CN113259102B - Efficient key negotiation method and system based on Fourier transform - Google Patents

Efficient key negotiation method and system based on Fourier transform Download PDF

Info

Publication number
CN113259102B
CN113259102B CN202110658587.5A CN202110658587A CN113259102B CN 113259102 B CN113259102 B CN 113259102B CN 202110658587 A CN202110658587 A CN 202110658587A CN 113259102 B CN113259102 B CN 113259102B
Authority
CN
China
Prior art keywords
quantum
particles
key
user
full
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110658587.5A
Other languages
Chinese (zh)
Other versions
CN113259102A (en
Inventor
闫丽丽
刘冬梅
张仕斌
昌燕
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu University of Information Technology
Original Assignee
Chengdu University of Information Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu University of Information Technology filed Critical Chengdu University of Information Technology
Priority to CN202110658587.5A priority Critical patent/CN113259102B/en
Publication of CN113259102A publication Critical patent/CN113259102A/en
Application granted granted Critical
Publication of CN113259102B publication Critical patent/CN113259102B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • G06F17/10Complex mathematical operations
    • G06F17/14Fourier, Walsh or analogous domain transformations, e.g. Laplace, Hilbert, Karhunen-Loeve, transforms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography

Abstract

The invention provides a high-efficiency key agreement method and a system based on Fourier transform, the method realizes the key agreement between two users Alice and Bob based on high-dimensional quantum, wherein Alice is a full quantum node and has complete quantum function, and Bob is a half quantum node; and Bob randomly and directly reflects the particles sent by Alice back to the sending end or returns after performing unitary operation, meanwhile, the sequence of the returned particles is disordered through delay technology displacement, Alice performs related operation after receiving the disordered particles, and finally key agreement is completed. The method has high communication efficiency, can resist most attacks, has strong safety and is easy to realize.

Description

Efficient key negotiation method and system based on Fourier transform
Technical Field
The invention belongs to the technical field of key agreement, and particularly relates to a Fourier transform-based efficient key agreement method and system.
Background
Key management is an extremely important field of research in cryptography, where key establishment mainly studies how to generate session keys securely and efficiently between transport entities. According to different generation modes of session keys, key establishment methods can be divided into two types: key distribution and key agreement. The problems to be solved by key distribution and key agreement are quite different, especially in group user communication, the objectives of the two types of schemes are different. In the key distribution scheme, a key is generated by a certain key distributor (a participant or a third party) and is sent to other participants through a secure channel secret; in the key agreement scheme, the key is generated by the mutual agreement of the participants, fairness is an important characteristic of the key agreement scheme, and emphasizes that the generated key is obtained by the mutual agreement of the parties participating in execution, and any party cannot predict or decide the value of the key before the key agreement is finished. The key agreement scheme is an important research direction in cryptosystem, is widely applied to information security fields such as military affairs, national defense, finance, engineering and social public facilities, and is the basis for realizing secret communication. SSL (Secure Sockets Layer) Protocol, Remote Desktop Protocol (RDP), and the like, which are currently widely used, operate based on a key agreement Protocol.
In recent years, research on quantum key agreement is increasing because key agreement has important application value. Existing quantum key agreement schemes fall into two categories: a full quantum key agreement scheme and a half quantum key agreement scheme. In the full quantum key agreement scheme, all participants are required to have complete quantum functions, such as a unitary operator, a multi-particle entangled state generation device and measurement device, a delay measurement and quantum storage device, and the like, to implement quantum communication. However, due to the high cost of current quantum devices, ordinary users cannot afford such expensive quantum devices. Therefore, this type of scheme is not suitable for practical application requirements.
In the scheme of the semi-quantum key agreement, in order to reduce the application cost of quantum communication, only part of nodes are required to have a strong quantum function, and other nodes only need to have basic quantum capacity, so that a quantum communication network can be used to realize the safe transmission of quantum levels. Therefore, strong quantum nodes in the semi-quantum scheme can be provided by special service providers, and ordinary users only need to configure basic quantum equipment to use the quantum network. For example, the document with the application number of 2019104472790 of the proprietary invention also proposes a method and a system for negotiating a two-party quantum key based on the Bell state, where the method is also based on a half quantum, but it requires a half quantum user to configure a quantum memory to complete key negotiation, and cannot realize user negotiation without a memory, and thus the application range is limited and the communication efficiency is low. Besides, the current scheme for negotiating the half-quantum key is based on two-dimensional quantum state, that is, the quantum state is formed by a great circle
Figure DEST_PATH_IMAGE002AA
Figure DEST_PATH_IMAGE004AA
The key agreement can be realized by preparing an entangled state, and the scheme is based onThe method is realized in a multi-particle entangled state, the communication efficiency is low, the safety is low, the information quantity which can be represented by one particle in a transmitted particle sequence is only 2, and an attacker guesses that the probability of the particle state is 1/2, namely, the attacker has half of the probability to obtain transmitted quantum information; some existing key agreement schemes need to prepare a multi-particle entangled state when quantum key agreement is realized, but the multi-particle entangled state is difficult to prepare and is unstable.
Disclosure of Invention
One of the objectives of the present invention is to provide an efficient key agreement method based on fourier transform, which can improve the communication efficiency of key agreement.
In order to achieve the purpose, the technical scheme of the invention is as follows: a Fourier transform-based efficient key agreement method comprises the following steps:
respectively randomly generating a first sub-secret key and a second sub-secret key by a full quantum user and a half quantum user;
the full-quantum user generates a plurality of multi-dimensional single particles in different states, randomly arranges the multi-dimensional single particles to generate a quantum sequence and then releases the quantum sequence;
after receiving the quantum sequence, the half quantum user randomly selects to execute reflection or unitary operation, and returns the disordered sequence of particles to the full quantum user;
the full quantum user receives the particles returned by the half quantum user and issues the first sub-secret key;
the half quantum user issues the correct order of the particles returned to the full quantum user and the operation executed on the particles, and the full quantum user rearranges the particles returned by the half quantum user according to the correct order issued by the half quantum user;
the full-quantum user selects a corresponding base to measure the returned particles after rearrangement according to the initial state of the plurality of single particles prepared by the full-quantum user, and then performs eavesdropping detection according to the measurement result;
and if no eavesdropper is detected, informing the half-quantum user to discard the particles for eavesdropping detection, discarding the detection particles and the second sub-key at the corresponding position by the half-quantum user to obtain a third sub-key, and calculating a negotiation key by the half-quantum user and the full-quantum user.
Further, the full quantum user generates 4n d-dimensional single particles, wherein n is a positive integer, d is a positive integer, and the d-dimensional single particles contain d information quantities; wherein the state of 2n particles is
Figure DEST_PATH_IMAGE006AAAA
The state of the other 2n particles is
Figure DEST_PATH_IMAGE008AAAA
And j is an unknown number representing the state of the particle.
Further, the step of randomly selecting and executing a reflection or unitary operation, and returning the particles to the full quantum user after disordering the sequence specifically includes:
when the reflection operation is randomly selected to be executed, the half quantum user directly returns the particles to the full quantum user;
when the unitary operation is randomly selected to be executed, the half quantum user executes the unitary operation according to the second sub-secret key and then returns the particles to the full quantum user; and when returning to the full quantum user, the half quantum user sends the full quantum user by disordering the particle sequence through a delay line.
Further, when the half-quantum user receives the quantum sequence selection execution unitary operation and returns the quantum sequence selection execution unitary operation to the full-quantum user, if the received particle state is
Figure 100002_DEST_PATH_IMAGE010A
After unitary operation, become
Figure DEST_PATH_IMAGE012AA
And returns to the full quantum user,
Figure 100002_DEST_PATH_IMAGE014A
for the b-th element in the half quantum user key,
Figure 100002_DEST_PATH_IMAGE016A
n is a positive integer,
Figure 100002_DEST_PATH_IMAGE018A
is a diedAdding;
if the received particle state is
Figure DEST_PATH_IMAGE020AA
And after unitary operation, the state of the particles is unchanged and is returned to the full quantum user.
Further, the step of performing eavesdropping detection according to the measurement result specifically includes:
if the state of the particles when the full quantum user is initially generated is different from the particle measurement state returned by the half quantum user, an eavesdropper exists, and key negotiation is finished;
otherwise, no eavesdropper exists, and key negotiation is continued.
Further, the half-quantum user and the full-quantum user obtain a negotiation key according to the first sub-key and the third sub-key by bit calculation.
Another object of the present invention is to provide an efficient key agreement system based on fourier transform, which can implement key agreement without complete quantum functions of the participating parties.
In order to achieve the purpose, the technical scheme of the invention is as follows: a Fourier transform-based efficient key agreement system comprises a full quantum user and a half quantum user; the full quantum user comprises a first sub-key generation module, an initial particle module, a rearrangement module, an eavesdropping detection module and a first negotiation key module;
the half-quantum user comprises a second sub-key generation module, an execution operation module and a second key negotiation module; wherein the content of the first and second substances,
the first sub-key generation module is used for randomly generating a first sub-key;
the second sub-key generation module is used for randomly generating a second sub-key;
the initial particle module is used for generating a plurality of d-dimensional single particles in different states, randomly arranging the single particles to generate quantum sequences and then issuing the quantum sequences;
the execution operation module is connected with the initial particle module and used for randomly selecting execution reflection or unitary operation to return to the full quantum user after the half quantum user receives the quantum sequence;
the rearrangement module is connected with the execution operation module and the first sub-key generation module, and is configured to, when the full-quantum user receives the particles returned by the half-quantum user, control the first sub-key generation module to issue the first sub-key, at the same time, the execution operation module issues the correct order of the particles returned to the full-quantum user and the operation to be performed on the particles, and the rearrangement module rearranges the particles returned by the half-quantum user according to the correct order issued by the execution operation module;
the interception detection module is connected with the initial particle module and the rearrangement module, and is used for selecting corresponding bases according to the states of the generated single particles to measure the particles returned by the half-quantum user and carrying out interception detection according to the measurement result;
the second negotiation key module is connected with the eavesdropping detection module and the second subkey generation module, and is used for informing the half-quantum user to discard particles for eavesdropping detection when eavesdropping does not exist by the eavesdropping detection module, the half-quantum user discards detection particles and the second subkey at the corresponding position to obtain a third subkey, and the half-quantum user performs bitwise calculation on the first subkey and the third subkey to obtain a negotiation key;
and the first negotiation key module is connected with the eavesdropping detection module and is used for obtaining a third subkey according to the measurement result and the initial generation state of the corresponding particles, and the full quantum user calculates the first subkey and the third subkey according to bits to obtain a negotiation key.
Further, 4n single particles are generated in the initial particle module, wherein the state of 2n particles is
Figure DEST_PATH_IMAGE006AAAAA
The state of the other 2n particles is
Figure DEST_PATH_IMAGE008AAAAA
Further, the execution operation module further includes a delay line for disturbing the order of the particles when the half quantum user returns the particles to the full quantum user.
Further, the eavesdropping detection module judges whether an eavesdropper exists by detecting whether the state of the particles generated by the initial particle module is the same as the particle measurement state returned by the execution operation module.
Compared with the prior art, the invention has the following advantages:
(1) in the prior art, most participants need to be configured with complete quantum equipment to participate in key agreement, the quantum equipment is very expensive and limits the application of a quantum communication network.
(2) When the quantum key agreement is realized by the conventional key agreement scheme, the quantum key agreement is basically realized based on a two-dimensional quantum state, and the two-dimensional quantum state has low communication efficiency and poor safety compared with a high-dimensional quantum state; the invention is realized based on the high-dimensional quantum state, improves the quantum communication efficiency and enhances the safety of the scheme.
(3) When the conventional key agreement scheme is used for realizing quantum key agreement, a multi-particle entangled state needs to be prepared, but the multi-particle entangled state is difficult to prepare and is unstable; the invention can realize key agreement only by preparing single particles.
(4) The scheme can resist typical attacks of external and internal attackers, such as interception-retransmission attack, measurement retransmission attack, entanglement measurement attack and Trojan horse attack, and is high in safety.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below. It is obvious that the drawings in the following description are some embodiments of the invention, and that for a person skilled in the art, other drawings can be derived from them without inventive exercise.
FIG. 1 is a block diagram of an efficient key agreement system based on Fourier transform according to the present invention;
fig. 2 is a flowchart of an efficient key agreement method based on fourier transform according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention. It is to be understood that the embodiments described are only a few embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The examples are given for the purpose of better illustration of the invention, but the invention is not limited to the examples. Therefore, those skilled in the art should make insubstantial modifications and adaptations to the embodiments of the present invention in light of the above teachings and remain within the scope of the invention.
Note that, in the present embodiment, the subscript of the representative formula is used only to distinguish different users without specific meaning, unless otherwise specified.
Example 1
The embodiment discloses an efficient key agreement system based on fourier transform, the structure diagram of which refers to fig. 1, the system includes a full quantum user 1 and a half quantum user 2; the full quantum user 1 comprises a first subkey generation module 11, an initial particle module 12, a rearrangement module 13, an eavesdropping detection module 14 and a first negotiation key module 15;
the half-quantum user comprises a second sub-key generation module 21, an execution operation module 22 and a second key negotiation module 23; wherein the content of the first and second substances,
the first sub-key generation module 11 is configured to randomly generate a first sub-key;
the second sub-key generation module 21 is configured to randomly generate a second sub-key;
the initial particle module 12 is used for generating a plurality of single particles, randomly arranging the single particles to generate a quantum sequence and then issuing the quantum sequence; in the present embodiment, 4n single particles are generated in the initial particle module 12, where the state of 2n particles is
Figure DEST_PATH_IMAGE006AAAAAA
The state of the other 2n particles is
Figure DEST_PATH_IMAGE008AAAAAA
The execution operation module 22 is connected with the initial particle module 12 and is used for randomly selecting to execute reflection or unitary operation to return to the full quantum user 1 after the half quantum user 2 receives the quantum sequence; the operation execution module 22 in this embodiment further includes a delay line, which is used to disorder the order of the particles when the half quantum user returns the particles to the full quantum user.
The rearrangement module 13 is connected with the execution operation module 22 and the first sub-key generation module 11, and is configured to, when the full-quantum user receives the particles returned by the half-quantum user, control the first sub-key generation module to issue the first sub-key, execute the correct sequence of the particles issued by the operation module and returned to the full-quantum user by the operation module, and perform the operation on the particles, and rearrange the particles returned by the half-quantum user according to the correct sequence issued by the operation module;
the eavesdropping detection module 14 is connected with the initial particle module 12 and the rearrangement module 13, is used for selecting corresponding bases according to the states of the generated single particles to measure particles returned by a half-quantum user, and is used for carrying out eavesdropping detection according to a measurement result, the eavesdropping detection module 14 judges whether an eavesdropper exists or not by detecting whether the states of the particles generated by the initial particle module are the same as the measurement states of the particles returned by the execution operation module, and if the different particles are not in the same time state, the eavesdropper does not exist; otherwise, it exists.
The second negotiation key module 23 is connected with the eavesdropping detection module 14 and the second sub-key 21 generation module, and is used for informing the half-quantum user that the particles for eavesdropping detection are lost when the eavesdropping detection module eavesdrops, the half-quantum user 2 loses the detection particles and the second sub-key at the corresponding position to obtain a third sub-key, and the half-quantum user 2 performs bitwise calculation to obtain a negotiation key;
and the first negotiation key module 15 is connected with the eavesdropping detection module 14 and is used for obtaining a third sub-key according to the measurement result and the initial generation state of the corresponding particle, and the full quantum user 1 performs bitwise calculation to obtain a negotiation key.
Example 2
Based on the system in embodiment 1, this embodiment provides an efficient key agreement method based on fourier transform, and a flowchart of steps of the method may refer to fig. 2, which specifically includes the steps of:
s1: respectively randomly generating a first sub-secret key and a second sub-secret key by a full quantum user and a half quantum user;
the method in the embodiment is based on realizing key agreement between two users, wherein a full quantum user (Alice) is a full quantum node and has a complete quantum function, and a half quantum user (Bob) is a half quantum node;
in this step, Alice and Bob randomly generate respective sub-keys for generating a final key: first sub-key
Figure 100002_DEST_PATH_IMAGE022A
And a second subkey
Figure 100002_DEST_PATH_IMAGE024A
Wherein
Figure 100002_DEST_PATH_IMAGE026A
Representing respectively Alice and Bob keys
Figure DEST_PATH_IMAGE028AAAAAAAAA
And
Figure DEST_PATH_IMAGE030AAAAAA
the a-th and b-th elements of (a),
Figure 100002_DEST_PATH_IMAGE032A
Figure 100002_DEST_PATH_IMAGE034A
n is a positive integer, d is a positive integer, can be selected according to needs, and can meet the requirements of practical application when d is 8 generally;
s2: generating a plurality of single particles by a full-quantum user, randomly arranging the single particles to generate a quantum sequence, and then issuing the quantum sequence;
in this step, Alice prepares 4n single particles respectively, wherein the state of 2n particles is
Figure DEST_PATH_IMAGE006AAAAAAA
The state of the other 2n particles is
Figure DEST_PATH_IMAGE008AAAAAAA
Figure DEST_PATH_IMAGE036AA
Figure DEST_PATH_IMAGE038A
Figure DEST_PATH_IMAGE040AA
Figure DEST_PATH_IMAGE042A
I is an intermediate parameter in a Fourier transform formula and is an imaginary unit; then, Alice randomly arranges the 4n single particles to generate a quantum sequence SA, and finally sends the SA to Bob.
S3: the half quantum user receives the quantum sequence, and randomly selects to execute reflection or unitary operation and returns the reflection or unitary operation to the full quantum user;
in this step, after Bob receives the quantum sequence, he randomly chooses to perform a reflection or unitary operation: if the reflection operation is selected, the particles (quanta) are directly returned to Alice; if unitary operation is selected, Bob bases on its subkey
Figure DEST_PATH_IMAGE044A
Performing a unitary operation on the received quanta (a)
Figure DEST_PATH_IMAGE046A
) Operation, which is then sent back to Alice, depending on the nature of the unitary operation
Figure DEST_PATH_IMAGE048A
Figure DEST_PATH_IMAGE050A
Modulo d plus, if the received quantum state is
Figure DEST_PATH_IMAGE052A
Quantum state change to after unitary operation
Figure DEST_PATH_IMAGE012AAA
(ii) a If the received quantum state is
Figure DEST_PATH_IMAGE040AAA
The quantum state is unchanged after unitary operation.
Preferably, in order to ensure the safety of the quanta in the embodiment, Bob sends the quanta through a delay line, so that the order of returning the quanta is disturbed.
S4: the full quantum user receives the particles returned by the half quantum user and issues a first sub-secret key;
in this step, Alice stores all received quanta and then issues her subkey
Figure DEST_PATH_IMAGE028AAAAAAAAAA
S5: the half-quantum user issues the correct order of the particles returned to the full-quantum user and the operation executed on the particles, and the full-quantum user rearranges the particles returned by the half-quantum user according to the correct order issued by the half-quantum user;
when Alice issues a sub-key
Figure DEST_PATH_IMAGE028AAAAAAAAAAA
Then, Bob issues the correct sequence of the quanta and the operation of the quanta executed by the Bob, and Alice rearranges the sequence of the received quanta to be the same as the sequence of the sent quanta;
s6: the full quantum user selects a corresponding basis according to the states of the generated single particles to measure the particles returned by the half quantum user, and then performs eavesdropping detection according to the measurement result;
in this embodiment, Alice selects the corresponding basis to measure the received quantum according to the state of the prepared quantum.
According to the measurement result and the operation published by Bob, Alice performs eavesdropping detection, and if the initial state generated by the quantum in Alice is
Figure DEST_PATH_IMAGE020AAA
No matter Bob performs reflection or unitary operation, Alice measures the received quantum, and the measurement result is the same as the initial state of the quantum; if the initial state of the quantum is
Figure DEST_PATH_IMAGE054A
And Bob executes reflection operation, Alice measures the received quantum, and the measurement result is the same as the initial state of the quantum, so that the Alice measurement result in the step is different from the initial state of the quantum, which indicates that an eavesdropper exists, the execution is finished, otherwise, the next step is continuously executed.
S7: and informing the half-quantum user to discard the particles for eavesdropping detection after eavesdropping does not exist, discarding the detection particles and the second sub-key at the corresponding position by the half-quantum user to obtain a third sub-key, and calculating a negotiation key by the half-quantum user and the full-quantum user.
When Alice performs the tapping detection in step S6, AlThe ice informs the Bob of losing the quanta for wiretap detection, and the number of the remaining quanta is n; bob discards the detection particles and
Figure DEST_PATH_IMAGE030AAAAAAA
sub-keys of corresponding positions, thereby
Figure DEST_PATH_IMAGE030AAAAAAAA
Key reduced to length n
Figure DEST_PATH_IMAGE056AA
Then, Bob calculates according to bit to obtain the negotiation key
Figure DEST_PATH_IMAGE058A
Meanwhile, Alice measures the result according to the remaining n quanta
Figure DEST_PATH_IMAGE060A
And corresponding quantum initial state, a subkey of Bob of length n can also be obtained
Figure DEST_PATH_IMAGE056AAA
Wherein
Figure DEST_PATH_IMAGE062A
Respectively represent
Figure DEST_PATH_IMAGE030AAAAAAAAA
Figure DEST_PATH_IMAGE064A
According to the a-th element of
Figure DEST_PATH_IMAGE066A
X is the initial state of the quantum prepared by Alice, so Alice can compute the secret key
Figure DEST_PATH_IMAGE068A
To this end, Alice and Bob obtain a key K of length n.
In one embodiment, assume that Alice prepares an initial quantum sequence
Figure DEST_PATH_IMAGE070A
And then sends it to Bob. After Bob receives the operation sequence, the operation sequence is selected to be executed as a reflection operation and a unitary operation
Figure DEST_PATH_IMAGE072A
Reflective, unitary operation
Figure DEST_PATH_IMAGE074A
Wherein
Figure DEST_PATH_IMAGE076A
And
Figure DEST_PATH_IMAGE078A
is a subkey for Bob. After Bob performs an operation on the received particle, the particle becomes
Figure DEST_PATH_IMAGE080A
Then Bob rearranges
Figure DEST_PATH_IMAGE082AAA
The order of each particle in the mixture is obtained to obtain a new quantum sequence
Figure DEST_PATH_IMAGE084A
And sends it back to Alice; alice storage
Figure DEST_PATH_IMAGE086AAAA
Then, publish its subkey
Figure DEST_PATH_IMAGE088A
. Subsequently, Bob publishes
Figure DEST_PATH_IMAGE086AAAAA
The original order of the medium particles is restored by Alice, and the sequence is obtained
Figure DEST_PATH_IMAGE082AAAA
;Alice according to
Figure DEST_PATH_IMAGE082AAAAA
Corresponding to the initial state of quantum preparing, selecting correct base to measure all particles, and obtaining the measurement result
Figure DEST_PATH_IMAGE090A
. And Bob publishes the operation performed by the Bob on each particle again, and Alice selects the first three particles for eavesdropping detection according to the measurement result and the operation published by Bob, namely the measurement result of Alice should be the same as the initial state of the prepared quantum. After eavesdropping detection, if no eavesdropping behavior is found, Alice informs Bob that the fourth particle is used to generate the key. Finally, Alice calculates
Figure DEST_PATH_IMAGE092A
Bob calculation
Figure DEST_PATH_IMAGE094A
Both parties obtain a negotiation key
Figure DEST_PATH_IMAGE096A
In the efficient key agreement method based on fourier transform provided in this embodiment, Alice and Bob use the key
Figure DEST_PATH_IMAGE028AAAAAAAAAAAA
And
Figure DEST_PATH_IMAGE098AAAAAAA
generates a negotiation key K, since
Figure DEST_PATH_IMAGE028AAAAAAAAAAAAA
Is public, so the security of the final key K depends on
Figure DEST_PATH_IMAGE098AAAAAAAA
Security, the ultimate goal of the attacker is also by obtaining the secret key
Figure DEST_PATH_IMAGE098AAAAAAAAA
The obtained final key can resist typical attacks of external and internal attackers, such as interception-retransmission attack, measurement retransmission attack, entanglement measurement attack and Trojan horse attack, meets the fairness of key agreement, and has higher communication efficiency, which is specifically described as follows:
when an attacker Eve launches an intercept-retransmit attack: interception-retransmission attack means that an attacker Eve intercepts a quantum sequence sent by Alice to Bob, then uses a fake sequence to replace the original sequence and sends the sequence to Bob, and then analyzes the behavior of Bob to obtain a secret key
Figure DEST_PATH_IMAGE098AAAAAAAAAA
. In this scheme, Alice is based on two bases
Figure DEST_PATH_IMAGE100A
Preparation of an initial Quantum sequence SA of length 4n, where 2n quanta are located
Figure DEST_PATH_IMAGE102AA
State, 2n quantum in
Figure DEST_PATH_IMAGE104AA
In the invention, after all the received returned quanta are stored in Alice, Bob can publish correct quantum sequence and the operation executed by him, so that the interception-retransmission attack executed by Eve can be found in eavesdropping detection, because Eve does not know the state of each quantum in the sequence SA, she only stores the quanta without measuring after intercepting the SA, and then forges a sequence
Figure DEST_PATH_IMAGE106AA
Sent to Bob when Bob is right
Figure DEST_PATH_IMAGE106AAA
The medium quantum performs the operation and returns toWhen Alice, Eve intercepts the returned quanta again, but because Eve does not know the correct sequence of the returned quanta, useful information can not be obtained from the returned particles, and when Eve returns the particles to Alice, the attack behavior of the particles can be discovered inevitably because the original quantum state is changed, so that the invention can resist interception-retransmission attack.
When an attacker Eve launches a measurement-replay attack: the measurement-retransmission attack means that an attacker Eve intercepts a quantum sequence sent by Alice to Bob, measures the intercepted quantum, prepares a fake sequence to replace the original sequence and sends the fake sequence to Bob, and obtains a secret key by analyzing the behavior of Bob
Figure DEST_PATH_IMAGE098AAAAAAAAAAA
The attack is similar to the result-retransmission attack, and Alice is based on two groups
Figure DEST_PATH_IMAGE108A
Preparation of an initial Quantum sequence SA of length 4n, where 2n quanta are located
Figure DEST_PATH_IMAGE102AAA
State, 2n quantum in
Figure DEST_PATH_IMAGE104AAA
The quanta in the two states are randomly arranged to form a quantum sequence SA, and if Eve intercepts the SA and selects a correct base to execute measurement operation, the attack behavior of the SA cannot be found; if Eve selects the wrong basis for measurement, the probability that the attack behavior is not discovered is
Figure DEST_PATH_IMAGE110A
(ii) a By combining the above two cases, the total probability that such attack behavior of Eve is not discovered is
Figure DEST_PATH_IMAGE112A
. Assuming that there are l eavesdropping quanta, the probability that the attacker's behavior is detected for the measurement-replay attack is
Figure DEST_PATH_IMAGE114A
When l is long enough, the probability is close to 1. Furthermore, even if Eve guesses the measurement basis, Eve cannot obtain any useful information without knowing the correct order, since Bob shuffles the order in which the quantum sequences are returned.
When an attacker Eve launches an entanglement-measurement attack: the entanglement-measurement attack means that Eve intercepts a quantum sequence SA sent by Alice to Bob and then operates through attack
Figure DEST_PATH_IMAGE116A
Quantum of itself
Figure DEST_PATH_IMAGE118A
Entangled with the quantum in SA, and sent to Bob. Finally Eve returns additional quanta in the quantum sequence of Alice by measuring Bob
Figure DEST_PATH_IMAGE120A
Useful information is obtained. In the scheme, it is assumed that Eve respectively executes entanglement attacks on quantum sequences sent by Alice and returned by Alice
Figure DEST_PATH_IMAGE122AA
And
Figure DEST_PATH_IMAGE124A
however, because the quantum sequence of communication between Alice and Bob contains the detection quantum and the position of the detection quantum is unknown, Eve performs entanglement attack on all the quanta. And the quantum sequence is composed of
Figure DEST_PATH_IMAGE126AA
And
Figure DEST_PATH_IMAGE128AA
Figure DEST_PATH_IMAGE130A
) Two types of quanta are present, so the probability of quantum occurrence for each state at the same position in the sequence is 1/2. When Alice is towardsQuantum sequence SA transmitted by Bob, Eve executes it
Figure DEST_PATH_IMAGE122AAA
Operation, quantum states in SA
Figure DEST_PATH_IMAGE126AAA
And
Figure DEST_PATH_IMAGE128AAA
respectively become
Figure DEST_PATH_IMAGE132A
=
Figure DEST_PATH_IMAGE134A
And
Figure DEST_PATH_IMAGE136A
=
Figure DEST_PATH_IMAGE138A
wherein
Figure DEST_PATH_IMAGE140A
For the detected quantum of Eve,
Figure DEST_PATH_IMAGE142A
according to the nature of inverse quantum Fourier transform
Figure DEST_PATH_IMAGE144A
The following can be obtained:
Figure DEST_PATH_IMAGE146A
Figure DEST_PATH_IMAGE148A
Figure DEST_PATH_IMAGE150A
thus, eavesdropping on the sequenceQuantum is detected, the probability that the behavior of Eve is not detected is
Figure DEST_PATH_IMAGE152A
. When the number of detected quanta is l, the probability that the behavior is detected is
Figure DEST_PATH_IMAGE154A
When l is long enough, the probability that the behavior of the attacker is found is close to 1.
When an attacker Eve launches a Trojan horse attack: in the invention, Alice and Bob are in two-way communication, so an attacker Eve can attack secret information of an even by executing a Trojan horse, and in order to avoid the attack, a quantum beam splitter (PNS) and a quantum wavelength filter device can be arranged in front of the Alice device.
Fairness of key agreement: for Alice, before Bob publishes the correct order of the returned quantum sequences and the operations that it does, Alice needs to publish
Figure DEST_PATH_IMAGE028AAAAAAAAAAAAAA
At this time, Alice cannot obtain any information
Figure DEST_PATH_IMAGE098AAAAAAAAAAAA
So that Alice has no way of being able to base on
Figure DEST_PATH_IMAGE098AAAAAAAAAAAAA
To adjust its distribution
Figure DEST_PATH_IMAGE028AAAAAAAAAAAAAAA
I.e., Alice has no way to control the final key value alone.
For Bob, the quantum sequence it returns to Alice
Figure DEST_PATH_IMAGE086AAAAAA
In which its key is included
Figure DEST_PATH_IMAGE030AAAAAAAAAA
And Alice receiving
Figure DEST_PATH_IMAGE086AAAAAAA
Then it will publish
Figure DEST_PATH_IMAGE028AAAAAAAAAAAAAAAA
Therefore, Bob has no way to rely on
Figure DEST_PATH_IMAGE028AAAAAAAAAAAAAAAAA
To adjust its transmission
Figure DEST_PATH_IMAGE030AAAAAAAAAAA
Nor is Bob have a way to control the final key value alone, the present invention satisfies the fairness property of key agreement.
Communication efficiency: the invention adopts two d-dimensional single quantums
Figure DEST_PATH_IMAGE036AAA
Figure DEST_PATH_IMAGE156A
The quantity of information that a quantum can represent is d, while other schemes use two-dimensional quantum morphism
Figure DEST_PATH_IMAGE002AAA
Figure DEST_PATH_IMAGE004AAA
One quantum can represent only 2 amounts of information.
While the present invention has been described with reference to the embodiments shown in the drawings, the present invention is not limited to the embodiments, which are illustrative and not restrictive, and it will be apparent to those skilled in the art that various changes and modifications can be made therein without departing from the spirit and scope of the invention as defined in the appended claims.

Claims (4)

1. A Fourier transform-based efficient key agreement method is characterized by comprising the following steps:
respectively and randomly generating a first sub-secret key and a second sub-secret key by a full quantum user and a half quantum user, wherein the first sub-secret key is
Figure DEST_PATH_IMAGE002
The second sub-key is
Figure DEST_PATH_IMAGE004
Figure DEST_PATH_IMAGE006
Representing full and half quantum user keys, respectively
Figure DEST_PATH_IMAGE008
And
Figure DEST_PATH_IMAGE010
the a-th and b-th elements of (a),
Figure DEST_PATH_IMAGE012
Figure DEST_PATH_IMAGE014
n is a positive integer, d is a positive integer;
the full-quantum user generates a plurality of multi-dimensional single particles in different states, randomly arranges the multi-dimensional single particles to generate a quantum sequence and then releases the quantum sequence;
after receiving the quantum sequence, the half quantum user randomly selects to execute reflection or unitary operation, and returns the disordered sequence of particles to the full quantum user;
the full quantum user receives the particles returned by the half quantum user and issues the first sub-secret key;
the half quantum user issues the correct order of the particles returned to the full quantum user and the operation executed on the particles, and the full quantum user rearranges the particles returned by the half quantum user according to the correct order issued by the half quantum user;
the full-quantum user selects a corresponding base to measure the returned particles after rearrangement according to the initial state of the plurality of single particles prepared by the full-quantum user, and then performs eavesdropping detection according to the measurement result;
if no eavesdropper is detected, the half quantum user is informed to discard particles for eavesdropping detection, and the half quantum user discards detection particles and the second subkey
Figure DEST_PATH_IMAGE010A
The sub-keys at the corresponding positions are reduced to obtain a third sub-key with the length of n, and the third sub-key is
Figure DEST_PATH_IMAGE016
The half-quantum user and the full-quantum user obtain a negotiation key according to the first sub-key and the third sub-key by bit calculation
Figure DEST_PATH_IMAGE018
The full quantum user generates 4n d-dimensional single particles, wherein n is a positive integer, d is a positive integer, the d-dimensional single particles contain d information contents, and the state of 2n particles is
Figure DEST_PATH_IMAGE020
The state of the other 2n particles is
Figure DEST_PATH_IMAGE022
And j represents an unknown number of the number,
Figure DEST_PATH_IMAGE024
Figure DEST_PATH_IMAGE026
Figure DEST_PATH_IMAGE028
Figure DEST_PATH_IMAGE030
i is an intermediate parameter in a Fourier transform formula and is an imaginary unit;
when the reflection operation is randomly selected to be executed, the half quantum user directly returns the particles to the full quantum user;
when the unitary operation is randomly selected to be executed, the half-quantum user executes the unitary operation according to the second sub-secret key and then returns the particles to the full-quantum user, wherein when the particles are returned to the full-quantum user, the half-quantum user breaks up the sequence of the particles and sends the particles to the full-quantum user through a delay line;
when the half-quantum user receives the quantum sequence selection execution unitary operation and returns the quantum sequence selection execution unitary operation to the full-quantum user, if the received particle state is
Figure DEST_PATH_IMAGE032
Figure DEST_PATH_IMAGE034
After unitary operation, become
Figure DEST_PATH_IMAGE036
And returns to the full quantum user,
Figure DEST_PATH_IMAGE037
for the b-th element in the half quantum user key,
Figure DEST_PATH_IMAGE014A
n is a positive integer,
Figure DEST_PATH_IMAGE039
is a diedAdding;
if the received particle state is
Figure DEST_PATH_IMAGE041
The state of the particles is unchanged after unitary operation and is returned to the full quantumAnd (4) a user.
2. The efficient key agreement method based on fourier transform as claimed in claim 1, wherein the step of eavesdropping detection based on the measurement result specifically comprises:
if the state of the particles when the full quantum user is initially generated is different from the particle measurement state returned by the half quantum user, an eavesdropper exists, and key negotiation is finished;
otherwise, no eavesdropper exists, and key negotiation is continued.
3. A high-efficiency key agreement system based on Fourier transform is characterized by comprising full quantum users and half quantum users; the full quantum user comprises a first sub-key generation module, an initial particle module, a rearrangement module, an eavesdropping detection module and a first negotiation key module;
the half-quantum user comprises a second sub-key generation module, an execution operation module and a second key negotiation module; wherein the content of the first and second substances,
the first sub-key generation module is used for randomly generating a first sub-key;
the second sub-key generation module is used for randomly generating a second sub-key;
the first sub-key is
Figure DEST_PATH_IMAGE002A
The second sub-key is
Figure DEST_PATH_IMAGE004A
Figure DEST_PATH_IMAGE006A
Representing full and half quantum user keys, respectively
Figure DEST_PATH_IMAGE008A
And
Figure DEST_PATH_IMAGE010AA
the a-th and b-th elements of (a),
Figure DEST_PATH_IMAGE012A
Figure DEST_PATH_IMAGE014AA
n is a positive integer, d is a positive integer;
the initial particle module is used for generating a plurality of d-dimensional single particles in different states, randomly arranging the single particles to generate quantum sequences and then issuing the quantum sequences;
the initial particle module generates 4n d-dimensional single particles, wherein n is a positive integer, d is a positive integer, the d-dimensional single particles contain d information contents, and the states of 2n particles are
Figure DEST_PATH_IMAGE020A
The state of the other 2n particles is
Figure DEST_PATH_IMAGE022A
And j represents an unknown number of the number,
Figure DEST_PATH_IMAGE024A
Figure DEST_PATH_IMAGE026A
Figure DEST_PATH_IMAGE028A
Figure DEST_PATH_IMAGE030A
i is an intermediate parameter in a Fourier transform formula and is an imaginary unit;
the execution operation module is connected with the initial particle module and used for randomly selecting to execute reflection or unitary operation and returning particles to the full quantum user after the half quantum user receives the quantum sequence;
the execution operation module is used for directly returning the particles to the full-quantum user by the half-quantum user when the reflection operation is randomly selected to be executed;
the execution operation module is used for returning the particles to the full-quantum user after the half-quantum user executes the unitary operation according to the second sub-secret key when the execution operation module randomly selects the unitary operation, wherein the half-quantum user sends the particles to the full-quantum user in a disorderly mode through a delay line when the half-quantum user returns to the full-quantum user;
when the half-quantum user receives the quantum sequence selection execution unitary operation and returns the quantum sequence selection execution unitary operation to the full-quantum user, if the received particle state is
Figure DEST_PATH_IMAGE032A
Figure DEST_PATH_IMAGE034A
After unitary operation, become
Figure DEST_PATH_IMAGE036A
And returns to the full quantum user,
Figure 568936DEST_PATH_IMAGE037
for the b-th element in the half quantum user key,
Figure DEST_PATH_IMAGE014AAA
n is a positive integer,
Figure DEST_PATH_IMAGE039A
is a diedAdding;
if the received particle state is
Figure DEST_PATH_IMAGE041A
After unitary operation, the state of the particles is unchanged and returned to the full quantum user;
the rearrangement module is connected with the execution operation module and the first sub-key generation module, and is configured to, when the full-quantum user receives the particles returned by the half-quantum user, control the first sub-key generation module to issue the first sub-key, at the same time, the execution operation module issues the correct order of the particles returned to the full-quantum user and the operation to be performed on the particles, and the rearrangement module rearranges the particles returned by the half-quantum user according to the correct order issued by the execution operation module;
the interception detection module is connected with the initial particle module and the rearrangement module, and is used for selecting corresponding bases according to the states of the generated single particles to measure the particles returned by the half-quantum user and carrying out interception detection according to the measurement result;
the second negotiation key module is connected with the eavesdropping detection module and the second subkey generation module and is used for informing the half-quantum user to discard the particles for eavesdropping detection when the eavesdropping detection module eavesdropping does not exist, discarding the detection particles by the half-quantum user and discarding the second subkey
Figure DEST_PATH_IMAGE010AAA
The sub-keys at the corresponding positions are reduced to obtain a third sub-key with the length of n, and the third sub-key is
Figure DEST_PATH_IMAGE016A
The half-quantum user bitwise calculates the first sub-key and the third sub-key to obtain a negotiation key
Figure DEST_PATH_IMAGE018A
And the first negotiation key module is connected with the eavesdropping detection module and is used for obtaining a third subkey according to the measurement result and the initial generation state of the corresponding particles, and the full quantum user calculates the first subkey and the third subkey according to bits to obtain a negotiation key.
4. The Fourier-transform-based efficient key agreement system of claim 3, wherein the eavesdropping detection module determines whether an eavesdropper is present by detecting whether the state of particles at the time of the initial particle generation module is the same as the particle measurement state returned by the execution operation module.
CN202110658587.5A 2021-06-15 2021-06-15 Efficient key negotiation method and system based on Fourier transform Active CN113259102B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110658587.5A CN113259102B (en) 2021-06-15 2021-06-15 Efficient key negotiation method and system based on Fourier transform

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110658587.5A CN113259102B (en) 2021-06-15 2021-06-15 Efficient key negotiation method and system based on Fourier transform

Publications (2)

Publication Number Publication Date
CN113259102A CN113259102A (en) 2021-08-13
CN113259102B true CN113259102B (en) 2021-10-08

Family

ID=77187936

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110658587.5A Active CN113259102B (en) 2021-06-15 2021-06-15 Efficient key negotiation method and system based on Fourier transform

Country Status (1)

Country Link
CN (1) CN113259102B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117579274B (en) * 2024-01-15 2024-03-26 北京电子科技学院 Half quantum key distribution method

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108173654A (en) * 2018-03-13 2018-06-15 成都信息工程大学 A kind of two side's cryptographic key negotiation methods and system based on half quantum techniques
CN108599942A (en) * 2018-05-03 2018-09-28 浙江工商大学 Without the half quantum privacy comparative approach of measurement-repeating transmission tangled
CN108881215A (en) * 2018-06-13 2018-11-23 成都信息工程大学 The half Quantum Secure Direct Communication agreement based on Bell state

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8855316B2 (en) * 2008-01-25 2014-10-07 Qinetiq Limited Quantum cryptography apparatus
GB201020424D0 (en) * 2010-12-02 2011-01-19 Qinetiq Ltd Quantum key distribution
CN107666356B (en) * 2017-10-18 2019-07-26 浙江工商大学 Requirement classical communication person based on single photon has half quantum dialogue method of measurement capability
CN107517101B (en) * 2017-10-19 2019-06-21 浙江工商大学 Classical communication person is not required to have half quantum dialogue method of measurement capability based on single photon
CN108847934B (en) * 2018-06-27 2020-11-10 重庆邮电大学 Multi-dimensional quantum homomorphic encryption method
CN108809644B (en) * 2018-07-17 2020-11-06 苏州大学 Disorder high-capacity multiparty quantum key negotiation method based on high-energy level bell state
CN110098930B (en) * 2019-05-27 2020-04-07 成都信息工程大学 Bell state-based two-party quantum key negotiation method and system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108173654A (en) * 2018-03-13 2018-06-15 成都信息工程大学 A kind of two side's cryptographic key negotiation methods and system based on half quantum techniques
CN108599942A (en) * 2018-05-03 2018-09-28 浙江工商大学 Without the half quantum privacy comparative approach of measurement-repeating transmission tangled
CN108881215A (en) * 2018-06-13 2018-11-23 成都信息工程大学 The half Quantum Secure Direct Communication agreement based on Bell state

Also Published As

Publication number Publication date
CN113259102A (en) 2021-08-13

Similar Documents

Publication Publication Date Title
Shi et al. Multi-party quantum key agreement with bell states and bell measurements
USRE47841E1 (en) Cryptographic system using pairing with errors
Chen et al. An efficient protocol for the private comparison of equal information based on the triplet entangled state and single-particle measurement
US6941457B1 (en) Establishing a new shared secret key over a broadcast channel for a multicast group based on an old shared secret key
Gupta et al. Design of lattice‐based ElGamal encryption and signature schemes using SIS problem
Krasnova et al. Footprint scheduling for dining-cryptographer networks
CN113259102B (en) Efficient key negotiation method and system based on Fourier transform
Yang et al. Flexible quantum oblivious transfer
Vaudenay Resistance against general iterated attacks
Wu et al. Symmetric-bivariate-polynomial-based lightweight authenticated group key agreement for industrial internet of things
Zhu et al. A one-round quantum mutual authenticated key agreement protocol with semi-honest server using three-particle entangled states
Parenreng et al. The E-mail security system using El-Gamal hybrid algorithm and AES (advanced encryption standard) algorithm
Rupa A secure information framework with ap RQ properties
Tiemann et al. " act natural!": Having a private chat on a public blockchain
Wei et al. Efficient and collusion resistant multi-party private set intersection protocols for large participants and small sets setting
Yang et al. One-round semi-quantum-honest key agreement scheme in MSTSA structure without entanglement
Mosca et al. Quantum key distribution in the classical authenticated key exchange framework
Pietrzak et al. Weak pseudorandom functions in minicrypt
Hegde et al. A Comparative study on state of art Cryptographic key distribution with quantum networks
Zhu et al. An Authenticated Quantum Dialog Protocol with Three-Particle Entangled States Using Subset of Intersection Method
Mohamed et al. New trends in cryptography: Quantum, blockchain, lightweight, chaotic, and dna cryptography
Ishibashi et al. Compact Password Authenticated Key Exchange from Group Actions
al-Mahmood et al. Exploring the Efficacy of Lightweight Encryption Techniques: A Comprehensive Review
Akleylek et al. A modified algorithm for peer-to-peer security
Anisimov et al. Authentication for Coalition Groups

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant