 1 to 5 based on unsymmetrical key pond to and DH agreement quantum communications service station Identity identifying method, which is characterized in that the masters and passive side are each configured with client key card, and the client is close Service station public key pond and a pair of of client public and private key are stored in key card；The service station QA and service station QB are each configured with Service station key card, be stored in the service station key card client public key pond, service station private key pond, service station public key pond, Quantum communications service station public key pond and quantum communications service station private key.

7. as it is according to any one of claims 1 to 5 based on unsymmetrical key pond to and DH agreement quantum communications service station Identity identifying method, which is characterized in that generate DH key Ki the step of include:

If service station public key is PKQi, service station private key is SKQi, and client public key PK, client private key SK are then utilized The service station public key PKQi and client private key SK generates DH key Ki=PKQi^SK mod p；Utilize client public key PK DH key Ki '=PK^SKQi mod p is generated with service station private key SKQi；

8. a kind of computer equipment, including memory and processor, the memory are stored with computer program, feature exists In the processor realizes quantum communications service station body described in any one of Claims 1 to 4 when executing the computer program The step of identity authentication method.

9. based on unsymmetrical key pond to and DH agreement quantum communications service station identity authorization system, which is characterized in that including Masters, passive side, service station QA, service station QB and communication network；The masters and passive side are each configured with client Key card is held, service station public key pond and a pair of of client public and private key are stored in the client key card；The service station QA It is each configured with service station key card with service station QB, is stored with client public key pond, service station in the service station key card Private key pond, service station public key pond, quantum communications service station public key pond and quantum communications service station private key；

The masters, passive side, service station QA and service station QB are realized described in claim 5 by the communication network The step of quantum communications service station identity identifying method.