CN112910644A - Security authentication system based on quantum secret data - Google Patents
Security authentication system based on quantum secret data Download PDFInfo
- Publication number
- CN112910644A CN112910644A CN202110333192.8A CN202110333192A CN112910644A CN 112910644 A CN112910644 A CN 112910644A CN 202110333192 A CN202110333192 A CN 202110333192A CN 112910644 A CN112910644 A CN 112910644A
- Authority
- CN
- China
- Prior art keywords
- quantum
- data
- control server
- key
- random number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0625—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a security authentication system based on quantum secret data, which belongs to the technical field of data security and comprises a quantum key management and control server, a data transmitter and a data receiver; the quantum key management and control server comprises a quantum random number generator, wherein the quantum random number generator is used for generating binary quantum random numbers as original quantum random number key seeds, and the quantum key management and control server generates quantum keys by XOR of the random number key seeds and system random number key seeds generated by real-time system information; the data transmitter acquires a quantum key from the quantum key management and control server, and encrypts the original data and the quantum key to obtain encrypted quantum data; the data receiver receives the encrypted quantum data, and transmits the encrypted quantum data to the quantum key management and control server; the invention solves the problem that the data security authentication is threatened because the secret key is broken in the prior art.
Description
Technical Field
The invention relates to the technical field of data security, in particular to a security authentication system based on quantum secret data.
Background
With the increasing emphasis on information security, various data encryption devices and software are applied to data protection to provide guarantee for data security of people, and the devices have certain technical advantages, but the common point is that the data are encrypted by using a secret key, and once the secret key for encryption is cracked, the data encrypted by using the secret key pool is cracked.
The keys used by these devices and software are derived from random numbers, which are typically generated by some algorithmic simulation or physical phenomenon. The random number generated by a certain algorithm simulation is called pseudo-random number, the key generated by using the random number has certain regularity, and the regularity of the random number can be inquired in a cracking algorithm or big data analysis mode, so that the key is cracked. Random numbers generated by physical phenomena are called true random numbers, and keys generated by using the random numbers cannot obtain key rules, so that the keys cannot be cracked.
Disclosure of Invention
Aiming at the defects of the prior art, the invention aims to provide a security authentication system based on quantum secret data, and solves the problem that data security authentication is threatened due to the fact that a secret key is broken in the prior art.
The purpose of the invention can be realized by the following technical scheme:
a security authentication system based on quantum secret data comprises a quantum key management and control server, a data transmitter and a data receiver; the quantum key management and control server comprises a quantum random number generator, the quantum random number generator is used for generating binary quantum random numbers as original quantum random number key seeds, the quantum key management and control server generates quantum keys by carrying out XOR on the random number key seeds and system random number key seeds generated by real-time system information, and the quantum keys are stored in the quantum key management and control server;
the data transmitter acquires a quantum key from the quantum key management and control server, encrypts original data and the quantum key to obtain encrypted quantum data, and transmits the encrypted quantum data to a specified data receiver through a special network;
the data receiver receives the encrypted quantum data, the data receiver transmits the encrypted quantum data to the quantum key control server, the quantum key control server processes the encrypted quantum data and returns the decrypted quantum key, and the data receiver decrypts the encrypted quantum data by using the decrypted quantum key to obtain the original data and sends decryption success information to the data transmitter.
As a preferred scheme of the present invention, the quantum key management and control server is disposed in a cloud, and the data transmitter and the data receiver both use a dedicated network to perform data communication with the quantum key management and control server.
As a preferred aspect of the present invention, the raw data includes: user name, password, identification number, gender, age, phone number, and user privileges.
As a preferable aspect of the present invention, the data receiver sends the decryption success information to the data transmitter by using a symmetric encryption method.
As a preferred embodiment of the present invention, the symmetric encryption method is a DES algorithm.
As a preferable aspect of the present invention, the private network is a VPN network.
As a preferable aspect of the present invention, the data transmitter includes a data transmitting application, the data receiver includes a data receiving application, and the operating system of the data transmitting application and the data receiving application includes: android system, apple system, blackberry system, and microsoft windows system.
As a preferred aspect of the present invention, the quantum key management and control server includes a quantum key management and control system program, and the key management and control system program is configured to manage an original quantum random number key seed and a system random number key seed generated by real-time system information.
As a preferable aspect of the present invention, the decryption success information is "1".
The invention has the beneficial effects that:
the invention is provided with a quantum key control server, a data transmitter and a data receiver, wherein the key control server is provided with a quantum random number generator which is used for generating binary quantum random numbers as original quantum random number key seeds, the quantum key control server generates a quantum key by XOR between the random number key seeds and system random number key seeds generated by real-time system information, the quantum key is used for encrypting original data obtained by the data transmitter, the data receiver receives the encrypted quantum data, and the data receiver decrypts the encrypted quantum data by using a decryption quantum key to obtain the original data and transmits decryption success information to the data transmitter; the invention solves the problem that the data security authentication is threatened because the secret key is broken in the prior art.
Drawings
In order to more clearly illustrate the embodiments or technical solutions in the prior art of the present invention, the drawings used in the description of the embodiments or prior art will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained based on these drawings without creative efforts.
FIG. 1 is a flow chart of the present invention;
fig. 2 is a flowchart of quantum key generation by the quantum key management server.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the description of the present invention, it is to be understood that the terms "opening," "upper," "lower," "thickness," "top," "middle," "length," "inner," "peripheral," and the like are used in an orientation or positional relationship that is merely for convenience in describing and simplifying the description, and do not indicate or imply that the referenced component or element must have a particular orientation, be constructed and operated in a particular orientation, and thus should not be considered as limiting the present invention.
As shown in the figure, a security authentication system based on quantum secret data comprises a quantum key management and control server, a data transmitter and a data receiver; the quantum key management and control server comprises a quantum random number generator, the quantum random number generator is used for generating binary quantum random numbers as original quantum random number key seeds, the quantum key management and control server generates quantum keys by carrying out XOR on the random number key seeds and system random number key seeds generated by real-time system information, and the quantum keys are stored in the quantum key management and control server;
the data transmitter acquires a quantum key from the quantum key management and control server, encrypts original data and the quantum key to obtain encrypted quantum data, and transmits the encrypted quantum data to a specified data receiver through a special network;
the data receiver receives the encrypted quantum data, the data receiver transmits the encrypted quantum data to the quantum key control server, the quantum key control server processes the encrypted quantum data and returns the decrypted quantum key, and the data receiver decrypts the encrypted quantum data by using the decrypted quantum key to obtain the original data and sends decryption success information to the data transmitter.
The quantum key management and control server is arranged at the cloud end, and the data transmitter and the data receiver are in data communication with the quantum key management and control server by adopting a special network. The raw data includes: user name, password, identification number, gender, age, phone number, and user privileges. The data receiver sends the decryption success information to the data transmitter by adopting a symmetric encryption method. The symmetric encryption method is a DES algorithm. The private network is a VPN network.
The data transmitter includes a data transmitting application, the data receiver includes a data receiving application, and the operating system of the data transmitting application and the data receiving application includes: android system, apple system, blackberry system, and microsoft windows system. The quantum key management and control server comprises a quantum key management and control system program, and the key management and control system program is used for managing the original quantum random number key seeds and the system random number key seeds generated by the real-time system information. The decryption success information is "1".
The invention is provided with a quantum key control server, a data transmitter and a data receiver, wherein the key control server is provided with a quantum random number generator which is used for generating binary quantum random numbers as original quantum random number key seeds, the quantum key control server generates a quantum key by XOR between the random number key seeds and system random number key seeds generated by real-time system information, the quantum key is used for encrypting original data obtained by the data transmitter, the data receiver receives the encrypted quantum data, and the data receiver decrypts the encrypted quantum data by using a decryption quantum key to obtain the original data and transmits decryption success information to the data transmitter; the invention solves the problem that the data security authentication is threatened because the secret key is broken in the prior art.
In the description herein, references to the description of "one embodiment," "an example," "a specific example" or the like are intended to mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The foregoing shows and describes the general principles, essential features, and advantages of the invention. It will be understood by those skilled in the art that the present invention is not limited to the embodiments described above, which are described in the specification and illustrated only to illustrate the principle of the present invention, but that various changes and modifications may be made therein without departing from the spirit and scope of the present invention, which fall within the scope of the invention as claimed.
Claims (9)
1. A security authentication system based on quantum secret data is characterized by comprising a quantum key management and control server, a data transmitter and a data receiver; the quantum key management and control server comprises a quantum random number generator, the quantum random number generator is used for generating binary quantum random numbers as original quantum random number key seeds, the quantum key management and control server generates quantum keys by carrying out XOR on the random number key seeds and system random number key seeds generated by real-time system information, and the quantum keys are stored in the quantum key management and control server;
the data transmitter acquires a quantum key from the quantum key management and control server, encrypts original data and the quantum key to obtain encrypted quantum data, and transmits the encrypted quantum data to a specified data receiver through a special network;
the data receiver receives the encrypted quantum data, the data receiver transmits the encrypted quantum data to the quantum key control server, the quantum key control server processes the encrypted quantum data and returns the decrypted quantum key, and the data receiver decrypts the encrypted quantum data by using the decrypted quantum key to obtain the original data and sends decryption success information to the data transmitter.
2. The quantum secret data-based security authentication system according to claim 1, wherein the quantum key management and control server is disposed in a cloud, and the data transmitter and the data receiver both use a private network to perform data communication with the quantum key management and control server.
3. A quantum secure data based security authentication system as claimed in claim 1, wherein said raw data comprises: user name, password, identification number, gender, age, phone number, and user privileges.
4. The quantum secure data-based security authentication system as claimed in claim 1, wherein the data receiver sends the decryption success information to the data transmitter by using a symmetric encryption method.
5. The quantum secure data-based security authentication system according to claim 4, wherein the symmetric encryption method is a DES algorithm.
6. The quantum private data-based security authentication system of claim 1, wherein the private network is a VPN network.
7. The quantum secure data-based security authentication system according to claim 1, wherein the data transmitter comprises a data transmission application program, the data receiver comprises a data reception application program, and the running systems of the data transmission application program and the data reception application program comprise: android system, apple system, blackberry system, and microsoft windows system.
8. The quantum secret data-based security authentication system according to claim 1, wherein the quantum key management and control server comprises a quantum key management and control system program, and the key management and control system program is configured to manage an original quantum random number key seed and a system random number key seed generated by real-time system information.
9. The quantum secure data-based security authentication system according to claim 1, wherein the decryption success information is "1".
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110333192.8A CN112910644A (en) | 2021-03-29 | 2021-03-29 | Security authentication system based on quantum secret data |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110333192.8A CN112910644A (en) | 2021-03-29 | 2021-03-29 | Security authentication system based on quantum secret data |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112910644A true CN112910644A (en) | 2021-06-04 |
Family
ID=76109220
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110333192.8A Withdrawn CN112910644A (en) | 2021-03-29 | 2021-03-29 | Security authentication system based on quantum secret data |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112910644A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114124370A (en) * | 2021-10-14 | 2022-03-01 | 阿里云计算有限公司 | Key generation method and device |
CN115801257A (en) * | 2023-02-13 | 2023-03-14 | 广东广宇科技发展有限公司 | Quantum encryption-based big data secure transmission method |
CN116232639A (en) * | 2022-12-07 | 2023-06-06 | 深圳科盾量子信息科技有限公司 | Data transmission method, device, computer equipment and storage medium |
CN116743383A (en) * | 2023-08-15 | 2023-09-12 | 湖南尚医康医疗科技有限公司 | Intelligent medical information encryption method and system |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104821874A (en) * | 2015-05-15 | 2015-08-05 | 长春大学 | Method employing quantum secret key for IOT (Internet of Things) data encryption transmission |
CN110489987A (en) * | 2019-08-23 | 2019-11-22 | 湖北凯乐量子通信光电科技有限公司 | A kind of quantum secure storage system |
CN110620669A (en) * | 2019-09-18 | 2019-12-27 | 上海星地通讯工程研究所 | Data security method and system based on quantum random number |
-
2021
- 2021-03-29 CN CN202110333192.8A patent/CN112910644A/en not_active Withdrawn
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104821874A (en) * | 2015-05-15 | 2015-08-05 | 长春大学 | Method employing quantum secret key for IOT (Internet of Things) data encryption transmission |
CN110489987A (en) * | 2019-08-23 | 2019-11-22 | 湖北凯乐量子通信光电科技有限公司 | A kind of quantum secure storage system |
CN110620669A (en) * | 2019-09-18 | 2019-12-27 | 上海星地通讯工程研究所 | Data security method and system based on quantum random number |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114124370A (en) * | 2021-10-14 | 2022-03-01 | 阿里云计算有限公司 | Key generation method and device |
CN116232639A (en) * | 2022-12-07 | 2023-06-06 | 深圳科盾量子信息科技有限公司 | Data transmission method, device, computer equipment and storage medium |
CN116232639B (en) * | 2022-12-07 | 2024-05-03 | 深圳科盾量子信息科技有限公司 | Data transmission method, device, computer equipment and storage medium |
CN115801257A (en) * | 2023-02-13 | 2023-03-14 | 广东广宇科技发展有限公司 | Quantum encryption-based big data secure transmission method |
CN116743383A (en) * | 2023-08-15 | 2023-09-12 | 湖南尚医康医疗科技有限公司 | Intelligent medical information encryption method and system |
CN116743383B (en) * | 2023-08-15 | 2023-10-27 | 湖南尚医康医疗科技有限公司 | Intelligent medical information encryption method and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112910644A (en) | Security authentication system based on quantum secret data | |
CN109495274B (en) | Decentralized intelligent lock electronic key distribution method and system | |
CN106789052B (en) | Remote key issuing system based on quantum communication network and use method thereof | |
CN102196375B (en) | Securing out-of-band messages | |
CN1307819C (en) | Method and apparatus for secure distribution of public/private key pairs | |
CN105103488A (en) | Policy enforcement with associated data | |
CN105191207A (en) | Federated key management | |
CN103179114A (en) | Fine-grained access control method for data in cloud storage | |
CN104063334A (en) | Encryption method and system based on data attributions | |
JP2006514478A (en) | Online / offline decoding system | |
US20180063105A1 (en) | Management of enciphered data sharing | |
US20070055893A1 (en) | Method and system for providing data field encryption and storage | |
CN103236934B (en) | A kind of method of cloud storage security control | |
ES2665887T3 (en) | Secure data system | |
CN104270242A (en) | Encryption and decryption device used for network data encryption transmission | |
CN112187798A (en) | Bidirectional access control method and system applied to cloud-side data sharing | |
CN101325483B (en) | Method and apparatus for updating symmetrical cryptographic key, symmetrical ciphering method and symmetrical deciphering method | |
US9558362B2 (en) | Data encryption using an external arguments encryption algorithm | |
CN113961959A (en) | Proxy re-encryption method and system for data sharing community | |
CN113079177B (en) | Remote sensing data sharing method based on time and decryption frequency limitation | |
US8307209B2 (en) | Universal authentication method | |
CN111404895A (en) | Method, equipment and storage medium for distributing and recovering readable permission of shared data | |
CN116346423A (en) | Client data multiple encryption system and method in intelligent Internet of things energy system | |
CN106453300A (en) | Data encryption and decryption method and device, and data transmission system | |
CN108337233B (en) | Method for encrypting content information, electronic equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20210604 |
|
WW01 | Invention patent application withdrawn after publication |