CN112003707A - Quantum computation attack resistant block chain digital signature encryption method and system - Google Patents
Quantum computation attack resistant block chain digital signature encryption method and system Download PDFInfo
- Publication number
- CN112003707A CN112003707A CN202010866138.5A CN202010866138A CN112003707A CN 112003707 A CN112003707 A CN 112003707A CN 202010866138 A CN202010866138 A CN 202010866138A CN 112003707 A CN112003707 A CN 112003707A
- Authority
- CN
- China
- Prior art keywords
- digital signature
- transaction data
- module
- block chain
- attack
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 39
- 230000009466 transformation Effects 0.000 claims description 22
- 238000012795 verification Methods 0.000 claims description 14
- 238000004364 calculation method Methods 0.000 claims description 12
- 230000005540 biological transmission Effects 0.000 abstract description 5
- 238000005516 engineering process Methods 0.000 description 9
- 230000008569 process Effects 0.000 description 4
- 230000000977 initiatory effect Effects 0.000 description 3
- 239000003999 initiator Substances 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- TVZRAEYQIKYCPH-UHFFFAOYSA-N 3-(trimethylsilyl)propane-1-sulfonic acid Chemical compound C[Si](C)(C)CCCS(O)(=O)=O TVZRAEYQIKYCPH-UHFFFAOYSA-N 0.000 description 1
- 238000010521 absorption reaction Methods 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000000295 complement effect Effects 0.000 description 1
- 238000011217 control strategy Methods 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 238000000354 decomposition reaction Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000009699 differential effect Effects 0.000 description 1
- 230000004069 differentiation Effects 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 238000001125 extrusion Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 239000011159 matrix material Substances 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 238000002715 modification method Methods 0.000 description 1
- 230000002441 reversible effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N10/00—Quantum computing, i.e. information processing based on quantum-mechanical phenomena
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Technology Law (AREA)
- Data Mining & Analysis (AREA)
- Marketing (AREA)
- General Business, Economics & Management (AREA)
- Economics (AREA)
- Development Economics (AREA)
- Artificial Intelligence (AREA)
- Computational Mathematics (AREA)
- Condensed Matter Physics & Semiconductors (AREA)
- Strategic Management (AREA)
- Evolutionary Computation (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Pure & Applied Mathematics (AREA)
- Mathematical Physics (AREA)
- Software Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of block chains, in particular to a block chain digital signature encryption method and a block chain digital signature encryption system for resisting quantum computation attack; the method comprises the following steps: s1: generating a key parameter used by the digital signature; s2: when the transaction is initiated, the transaction data is digitally signed; s3: verifying the digital signature and receiving transaction data; the system includes a light node and a local full node. The invention aims to provide a block chain digital signature encryption method and system for resisting quantum computing attack, so as to solve the problems of authenticity and non-repudiation of transaction data transmission in a block chain system in the prior art.
Description
Technical Field
The invention relates to the technical field of block chains, in particular to a block chain digital signature encryption method and system for resisting quantum computing attack.
Background
In order to ensure that data is not falsified, blockchains maintain hash function values in addition to the original data or transaction records. The transaction data on the blockchain is usually hashed many times to obtain a final Merkle Hash value, the address data on the blockchain is usually calculated to obtain a Hash value, and the Hash value is converted into a character string consisting of numbers and letters by a specific code (for example, a Base58 code is adopted in the bitcoin blockchain) and then recorded into the blockchain.
The Hash function in cryptography, also known as a Hash function or Hash function, plays an important role in modern cryptography. The Hash function is essentially a public function H that can map an arbitrarily long message M to a shorter, fixed length value H. h is called a message digest, also called a hash value, hash value or hash value.
The most effective attack method aiming at the Hash algorithm under the quantum computer is the GROVER algorithm, the algorithm can reduce the attack complexity of the Hash algorithm from O (2^ n) to O (2^ n/2), therefore, the PIREMD160 algorithm adopted by the current bitcoin system is unsafe under quantum attack because the output length is only 160 bits. The effective means for resisting quantum attack is to effectively reduce the threat of the GROVER algorithm by increasing the output length of the hash algorithm, and at present, the method is generally considered to be capable of effectively resisting quantum attack as long as the output length of the hash algorithm is not less than 256 bits. In addition, besides the quantum attack threat, a series of Hash functions widely used in practice, such as MD4, MD5, SHA-1 and HAVAL, are attacked by traditional methods, such as differential analysis, modular differentiation and message modification methods, so that the Hash algorithm in the blockchain also needs to consider the resistance to traditional attacks.
The Hash algorithm can ensure that the transaction data is not tampered, but cannot ensure the simultaneous replacement attack on the data and the abstract, and cannot ensure the non-repudiation of the transaction data, the digital signature algorithm relates to tools such as a public key, a private key, a wallet and the like, and has two functions: firstly, the message is proved to be actually signed and sent out by a message sender, so as to ensure non-repudiation, and secondly, the integrity of the message is determined. The digital signature technique is to encrypt the digest information with the sender's private key and transmit it to the receiver together with the original text. The receiver can decrypt the encrypted digest information only by using the public key of the sender, and then generates a digest information for the received original text by using the hash algorithm, and compares the digest information with the decrypted digest information. If the information is identical, the received information is complete and is not modified in the transmission process, otherwise, the information is modified, so that the digital signature can verify the integrity of the information and ensure the non-repudiation of the information.
Most of the existing block chain systems adopt an elliptic curve digital signature scheme ECDSA. The ECDSA is proposed based on an elliptic curve DSA signature algorithm, and as standards of ANSI, IEEE, NIST and ISO, the ECDSA has the advantages of small system parameters, high processing speed, small key size, strong attack resistance, low bandwidth requirement and the like, for example, 160-bit ECC has the same security strength as 1024-bit RSA and DSA, and 224-bit ECC has the same security strength as 2048-bit RSA and DSS. However, for an SHOR attack algorithm which is very efficient for the ECDSA signature algorithm under a quantum computer, the SHOR algorithm is suitable for solving the difficult mathematical problems of large integer decomposition, discrete logarithm inversion and the like, so that the ECDSA signature algorithm is quite unsafe under the quantum attack.
Digital signature encryption algorithm has been the core technology in the field of block chaining. Most of the current algorithms cannot resist quantum attacks, which means that all information of users is exposed to quantum computers. If an algorithm for resisting quantum computing attack exists, personal information can be guaranteed to be the most secure, and at least the existing technical means cannot be used for cracking. An algorithm that is resistant to quantum computing attacks implies security. Also, the attack of quantum attacks on digital currency is devastating. Quantum attack can directly break down the existing information security system, and the quantum attack can enable an attacker to absorb assets of the digital industry, including mine digging income, even a key of a wallet can be cracked, the wallet is not safe any more, and the existing security system is directly broken down.
The prior art related to the block chain digital signature method and system for resisting quantum attack has the following patents:
(1) the publication number 201710322255.3 discloses an unmanned aerial vehicle blockchain management and control strategy for resisting quantum computing attack, the technical scheme is that the security and the reliability of information transmission under the threat of the current quantum computer are ensured through a grid-based encryption and signature algorithm, meanwhile, the transparent and the security management and control are realized through a blockchain technology, and the technical scheme is applied to the technical field of unmanned aerial vehicle information security and is completely different from the method used by the invention;
(2) the publication number 201710004756.7 discloses a digital signature method based on the internet blockchain technology, which adopts the technical scheme that the target data on a non-blockchain is encrypted by using the traditional RSA encryption algorithm, then a public key and a target data abstract are stored on an algorithm chain established by using the blockchain technology, and the PSP technology is used for distributing and verifying among blockchain link points, so that the digital signature of the target data is finally completed. Completely different from the method used by the invention and the target data object being encrypted;
(3) the publication number 201710527726.4 discloses a digital signature method and system based on the block chain technology, and the technical scheme is that an initiating node obtains a data digest by using an MD5 algorithm, then encrypts the data digest by using an RSA encryption algorithm, and sends the data digest and an encrypted original text to a receiving node. The receiving node decrypts the data abstract and the encrypted original text by using the public key of the initiating node, extracts the data abstract from the encrypted original text by using the same MD5 algorithm, and verifies whether the data abstract is consistent or not, so that the method does not have the characteristic of quantum attack resistance and is completely different from the method and the block chain system structure used by the invention;
(4) the publication number 201710598609.7 discloses an encryption method and system based on block chain digital signature, the technical scheme is basically the same as the method adopted by the publication number 201710527726.4, but the encryption algorithm of the digital signature uses an AES encryption algorithm, so that the method does not have the characteristic of resisting quantum attack, and the method and the system are completely different from the method and the block chain system structure used by the invention.
Therefore, a block chain digital signature encryption method and system for resisting quantum computing attack are provided.
Disclosure of Invention
The invention aims to provide a block chain digital signature encryption method and system for resisting quantum computing attack, so as to solve the problems of authenticity and non-repudiation of transaction data transmission in a block chain system in the prior art.
In order to achieve the purpose, the technical scheme of the invention is as follows:
a block chain digital signature encryption method for resisting quantum computation attack comprises the following steps:
s1: generating a key parameter used by the digital signature;
s2: when the transaction is initiated, the transaction data is digitally signed;
s3: and verifying the digital signature and receiving transaction data.
Specifically, the key parameter used in generating the digital signature in S1 includes the following steps:
s11: selecting two polynomials f and g on the ring R so that the number of 1 in the coefficients of f and g is df and dg, respectively, and calculating the public key h according to f and g: h ═ Fq × g (mod q);
s12: solving the polynomial (F, G) to satisfy the equation F G-F G q, wherein F | | is approximately equal to F | | | | | v | (N/12), G | | | is approximately equal to G | | | | (N/12);
s13: the public key h is published.
Specifically, when the transaction is initiated in S2, the process of digitally signing the transaction data includes the following steps:
s21: carrying out Hash transformation on transaction data M to be signed by utilizing a Hash algorithm Keccack512 for resisting quantum computing attack, and converting a Hash value into a polynomial (M1, M2), wherein the polynomial M1 and M2 are both a polynomial on a ring Rq;
s22: the polynomials a, B, a, B are calculated to satisfy:
G*m1-F*m2=A+q*B
-g*m1-f*m2=a+q*b
wherein the coefficients of the respective terms of A and a satisfy the condition of being greater than-q/2 and less than q/2;
s23: the signature is computed for polynomial s as follows:
s=f*B+F*b(mod q)
and sends the transaction data M to the verification node together with the signature s.
Specifically, the verifying the digital signature and receiving the transaction data in S3 includes the following steps:
s31: the receiving node receives the transaction data M and the signature s, carries out Hash transformation on the transaction data M and converts the Hash transformation into a polynomial (M1, M2);
s32: calculating according to the transmitted information s and the inquired public key h:
t=s*h(mod q)
s33: the verification node calculates the distance | | | m between the polynomial (s, t) and the polynomial (m1, m2)1-s||+||m2And t | |, if the distance is greater than NormBound, the verification fails, otherwise, the signature is valid through the verification, and the transaction is received.
A block chain digital signature encryption system resistant to quantum computation attack comprises a light node and a local full node, wherein the light node comprises a transformation module, a computation module, a distribution module and an encryption module, the transformation module is used for obtaining a data abstract of transaction data after Hash transformation, the computation module is used for obtaining a key parameter for generating a digital signature through computation, the distribution module is used for distributing a public key in the key parameter among the nodes, and the encryption module is used for encrypting an original text of the transaction data by using the public key in the key parameter;
the local full node comprises a transformation module, a calculation module, a distribution module, an encryption module and a verification module, wherein the transformation module is used for obtaining a data summary after Hash transformation of the transaction data, the calculation module is used for calculating key parameters for generating the digital signature, the distribution module is used for distributing public keys in the key parameters among the nodes, the encryption module is used for encrypting an original text of the transaction data by using the public keys in the key parameters, and the verification module is used for verifying whether the digital signature is valid or not.
