CN111726224A - Quantum secret communication-based data integrity rapid authentication method, system, terminal and storage medium - Google Patents
Quantum secret communication-based data integrity rapid authentication method, system, terminal and storage medium Download PDFInfo
- Publication number
- CN111726224A CN111726224A CN202010403467.6A CN202010403467A CN111726224A CN 111726224 A CN111726224 A CN 111726224A CN 202010403467 A CN202010403467 A CN 202010403467A CN 111726224 A CN111726224 A CN 111726224A
- Authority
- CN
- China
- Prior art keywords
- data
- hash value
- quantum
- shared key
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004891 communication Methods 0.000 title claims abstract description 47
- 238000000034 method Methods 0.000 title claims abstract description 42
- 238000012795 verification Methods 0.000 claims abstract description 10
- 238000004590 computer program Methods 0.000 claims description 3
- 238000013496 data integrity verification Methods 0.000 abstract description 12
- 230000005540 biological transmission Effects 0.000 description 13
- 230000006870 function Effects 0.000 description 8
- 239000002245 particle Substances 0.000 description 8
- 238000010586 diagram Methods 0.000 description 6
- 230000008569 process Effects 0.000 description 6
- 238000005336 cracking Methods 0.000 description 5
- 230000009471 action Effects 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000002427 irreversible effect Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The application provides a data integrity rapid authentication method, a system, a terminal and a storage medium based on quantum secret communication, wherein the method comprises the following steps: the data sending end and the data receiving end acquire a quantum shared key; generating a first hash value by carrying out hash operation on the plaintext data of the data sending end and the shared secret key, and sending the plaintext data and the first hash value to the data receiving end; generating a second hash value by carrying out hash operation on the received plaintext data and the shared secret key; comparing the first hash value with the second hash value to verify data integrity; this application carries out the hash operation through replacing traditional key with the quantum key and carries out data integrity verification, can reduce the risk that is cracked when hash function carries out data integrity verification, because the communication both ends need carry out authentication in order to ensure authenticity, the integrality of data when data communication, need quick authentication when extensive communication, adopt the quantum key to carry out hash operation and can realize data integrity, authenticity verification fast.
Description
Technical Field
The application relates to the technical field of quantum communication, in particular to a method, a system, a terminal and a storage medium for fast authentication of data integrity based on quantum secret communication.
Background
In an information security system, the privacy and integrity of encrypted data are two important aspects. The key of the privacy security of the encrypted data is the secret storage and the secret sharing, and the integrity of the encrypted data is to reduce the risk of data tampering by providing a data hash value for verification. In the existing data integrity check, a hash algorithm and a key are generally used for carrying out hash operation on data to obtain a data hash value, the hash value and the data are sent to an opposite side in a block, after the opposite side receives the data, the same hash algorithm and the same key are used for carrying out hash operation on the data to obtain the hash value, and if the obtained hash value is the same as that sent by the opposite side, the data is not tampered.
The hash is an irreversible mapping, and a hash value can be calculated by a hash algorithm, but the original data cannot be obtained by reflection of the hash value. When the data integrity is verified through the hash value, the security of the secret key is low, the risk of being acquired and leaked in the transmission process is high, and the accuracy of the data integrity verification through the hash value is greatly reduced.
The safety and the high efficiency of quantum communication are very high, the safety quantum communication never leaks secret, which is embodied in that the secret key of quantum encryption is random, and even if the secret key is intercepted by a stealer, the correct secret key cannot be obtained, so that the information cannot be cracked; and secondly, 2 particles in entangled states are respectively arranged in hands of two communication parties, the quantum state of one particle is changed, the quantum state of the other particle is changed immediately, and any macroscopic observation and interference can immediately change the quantum state according to quantum theory to cause collapse of the particles, so that information obtained by a thief due to interference is damaged and is not original information. The BB84 protocol is a general quantum key distribution protocol, and fundamentally ensures the security of keys.
Therefore, a method, a system, a terminal and a storage medium for fast data integrity authentication based on quantum secure communication are needed to achieve the purpose of reducing the risk of data integrity verification cracking by a hash function and the risk of data tampering during data transmission.
Disclosure of Invention
Aiming at the defects of the prior art, the application provides a method, a system, a terminal and a storage medium for quickly authenticating the data integrity based on quantum secret communication, so as to solve the problems that the hash function is easy to crack when being used for verifying the data integrity, the data is easy to be distorted in the data transmission process and the like in the prior art.
In order to solve the above technical problem, in a first aspect, the present application provides a method for quickly authenticating data integrity based on quantum secure communication, including:
the data sending end and the data receiving end acquire a quantum shared key;
generating a first hash value by carrying out hash operation on the plaintext data of the data sending end and the shared secret key, and sending the plaintext data and the first hash value to the data receiving end;
generating a second hash value by carrying out hash operation on the received plaintext data and the shared secret key;
comparing the first hash value to the second hash value verifies data integrity.
Optionally, the acquiring, by the data sending end and the data receiving end, the quantum shared key includes:
the data sending end and the data receiving end respectively generate and acquire the quantum shared key through a quantum key distribution protocol.
Optionally, the acquiring, by the data sending end and the data receiving end, the quantum shared key includes:
the data sending end generates a quantum shared key through a quantum key distribution protocol;
and the data sending end sends the quantum shared key to the data receiving end through the secret channel.
Optionally, the generating a first hash value by performing hash operation on the plaintext data at the data sending end and the shared key, and sending the plaintext data and the first hash value to the data receiving end includes:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
and sending the ciphertext data and the first hash value to a receiving end.
More optionally, the generating a first hash value by performing hash operation on the plaintext data at the data sending end and the shared key, and sending the plaintext data and the first hash value to the data receiving end includes:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
encrypting the first hash value through the shared key to generate a first encrypted hash value;
and sending the ciphertext data and the first encrypted hash value to a receiving end.
Correspondingly, optionally, the generating a second hash value by performing a hash operation on the received plaintext data and the shared key includes:
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
More optionally, the generating a second hash value by performing a hash operation on the received plaintext data and the shared key includes:
decrypting the received first encrypted hash value through a shared key to generate a first hash value;
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
Optionally, the comparing the first hash value with the second hash value to verify data integrity includes:
comparing the first hash value with the second hash value, and judging whether the first hash value is the same as the second hash value;
if yes, the authentication is passed, and if not, the received data is discarded.
In a second aspect, the present application further provides a system for fast authentication of data integrity based on quantum secure communication, including:
the acquisition unit is configured for the data sending end and the data receiving end to acquire the quantum shared key;
the first generation unit is used for generating a first hash value by carrying out hash operation on the plaintext data of the data sending end and the shared secret key and sending the plaintext data and the first hash value to the data receiving end;
the second generation unit is used for generating a second hash value by carrying out hash operation on the received plaintext data and the shared key;
a verification unit configured to compare the first hash value with the second hash value to verify data integrity.
Optionally, the obtaining unit is specifically configured to:
the data sending end and the data receiving end respectively generate and acquire the quantum shared key through a quantum key distribution protocol.
Optionally, the obtaining unit is specifically configured to:
the data sending end generates a quantum shared key through a quantum key distribution protocol;
and the data sending end sends the quantum shared key to the data receiving end through the secret channel.
Optionally, the first generating unit is specifically configured to:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
and sending the ciphertext data and the first hash value to a receiving end.
Optionally, the first generating unit is further specifically configured to:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
encrypting the first hash value through the shared key to generate a first encrypted hash value;
and sending the ciphertext data and the first encrypted hash value to a receiving end.
Correspondingly, optionally, the second generating unit is specifically configured to:
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
Optionally, the second generating unit is further specifically configured to:
decrypting the received first encrypted hash value through a shared key to generate a first hash value;
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
Optionally, the verification unit is specifically configured to:
comparing the first hash value with the second hash value, and judging whether the first hash value is the same as the second hash value;
if yes, the authentication is passed, and if not, the received data is discarded.
In a third aspect, the present application provides a terminal, comprising:
a processor, a memory, wherein,
the memory is used for storing a computer program which,
the processor is used for calling and running the computer program from the memory so as to make the terminal execute the method of the terminal.
In a fourth aspect, the present application provides a computer storage medium having instructions stored thereon, which when executed on a computer, cause the computer to perform the method of the above aspects.
Compared with the prior art, the method has the following beneficial effects:
the quantum key replaces the traditional key to carry out Hash operation for data integrity verification, so that the risk of cracking of the Hash function during data integrity verification can be reduced, the authenticity and the integrity of data are ensured due to the fact that two communication ends need to be authenticated during data communication, the fast authentication is needed during large-scale communication, and the Hash operation is carried out by adopting the quantum key, so that the data integrity and the authenticity verification can be fast realized; in addition, based on the randomness, the safety and the high efficiency of the quantum key, the transmitted plaintext data is encrypted by the shared key to be transmitted in the data transmission process, and the risks of tampering and obtaining in the data transmission process can be greatly reduced.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a flowchart of a method for fast authentication of data integrity based on quantum secure communication according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a fast data integrity authentication method based on quantum secure communication according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of a fast data integrity authentication system based on quantum secure communication according to another embodiment of the present application;
fig. 4 is a schematic structural diagram of a terminal system according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Referring to fig. 1, fig. 1 is a flowchart of a method for fast authentication of data integrity based on quantum secure communication according to an embodiment of the present application, where the method 100 includes:
s101: the data sending end and the data receiving end acquire a quantum shared key;
s102: generating a first hash value by carrying out hash operation on the plaintext data of the data sending end and the shared secret key, and sending the plaintext data and the first hash value to the data receiving end;
s103: generating a second hash value by carrying out hash operation on the received plaintext data and the shared secret key;
s104: comparing the first hash value to the second hash value verifies data integrity.
It should be noted that the security and the high efficiency of the quantum communication are very high, and one of the security of the quantum communication is embodied in that the secret key of the quantum encryption is random, and even if intercepted by a stealer, the correct secret key cannot be obtained, so that the information cannot be cracked; and secondly, 2 particles in entangled states are respectively arranged in hands of two communication parties, the quantum state of one particle is changed, the quantum state of the other particle is changed immediately, and any macroscopic observation and interference can immediately change the quantum state according to quantum theory to cause collapse of the particles, so that information obtained by a thief due to interference is damaged and is not original information. Therefore, the quantum key replaces the traditional key to carry out hash operation for data integrity verification, and the risk of cracking of the hash function during data integrity verification can be reduced.
Specifically, as shown in fig. 2, fig. 2 is a schematic structural diagram of a data integrity fast authentication method based on quantum secure communication according to an embodiment of the present application, and the specific process is as follows:
the data sending end and the data receiving end obtain the shared key N which is only known by both parties through quantum communication equipment (BB84 protocol), the data sending end and the data receiving end obtain the shared key N through the quantum communication equipment, or the data sending end obtains the shared key N through the quantum communication equipment and sends the obtained shared key N to the data receiving end through a secret channel.
The data sending end generates a first message digest h1 by using a hash algorithm on the plaintext data m1 to be transmitted and the shared key N, and sends the plaintext data m1 and the first message digest h1 to the data receiving end through a transmission channel.
The data receiving end adopts the same hash algorithm to generate a second message digest h2 according to the received plaintext data m1 and the shared key N, and meanwhile, the authentication process is realized by comparing whether the values of the first message digest h1 and the second message digest h2 are the same or not.
If the values of the first message digest h1 and the second message digest h2 are the same, the received plaintext data is sent by the sending end, and the authentication is passed; if not, the received plaintext data is falsified and discarded.
Because the two communication ends need to be authenticated during data communication so as to ensure the authenticity and integrity of data, and quick authentication is needed during large-scale communication, the method can quickly realize the verification of the integrity and the authenticity of the data.
Based on the foregoing embodiment, as an optional embodiment, the hash operation includes: MD5, SHA, SM, etc.
Based on the foregoing embodiment, as an optional embodiment, the S101 obtaining the quantum shared key by the data sending end and the data receiving end includes:
the data sending end and the data receiving end respectively generate and acquire the quantum shared key through a quantum key distribution protocol.
Based on the foregoing embodiment, as an optional embodiment, the S101 obtaining the quantum shared key by the data sending end and the data receiving end includes:
the data sending end generates a quantum shared key through a quantum key distribution protocol;
and the data sending end sends the quantum shared key to the data receiving end through the secret channel.
Based on the foregoing embodiment, as an optional embodiment, the S102 generates a first hash value by performing a hash operation on the plaintext data at the data sending end and the shared key, and sends the plaintext data and the first hash value to the data receiving end, including:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
and sending the ciphertext data and the first hash value to a receiving end.
Specifically, based on the randomness, security and high efficiency of the quantum key, the shared key is only stored at the data sending end and the data transmission end, and is difficult to obtain by an intruder. Therefore, the transmitted plaintext data is encrypted by the shared key to be transmitted in the data transmission process, and the risks of tampering and obtaining in the data transmission process can be greatly reduced.
Based on the foregoing embodiment, as an optional embodiment, the S102 generates a first hash value by performing a hash operation on the plaintext data at the data sending end and the shared key, and sends the plaintext data and the first hash value to the data receiving end, including:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
encrypting the first hash value through the shared key to generate a first encrypted hash value;
and sending the ciphertext data and the first encrypted hash value to a receiving end.
Specifically, the hash algorithm and the quantum key are used for data integrity verification, and the randomness and the high security of the quantum key are used for hash value encryption transmission, so that the risk of cracking of the hash function during data integrity verification can be reduced. And the data sending end sends the ciphertext data and the encrypted hash value to the data receiving end through a transmission channel respectively. After the data receiving end obtains the data, the ciphertext data and the encrypted hash value are decrypted through the shared secret key to obtain plaintext data and a hash value, and the data receiving end compares the hash value obtained by performing hash operation on the received plaintext data and the shared secret key with the received hash value to judge whether the file is tampered.
Based on the foregoing embodiment, as an optional embodiment, the step S103 of generating a second hash value by hashing the received plaintext data and the shared key includes:
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
Based on the foregoing embodiment, as an optional embodiment, the step S103 of generating a second hash value by hashing the received plaintext data and the shared key includes:
decrypting the received first encrypted hash value through a shared key to generate a first hash value;
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
Based on the foregoing embodiment, as an optional embodiment, the step S104 of comparing the first hash value with the second hash value to verify data integrity includes:
comparing the first hash value with the second hash value, and judging whether the first hash value is the same as the second hash value;
if yes, the authentication is passed, and if not, the received data is discarded.
Referring to fig. 3, fig. 3 is a schematic structural diagram of a fast data integrity authentication system based on quantum secure communication according to an embodiment of the present application, where the system 300 includes:
an obtaining unit 301 configured to obtain a quantum shared key by a data sending end and a data receiving end;
a first generating unit 302, configured to generate a first hash value by performing hash operation on plaintext data at a data sending end and a shared key, and send the plaintext data and the first hash value to a data receiving end;
a second generating unit 303 that generates a second hash value by performing a hash operation on the received plaintext data and the shared key;
a verification unit 304 configured to compare the first hash value with the second hash value to verify data integrity.
Based on the foregoing embodiment, as an optional embodiment, the obtaining unit 301 is specifically configured to:
the data sending end and the data receiving end respectively generate and acquire the quantum shared key through a quantum key distribution protocol.
Based on the foregoing embodiment, as an optional embodiment, the obtaining unit 301 is specifically configured to:
the data sending end generates a quantum shared key through a quantum key distribution protocol;
and the data sending end sends the quantum shared key to the data receiving end through the secret channel.
Based on the foregoing embodiment, as an optional embodiment, the first generating unit 302 is specifically configured to:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
and sending the ciphertext data and the first hash value to a receiving end.
Based on the foregoing embodiment, as an optional embodiment, the first generating unit 302 is further specifically configured to:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
encrypting the first hash value through the shared key to generate a first encrypted hash value;
and sending the ciphertext data and the first encrypted hash value to a receiving end.
Based on the foregoing embodiment, as an optional embodiment, the second generating unit 303 is specifically configured to:
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
Based on the foregoing embodiment, as an optional embodiment, the second generating unit 303 is further specifically configured to:
decrypting the received first encrypted hash value through a shared key to generate a first hash value;
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
Based on the foregoing embodiment, as an optional embodiment, the verification unit 304 is specifically configured to:
comparing the first hash value with the second hash value, and judging whether the first hash value is the same as the second hash value;
if yes, the authentication is passed, and if not, the received data is discarded.
Referring to fig. 4, fig. 4 is a schematic structural diagram of a terminal system 400 according to an embodiment of the present disclosure, where the terminal system 400 can be used to execute the software multi-language display and input synchronization switching method according to the embodiment of the present disclosure.
The terminal system 400 may include: a processor 401, a memory 402, and a communication unit 403. The components communicate via one or more buses, and those skilled in the art will appreciate that the architecture of the servers shown in the figures is not intended to be limiting, and may be a bus architecture, a star architecture, a combination of more or less components than those shown, or a different arrangement of components.
The memory 402 may be used for storing instructions executed by the processor 401, and the memory 402 may be implemented by any type of volatile or non-volatile storage terminal or combination thereof, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic disk or optical disk. The execution instructions in the memory 402, when executed by the processor 401, enable the terminal system 400 to perform some or all of the steps in the method embodiments described below.
The processor 401 is a control center of the storage terminal, connects various parts of the entire electronic terminal using various interfaces and lines, and performs various functions of the electronic terminal and/or processes data by operating or executing software programs and/or modules stored in the memory 402 and calling data stored in the memory. The processor may be composed of an Integrated Circuit (IC), for example, a single packaged IC, or a plurality of packaged ICs connected with the same or different functions. For example, the processor 401 may only include a Central Processing Unit (CPU). In the embodiment of the present invention, the CPU may be a single operation core, or may include multiple operation cores.
A communication unit 403, configured to establish a communication channel so that the storage terminal can communicate with other terminals. And receiving user data sent by other terminals or sending the user data to other terminals.
The present application also provides a computer storage medium, wherein the computer storage medium may store a program, and the program may include some or all of the steps in the embodiments provided by the present invention when executed. The storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM) or a Random Access Memory (RAM).
The quantum key replaces the traditional key to carry out Hash operation for data integrity verification, so that the risk of cracking of the Hash function during data integrity verification can be reduced, the authenticity and the integrity of data are ensured due to the fact that two communication ends need to be authenticated during data communication, the fast authentication is needed during large-scale communication, and the Hash operation is carried out by adopting the quantum key, so that the data integrity and the authenticity verification can be fast realized; in addition, based on the randomness, the safety and the high efficiency of the quantum key, the transmitted plaintext data is encrypted by the shared key to be transmitted in the data transmission process, and the risks of tampering and obtaining in the data transmission process can be greatly reduced.
The embodiments are described in a progressive manner in the specification, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. For the system provided by the embodiment, the description is relatively simple because the system corresponds to the method provided by the embodiment, and the relevant points can be referred to the method part for description.
The principles and embodiments of the present application are explained herein using specific examples, which are provided only to help understand the method and the core idea of the present application. It should be noted that, for those skilled in the art, it is possible to make several improvements and modifications to the present application without departing from the principle of the present application, and such improvements and modifications also fall within the scope of the claims of the present application.
It is further noted that, in the present specification, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Claims (10)
1. A data integrity rapid authentication method based on quantum secure communication is characterized by comprising the following steps:
the data sending end and the data receiving end acquire a quantum shared key;
generating a first hash value by carrying out hash operation on the plaintext data of the data sending end and the shared secret key, and sending the plaintext data and the first hash value to the data receiving end;
generating a second hash value by carrying out hash operation on the received plaintext data and the shared secret key;
comparing the first hash value to the second hash value verifies data integrity.
2. The quantum secure communication-based data integrity fast authentication method as claimed in claim 1, wherein the data sending end and the data receiving end obtain the quantum shared key, comprising:
the data sending end and the data receiving end respectively generate and acquire the quantum shared key through a quantum key distribution protocol.
3. The quantum secure communication-based data integrity fast authentication method as claimed in claim 1, wherein the data sending end and the data receiving end obtain the quantum shared key, comprising:
the data sending end generates a quantum shared key through a quantum key distribution protocol;
and the data sending end sends the quantum shared key to the data receiving end through the secret channel.
4. The quantum secure communication-based data integrity rapid authentication method as claimed in claim 1, wherein the hash operation is performed on the plaintext data at the data sending end and the shared key to generate a first hash value, and the plaintext data and the first hash value are sent to the data receiving end, and the method comprises:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
and sending the ciphertext data and the first hash value to a receiving end.
5. The quantum secure communication-based data integrity rapid authentication method as claimed in claim 4, wherein the hash operation is performed on the plaintext data at the data sending end and the shared key to generate a first hash value, and the plaintext data and the first hash value are sent to the data receiving end, and the method comprises:
encrypting the plaintext data through a quantum shared key to generate ciphertext data;
generating a first hash value by performing hash operation on ciphertext data of a data sending end and a shared key;
encrypting the first hash value through the shared key to generate a first encrypted hash value;
and sending the ciphertext data and the first encrypted hash value to a receiving end.
6. The quantum secure communication-based data integrity fast authentication method as claimed in claim 1, wherein the hash operation of the received plaintext data and the shared secret key to generate the second hash value comprises:
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
7. The quantum secure communication-based data integrity fast authentication method as claimed in claim 6, wherein the hash operation of the received plaintext data and the shared secret key to generate the second hash value comprises:
decrypting the received first encrypted hash value through a shared key to generate a first hash value;
generating a second hash value by carrying out hash operation on the received ciphertext data and the shared key;
and decrypting the ciphertext data through a shared key to obtain plaintext data.
8. A fast authentication system of data integrity based on quantum secure communication is characterized by comprising:
the acquisition unit is configured for the data sending end and the data receiving end to acquire the quantum shared key;
the first generation unit is used for generating a first hash value by carrying out hash operation on the plaintext data of the data sending end and the shared secret key and sending the plaintext data and the first hash value to the data receiving end;
the second generation unit is used for generating a second hash value by carrying out hash operation on the received plaintext data and the shared key;
a verification unit configured to compare the first hash value with the second hash value to verify data integrity.
9. A terminal, comprising:
a processor;
a memory for storing instructions for execution by the processor;
wherein the processor is configured to perform the method of any one of claims 1-7.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010403467.6A CN111726224A (en) | 2020-05-13 | 2020-05-13 | Quantum secret communication-based data integrity rapid authentication method, system, terminal and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010403467.6A CN111726224A (en) | 2020-05-13 | 2020-05-13 | Quantum secret communication-based data integrity rapid authentication method, system, terminal and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111726224A true CN111726224A (en) | 2020-09-29 |
Family
ID=72566020
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010403467.6A Pending CN111726224A (en) | 2020-05-13 | 2020-05-13 | Quantum secret communication-based data integrity rapid authentication method, system, terminal and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111726224A (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112383393A (en) * | 2020-11-14 | 2021-02-19 | 重庆邮电大学 | Trusted communication system and method of software defined sensor network |
| CN112584355A (en) * | 2020-12-13 | 2021-03-30 | 北京明朝万达科技股份有限公司 | Key cooperation method, system and medium for inter-vehicle communication |
| CN113114471A (en) * | 2021-03-01 | 2021-07-13 | 北京信息科技大学 | Message hash chain construction method and device |
| CN113297608A (en) * | 2021-07-27 | 2021-08-24 | 北京理工大学 | Identity anonymous searchable encryption method, device and equipment based on commercial password |
| CN114039720A (en) * | 2021-11-17 | 2022-02-11 | 南京大学 | Unconditional safety authentication encryption method based on LFSR hash |
| CN114499857A (en) * | 2022-03-03 | 2022-05-13 | 矩阵时光数字科技有限公司 | Method for realizing data correctness and consistency in big data quantum encryption and decryption |
| CN114500150A (en) * | 2022-01-11 | 2022-05-13 | 上海三一重机股份有限公司 | Communication method and device based on CAN bus and operation machine |
| CN114491610A (en) * | 2022-04-01 | 2022-05-13 | 国网浙江省电力有限公司 | Intelligent shared financial platform and system based on Hash encryption algorithm and quantum key |
| CN114640443A (en) * | 2022-03-17 | 2022-06-17 | 浙江广厦建设职业技术大学 | Online engineering quotation safety interaction method and system, electronic equipment and storage medium |
| CN114666381A (en) * | 2022-03-11 | 2022-06-24 | 浙江国盾量子电力科技有限公司 | Transformer substation inspection robot safety communication system and method based on Lagrange interpolation |
| CN116702177A (en) * | 2023-06-21 | 2023-09-05 | 南京风荧网络科技有限公司 | System and method for safely transmitting big data of computer |
| CN117527351A (en) * | 2023-11-08 | 2024-02-06 | 青海师范大学 | Data integrity verification method and device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070150735A1 (en) * | 2003-10-16 | 2007-06-28 | Yuichi Futa | Encrypted communication system and communication device |
| CN108737323A (en) * | 2017-04-13 | 2018-11-02 | 山东量子科学技术研究院有限公司 | A kind of digital signature method, apparatus and system |
| CN109104271A (en) * | 2017-06-20 | 2018-12-28 | 山东量子科学技术研究院有限公司 | A kind of methods, devices and systems of digital signature |
| CN109274480A (en) * | 2017-07-17 | 2019-01-25 | 科大国盾量子技术股份有限公司 | Data authentication method and quantum key distribution system based on HMAC-SM3 algorithm |
| CN109510818A (en) * | 2018-10-29 | 2019-03-22 | 梁伟 | Data transmission system, method, apparatus, equipment and the storage medium of block chain |
-
2020
- 2020-05-13 CN CN202010403467.6A patent/CN111726224A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070150735A1 (en) * | 2003-10-16 | 2007-06-28 | Yuichi Futa | Encrypted communication system and communication device |
| CN108737323A (en) * | 2017-04-13 | 2018-11-02 | 山东量子科学技术研究院有限公司 | A kind of digital signature method, apparatus and system |
| CN109104271A (en) * | 2017-06-20 | 2018-12-28 | 山东量子科学技术研究院有限公司 | A kind of methods, devices and systems of digital signature |
| CN109274480A (en) * | 2017-07-17 | 2019-01-25 | 科大国盾量子技术股份有限公司 | Data authentication method and quantum key distribution system based on HMAC-SM3 algorithm |
| CN109510818A (en) * | 2018-10-29 | 2019-03-22 | 梁伟 | Data transmission system, method, apparatus, equipment and the storage medium of block chain |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112383393A (en) * | 2020-11-14 | 2021-02-19 | 重庆邮电大学 | Trusted communication system and method of software defined sensor network |
| CN112383393B (en) * | 2020-11-14 | 2023-01-31 | 重庆邮电大学 | Trusted communication system and method for software defined sensor network |
| CN112584355A (en) * | 2020-12-13 | 2021-03-30 | 北京明朝万达科技股份有限公司 | Key cooperation method, system and medium for inter-vehicle communication |
| CN113114471A (en) * | 2021-03-01 | 2021-07-13 | 北京信息科技大学 | Message hash chain construction method and device |
| CN113297608A (en) * | 2021-07-27 | 2021-08-24 | 北京理工大学 | Identity anonymous searchable encryption method, device and equipment based on commercial password |
| CN113297608B (en) * | 2021-07-27 | 2021-11-02 | 北京理工大学 | Identity anonymous searchable encryption method, device and equipment based on commercial password |
| CN114039720A (en) * | 2021-11-17 | 2022-02-11 | 南京大学 | Unconditional safety authentication encryption method based on LFSR hash |
| CN114039720B (en) * | 2021-11-17 | 2024-04-19 | 南京大学 | Unconditional security authentication encryption method based on LFSR hash |
| CN114500150A (en) * | 2022-01-11 | 2022-05-13 | 上海三一重机股份有限公司 | Communication method and device based on CAN bus and operation machine |
| CN114499857A (en) * | 2022-03-03 | 2022-05-13 | 矩阵时光数字科技有限公司 | Method for realizing data correctness and consistency in big data quantum encryption and decryption |
| CN114499857B (en) * | 2022-03-03 | 2023-09-01 | 矩阵时光数字科技有限公司 | Method for realizing data correctness and consistency in encryption and decryption of large data quanta |
| CN114666381A (en) * | 2022-03-11 | 2022-06-24 | 浙江国盾量子电力科技有限公司 | Transformer substation inspection robot safety communication system and method based on Lagrange interpolation |
| CN114640443B (en) * | 2022-03-17 | 2023-05-09 | 浙江广厦建设职业技术大学 | Online engineering quotation safety interaction method and system |
| CN114640443A (en) * | 2022-03-17 | 2022-06-17 | 浙江广厦建设职业技术大学 | Online engineering quotation safety interaction method and system, electronic equipment and storage medium |
| CN114491610A (en) * | 2022-04-01 | 2022-05-13 | 国网浙江省电力有限公司 | Intelligent shared financial platform and system based on Hash encryption algorithm and quantum key |
| CN116702177A (en) * | 2023-06-21 | 2023-09-05 | 南京风荧网络科技有限公司 | System and method for safely transmitting big data of computer |
| CN116702177B (en) * | 2023-06-21 | 2024-02-20 | 王芹生 | System and method for safely transmitting big data of computer |
| CN117527351A (en) * | 2023-11-08 | 2024-02-06 | 青海师范大学 | Data integrity verification method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111726224A (en) | Quantum secret communication-based data integrity rapid authentication method, system, terminal and storage medium | |
| CN109347835B (en) | Information transmission method, client, server, and computer-readable storage medium | |
| CN110519309B (en) | Data transmission method, device, terminal, server and storage medium | |
| CN108512846B (en) | Bidirectional authentication method and device between terminal and server | |
| JP4638912B2 (en) | Method for transmitting a direct proof private key in a signed group to a device using a distribution CD | |
| CN107743067B (en) | Method, system, terminal and storage medium for issuing digital certificate | |
| CN113268715A (en) | Software encryption method, device, equipment and storage medium | |
| CN108322416B (en) | Security authentication implementation method, device and system | |
| CN108199847B (en) | Digital security processing method, computer device, and storage medium | |
| CN108769029B (en) | Authentication device, method and system for application system | |
| CN112055019B (en) | Method for establishing communication channel and user terminal | |
| CN109690543B (en) | Security authentication method, integrated circuit and system | |
| CN108496323B (en) | Certificate importing method and terminal | |
| CN110069241B (en) | Pseudo-random number acquisition method and device, client device and server | |
| CN111159656A (en) | Method, device, equipment and storage medium for preventing software from being used without authorization | |
| CN113872770A (en) | Security verification method, system, electronic device and storage medium | |
| CN106850232B (en) | The authorization management method and system that state is kept | |
| CN110069415B (en) | Software integrity checking and software testing method used in software testing process | |
| CN107548542B (en) | User authentication method with enhanced integrity and security | |
| CN111510442A (en) | User verification method and device, electronic equipment and storage medium | |
| CN109657170B (en) | Webpage loading method and device, computer equipment and storage medium | |
| CN111338841A (en) | Data processing method, device, equipment and storage medium | |
| CN109474431A (en) | Client certificate method and computer readable storage medium | |
| CN114553557B (en) | Key calling method, device, computer equipment and storage medium | |
| CN115766192A (en) | UKEY-based offline security authentication method, device, equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200929 |