CN114448636A - Quantum-resistant computing digital currency system based on digital certificate and anonymous communication method - Google Patents
Quantum-resistant computing digital currency system based on digital certificate and anonymous communication method Download PDFInfo
- Publication number
- CN114448636A CN114448636A CN202011106947.2A CN202011106947A CN114448636A CN 114448636 A CN114448636 A CN 114448636A CN 202011106947 A CN202011106947 A CN 202011106947A CN 114448636 A CN114448636 A CN 114448636A
- Authority
- CN
- China
- Prior art keywords
- key
- user side
- digital
- certificate
- digital currency
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004891 communication Methods 0.000 title claims abstract description 74
- 238000000034 method Methods 0.000 title claims abstract description 41
- 230000008569 process Effects 0.000 claims abstract description 12
- 238000004364 calculation method Methods 0.000 claims abstract description 5
- 238000012795 verification Methods 0.000 claims description 25
- 230000007246 mechanism Effects 0.000 abstract description 3
- GPUADMRJQVPIAS-QCVDVZFFSA-M cerivastatin sodium Chemical compound [Na+].COCC1=C(C(C)C)N=C(C(C)C)C(\C=C\[C@@H](O)C[C@@H](O)CC([O-])=O)=C1C1=CC=C(F)C=C1 GPUADMRJQVPIAS-QCVDVZFFSA-M 0.000 description 10
- 230000003993 interaction Effects 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000008520 organization Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 108010000445 Glycerate dehydrogenase Proteins 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 108010029645 galactitol 2-dehydrogenase Proteins 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0421—Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
- H04L9/0858—Details about key distillation or coding, e.g. reconciliation, error correction, privacy amplification, polarisation coding or phase coding
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0872—Generation of secret information including derivation or calculation of cryptographic keys or passwords using geo-location information, e.g. location data, time, relative position or proximity to other entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Power Engineering (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention provides a digital certificate-based quantum computation resistant digital currency system and an anonymous communication method, wherein a third party authority is additionally arranged in the digital currency system, the third party authority respectively issues an ID, a public and private key, a digital certificate and a root certificate for a commercial bank digital currency system and a user side thereof, wherein the ID issued for the user side is the anonymous identity of the user side; the unique symmetric key calculation method is designed in the invention, so that the symmetric keys in mutual communication can be calculated among a third party authority, a user side and a commercial bank digital currency system according to the ID and the public and private keys, and the quantum computing resistance of the transmitted information, the digital certificate and the signature is realized in the identity authentication process of the digital currency system. On the other hand, the invention designs a mechanism for changing the anonymous ID of the user side, can hide the real identity of the user side and solves the safety problem caused by the leakage of the real identity.
Description
Technical Field
The invention relates to the field of identity authentication, in particular to a quantum computing resistant digital currency system based on a digital certificate and an anonymous communication method.
Background
The core elements of the digital currency D-RMB system of the Chinese people's bank are a currency, two types of banks and three centers. One currency, D-RMB (DC/EP), abbreviated as D currency, refers in particular to a series of encrypted digital strings representing a specific amount signed by the central row. Two types of libraries: respectively an issuing bank and a banking bank (central bank digital currency database, commercial bank digital currency database) of the D-RMB. The digital currency is expressed as digital currency fund at the central row in the issuing bank; the digital currency is presented in the bank vault as digital cash in stock by the commercial bank. Three centers: the first is a registration center (recording the whole processes of currency generation, circulation, counting, checking and death); the other two are the certification centers, namely the CA certification center (Based on the PKI system, centralized management of the certificates of institutions and users, such as CFCA) and the IBC certification center (i.e., Based on the established certification-Based cryptography) of Identity-Based cryptography. Two tables can be designed in the registration center, one is a digital currency ownership registration table for recording the attribution of digital currency, and the other is a transaction flow meter.
The D-RMB system is a hierarchical system, namely a central bank and each commercial bank are built together, the digital currency system of the central bank is a computer system which is operated and maintained by the central bank or a designated organization of the central bank and is used for processing information about digital currency, and the main functions of the system comprise that the system is responsible for issuing, verifying and monitoring the digital currency; the commercial bank digital currency system is a computer system operated and maintained by a commercial bank or a commercial bank designated organization for processing information on digital currency, performs various currency-related functions of the existing bank, namely, banking functions, and mainly comprises functions of directly facing the society after applying for digital currency from a central bank, thereby meeting various requirements for providing digital currency circulation services.
The existing D-RMB system adopts an identity authentication technology based on a digital certificate, and the main principle is as follows: the user applies for a digital certificate from an authority to prove that the user and the public key of the user have a binding relationship; the server installs a root certificate of the same authority for verifying other service certificates issued by the authority. The server performs identity authentication on the user identity by the following steps: a user adopts a hash function to operate a plaintext to be sent to generate an abstract, and then encrypts the abstract by using a private key of the user to obtain a digital signature; the user sends the plaintext, the digital signature and the digital certificate requested by the user from the authority to the server. And after the server receives the information sent by the user, the digital certificate of the user is verified by using the root certificate, after the verification is passed, the digital signature of the user is verified by using the public key of the user in the digital certificate, if the verification is passed, the identity authentication is successful, otherwise, the authentication is unsuccessful.
However, in the existing identity authentication system based on the digital certificate, the data interaction among the user terminal, the server and the authority can not realize the quantum computation resistant secure communication.
In order to enable an identity authentication system based on a digital certificate to have an anti-quantum computation function, a patent CN109861813A proposes an anti-quantum computation HTTPS communication method and system based on an asymmetric key pool, and specifically discloses a communication method, in which participants of the method include a server, a certificate authority and a client, the client is configured with a key fob, and the asymmetric key pool is stored in the key fob; the quantum computation resistant HTTPS communication method comprises the following steps: the method comprises the steps that a server side obtains a digital certificate issued by a certificate authority center and sends the digital certificate to a client side, and the digital certificate is recorded with a public key pointer random number of the server; the client side obtains a root digital certificate which is issued by a certificate authority center and matched with the digital certificate, verifies the digital certificate sent by the server according to the root digital certificate, and obtains a server public key in the asymmetric key pool according to a server public key pointer random number recorded in the verified digital certificate; encrypting the randomly generated shared secret key by using a server public key, and sending an encryption result to the server to perform secret key negotiation; and carrying out HTTPS communication with the server by using the shared secret key.