The invention has the beneficial effects that: according to the block chain digital signature encryption method and system for resisting quantum computing attack, the integer lattice-based signature algorithm is adopted to replace an ECDSA signature algorithm widely used in the current block chain system, and the Keccak512 Hash algorithm is used to replace the existing SHA series algorithm, so that threats caused by high-speed development of quantum computing and gradual popularization of a quantum computer are reduced, user information and authenticity and undeniability of transaction data are protected to a greater extent, and normal operation of the existing information security system is guaranteed; meanwhile, the public key encryption system algorithm based on the lattice theory is simple, the calculation speed is high, and the occupied storage space is small; in particular, the ring homomorphism, namely the ring operation of the ciphertext corresponds to the ring operation of the plaintext, and as long as the operation depth is not high, the ring homomorphism can be used for constructing the untrusted on-ring entrusted calculation; because the lattice password is a linear password, the algebraic structure is simple and clear, the main operations are centralized on matrix, vector product operation and inner product operation on small integers, and the method is simple, efficient, low in calculation complexity and high in practicability.
Drawings
FIG. 1 is a flowchart of a block chain digital signature encryption method for resisting quantum computing attack according to an embodiment of the present invention;
fig. 2 is a block diagram of a block chain digital signature encryption system for resisting quantum computing attack according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example one
Referring to fig. 1, a block chain digital signature encryption method for resisting quantum computing attack includes the following steps:
step S101, generating a key parameter used by the digital signature;
step S102, when a transaction is initiated, a digital signature is carried out on transaction data;
furthermore, the digital signature related to the invention is a common physical signature similar to that written on paper, but is realized by using the technology in the field of public key encryption and is used for identifying the digital information; a set of digital signatures typically defines two complementary operations, one for signing and the other for verification; the digital signature is that only the sender of the information can generate a section of digital string which cannot be imitated by others, and the section of digital string is also an effective proof for the authenticity and non-repudiation of the information sent by the sender of the information; the digital signature is an application of asymmetric key encryption technology and digital digest technology.
Step S103, verifying the digital signature and receiving transaction data;
further, the invention relates to a transaction initiator, a data abstract is generated from transaction data by using a Keccak512 hash algorithm, then the data abstract is encrypted by using a private key of the initiator, and the encrypted abstract is used as a digital signature and is sent to an opposite side together with encrypted data; and at the receiving party, the original transaction data is abstracted by using the same Keccak512 hash algorithm as the sending party, then the digital signature is decrypted by using the public key of the initiating party, whether the two are consistent or not is judged, and if the two are consistent, the authenticity and the non-repudiation of the information are explained.
Further, the Keccak512 Hash algorithm uses a standard span structure, which is based on a fixed input length function f, a ratio (rate) parameter r and a padding rule pad, and is denoted as SPONGE [ f, pad, r ] (N, d), where N represents an input message and d represents a bit length of a Hash value; the sponge structure is named because a message of any length is "absorbed" into a function and "squeezed" out of an output of any length, and the hashing process is similar to a sponge.
Further, in the sponge structure,the function f is a mapping of b bits to b bits, i.e. f: {0,1}b→{0,1}bAnd b is called the width of f. Although the function f in SHA-3 is a substitution, it is not required that the function f be reversible in the discussion of the sponge structure; the parameter is more than 0 and less than r and the capacity (capacity) c is equal to b-r; the padding rule pad divides the input message N into r-bit packets P0,P1,…,PL-1And the last packet includes the length information of N.
Further, each message packet is processed in turn according to the following steps:
1.S=0b;
4.Z=Z||Truncr(S);
5. If d is less than or equal to | Z |, returning to H (X) ═ Truncd(Z);
6. Otherwise, let S ═ f (S), return to step 4.
Wherein, Truncr(X) denotes truncating the first r bits of the bit string X, e.g. Trunc2(10100) 10; therefore, the Hash value of the Hash function with the sponge structure can be arbitrarily long, and the parameter d determines the output bit of the Hash function, namely the length of the Hash value; when the required Hash value length is obtained, the calculation is terminated.
Further, in the absorption stage of the sponge structure, the Keccak512 algorithm performs exclusive OR on each message group and r bits in the state, then encapsulates the r bits and the c bits fixed behind into 1600-bit data to perform round function f processing, and then enters the extrusion process; in the squeezing phase, a Hash value with n bits of fixed output length can be generated by iterating 24 loops, and each loop R only has a different last round constant, but the round constant is often ignored in the collision attack. The algorithm speed related by the invention is very fast, and the average speed under an Intel core 2 processor is 12.5 cycles per byte; the algorithm involved in the invention is proved to have good differential property, and the third party cryptoanalysis has not shown that Keccak512 has security weakness so far.
Example two
Referring to fig. 2, a digital signature encryption system for resisting quantum computing attack, which is proposed by the present invention, the node roles of the system 200 related to the implementation of the process of digital signature encryption include: a light node 210 and a local full node 220.
Wherein the light node 210 comprises:
the transformation module 211 is configured to obtain a data digest after the Hash transformation of the transaction data;
a calculation module 212, configured to calculate a key parameter for generating a digital signature;
a distribution module 213 that distributes the public key in the key parameter among the nodes;
and the encryption module 214 encrypts the original text of the transaction data by using the public key in the key parameter.
The local full node includes:
wherein the local full node 220 includes:
the transformation module 221 is configured to obtain a data digest after the Hash transformation of the transaction data;
a calculation module 222, configured to calculate a key parameter for generating a digital signature;
a distribution module 223 for distributing the public key in the key parameter among the nodes;
the encryption module 224 encrypts the original text of the transaction data by using the public key in the key parameter;
a verification module 225 for verifying whether the digital signature is valid.
Further, the node related to the present invention is a piece of client software of an access blockchain system running on one device, and is called a node; only one piece of client software is allowed to run on the same device.
The invention relates to a method and a system, aiming at solving the technical problem that the existing block chain digital signature encryption method and system can not effectively resist quantum computing attack so as to improve the authenticity and non-repudiation of block chain transaction data transmission.
Finally, the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting, although the present invention has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made to the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention, and all of them should be covered in the claims of the present invention.
Claims (5)
1. A block chain digital signature encryption method for resisting quantum computation attack is characterized by comprising the following steps:
s1: generating a key parameter used by the digital signature;
s2: when the transaction is initiated, the transaction data is digitally signed;
s3: and verifying the digital signature and receiving transaction data.
2. The method for encrypting the block chain digital signature resisting to the quantum computing attack as claimed in claim 1, wherein the key parameter used for generating the digital signature in S1 includes the following steps:
s11: selecting two polynomials f and g on a ring R so that the number of 1 in the coefficients of f and g is df and dg, respectively, and calculating a public key h from f and g, h ═ Fq × g (mod q);
s12: solving the polynomial (F, G) to satisfy the equation F G-F G q, wherein F | | is approximately equal to F | | | | | v | (N/12), G | | | is approximately equal to G | | | | (N/12);
s13: the public key h is published.
3. The method for encrypting the block chain digital signature for resisting the quantum computing attack as claimed in claim 1, wherein the step of digitally signing the transaction data when the transaction is initiated in S2 comprises the following steps:
s21: firstly utilizing quantum computation attack resistance to transaction data M to be signedThe Hash algorithm Keccack512 performs Hash transformation and converts the Hash value into a polynomial (m)1,m2) Wherein the polynomial m1And m2Are all ring RqA polynomial of (a);
s22: the polynomials a, B, a, B are calculated to satisfy:
G*m1-F*m2=A+q*B
-g*m1-f*m2=a+q*b
wherein the coefficients of the respective terms of A and a satisfy the condition of being greater than-q/2 and less than q/2;
s23: the signature is computed for polynomial s as follows:
s=f*B+F*b(mod q)
and sends the transaction data M to the verification node together with the signature s.
4. The method for encrypting the block chain digital signature resisting to the quantum computing attack as claimed in claim 1, wherein the step of verifying the digital signature and receiving the transaction data in S3 comprises the following steps:
s31: the receiving node receives the transaction data M and the signature s, carries out Hash transformation relative to the transaction data M, and converts the Hash transformation into a polynomial (M)1,m2);
S32: calculating according to the transmitted information s and the inquired public key h:
t=s*h(mod q)
s33: the verification node calculates polynomials (s, t) and (m)1,m2) Distance between | | m1-s||+||m2And t | |, if the distance is greater than NormBound, the verification fails, otherwise, the signature is valid through the verification, and the transaction is received.
5. A block chain digital signature encryption system resisting quantum computation attack comprises a light node and a local full node,
the light node comprises a transformation module, a calculation module, a distribution module and an encryption module, wherein the transformation module is used for obtaining a data summary after Hash transformation of the transaction data, the calculation module is used for calculating key parameters for generating digital signatures, the distribution module is used for distributing public keys in the key parameters among the nodes, and the encryption module is used for encrypting an original text of the transaction data by using the public keys in the key parameters;
the local full node comprises a transformation module, a calculation module, a distribution module, an encryption module and a verification module, wherein the transformation module is used for obtaining a data summary after Hash transformation of the transaction data, the calculation module is used for calculating key parameters for generating the digital signature, the distribution module is used for distributing public keys in the key parameters among the nodes, the encryption module is used for encrypting an original text of the transaction data by using the public keys in the key parameters, and the verification module is used for verifying whether the digital signature is valid or not.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010866138.5A CN112003707A (en) | 2020-08-25 | 2020-08-25 | Quantum computation attack resistant block chain digital signature encryption method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010866138.5A CN112003707A (en) | 2020-08-25 | 2020-08-25 | Quantum computation attack resistant block chain digital signature encryption method and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112003707A true CN112003707A (en) | 2020-11-27 |
Family
ID=73470433
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010866138.5A Pending CN112003707A (en) | 2020-08-25 | 2020-08-25 | Quantum computation attack resistant block chain digital signature encryption method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112003707A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112651837A (en) * | 2021-01-07 | 2021-04-13 | 上海能链众合科技有限公司 | Block chain information interaction method based on cross-chain |
CN113691373A (en) * | 2021-08-20 | 2021-11-23 | 华中农业大学 | Anti-quantum key escrow system and method based on alliance block chain |
CN114629663A (en) * | 2022-05-12 | 2022-06-14 | 武汉和悦数字科技有限公司 | Block chain-based digital commodity transaction method and device |
CN114969799A (en) * | 2022-08-01 | 2022-08-30 | 深圳百纳维科技有限公司 | Method for resisting quantum computation block chain |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA2369141A1 (en) * | 1999-05-03 | 2001-01-04 | Joseph H. Silverman | Secure user identification based on ring homomorphisms |
WO2001001625A1 (en) * | 1999-05-03 | 2001-01-04 | Ntru Cryptosystems, Inc. | Secure user identification based on ring homomorphisms |
CN1462520A (en) * | 2001-05-04 | 2003-12-17 | 美国多科摩通讯研究所股份有限公司 | Ring-based signature scheme |
CN101965711A (en) * | 2008-04-09 | 2011-02-02 | 松下电器产业株式会社 | Signature and verification method, signature generation device, and signature verification device |
CN106027262A (en) * | 2016-07-01 | 2016-10-12 | 陕西科技大学 | Multi-variable signing method resisting key recovery attack |
CN110363030A (en) * | 2018-04-09 | 2019-10-22 | 英飞凌科技股份有限公司 | For executing the method and processing equipment of the Password Operations based on lattice |
US20200044860A1 (en) * | 2018-07-31 | 2020-02-06 | International Business Machines Corporation | System and method for quantum resistant digital signature |
WO2020130869A1 (en) * | 2018-12-21 | 2020-06-25 | Communique Laboratory Inc. | A cryptographic system and method |
CN111448579A (en) * | 2017-10-04 | 2020-07-24 | 丁津泰 | Quantum certified block chains |
-
2020
- 2020-08-25 CN CN202010866138.5A patent/CN112003707A/en active Pending
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA2369141A1 (en) * | 1999-05-03 | 2001-01-04 | Joseph H. Silverman | Secure user identification based on ring homomorphisms |
WO2001001625A1 (en) * | 1999-05-03 | 2001-01-04 | Ntru Cryptosystems, Inc. | Secure user identification based on ring homomorphisms |
CN1462520A (en) * | 2001-05-04 | 2003-12-17 | 美国多科摩通讯研究所股份有限公司 | Ring-based signature scheme |
CN101965711A (en) * | 2008-04-09 | 2011-02-02 | 松下电器产业株式会社 | Signature and verification method, signature generation device, and signature verification device |
CN106027262A (en) * | 2016-07-01 | 2016-10-12 | 陕西科技大学 | Multi-variable signing method resisting key recovery attack |
CN111448579A (en) * | 2017-10-04 | 2020-07-24 | 丁津泰 | Quantum certified block chains |
CN110363030A (en) * | 2018-04-09 | 2019-10-22 | 英飞凌科技股份有限公司 | For executing the method and processing equipment of the Password Operations based on lattice |
US20200044860A1 (en) * | 2018-07-31 | 2020-02-06 | International Business Machines Corporation | System and method for quantum resistant digital signature |
WO2020130869A1 (en) * | 2018-12-21 | 2020-06-25 | Communique Laboratory Inc. | A cryptographic system and method |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112651837A (en) * | 2021-01-07 | 2021-04-13 | 上海能链众合科技有限公司 | Block chain information interaction method based on cross-chain |
CN113691373A (en) * | 2021-08-20 | 2021-11-23 | 华中农业大学 | Anti-quantum key escrow system and method based on alliance block chain |
CN114629663A (en) * | 2022-05-12 | 2022-06-14 | 武汉和悦数字科技有限公司 | Block chain-based digital commodity transaction method and device |
CN114969799A (en) * | 2022-08-01 | 2022-08-30 | 深圳百纳维科技有限公司 | Method for resisting quantum computation block chain |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109672518B (en) | Node data processing of quantum attack resistant blockchains | |
WO2021042685A1 (en) | Transaction method, device, and system employing blockchain | |
CA2698000C (en) | Signatures with confidential message recovery | |
CN112003707A (en) | Quantum computation attack resistant block chain digital signature encryption method and system | |
US20120096274A1 (en) | Authenticated encryption for digital signatures with message recovery | |
CN101931529B (en) | Data encryption method, data decryption method and nodes | |
US20120096273A1 (en) | Authenticated encryption for digital signatures with message recovery | |
CN113364576A (en) | Data encryption evidence storing and sharing method based on block chain | |
CN102946602A (en) | Mobile information system based privacy protection and encryption method | |
CN107395371B (en) | Data encryption in wireless sensor networks | |
Koko et al. | Comparison of Various Encryption Algorithms and Techniques for improving secured data Communication | |
Mahesh et al. | Design of new security algorithm: Using hybrid Cryptography architecture | |
US20150006900A1 (en) | Signature protocol | |
Paar et al. | Message authentication codes (MACs) | |
WO2009115824A1 (en) | Encryption method | |
US6931126B1 (en) | Non malleable encryption method and apparatus using key-encryption keys and digital signature | |
Kenekayoro Patrick | The data encryption standard thirty four years later: An overview | |
CN111641494A (en) | Method and device for realizing global block chain | |
Bodapati et al. | Observations on the Theory of Digital Signatures and Cryptographic Hash Functions | |
Tanwar | Basics of cryptographic primitives for blockchain development | |
Sharma et al. | Comparative Analysis of AES-ECC and AES-ECDH Hybrid Models for a Client-Server System | |
Hwang et al. | PFX: an essence of authencryption for block‐cipher security | |
Syed et al. | On the Pivotal Role of Digital Signatures: A Review of Conception, Mensuration, and Applications | |
Shojaie et al. | Improving EAP-TLS performance using cryptographic methods | |
Sajeev et al. | Elliptic curve cryptography enabled security for wireless communication |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |