CN113114456B - Multi-user quantum privacy query method with authentication - Google Patents

Multi-user quantum privacy query method with authentication Download PDF

Info

Publication number
CN113114456B
CN113114456B CN202110280014.3A CN202110280014A CN113114456B CN 113114456 B CN113114456 B CN 113114456B CN 202110280014 A CN202110280014 A CN 202110280014A CN 113114456 B CN113114456 B CN 113114456B
Authority
CN
China
Prior art keywords
users
database
key
participants
trusted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110280014.3A
Other languages
Chinese (zh)
Other versions
CN113114456A (en
Inventor
肖敏
雷术梅
杨豪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Dayu Chuangfu Technology Co ltd
Original Assignee
Chongqing University of Post and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing University of Post and Telecommunications filed Critical Chongqing University of Post and Telecommunications
Priority to CN202110280014.3A priority Critical patent/CN113114456B/en
Publication of CN113114456A publication Critical patent/CN113114456A/en
Application granted granted Critical
Publication of CN113114456B publication Critical patent/CN113114456B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/50Oblivious transfer

Abstract

The invention relates to the field of quantum communication and quantum cryptography, in particular to a multi-user quantum privacy query method with authentication, which comprises the following steps: negotiating important security parameters between participants; the database provider prepares an initial multi-particle GHZ state and distributes corresponding particles to other participants; all participants perform security checks to verify whether quantum states are shared securely; the database owner and the users convert the bidirectional identity authentication between the database and each user into a trusted third party to verify the validity of the identities of other participants by using an entanglement exchange technology; if the identity authentication of the participant is successful, the database provider and the user perform careless key agreement; and the database provider and the user perform key post-processing and complete privacy query. The invention adds an identity authentication mechanism, enhances the security of multi-user quantum privacy inquiry, not only has the same level of database privacy and user privacy, but also can defend external impersonation attack and man-in-the-middle attack.

Description

Multi-user quantum privacy query method with authentication
Technical Field
The invention relates to the field of quantum communication and quantum cryptography, in particular to a multi-user quantum privacy query method with authentication.
Background
The security of classical cryptography is guaranteed by computational assumptions and is vulnerable to quantum computer attacks, while quantum cryptography solves this problem, with security provided by quantum information theory. Recently, Quantum cryptography has brought a new possibility to the Symmetric Private Information Retrieval (SPIR) problem, namely Quantum Private Query (QPQ). In particular, the QPQ protocol not only reduces communication and computational complexity, but is also easily implemented in existing technologies, as compared to the classical SPIR protocol. The proposed QPQ protocol, whether single-user or multi-user QPQ protocol, mostly only focuses on the privacy of the database and users, but ignores the active attacks of external malicious users (Eve). However, in a real-world scenario, there may be several situations: (1) eve may copy the identity of the database provider (Alice) to communicate with the user (Bob) and then obtain benefits using illegally obtained data, or Eve may copy the identity of Bob to communicate with Alice to provide false information for the purpose of cheating money; (2) eve may be involved directly in the communications of Alice and Bob, negotiating an inadvertent key therewith, and eavesdropping on the data that Alice purchased from Bob, respectively. Obviously, these active attacks from external adversaries can corrupt the QPQ protocol and therefore must be countered by effective measures.
Disclosure of Invention
In order to solve the problem of external attack of the multi-user QPQ, the invention provides a multi-user quantum privacy query method with authentication.
A multi-user quantum privacy query method with authentication mainly comprises security detection among participants, identity authentication among a database and users and careless key agreement for privacy retrieval, and comprises the following steps:
s1: initializing the system, negotiating error rate e, security parameter K and screening key K among participants A1A2C Database provider generates an initial query key K B The database providers and users register identity IDs with trusted third parties;
s2: a database provider prepares an initial multi-particle GHZ entangled state and distributes corresponding particles to each user and a trusted third party;
s3: dividing (2k +1) N multi-particle GHZ states prepared by a database provider into three kinds of qubits according to owned identity IDs (the identity IDs owned by the trusted third party comprise the identity ID registered by the database provider to the trusted third party and the identity ID registered by all users to the trusted third party);
s4: all participants use CHEACK qubits to carry out security detection, whether the multiple-particle GHZ state is safely shared is verified, if all the participants successfully carry out the security detection verification, the step S5 is executed, otherwise, the step S1 is returned;
s5: the method comprises the steps that a database provider and a plurality of users carry out identity information coding on AUTH qubits at even number positions owned by the database provider and the users, and a trusted third party carries out authentication on identities of all participants according to an entanglement exchange technology and verifies the legality of the identities of other participants; if the identity authentication of all the participants is successful, executing the step S6, otherwise returning to the step S1;
s6: the database provider and a plurality of users use QUERyubits to carry out the careless key agreement with the help of a trusted third party to obtain the careless key: the database provider will query the key K B QUERY qubits coded to even-numbered positions owned by him, multiple users pass a pre-shared screening key K with the assistance of a trusted third party A1A2C Inferring an inadvertent key;
s7: and the database provider and a plurality of users perform key post-processing and complete privacy inquiry.
Further, step S1 specifically includes:
s101: negotiating an error rate e by a database provider, a plurality of users and a trusted third party;
s102: determining a security parameter k and an encoding rule by a database provider and a plurality of users;
s103: a database provider randomly generates a 0,1 string with kN bits as an initial query key;
s104: a group of quaternary screening keys with kN bits are negotiated by a plurality of users and a trusted third party;
s105: the database provider and the plurality of users register N-bit long identity IDs with trusted third parties, respectively.
Further, in step S2, the database provider prepares (2k +1) N multi-particle initial GHZ states, and distributes the corresponding particles to each user and the trusted third party, the database provider retains the first particle, and distributes the subsequent particles one by one to the plurality of users and the trusted third party; the database provider, the plurality of users and the trusted third party safely share (2k +1) N multi-particle initial GHZ states, and if particles are lost, the database provider retransmits the particles, wherein k represents a pre-negotiated security parameter, and N represents the number of database entries.
Further, step S3 specifically includes: the trusted third party selects a subset V ═ V · from a set of positions M ═ {1,2, 3., (2k +1) N } 1 ,v 2 ,...,v N Is then xored according to the identity ID owned in the location subset V
Figure GDA0003704776660000031
"operation to get the XOR result S ID (ii) a Finally according to S ID Dividing the initial GHZ state into three kinds of qubits of CHEACK, AUTH and QUERY according to the calculation result to obtain state division information; the trusted third party publishes the state partitioning information to the data provider and all users.
Further, according to S ID The calculation result divides the initial GHZ state into three kinds of qubits of CHEACK, AUTH and QUERY, and the obtained state division information specifically comprises the following steps:
if S ID When 0, the corresponding position set is recorded as
Figure GDA0003704776660000032
And the qubits corresponding to the position set is used for security detection, and the qubits of the position set is divided into CHECK qubits; if S is ID Not equal to 0, recording the position set as
Figure GDA0003704776660000033
And the qubits corresponding to the position set is used for identity authentication, and the qubits of the position set is divided into AUTH qubits, wherein P, Q belongs to V; the qubits for the remaining M-V locations are used for inadvertent key agreement, dividing the qubits for the set of locations into QUERY qubits.
Further, in step S4, all participants use the CHECK qubits for security CHECK, and for each CHECK particle, all participants randomly select the measurement basis X { | X + >,|x - >Y { | Y { } + >,|y - >Measuring CHECK particles and publishing corresponding measurement results; all participants respectively compare the measurement results published by other participants, count the correct number r of GHZ states for the detection particles with the even number of measurement bases Y according to the entanglement verification mechanism of the GHZ states, and calculate the error rate
Figure GDA0003704776660000034
Wherein N represents the number of entries of the database, if the error rate is higher than the negotiated error rate e between the participants, the security check is unsuccessful, and the procedure returns to execute step S1; if the error rate is lower than the negotiated error rate e between the participants, the security check verification is successful and step S5 is performed.
Further, in step S5, the authentication of the identities of all participants by the trusted third party according to the entanglement swapping technique is mainly to verify the validity of the identities of other participants, where all the participants include a database provider and multiple users, and the main sub-process of implementing the identity authentication by the database provider and the multiple users includes:
s501: the method comprises the steps that a database provider and a plurality of users encode identity information of related particles of AUTH qubits;
s502: by adopting an entanglement exchange technology, a database provider and a plurality of users respectively carry out Bell measurement on own particles;
s503: publishing the measurement results by a database provider and a plurality of users;
s504: and the credible third party verifies the correlation of all the measurement results according to the entanglement swapping technology so as to verify the validity of the identities of other participants, if the identity verification of all the other participants is legal, the authentication is successful, otherwise, the authentication is unsuccessful.
Further, in step S6, the inadvertent key agreement specifically includes the following procedures:
s601: the database provider will generate the initial query key K B Encoding onto the respective particles by a negotiated unitary operation;
s602: quantum system is entangled and exchanged, and database provider makes Bell measurement on owned particlePublishing the measurement result; screening key K only pair by multiple users and trusted third parties using Bell measurements A1A2C Measuring the particles at the position corresponding to the position 1, and publishing a measurement result by a trusted third party;
s603: a secret query position exists among a plurality of users, the secret query position is limited to secret query data of the users, and the plurality of users inform the query result of the users according to the secret query position;
s604: multiple users infer a certain probability of an inadvertent query key from the information they possess.
Further, step S7 specifically includes: the database provider and a plurality of users process the negotiated oblivious key in a 'bitwise addition' mode, so that the length of the oblivious key is the same as that of a data entry included in the database, and a final key is obtained; the database provider knows all the final keys, while each user only knows about 1bit of the final key; suppose that each user knows only the jth bit of the final key and that each user wants to query the ith bit data x of the final key from the database i The query method comprises the following steps: the multiple users send s to a database provider, the database provider shifts the owned final key s according to the received data s, and then encrypts the database and sends the encrypted final key s to each user; each user decrypts using the j-th bit of the final key known to him to obtain the data desired to be purchased.
The invention has the beneficial effects that:
the invention provides a multi-user quantum privacy query method with authentication. Under the condition that a plurality of users are cooperated to inquire the same data to a database provider at the same time, the threat generated by an external adversary protocol is considered when the privacy security of the database and the plurality of users is ensured. By adding identity authentication in the existing multi-user quantum privacy query and using the idea of converting mutual authentication between the database and each user to a trusted third party to verify the validity of the identity of each participant, the aim of resisting identity counterfeiting attack and man-in-the-middle attack in the communication process is fulfilled, and therefore the safety of the existing multi-user quantum privacy query protocol is improved.
Drawings
The present invention will be described in further detail with reference to the accompanying drawings and specific embodiments.
FIG. 1 is a schematic view of a scene structure of the present invention;
FIG. 2 is a schematic flowchart illustrating an embodiment of a multi-user quantum privacy query with authentication according to the present invention;
FIG. 3 is a diagram illustrating a multi-party authentication process according to a preferred embodiment of the present invention;
FIG. 4 is a resource state table according to the present invention;
FIG. 5 is a GHZ state transformation relationship table according to the present invention;
FIG. 6 is a table illustrating a specific process of multi-party identity authentication according to the present invention;
FIG. 7 is a process of exchanging measurement results when the query location is even.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention provides a multi-user quantum privacy query method with authentication aiming at the external attack security of the existing multi-user quantum privacy query scheme.
The scenario structure of the present invention is shown in fig. 1, where three types of entities are involved, namely, a trusted third party (Charlie), a database provider (Bob), and a plurality of users (Alice1, Alice 2.. and Alice n, where n represents the number of users).
The present invention has the following safety assumptions:
(1) charlie is a fully trusted third party, and there is an important assumption that Charlie shares a secure channel with Alice at some point (the information transmitted over the secure channel is guaranteed to be private and integrity), as well as between Charlie and Bob. Notably, this secure channel is only opened once, it is only used for surreptitious registration of the users and the database provider with Charlie, and there is no such secure channel between the users and the database provider.
(2) Assuming that the database provider Bob is untrusted, she may have dishonest behavior of herself, wanting to steal the location information of the user's retrieved data and thereby infer the user's preferences. She is a legitimate database provider but may be counterfeited.
(3) Assuming that two users, Alice1 and Alice2, are untrusted, they always want to steal additional data from the database provider. They are authorized users of the database but may be counterfeited.
In order to make the QPQ method of the present invention clearer, two users (Alice1 and Alice2) are mainly used as an embodiment for performing an embodiment, that is, an authenticated two-user quantum privacy query method. Note that this embodiment is only an example of the method of the present invention, and does not represent all embodiments of the present invention, nor does it represent a limitation to the number of users in the method of the present invention, which is fully applicable and well extensible for multiple users.
In this embodiment, assume that the database provider Bob has a database of N entries { x } 1 ,x 2 ,...,x N User Alice1 and user Alice2 co-operate and Alice1 and Alice2 retrieve the same entry x from the database at the same time i . Fig. 2 is a flowchart of an embodiment of a method for quantum privacy query of two users with authentication, and the specific implementation process is as follows:
s1: initializing the system, negotiating error rate e, security parameter K and screening key K among participants A1A2C Database provider generates an initial query key K B The database providers and users register identity IDs with trusted third parties.
In an alternative embodiment, the step S1 can be implemented by the following steps:
s101: the database provider Bob, the user Alice1, the user Alice2 and the trusted third party Charlie negotiate an error rate e related to the noise in the quantum channel, and there is a relevant document that gives the reference value of the error rate e 10 -3
S102: the database provider Bob, the user Alice1, and the user Alice2 negotiate a security parameter k, the value of which is a positive integer;
s103: bob, Alice1, Alice2 and Charlie negotiate two unitary operations and coding rules,
Figure GDA0003704776660000071
wherein
Figure GDA0003704776660000072
Wherein, U 0 Representing a unitary operator I, the unitary operator I acting on any quantum state without changing its state; u shape 1 Representing a unitary operator Z acting in state |0>Will not change its state, and will act on |1>The upper rule is transformed into- |1>So it is also called phase inversion operator; u shape 2 Representation of a unitary operator i σ y I σ is y Gate operator action on state |0>And |1>I.e. i σ y |0>=-|1>And i σ y |1>=|0>I.e. i σ y Gate operator pair |0>Both phase and bit flips are performed, whereas for |1>Only bit flipping is performed and i denotes the complex number i.
S104: bob generates a 0,1 string of kNbit as an initial key
Figure GDA0003704776660000073
Wherein
Figure GDA0003704776660000074
S105: through a multi-party quantum key distribution protocol, a group of screening keys is pre-shared between two users Alice1 and Alice2 and a trusted third-party server Charlie
Figure GDA0003704776660000075
The screening key K A1A2C Is used for screening
Figure GDA0003704776660000076
Initial key K of B As a key held by two users, Alice1 and Alice 2. In addition, two users, Alice1 and Alice2, will query the data x i As private information;
s106: bob, Alice1, and Alice2 sent their randomly generated N-bit length identity strings secretly over a secure channel to Charlie
Figure GDA0003704776660000081
Figure GDA0003704776660000082
Wherein, ID B Representing Bob's randomly generated identity string, ID A1 Represents the randomly generated identity string, ID, of Alice1 A2 Representing an identity string randomly generated by Alice2,
Figure GDA0003704776660000083
representing each position V in a subset of positions V i Identity bits corresponding thereto, and
Figure GDA0003704776660000084
whose identity ID here corresponds to an authentication key.
S2: database provider Bob prepares an initial four-particle GHZ entangled state and distributes the respective particles to each user and trusted third-party server.
Specifically, Bob prepares a four-particle GHZ state of (2k +1) N
Figure GDA0003704776660000085
As shown in fig. 4, where k represents a pre-negotiated security parameter and N represents the number of entries of the database. The database provider Bob retains the first B particle and then sends the a1, a2, and C particles to Alice1, Alice2, and Charlie, respectively. In the transmission process, the protocolThe conference requires that Alice1, Alice2, and Charlie receive (2k +1) N number of particles, so Bob retransmits if any particles are lost.
S3: the trusted third party divides all states into three kinds of qubits according to the owned identity IDs (including identities randomly generated by Bob, Alice1 and Alice 2).
The trusted third party randomly selects a set containing N positions from all owned identity IDs, then carries out bitwise exclusive OR according to the owned identity IDs, and finally divides the initial state into three kinds of qubits, namely CHEACK, AUTH and QUERY. And the trusted third party publishes the state division information.
Specifically, the step S3 may adopt the following embodiments:
s301: assume that there is a position set M containing (2k +1) N positions {1,2, 3., (2k +1) N }, and each of the four-particle GHZ states prepared by Bob corresponds to a position in the position set M. The trusted third party Charlie randomly selects a subset V ═ V { V } of positions of length N from a set M ═ {1,2,3 1 ,v 2 ,...,v N V ∈ M, the identity ID per bit of its Bob, Alice1 and Alice2 and each position V ∈ M i N corresponds to 1, 2.
S302: for each position V in the subset of positions V i Identity bits for corresponding Bob, Alice1, and Alice2
Figure GDA0003704776660000086
And
Figure GDA0003704776660000087
the trusted third party Charlie performs exclusive OR operation on the information, namely calculation
Figure GDA0003704776660000091
Wherein
Figure GDA0003704776660000092
Indicating that the ith position of Bob, Alice1 and Alice2 corresponds to the XOR calculation result of the identity bits, and the calculation results of the N positions are expressed as
Figure GDA0003704776660000093
Figure GDA0003704776660000094
Indicating an exclusive or operation. After Charlie computation is completed, the V and S are sent to a trusted third party ID And (5) externally publishing.
S303: if it is not
Figure GDA0003704776660000095
Taking the GHZ state of four particles at the corresponding position as the qubits of safety detection; on the contrary, the method can be used for carrying out the following steps,
Figure GDA0003704776660000096
and the four-particle GHZ state of the corresponding position is used as the qubits of the identity authentication. In this manner, the GHZ states of the location set V are divided into states having a length of approximately
Figure GDA0003704776660000097
Two position subsets of
Figure GDA0003704776660000098
And
Figure GDA0003704776660000099
denoted CHECK qubits and AUTH qubits, respectively, where P, Q ∈ V. The qubits for the remaining M-V locations are used for inadvertent key agreement, and the qubits for this set of locations are noted as QUERyqubits. This results in state partitioning information that is published by the trusted third party to the data provider and all users.
S4: and (4) verifying whether the four-particle GHZ state is safely shared or not by all participants by using CHEACK qubits, executing the step S5 if the verification is successful, and returning to the step S1 if the verification is not successful. The specific description is as follows:
s401: for each CHECK particle, Bob, Alice1, Alice2, and Charlie respectively randomly selected measurement basis X { | X + >,|x - >Y { | Y { } + >,|y - >Measuring the particles and declaring a corresponding measurement, wherein
Figure GDA00037047766600000910
S402: bob, Alice1, Alice2 and Charlie compare the measurement results published by the other participants, respectively, as shown in equations (1), (2), (3), if the number of measurement bases Y selected by the four participants is even, the measurement results of the four participants have unique correlation. Counting the number r of correct GHZ states and calculating the error rate
Figure GDA00037047766600000911
If the error rate is higher than the preset threshold e, the protocol restarts and returns to step S1.
Figure GDA0003704776660000101
Figure GDA0003704776660000102
Figure GDA0003704776660000103
S5: the database and the two users carry out identity information coding on AUTH qubits at even positions owned by the users, and the identity of other participants is verified by a trusted third party according to an entanglement exchange technology. If the authentication is successful, step S6 is performed, otherwise, step S1 is returned.
To elaborate more, the step S5 can be implemented by the following substeps:
as shown in FIG. 3, the process of Bob, Alice1 and Alice2 simultaneous identity authentication is described by the following flow:
s501: bob, Alice1, and Alice2 encode the identity information of the relevant particles of AUTH qubits. For AUTH qubits, a new particle sequence is composed, denoted
Figure GDA0003704776660000104
Bob, Alice1, and Alice2 perform U ═ U { U } on their own even-bit particles according to their respective identity IDs 0 ,U 2 And (5) operating. For example, Bob encodes the identity of the corresponding location as 0, and she performs a unitary operation U on the corresponding particle 0 (ii) a Otherwise the particle at the corresponding position executes U 2 . After performing the transformation operation, the system state may be represented as D':
Figure GDA0003704776660000105
wherein
Figure GDA0003704776660000111
The eight states are shown in fig. 5, and fig. 5 is a state transition relationship table of GHZ. It should be noted that if
Figure GDA0003704776660000112
Odd, all participants will ignore the last particle of AUTH qubits.
S502: all participants performed Bell measurements on their own particles by entanglement swapping. Bob holds each item he holds
Figure GDA0003704776660000113
The B particles in (1) perform Bell measurements. According to the entanglement swapping principle, two particles at corresponding positions held by Alice1, Alice2 and Charlie will be entangled into a two-particle Bell entangled state, which is recorded as
Figure GDA0003704776660000114
Wherein
Figure GDA0003704776660000115
Figure GDA0003704776660000116
S503: bob, Alice1, and Alice2 publish the measurement results. Alice1, Alice2 andcharlie respectively for particles in corresponding positions held by Charlie
Figure GDA0003704776660000117
After performing the Bell measurements, Bob, Alice1, and Alice2 then publish their measurements.
S504: charlie verifies the relevance of all measurement results according to the entanglement exchange principle so as to verify the validity of the identities of other participants, a detailed multi-party identity authentication process is shown in fig. 6, and the authentication process is described in detail and is divided into the following sub-steps:
s5041: bob, Alice1, and Alice2 before performing the correlation transformation, the state of the entire system before measurement can be described as equation (4);
s5042: if the ith identity codes of Bob, Alice1 and Alice2 are respectively
Figure GDA0003704776660000118
Then the operations Bob, Alice1, and Alice2 perform on the corresponding particle are (U) 2 ,U 0 ,U 0 ) Then the initial state | Ψ 1 > BA1A2C Is converted into quantum state | Ψ 5 > BA1A2C Then the state before measurement after system transformation can be described as equation (5);
s5043: the initial state of the system before measurement can be accurately determined according to the measurement results published by Bob, Alice1 and Alice2 and the measurement results of the system before measurement. For example, measurements of Bob, Alice1, Alice2, and Charlie are
Figure GDA0003704776660000121
The initial state of the system before measurement according to equation (5) is
Figure GDA0003704776660000122
Charlie may then conclude that the unitary operations performed by Bob, Alice1, and Alice2 are
Figure GDA0003704776660000123
Thus, their ith authentication key is known to be (1,0, 0).
S5044:Charlie associates his inferred identity ID as (1,0,0) with a shared identity string (i.e., authentication key,
Figure GDA0003704776660000124
) Comparing one by one, and if the two are the same, passing the verification. Notably, all AUTH qubits pass Charlie verification to indicate that the authentication process passed.
S5045: finally, Charlie will publish the authentication results of the other participants. Thus, Bob, Alice1, and Alice2 may know that the other participant identities are legitimate.
Figure GDA0003704776660000125
Figure GDA0003704776660000126
Figure GDA0003704776660000131
S6: the database provider will query the key K B QUERY qubits coded to even positions he owns, both users passing a pre-shared screening key K with the assistance of a trusted third party A1A2C An inadvertent key is inferred.
For more detailed explanation, the step S6 may adopt the following sub-steps:
s601: bob performs a challenge key cipher on the even-numbered particles he holds 2kN QUERY qubits. The encoding is as follows if
Figure GDA0003704776660000132
Then perform the unitary operation U 0 Otherwise, execute U 1
S602: the states of the even and odd positions of the 2kN QUERY qubits are entangled. All particles were Bell measured by Bob and publishedThe measurement results, and Alice1, Alice2, and Charlie are based on the shared screening key K A1A2C Performing a Bell measurement for the corresponding location of 1, Charlie publishing the measurement result;
s604: generating a length of Alice1 and Alice2 according to the position information i of the query data
Figure GDA0003704776660000133
Is e {0,1}, the rule is as follows: if i is an even number, then 0 is generated and 1 is generated by denormalization. Finally, Alice1 and Alice2, according to the encoding rules of the measurement results:
Figure GDA0003704776660000134
and | ψ + >The code is 0; on the contrary, the method can be used for carrying out the following steps,
Figure GDA0003704776660000135
and | ψ - >And encoding to 1, carrying out exclusive or operation on the measurement result and the value of the position corresponding to the sequence Q, and transmitting the operation result to the opposite side. Fig. 7 shows an example of Alice2 obtaining Alice1 measurements when the retrieval location is even.
S605: alice1 and Alice2 can deduce the initial key encoding information performed by Bob at the corresponding location from the measurement results of Bob and Charlie, the result of the special operation published by the opposite user, and equations (4) and (6). To date, Bob, Alice1, and Alice2 share a string of asymmetric keys K B That is, Alice1 and Alice2 know the secret key
Figure GDA0003704776660000141
Bob knows all the keys.
S7: and (4) carrying out key post-processing on the database and the two users, and finishing privacy inquiry.
Specifically, in one embodiment, Bob, Alice1, and Alice2 will initiate a key K B Dividing the key into K groups with the length of N, and then carrying out bitwise XOR on the K groups to obtain an Nbit final key K f . If Alice1 and Alice2 obtain less than 1bit of final key, the protocol will resume, i.e., return to step S1. Bob will eventually query the keyK f Shift s j-i (assuming Alice knows the jthbit key)
Figure GDA0003704776660000142
Ith bit data x of database to be purchased at present i ) Then, the encrypted database C is added with the database with N entries according to the bit to obtain the encrypted database C ═ C 1 ,c 2 ,...,c i ,...,c n I.e. that
Figure GDA0003704776660000143
Wherein
Figure GDA0003704776660000144
Is an ith final key K shifted by s bits f . Bob sends the entire database encrypted to Alice1 and Alice2, who then compute
Figure GDA0003704776660000145
Obtaining query data x i
The embodiment mainly takes two users as main users, and the method can be conveniently expanded to a plurality of users only by modifying certain parameters. Next, taking n users as an example: the database provider, the trusted third party and the n users jointly negotiate the error rate e of the security parameter; the database provider negotiates a security parameter k with n users; trusted third party and n users share screening key K in advance A1A2...AnC (ii) a Database provider and n users each register an Identity (ID) secretly with a trusted third party over a secure channel B ,ID A1 ,ID A2 ,...,ID An ) (ii) a Database provider preparation of GHZ states of n +2 particles
Figure GDA0003704776660000146
Notably, when the number n of users is even, Charlie needs AUTH qubits particles at even positions owned by Charlie to randomly perform unitary operation { U } 0 ,U 2 }; on the contrary, Charlie does nothing. The implementation steps of multiple users are exactly the same as those of two users specifically set forth in the present invention.
According to the multi-user quantum privacy query method with authentication, under the condition that a plurality of users cooperatively work and simultaneously retrieve the same database information, the safety of the existing multi-user quantum privacy query is enhanced by adding an identity authentication mechanism, so that the multi-user quantum privacy query method not only has the same level of database privacy and user privacy, but also can defend against external impersonation attack and man-in-the-middle attack.
It should be noted that, as one of ordinary skill in the art would understand, all or part of the processes of the above method embodiments may be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, and when executed, the computer program may include the processes of the above method embodiments. The storage medium may be a magnetic disk, an optical disk, a Read-0nly Memory (ROM), a Random Access Memory (RAM), or the like.
The foregoing is directed to embodiments of the present invention and it will be appreciated by those skilled in the art that changes may be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (1)

1. A multi-user quantum privacy query method with authentication mainly comprises security detection among participants, identity authentication among a database and users and careless key agreement for privacy retrieval, and is characterized by comprising the following steps:
s1: initializing the system, negotiating error rate e, security parameter K and screening key K among participants A1A2C Database provider generates an initial query key K B The database providers and users register identity IDs with trusted third parties;
s101: negotiating an error rate e by a database provider, a plurality of users and a trusted third party;
s102: determining a security parameter k and an encoding rule by a database provider and a plurality of users;
s103: a database provider randomly generates a 0,1 string with kN bits as an initial query key;
s104: a group of quaternary screening keys with kN bits are negotiated by a plurality of users and a trusted third party;
s105: a database provider and a plurality of users respectively register identity IDs with a trusted third party, wherein the identity IDs are N bits long;
s2: the database provider prepares an initial multi-particle GHZ entangled state and distributes corresponding particles to each user and a trusted third party;
step S2 specifically includes: the database provider prepares (2k +1) N multi-particle initial GHZ states, distributes corresponding particles to each user and a credible third party, reserves the first particle and distributes subsequent particles to a plurality of users and credible third parties one by one; the database provider, a plurality of users and a trusted third party safely share (2k +1) N multi-particle initial GHZ states, if particles are lost, the database provider retransmits the particles, wherein k represents a pre-negotiated security parameter, and N represents the number of database entries;
s3: dividing (2k +1) N multi-particle GHZ states prepared by a database provider into CHEACK, AUTH and QUERY three kinds of qubits by a trusted third party according to the owned identity ID; the identity ID owned by the trusted third party includes: identity IDs registered by a database provider to a trusted third party and identity IDs registered by all users to the trusted third party;
step S3 specifically includes: the trusted third party selects a subset V ═ V · from a set of positions M ═ {1,2, 3., (2k +1) N } 1 ,v 2 ,...,v N Is then xored according to the identity ID owned in the location subset V
Figure FDA0003680594600000011
Operation to obtain an XOR result S ID (ii) a Finally according to S ID Dividing the initial GHZ state into three kinds of qubits of CHEACK, AUTH and QUERY according to the calculation result to obtain state division information; the trusted third party publishes the state division information to the data provider and all users;
the position set is: each four-particle GHZ state prepared by Bob corresponds to the positionOne position in the set of positions M, (2k +1) N positions constitute the set of positions M ═ {1,2, 3., (2k +1) N }; the identity ID per bit and each location v of its Bob, Alice1 and Alice2 i N corresponds to 1,2,. and N one to one;
according to S ID The calculation result divides the initial GHZ state into three kinds of qubits of CHEACK, AUTH and QUERY, and the obtained state division information specifically comprises the following steps: if S ID When 0, the corresponding position set is recorded as
Figure FDA0003680594600000021
And the qubits corresponding to the position set is used for security detection, and the qubits of the position set is divided into CHECKqubits; if S is ID Not equal to 0, recording the position set as
Figure FDA0003680594600000022
And the qubits corresponding to the position set is used for identity authentication, and the qubits of the position set is divided into AUTHqubits, wherein P, Q belongs to V; for the remaining M-V locations, the qubits are used for inadvertent key agreement, dividing the qubits of the location set into QUERY qubits;
s4: all participants use CHECKqubits to carry out security detection, whether the multiple-particle GHZ state is safely shared is verified, if all the participants successfully carry out the security detection verification, the step S5 is executed, otherwise, the step S1 is returned;
step S4 specifically includes: all participants use CHECKqubits to carry out security detection, and all participants randomly select a measurement basis X { | X respectively for each CHECK particle + >,|x - >Y { | Y { } + >,|y - >Measuring CHECK particles and publishing corresponding measurement results; all participants respectively compare the measurement results published by other participants, count the correct number r of GHZ states for the detection particles with the even number of measurement bases Y according to the entanglement verification mechanism of the GHZ states, and calculate the error rate
Figure FDA0003680594600000023
Where N represents the number of entries in the database, if the error rate is higher than the negotiated error rate between the participantse, if the safety detection is unsuccessful, returning to execute the step S1; if the error rate is lower than the negotiated error rate e between the participants, the security check verification is successful, step S5 is performed, wherein
Figure FDA0003680594600000031
S5: the method comprises the steps that a database provider and a plurality of users carry out identity information coding on AUTH qubits at even number positions owned by the database provider and the users, and a trusted third party carries out authentication on identities of all participants according to an entanglement exchange technology and verifies the legality of the identities of other participants; if the identity authentication of all the participants is successful, executing the step S6, otherwise returning to the step S1;
the trusted third party authenticates the identities of all participants according to an entanglement exchange technology to verify the validity of the identities of the participants, wherein all the participants comprise a database provider and a plurality of users, and the main sub-process of the database provider and the plurality of users for realizing identity authentication comprises the following steps:
s501: the method comprises the steps that a database provider and a plurality of users encode identity information of related particles of AUTH qubits;
s502: by adopting an entanglement exchange technology, a database provider and a plurality of users respectively carry out Bell measurement on own particles;
s503: publishing the measurement results by a database provider and a plurality of users;
s504: the credible third party verifies the correlation of all the measurement results according to the entanglement swapping technology so as to verify the validity of the identities of other participants, if the identity verification of all the other participants is legal, the authentication is successful, otherwise the authentication is unsuccessful;
s6: the database provider and a plurality of users use QUERyubits to carry out the careless key agreement with the help of a trusted third party to obtain the careless key: the database provider will query the key K B QUERY qukeys coded to even positions he owns, multiple users passing through pre-shared screening key K with the help of trusted third party A1A2C Inferring an inadvertent key;
the oblivious key agreement specifically includes the following procedures:
s601: the database provider will generate the initial query key K B Encoding onto the corresponding particles by a negotiated unitary operation;
s602: the quantum system carries out entanglement exchange, and a database provider carries out Bell measurement on owned particles and publishes the measurement result; screening key K only pair by multiple users and trusted third parties using Bell measurements A1A2C Measuring the particles at the position corresponding to the position 1, and publishing a measurement result by a trusted third party;
s603: a secret query position exists among a plurality of users, the secret query position is limited to secret query data of the users, and the plurality of users inform the query result of the users according to the secret query position;
s604: a plurality of users deduce a certain probability of the careless inquiry key according to the owned information;
s7: the database provider and a plurality of users perform key post-processing and complete privacy query;
step S7 specifically includes: the database provider and a plurality of users process the negotiated oblivious key in a 'bitwise addition' mode, so that the length of the oblivious key is the same as that of a data entry included in the database, and a final key is obtained; the database provider knows all the final keys, and each user knows only part of the bits of the final keys; suppose that each user knows only the jth bit of the final key and that each user wants to query the ith bit data x of the final key from the database i The query method comprises the following steps: the multiple users send the s to the database provider, the database provider shifts the owned final key for s according to the received data s, and then encrypts the database and sends the encrypted final key to each user; each user decrypts using the j-th bit of the final key known to him to obtain the data desired to be purchased.
CN202110280014.3A 2021-03-16 2021-03-16 Multi-user quantum privacy query method with authentication Active CN113114456B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110280014.3A CN113114456B (en) 2021-03-16 2021-03-16 Multi-user quantum privacy query method with authentication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110280014.3A CN113114456B (en) 2021-03-16 2021-03-16 Multi-user quantum privacy query method with authentication

Publications (2)

Publication Number Publication Date
CN113114456A CN113114456A (en) 2021-07-13
CN113114456B true CN113114456B (en) 2022-08-05

Family

ID=76711516

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110280014.3A Active CN113114456B (en) 2021-03-16 2021-03-16 Multi-user quantum privacy query method with authentication

Country Status (1)

Country Link
CN (1) CN113114456B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114640449A (en) * 2022-03-29 2022-06-17 重庆邮电大学 Multi-user high-dimensional quantum privacy block query method
CN115510071B (en) * 2022-10-27 2023-06-02 杭州煋辰数智科技有限公司 Dynamic indexing method for quick combined inquiry of big data

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107992632A (en) * 2017-12-28 2018-05-04 江苏亨通问天量子信息研究院有限公司 Quantum communications secret querying method and system
CN109995528A (en) * 2019-04-25 2019-07-09 成都信息工程大学 Bidirectional identity authentication and half quantum safety direct communication method for resisting channel noise
AU2020100264A4 (en) * 2020-02-03 2020-03-26 Chengdu University Of Information Technology A practical one-way quantum private query method
CN111291413A (en) * 2020-02-19 2020-06-16 重庆邮电大学 Joint noise resistant semi-quantum multi-user privacy query method
CN111431712A (en) * 2020-03-26 2020-07-17 浙江工商大学 Multi-user quantum private query method

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8126830B2 (en) * 2007-07-03 2012-02-28 Seth Lloyd Method for ensuring privacy while querying a database by using quantum superposition and multiple responses
CN107070651B (en) * 2017-04-01 2020-04-07 成都信息工程大学 Device-independent quantum privacy query method based on EPR pair
CN110932792B (en) * 2020-02-03 2020-05-12 成都信息工程大学 Bell state-based two-way communication quantum database privacy query method

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107992632A (en) * 2017-12-28 2018-05-04 江苏亨通问天量子信息研究院有限公司 Quantum communications secret querying method and system
CN109995528A (en) * 2019-04-25 2019-07-09 成都信息工程大学 Bidirectional identity authentication and half quantum safety direct communication method for resisting channel noise
AU2020100264A4 (en) * 2020-02-03 2020-03-26 Chengdu University Of Information Technology A practical one-way quantum private query method
CN110929294A (en) * 2020-02-03 2020-03-27 成都信息工程大学 One-way transmission quantum database privacy query method
CN111291413A (en) * 2020-02-19 2020-06-16 重庆邮电大学 Joint noise resistant semi-quantum multi-user privacy query method
CN111431712A (en) * 2020-03-26 2020-07-17 浙江工商大学 Multi-user quantum private query method

Non-Patent Citations (6)

* Cited by examiner, † Cited by third party
Title
"Multi-user quantum private query";Hao Yang;《QUANTUM INF PROCESS》;20200720;全文 *
"Quantum private query based on Bell state and single photons";Gao Xiang, Chang Yan;《International Journal of Theoretical Physic》;20180422;全文 *
Binbin Cai ; Gongde Guo."Multipartite Quantum Key Agreement Over Collective Noise Channels".《IEEE Photonics Journal》.2018, *
一种可实用的量子保密查询方案;徐鹏翱等;《信息安全研究》;20200205(第02期);全文 *
多用户量子密钥分配方案及协议设计;刘晓慧等;《西安电子科技大学学报》;20120523(第05期);全文 *
多用户量子通信网络中的交换技术探讨;田红印等;《信息通信》;20161015(第10期);全文 *

Also Published As

Publication number Publication date
CN113114456A (en) 2021-07-13

Similar Documents

Publication Publication Date Title
CN107124268B (en) Privacy set intersection calculation method capable of resisting malicious attacks
Zhang et al. A hierarchical group key agreement protocol using orientable attributes for cloud computing
US20140068765A1 (en) Method and apparatus for authenticating user in multiparty quantum communications
CN108809644B (en) Disorder high-capacity multiparty quantum key negotiation method based on high-energy level bell state
WO2021000329A1 (en) Multi-party quantum key agreement method, computer terminal and storage device
CN113114456B (en) Multi-user quantum privacy query method with authentication
CN109347626B (en) Safety identity authentication method with anti-tracking characteristic
CN116132042B (en) Quantum technology-based network security data encryption method and system
CN108092770A (en) Quanta identity authentication method, computer, computer program, readable storage medium storing program for executing
CN109995528A (en) Bidirectional identity authentication and half quantum safety direct communication method for resisting channel noise
Cui et al. Chaotic map-based authentication scheme using physical unclonable function for internet of autonomous vehicle
Barman et al. A novel secure key-exchange protocol using biometrics of the sender and receiver
Tiwari et al. ACDAS: Authenticated controlled data access and sharing scheme for cloud storage
Falmari et al. Privacy preserving cloud based secure digital locker using Paillier based difference function and chaos based cryptosystem
Hossain et al. ICAS: Two-factor identity-concealed authentication scheme for remote-servers
Kwon et al. Efficient verifier-based password-authenticated key exchange in the three-party setting
Azahari et al. Quantum identity authentication for non-entanglement multiparty communication: A review, state of art and future directions
Tsai et al. Multi‐document threshold signcryption scheme
Yang et al. Cryptanalysis and improvement of a controlled quantum secure direct communication with authentication protocol based on five-particle cluster state
Sarkar et al. A multi-instance cancelable fingerprint biometric based secure session key agreement protocol employing elliptic curve cryptography and a double hash function
Savitha et al. A unique secure multimodal biometrics-based user anonymous authenticated key management protocol (SMUAAKAP) based on block chain mechanism for generic HIoTNs
WO2022135399A1 (en) Identity authentication method, authentication access controller, request device, storage medium, program, and program product
Jiang et al. PRUB: a privacy protection friend recommendation system based on user behavior
Song et al. Quantum confidentiality query protocol based on bell state identity
AbdulWahab et al. Proposed new quantum cryptography system using quantum description techniques for generated curves

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20240401

Address after: Room 801, 85 Kefeng Road, Huangpu District, Guangzhou City, Guangdong Province

Patentee after: Guangzhou Dayu Chuangfu Technology Co.,Ltd.

Country or region after: China

Address before: 400065 Chongwen Road, Nanshan Street, Nanan District, Chongqing

Patentee before: CHONGQING University OF POSTS AND TELECOMMUNICATIONS

Country or region before: China