CN114448636A - Quantum-resistant computing digital currency system based on digital certificate and anonymous communication method - Google Patents

Quantum-resistant computing digital currency system based on digital certificate and anonymous communication method Download PDF

Info

Publication number
CN114448636A
CN114448636A CN202011106947.2A CN202011106947A CN114448636A CN 114448636 A CN114448636 A CN 114448636A CN 202011106947 A CN202011106947 A CN 202011106947A CN 114448636 A CN114448636 A CN 114448636A
Authority
CN
China
Prior art keywords
key
user side
digital
certificate
digital currency
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011106947.2A
Other languages
Chinese (zh)
Other versions
CN114448636B (en
Inventor
富尧
钟一民
汪仲祥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruban Quantum Technology Co Ltd
Nanjing Ruban Quantum Technology Co Ltd
Original Assignee
Ruban Quantum Technology Co Ltd
Nanjing Ruban Quantum Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ruban Quantum Technology Co Ltd, Nanjing Ruban Quantum Technology Co Ltd filed Critical Ruban Quantum Technology Co Ltd
Priority to CN202011106947.2A priority Critical patent/CN114448636B/en
Publication of CN114448636A publication Critical patent/CN114448636A/en
Application granted granted Critical
Publication of CN114448636B publication Critical patent/CN114448636B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • H04L9/0858Details about key distillation or coding, e.g. reconciliation, error correction, privacy amplification, polarisation coding or phase coding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0872Generation of secret information including derivation or calculation of cryptographic keys or passwords using geo-location information, e.g. location data, time, relative position or proximity to other entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Power Engineering (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provides a digital certificate-based quantum computation resistant digital currency system and an anonymous communication method, wherein a third party authority is additionally arranged in the digital currency system, the third party authority respectively issues an ID, a public and private key, a digital certificate and a root certificate for a commercial bank digital currency system and a user side thereof, wherein the ID issued for the user side is the anonymous identity of the user side; the unique symmetric key calculation method is designed in the invention, so that the symmetric keys in mutual communication can be calculated among a third party authority, a user side and a commercial bank digital currency system according to the ID and the public and private keys, and the quantum computing resistance of the transmitted information, the digital certificate and the signature is realized in the identity authentication process of the digital currency system. On the other hand, the invention designs a mechanism for changing the anonymous ID of the user side, can hide the real identity of the user side and solves the safety problem caused by the leakage of the real identity.

Description

Quantum-resistant computing digital currency system based on digital certificate and anonymous communication method
Technical Field
The invention relates to the field of identity authentication, in particular to a quantum computing resistant digital currency system based on a digital certificate and an anonymous communication method.
Background
The core elements of the digital currency D-RMB system of the Chinese people's bank are a currency, two types of banks and three centers. One currency, D-RMB (DC/EP), abbreviated as D currency, refers in particular to a series of encrypted digital strings representing a specific amount signed by the central row. Two types of libraries: respectively an issuing bank and a banking bank (central bank digital currency database, commercial bank digital currency database) of the D-RMB. The digital currency is expressed as digital currency fund at the central row in the issuing bank; the digital currency is presented in the bank vault as digital cash in stock by the commercial bank. Three centers: the first is a registration center (recording the whole processes of currency generation, circulation, counting, checking and death); the other two are the certification centers, namely the CA certification center (Based on the PKI system, centralized management of the certificates of institutions and users, such as CFCA) and the IBC certification center (i.e., Based on the established certification-Based cryptography) of Identity-Based cryptography. Two tables can be designed in the registration center, one is a digital currency ownership registration table for recording the attribution of digital currency, and the other is a transaction flow meter.
The D-RMB system is a hierarchical system, namely a central bank and each commercial bank are built together, the digital currency system of the central bank is a computer system which is operated and maintained by the central bank or a designated organization of the central bank and is used for processing information about digital currency, and the main functions of the system comprise that the system is responsible for issuing, verifying and monitoring the digital currency; the commercial bank digital currency system is a computer system operated and maintained by a commercial bank or a commercial bank designated organization for processing information on digital currency, performs various currency-related functions of the existing bank, namely, banking functions, and mainly comprises functions of directly facing the society after applying for digital currency from a central bank, thereby meeting various requirements for providing digital currency circulation services.
The existing D-RMB system adopts an identity authentication technology based on a digital certificate, and the main principle is as follows: the user applies for a digital certificate from an authority to prove that the user and the public key of the user have a binding relationship; the server installs a root certificate of the same authority for verifying other service certificates issued by the authority. The server performs identity authentication on the user identity by the following steps: a user adopts a hash function to operate a plaintext to be sent to generate an abstract, and then encrypts the abstract by using a private key of the user to obtain a digital signature; the user sends the plaintext, the digital signature and the digital certificate requested by the user from the authority to the server. And after the server receives the information sent by the user, the digital certificate of the user is verified by using the root certificate, after the verification is passed, the digital signature of the user is verified by using the public key of the user in the digital certificate, if the verification is passed, the identity authentication is successful, otherwise, the authentication is unsuccessful.
However, in the existing identity authentication system based on the digital certificate, the data interaction among the user terminal, the server and the authority can not realize the quantum computation resistant secure communication.
In order to enable an identity authentication system based on a digital certificate to have an anti-quantum computation function, a patent CN109861813A proposes an anti-quantum computation HTTPS communication method and system based on an asymmetric key pool, and specifically discloses a communication method, in which participants of the method include a server, a certificate authority and a client, the client is configured with a key fob, and the asymmetric key pool is stored in the key fob; the quantum computation resistant HTTPS communication method comprises the following steps: the method comprises the steps that a server side obtains a digital certificate issued by a certificate authority center and sends the digital certificate to a client side, and the digital certificate is recorded with a public key pointer random number of the server; the client side obtains a root digital certificate which is issued by a certificate authority center and matched with the digital certificate, verifies the digital certificate sent by the server according to the root digital certificate, and obtains a server public key in the asymmetric key pool according to a server public key pointer random number recorded in the verified digital certificate; encrypting the randomly generated shared secret key by using a server public key, and sending an encryption result to the server to perform secret key negotiation; and carrying out HTTPS communication with the server by using the shared secret key.
Although the solution proposed by the patent CN109861813A can implement quantum computing resistant communication after identity authentication, in the technical solution proposed by the patent CN109861813A, the client needs to configure a quantum key card storing public keys of all members, which has a high requirement on the storage capacity of the client. Compared with the prior art, the whole identity authentication process is modified, so that the internal structure of the traditional CA mechanism needs to be modified, and the cost is too high.
Based on the above analysis, the prior art of digital currency communication systems has the following drawbacks:
1. the existing CA and the identity authentication system based on the digital certificate can not resist quantum computation;
2. in the existing quantum computing-resistant identity authentication system based on quantum secret communication, the cost is too high for users, and the symmetric key management is complex;
3. in the existing anti-quantum computing identity authentication system based on the asymmetric key pool, public keys of all members need to be generated into the asymmetric key pool and then stored into each key fob, so that the storage cost and the operation workload of the key fob of a client are increased;
4. in the existing anti-quantum computing identity authentication system based on the asymmetric key pool, the overall process and data structure of the traditional CA and the identity authentication system based on the digital certificate are changed, so that the cost for switching the CA and a user application system to an anti-quantum computing scheme is overhigh.
Disclosure of Invention
The purpose of the invention is as follows: in order to overcome the defects, the invention provides a digital certificate-based anti-quantum computing digital currency system and an anonymous communication method, which can realize anti-quantum computing and secret communication in the identity authentication process between a commercial bank digital currency system and a user side thereof in a digital currency system.
The invention content is as follows: in order to achieve the aim, the invention provides a quantum computation resistant digital currency system anonymous communication method based on a digital certificate, which comprises the following steps:
(1) adding a third party authority in the digital currency system, wherein the third party authority issues a digital certificate and a root certificate for the digital currency system of the commercial bank and the user side thereof respectively, and issues an ID and a public and private key for the third party authority, the digital currency system of the commercial bank and the user side thereof respectively, wherein the ID issued for the user side is the anonymous identity of the user side; the method for generating the public and private key of the certain object X by the third party authority comprises the following steps: the third party authority firstly generates a system public and private key for X, then calculates the ID of X by using a hash function to obtain the public key of X, and then calculates by using the public key of X and the system private key of X to obtain the private key of X;
(2) the user side registers the corresponding relation between the real identity information and the real-time ID in a corresponding commercial bank digital currency system in advance;
(3) before identity authentication, a user generates a request message for applying for a new ID, signs the request message by using a private key of a self-side digital certificate, calculates a symmetric key between the user and a third-side authority by using the private key of the user and a public key of the third-side authority, encrypts the self-side digital certificate and the signature by using the symmetric key, and then sends the encrypted self-side digital certificate and the signature together with the request message I to the third-side authority;
(4) the third party authority firstly calculates to obtain a system private key of the user side, then calculates by using the system private key of the user side and a public key of the third party authority, and then calculates a symmetric key between the third party authority and the user side by using a calculation result and the public key of the user side; after the received information is decrypted by using the symmetric key, the digital certificate and the signature of the user side are verified, a new ID, a new system public and private key and a new public and private key are generated according to the request of the user side after the information is passed, an intermediate key is calculated by using a system private key of a digital money system of a commercial bank and a new public key of the user side, the intermediate key, the new ID and the new private key are signed by using a root certificate private key, and finally the intermediate key, the new ID, the new private key and the signature are encrypted by using the symmetric key and then are sent to the user side;
(5) the user side decrypts the feedback information from the third party authority, verifies the signature by using the root certificate, stores the intermediate key, the new ID and the new private key after verification, and uses the new ID as the anonymous identity;
(6) the user side calculates a symmetric key between the user side and the digital currency system of the commercial bank by using the intermediate key and the public key of the digital currency system of the commercial bank, the digital currency system of the commercial bank calculates a symmetric key between the user side and the digital currency system of the commercial bank by using the private key of the user side and the public key of the client side, and then the user side and the client side perform identity authentication based on the calculated symmetric key.
Several alternatives are provided below, but not as an additional limitation to the above general solution, but merely as a further addition or preference, each alternative being combinable individually for the above general solution or among several alternatives without technical or logical contradictions.
Optionally, the identity authentication process is as follows:
the user side generates an identity authentication request message, signs the identity authentication request message and a new ID by using a digital certificate private key, encrypts the digital certificate and the signature by using a symmetric key of a commercial bank digital currency system, and finally sends the encrypted data, the identity authentication request message and the new ID to the commercial bank digital currency system;
after the commercial bank digital currency system decrypts the received message by using the symmetric key, the root certificate is used for verifying the validity of the digital certificate of the user side, and if the root certificate is valid, the signature is verified by the public key of the digital certificate of the user side; after the verification is passed, the commercial bank digital currency system generates a first random number; encrypting the first random number by using a public key of a digital certificate of a user side, then signing by using a private key of a digital certificate of the user side, and finally jointly encrypting the encrypted first random number, the signature and the digital certificate of the user side by using a symmetric key and then sending the encrypted first random number, the signature and the digital certificate of the user side to the user side;
the user side decrypts the received data, the root certificate is used for verifying the validity of the digital certificate of the digital currency system of the commercial bank, if the root certificate is valid, the public key of the digital certificate of the digital currency system of the commercial bank is used for verifying the signature of the digital certificate, and after the verification is passed, the private key of the digital certificate of the user side is used for decrypting a first random number and storing the first random number;
the user side generates a second random number, encrypts the first random number, the second random number and the old ID by using a digital certificate public key of the commercial bank digital currency system, signs the encrypted data and the old ID by using a digital certificate private key of the user side, encrypts the encrypted data and the signature again by using a symmetric key, and then sends the encrypted data and the signature together with the old ID to the commercial bank digital currency system;
and after the commercial bank digital currency system decrypts the received information, comparing whether the received second random number is consistent with the second random number sent by the commercial bank digital currency system, and if so, updating the ID in the user side registration information to be the new ID of the user side.
Optionally, in the process of communicating between the user side and the third party authority and the digital currency system of the commercial bank, the encryption method used when the symmetric key is used to encrypt data is as follows:
the sender calculates a symmetric key of the two parties communication, then generates a time stamp for the communication, calculates a communication key of the communication by using the symmetric key and the time stamp, encrypts a digital certificate and a signature by using the communication key, and sends the encrypted data and the time stamp to the receiver;
and after receiving the information sent by the sender, the receiver calculates the symmetric key, calculates the communication key of the communication according to the timestamp carried in the received information, and obtains the digital certificate and the signature of the sender through decryption of the communication key.
Optionally, the method for calculating the communication key of the current communication by using the symmetric key and the timestamp includes: and calculating a message authentication code for the timestamp by using the symmetric key, wherein the calculated message authentication code is the communication key.
Optionally, in the process of communicating between the user side and the third party authority and the digital currency system of the commercial bank, when the two communication parties send information each time, the message authentication code is further calculated to ensure the integrity of the communication message.
Optionally, after the user side and the digital currency system of the commercial bank complete identity authentication, the two sides establish a session, and calculate a session key of the session in the current round by using the first and second random numbers in the same manner, and perform communication based on the session key.
Optionally, the root certificate includes a version number, a serial number, a validity period of the certificate, and a certificate public key and a root certificate signature of the CA; the digital certificate of the user side comprises a certificate public key and the real identity of the user side; the digital certificate of the commercial bank digital currency system includes a certificate public key.
The invention also provides a digital certificate-based anti-quantum computing digital currency system, which comprises a user side, a commercial bank digital currency system, a central bank digital currency system and a third party authority; the commercial bank digital currency system and the central bank digital currency system are communicated through a pre-established quantum communication link, and the user side, the commercial bank digital currency system and the third party authority complete identity authentication according to the digital certificate-based digital currency system identity authentication method.
Furthermore, the user side, the commercial bank digital currency system and the third party authority are all provided with anti-quantum computing devices, the anti-quantum computing devices of the third party authority are used for storing all system private keys, own public and private keys and root certificates, the anti-quantum computing devices of the user side are used for storing the own public and private keys, system public keys, digital certificates and root certificates of the user side, and the anti-quantum computing devices of the commercial bank digital currency system are used for storing the public and private keys, the system public keys, the digital certificates and the root certificates of the commercial bank digital currency system.
Further, the quantum computation resistant device comprises a key fob, a mobile terminal, a cipher machine and a gateway.
Has the advantages that: compared with the prior art, the invention has the following beneficial effects:
1. the digital currency communication system based on the digital certificate can realize quantum computation resistance;
2. the method does not need to generate the public keys of all members into asymmetric key pools and store the asymmetric key pools into the key fobs, and the storage cost and the operation workload of the key fobs at the client side are low;
3. the whole process and the data structure of the traditional CA and the identity authentication system based on the digital certificate are not changed, so that the cost for switching the CA and the digital currency communication system to the anti-quantum computation scheme is not high;
4. the key issuing server based on the ID cryptography has different system public and private keys for different users, and even if the system public key of a certain user is lost to cause the system private key to be cracked by a quantum computer, the system public and private keys of CA and other users cannot be endangered.
5. The KMS issues an anonymous identity for the user, and the user uses the frequently updated anonymous identity to communicate with a commercial bank digital currency system, so that the communication is safer.
6. The communication mode of this patent has satisfied the requirement to security and cost under two kinds of different situations, promptly: for the communication between the central bank and the commercial bank with extremely high confidentiality requirement and relatively small influence range of scheme change, quantum secret communication with higher cost and higher safety is adopted, so that the communication with higher safety degree is realized; for the communication between the commercial bank and the user, which has not extremely high confidentiality requirement and relatively large scheme change influence range, the anti-quantum computing communication based on the digital certificate is adopted, so that the communication with higher safety and cost is realized. Therefore, the patent improves the existing digital currency communication system into a quantum computation resistant digital currency communication system, and considers the cost of system improvement.
Drawings
Fig. 1 is a basic configuration diagram of an example of a central bank digital currency operation in an embodiment of the present invention.
FIG. 2 is a flow chart of the steps involved in the authentication of the identity between the commercial bank digital currency system and the user in an embodiment of the present invention.
Detailed Description
The invention will be further described with reference to the accompanying drawings and specific embodiments. It is to be understood that the present invention may be embodied in various forms, and that there is no intention to limit the invention to the specific embodiments illustrated, but on the contrary, the intention is to cover some exemplary and non-limiting embodiments shown in the attached drawings and described below.
It is to be understood that the features listed above for the different embodiments may be combined with each other to form further embodiments within the scope of the invention, where technically feasible. Furthermore, the particular examples and embodiments of the invention described are non-limiting, and various modifications may be made in the structure, steps, and sequence set forth above without departing from the scope of the invention.
As shown in fig. 1, the basic structure of a digital currency system mainly includes a central bank digital currency system, a commercial bank digital currency system (in practice, multiple commercial bank digital currency systems), a user, and a system for authenticating the central bank and the commercial bank, where the central bank performs identity authentication and secure communication with each commercial bank, and each commercial bank performs identity authentication and secure communication with each user. The central bank digital currency system issues digital currency and registers the ownership of the digital currency; the commercial bank digital currency system performs banking functions for digital currency; the user is the main body for using the digital currency; the authentication system provides authentication for interaction between the commercial bank digital currency system and terminal devices used by users of the digital currency, and authentication for interaction between the central bank digital currency system and the commercial bank digital currency system.
A digital certificate-based anti-quantum computing identity authentication system is adopted between a commercial bank digital currency system and a user, and comprises a user A, a commercial bank digital currency system B corresponding to the user A and a certificate authority CA as shown in figure 2.
CA with quantum resistant computing device TCA,TCAIn which a key management server KMS based on ID cryptography is deployed. KMS issues quantum resistant computing device T for user A and commercial bank digital currency system BA、TB. The quantum resistant computing device can be a key fob, a mobile terminal, a cipher machine, a gateway and the like, can be in mainboard interface communication, near field wireless communication, controllable intranet communication and the like with a CA or each user side respectively, and can ensure that information cannot be stolen by a quantum computer in a communication range. For example, the quantum resistant computing device may be a key fob,the key fob plugs into the host motherboard of the CA mechanism. Alternatively, the quantum computing device may be a mobile terminal, in NFC communication with another quantum computing device that is also a mobile terminal. For another example, the quantum resistant computing device is a cryptographic engine or gateway that performs secure intranet communication with a user host in the same lan.
When the KMS issues a public and private key for a certain member, firstly, a set of system parameters based on ID (identity) keying is required to be established, and the steps are as follows:
(1)G1,G2is a group of GDHs (Diffie-Hellman group) of order q, q being a large prime number, G1Is an addition cycle group consisting of points on an elliptic curve, P is a group G1A generator of (2); g2Is a multiplication loop group; bilinear mapping e: g1×G1→G2
(2) Randomly fetch SKMS∈Zp *As system private key of CA, SKMSComputing a system public key PK of a CA in a quantum computing deviceMS=SKMS*P,PKMSQuantum resistant computing device T stored in CACA. The KMS has different system public and private keys for different users, and for user A, the KMS generates a unique code as the anonymous identity ID of AAFor the current anonymous identity, the system private key of A is SKMSA=MAC(IDA,SKMS) (MAC (m, k) is the computation of a message authentication code for message m using key k), the system public key of A is PKMSA=SKMSAP; for commercial Bank digital Currency System B, the KMS will generate a unique code as the IDBThe system private key of B is SKMSB=MAC(IDB,SKMS) The system public key of B is PKMSB=SKMSBP; all system private keys are stored in the corresponding quantum resistant computing device, PKMSAIs stored in TAIn, PKMSBIs stored in TBIn (1).
(3) Selecting a hash function H1:{0,1}*→G1,H2:G2→{0,1}*
(4) The system parameters are { q, G1,G2,e,n,P,H1,H2}。
When the KMS issues a public and private key for CA, a unique code is generated as an IDCACall hash function H1Computing public key PKCA=H1(IDCA) Then according to the public key PKCAComputing the private Key SKCA=SKMS*PKCAWill IDCA、PKCA、SKCACA-stored quantum resistant computing device TCA。TCAIn which a CA root certificate CERT is storedCA,CERTCAIncluding the version number, serial number, validity period of the certificate and the certificate public key PK of the CACERTCAAnd a certificate signature, and a certificate private key SKCERTCAThen it is kept secret by the CA (i.e. not associated with the ID)CA、PKCA、SKCAStored in the same memory device), e.g. in a quantum-resistant computing device TCAOr in a key fob connected to a quantum computing device. The certificate public key and the certificate signature can be based on various asymmetric cryptographic algorithms such as RSA, ECC, discrete logarithm, ID cryptography and the like.
When the KMS issues a public and private key for the user A, a Hash function H is called1Computing public key PKA=H1(IDA) Then according to the public key PKAComputing the private Key SKA=SKMSA*PKAThe ID of A and the public and private key, namely IDA、PKA、SKAA-stored quantum resistant computing device TA。TAAlso stored therein is a KMS-issued CA root certificate CERTCACertificate CERT of A and AAWherein CERTCAComprising a certificate public key PKCERTCA,CERTAComprising a certificate public key PKCERTAAnd A's true identity, and the certificate private key SKCERTAThen another secret is kept by a, e.g. in an anti-quantum computing device TAOr in a security chip connected to an anti-quantum computing device TAIn the key fob of (1).
When the KMS issues a public and private key for a digital currency system B of a commercial bank, a Hash function H is called1Computing public key PKB=H1(IDB) Then according toPublic key PKBComputing the private Key SKB=SKMSB*PKBThe ID of B and the public and private key, i.e. IDB、PKB、SKBB-stored quantum resistant computing device TB。TBAlso stored therein is a KMS-issued CA root certificate CERTCACertificate CERT of B and BBWherein CERTCAComprising a certificate public key PKCERTCA,CERTBIncluding certificate public key PKCERTBAnd a certificate private key SKCERTBThen the secret is saved by B, e.g. in an anti-quantum computing device TBOr in a security chip connected to a quantum-resistant computing device TBAnd B also holds a correspondence table of the true identity of the corresponding user a and the current anonymous identity.
Based on the above-mentioned key distribution based on ID cryptography, fig. 2 shows the authentication method flow of the digital certificate based quantum computing resistant identity authentication system between the commercial bank digital currency system and the user. The following examples describe the procedure in detail.
Examples
(1) When A needs identity authentication, A applies for updating to CA to generate new anonymous ID
REQ for A1Indicating a request for a new anonymous ID for the generation A, obtaining a time stamp T1Then the ID is addedA、IDCA、T1、IDBAnd REQ1Combined to be MSG1_0I.e. MSG1_0=IDA||IDCA||T1||IDB||REQ1Wherein IDCAID indicating that the message was sent by A to the certificate authority CABIs the ID of the commercial bank digital currency system to which a belongs.
Symmetric key K between A calculation and CAA-CA=e(SKA,PKCA) By KA-CAFor T1Calculating a message authentication code to obtain K1=MAC(T1,KA-CA). Reuse certificate CERTAPublic key PK in (1)CERTAFor MSG1_0Signing to obtain SIG1By K1Encrypting CERTAAnd SIG1To obtain { CERTA||SIG1}K1Will { CERTA||SIG1}K1And MSG1_0Combined to be MSG1_1I.e. MSG1_1=MSG1_0||{CERTA||SIG1}K1. Using K1For MSG1_1Computing a message authentication code to obtain a MAC (MSG)1_1,K1) Then MSG is added1_1And MAC (MSG)1_1,K1) Combined to be MSG1And MSG message1Sent to the CA. In the sent message, the digital certificate and the signature are encrypted by the secret key, so that the digital certificate and the signature can resist quantum computation, and the real identity of the user is hidden.
(2) CA generates a new anonymous ID for A, calculates A's B-based private key and sends A to
The CA receives the message MSG from A1Namely MSG1_1||MAC(MSG1_1,K1) And also MSG1_1=MSG1_0||{CERTA||SIG1}K1,MSG1_0=IDA||IDCA||T1||IDB||REQ1
KMS in CA calculates system private key SK of AMSA=MAC(IDA,SKMS) Computing SKCAA=SKMSA*PKCA. Then according to PKA=H1(IDA) Obtaining a symmetric key K between CA and ACA-A=e(SKCAA,PKA). From ID cryptography: kA-CA=e(SKA,PKCA)=e(SKMSA*PKA,PKCA)=e(PKA,SKMSA*PKCA)=e(PKA,SKCAA)=e(SKCAA,PKA)=KCA-A
CA uses KCA-AFor T1Calculating message authentication code to get K'1=MAC(T1,KCA-A). K 'is used first'1For MSG1_1Computing a message authentication code to obtain a MAC (MSG)1_1,K′1) And MAC (MSG)1_1,K1) And comparing and verifying. After verification, K 'is reused'1Decryption { CERTA||SIG1}K1Obtaining CERTAAnd SIG1Using CA root certificate CERTCADetermination of CERTAIf valid, using certificate CERTAPublic key PKCERTAVerification signature SIG1
After the authentication is passed, the CA generates a new anonymous ID for user AAnew. Computing KMS pair IDAnewSystem private key SKMSAnew=MAC(IDAnew,SKMS) System public key PKMSAnew=SKMSAnewP; computing IDAnewPublic key PKAnew=H1(IDAnew) Private key SKAnew=SKMSAnew*PKAnew. Then calculating the system private key SK of KMS to BMSB=MAC(IDB,SKMS) Calculate the IDAnewWith respect to B private key SK'Anew=SKMSB*PKAnew. CA gets timestamp T2Will IDCA、IDA、T2、IDAnew、SKAnewAnd SK'AnewCombined to be MSG2_0I.e. MSG2_0=IDCA||IDA||T2||IDAnew||SKAnew||SK′Anew. With the private key SK in the CA root certificateCERTCAFor MSG2_0Signing to obtain SIG2By KCA-AFor T2Calculating a message authentication code to obtain K2=MAC(T2,KCA-A) Then with K2For IDAnew||SKAnew||SK′Anew||SIG2Encrypted to obtain { IDAnew||SKAnew||SK′Anew||SIG2}K2It is then compared with IDCA、IDAAnd T2Combined to be MSG2_1I.e. MSG2_1=IDCA||IDA||T2||{IDAnew||SKAnew||SK′Anew||SIG2}K2. Reuse K2For MSG2_1Computing message authentication codesObtain MAC (MSG)2_1,K2) Then MSG is added2_1And MAC (MSG)2_1,K2) Combined to be MSG2Namely MSG2=MSG2_1||MAC(MSG2_1,K2) And MSG message2And sending the signal to A.
(3) A requests B to carry out identity authentication
A receives message MSG2I.e. MSG2_1||MAC(MSG2_1,K2) And also MSG2_1=IDCA||IDA||T2||{IDAnew||SKAnew||SK′Anew||SIG2}K2. Using KA-CAFor T2Calculating message authentication code to get K'2=MAC(T2,KA-CA). K 'is used first'2For MSG2_1Computing a message authentication code to obtain a MAC (MSG)2_1,K′2) And MAC (MSG)2_1,K2) And comparing and verifying. After verification, K 'is reused'2Decryption { IDAnew||SKAnew||SK′Anew||SIG2}K2Get IDAnew||SKAnew||SK′Anew||SIG2. A uses the public key PK in the CA root certificateCERTCAPair signature SIG2Verifying, and after the verification is successful, the ID is addedAnew||SKAnewStored locally and using IDAnewAs a new anonymous ID.
Symmetric key K between A calculation and BA-B=e(SK′Anew,PKB) Taking a time stamp T3By KA-BFor T3Calculating a message authentication code to obtain K3=MAC(T3,KA-B). With REQ3Representing an authentication request of A to B, and an IDAnew、IDB、T3And REQ3Combined to be MSG3_0I.e. MSG3_0=IDAnew||IDB||T3||REQ3. Using certificates CERTASK ofCERTAFor MSG3_0Signing to obtain SIG3Then with K3For CERTAAnd SIG3Encrypted to obtain { CERTA||SIG3}K3And is combined with MSG3_0Combined to be MSG3_1Namely MSG3_1=MSG3_0||{CERTA||SIG3}K3. Using K3For MSG3_1Computing a message authentication code to obtain a MAC (MSG)3_1,K3) Then MSG is added3_1And MAC (MSG)3_1,K3) Combined to be MSG3And MSG message3And sending the data to B.
(4) B carries out identity authentication on A and returns generated random number
B receives message MSG3,MSG3=MSG3_1||MAC(MSG3_1,K3) And also MSG3_1=MSG3_0||{CERTA||SIG3}K3And MSG3_0=IDAnew||IDB||T3||REQ3. First B is according to PKAnew=H1(IDAnew) Obtaining a symmetric key K between B and AB-A=e(SKB,PKAnew). From ID cryptography: kA-B=e(SK′Anew,PKB)=e(SKMSB*PKAnew,PKB)=e(PKAnew,SKMSB*PKB)=e(PKAnew,SKB)=e(SKB,PKAnew)=KB-A. B uses KB-AFor T3Calculating message authentication code to get K'3=MAC(T3,KB-A). From K'3For MSG3_1Computing a message authentication code to obtain a MAC (MSG)3_1,K′3) And MAC (MSG)3_1,K3) And comparing and verifying. After verification is passed, K 'is used'3Decryption { CERTA||SIG3}K3Obtaining CERTA||SIG3. Using CA root certificate CERTCADetermination of CERTAIf valid, using certificate CERTAPublic key PKCERTAVerification signature SIG3
After the verification is passed, B acquires a time stamp T4Using KB-AFor T4Calculating a message authentication code to obtain K4=MAC(T4,KB-A). B generating a random number NBUsing PKCERTAEncrypting NBAnd IDBTo obtain { NB||IDB}PKCERTAAnd with IDB、IDAAnd T4Combined to be MSG4_0Namely MSG4_0=IDB||IDA||T4||{NB||IDB}PKCERTA. Using certificates CERTBSK ofCERTBFor MSG4_0Signing to obtain SIG4By K4For { NB||IDB}PKCERTA||CERTB||SIG4Encryption is carried out to obtain { { NB||IDB}PKCERTA||CERTB||SIG4}K4Then with IDB、IDAAnd T4Combined to be MSG4_1Namely MSG4_1=IDB||IDA||T4||{{NB||IDB}PKCERTA||CERTB||SIG4}K4. Using K4For MSG4_1Computing a message authentication code to obtain a MAC (MSG)4_1,K4) Then MSG is added4_1And MAC (MSG)4_1,K4) Combined to be MSG4And MSG message4And sending the signal to A.
(5) A authenticates B and returns generated random number
A receives message MSG4I.e. MSG4_1||MAC(MSG4_1,K4) And also MSG4_1=IDB||IDA||T4||{{NB||IDB}PKCERTA||CERTB||SIG4}K4. Using KA-BFor T4Calculating message authentication code to get K'4=MAC(T4,KA-B). From K'4For MSG4_1Computing a message authentication code to obtain a MAC (MSG)4_1,K′4) And MAC (MSG)4_1,K4) And comparing and verifying. After verification is passed, K 'is used'4Decryption { { NB||IDB}PKCERTA||CERTB||SIG4}K4To obtain { NB||IDB}PKCERTA||CERTB||SIG4. A uses CA root certificate CERTCADetermination of CERTBIf valid, using certificate CERTBPublic key PKCERTBVerification signature SIG4. After passing the verification, using certificate CERTAPrivate key SKCERTADecryption { NB||IDB}PKCERTATo obtain NB||IDBIs a reaction of NBStored locally.
A acquiring a timestamp T5Using KA-BFor T5Calculating a message authentication code to obtain K5=MAC(T5,KA-B). A generating a random number NAUsing PKCERTBEncrypting NA、NBAnd IDATo obtain { NA||NB||IDA}PKCERTBAnd with IDA、IDBAnd T5Combined to be MSG5_0Namely MSG5_0=IDA||IDB||T5||{NA||NB||IDA}PKCERTB. Using certificates CERTASK ofCERTAFor MSG5_0Signing to obtain SIG5By K5For { NA||NB||IDA}PKCERTB||SIG5Encryption is carried out to obtain { { NA||NB||IDA}PKCERTB||SIG5}K5Then with IDA、IDBAnd T5 in combination are called MSG5_1Namely MSG5_1=IDA||IDB||T5||{{NA||NB||IDA}PKCERTB||SIG5}K5. Using K5For MSG5_1Computing a message authentication code to obtain a MAC (MSG)5_1,K5) Then MSG is added5_1And MAC (MSG)5_1,K5) Combined to be MSG5And MSG message5And sending the data to B.
(6) B, calculating to obtain a session key and updating a corresponding table of the real identity and the current anonymous identity of A
B receives message MSG5I.e. MSG5_1||MAC(MSG5_1,K5) And also MSG5_1=IDA||IDB||T5||{{NA||NB||IDA}PKCERTB||SIG5}K5. Using KB-AFor T5Calculating message authentication code to get K'5=MAC(T5,KB-A). From K'5For MSG5_1Computing a message authentication code to obtain a MAC (MSG)5_1,K′5) And MAC (MSG)5_1,K5) And comparing and verifying. After verification is passed, K 'is used'5Decryption { { NA||NB||IDA}PKCERTB||SIG5}K5To obtain { NA||NB||IDA}PKCERTB||SIG5. PK for BCERTAVerification signature SIG5After verification, the certificate private key SK is usedCERTBDecryption { NA||NB||IDA}PKCERTBTo obtain NA||NB||IDA
B verifies the received NBAnd local NBWhether they are consistent or not, and if so, using N for BAAnd NBAnd calculating to obtain the session key. And updating a corresponding table of the real identity of the A and the current anonymous identity which is stored locally, namely updating the anonymous identity corresponding to the A by the IDAIs updated to IDAnew. Get timestamp T6, use KB-ACalculating the message authentication code for T6 to obtain K6=MAC(T6,KB-A). Use of PKCERTAEncrypting NATo obtain { NA}PKCERTAAnd with IDB、IDAAnd T6Combined to be MSG6_0Namely MSG6_0=IDB||IDA||T6||{NA}PKCERTA. Using SKCERTBFor MSG6_0Signing to obtain SIG6By K6For { NA}PKCERTA||SIG6Encryption is carried out to obtain { { NA}PKCERTA||SIG6}K6Then with IDB、IDAAnd T6Combined to be MSG6_1Namely MSG6_1=IDB||IDA||T6||{{NA}PKCERTA||SIG6}K6. Using K6For MSG6_1Computing a message authentication code to obtain a MAC (MSG)6_1,K6) Then MSG is added6_1And MAC (MSG)6_1,K6) Combined to be MSG6And then MSG6And sending the signal to A.
(7) A, calculating to obtain a session key
A receives message MSG6I.e. MSG6_1||MAC(MSG6_1,K6) And also MSG6_1=IDB||IDA||T6||{{NA}PKCERTA||SIG6}K6. Using KA-BFor T6Calculating message authentication code to get K'6=MAC(T6,KA-B). From K'6For MSG6_1Computing a message authentication code to obtain a MAC (MSG)6_1,K′6) And MAC (MSG)6_1,K6) And comparing and verifying. After verification is passed, K 'is used'6Decryption { { NA}PKCERTA||SIG6}K6To obtain { NA}PKCERTA||SIG6. PK for ACERTBVerification signature SIG6After verification, the certificate private key SK is usedCERTADecryption { NA}PKCERTATo obtain NA
A verifies received NAAnd local NAWhether they are consistent. After the verification is passed, use NAAnd NBAnd calculating to obtain the session key.
The central bank digital currency system and the commercial bank digital currency system perform identity authentication through QKD communication: the central bank digital currency system and the commercial bank digital currency system are respectively provided with a QKD device, and the two devices carry out quantum secret communication through a QKD line and negotiate to obtain a session key.
After the digital money system of the commercial bank and the user have negotiated the session key and the digital money system of the central bank and the digital money system of the commercial bank have also negotiated the session key, the whole digital money system can perform various services, such as payment of digital money, transfer of money, and the like.
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (10)

1. The quantum computing resisting digital currency system anonymous communication method based on the digital certificate is characterized by comprising the following steps of:
(1) adding a third party authority in the digital currency system, wherein the third party authority issues a digital certificate and a root certificate for the digital currency system of the commercial bank and the user side thereof respectively, and issues an ID and a public and private key for the third party authority, the digital currency system of the commercial bank and the user side thereof respectively, wherein the ID issued for the user side is the anonymous identity of the user side; the method for generating the public and private key of the certain object X by the third party authority comprises the following steps: the third party authority firstly generates a system public and private key for X, then calculates the ID of X by using a hash function to obtain the public key of X, and then calculates by using the public key of X and the system private key of X to obtain the private key of X;
(2) the user side registers the corresponding relation between the real identity information and the real-time ID in a corresponding commercial bank digital currency system in advance;
(3) before identity authentication, a user generates a request message for applying for a new ID, signs the request message by using a private key of a self-side digital certificate, calculates a symmetric key between the user and a third-side authority by using the private key of the user and a public key of the third-side authority, encrypts the self-side digital certificate and the signature by using the symmetric key, and then sends the encrypted self-side digital certificate and the signature together with the request message I to the third-side authority;
(4) the third party authority firstly calculates to obtain a system private key of the user side, then calculates by using the system private key of the user side and a public key of the third party authority, and then calculates a symmetric key between the third party authority and the user side by using a calculation result and the public key of the user side; after the received information is decrypted by using the symmetric key, the digital certificate and the signature of the user side are verified, a new ID, a new system public and private key and a new public and private key are generated according to the request of the user side after the information is passed, an intermediate key is calculated by using a system private key of a digital money system of a commercial bank and a new public key of the user side, the intermediate key, the new ID and the new private key are signed by using a root certificate private key, and finally the intermediate key, the new ID, the new private key and the signature are encrypted by using the symmetric key and then are sent to the user side;
(5) the user side decrypts the feedback information from the third party authority, verifies the signature by using the root certificate, stores the intermediate key, the new ID and the new private key after verification, and uses the new ID as the anonymous identity;
(6) the user side calculates a symmetric key between the user side and the digital currency system of the commercial bank by using the intermediate key and the public key of the digital currency system of the commercial bank, the digital currency system of the commercial bank calculates a symmetric key between the user side and the digital currency system of the commercial bank by using the private key of the user side and the public key of the client side, and then the user side and the client side perform identity authentication based on the calculated symmetric key.
2. The anonymous communication method of the quantum computing resistant digital currency system based on the digital certificate as set forth in claim 1, wherein the authentication process is as follows:
the user side generates an identity authentication request message, signs the identity authentication request message and a new ID by using a digital certificate private key, encrypts the digital certificate and the signature by using a symmetric key of a commercial bank digital currency system, and finally sends the encrypted data, the identity authentication request message and the new ID to the commercial bank digital currency system;
after the commercial bank digital currency system decrypts the received message by using the symmetric key, the root certificate is used for verifying the validity of the digital certificate of the user side, and if the root certificate is valid, the signature is verified by the public key of the digital certificate of the user side; after the verification is passed, the commercial bank digital currency system generates a first random number; encrypting the first random number by using a public key of a digital certificate of a user side, then signing by using a private key of a digital certificate of the user side, and finally jointly encrypting the encrypted first random number, the signature and the digital certificate of the user side by using a symmetric key and then sending the encrypted first random number, the signature and the digital certificate of the user side to the user side;
the user side decrypts the received data, the root certificate is used for verifying the validity of the digital certificate of the digital currency system of the commercial bank, if the root certificate is valid, the public key of the digital certificate of the digital currency system of the commercial bank is used for verifying the signature of the digital certificate, and after the verification is passed, the private key of the digital certificate of the user side is used for decrypting a first random number and storing the first random number;
the user side generates a second random number, encrypts the first random number, the second random number and the old ID by using a digital certificate public key of the commercial bank digital currency system, signs the encrypted data and the old ID by using a digital certificate private key of the user side, encrypts the encrypted data and the signature again by using a symmetric key, and then sends the encrypted data and the signature together with the old ID to the commercial bank digital currency system;
and after the commercial bank digital currency system decrypts the received information, comparing whether the received second random number is consistent with the second random number sent by the commercial bank digital currency system, and if so, updating the ID in the user side registration information to be the new ID of the user side.
3. The anonymous communication method of the quantum computing resistant digital currency system based on the digital certificate as set forth in claim 2, wherein in the process of communicating the user side with the third party authority and the commercial bank digital currency system, the encryption method adopted when encrypting data by using the symmetric key is as follows:
the sender calculates a symmetric key of the two parties communication, then generates a time stamp for the communication, calculates a communication key of the communication by using the symmetric key and the time stamp, encrypts a digital certificate and a signature by using the communication key, and sends the encrypted data and the time stamp to the receiver;
and after receiving the information sent by the sender, the receiver calculates the symmetric key, calculates the communication key of the communication according to the timestamp carried in the received information, and obtains the digital certificate and the signature of the sender through decryption of the communication key.
4. The anonymous communication method of quantum computing resistant digital currency system based on digital certificates, according to claim 3, wherein the communication key method for computing the current communication by using the symmetric key and the timestamp is: and calculating a message authentication code for the timestamp by using the symmetric key, wherein the calculated message authentication code is the communication key.
5. The anonymous communication method of the quantum computing resistant digital currency system based on the digital certificate as claimed in claim 1, wherein in the process of the user side communicating with the third party authority and the commercial bank digital currency system, the message authentication code is further calculated to ensure the integrity of the communication message each time the two communication parties send the message.
6. The anonymous communication method of quantum computing resistant digital currency system based on digital certificate as claimed in claim 1, wherein after the user end and the digital currency system of commercial bank finish the identity authentication, both parties establish a session, and calculate the session key of the session in the same way by using the first and second random numbers and communicate based on the session key.
7. The anonymous communication method of quantum computing resistant digital currency system based on digital certificates according to claim 1, wherein the root certificate comprises version number of certificate, serial number, validity period of certificate and certificate public key and certificate signature of CA; the digital certificate of the user side comprises a certificate public key and the real identity of the user side; the digital certificate of the commercial bank digital currency system includes a certificate public key.
8. The quantum computation resistant digital currency system based on the digital certificate is characterized by comprising a user side, a commercial bank digital currency system, a central bank digital currency system and a third party authority; the commercial bank digital currency system and the central bank digital currency system communicate through a pre-established quantum communication link, and the identity authentication is completed according to the method of any one of claims 1 to 7 between the user side, the commercial bank digital currency system and the third party authority.
9. The digital certificate based quantum computing resistant digital currency system according to claim 8, wherein the user side, the commercial bank digital currency system and the third party authority are configured with quantum computing resistant computing devices, the quantum computing resistant computing device of the third party authority is configured to store all system private keys, own public and private keys and root certificates, the quantum computing resistant computing device of the user side is configured to store the user side's own public and private keys, system public keys, digital certificates and root certificates, and the quantum computing resistant computing device of the commercial bank digital currency system is configured to store the commercial bank digital currency system's public and private keys, system public keys, digital certificates and root certificates.
10. The digital certificate-based quantum computing resistant digital currency system according to claim 9, wherein the quantum computing resistant computing device comprises a key fob, a mobile terminal, a cryptographic engine, a gateway.
CN202011106947.2A 2020-10-16 2020-10-16 Quantum-resistant computing digital currency system based on digital certificate and anonymous communication method Active CN114448636B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011106947.2A CN114448636B (en) 2020-10-16 2020-10-16 Quantum-resistant computing digital currency system based on digital certificate and anonymous communication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011106947.2A CN114448636B (en) 2020-10-16 2020-10-16 Quantum-resistant computing digital currency system based on digital certificate and anonymous communication method

Publications (2)

Publication Number Publication Date
CN114448636A true CN114448636A (en) 2022-05-06
CN114448636B CN114448636B (en) 2024-06-14

Family

ID=81358061

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011106947.2A Active CN114448636B (en) 2020-10-16 2020-10-16 Quantum-resistant computing digital currency system based on digital certificate and anonymous communication method

Country Status (1)

Country Link
CN (1) CN114448636B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116366436A (en) * 2023-04-21 2023-06-30 南京弘竹泰信息技术有限公司 Method for providing various telecom value-added services based on wide area networking

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120239580A1 (en) * 2008-02-14 2012-09-20 King Fahd University of Petroleum and Minerals of Saudi Arabia Virtual account based new digital cash protocols
CN107483206A (en) * 2017-09-30 2017-12-15 北京兵符科技有限公司 A kind of asymmet-ric encryption method of quickly quantum safety
CN109756500A (en) * 2019-01-11 2019-05-14 如般量子科技有限公司 Anti- quantum calculation https traffic method and system based on multiple unsymmetrical key ponds
CN109918888A (en) * 2019-01-15 2019-06-21 如般量子科技有限公司 Anti- quantum certificate authority method based on public key pond and issue system
CN110213044A (en) * 2019-05-15 2019-09-06 如般量子科技有限公司 Anti- quantum calculation HTTPS based on multiple unsymmetrical key ponds signs close communication means and system
US10742420B1 (en) * 2018-03-09 2020-08-11 Wells Fargo Bank, N.A. Quantum-resistant double signature system
US20200328886A1 (en) * 2017-10-06 2020-10-15 Novus Paradigm Technologies Corporation A system and method for quantum-safe authentication, encryption, and decryption of information

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120239580A1 (en) * 2008-02-14 2012-09-20 King Fahd University of Petroleum and Minerals of Saudi Arabia Virtual account based new digital cash protocols
CN107483206A (en) * 2017-09-30 2017-12-15 北京兵符科技有限公司 A kind of asymmet-ric encryption method of quickly quantum safety
US20200328886A1 (en) * 2017-10-06 2020-10-15 Novus Paradigm Technologies Corporation A system and method for quantum-safe authentication, encryption, and decryption of information
US10742420B1 (en) * 2018-03-09 2020-08-11 Wells Fargo Bank, N.A. Quantum-resistant double signature system
CN109756500A (en) * 2019-01-11 2019-05-14 如般量子科技有限公司 Anti- quantum calculation https traffic method and system based on multiple unsymmetrical key ponds
CN109918888A (en) * 2019-01-15 2019-06-21 如般量子科技有限公司 Anti- quantum certificate authority method based on public key pond and issue system
CN110213044A (en) * 2019-05-15 2019-09-06 如般量子科技有限公司 Anti- quantum calculation HTTPS based on multiple unsymmetrical key ponds signs close communication means and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
叶青;周锦;汤永利;王峻峰;: "格上基于身份的抗量子攻击的部分盲签名方案", 信息网络安全, no. 03 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116366436A (en) * 2023-04-21 2023-06-30 南京弘竹泰信息技术有限公司 Method for providing various telecom value-added services based on wide area networking
CN116366436B (en) * 2023-04-21 2024-03-05 南京弘竹泰信息技术有限公司 Method for providing various telecom value-added services based on wide area networking

Also Published As

Publication number Publication date
CN114448636B (en) 2024-06-14

Similar Documents

Publication Publication Date Title
CN107919956B (en) End-to-end safety guarantee method in cloud environment facing to Internet of things
US10903991B1 (en) Systems and methods for generating signatures
CN101640590B (en) Method for obtaining a secret key for identifying cryptographic algorithm and cryptographic center thereof
CN110519046B (en) Quantum communication service station key negotiation method and system based on one-time asymmetric key pair and QKD
US8806206B2 (en) Cooperation method and system of hardware secure units, and application device
CN112104453B (en) Anti-quantum computation digital signature system and signature method based on digital certificate
CN112087428B (en) Anti-quantum computing identity authentication system and method based on digital certificate
US20050105735A1 (en) Information processing system and method, information processing device and method, recording medium, and program
US20160226837A1 (en) Server for authenticating smart chip and method thereof
CN113225302A (en) Data sharing system and method based on proxy re-encryption
CN111416712B (en) Quantum secret communication identity authentication system and method based on multiple mobile devices
CN113708917A (en) APP user data access control system and method based on attribute encryption
CN106850233B (en) Electronic contract signing and management method capable of being outsourced by multiple mechanisms
CN110176989B (en) Quantum communication service station identity authentication method and system based on asymmetric key pool
CN110266483B (en) Quantum communication service station key negotiation method, system and device based on asymmetric key pool pair and QKD
CN114448636B (en) Quantum-resistant computing digital currency system based on digital certificate and anonymous communication method
CN116599659A (en) Certificate-free identity authentication and key negotiation method and system
CN114070570B (en) Safe communication method of electric power Internet of things
JPH10240826A (en) Electronic contracting method
JP5393594B2 (en) Efficient mutual authentication method, program, and apparatus
CN114189338A (en) SM9 secret key safety distribution and management system and method based on homomorphic encryption technology
CN114362952B (en) Anti-quantum computing transaction method and system for digital currency of sender offline
CN114422158B (en) Anti-quantum computing digital currency communication method and system based on ID cryptography
CN114331422A (en) Anti-quantum computing digital currency communication method and system based on digital certificate
CN114529272A (en) Anti-quantum computing transaction method and system for digital currency with offline receiver

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant