CN111918285B - Anti-quantum computing group communication method and system based on ID cryptography - Google Patents

Anti-quantum computing group communication method and system based on ID cryptography Download PDF

Info

Publication number
CN111918285B
CN111918285B CN202010555013.0A CN202010555013A CN111918285B CN 111918285 B CN111918285 B CN 111918285B CN 202010555013 A CN202010555013 A CN 202010555013A CN 111918285 B CN111918285 B CN 111918285B
Authority
CN
China
Prior art keywords
key
group
information
administrator
symmetric
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010555013.0A
Other languages
Chinese (zh)
Other versions
CN111918285A (en
Inventor
富尧
钟一民
杨羽成
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruban Quantum Technology Co Ltd
Nanjing Ruban Quantum Technology Co Ltd
Original Assignee
Ruban Quantum Technology Co Ltd
Nanjing Ruban Quantum Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ruban Quantum Technology Co Ltd, Nanjing Ruban Quantum Technology Co Ltd filed Critical Ruban Quantum Technology Co Ltd
Priority to CN202010555013.0A priority Critical patent/CN111918285B/en
Publication of CN111918285A publication Critical patent/CN111918285A/en
Application granted granted Critical
Publication of CN111918285B publication Critical patent/CN111918285B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides a quantum computation resistant group communication method and system based on ID cryptography, the method firstly distributes respective identity ID and private key for group members through an ID cryptography mechanism, the group members can compute the public key of the opposite side by using the ID disclosed by the opposite side during communication, and then compute a symmetric key according to the private key of the group members and the public key of the opposite side, thereby realizing one-to-one communication with the opposite side; when updating the key, the administrator encrypts the updated key by the symmetric key of each group member and sends the encrypted updated key, the symmetric key between each group member and the administrator can be calculated to obtain the updated key, and then the own symmetric key pool is updated by the updated key according to a preset updating method. The invention combines the symmetric key pool and the ID cryptography, and further enhances the use safety of the symmetric key pool in the group communication scene.

Description

Anti-quantum computing group communication method and system based on ID cryptography
Technical Field
The invention relates to the field of group communication systems, in particular to a quantum computation resistant group communication method and system based on ID cryptography.
Background
With the continuous development of wireless communication technology, direct terminal communication (Device to Device, D2D) has become one of the hot spots of 3GPP Rel-12 standardization technology. D2D allows two User Equipments (UEs) to directly transmit data through a specific Channel (Sidelink Channel) without going through an evolved Node B (eNB). Of course, D2D is not limited to data transmission between two ues, and may also support Group Communication (Group Communication). Most of the existing network authentication systems are based on a one-to-one authentication mode of a single object, but for single-point-to-multipoint data transmission, groups are formed according to a certain principle. In these application scenarios, when a new terminal is accessed in a group, if an existing one-to-one authentication manner is adopted, network signaling will be increased, resulting in network congestion, and a large amount of network resources will be occupied, so that the existing one-to-one network authentication system is no longer applicable. In this case, in order to reduce authentication resource consumption and network congestion, a corresponding group authentication mechanism is required. The existing group communication system uses a group key pool, realizes group communication by using a symmetric key stored in the group type symmetric key pool, and if a member is attacked, the secret communication of the whole group is threatened by security.
In the prior art, the key pool is updated, and the participation of an issuing center is often needed, and the transmitted data volume is large, so that certain threat is brought to the security.
Based on the above analysis, the prior art has the following drawbacks:
1. in the prior art, the group symmetric key pool cannot be stored in a highly secure security chip due to large capacity, and has the possibility of being captured and disassembled to be cracked. The group type symmetric key pool is shared by all members in the group, and once the group type symmetric key pool is cracked, the security of group communication based on the group type symmetric key pool is threatened;
2. the existing key fetching method based on the symmetric key pool comprises the following steps: first a key location is selected and then the entire key is retrieved from that location. Under the condition that the symmetric key pool is cracked, the key taking mode is easy to predict and even completely cracked, and the safety is not high;
3. the existing method for updating the key pool is that one party generates a key and sends the key to the other party, and because the amount of the key in the key pool is huge, a great amount of time is needed for updating the key pool; for group communication, the same secret key needs to be transmitted to each member of the group, and the secret key amount is huge and is often difficult to realize;
4. the existing group communication based on asymmetric cryptography cannot resist quantum computation and is low in safety.
Disclosure of Invention
The purpose of the invention is as follows: in order to overcome the defects, the invention provides a quantum computing resistant group communication method and system based on ID cryptography.
The invention content is as follows: the technical scheme provided by the invention is as follows:
the quantum computing group communication resisting method based on the ID cryptography comprises the following steps:
(1) before the group members communicate, the key issuing server calculates an ID for each group member, the ID is mapped into a public key of the group member through a first hash function, and then a system private key locally stored by the key issuing center and the public key of the group member are used for operation to obtain the private key of the group member; the key issuing server sends the ID and the private key to each group member; each member in the group has the same symmetric key pool and the first hash function, and a method for calculating the symmetric key is defined in advance, namely: the data receiving party and the data transmitting party respectively calculate a public key of the other party by utilizing a first hash function according to the ID of the other party and then calculate a symmetric key by utilizing the public key of the other party and the private key of the own party;
(2) each group member pre-defines a group key selection method in each group communication, selects a group key from a symmetric key pool according to a preset selection mode during group communication, encrypts a message to be sent by using the group key and decrypts the received message to realize the group communication;
(3) when the symmetric key pool needs to be updated, the administrator issues an updated key, then calculates the symmetric key of each group member, encrypts the updated key by using the symmetric key of each group member and issues the encrypted updated key to the corresponding group member;
when the group member receives the information issued by the administrator, the same method is adopted to calculate the symmetric key, and the information issued by the administrator is decrypted by using the symmetric key to obtain an updated key;
and the administrator and each group member perform combined calculation by using the updated key and the true random number sequence in the original symmetric key pool according to a preset updating mode to obtain a group of updated true random number sequences with the same length as the original sequence, and the updated true random number sequences are used as a new symmetric key pool.
Further, the method for selecting the group key in each group communication in step (2) specifically includes:
the sender generates initial information for calculating the group key before sending the message each time; the sender calculates an initial position pointer of the group key according to the initial information, and then calculates the initial position pointer through different functions to calculate a step length for each bit of data in the group key; performing combined operation on the step length of each bit of data and the initial position pointer to obtain a pointer of each bit of data in the group key, and taking out corresponding random numbers from the symmetric key pool according to the pointer of each bit of data in the group key to form a group key;
a sender encrypts information to be sent by using a group key, and then broadcasts the encrypted information and initial information as group information;
and the receiver calculates the group key according to the initial information in the group information and decrypts the encrypted information in the group information.
Further, in the step (3), the specific step of performing joint calculation by using the updated key and the true random number sequence in the original symmetric key pool includes: the key pool is divided into K sections of keys on average, each section of key and the updated key are subjected to combined calculation, and the calculation results of the K sections of keys are spliced into a whole section of key, namely the updated symmetric key pool.
Further, when the administrator finds that there is an untrusted member X in the group, the administrator notifies each group member to update the symmetric key pool, and the specific steps include:
the administrator generates an update key and first description information for announcing that the group member X is not trusted;
packing the first description information and the updated key into information to be sent by an administrator;
the administrator calculates the symmetric keys of other members except the member X in the group, and encrypts the information to be sent by using the symmetric keys of the members respectively to obtain encrypted information;
the administrator sends the encrypted information to other members except the member X in the group, and the ID of the administrator, the ID of the target group member and the corresponding encrypted information are taken as alarm information to be sent together when the encrypted information is sent;
the group members identify the alarm information sent to the group members according to the target group member ID in the alarm information; then, calculating a symmetric key to decrypt the encrypted information in the alarm information to obtain first description information and an updated key;
the group members update own symmetric key pool according to the updated key;
and the administrator updates the own symmetric key pool according to the updated key.
Further, when a group member forwards the alarm information issued by the administrator, a symmetric key of a target group member is calculated, the description information and the update key obtained by decryption are encrypted by using the calculated symmetric key of the target group member, and then the ID of the group member and the information after re-encryption are taken as new alarm information and forwarded to the target group member; and the target group personnel calculates a corresponding symmetric key, decrypts the received alarm information to obtain the description information and the updated key of the untrusted member X, and then updates the own symmetric key pool by using the updated key.
Further, when a trusted member Y is newly added to the group, the administrator notifies other members in the group, and the specific steps include:
the administrator generates second description information used for announcing the credibility of the newly added group member Y;
the administrator calculates the symmetric keys of the group members and encrypts the second description information by using the symmetric keys of all the group members respectively;
the administrator sends second encryption information to the group members, and sends the ID of the administrator, the ID of the target group member and the corresponding second encryption information together when sending the second encryption information;
and after the group members receive the data from the administrator, calculating a symmetric key corresponding to the administrator, and decrypting the received data to obtain second description information.
Further, when encrypting a certain data with the symmetric key, the symmetric key is firstly used to calculate the encryption key, and then the encryption key is used to encrypt the corresponding data; the specific steps of calculating the encryption key include:
calculating an initial position pointer of the encryption key according to the symmetric key, and calculating the initial position pointer of the encryption key through different functions to calculate a step length for each bit of data in the encryption key; and performing combined operation on the step length of each bit of data and the initial position pointer to obtain the pointer of each bit of data in the encryption key, and taking out corresponding random numbers from the symmetric key pool according to the pointer of each bit of data in the encryption key to form the encryption key.
The invention also provides an ID cryptography-based quantum computing resistant group communication system, which comprises an administrator and group members, wherein the administrator and the group members adopt the ID cryptography-based quantum computing resistant group communication method to carry out communication.
Has the advantages that:
1. the method and the device combine the symmetric key pool and the ID cryptography, and further enhance the use safety of the symmetric key pool in a group communication scene, so that the group communication safety based on the symmetric key pool can still be ensured under the extreme condition that the symmetric key pool is cracked. Because the secret keys of the two parties are also protected by ID cryptography, the communication of the two parties cannot be cracked because the symmetric secret key pool is cracked under the condition that the secret key of the ID cryptography can be guaranteed not to be cracked;
2. the key taking method based on the symmetric key pool comprises the following steps: and taking out a plurality of key bits one by one from the key pool by adopting different step sizes, wherein the step sizes are different each time. Under the condition that the symmetric key pool is cracked, the key taking mode is not easy to predict, and the cracked symmetric key pool can be changed into invalid through updating the key pool, so that the safety is high;
3. the method for updating the key pool can update the key pool only by transmitting one updated key, and the time for updating the key pool is short because the key amount for updating the key is small; for group communication, the key transmission quantity of the key updating scheme of the patent is not large, and the implementation is easy;
4. the method directly uses the ID cryptography in the asymmetric cryptography, and a system public key of the ID cryptography is not public, so that quantum computation can be resisted, and the safety is high; meanwhile, the advantages of easy key management of ID cryptography and no need of certificate manufacture are introduced into group communication, so that the convenience of key management of group communication is improved.
Drawings
FIG. 1 is a diagram of a system architecture involved in an embodiment of the present invention;
fig. 2 is a schematic diagram of a KTG acquisition mode in an embodiment of the present invention.
Detailed Description
The invention will be further described with reference to the accompanying drawings and specific embodiments. It is to be understood that the present invention may be embodied in various forms, some of which are illustrated in the accompanying drawings and described below as illustrative and non-limiting embodiments, and are not intended to limit the invention to the specific embodiments described.
It is to be understood that the features listed above for the different embodiments may be combined with each other to form further embodiments within the scope of the invention, where technically feasible. Furthermore, the particular examples and embodiments of the invention described are non-limiting, and various modifications may be made in the structure, steps, and sequence set forth above without departing from the scope of the invention.
In a communication group, the patent assumes that all members have a list of IDs of the current group and role information of each ID, and that roles include group administrators and group common members. Some members can be specified as group administrators and have the right to declare other members legal or illegal, such as early warning aircraft in a fighter aircraft data chain communication group, flagships in a warship data chain communication group, command vehicles in a army data chain communication group, Cluster Head (Cluster Head) nodes in a military wireless sensor network, and the like. Only some military group communication scenarios are listed here, and a large number of civil group communication scenarios are also applicable to the method described in this patent to improve the group communication security.
The key issuing server firstly needs to establish a set of system parameters based on ID key science, and the steps are as follows:
(1)G 1 ,G 2 is a group of GDHs (Diffie-Hellman group) of order q, q being a large prime number, G 1 Is an addition cycle group consisting of points on an elliptic curve, P is a group G 1 A generator of (2); g 2 Is a multiplication loop group; bilinear mapping e: g 1 ×G 1 →G 2
(2) Randomly fetch SK S ∈Z p * As system master key, SK S Storing only the public key PK of the computing system in the key issuing server S =SK S *P。
(3) Selecting a hash function H 1 :{0,1} * →G 1 ,H 2 :G 2 →{0,1} *
(4) The system parameters are { q, G 1 ,G 2 ,e,n,P,H 1 ,H 2 }。
Take member A and member B as examples:
when the secret key issuing server issues the public and private keys for the member A, the unique code is generated as ID A Then calls the hash function H 1 Computing public key PK A =H 1 (ID A ) Then according to the public key PK A Computing the private Key SK A =SK S *PK A . Member B, in the same way, the key issuing Server calculates the ID B Public key PK B =H 1 (ID B ) Secret key SK B =SK S *PK B . The key issuing server then sends the ID A 、SK A Issue to Member A, ID B 、SK B Awarding to member B; the key issuing server will also use the system public key PK S And is sent to each member.
Member A calculates symmetric key K AB =e(SK A ,PK B ) Member B computes a symmetric key K BA =e(SK B ,PK A ). From ID cryptography: k AB =e(SK A ,PK B )=e(SK*PK A ,PK B )=e(PK A ,SK*PK B )=e(PK A ,SK B )=e(SK B ,PK A )=K BA
In the above scheme, the system public key PK S The secret chip has the anti-disassembly function, and an adversary cannot acquire data in the chip. Even if the key fob is lost and cracked, the adversary can only get the ID and the hash function H 1 And then, calculating a public key of the terminal, wherein a symmetric key cannot be obtained on the premise of no terminal private key, and meanwhile, an enemy cannot obtain a system private key because the enemy cannot obtain the system public key, so that quantum computation resistance is realized.
Based on the ID cryptography, the invention provides an anti-quantum computing group communication method based on the ID cryptography, which comprises the following steps:
(1) before the group members communicate, the key issuing server calculates an ID for each group member, the ID is mapped into a public key of the group member through a first hash function, and then a system private key locally stored by the key issuing center and the public key of the group member are used for operation to obtain the private key of the group member; the key issuing server sends the ID and the private key to each group member; each member in the group has the same symmetric key pool and the first hash function, and a method for calculating the symmetric key is defined in advance, namely: the data receiving party and the data transmitting party respectively calculate a public key of the other party by utilizing a first hash function according to the ID of the other party and then calculate a symmetric key by utilizing the public key of the other party and the private key of the own party;
(2) each group member reserves a group key selection method in each group communication in advance, selects a group key from a symmetric key pool according to a preset selection mode when group communication is carried out, encrypts a message to be sent by using the group key and decrypts a received message to realize the group communication;
(3) when the symmetric key pool needs to be updated, an administrator issues an updated key, then calculates the symmetric key of each group member, encrypts the updated key by using the symmetric key of each group member and issues the encrypted updated key to the corresponding group member;
when the group member receives the information issued by the administrator, the same method is adopted to calculate the symmetric key, and the information issued by the administrator is decrypted by using the symmetric key to obtain an updated key;
and the administrator and each group member perform combined calculation by using the updated key and the true random number sequence in the original symmetric key pool according to a pre-agreed updating mode to obtain a group of updated true random number sequences with the same length as the original sequence, and the updated true random number sequences are used as a new symmetric key pool.
The invention also provides an ID cryptography-based quantum computing resistant group communication system, wherein an administrator and group members in the system communicate by adopting the ID cryptography-based quantum computing resistant group communication method. Fig. 1 shows an exemplary block diagram of a quantum computing group communication system based on ID cryptography according to the present invention.
To further illustrate the principles of the present invention for quantum computation resistance, the following detailed description illustrates the implementation principles of the present invention by means of specific embodiments.
Example 1: group communication with member trust
Assuming that a message to be sent by a group member a is an NTF, and a timestamp TNTF is generated for the message, in this embodiment, the TNTF is used as an initial message, and then, a calculates a group key of this group communication:
a, taking out a group key KTG from a group key pool with a length of KPL, where the key has N bits, and a specific process of obtaining KTG is shown in fig. 2:
calculating to obtain initial position pointer PK ═ F of group key KTG PK (TNTF) mod KPL, whereinMod denotes a modulo operation. Calculating the step length in sequence: LK 1 =F LK (PK||TNTF),LK 2 =F LK (LK 1 ||TNTF),LK 3 =F LK (LK 2 ||TNTF),…,LK N =F LK (LK N-1 | TNTF). Function F PK (. about.) and F LK (. x) is an arbitrarily specified function. Then calculates the pointers PK for extracting the random codes in turn 1 =PK+LK 1 mod KPL,PK 2 =PK 1 +LK 2 mod KPL,…,PK N =PK N-1 +LK N mod KPL。PK 1 Point to the start position of the group key KTG, i.e. the position of the first bit, PK 2 Pointing to the position of the second bit of the group key KTG and so on. According to PK 1 、PK 2 、…、PK N And sequentially taking out the key data of N bits in the corresponding position from the key pool. And if the key pool size KPL is exceeded, returning to the key pool head by utilizing a mode of taking a module of the KPL.
A takes out the group key KTG, and encrypts NTF by using the KTG to obtain { NTF } KTG. Using KTG pairs ID A TNTF and NTF calculate message authentication code to obtain MAC (ID) A | TNTF | | NTF, KTG). The encrypted information, the message authentication code and the ID are connected A And the TNTF is sent to other members together, and the sent information can be expressed as
ID A ||TNTF||{NTF}KTG||MAC(ID A ||TNTF||NTF,KTG)。
Other members receive the message, take out KTG by the same method, decrypt { NTF } KTG by using KTG to obtain message NTF, and use KTG to pair ID A The TNTF and the NTF calculate a message authentication code and compare the message authentication code with the received message authentication code, if the message authentication code and the received message authentication code are consistent, the verification is passed, and after the verification is passed, the NTF is trusted; and if the verification is not passed, the message NTF is not trusted.
Example 2: group communication in case a member is not trusted
2.1: the group administrator issues a message.
Let the group administrator be A, another trusted member in the group be B, and the untrusted member be X.
For A generationThe illegal first description message declaring X is NTF, a timestamp TNTF is generated for the first description message, an updating key KR is generated, the combination of MSG (MSG) ═ TNTF | | | NTF | | KR and KR is formed, and the SK is used by the member A A Carrying out ID cryptography-based signature on the MSG, wherein the signature process is as follows:
generating a random number r, calculating PK A =H 1 (ID A ),UMSG=r*PK A ,h=H 3 (MSG,UMSG),VMSG=(r+h)*SK A . Wherein H 3 (. one.) is a hash operation. Obtain the signature SIG A =SIGN(MSG,SK A )=(UMSG,VMSG)。
Symmetric key K between A calculation and B AB =e(SK A ,PK B ) According to K AB Fetching total N bits of K from symmetric key pool TAB The process is as follows:
calculating to obtain K TAB Initial position pointer PK of TAB =F PK (TNTF||K AB ) mod KPL. Calculating the step length in sequence: LK TAB1 =F LK (PK TAB ||TNTF||K AB ),LK TAB2 =F LK (LK TAB1 ||TNTF||K AB ),LK TAB3 =F LK (LK TAB2 ||TNTF||K AB ),…,LK TABN =F LK (LK TAB(N-1) ||TNTF||K AB ). Then calculates the pointers PK for extracting the random codes in turn TAB1 =PK+LK TAB1 mod KPL,
PK TAB2 =PK TAB1 +LK TAB2 mod KPL,…,PK TABN =PK TAB(N-1) +LK TABN mod KPL. According to PK TAB1 、PK TAB2 、…、PK TABN Sequentially taking out the key data of N bits at the corresponding position from the key pool as K TAB . Since the enemy and other members of the group do not know K AB Therefore, K is very difficult to predict for the enemy and other members of the group TAB
A uses K TAB And K AB Calculating to obtain KS AB =F KS (K TAB ,K AB ) Function F KS Preferably (, MAC algorithm).Since the enemy and other members of the group do not know K AB Therefore, KS is very difficult for enemies and other members of the group to predict AB
A uses KS AB For NTF KR SIG A The encryption is carried out to obtain encryption information { NTF | | | KR | | SIG A }KS AB Calculating a message authentication code MAC (ID) A ||ID B ||MSG||SIG A ,KS AB )。
A sends an alarm message to B, and the alarm message is represented as
M AB =ID A ||ID B ||TNTF||{NTF||KR||SIG A }KS AB ||MAC(ID A ||ID B ||MSG||SIG A ,KS AB )。
B, after receiving the alarm message, calculating PK A =H 1 (ID A ) Further calculating a symmetric key K between A BA =e(SK B ,PK A ) According to K BA Fetching total N bits of K from symmetric key pool TAB The procedure is the same as above. KS was obtained by further calculation AB =F KS (K TAB ,K BA ). Use of KS AB To M AB The message authentication code is decrypted and verified. After validation, PK was used A Verification SIG A I.e. verification (P, PK) S ,UMSG+h*PK A VMSG) is a Diffie-Hellman tuple that verifies through to get NTF and KR.
Since the symmetric key pool of X has already been broken, B needs to update the group key pool. Recording the length of an original key pool as K, equally dividing the key pool into a plurality of sections of keys, and setting an ith section as K i Separately calculate K newi =F KR (K i KR), function F KR Preferably, K is a MAC algorithm newi Is equal to K i Length of (d). Using K newi Updating K i Can use K newi To K i Making direct substitution, or calculating
Figure BDA0002543914030000091
To K i And (6) replacing. After the replacement is completed, the new key pool is K new And the length is equal to K.
2.2: the other members of the group forward the message.
The group administrator is A, another trusted member in the group is B, another trusted member in the group is C, and an untrusted member is X. A does not necessarily contact C, but B can. After completing the process 2.1, B can assist A in transforming MSG SIG A To member C.
B uses SK B Signature based on ID cryptography on MSG to obtain SIG B =SIGN(MSG,SK B ) The signature process is the same as above.
Calculating a symmetric key K between B and C BC =e(SK B ,PK C ) According to K BC Fetching total N bits of K from symmetric key pool TBC The procedure is the same as above. B obtains K TBC Then, use K TBC And K BC Calculating to obtain KS BC =F KS (K TBC ,K BC ). Use of KS BC For NTF KR SIG A ||SIG B Encrypted to obtain { NTF | | | KR | | | SIG A ||SIG B }KS BC Calculating a message authentication code MAC (ID) A ||ID B ||ID C ||MSG||SIG A ||SIG B ,KS BC )。
B sends a new alarm message to C, and the new alarm message can be represented as:
M BC
ID A ||ID B ||ID C ||TNTF||{NTF||KR||SIG A ||SIG B }KS BC ||MAC(ID A ||ID B ||ID C ||MSG||SIG A ||SIG B ,KS BC )。
c, after receiving the alarm information from B, calculating PK A =H 1 (ID A ),PK B =H 1 (ID B ) Further calculating a symmetric key K between B CB =e(SK C ,PK B ) According to K CB Fetching total N bits of K from symmetric key pool TBC The procedure is the same as above. KS was obtained by further calculation BC =F KS (K TBC ,K CB ). Use of KS BC To M BC The message authentication code is decrypted and verified. After the verification, PK was used A Verification SIG A Using PK B Verification SIG B The verification process is the same as above. After the validation, NTF and KR were obtained.
And C, updating the group key pool. The updating method is the same as above.
C after completing the procedure 2.2, the same procedure can be used to assist A in transforming MSG SIG A To trusted member D.
Example 3: and adding group communication of the trusted member.
A group administrator is set as A, another credible member in the group is set as B, and the newly added credible member is set as Y. The newly added member Y has the same group symmetric key pool as the current group symmetric key pool.
And A generates a second description message for declaring Y to be legal as NTF and generates a time stamp for the second description message as TNTF. The combination of the two is MSG ═ TNTF | | | | NTF, and the member A uses SK A Signature based on ID cryptography on MSG to obtain SIG A =SIGN(MSG,SK A ) The signature process is the same as above.
Calculating a symmetric key K between A and B AB =e(SK A ,PK B ) According to K AB Fetching total N bits of K from symmetric key pool TAB The procedure is the same as above. A obtains K TAB Then, use K TAB And K AB Calculating to obtain KS AB =F KS (K TAB ,K AB ). Use of KS AB For NTF SIG | | A Encrypted to obtain { NTF | | | SIG A }KS AB Calculating a message authentication code MAC (ID) A ||ID B ||MSG||SIG A ,KS AB )。
A sends a second encrypted message to B, and the second encrypted message can be represented as:
M AB =ID A ||ID B ||TNTF||{NTF||SIG A }KS AB ||MAC(ID A ||ID B ||MSG||SIG A ,KS AB )。
b after receiving the message, calculate PK A =H 1 (ID A ) Further calculating a symmetric key K between A BA =e(SK B ,PK A ) According to K BA Fetching total N bits of K from symmetric key pool TAB The procedure is the same as above. KS was obtained by further calculation AB =F KS (K TAB ,K BA ). Use of KS AB To M AB The message authentication code is decrypted and verified. After validation, PK was used A Verification SIG A The verification process is the same as above. And after the verification is passed, B obtains NTF, namely obtains the legal message of the newly added member Y.
After obtaining the NTF, B may transfer the NTF to a trusted member C, which is not easy to contact with a, and further, C may also transfer the NTF to a trusted member D after obtaining the NTF, where the transfer process is similar to the flow 2.2.
As can be seen from the above three embodiments, the present invention has at least the following advantages compared to the prior art:
1. the method and the device combine the symmetric key pool and the ID cryptography, and further enhance the use safety of the symmetric key pool in a group communication scene, so that the group communication safety based on the symmetric key pool can still be ensured under the extreme condition that the symmetric key pool is cracked. Because the secret keys of the two parties are also protected by ID cryptography, the communication of the two parties cannot be cracked because the symmetric secret key pool is cracked under the condition that the secret key of the ID cryptography can be guaranteed not to be cracked;
2. in the prior art, a method for obtaining a key from a key pool comprises the following steps: a position is selected, and then the whole key of the position is obtained. Assuming a key pool size of 10 9 The key length of each time of extraction is 1000 bits, an enemy obtaining the key pool needs to select a key obtaining position and then directly extract the key, so that the possibility of guessing the key by the enemy is 10 -9 . In the invention, the key fetching method based on the symmetric key pool comprises the following steps: and taking out a plurality of key bits one by one from the key pool by adopting different step sizes, wherein the step sizes are different each time. If an enemy wants to acquire the key, 1 key acquisition position needs to be selected, then 1000 key acquisition steps need to be selected to take out the key, and the possibility of setting the step is 1-10 9 Thus the likelihood of an adversary guessing each key is 10 -9000 Therefore, the security of the method for obtaining the key from the key pool is greatly improved.
Under the condition that the symmetric key pool is cracked, the key taking mode is not easy to predict, the cracked symmetric key pool can be changed into invalid through updating the key pool, and the safety is high.
3. The method for updating the key pool can update the key pool only by transmitting one updated key, and the time for updating the key pool is short because the key amount for updating the key is small; for group communication, the key transmission quantity of the key updating scheme of the patent is not large, and the implementation is easy;
4. the method directly uses the ID cryptography in the asymmetric cryptography, and a system public key of the ID cryptography is not public, so that quantum computation can be resisted, and the safety is high; meanwhile, the advantages of easy key management of ID cryptography and no need of certificate manufacture are introduced into group communication, so that the convenience of key management of group communication is improved.
All possible combinations of the technical features of the above embodiments may not be described for the sake of brevity, but should be considered as within the scope of the present disclosure as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is specific and detailed, but not to be understood as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (8)

1. The quantum computing group communication resisting method based on the ID cryptography is characterized by comprising the following steps of:
(1) before the group members communicate, the key issuing server calculates an ID for each group member, the ID is mapped into a public key of the group member through a first hash function, and then a system private key locally stored by the key issuing center and the public key of the group member are used for operation to obtain the private key of the group member; the key issuing server sends the ID and the private key to each group member; each member in the group has the same symmetric key pool and the first hash function, and a method for calculating the symmetric key is defined in advance, namely: the data receiving party and the data transmitting party respectively calculate a public key of the other party by utilizing a first hash function according to the ID of the other party and then calculate a symmetric key by utilizing the public key of the other party and the private key of the own party;
(2) each group member pre-defines a group key selection method in each group communication, selects a group key from a symmetric key pool according to a preset selection mode during group communication, encrypts a message to be sent by using the group key and decrypts the received message to realize the group communication;
(3) when the symmetric key pool needs to be updated, the administrator issues an updated key, then calculates the symmetric key of each group member, encrypts the updated key by using the symmetric key of each group member and issues the encrypted updated key to the corresponding group member;
when the group member receives the information issued by the administrator, the same method is adopted to calculate the symmetric key, and the information issued by the administrator is decrypted by using the symmetric key to obtain an updated key;
and the administrator and each group member perform combined calculation by using the updated key and the true random number sequence in the original symmetric key pool according to a preset updating mode to obtain a group of updated true random number sequences with the same length as the original sequence, and the updated true random number sequences are used as a new symmetric key pool.
2. The ID cryptography-based quantum computation resistant group communication method according to claim 1, wherein the method for selecting the group key in the group communication in the step (2) comprises the following steps:
the sender generates initial information for calculating the group key before sending the message each time; the sender calculates an initial position pointer of the group key according to the initial information, and then calculates the initial position pointer through different functions to calculate a step length for each bit of data in the group key; performing combined operation on the step length of each bit of data and the initial position pointer to obtain a pointer of each bit of data in the group key, and taking out corresponding random numbers from the symmetric key pool according to the pointer of each bit of data in the group key to form a group key;
a sender encrypts information to be sent by using a group key, and then broadcasts the encrypted information and initial information as group information;
and the receiver calculates the group key according to the initial information in the group information and decrypts the encrypted information in the group information.
3. The ID cryptography-based quantum computing group communication method as claimed in claim 1, wherein the specific step of performing joint computation with the updated key and the true random number sequence in the original symmetric key pool in step (3) comprises: the key pool is averagely divided into K segments of keys, each segment of key and an updated key are subjected to combined calculation, and the calculation results of the K segments of keys are spliced into a whole segment of key, namely the updated symmetric key pool.
4. The ID cryptography-based quantum computing resistant group communication method according to claim 1, wherein when an administrator discovers that there is an untrusted member X in the group, each group member is notified to update the symmetric key pool, the specific steps include:
the administrator generates an update key and first description information for announcing that the group member X is not trusted;
packing the first description information and the updated key into information to be sent by an administrator;
the administrator calculates the symmetric keys of other members except the member X in the group, and encrypts the information to be sent by using the symmetric keys of the members respectively to obtain encrypted information;
the administrator sends the encrypted information to other members except the member X in the group, and the ID of the administrator, the ID of the target group member and the corresponding encrypted information are taken as alarm information to be sent together when the encrypted information is sent;
the group members identify the alarm information sent to the group members according to the target group member ID in the alarm information; then, calculating a symmetric key to decrypt encrypted information in the alarm information to obtain first description information and an updated key;
the group members update own symmetric key pool according to the updated key;
and the administrator updates the own symmetric key pool according to the updated key.
5. The anti-quantum-computation-group communication method based on ID cryptography according to claim 4, wherein when a certain group member forwards the alarm information issued by the administrator, a symmetric key of the target group member is computed, the description information and the update key obtained by decryption are encrypted with the computed symmetric key of the target group member, and then the own ID and the re-encrypted information are forwarded to the target group member as new alarm information; and the target group personnel calculates a corresponding symmetric key, decrypts the received alarm information to obtain the description information and the updated key of the untrusted member X, and then updates the own symmetric key pool by using the updated key.
6. The ID cryptography-based quantum computing resistant group communication method according to claim 1, wherein when a trusted member Y is added to the group, the administrator notifies other members of the group, and the specific steps include:
the administrator generates second description information used for announcing the credibility of the newly added group member Y;
the administrator calculates the symmetric keys of the group members and encrypts the second description information by using the symmetric keys of all the group members respectively;
the administrator sends second encryption information to the group members, and the ID of the administrator, the ID of the target group member and the corresponding second encryption information are sent together when the administrator sends the second encryption information;
and after the group members receive the data from the administrator, calculating a symmetric key corresponding to the administrator, and decrypting the received data to obtain second description information.
7. The ID cryptography-based quantum computation resistant group communication method according to any one of claims 1 to 6, wherein when encrypting a certain data with a symmetric key in the step, an encryption key is first calculated using the symmetric key, and then the corresponding data is encrypted with the encryption key; the specific steps of calculating the encryption key include:
calculating an initial position pointer of the encryption key according to the symmetric key, and calculating the initial position pointer of the encryption key through different functions to calculate a step length for each bit of data in the encryption key; and performing combined operation on the step length of each bit of data and the initial position pointer to obtain a pointer of each bit of data in the encryption key, and taking out corresponding random numbers from the symmetric key pool according to the pointer of each bit of data in the encryption key to form the encryption key.
8. An ID cryptography-based quantum computing resistant group communication system comprising an administrator and group members, wherein the administrator and the group members communicate using the method of any one of claims 1 to 7.
CN202010555013.0A 2020-06-17 2020-06-17 Anti-quantum computing group communication method and system based on ID cryptography Active CN111918285B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010555013.0A CN111918285B (en) 2020-06-17 2020-06-17 Anti-quantum computing group communication method and system based on ID cryptography

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010555013.0A CN111918285B (en) 2020-06-17 2020-06-17 Anti-quantum computing group communication method and system based on ID cryptography

Publications (2)

Publication Number Publication Date
CN111918285A CN111918285A (en) 2020-11-10
CN111918285B true CN111918285B (en) 2022-09-23

Family

ID=73237817

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010555013.0A Active CN111918285B (en) 2020-06-17 2020-06-17 Anti-quantum computing group communication method and system based on ID cryptography

Country Status (1)

Country Link
CN (1) CN111918285B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114978518B (en) * 2021-02-20 2024-06-11 南京如般量子科技有限公司 Quantum-resistant computing digital signature method and system based on quantum communication service station
CN114980037A (en) * 2021-02-20 2022-08-30 南京如般量子科技有限公司 Group communication method and system based on asymmetric key pool with hierarchical structure
CN113708925B (en) * 2021-08-09 2023-12-12 武汉理工大学 Group using method and system for common cryptographic algorithm key
CN115242490B (en) * 2022-07-19 2023-09-26 北京计算机技术及应用研究所 Group key secure distribution method and system in trusted environment

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1286494A1 (en) * 2001-08-23 2003-02-26 Deutsche Telekom AG Method for generating an asymmetric cryptographic group-key pair
CN106027241A (en) * 2016-07-08 2016-10-12 郑州轻工业学院 Flexible asymmetric group key negotiation method
CN106850195A (en) * 2016-04-18 2017-06-13 中国科学院信息工程研究所 Group key agreement and communication means in a kind of instant messaging
WO2019174402A1 (en) * 2018-03-14 2019-09-19 西安西电捷通无线网络通信股份有限公司 Group membership issuing method and device for digital group signature
CN110417547A (en) * 2019-07-19 2019-11-05 如般量子科技有限公司 The key updating method and system of anti-quantum calculation secret communication based on no cryptographic certificate
CN110535626A (en) * 2019-07-16 2019-12-03 如般量子科技有限公司 The quantum communications service station secret communication method and system of identity-based
CN110557248A (en) * 2019-07-19 2019-12-10 如般量子科技有限公司 Secret key updating method and system for resisting quantum computation signcryption based on certificateless cryptography
US10630467B1 (en) * 2019-01-04 2020-04-21 Blue Ridge Networks, Inc. Methods and apparatus for quantum-resistant network communication

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1286494A1 (en) * 2001-08-23 2003-02-26 Deutsche Telekom AG Method for generating an asymmetric cryptographic group-key pair
CN106850195A (en) * 2016-04-18 2017-06-13 中国科学院信息工程研究所 Group key agreement and communication means in a kind of instant messaging
CN106027241A (en) * 2016-07-08 2016-10-12 郑州轻工业学院 Flexible asymmetric group key negotiation method
WO2019174402A1 (en) * 2018-03-14 2019-09-19 西安西电捷通无线网络通信股份有限公司 Group membership issuing method and device for digital group signature
US10630467B1 (en) * 2019-01-04 2020-04-21 Blue Ridge Networks, Inc. Methods and apparatus for quantum-resistant network communication
CN110535626A (en) * 2019-07-16 2019-12-03 如般量子科技有限公司 The quantum communications service station secret communication method and system of identity-based
CN110417547A (en) * 2019-07-19 2019-11-05 如般量子科技有限公司 The key updating method and system of anti-quantum calculation secret communication based on no cryptographic certificate
CN110557248A (en) * 2019-07-19 2019-12-10 如般量子科技有限公司 Secret key updating method and system for resisting quantum computation signcryption based on certificateless cryptography

Also Published As

Publication number Publication date
CN111918285A (en) 2020-11-10

Similar Documents

Publication Publication Date Title
CN111918285B (en) Anti-quantum computing group communication method and system based on ID cryptography
JP7353375B2 (en) End-to-end double ratchet encryption with epoch key exchange
Zhong et al. An efficient and secure recoverable data aggregation scheme for heterogeneous wireless sensor networks
US9084112B2 (en) Secure group key agreement for wireless networks
CN111416706B (en) Quantum secret communication system based on secret sharing and communication method thereof
CN112187450B (en) Method, device, equipment and storage medium for key management communication
KR101078915B1 (en) Key management
CN111314083B (en) Quantum secret communication system and method based on secret sharing and asymmetric cryptography
Alghamdi et al. Reliable and secure end-to-end data aggregation using secret sharing in wsns
CN111698095A (en) Data chain quantum computation resistant communication method and system based on ID cryptography and symmetric key pool
CN110784314A (en) Certificateless encrypted information processing method
CN113973007B (en) Time-controlled encryption anonymous query method and system based on broadcast encryption and onion routing
Alimohammadi et al. Performance analysis of cryptography methods for secure message exchanging in VANET
CN111245611B (en) Anti-quantum computation identity authentication method and system based on secret sharing and wearable equipment
CN111526131A (en) Anti-quantum-computation electronic official document transmission method and system based on secret sharing and quantum communication service station
CN114244499B (en) Group communication method and system based on tree structure symmetric key pool
CN114205077B (en) Mixed encryption secure communication method based on boom key distribution algorithm
CN113569295B (en) Blacklist data sharing method and obtaining method
CN116055136A (en) Secret sharing-based multi-target authentication method
CN111934887B (en) Multi-receiver signcryption method based on interpolation polynomial
CN112069487B (en) Intelligent equipment network communication safety implementation method based on Internet of things
CN114980037A (en) Group communication method and system based on asymmetric key pool with hierarchical structure
Liu et al. Full-healing group-key distribution in online social networks
CN115037448A (en) Layered wireless sensor network communication method and system based on asymmetric key pool
EP3883178A1 (en) Encryption system and method employing permutation group-based encryption technology

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant