CN116781262A - Space region security authentication method based on meta-universe system - Google Patents
Space region security authentication method based on meta-universe system Download PDFInfo
- Publication number
- CN116781262A CN116781262A CN202311055528.4A CN202311055528A CN116781262A CN 116781262 A CN116781262 A CN 116781262A CN 202311055528 A CN202311055528 A CN 202311055528A CN 116781262 A CN116781262 A CN 116781262A
- Authority
- CN
- China
- Prior art keywords
- receiving end
- key
- generation center
- end equipment
- key generation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 30
- 238000000605 extraction Methods 0.000 claims abstract description 22
- 238000009795 derivation Methods 0.000 claims abstract description 6
- 239000013598 vector Substances 0.000 claims description 13
- 239000011159 matrix material Substances 0.000 claims description 9
- 239000000284 extract Substances 0.000 claims description 6
- 238000012795 verification Methods 0.000 claims description 6
- 238000004891 communication Methods 0.000 claims description 3
- 238000012545 processing Methods 0.000 claims description 3
- 238000011084 recovery Methods 0.000 claims description 3
- 239000003795 chemical substances by application Substances 0.000 claims description 2
- 238000001514 detection method Methods 0.000 abstract description 2
- 230000010365 information processing Effects 0.000 abstract description 2
- 238000005516 engineering process Methods 0.000 description 9
- 238000011161 development Methods 0.000 description 5
- 230000003993 interaction Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000013473 artificial intelligence Methods 0.000 description 2
- 241000345822 Cylindera <genus> Species 0.000 description 1
- 230000003044 adaptive effect Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 210000004556 brain Anatomy 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 230000008451 emotion Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000005065 mining Methods 0.000 description 1
- 230000006461 physiological response Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Computer And Data Communications (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a space region security authentication method based on a meta-universe system, which relates to the technical field of data privacy and information security of the meta-universe system, and comprises the following steps: the system comprises a system initialization stage, an identity-based private key derivation stage, an authentication encryption information generation stage and an information extraction and authentication stage. By operating the lattice original image extraction function and the exclusive OR operation in the authentication encryption information generation stage, confidentiality and authenticability of the original information of the space region of the meta-space system of the quantum computing environment are realized, protection of sensitive information is enhanced, effective authentication and detection are carried out on data sources and whether the actions are tampered or not, and meanwhile, the information processing efficiency of the space region of the meta-space system is improved.
Description
Technical Field
The invention belongs to the technical field of data privacy and information security of a metauniverse system, and particularly relates to a space region security authentication method based on a metauniverse system.
Background
Along with the rapid development of artificial intelligence technology, internet of things technology, 5G, blockchain, interaction technology, space computing technology and the like, the metauniverse has stepped into a rapidly developing track. The meta universe is used as a virtual and real interaction space, is a real-time online system evolved from the Internet, and has the characteristics of durability, decentralization, co-evolution and the like. Meanwhile, technological application in the process of metauniverse development and realization faces network security risks and new challenges in terms of data security. The metauniverse is taken as a new thing, and the development process is still full of uncertainty although a new opportunity is brought to the integration of internet technology and the development of digital economy. In the network era, important systems are easily attacked, and network intrusion and other phenomena occur. The meta-universe is a virtual world constructed by the underlying core technology such as the network technology, so that the risk of intrusion in the internet occurs, and the risk of intrusion in the meta-universe also occurs.
In the algorithm technology application process of the meta-universe bottom core technology artificial intelligence, a large amount of data is required to be used, including data acquisition, transmission, storage, use, processing and destruction, and the data can be leaked and illegally used and is not effectively protected. Once information of a user having a specific terminal device in a meta-universe system is revealed or abused, the identity and life of the user in the real world are most likely to be exposed, and personal privacy is seriously violated. In addition, data may be exploited during use, compromising the personal or property interests of countries, social public interests, and other citizens.
In fact, the individual privacy data as the underlying resource of the supporting element universe running continuously needs to be updated and expanded continuously, and the collection, storage and management of the data resource compliance remain to be discussed. The meta universe is used as a virtual space exceeding reality, and the information such as identity attribute, physiological response, behavior path, social relationship, interpersonal interaction, property resource, even emotion state and brain wave mode of a user needs to be subjected to fine granularity mining and real-time synchronization. In addition, the meta universe is connected with diversified hardware devices, and huge data processing and exchanging requirements are also faced. The individual data as the bottom resource of the supporting element universe continuous operation needs to be continuously updated and expanded, and how to reasonably authorize and compliance application of the data resources needs to be safely authenticated in a space area. However, in the development of the meta-space system at present, privacy protection of data sources is lacking and the authenticatable requirement of data cannot be met.
In conclusion, the space region security authentication method based on the meta-universe system is designed for guaranteeing confidentiality and authenticability of data sources and has important application prospects.
Disclosure of Invention
In view of the above, the invention provides a space region security authentication method based on a meta-universe system, which is used for solving the technical problems that the existing meta-universe system lacks of privacy protection for a data source and cannot meet the data authenticatable requirement.
The aim of the invention is realized by the following technical scheme:
the space region safety authentication method based on the metauniverse system is applied to a safety authentication system, wherein the safety authentication system comprises a key generation center and a plurality of terminal devices which are in communication connection with the key generation center, and the terminal devices are positioned in the space region of the metauniverse system; the method comprises the following steps:
s100, a key generation center generates a system public parameter set, and executes a grid trapdoor derivative function to generate and store a main private key of the key generation center, wherein the system public parameter set comprises an anti-collision hash function and a main public key of the key generation center executing the grid trapdoor derivative function to generate;
s200, the key generation center calculates a hash function value of the terminal equipment identity, calculates a public key of the terminal equipment according to the hash function value, executes a lattice agent derivative function by utilizing a main public key and a main private key of the terminal equipment to generate a private key corresponding to the terminal equipment identity, and sends the private key to the terminal equipment through a secure channel;
s300, after the receiving end equipment is determined, the transmitting end equipment performs a lattice original image extraction function to generate a digital signature of an original message to be transmitted by utilizing a public key and a private key of the receiving end equipment, calculates the public key of each receiving end equipment, then generates authentication encryption information corresponding to the original message according to an encryption algorithm and an exclusive-or operation of a lattice cryptosystem, the digital signature of the original message and the public key of each receiving end equipment, and transmits the authentication encryption information and association information between each receiving end equipment to each receiving end equipment, wherein the transmitting end equipment is terminal equipment for transmitting the message at present, and the receiving end equipment is terminal equipment for receiving the message transmitted by the transmitting end equipment;
s400, the receiving end equipment locates the corresponding authentication encryption information according to the association information, recovers the digital signature and the original message by utilizing the private key of the receiving end equipment, and verifies whether the recovered original message is effective by utilizing a verification method of the digital signature on a grid, if so, the receiving end equipment successfully extracts the authenticatable message, otherwise, the receiving end equipment fails to extract the authenticatable message.
Preferably, the S100 specifically is:
s101, setting a first anti-collision hash function by a key generation centerWherein, the method comprises the steps of, wherein,for the identity length of the terminal device, +.>Is modulo prime->Upper->A dimension low norm invertible matrix space;
s102, setting a second anti-collision hash function by the key generation centerWherein, the method comprises the steps of, wherein,for bit strings of arbitrary length, < > for>Is modulo prime->Upper->A dimension vector space;
s103, setting a third anti-collision hash function in the key generation centerWherein->Indicating a fixed length +.>Bit string of->The length of the message is sent to the terminal equipment;
s104, the key generation center executes the lattice trapdoor derivative functionMain private key of key generation center>And the main public key of the key generation center +.>Wherein->Is modulo prime->Upper part of the cylinderA dimension matrix space;
s105, public parameter set of key generation center public systemAnd securely store the master private key +.>。
Preferably, the S200 specifically includes:
s201, the key generation center calculates the identity of the terminal equipmentIs +.>Public key of terminal device +.>;
S202, the key generation center uses the main public keyAnd a master private key->Executing the lattice proxy derivation function +.>Generating a private key corresponding to the identity of the terminal equipmentAfter which the key generation center will add the private key via the secure channel>To the terminal device, wherein ∈>Representing the derived functions of the lattice agentsAnd running successfully the discrete Gaussian noise parameters.
Preferably, the step S300 specifically includes:
s301, randomly selecting bit strings with any length by a transmitting end deviceAnd calculates about bit string +.>Self identity->And original message->Is>Wherein, the method comprises the steps of, wherein,is a concatenated symbol;
s302, the sender device uses its own public keyAnd private key->Executing the lattice primary image extraction function +.>Generating digital signaturesWherein->Representing a discrete Gaussian noise parameter which enables the lattice primary image extraction function to run successfully;
s303, selecting a transmitting terminal deviceA random uniform vector/>Wherein, the method comprises the steps of, wherein,is self-identity mark +.>Vectors corresponding to the receiving end device of (c), and so on,/-, and so on>Is self-identity mark +.>Is a vector corresponding to the receiving end device of (1), and +.>,/>Representing the number of receiving end devices;
s304, the sender device calculates the public key corresponding to each receiver deviceWherein->;
S305, the transmitting end equipment calculates authentication encryption information corresponding to each receiving end equipmentAuthenticating the first component of the encryption information>,/>Is the transposed symbol of the matrix, authenticating the second component of the encryption information +.>,/>Is an exclusive or operation symbol;
s306, in a space region based on a meta-universe system, the transmitting terminal equipment encrypts all authentication encryption informationBit string->And association information between the receiving-end devices +.>Send to->Different receiving-end devices->。
Preferably, the S400 specifically is:
s401 receiving-end apparatusAccording to the association information->Locating corresponding authentication encryption information;
S402, the receiving end device uses the private key of the receiving end deviceFirst component of authentication encryption information from positioning +.>Restoring the vector->And digital signature->;
S403 receiving end equipmentRecovery bit string->;
S404 receiving end equipmentVerifying the recovered bit string +.>Whether the length is equal to +.>Bit, if->Before->Bit equal +.>Receiving end device->From bit string->Is->Bit extraction original message +.>;
S405 receiving end devicePublic key of sender device>The restored digital signature verification equation +.>Whether or not it is true, if yes, the receiving terminal device +.>Successfully extract the authenticatable message +.>Otherwise, the receiving end device->Extraction of the authenticatable message fails.
The invention has the beneficial effects that:
(1) The confidentiality and authenticability of the original information of the space region of the meta-space system of the quantum computing environment are realized by operating the lattice original image extraction function and the exclusive OR operation in one logic step, the protection of sensitive information is enhanced, the effective authentication and detection of the data source and the tampered or not are carried out, and meanwhile, the information processing efficiency of the space region of the meta-space system is also improved;
(2) The invention can realize distributed encryption information distribution and authentication in the space region environment of the meta-space system, and each receiving terminal device can realize adaptive message extraction and authentication according to the actual space region condition;
(3) By running the lattice-based proxy derivative function, random blinded private keys of any one terminal equipment identity mark can be generated, so that the security of the keys in the space region of the meta-universe system for quantum computation is enhanced, complex public key certificate management is not needed, and the security of the meta-universe system is improved.
Drawings
Fig. 1 is a flowchart of a space region security authentication method based on a metauniverse system.
Detailed Description
The technical solutions of the present invention will be clearly and completely described below with reference to the embodiments, and it is apparent that the described embodiments are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by a person skilled in the art without any inventive effort, are intended to be within the scope of the present invention, based on the embodiments of the present invention.
Referring to fig. 1, the present embodiment provides a space region security authentication method based on a metauniverse system, which is applied to a security authentication system, wherein the security authentication system comprises a key generation center and a plurality of terminal devices connected with the key generation center in a communication manner, and the terminal devices are located in a space region of the metauniverse system and are owned by users in the space region of the metauniverse system.
Specifically, the space region security authentication method based on the meta-universe system comprises the following implementation steps:
s100, a system initialization stage: the key generation center generates a system public parameter set, and executes the lattice trapdoor derivative function to generate and store a main private key of the key generation center, wherein the system public parameter set comprises a hash function for collision resistance and the main public key of the key generation center executing the lattice trapdoor derivative function to generate. Wherein the lattice trapdoor derivative functionIs defined as follows: the function generates a main public key and a main private key of the system by inputting the lattice dimension parameter and the modulus, wherein the main private key is a shorter lattice in the lattice space, and the Euclidean norm is lower.
S200, a private key derivation stage based on identity: the key generation center calculates a hash function value of the terminal equipment identity, calculates a public key of the terminal equipment according to the hash function value, executes a lattice-based proxy derivative function to generate a private key corresponding to the terminal equipment identity by utilizing a main public key and a main private key of the terminal equipment, and sends the private key to the terminal equipment through a secure channel. Wherein the lattice proxy derivation functionIs defined as follows: the function is realized by inputting a main public key, a main private key and a baseThe identity-based private key can be derived from the hash function value of the identity and the discrete Gaussian noise parameter which enables the lattice-based proxy derivative function to run successfully, and the private key is also a shorter lattice in lattice space in nature, and has a lower Euclidean norm.
S300, authentication encryption information generation: after the receiving end equipment is determined, the transmitting end equipment utilizes the public key and the private key of the transmitting end equipment to execute a lattice original image extraction function to generate a digital signature of an original message to be transmitted, calculates the public key of each receiving end equipment, then generates authentication encryption information corresponding to the original message according to an encryption algorithm, an exclusive-or operation of a lattice cryptosystem, the digital signature of the original message and the public key of each receiving end equipment, and then transmits the authentication encryption information and associated information between each receiving end equipment to each receiving end equipment. The sender device is the terminal device that is currently sending the message, also called the original device that generated the message data. The receiving end device is a terminal device for receiving the message sent by the sending end device. Wherein, the lattice primary image extraction functionIs defined as follows: the function generates a new short vector by inputting an identity-based private key, an identity-based public key, a random vector and a discrete Gaussian noise parameter which enables the lattice original image extraction function to run successfully, and the European norm is lower, wherein the identity-based private key is a signature private key of a transmitting end device, the new short vector is a digital signature, and if the signature private key is not available, the digital signature of the corresponding transmitting end device cannot be forged.
S400, information extraction and authentication: the receiving end equipment locates the corresponding authentication encryption information according to the associated information, recovers the digital signature and the original message by utilizing the private key of the receiving end equipment, and verifies whether the recovered original message is effective by utilizing a verification method of the digital signature on a grid, if so, the receiving end equipment successfully extracts the authenticatable message, otherwise, the receiving end equipment fails to extract the authenticatable message.
In this embodiment, S100 specifically includes:
S101. the key generation center sets a first anti-collision hash functionWherein, the method comprises the steps of, wherein,for the identity length of the terminal device, +.>Is modulo prime->Upper->The low-norm invertible matrix space is maintained.
S102, setting a second anti-collision hash function by the key generation centerWherein, the method comprises the steps of, wherein,for bit strings of arbitrary length, < > for>Is modulo prime->Upper->The dimension vector space.
S103, setting a third anti-collision hash function in the key generation centerWherein->Indicating a fixed length +.>Bit string of->The length of the message is sent for the terminal device.
S104, the key generation center executes the lattice trapdoor derivative functionMain private key of key generation center>And the main public key of the key generation center +.>Wherein->Is modulo prime->Upper part of the cylinderDimensional matrix space.
S105, public parameter set of key generation center public systemAnd securely store the master private key +.>。
Further, S200 is specifically:
s201, the key generation center calculates the identity of the terminal equipmentIs +.>Public key of terminal device +.>;
S202, key generation center utilizes the main publicKey(s)And a master private key->Executing the lattice proxy derivation function +.>Generating private key corresponding to the terminal equipment identity mark>After which the key generation center will add the private key via the secure channel>To the terminal device, wherein ∈>Representing the discrete gaussian noise parameters that make the lattice-based proxy-derived function run successfully.
Further, S300 specifically includes:
s301, randomly selecting bit strings with any length by a transmitting end deviceAnd calculates about bit string +.>Self identity->And original message->Is>Wherein, the method comprises the steps of, wherein,is a concatenated symbol;
s302, the transmitting terminal device utilizes the transmitting terminal devicePublic keyAnd private key->Executing the lattice primary image extraction function +.>Generating digital signaturesWherein->Representing a discrete Gaussian noise parameter which enables the lattice primary image extraction function to run successfully;
s303, selecting a transmitting terminal deviceA random uniform vector->Wherein->Is self-identity mark +.>Vectors corresponding to the receiving end device of (c), and so on,/-, and so on>Is self-identity mark +.>Is a vector corresponding to the receiving end device of (1), and +.>Representing the number of receiving end devices;
s304, the sender device calculates the public key corresponding to each receiver deviceWherein->;
S305, the transmitting end equipment calculates authentication encryption information corresponding to each receiving end equipmentAuthenticating the first component of the encryption information>,/>Is the transposed symbol of the matrix, authenticating the second component of the encryption information +.>,/>Is an exclusive or operation symbol;
s306, in a space region based on a meta-universe system, the transmitting terminal equipment encrypts all authentication encryption informationBit string->And association information between the receiving-end devices +.>Send to->Different receiving-end devices->。
Further, S400 specifically includes:
s401 receiving-end apparatusAccording to the association information->Locating corresponding authentication encryption information;
S402 receiving end equipmentUses private key->First component of authentication encryption information from positioning +.>Restoring the vector->And digital signature->;
S403 receiving end equipmentRecovery bit string->;
S404 receiving end equipmentVerifying the recovered bit string +.>Whether the length is equal to +.>Bit, if->Before->Bit equal +.>Receiving end device->From bit string->Is->Bit extraction original message +.>;
S405 receiving end devicePublic key of sender device>Digital signature restored ++>Verification equation->Whether or not it is true, if yes, the receiving terminal device +.>Successfully extract the authenticatable message +.>Otherwise, the receiving end device->Extraction of the authenticatable message fails.
The foregoing is merely a preferred embodiment of the invention, and it is to be understood that the invention is not limited to the form disclosed herein but is not to be construed as excluding other embodiments, but is capable of numerous other combinations, modifications and environments and is capable of modifications within the scope of the inventive concept, either as taught or as a matter of routine skill or knowledge in the relevant art. And that modifications and variations which do not depart from the spirit and scope of the invention are intended to be within the scope of the appended claims.
Claims (5)
1. A space region security authentication method based on a metauniverse system, which is characterized by being applied to a security authentication system, wherein the security authentication system comprises a key generation center and a plurality of terminal devices in communication connection with the key generation center, and the terminal devices are positioned in a space region of the metauniverse system, and the method comprises the following steps:
s100, a key generation center generates a system public parameter set, and executes a grid trapdoor derivative function to generate and store a main private key of the key generation center, wherein the system public parameter set comprises an anti-collision hash function and a main public key of the key generation center executing the grid trapdoor derivative function to generate;
s200, the key generation center calculates a hash function value of the terminal equipment identity, calculates a public key of the terminal equipment according to the hash function value, executes a lattice agent derivative function by utilizing a main public key and a main private key of the terminal equipment to generate a private key corresponding to the terminal equipment identity, and sends the private key to the terminal equipment through a secure channel;
s300, after the receiving end equipment is determined, the transmitting end equipment performs a lattice original image extraction function to generate a digital signature of an original message to be transmitted by utilizing a public key and a private key of the receiving end equipment, calculates the public key of each receiving end equipment, then generates authentication encryption information corresponding to the original message according to an encryption algorithm and an exclusive-or operation of a lattice cryptosystem, the digital signature of the original message and the public key of each receiving end equipment, and transmits the authentication encryption information and association information between each receiving end equipment to each receiving end equipment, wherein the transmitting end equipment is terminal equipment for transmitting the message at present, and the receiving end equipment is terminal equipment for receiving the message transmitted by the transmitting end equipment;
s400, the receiving end equipment locates the corresponding authentication encryption information according to the association information, recovers the digital signature and the original message by utilizing the private key of the receiving end equipment, and verifies whether the recovered original message is effective by utilizing a verification method of the digital signature on a grid, if so, the receiving end equipment successfully extracts the authenticatable message, otherwise, the receiving end equipment fails to extract the authenticatable message.
2. The meta-space system-based space region security authentication method according to claim 1, wherein the S100 specifically is:
s101, setting a first anti-collision hash function by a key generation centerWherein->For the identity length of the terminal device, +.>Is modulo prime->Upper->A dimension low norm invertible matrix space;
s102, setting a second anti-collision hash function by the key generation centerWherein->For bit strings of arbitrary length, < > for>Is modulo prime->Upper->A dimension vector space;
s103, setting a third anti-collision hash function in the key generation centerWherein->Indicating a fixed length +.>Bit string of->The length of the message is sent to the terminal equipment;
s104, the key generation center executes the lattice trapdoor derivative functionGenerating a master private key of a key generation centerAnd the main public key of the key generation center +.>Wherein->Is modulo prime->Upper->A dimension matrix space;
s105, public parameter set of key generation center public systemAnd securely store the master private key +.>。
3. The meta-space system-based space region security authentication method according to claim 2, wherein S200 specifically is:
s201, the key generation center calculates the identity of the terminal equipmentIs +.>Public key of terminal device +.>;
S202, the key generation center uses the main public keyAnd a master private key->Executing the lattice proxy derivation function +.>Generating a private key corresponding to the identity of the terminal equipmentAfter which the key generation center will add the private key via the secure channel>To the terminal device, wherein ∈>Representing the discrete gaussian noise parameters that make the lattice-based proxy-derived function run successfully.
4. The meta-space system-based space region security authentication method according to claim 3, wherein the S300 specifically is:
s301, randomly selecting bit strings with any length by a transmitting end deviceAnd calculates about bit string +.>Self identity->And original message->Is>Wherein->Is a concatenated symbol;
s302, the sender device uses its own public keyAnd private key->Executing the lattice primary image extraction function +.>Generating a digital signature->Wherein->Representing a discrete Gaussian noise parameter which enables the lattice primary image extraction function to run successfully;
s303, selecting a transmitting terminal deviceA random uniform vector->Wherein->Is self-identity mark +.>Vectors corresponding to the receiving end device of (c), and so on,/-, and so on>Is self-identity mark +.>Is a vector corresponding to the receiving end device of (1), and +.>,/>Representing the number of receiving end devices;
s304, the sender device calculates the public key corresponding to each receiver deviceWherein->;
S305, the transmitting end equipment calculates authentication encryption corresponding to each receiving end equipmentInformation processing systemAuthenticating the first component of the encryption information>,/>Is the transposed symbol of the matrix, authenticating the second component of the encryption information +.>,/>Is an exclusive or operation symbol;
s306, in a space region based on a meta-universe system, the transmitting terminal equipment encrypts all authentication encryption informationBit string->And association information between the receiving-end devices +.>Send to->Different receiving-end devices->。
5. The meta-space system-based space region security authentication method according to claim 4, wherein S400 specifically is:
s401 receiving-end apparatusAccording to the association information->Locating corresponding authentication encryption information;
S402 receiving end equipmentUses private key->First component of authentication encryption information from positioning +.>Restoring the vector->And digital signature->;
S403 receiving end equipmentRecovery bit string->;
S404 receiving end equipmentVerifying the recovered bit string +.>Whether the length is equal to +.>Bit, if->Front of (2)Bit equal +.>Receiving end device->From bit string->Is->Bit extraction original message +.>;
S405 receiving end devicePublic key of sender device>Digital signature restored ++>Verification equation->Whether or not it is true, if yes, the receiving terminal device +.>Successfully extract the authenticatable message +.>Otherwise, receiving end equipment/>Extraction of the authenticatable message fails.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311055528.4A CN116781262B (en) | 2023-08-22 | 2023-08-22 | Space region security authentication method based on meta-universe system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311055528.4A CN116781262B (en) | 2023-08-22 | 2023-08-22 | Space region security authentication method based on meta-universe system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116781262A true CN116781262A (en) | 2023-09-19 |
| CN116781262B CN116781262B (en) | 2023-11-03 |
Family
ID=87994863
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311055528.4A Active CN116781262B (en) | 2023-08-22 | 2023-08-22 | Space region security authentication method based on meta-universe system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116781262B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110120939A (en) * | 2019-04-08 | 2019-08-13 | 淮阴工学院 | A kind of encryption method and system of the deniable authentication based on heterogeneous system |
| WO2020114121A1 (en) * | 2018-12-03 | 2020-06-11 | 上海扈民区块链科技有限公司 | Lattice-based digital signature method employing key agreement |
| CN114268439A (en) * | 2021-12-16 | 2022-04-01 | 中原工学院 | Identity-based authentication key negotiation method based on lattice |
| CN115037556A (en) * | 2022-08-09 | 2022-09-09 | 晨越建设项目管理集团股份有限公司 | Authorized sharing method for encrypted data in smart city system |
| CN115085918A (en) * | 2022-06-29 | 2022-09-20 | 中国银行股份有限公司 | Security authentication method and device, electronic equipment and computer storage medium |
| CN115801299A (en) * | 2022-06-30 | 2023-03-14 | 中国联合网络通信集团有限公司 | Meta-universe identity authentication method, device, equipment and storage medium |
| CN115964727A (en) * | 2022-12-19 | 2023-04-14 | 毛成磊 | Meta universe-based privacy protection system |
-
2023
- 2023-08-22 CN CN202311055528.4A patent/CN116781262B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2020114121A1 (en) * | 2018-12-03 | 2020-06-11 | 上海扈民区块链科技有限公司 | Lattice-based digital signature method employing key agreement |
| CN110120939A (en) * | 2019-04-08 | 2019-08-13 | 淮阴工学院 | A kind of encryption method and system of the deniable authentication based on heterogeneous system |
| CN114268439A (en) * | 2021-12-16 | 2022-04-01 | 中原工学院 | Identity-based authentication key negotiation method based on lattice |
| CN115085918A (en) * | 2022-06-29 | 2022-09-20 | 中国银行股份有限公司 | Security authentication method and device, electronic equipment and computer storage medium |
| CN115801299A (en) * | 2022-06-30 | 2023-03-14 | 中国联合网络通信集团有限公司 | Meta-universe identity authentication method, device, equipment and storage medium |
| CN115037556A (en) * | 2022-08-09 | 2022-09-09 | 晨越建设项目管理集团股份有限公司 | Authorized sharing method for encrypted data in smart city system |
| CN115964727A (en) * | 2022-12-19 | 2023-04-14 | 毛成磊 | Meta universe-based privacy protection system |
Non-Patent Citations (2)
| Title |
|---|
| CHAUHAN NENCY CHETAN等: "An Approach to Solve the Identification and Authentication Challenges in Metaverse", 《2023 SOMAIYA INTERNATIONAL CONFERENCE ON TECHNOLOGY AND INFORMATION MANAGEMENT (SICTIM)》 * |
| 卢颖等: "去中心化身份(DID)与元宇宙时代的读者统一认证服务", 《图书馆建设》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116781262B (en) | 2023-11-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111639361B (en) | Block chain key management method, multi-person common signature method and electronic device | |
| Hammi et al. | A lightweight ECC-based authentication scheme for Internet of Things (IoT) | |
| CN113364576B (en) | Data encryption evidence storing and sharing method based on block chain | |
| CN109274503A (en) | Distributed collaboration endorsement method and distributed collaboration signature apparatus, soft shield system | |
| CN110610105B (en) | Secret sharing-based authentication method for three-dimensional model file in cloud environment | |
| CN107483212A (en) | A kind of method of both sides' cooperation generation digital signature | |
| CN113301022B (en) | Internet of things equipment identity security authentication method based on block chain and fog calculation | |
| CN111404664B (en) | Quantum secret communication identity authentication system and method based on secret sharing and multiple mobile devices | |
| EP0661845A2 (en) | System and method for message authentication in a non-malleable public-key cryptosystem | |
| CN107171796A (en) | A kind of many KMC key recovery methods | |
| CN115277015A (en) | Asynchronous federal learning privacy protection method, system, medium, equipment and terminal | |
| Bojjagani et al. | Secure authentication and key management protocol for deployment of internet of vehicles (IoV) concerning intelligent transport systems | |
| CN108989020A (en) | A kind of unmanned plane ad hoc network defence Sybil attack method and system | |
| CN105162592B (en) | A kind of method and system of certification wearable device | |
| CN111416712A (en) | Quantum secret communication identity authentication system and method based on multiple mobile devices | |
| CN110572392A (en) | Identity authentication method based on HyperLegger network | |
| CN112702582B (en) | Secure transmission method and device for monitoring video based on SM2 | |
| CN112202773B (en) | Computer network information security monitoring and protection system based on internet | |
| CN117688604A (en) | Privacy set intersection method, device and storage medium in smart city system | |
| CN111245611B (en) | Anti-quantum computation identity authentication method and system based on secret sharing and wearable equipment | |
| CN109560926B (en) | Anti-quantum computing proxy digital signature method based on asymmetric key pool, signature system and computer equipment | |
| CN116781262B (en) | Space region security authentication method based on meta-universe system | |
| CN112423295B (en) | Lightweight security authentication method and system based on block chain technology | |
| CN113362065A (en) | Online signature transaction implementation method based on distributed private key | |
| Damgård et al. | On the theory and practice of personal digital signatures |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |