CN111726224A - Quantum secret communication-based data integrity rapid authentication method, system, terminal and storage medium - Google Patents

Quantum secret communication-based data integrity rapid authentication method, system, terminal and storage medium Download PDF

Info

Publication number
CN111726224A
CN111726224A CN202010403467.6A CN202010403467A CN111726224A CN 111726224 A CN111726224 A CN 111726224A CN 202010403467 A CN202010403467 A CN 202010403467A CN 111726224 A CN111726224 A CN 111726224A
Authority
CN
China
Prior art keywords
data
hash value
quantum
shared key
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010403467.6A
Other languages
Chinese (zh)
Inventor
蒋文保
刘颖慧
史博轩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Information Science and Technology University
Original Assignee
Beijing Information Science and Technology University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Information Science and Technology University filed Critical Beijing Information Science and Technology University
Priority to CN202010403467.6A priority Critical patent/CN111726224A/en
Publication of CN111726224A publication Critical patent/CN111726224A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The application provides a data integrity rapid authentication method, a system, a terminal and a storage medium based on quantum secret communication, wherein the method comprises the following steps: the data sending end and the data receiving end acquire a quantum shared key; generating a first hash value by carrying out hash operation on the plaintext data of the data sending end and the shared secret key, and sending the plaintext data and the first hash value to the data receiving end; generating a second hash value by carrying out hash operation on the received plaintext data and the shared secret key; comparing the first hash value with the second hash value to verify data integrity; this application carries out the hash operation through replacing traditional key with the quantum key and carries out data integrity verification, can reduce the risk that is cracked when hash function carries out data integrity verification, because the communication both ends need carry out authentication in order to ensure authenticity, the integrality of data when data communication, need quick authentication when extensive communication, adopt the quantum key to carry out hash operation and can realize data integrity, authenticity verification fast.

Description

Quantum secret communication-based data integrity rapid authentication method, system, terminal and storage medium
Technical Field
The application relates to the technical field of quantum communication, in particular to a method, a system, a terminal and a storage medium for fast authentication of data integrity based on quantum secret communication.
Background
In an information security system, the privacy and integrity of encrypted data are two important aspects. The key of the privacy security of the encrypted data is the secret storage and the secret sharing, and the integrity of the encrypted data is to reduce the risk of data tampering by providing a data hash value for verification. In the existing data integrity check, a hash algorithm and a key are generally used for carrying out hash operation on data to obtain a data hash value, the hash value and the data are sent to an opposite side in a block, after the opposite side receives the data, the same hash algorithm and the same key are used for carrying out hash operation on the data to obtain the hash value, and if the obtained hash value is the same as that sent by the opposite side, the data is not tampered.
The hash is an irreversible mapping, and a hash value can be calculated by a hash algorithm, but the original data cannot be obtained by reflection of the hash value. When the data integrity is verified through the hash value, the security of the secret key is low, the risk of being acquired and leaked in the transmission process is high, and the accuracy of the data integrity verification through the hash value is greatly reduced.
The safety and the high efficiency of quantum communication are very high, the safety quantum communication never leaks secret, which is embodied in that the secret key of quantum encryption is random, and even if the secret key is intercepted by a stealer, the correct secret key cannot be obtained, so that the information cannot be cracked; and secondly, 2 particles in entangled states are respectively arranged in hands of two communication parties, the quantum state of one particle is changed, the quantum state of the other particle is changed immediately, and any macroscopic observation and interference can immediately change the quantum state according to quantum theory to cause collapse of the particles, so that information obtained by a thief due to interference is damaged and is not original information. The BB84 protocol is a general quantum key distribution protocol, and fundamentally ensures the security of keys.
Therefore, a method, a system, a terminal and a storage medium for fast data integrity authentication based on quantum secure communication are needed to achieve the purpose of reducing the risk of data integrity verification cracking by a hash function and the risk of data tampering during data transmission.
Disclosure of Invention
Aiming at the defects of the prior art, the application provides a method, a system, a terminal and a storage medium for quickly authenticating the data integrity based on quantum secret communication, so as to solve the problems that the hash function is easy to crack when being used for verifying the data integrity, the data is easy to be distorted in the data transmission process and the like in the prior art.
In order to solve the above technical problem, in a first aspect, the present application provides a method for quickly authenticating data integrity based on quantum secure communication, including:
the data sending end and the data receiving end acquire a quantum shared key;
generating a first hash value by carrying out hash operation on the plaintext data of the data sending end and the shared secret key, and sending the plaintext data and the first hash value to the data receiving end;
generating a second hash value by carrying out hash operation on the received plaintext data and the shared secret key;
comparing the first hash value to the second hash value verifies data integrity.
Optionally, the acquiring, by the data sending end and the data receiving end, the quantum shared key includes:
the data sending end and the data receiving end respectively generate and acquire the quantum shared key through a quantum key distribution protocol.
Optionally, the acquiring, by the data sending end and the data receiving end, the quantum shared key includes:
the data sending end generates a quantum shared key through a quantum key distribution protocol;
and the data sending end sends the quantum shared key to the data receiving end through the secret channel.
Optionally, the generating a first hash value by performing hash operation on the plaintext data at the data sending end and the shared key, and sending the plaintext data and the first hash value to the data receiving end includes:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
and sending the ciphertext data and the first hash value to a receiving end.
More optionally, the generating a first hash value by performing hash operation on the plaintext data at the data sending end and the shared key, and sending the plaintext data and the first hash value to the data receiving end includes:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
encrypting the first hash value through the shared key to generate a first encrypted hash value;
and sending the ciphertext data and the first encrypted hash value to a receiving end.
Correspondingly, optionally, the generating a second hash value by performing a hash operation on the received plaintext data and the shared key includes:
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
More optionally, the generating a second hash value by performing a hash operation on the received plaintext data and the shared key includes:
decrypting the received first encrypted hash value through a shared key to generate a first hash value;
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
Optionally, the comparing the first hash value with the second hash value to verify data integrity includes:
comparing the first hash value with the second hash value, and judging whether the first hash value is the same as the second hash value;
if yes, the authentication is passed, and if not, the received data is discarded.
In a second aspect, the present application further provides a system for fast authentication of data integrity based on quantum secure communication, including:
the acquisition unit is configured for the data sending end and the data receiving end to acquire the quantum shared key;
the first generation unit is used for generating a first hash value by carrying out hash operation on the plaintext data of the data sending end and the shared secret key and sending the plaintext data and the first hash value to the data receiving end;
the second generation unit is used for generating a second hash value by carrying out hash operation on the received plaintext data and the shared key;
a verification unit configured to compare the first hash value with the second hash value to verify data integrity.
Optionally, the obtaining unit is specifically configured to:
the data sending end and the data receiving end respectively generate and acquire the quantum shared key through a quantum key distribution protocol.
Optionally, the obtaining unit is specifically configured to:
the data sending end generates a quantum shared key through a quantum key distribution protocol;
and the data sending end sends the quantum shared key to the data receiving end through the secret channel.
Optionally, the first generating unit is specifically configured to:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
and sending the ciphertext data and the first hash value to a receiving end.
Optionally, the first generating unit is further specifically configured to:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
encrypting the first hash value through the shared key to generate a first encrypted hash value;
and sending the ciphertext data and the first encrypted hash value to a receiving end.
Correspondingly, optionally, the second generating unit is specifically configured to:
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
Optionally, the second generating unit is further specifically configured to:
decrypting the received first encrypted hash value through a shared key to generate a first hash value;
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
Optionally, the verification unit is specifically configured to:
comparing the first hash value with the second hash value, and judging whether the first hash value is the same as the second hash value;
if yes, the authentication is passed, and if not, the received data is discarded.
In a third aspect, the present application provides a terminal, comprising:
a processor, a memory, wherein,
the memory is used for storing a computer program which,
the processor is used for calling and running the computer program from the memory so as to make the terminal execute the method of the terminal.
In a fourth aspect, the present application provides a computer storage medium having instructions stored thereon, which when executed on a computer, cause the computer to perform the method of the above aspects.
Compared with the prior art, the method has the following beneficial effects:
the quantum key replaces the traditional key to carry out Hash operation for data integrity verification, so that the risk of cracking of the Hash function during data integrity verification can be reduced, the authenticity and the integrity of data are ensured due to the fact that two communication ends need to be authenticated during data communication, the fast authentication is needed during large-scale communication, and the Hash operation is carried out by adopting the quantum key, so that the data integrity and the authenticity verification can be fast realized; in addition, based on the randomness, the safety and the high efficiency of the quantum key, the transmitted plaintext data is encrypted by the shared key to be transmitted in the data transmission process, and the risks of tampering and obtaining in the data transmission process can be greatly reduced.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a flowchart of a method for fast authentication of data integrity based on quantum secure communication according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a fast data integrity authentication method based on quantum secure communication according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of a fast data integrity authentication system based on quantum secure communication according to another embodiment of the present application;
fig. 4 is a schematic structural diagram of a terminal system according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Referring to fig. 1, fig. 1 is a flowchart of a method for fast authentication of data integrity based on quantum secure communication according to an embodiment of the present application, where the method 100 includes:
s101: the data sending end and the data receiving end acquire a quantum shared key;
s102: generating a first hash value by carrying out hash operation on the plaintext data of the data sending end and the shared secret key, and sending the plaintext data and the first hash value to the data receiving end;
s103: generating a second hash value by carrying out hash operation on the received plaintext data and the shared secret key;
s104: comparing the first hash value to the second hash value verifies data integrity.
It should be noted that the security and the high efficiency of the quantum communication are very high, and one of the security of the quantum communication is embodied in that the secret key of the quantum encryption is random, and even if intercepted by a stealer, the correct secret key cannot be obtained, so that the information cannot be cracked; and secondly, 2 particles in entangled states are respectively arranged in hands of two communication parties, the quantum state of one particle is changed, the quantum state of the other particle is changed immediately, and any macroscopic observation and interference can immediately change the quantum state according to quantum theory to cause collapse of the particles, so that information obtained by a thief due to interference is damaged and is not original information. Therefore, the quantum key replaces the traditional key to carry out hash operation for data integrity verification, and the risk of cracking of the hash function during data integrity verification can be reduced.
Specifically, as shown in fig. 2, fig. 2 is a schematic structural diagram of a data integrity fast authentication method based on quantum secure communication according to an embodiment of the present application, and the specific process is as follows:
the data sending end and the data receiving end obtain the shared key N which is only known by both parties through quantum communication equipment (BB84 protocol), the data sending end and the data receiving end obtain the shared key N through the quantum communication equipment, or the data sending end obtains the shared key N through the quantum communication equipment and sends the obtained shared key N to the data receiving end through a secret channel.
The data sending end generates a first message digest h1 by using a hash algorithm on the plaintext data m1 to be transmitted and the shared key N, and sends the plaintext data m1 and the first message digest h1 to the data receiving end through a transmission channel.
The data receiving end adopts the same hash algorithm to generate a second message digest h2 according to the received plaintext data m1 and the shared key N, and meanwhile, the authentication process is realized by comparing whether the values of the first message digest h1 and the second message digest h2 are the same or not.
If the values of the first message digest h1 and the second message digest h2 are the same, the received plaintext data is sent by the sending end, and the authentication is passed; if not, the received plaintext data is falsified and discarded.
Because the two communication ends need to be authenticated during data communication so as to ensure the authenticity and integrity of data, and quick authentication is needed during large-scale communication, the method can quickly realize the verification of the integrity and the authenticity of the data.
Based on the foregoing embodiment, as an optional embodiment, the hash operation includes: MD5, SHA, SM, etc.
Based on the foregoing embodiment, as an optional embodiment, the S101 obtaining the quantum shared key by the data sending end and the data receiving end includes:
the data sending end and the data receiving end respectively generate and acquire the quantum shared key through a quantum key distribution protocol.
Based on the foregoing embodiment, as an optional embodiment, the S101 obtaining the quantum shared key by the data sending end and the data receiving end includes:
the data sending end generates a quantum shared key through a quantum key distribution protocol;
and the data sending end sends the quantum shared key to the data receiving end through the secret channel.
Based on the foregoing embodiment, as an optional embodiment, the S102 generates a first hash value by performing a hash operation on the plaintext data at the data sending end and the shared key, and sends the plaintext data and the first hash value to the data receiving end, including:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
and sending the ciphertext data and the first hash value to a receiving end.
Specifically, based on the randomness, security and high efficiency of the quantum key, the shared key is only stored at the data sending end and the data transmission end, and is difficult to obtain by an intruder. Therefore, the transmitted plaintext data is encrypted by the shared key to be transmitted in the data transmission process, and the risks of tampering and obtaining in the data transmission process can be greatly reduced.
Based on the foregoing embodiment, as an optional embodiment, the S102 generates a first hash value by performing a hash operation on the plaintext data at the data sending end and the shared key, and sends the plaintext data and the first hash value to the data receiving end, including:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
encrypting the first hash value through the shared key to generate a first encrypted hash value;
and sending the ciphertext data and the first encrypted hash value to a receiving end.
Specifically, the hash algorithm and the quantum key are used for data integrity verification, and the randomness and the high security of the quantum key are used for hash value encryption transmission, so that the risk of cracking of the hash function during data integrity verification can be reduced. And the data sending end sends the ciphertext data and the encrypted hash value to the data receiving end through a transmission channel respectively. After the data receiving end obtains the data, the ciphertext data and the encrypted hash value are decrypted through the shared secret key to obtain plaintext data and a hash value, and the data receiving end compares the hash value obtained by performing hash operation on the received plaintext data and the shared secret key with the received hash value to judge whether the file is tampered.
Based on the foregoing embodiment, as an optional embodiment, the step S103 of generating a second hash value by hashing the received plaintext data and the shared key includes:
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
Based on the foregoing embodiment, as an optional embodiment, the step S103 of generating a second hash value by hashing the received plaintext data and the shared key includes:
decrypting the received first encrypted hash value through a shared key to generate a first hash value;
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
Based on the foregoing embodiment, as an optional embodiment, the step S104 of comparing the first hash value with the second hash value to verify data integrity includes:
comparing the first hash value with the second hash value, and judging whether the first hash value is the same as the second hash value;
if yes, the authentication is passed, and if not, the received data is discarded.
Referring to fig. 3, fig. 3 is a schematic structural diagram of a fast data integrity authentication system based on quantum secure communication according to an embodiment of the present application, where the system 300 includes:
an obtaining unit 301 configured to obtain a quantum shared key by a data sending end and a data receiving end;
a first generating unit 302, configured to generate a first hash value by performing hash operation on plaintext data at a data sending end and a shared key, and send the plaintext data and the first hash value to a data receiving end;
a second generating unit 303 that generates a second hash value by performing a hash operation on the received plaintext data and the shared key;
a verification unit 304 configured to compare the first hash value with the second hash value to verify data integrity.
Based on the foregoing embodiment, as an optional embodiment, the obtaining unit 301 is specifically configured to:
the data sending end and the data receiving end respectively generate and acquire the quantum shared key through a quantum key distribution protocol.
Based on the foregoing embodiment, as an optional embodiment, the obtaining unit 301 is specifically configured to:
the data sending end generates a quantum shared key through a quantum key distribution protocol;
and the data sending end sends the quantum shared key to the data receiving end through the secret channel.
Based on the foregoing embodiment, as an optional embodiment, the first generating unit 302 is specifically configured to:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
and sending the ciphertext data and the first hash value to a receiving end.
Based on the foregoing embodiment, as an optional embodiment, the first generating unit 302 is further specifically configured to:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
encrypting the first hash value through the shared key to generate a first encrypted hash value;
and sending the ciphertext data and the first encrypted hash value to a receiving end.
Based on the foregoing embodiment, as an optional embodiment, the second generating unit 303 is specifically configured to:
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
Based on the foregoing embodiment, as an optional embodiment, the second generating unit 303 is further specifically configured to:
decrypting the received first encrypted hash value through a shared key to generate a first hash value;
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
Based on the foregoing embodiment, as an optional embodiment, the verification unit 304 is specifically configured to:
comparing the first hash value with the second hash value, and judging whether the first hash value is the same as the second hash value;
if yes, the authentication is passed, and if not, the received data is discarded.
Referring to fig. 4, fig. 4 is a schematic structural diagram of a terminal system 400 according to an embodiment of the present disclosure, where the terminal system 400 can be used to execute the software multi-language display and input synchronization switching method according to the embodiment of the present disclosure.
The terminal system 400 may include: a processor 401, a memory 402, and a communication unit 403. The components communicate via one or more buses, and those skilled in the art will appreciate that the architecture of the servers shown in the figures is not intended to be limiting, and may be a bus architecture, a star architecture, a combination of more or less components than those shown, or a different arrangement of components.
The memory 402 may be used for storing instructions executed by the processor 401, and the memory 402 may be implemented by any type of volatile or non-volatile storage terminal or combination thereof, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic disk or optical disk. The execution instructions in the memory 402, when executed by the processor 401, enable the terminal system 400 to perform some or all of the steps in the method embodiments described below.
The processor 401 is a control center of the storage terminal, connects various parts of the entire electronic terminal using various interfaces and lines, and performs various functions of the electronic terminal and/or processes data by operating or executing software programs and/or modules stored in the memory 402 and calling data stored in the memory. The processor may be composed of an Integrated Circuit (IC), for example, a single packaged IC, or a plurality of packaged ICs connected with the same or different functions. For example, the processor 401 may only include a Central Processing Unit (CPU). In the embodiment of the present invention, the CPU may be a single operation core, or may include multiple operation cores.
A communication unit 403, configured to establish a communication channel so that the storage terminal can communicate with other terminals. And receiving user data sent by other terminals or sending the user data to other terminals.
The present application also provides a computer storage medium, wherein the computer storage medium may store a program, and the program may include some or all of the steps in the embodiments provided by the present invention when executed. The storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM) or a Random Access Memory (RAM).
The quantum key replaces the traditional key to carry out Hash operation for data integrity verification, so that the risk of cracking of the Hash function during data integrity verification can be reduced, the authenticity and the integrity of data are ensured due to the fact that two communication ends need to be authenticated during data communication, the fast authentication is needed during large-scale communication, and the Hash operation is carried out by adopting the quantum key, so that the data integrity and the authenticity verification can be fast realized; in addition, based on the randomness, the safety and the high efficiency of the quantum key, the transmitted plaintext data is encrypted by the shared key to be transmitted in the data transmission process, and the risks of tampering and obtaining in the data transmission process can be greatly reduced.
The embodiments are described in a progressive manner in the specification, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. For the system provided by the embodiment, the description is relatively simple because the system corresponds to the method provided by the embodiment, and the relevant points can be referred to the method part for description.
The principles and embodiments of the present application are explained herein using specific examples, which are provided only to help understand the method and the core idea of the present application. It should be noted that, for those skilled in the art, it is possible to make several improvements and modifications to the present application without departing from the principle of the present application, and such improvements and modifications also fall within the scope of the claims of the present application.
It is further noted that, in the present specification, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.

Claims (10)

1. A data integrity rapid authentication method based on quantum secure communication is characterized by comprising the following steps:
the data sending end and the data receiving end acquire a quantum shared key;
generating a first hash value by carrying out hash operation on the plaintext data of the data sending end and the shared secret key, and sending the plaintext data and the first hash value to the data receiving end;
generating a second hash value by carrying out hash operation on the received plaintext data and the shared secret key;
comparing the first hash value to the second hash value verifies data integrity.
2. The quantum secure communication-based data integrity fast authentication method as claimed in claim 1, wherein the data sending end and the data receiving end obtain the quantum shared key, comprising:
the data sending end and the data receiving end respectively generate and acquire the quantum shared key through a quantum key distribution protocol.
3. The quantum secure communication-based data integrity fast authentication method as claimed in claim 1, wherein the data sending end and the data receiving end obtain the quantum shared key, comprising:
the data sending end generates a quantum shared key through a quantum key distribution protocol;
and the data sending end sends the quantum shared key to the data receiving end through the secret channel.
4. The quantum secure communication-based data integrity rapid authentication method as claimed in claim 1, wherein the hash operation is performed on the plaintext data at the data sending end and the shared key to generate a first hash value, and the plaintext data and the first hash value are sent to the data receiving end, and the method comprises:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
and sending the ciphertext data and the first hash value to a receiving end.
5. The quantum secure communication-based data integrity rapid authentication method as claimed in claim 4, wherein the hash operation is performed on the plaintext data at the data sending end and the shared key to generate a first hash value, and the plaintext data and the first hash value are sent to the data receiving end, and the method comprises:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
encrypting the first hash value through the shared key to generate a first encrypted hash value;
and sending the ciphertext data and the first encrypted hash value to a receiving end.
6. The quantum secure communication-based data integrity fast authentication method as claimed in claim 1, wherein the hash operation of the received plaintext data and the shared secret key to generate the second hash value comprises:
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
7. The quantum secure communication-based data integrity fast authentication method as claimed in claim 6, wherein the hash operation of the received plaintext data and the shared secret key to generate the second hash value comprises:
decrypting the received first encrypted hash value through a shared key to generate a first hash value;
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
8. A fast authentication system of data integrity based on quantum secure communication is characterized by comprising:
the acquisition unit is configured for the data sending end and the data receiving end to acquire the quantum shared key;
the first generation unit is used for generating a first hash value by carrying out hash operation on the plaintext data of the data sending end and the shared secret key and sending the plaintext data and the first hash value to the data receiving end;
the second generation unit is used for generating a second hash value by carrying out hash operation on the received plaintext data and the shared key;
a verification unit configured to compare the first hash value with the second hash value to verify data integrity.
9. A terminal, comprising:
a processor;
a memory for storing instructions for execution by the processor;
wherein the processor is configured to perform the method of any one of claims 1-7.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1-7.
CN202010403467.6A 2020-05-13 2020-05-13 Quantum secret communication-based data integrity rapid authentication method, system, terminal and storage medium Pending CN111726224A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010403467.6A CN111726224A (en) 2020-05-13 2020-05-13 Quantum secret communication-based data integrity rapid authentication method, system, terminal and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010403467.6A CN111726224A (en) 2020-05-13 2020-05-13 Quantum secret communication-based data integrity rapid authentication method, system, terminal and storage medium

Publications (1)

Publication Number Publication Date
CN111726224A true CN111726224A (en) 2020-09-29

Family

ID=72566020

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010403467.6A Pending CN111726224A (en) 2020-05-13 2020-05-13 Quantum secret communication-based data integrity rapid authentication method, system, terminal and storage medium

Country Status (1)

Country Link
CN (1) CN111726224A (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112383393A (en) * 2020-11-14 2021-02-19 重庆邮电大学 Trusted communication system and method of software defined sensor network
CN112584355A (en) * 2020-12-13 2021-03-30 北京明朝万达科技股份有限公司 Key cooperation method, system and medium for inter-vehicle communication
CN113114471A (en) * 2021-03-01 2021-07-13 北京信息科技大学 Message hash chain construction method and device
CN113297608A (en) * 2021-07-27 2021-08-24 北京理工大学 Identity anonymous searchable encryption method, device and equipment based on commercial password
CN114039720A (en) * 2021-11-17 2022-02-11 南京大学 Unconditional safety authentication encryption method based on LFSR hash
CN114499857A (en) * 2022-03-03 2022-05-13 矩阵时光数字科技有限公司 Method for realizing data correctness and consistency in big data quantum encryption and decryption
CN114500150A (en) * 2022-01-11 2022-05-13 上海三一重机股份有限公司 Communication method and device based on CAN bus and operation machine
CN114491610A (en) * 2022-04-01 2022-05-13 国网浙江省电力有限公司 Intelligent shared financial platform and system based on Hash encryption algorithm and quantum key
CN114640443A (en) * 2022-03-17 2022-06-17 浙江广厦建设职业技术大学 Online engineering quotation safety interaction method and system, electronic equipment and storage medium
CN114666381A (en) * 2022-03-11 2022-06-24 浙江国盾量子电力科技有限公司 Transformer substation inspection robot safety communication system and method based on Lagrange interpolation
CN116702177A (en) * 2023-06-21 2023-09-05 南京风荧网络科技有限公司 System and method for safely transmitting big data of computer
CN117527351A (en) * 2023-11-08 2024-02-06 青海师范大学 Data integrity verification method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070150735A1 (en) * 2003-10-16 2007-06-28 Yuichi Futa Encrypted communication system and communication device
CN108737323A (en) * 2017-04-13 2018-11-02 山东量子科学技术研究院有限公司 A kind of digital signature method, apparatus and system
CN109104271A (en) * 2017-06-20 2018-12-28 山东量子科学技术研究院有限公司 A kind of methods, devices and systems of digital signature
CN109274480A (en) * 2017-07-17 2019-01-25 科大国盾量子技术股份有限公司 Data authentication method and quantum key distribution system based on HMAC-SM3 algorithm
CN109510818A (en) * 2018-10-29 2019-03-22 梁伟 Data transmission system, method, apparatus, equipment and the storage medium of block chain

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070150735A1 (en) * 2003-10-16 2007-06-28 Yuichi Futa Encrypted communication system and communication device
CN108737323A (en) * 2017-04-13 2018-11-02 山东量子科学技术研究院有限公司 A kind of digital signature method, apparatus and system
CN109104271A (en) * 2017-06-20 2018-12-28 山东量子科学技术研究院有限公司 A kind of methods, devices and systems of digital signature
CN109274480A (en) * 2017-07-17 2019-01-25 科大国盾量子技术股份有限公司 Data authentication method and quantum key distribution system based on HMAC-SM3 algorithm
CN109510818A (en) * 2018-10-29 2019-03-22 梁伟 Data transmission system, method, apparatus, equipment and the storage medium of block chain

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112383393A (en) * 2020-11-14 2021-02-19 重庆邮电大学 Trusted communication system and method of software defined sensor network
CN112383393B (en) * 2020-11-14 2023-01-31 重庆邮电大学 Trusted communication system and method for software defined sensor network
CN112584355A (en) * 2020-12-13 2021-03-30 北京明朝万达科技股份有限公司 Key cooperation method, system and medium for inter-vehicle communication
CN113114471A (en) * 2021-03-01 2021-07-13 北京信息科技大学 Message hash chain construction method and device
CN113297608A (en) * 2021-07-27 2021-08-24 北京理工大学 Identity anonymous searchable encryption method, device and equipment based on commercial password
CN113297608B (en) * 2021-07-27 2021-11-02 北京理工大学 Identity anonymous searchable encryption method, device and equipment based on commercial password
CN114039720A (en) * 2021-11-17 2022-02-11 南京大学 Unconditional safety authentication encryption method based on LFSR hash
CN114039720B (en) * 2021-11-17 2024-04-19 南京大学 Unconditional security authentication encryption method based on LFSR hash
CN114500150A (en) * 2022-01-11 2022-05-13 上海三一重机股份有限公司 Communication method and device based on CAN bus and operation machine
CN114499857A (en) * 2022-03-03 2022-05-13 矩阵时光数字科技有限公司 Method for realizing data correctness and consistency in big data quantum encryption and decryption
CN114499857B (en) * 2022-03-03 2023-09-01 矩阵时光数字科技有限公司 Method for realizing data correctness and consistency in encryption and decryption of large data quanta
CN114666381A (en) * 2022-03-11 2022-06-24 浙江国盾量子电力科技有限公司 Transformer substation inspection robot safety communication system and method based on Lagrange interpolation
CN114640443B (en) * 2022-03-17 2023-05-09 浙江广厦建设职业技术大学 Online engineering quotation safety interaction method and system
CN114640443A (en) * 2022-03-17 2022-06-17 浙江广厦建设职业技术大学 Online engineering quotation safety interaction method and system, electronic equipment and storage medium
CN114491610A (en) * 2022-04-01 2022-05-13 国网浙江省电力有限公司 Intelligent shared financial platform and system based on Hash encryption algorithm and quantum key
CN116702177A (en) * 2023-06-21 2023-09-05 南京风荧网络科技有限公司 System and method for safely transmitting big data of computer
CN116702177B (en) * 2023-06-21 2024-02-20 王芹生 System and method for safely transmitting big data of computer
CN117527351A (en) * 2023-11-08 2024-02-06 青海师范大学 Data integrity verification method and device

Similar Documents

Publication Publication Date Title
CN111726224A (en) Quantum secret communication-based data integrity rapid authentication method, system, terminal and storage medium
CN109347835B (en) Information transmission method, client, server, and computer-readable storage medium
CN110519309B (en) Data transmission method, device, terminal, server and storage medium
CN108512846B (en) Bidirectional authentication method and device between terminal and server
JP4638912B2 (en) Method for transmitting a direct proof private key in a signed group to a device using a distribution CD
CN107743067B (en) Method, system, terminal and storage medium for issuing digital certificate
CN113268715A (en) Software encryption method, device, equipment and storage medium
CN108322416B (en) Security authentication implementation method, device and system
CN108199847B (en) Digital security processing method, computer device, and storage medium
CN108769029B (en) Authentication device, method and system for application system
CN112055019B (en) Method for establishing communication channel and user terminal
CN109690543B (en) Security authentication method, integrated circuit and system
CN108496323B (en) Certificate importing method and terminal
CN110069241B (en) Pseudo-random number acquisition method and device, client device and server
CN111159656A (en) Method, device, equipment and storage medium for preventing software from being used without authorization
CN113872770A (en) Security verification method, system, electronic device and storage medium
CN106850232B (en) The authorization management method and system that state is kept
CN110069415B (en) Software integrity checking and software testing method used in software testing process
CN107548542B (en) User authentication method with enhanced integrity and security
CN111510442A (en) User verification method and device, electronic equipment and storage medium
CN109657170B (en) Webpage loading method and device, computer equipment and storage medium
CN111338841A (en) Data processing method, device, equipment and storage medium
CN109474431A (en) Client certificate method and computer readable storage medium
CN114553557B (en) Key calling method, device, computer equipment and storage medium
CN115766192A (en) UKEY-based offline security authentication method, device, equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200929