Although the solution proposed by the patent CN109861813A can implement quantum computing resistant communication after identity authentication, in the technical solution proposed by the patent CN109861813A, the client needs to configure a quantum key card storing public keys of all members, which has a high requirement on the storage capacity of the client. Compared with the prior art, the whole identity authentication process is modified, so that the internal structure of the traditional CA mechanism needs to be modified, and the cost is too high.
Based on the above analysis, the prior art of digital currency communication systems has the following drawbacks:
1. the existing CA and the identity authentication system based on the digital certificate can not resist quantum computation;
2. in the existing quantum computing-resistant identity authentication system based on quantum secret communication, the cost is too high for users, and the symmetric key management is complex;
3. in the existing anti-quantum computing identity authentication system based on the asymmetric key pool, public keys of all members need to be generated into the asymmetric key pool and then stored into each key fob, so that the storage cost and the operation workload of the key fob of a client are increased;
4. in the existing anti-quantum computing identity authentication system based on the asymmetric key pool, the overall process and data structure of the traditional CA and the identity authentication system based on the digital certificate are changed, so that the cost for switching the CA and a user application system to an anti-quantum computing scheme is overhigh.
Disclosure of Invention
The purpose of the invention is as follows: in order to overcome the defects, the invention provides a digital certificate-based anti-quantum computing digital currency system and an anonymous communication method, which can realize anti-quantum computing and secret communication in the identity authentication process between a commercial bank digital currency system and a user side thereof in a digital currency system.
The invention content is as follows: in order to achieve the aim, the invention provides a quantum computation resistant digital currency system anonymous communication method based on a digital certificate, which comprises the following steps:
(1) adding a third party authority in the digital currency system, wherein the third party authority issues a digital certificate and a root certificate for the digital currency system of the commercial bank and the user side thereof respectively, and issues an ID and a public and private key for the third party authority, the digital currency system of the commercial bank and the user side thereof respectively, wherein the ID issued for the user side is the anonymous identity of the user side; the method for generating the public and private key of the certain object X by the third party authority comprises the following steps: the third party authority firstly generates a system public and private key for X, then calculates the ID of X by using a hash function to obtain the public key of X, and then calculates by using the public key of X and the system private key of X to obtain the private key of X;
(2) the user side registers the corresponding relation between the real identity information and the real-time ID in a corresponding commercial bank digital currency system in advance;
(3) before identity authentication, a user generates a request message for applying for a new ID, signs the request message by using a private key of a self-side digital certificate, calculates a symmetric key between the user and a third-side authority by using the private key of the user and a public key of the third-side authority, encrypts the self-side digital certificate and the signature by using the symmetric key, and then sends the encrypted self-side digital certificate and the signature together with the request message I to the third-side authority;
(4) the third party authority firstly calculates to obtain a system private key of the user side, then calculates by using the system private key of the user side and a public key of the third party authority, and then calculates a symmetric key between the third party authority and the user side by using a calculation result and the public key of the user side; after the received information is decrypted by using the symmetric key, the digital certificate and the signature of the user side are verified, a new ID, a new system public and private key and a new public and private key are generated according to the request of the user side after the information is passed, an intermediate key is calculated by using a system private key of a digital money system of a commercial bank and a new public key of the user side, the intermediate key, the new ID and the new private key are signed by using a root certificate private key, and finally the intermediate key, the new ID, the new private key and the signature are encrypted by using the symmetric key and then are sent to the user side;
(5) the user side decrypts the feedback information from the third party authority, verifies the signature by using the root certificate, stores the intermediate key, the new ID and the new private key after verification, and uses the new ID as the anonymous identity;
(6) the user side calculates a symmetric key between the user side and the digital currency system of the commercial bank by using the intermediate key and the public key of the digital currency system of the commercial bank, the digital currency system of the commercial bank calculates a symmetric key between the user side and the digital currency system of the commercial bank by using the private key of the user side and the public key of the client side, and then the user side and the client side perform identity authentication based on the calculated symmetric key.
Several alternatives are provided below, but not as an additional limitation to the above general solution, but merely as a further addition or preference, each alternative being combinable individually for the above general solution or among several alternatives without technical or logical contradictions.
Optionally, the identity authentication process is as follows:
the user side generates an identity authentication request message, signs the identity authentication request message and a new ID by using a digital certificate private key, encrypts the digital certificate and the signature by using a symmetric key of a commercial bank digital currency system, and finally sends the encrypted data, the identity authentication request message and the new ID to the commercial bank digital currency system;
after the commercial bank digital currency system decrypts the received message by using the symmetric key, the root certificate is used for verifying the validity of the digital certificate of the user side, and if the root certificate is valid, the signature is verified by the public key of the digital certificate of the user side; after the verification is passed, the commercial bank digital currency system generates a first random number; encrypting the first random number by using a public key of a digital certificate of a user side, then signing by using a private key of a digital certificate of the user side, and finally jointly encrypting the encrypted first random number, the signature and the digital certificate of the user side by using a symmetric key and then sending the encrypted first random number, the signature and the digital certificate of the user side to the user side;
the user side decrypts the received data, the root certificate is used for verifying the validity of the digital certificate of the digital currency system of the commercial bank, if the root certificate is valid, the public key of the digital certificate of the digital currency system of the commercial bank is used for verifying the signature of the digital certificate, and after the verification is passed, the private key of the digital certificate of the user side is used for decrypting a first random number and storing the first random number;
the user side generates a second random number, encrypts the first random number, the second random number and the old ID by using a digital certificate public key of the commercial bank digital currency system, signs the encrypted data and the old ID by using a digital certificate private key of the user side, encrypts the encrypted data and the signature again by using a symmetric key, and then sends the encrypted data and the signature together with the old ID to the commercial bank digital currency system;
and after the commercial bank digital currency system decrypts the received information, comparing whether the received second random number is consistent with the second random number sent by the commercial bank digital currency system, and if so, updating the ID in the user side registration information to be the new ID of the user side.
Optionally, in the process of communicating between the user side and the third party authority and the digital currency system of the commercial bank, the encryption method used when the symmetric key is used to encrypt data is as follows:
the sender calculates a symmetric key of the two parties communication, then generates a time stamp for the communication, calculates a communication key of the communication by using the symmetric key and the time stamp, encrypts a digital certificate and a signature by using the communication key, and sends the encrypted data and the time stamp to the receiver;
and after receiving the information sent by the sender, the receiver calculates the symmetric key, calculates the communication key of the communication according to the timestamp carried in the received information, and obtains the digital certificate and the signature of the sender through decryption of the communication key.
Optionally, the method for calculating the communication key of the current communication by using the symmetric key and the timestamp includes: and calculating a message authentication code for the timestamp by using the symmetric key, wherein the calculated message authentication code is the communication key.
Optionally, in the process of communicating between the user side and the third party authority and the digital currency system of the commercial bank, when the two communication parties send information each time, the message authentication code is further calculated to ensure the integrity of the communication message.
Optionally, after the user side and the digital currency system of the commercial bank complete identity authentication, the two sides establish a session, and calculate a session key of the session in the current round by using the first and second random numbers in the same manner, and perform communication based on the session key.
Optionally, the root certificate includes a version number, a serial number, a validity period of the certificate, and a certificate public key and a root certificate signature of the CA; the digital certificate of the user side comprises a certificate public key and the real identity of the user side; the digital certificate of the commercial bank digital currency system includes a certificate public key.
The invention also provides a digital certificate-based anti-quantum computing digital currency system, which comprises a user side, a commercial bank digital currency system, a central bank digital currency system and a third party authority; the commercial bank digital currency system and the central bank digital currency system are communicated through a pre-established quantum communication link, and the user side, the commercial bank digital currency system and the third party authority complete identity authentication according to the digital certificate-based digital currency system identity authentication method.
Furthermore, the user side, the commercial bank digital currency system and the third party authority are all provided with anti-quantum computing devices, the anti-quantum computing devices of the third party authority are used for storing all system private keys, own public and private keys and root certificates, the anti-quantum computing devices of the user side are used for storing the own public and private keys, system public keys, digital certificates and root certificates of the user side, and the anti-quantum computing devices of the commercial bank digital currency system are used for storing the public and private keys, the system public keys, the digital certificates and the root certificates of the commercial bank digital currency system.
Further, the quantum computation resistant device comprises a key fob, a mobile terminal, a cipher machine and a gateway.
Has the advantages that: compared with the prior art, the invention has the following beneficial effects:
1. the digital currency communication system based on the digital certificate can realize quantum computation resistance;
2. the method does not need to generate the public keys of all members into asymmetric key pools and store the asymmetric key pools into the key fobs, and the storage cost and the operation workload of the key fobs at the client side are low;
3. the whole process and the data structure of the traditional CA and the identity authentication system based on the digital certificate are not changed, so that the cost for switching the CA and the digital currency communication system to the anti-quantum computation scheme is not high;
4. the key issuing server based on the ID cryptography has different system public and private keys for different users, and even if the system public key of a certain user is lost to cause the system private key to be cracked by a quantum computer, the system public and private keys of CA and other users cannot be endangered.
5. The KMS issues an anonymous identity for the user, and the user uses the frequently updated anonymous identity to communicate with a commercial bank digital currency system, so that the communication is safer.
6. The communication mode of this patent has satisfied the requirement to security and cost under two kinds of different situations, promptly: for the communication between the central bank and the commercial bank with extremely high confidentiality requirement and relatively small influence range of scheme change, quantum secret communication with higher cost and higher safety is adopted, so that the communication with higher safety degree is realized; for the communication between the commercial bank and the user, which has not extremely high confidentiality requirement and relatively large scheme change influence range, the anti-quantum computing communication based on the digital certificate is adopted, so that the communication with higher safety and cost is realized. Therefore, the patent improves the existing digital currency communication system into a quantum computation resistant digital currency communication system, and considers the cost of system improvement.
Drawings
Fig. 1 is a basic configuration diagram of an example of a central bank digital currency operation in an embodiment of the present invention.
FIG. 2 is a flow chart of the steps involved in the authentication of the identity between the commercial bank digital currency system and the user in an embodiment of the present invention.
Detailed Description
The invention will be further described with reference to the accompanying drawings and specific embodiments. It is to be understood that the present invention may be embodied in various forms, and that there is no intention to limit the invention to the specific embodiments illustrated, but on the contrary, the intention is to cover some exemplary and non-limiting embodiments shown in the attached drawings and described below.
It is to be understood that the features listed above for the different embodiments may be combined with each other to form further embodiments within the scope of the invention, where technically feasible. Furthermore, the particular examples and embodiments of the invention described are non-limiting, and various modifications may be made in the structure, steps, and sequence set forth above without departing from the scope of the invention.
As shown in fig. 1, the basic structure of a digital currency system mainly includes a central bank digital currency system, a commercial bank digital currency system (in practice, multiple commercial bank digital currency systems), a user, and a system for authenticating the central bank and the commercial bank, where the central bank performs identity authentication and secure communication with each commercial bank, and each commercial bank performs identity authentication and secure communication with each user. The central bank digital currency system issues digital currency and registers the ownership of the digital currency; the commercial bank digital currency system performs banking functions for digital currency; the user is the main body for using the digital currency; the authentication system provides authentication for interaction between the commercial bank digital currency system and terminal devices used by users of the digital currency, and authentication for interaction between the central bank digital currency system and the commercial bank digital currency system.
A digital certificate-based anti-quantum computing identity authentication system is adopted between a commercial bank digital currency system and a user, and comprises a user A, a commercial bank digital currency system B corresponding to the user A and a certificate authority CA as shown in figure 2.
CA with quantum resistant computing device TCA,TCAIn which a key management server KMS based on ID cryptography is deployed. KMS issues quantum resistant computing device T for user A and commercial bank digital currency system BA、TB. The quantum resistant computing device can be a key fob, a mobile terminal, a cipher machine, a gateway and the like, can be in mainboard interface communication, near field wireless communication, controllable intranet communication and the like with a CA or each user side respectively, and can ensure that information cannot be stolen by a quantum computer in a communication range. For example, the quantum resistant computing device may be a key fob,the key fob plugs into the host motherboard of the CA mechanism. Alternatively, the quantum computing device may be a mobile terminal, in NFC communication with another quantum computing device that is also a mobile terminal. For another example, the quantum resistant computing device is a cryptographic engine or gateway that performs secure intranet communication with a user host in the same lan.
When the KMS issues a public and private key for a certain member, firstly, a set of system parameters based on ID (identity) keying is required to be established, and the steps are as follows:
(1)G1,G2is a group of GDHs (Diffie-Hellman group) of order q, q being a large prime number, G1Is an addition cycle group consisting of points on an elliptic curve, P is a group G1A generator of (2); g2Is a multiplication loop group; bilinear mapping e: g1×G1→G2。
(2) Randomly fetch SKMS∈Zp *As system private key of CA, SKMSComputing a system public key PK of a CA in a quantum computing deviceMS=SKMS*P,PKMSQuantum resistant computing device T stored in CACA. The KMS has different system public and private keys for different users, and for user A, the KMS generates a unique code as the anonymous identity ID of AAFor the current anonymous identity, the system private key of A is SKMSA=MAC(IDA,SKMS) (MAC (m, k) is the computation of a message authentication code for message m using key k), the system public key of A is PKMSA=SKMSAP; for commercial Bank digital Currency System B, the KMS will generate a unique code as the IDBThe system private key of B is SKMSB=MAC(IDB,SKMS) The system public key of B is PKMSB=SKMSBP; all system private keys are stored in the corresponding quantum resistant computing device, PKMSAIs stored in TAIn, PKMSBIs stored in TBIn (1).
(3) Selecting a hash function H1:{0,1}*→G1,H2:G2→{0,1}*。
(4) The system parameters are { q, G1,G2,e,n,P,H1,H2}。
When the KMS issues a public and private key for CA, a unique code is generated as an IDCACall hash function H1Computing public key PKCA=H1(IDCA) Then according to the public key PKCAComputing the private Key SKCA=SKMS*PKCAWill IDCA、PKCA、SKCACA-stored quantum resistant computing device TCA。TCAIn which a CA root certificate CERT is storedCA,CERTCAIncluding the version number, serial number, validity period of the certificate and the certificate public key PK of the CACERTCAAnd a certificate signature, and a certificate private key SKCERTCAThen it is kept secret by the CA (i.e. not associated with the ID)CA、PKCA、SKCAStored in the same memory device), e.g. in a quantum-resistant computing device TCAOr in a key fob connected to a quantum computing device. The certificate public key and the certificate signature can be based on various asymmetric cryptographic algorithms such as RSA, ECC, discrete logarithm, ID cryptography and the like.
When the KMS issues a public and private key for the user A, a Hash function H is called1Computing public key PKA=H1(IDA) Then according to the public key PKAComputing the private Key SKA=SKMSA*PKAThe ID of A and the public and private key, namely IDA、PKA、SKAA-stored quantum resistant computing device TA。TAAlso stored therein is a KMS-issued CA root certificate CERTCACertificate CERT of A and AAWherein CERTCAComprising a certificate public key PKCERTCA,CERTAComprising a certificate public key PKCERTAAnd A's true identity, and the certificate private key SKCERTAThen another secret is kept by a, e.g. in an anti-quantum computing device TAOr in a security chip connected to an anti-quantum computing device TAIn the key fob of (1).
When the KMS issues a public and private key for a digital currency system B of a commercial bank, a Hash function H is called1Computing public key PKB=H1(IDB) Then according toPublic key PKBComputing the private Key SKB=SKMSB*PKBThe ID of B and the public and private key, i.e. IDB、PKB、SKBB-stored quantum resistant computing device TB。TBAlso stored therein is a KMS-issued CA root certificate CERTCACertificate CERT of B and BBWherein CERTCAComprising a certificate public key PKCERTCA,CERTBIncluding certificate public key PKCERTBAnd a certificate private key SKCERTBThen the secret is saved by B, e.g. in an anti-quantum computing device TBOr in a security chip connected to a quantum-resistant computing device TBAnd B also holds a correspondence table of the true identity of the corresponding user a and the current anonymous identity.
Based on the above-mentioned key distribution based on ID cryptography, fig. 2 shows the authentication method flow of the digital certificate based quantum computing resistant identity authentication system between the commercial bank digital currency system and the user. The following examples describe the procedure in detail.
Examples
(1) When A needs identity authentication, A applies for updating to CA to generate new anonymous ID
REQ for A1Indicating a request for a new anonymous ID for the generation A, obtaining a time stamp T1Then the ID is addedA、IDCA、T1、IDBAnd REQ1Combined to be MSG1_0I.e. MSG1_0=IDA||IDCA||T1||IDB||REQ1Wherein IDCAID indicating that the message was sent by A to the certificate authority CABIs the ID of the commercial bank digital currency system to which a belongs.
Symmetric key K between A calculation and CAA-CA=e(SKA,PKCA) By KA-CAFor T1Calculating a message authentication code to obtain K1=MAC(T1,KA-CA). Reuse certificate CERTAPublic key PK in (1)CERTAFor MSG1_0Signing to obtain SIG1By K1Encrypting CERTAAnd SIG1To obtain { CERTA||SIG1}K1Will { CERTA||SIG1}K1And MSG1_0Combined to be MSG1_1I.e. MSG1_1=MSG1_0||{CERTA||SIG1}K1. Using K1For MSG1_1Computing a message authentication code to obtain a MAC (MSG)1_1,K1) Then MSG is added1_1And MAC (MSG)1_1,K1) Combined to be MSG1And MSG message1Sent to the CA. In the sent message, the digital certificate and the signature are encrypted by the secret key, so that the digital certificate and the signature can resist quantum computation, and the real identity of the user is hidden.
(2) CA generates a new anonymous ID for A, calculates A's B-based private key and sends A to
The CA receives the message MSG from A1Namely MSG1_1||MAC(MSG1_1,K1) And also MSG1_1=MSG1_0||{CERTA||SIG1}K1,MSG1_0=IDA||IDCA||T1||IDB||REQ1。
KMS in CA calculates system private key SK of AMSA=MAC(IDA,SKMS) Computing SKCAA=SKMSA*PKCA. Then according to PKA=H1(IDA) Obtaining a symmetric key K between CA and ACA-A=e(SKCAA,PKA). From ID cryptography: kA-CA=e(SKA,PKCA)=e(SKMSA*PKA,PKCA)=e(PKA,SKMSA*PKCA)=e(PKA,SKCAA)=e(SKCAA,PKA)=KCA-A。
CA uses KCA-AFor T1Calculating message authentication code to get K'1=MAC(T1,KCA-A). K 'is used first'1For MSG1_1Computing a message authentication code to obtain a MAC (MSG)1_1,K′1) And MAC (MSG)1_1,K1) And comparing and verifying. After verification, K 'is reused'1Decryption { CERTA||SIG1}K1Obtaining CERTAAnd SIG1Using CA root certificate CERTCADetermination of CERTAIf valid, using certificate CERTAPublic key PKCERTAVerification signature SIG1。
After the authentication is passed, the CA generates a new anonymous ID for user AAnew. Computing KMS pair IDAnewSystem private key SKMSAnew=MAC(IDAnew,SKMS) System public key PKMSAnew=SKMSAnewP; computing IDAnewPublic key PKAnew=H1(IDAnew) Private key SKAnew=SKMSAnew*PKAnew. Then calculating the system private key SK of KMS to BMSB=MAC(IDB,SKMS) Calculate the IDAnewWith respect to B private key SK'Anew=SKMSB*PKAnew. CA gets timestamp T2Will IDCA、IDA、T2、IDAnew、SKAnewAnd SK'AnewCombined to be MSG2_0I.e. MSG2_0=IDCA||IDA||T2||IDAnew||SKAnew||SK′Anew. With the private key SK in the CA root certificateCERTCAFor MSG2_0Signing to obtain SIG2By KCA-AFor T2Calculating a message authentication code to obtain K2=MAC(T2,KCA-A) Then with K2For IDAnew||SKAnew||SK′Anew||SIG2Encrypted to obtain { IDAnew||SKAnew||SK′Anew||SIG2}K2It is then compared with IDCA、IDAAnd T2Combined to be MSG2_1I.e. MSG2_1=IDCA||IDA||T2||{IDAnew||SKAnew||SK′Anew||SIG2}K2. Reuse K2For MSG2_1Computing message authentication codesObtain MAC (MSG)2_1,K2) Then MSG is added2_1And MAC (MSG)2_1,K2) Combined to be MSG2Namely MSG2=MSG2_1||MAC(MSG2_1,K2) And MSG message2And sending the signal to A.
(3) A requests B to carry out identity authentication
A receives message MSG2I.e. MSG2_1||MAC(MSG2_1,K2) And also MSG2_1=IDCA||IDA||T2||{IDAnew||SKAnew||SK′Anew||SIG2}K2. Using KA-CAFor T2Calculating message authentication code to get K'2=MAC(T2,KA-CA). K 'is used first'2For MSG2_1Computing a message authentication code to obtain a MAC (MSG)2_1,K′2) And MAC (MSG)2_1,K2) And comparing and verifying. After verification, K 'is reused'2Decryption { IDAnew||SKAnew||SK′Anew||SIG2}K2Get IDAnew||SKAnew||SK′Anew||SIG2. A uses the public key PK in the CA root certificateCERTCAPair signature SIG2Verifying, and after the verification is successful, the ID is addedAnew||SKAnewStored locally and using IDAnewAs a new anonymous ID.
Symmetric key K between A calculation and BA-B=e(SK′Anew,PKB) Taking a time stamp T3By KA-BFor T3Calculating a message authentication code to obtain K3=MAC(T3,KA-B). With REQ3Representing an authentication request of A to B, and an IDAnew、IDB、T3And REQ3Combined to be MSG3_0I.e. MSG3_0=IDAnew||IDB||T3||REQ3. Using certificates CERTASK ofCERTAFor MSG3_0Signing to obtain SIG3Then with K3For CERTAAnd SIG3Encrypted to obtain { CERTA||SIG3}K3And is combined with MSG3_0Combined to be MSG3_1Namely MSG3_1=MSG3_0||{CERTA||SIG3}K3. Using K3For MSG3_1Computing a message authentication code to obtain a MAC (MSG)3_1,K3) Then MSG is added3_1And MAC (MSG)3_1,K3) Combined to be MSG3And MSG message3And sending the data to B.
(4) B carries out identity authentication on A and returns generated random number
B receives message MSG3,MSG3=MSG3_1||MAC(MSG3_1,K3) And also MSG3_1=MSG3_0||{CERTA||SIG3}K3And MSG3_0=IDAnew||IDB||T3||REQ3. First B is according to PKAnew=H1(IDAnew) Obtaining a symmetric key K between B and AB-A=e(SKB,PKAnew). From ID cryptography: kA-B=e(SK′Anew,PKB)=e(SKMSB*PKAnew,PKB)=e(PKAnew,SKMSB*PKB)=e(PKAnew,SKB)=e(SKB,PKAnew)=KB-A. B uses KB-AFor T3Calculating message authentication code to get K'3=MAC(T3,KB-A). From K'3For MSG3_1Computing a message authentication code to obtain a MAC (MSG)3_1,K′3) And MAC (MSG)3_1,K3) And comparing and verifying. After verification is passed, K 'is used'3Decryption { CERTA||SIG3}K3Obtaining CERTA||SIG3. Using CA root certificate CERTCADetermination of CERTAIf valid, using certificate CERTAPublic key PKCERTAVerification signature SIG3。
After the verification is passed, B acquires a time stamp T4Using KB-AFor T4Calculating a message authentication code to obtain K4=MAC(T4,KB-A). B generating a random number NBUsing PKCERTAEncrypting NBAnd IDBTo obtain { NB||IDB}PKCERTAAnd with IDB、IDAAnd T4Combined to be MSG4_0Namely MSG4_0=IDB||IDA||T4||{NB||IDB}PKCERTA. Using certificates CERTBSK ofCERTBFor MSG4_0Signing to obtain SIG4By K4For { NB||IDB}PKCERTA||CERTB||SIG4Encryption is carried out to obtain { { NB||IDB}PKCERTA||CERTB||SIG4}K4Then with IDB、IDAAnd T4Combined to be MSG4_1Namely MSG4_1=IDB||IDA||T4||{{NB||IDB}PKCERTA||CERTB||SIG4}K4. Using K4For MSG4_1Computing a message authentication code to obtain a MAC (MSG)4_1,K4) Then MSG is added4_1And MAC (MSG)4_1,K4) Combined to be MSG4And MSG message4And sending the signal to A.
(5) A authenticates B and returns generated random number
A receives message MSG4I.e. MSG4_1||MAC(MSG4_1,K4) And also MSG4_1=IDB||IDA||T4||{{NB||IDB}PKCERTA||CERTB||SIG4}K4. Using KA-BFor T4Calculating message authentication code to get K'4=MAC(T4,KA-B). From K'4For MSG4_1Computing a message authentication code to obtain a MAC (MSG)4_1,K′4) And MAC (MSG)4_1,K4) And comparing and verifying. After verification is passed, K 'is used'4Decryption { { NB||IDB}PKCERTA||CERTB||SIG4}K4To obtain { NB||IDB}PKCERTA||CERTB||SIG4. A uses CA root certificate CERTCADetermination of CERTBIf valid, using certificate CERTBPublic key PKCERTBVerification signature SIG4. After passing the verification, using certificate CERTAPrivate key SKCERTADecryption { NB||IDB}PKCERTATo obtain NB||IDBIs a reaction of NBStored locally.
A acquiring a timestamp T5Using KA-BFor T5Calculating a message authentication code to obtain K5=MAC(T5,KA-B). A generating a random number NAUsing PKCERTBEncrypting NA、NBAnd IDATo obtain { NA||NB||IDA}PKCERTBAnd with IDA、IDBAnd T5Combined to be MSG5_0Namely MSG5_0=IDA||IDB||T5||{NA||NB||IDA}PKCERTB. Using certificates CERTASK ofCERTAFor MSG5_0Signing to obtain SIG5By K5For { NA||NB||IDA}PKCERTB||SIG5Encryption is carried out to obtain { { NA||NB||IDA}PKCERTB||SIG5}K5Then with IDA、IDBAnd T5 in combination are called MSG5_1Namely MSG5_1=IDA||IDB||T5||{{NA||NB||IDA}PKCERTB||SIG5}K5. Using K5For MSG5_1Computing a message authentication code to obtain a MAC (MSG)5_1,K5) Then MSG is added5_1And MAC (MSG)5_1,K5) Combined to be MSG5And MSG message5And sending the data to B.
(6) B, calculating to obtain a session key and updating a corresponding table of the real identity and the current anonymous identity of A
B receives message MSG5I.e. MSG5_1||MAC(MSG5_1,K5) And also MSG5_1=IDA||IDB||T5||{{NA||NB||IDA}PKCERTB||SIG5}K5. Using KB-AFor T5Calculating message authentication code to get K'5=MAC(T5,KB-A). From K'5For MSG5_1Computing a message authentication code to obtain a MAC (MSG)5_1,K′5) And MAC (MSG)5_1,K5) And comparing and verifying. After verification is passed, K 'is used'5Decryption { { NA||NB||IDA}PKCERTB||SIG5}K5To obtain { NA||NB||IDA}PKCERTB||SIG5. PK for BCERTAVerification signature SIG5After verification, the certificate private key SK is usedCERTBDecryption { NA||NB||IDA}PKCERTBTo obtain NA||NB||IDA。
B verifies the received NBAnd local NBWhether they are consistent or not, and if so, using N for BAAnd NBAnd calculating to obtain the session key. And updating a corresponding table of the real identity of the A and the current anonymous identity which is stored locally, namely updating the anonymous identity corresponding to the A by the IDAIs updated to IDAnew. Get timestamp T6, use KB-ACalculating the message authentication code for T6 to obtain K6=MAC(T6,KB-A). Use of PKCERTAEncrypting NATo obtain { NA}PKCERTAAnd with IDB、IDAAnd T6Combined to be MSG6_0Namely MSG6_0=IDB||IDA||T6||{NA}PKCERTA. Using SKCERTBFor MSG6_0Signing to obtain SIG6By K6For { NA}PKCERTA||SIG6Encryption is carried out to obtain { { NA}PKCERTA||SIG6}K6Then with IDB、IDAAnd T6Combined to be MSG6_1Namely MSG6_1=IDB||IDA||T6||{{NA}PKCERTA||SIG6}K6. Using K6For MSG6_1Computing a message authentication code to obtain a MAC (MSG)6_1,K6) Then MSG is added6_1And MAC (MSG)6_1,K6) Combined to be MSG6And then MSG6And sending the signal to A.
(7) A, calculating to obtain a session key
A receives message MSG6I.e. MSG6_1||MAC(MSG6_1,K6) And also MSG6_1=IDB||IDA||T6||{{NA}PKCERTA||SIG6}K6. Using KA-BFor T6Calculating message authentication code to get K'6=MAC(T6,KA-B). From K'6For MSG6_1Computing a message authentication code to obtain a MAC (MSG)6_1,K′6) And MAC (MSG)6_1,K6) And comparing and verifying. After verification is passed, K 'is used'6Decryption { { NA}PKCERTA||SIG6}K6To obtain { NA}PKCERTA||SIG6. PK for ACERTBVerification signature SIG6After verification, the certificate private key SK is usedCERTADecryption { NA}PKCERTATo obtain NA。
A verifies received NAAnd local NAWhether they are consistent. After the verification is passed, use NAAnd NBAnd calculating to obtain the session key.
The central bank digital currency system and the commercial bank digital currency system perform identity authentication through QKD communication: the central bank digital currency system and the commercial bank digital currency system are respectively provided with a QKD device, and the two devices carry out quantum secret communication through a QKD line and negotiate to obtain a session key.
After the digital money system of the commercial bank and the user have negotiated the session key and the digital money system of the central bank and the digital money system of the commercial bank have also negotiated the session key, the whole digital money system can perform various services, such as payment of digital money, transfer of money, and the like.
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (10)
1. The quantum computing resisting digital currency system anonymous communication method based on the digital certificate is characterized by comprising the following steps of:
(1) adding a third party authority in the digital currency system, wherein the third party authority issues a digital certificate and a root certificate for the digital currency system of the commercial bank and the user side thereof respectively, and issues an ID and a public and private key for the third party authority, the digital currency system of the commercial bank and the user side thereof respectively, wherein the ID issued for the user side is the anonymous identity of the user side; the method for generating the public and private key of the certain object X by the third party authority comprises the following steps: the third party authority firstly generates a system public and private key for X, then calculates the ID of X by using a hash function to obtain the public key of X, and then calculates by using the public key of X and the system private key of X to obtain the private key of X;
(2) the user side registers the corresponding relation between the real identity information and the real-time ID in a corresponding commercial bank digital currency system in advance;
(3) before identity authentication, a user generates a request message for applying for a new ID, signs the request message by using a private key of a self-side digital certificate, calculates a symmetric key between the user and a third-side authority by using the private key of the user and a public key of the third-side authority, encrypts the self-side digital certificate and the signature by using the symmetric key, and then sends the encrypted self-side digital certificate and the signature together with the request message I to the third-side authority;
(4) the third party authority firstly calculates to obtain a system private key of the user side, then calculates by using the system private key of the user side and a public key of the third party authority, and then calculates a symmetric key between the third party authority and the user side by using a calculation result and the public key of the user side; after the received information is decrypted by using the symmetric key, the digital certificate and the signature of the user side are verified, a new ID, a new system public and private key and a new public and private key are generated according to the request of the user side after the information is passed, an intermediate key is calculated by using a system private key of a digital money system of a commercial bank and a new public key of the user side, the intermediate key, the new ID and the new private key are signed by using a root certificate private key, and finally the intermediate key, the new ID, the new private key and the signature are encrypted by using the symmetric key and then are sent to the user side;
(5) the user side decrypts the feedback information from the third party authority, verifies the signature by using the root certificate, stores the intermediate key, the new ID and the new private key after verification, and uses the new ID as the anonymous identity;
(6) the user side calculates a symmetric key between the user side and the digital currency system of the commercial bank by using the intermediate key and the public key of the digital currency system of the commercial bank, the digital currency system of the commercial bank calculates a symmetric key between the user side and the digital currency system of the commercial bank by using the private key of the user side and the public key of the client side, and then the user side and the client side perform identity authentication based on the calculated symmetric key.
2. The anonymous communication method of the quantum computing resistant digital currency system based on the digital certificate as set forth in claim 1, wherein the authentication process is as follows:
the user side generates an identity authentication request message, signs the identity authentication request message and a new ID by using a digital certificate private key, encrypts the digital certificate and the signature by using a symmetric key of a commercial bank digital currency system, and finally sends the encrypted data, the identity authentication request message and the new ID to the commercial bank digital currency system;
after the commercial bank digital currency system decrypts the received message by using the symmetric key, the root certificate is used for verifying the validity of the digital certificate of the user side, and if the root certificate is valid, the signature is verified by the public key of the digital certificate of the user side; after the verification is passed, the commercial bank digital currency system generates a first random number; encrypting the first random number by using a public key of a digital certificate of a user side, then signing by using a private key of a digital certificate of the user side, and finally jointly encrypting the encrypted first random number, the signature and the digital certificate of the user side by using a symmetric key and then sending the encrypted first random number, the signature and the digital certificate of the user side to the user side;
the user side decrypts the received data, the root certificate is used for verifying the validity of the digital certificate of the digital currency system of the commercial bank, if the root certificate is valid, the public key of the digital certificate of the digital currency system of the commercial bank is used for verifying the signature of the digital certificate, and after the verification is passed, the private key of the digital certificate of the user side is used for decrypting a first random number and storing the first random number;
the user side generates a second random number, encrypts the first random number, the second random number and the old ID by using a digital certificate public key of the commercial bank digital currency system, signs the encrypted data and the old ID by using a digital certificate private key of the user side, encrypts the encrypted data and the signature again by using a symmetric key, and then sends the encrypted data and the signature together with the old ID to the commercial bank digital currency system;
and after the commercial bank digital currency system decrypts the received information, comparing whether the received second random number is consistent with the second random number sent by the commercial bank digital currency system, and if so, updating the ID in the user side registration information to be the new ID of the user side.
3. The anonymous communication method of the quantum computing resistant digital currency system based on the digital certificate as set forth in claim 2, wherein in the process of communicating the user side with the third party authority and the commercial bank digital currency system, the encryption method adopted when encrypting data by using the symmetric key is as follows:
the sender calculates a symmetric key of the two parties communication, then generates a time stamp for the communication, calculates a communication key of the communication by using the symmetric key and the time stamp, encrypts a digital certificate and a signature by using the communication key, and sends the encrypted data and the time stamp to the receiver;
and after receiving the information sent by the sender, the receiver calculates the symmetric key, calculates the communication key of the communication according to the timestamp carried in the received information, and obtains the digital certificate and the signature of the sender through decryption of the communication key.
4. The anonymous communication method of quantum computing resistant digital currency system based on digital certificates, according to claim 3, wherein the communication key method for computing the current communication by using the symmetric key and the timestamp is: and calculating a message authentication code for the timestamp by using the symmetric key, wherein the calculated message authentication code is the communication key.
5. The anonymous communication method of the quantum computing resistant digital currency system based on the digital certificate as claimed in claim 1, wherein in the process of the user side communicating with the third party authority and the commercial bank digital currency system, the message authentication code is further calculated to ensure the integrity of the communication message each time the two communication parties send the message.
6. The anonymous communication method of quantum computing resistant digital currency system based on digital certificate as claimed in claim 1, wherein after the user end and the digital currency system of commercial bank finish the identity authentication, both parties establish a session, and calculate the session key of the session in the same way by using the first and second random numbers and communicate based on the session key.
7. The anonymous communication method of quantum computing resistant digital currency system based on digital certificates according to claim 1, wherein the root certificate comprises version number of certificate, serial number, validity period of certificate and certificate public key and certificate signature of CA; the digital certificate of the user side comprises a certificate public key and the real identity of the user side; the digital certificate of the commercial bank digital currency system includes a certificate public key.
8. The quantum computation resistant digital currency system based on the digital certificate is characterized by comprising a user side, a commercial bank digital currency system, a central bank digital currency system and a third party authority; the commercial bank digital currency system and the central bank digital currency system communicate through a pre-established quantum communication link, and the identity authentication is completed according to the method of any one of claims 1 to 7 between the user side, the commercial bank digital currency system and the third party authority.
9. The digital certificate based quantum computing resistant digital currency system according to claim 8, wherein the user side, the commercial bank digital currency system and the third party authority are configured with quantum computing resistant computing devices, the quantum computing resistant computing device of the third party authority is configured to store all system private keys, own public and private keys and root certificates, the quantum computing resistant computing device of the user side is configured to store the user side's own public and private keys, system public keys, digital certificates and root certificates, and the quantum computing resistant computing device of the commercial bank digital currency system is configured to store the commercial bank digital currency system's public and private keys, system public keys, digital certificates and root certificates.
10. The digital certificate-based quantum computing resistant digital currency system according to claim 9, wherein the quantum computing resistant computing device comprises a key fob, a mobile terminal, a cryptographic engine, a gateway.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011106947.2A CN114448636B (en) | 2020-10-16 | 2020-10-16 | Quantum-resistant computing digital currency system based on digital certificate and anonymous communication method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011106947.2A CN114448636B (en) | 2020-10-16 | 2020-10-16 | Quantum-resistant computing digital currency system based on digital certificate and anonymous communication method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN114448636A true CN114448636A (en) | 2022-05-06 |
CN114448636B CN114448636B (en) | 2024-06-14 |
Family
ID=81358061
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011106947.2A Active CN114448636B (en) | 2020-10-16 | 2020-10-16 | Quantum-resistant computing digital currency system based on digital certificate and anonymous communication method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114448636B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116366436A (en) * | 2023-04-21 | 2023-06-30 | 南京弘竹泰信息技术有限公司 | Method for providing various telecom value-added services based on wide area networking |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120239580A1 (en) * | 2008-02-14 | 2012-09-20 | King Fahd University of Petroleum and Minerals of Saudi Arabia | Virtual account based new digital cash protocols |
CN107483206A (en) * | 2017-09-30 | 2017-12-15 | 北京兵符科技有限公司 | A kind of asymmet-ric encryption method of quickly quantum safety |
CN109756500A (en) * | 2019-01-11 | 2019-05-14 | 如般量子科技有限公司 | Anti- quantum calculation https traffic method and system based on multiple unsymmetrical key ponds |
CN109918888A (en) * | 2019-01-15 | 2019-06-21 | 如般量子科技有限公司 | Anti- quantum certificate authority method based on public key pond and issue system |
CN110213044A (en) * | 2019-05-15 | 2019-09-06 | 如般量子科技有限公司 | Anti- quantum calculation HTTPS based on multiple unsymmetrical key ponds signs close communication means and system |
US10742420B1 (en) * | 2018-03-09 | 2020-08-11 | Wells Fargo Bank, N.A. | Quantum-resistant double signature system |
US20200328886A1 (en) * | 2017-10-06 | 2020-10-15 | Novus Paradigm Technologies Corporation | A system and method for quantum-safe authentication, encryption, and decryption of information |
-
2020
- 2020-10-16 CN CN202011106947.2A patent/CN114448636B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120239580A1 (en) * | 2008-02-14 | 2012-09-20 | King Fahd University of Petroleum and Minerals of Saudi Arabia | Virtual account based new digital cash protocols |
CN107483206A (en) * | 2017-09-30 | 2017-12-15 | 北京兵符科技有限公司 | A kind of asymmet-ric encryption method of quickly quantum safety |
US20200328886A1 (en) * | 2017-10-06 | 2020-10-15 | Novus Paradigm Technologies Corporation | A system and method for quantum-safe authentication, encryption, and decryption of information |
US10742420B1 (en) * | 2018-03-09 | 2020-08-11 | Wells Fargo Bank, N.A. | Quantum-resistant double signature system |
CN109756500A (en) * | 2019-01-11 | 2019-05-14 | 如般量子科技有限公司 | Anti- quantum calculation https traffic method and system based on multiple unsymmetrical key ponds |
CN109918888A (en) * | 2019-01-15 | 2019-06-21 | 如般量子科技有限公司 | Anti- quantum certificate authority method based on public key pond and issue system |
CN110213044A (en) * | 2019-05-15 | 2019-09-06 | 如般量子科技有限公司 | Anti- quantum calculation HTTPS based on multiple unsymmetrical key ponds signs close communication means and system |
Non-Patent Citations (1)
Title |
---|
叶青;周锦;汤永利;王峻峰;: "格上基于身份的抗量子攻击的部分盲签名方案", 信息网络安全, no. 03 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116366436A (en) * | 2023-04-21 | 2023-06-30 | 南京弘竹泰信息技术有限公司 | Method for providing various telecom value-added services based on wide area networking |
CN116366436B (en) * | 2023-04-21 | 2024-03-05 | 南京弘竹泰信息技术有限公司 | Method for providing various telecom value-added services based on wide area networking |
Also Published As
Publication number | Publication date |
---|---|
CN114448636B (en) | 2024-06-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107919956B (en) | End-to-end safety guarantee method in cloud environment facing to Internet of things | |
US10903991B1 (en) | Systems and methods for generating signatures | |
CN101640590B (en) | Method for obtaining a secret key for identifying cryptographic algorithm and cryptographic center thereof | |
CN110519046B (en) | Quantum communication service station key negotiation method and system based on one-time asymmetric key pair and QKD | |
US8806206B2 (en) | Cooperation method and system of hardware secure units, and application device | |
CN112104453B (en) | Anti-quantum computation digital signature system and signature method based on digital certificate | |
CN112087428B (en) | Anti-quantum computing identity authentication system and method based on digital certificate | |
US20050105735A1 (en) | Information processing system and method, information processing device and method, recording medium, and program | |
US20160226837A1 (en) | Server for authenticating smart chip and method thereof | |
CN113225302A (en) | Data sharing system and method based on proxy re-encryption | |
CN111416712B (en) | Quantum secret communication identity authentication system and method based on multiple mobile devices | |
CN113708917A (en) | APP user data access control system and method based on attribute encryption | |
CN106850233B (en) | Electronic contract signing and management method capable of being outsourced by multiple mechanisms | |
CN110176989B (en) | Quantum communication service station identity authentication method and system based on asymmetric key pool | |
CN110266483B (en) | Quantum communication service station key negotiation method, system and device based on asymmetric key pool pair and QKD | |
CN114448636B (en) | Quantum-resistant computing digital currency system based on digital certificate and anonymous communication method | |
CN116599659A (en) | Certificate-free identity authentication and key negotiation method and system | |
CN114070570B (en) | Safe communication method of electric power Internet of things | |
JPH10240826A (en) | Electronic contracting method | |
JP5393594B2 (en) | Efficient mutual authentication method, program, and apparatus | |
CN114189338A (en) | SM9 secret key safety distribution and management system and method based on homomorphic encryption technology | |
CN114362952B (en) | Anti-quantum computing transaction method and system for digital currency of sender offline | |
CN114422158B (en) | Anti-quantum computing digital currency communication method and system based on ID cryptography | |
CN114331422A (en) | Anti-quantum computing digital currency communication method and system based on digital certificate | |
CN114529272A (en) | Anti-quantum computing transaction method and system for digital currency with offline receiver |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |