TWM596498U - System that promotes and strengthens key exchange procedure to confront quantum computing system - Google Patents
System that promotes and strengthens key exchange procedure to confront quantum computing system Download PDFInfo
- Publication number
- TWM596498U TWM596498U TW109203590U TW109203590U TWM596498U TW M596498 U TWM596498 U TW M596498U TW 109203590 U TW109203590 U TW 109203590U TW 109203590 U TW109203590 U TW 109203590U TW M596498 U TWM596498 U TW M596498U
- Authority
- TW
- Taiwan
- Prior art keywords
- key
- quantum
- manifold
- unit
- space
- Prior art date
Links
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
一種可對抗量子運算之金鑰交換系統,包含線性空間結構運算模組、流形運算模組以及巴拿赫空間運算模組;以金鑰變形或金鑰隱藏等技術手段,以助於在不同於一般量子運算攻擊所在的數學空間完成抗量子運算的金鑰交換程序後再回到希爾伯特空間解回原始金鑰。除了有助於在金鑰交換的過程中強化避免一般量子運算之破密攻擊之外,此系統之技術手段可以避免了現行PQC方案的實作缺失、市場上對稱與非對稱加密系統的漏洞、以及量子金鑰在希爾伯特空間的運算限制等問題,可兼容傳統金鑰或量子金鑰,克服現行多數PQC方案須透過高昂成本之設備運作的瓶頸。A key exchange system that can resist quantum operations, including linear space structure operation modules, manifold operation modules, and Banach space operation modules; using key transformation or key hiding techniques to help in different After completing the key exchange procedure for resisting quantum operations in the mathematical space where the general quantum computing attack is located, it returns to the Hilbert space to solve the original key. In addition to helping to strengthen the avoidance of general quantum computing cracking attacks in the process of key exchange, the technical means of this system can avoid the lack of implementation of the current PQC scheme, the loopholes of symmetric and asymmetric encryption systems on the market, As well as the problems of quantum key operation limitation in Hilbert space, it can be compatible with traditional keys or quantum keys to overcome the bottleneck of most current PQC solutions that must be operated through expensive equipment.
Description
本創作係關於對抗量子運算攻擊的金鑰交換系統,更特別的是關於一種可運用金鑰變形與金鑰隱藏中至少一種的金鑰轉換的技術,可兼容支援傳統金鑰與量子金鑰的運算,以有助於強化安全的金鑰交換程序之系統。This creation is about a key exchange system that resists quantum computing attacks. More specifically, it is about a key conversion technology that can use at least one of key deformation and key hiding. It is compatible with traditional keys and quantum keys. Operations to help strengthen the system of secure key exchange procedures.
目前常見的後量子加密(Post-quantum cryptography,PQC)技術,對於抵抗量子運算的攻擊,多採用已知的超高複雜度密碼系統(例如Lattice、Code-based、Supersingular Elliptic Curve Isogency)實作其金鑰機制,一方面其安全性仍取決於量子電腦之位元數的發展,另一方面一般終端使用者若要實現其機制,還須大幅升級現有的硬體設備才能運作順暢。除此之外,目前大多數的PQC方案還存在以下基本缺失,包括:缺乏透過逆運算進行驗證的機制,無法確保產出的正確率與成功率;其傳輸架構缺乏輕量化設計,不利於搭配IOT設備與現行頻寬進行海量資料傳輸;且許多PQC方案的加密強度並不穩定,不只增加品質保證的難度,且可能影響解碼端的正確性;另外所用的交換協定也會因為大幅增加交握與加解密機制的資料流量,導致許多現行HTTP Web Server面臨汰換的問題;此外在檔案傳輸協定的使用上,目前的PQC方案會因為選用的幾何結構不同(例如橢圓曲線或晶格) ,存在有不同的編碼對應問題,可能造成傳輸檔案的結尾錯誤,甚至在小封包傳輸的情況下還會增加被量子運算破密的風險;而有些搭配ElGamal加解密系統的模擬機制,更存在當多個可能解大量產生時,系統無法有效判斷正確解的問題。而且現行PQC方案多需汰除傳統金鑰,無法兼顧傳統金鑰與未來量子金鑰的需求,其產業利用性存在許多現實上的限制。At present, the common post-quantum cryptography (PQC) technology adopts known ultra-high complexity cryptosystems (such as Lattice, Code-based, Supersingular Elliptic Curve Isogency) to resist the attacks of quantum computing. On the one hand, the security of the key mechanism still depends on the development of the number of bits of the quantum computer. On the other hand, if an end user wants to implement its mechanism, he must upgrade the existing hardware equipment to operate smoothly. In addition, most of the current PQC solutions still have the following basic deficiencies, including: the lack of a mechanism for verification through inverse operations, which cannot ensure the correctness and success rate of the output; the lack of lightweight design of its transmission architecture is not conducive to matching Massive data transmission between the IOT device and the current bandwidth; and the encryption strength of many PQC schemes is not stable, which not only increases the difficulty of quality assurance, but also may affect the accuracy of the decoding end; in addition, the exchange protocol used will also greatly increase the handshake and The data flow of the encryption and decryption mechanism has caused many existing HTTP Web Servers to face the problem of replacement. In addition, in the use of file transfer protocols, the current PQC scheme will have different geometric structures (such as elliptic curves or lattices) due to the choice of geometric structure. Different coding correspondence problems may cause the end of the transmission file to be wrong, and even in the case of small packet transmission, it will increase the risk of being decrypted by quantum operations; and some simulation mechanisms with ElGamal encryption and decryption systems are more likely to be multiple. When a large number of solutions are generated, the system cannot effectively determine the correct solution. Moreover, the current PQC scheme needs to eliminate traditional keys, and cannot meet the needs of traditional keys and future quantum keys. There are many practical limitations to its industrial applicability.
然而即使目前有少數方案兼容傳統金鑰,但是對於現行對稱與非對稱式金鑰系統的漏洞,仍無法有效避免,例如:資料傳輸只能在傳統通道進行;其亂數產生機制大多採用偽亂數產生器,此類函式庫易被破解;對於現行憑證被竊之後的應對機制亦不完善;此外現行對稱與非對稱系統所適用的質因數,也多被掌握,繼續尋求更大的質因數也會造成系統效能問題;尤其重要的是,許多目前的模數運算機制容易在一段時間的暴力攻擊下,被測出模數參數或是函式庫的相關設定。However, even though there are currently a few solutions compatible with traditional keys, the loopholes in the current symmetric and asymmetric key systems cannot be effectively avoided, for example: data transmission can only be carried out in traditional channels; most of the random number generation mechanisms use pseudo-random Number generators, such libraries are easy to be cracked; the response mechanism after the current certificate is stolen is also incomplete; in addition, the prime factors applicable to the current symmetric and asymmetric systems are also mostly mastered, and continue to seek greater quality. Factors can also cause system performance problems; it is especially important that many current modulus arithmetic mechanisms are prone to be tested with modulus parameters or related settings of libraries under a period of brute force attacks.
再者,目前基於已知的量子金鑰配置(Quantum key distribution,QKD)技術所實作的量子金鑰系統,常常因為執行希爾伯特空間的運算體系,而有以下限制,例如:在希爾伯特空間中,只能適用少數已知的距離定義;此外其矩陣運算必須使用正交基底,將增加被量子運算暴力破解的可能性;尤其受限於量子本身的物理性質,可用於希爾伯特空間的運算子更為有限;以上相關限制都不利於目前已發表的量子金鑰系統於希爾伯特空間對抗量子破密運算。Furthermore, the quantum key system currently implemented based on the known quantum key distribution (QKD) technology often has the following limitations due to the implementation of the Hilbert space computing system. For example: In the Albert space, only a few known distance definitions can be applied; in addition, its matrix operations must use orthogonal bases, which will increase the possibility of brute force cracking by quantum operations; especially limited by the physical properties of quantum itself, it can be used in Greek The operators in the Albert space are even more limited; the above limitations are not conducive to the quantum key system currently published against the quantum decryption operation in the Hilbert space.
由此可知,目前後量子加密之金鑰技術,仍有待改進。It can be seen that the key technology of post-quantum encryption still needs to be improved.
本創作之一目的在於提出一種能夠對抗量子運算攻擊的有助於強化金鑰交換程序的技術,其中如果能夠在金鑰的交換程序上對抗量子運算的攻擊,那麼就能避免傳統金鑰或量子金鑰在交換過程中被攔截之後以量子運算破解。據此,即使是使用一般傳統金鑰,在基於本創作的實施例所進行的金鑰交換過程中,也能有效降低被量子運算破密的風險。此技術可實現於具合理成本的電子裝置或系統,且可避免在短期內汰除大量傳統金鑰系統的資本支出。同時有效避免先前技術在現行PQC方案的實作缺失、市場上對稱與非對稱加密系統的漏洞、以及量子金鑰在希爾伯特空間的運算限制等問題。One of the purposes of this creation is to propose a technology that can resist quantum computing attacks and help to strengthen the key exchange program. If the key exchange program can be used to resist quantum computing attacks, then the traditional key or quantum can be avoided After the key is intercepted in the exchange process, it is cracked by quantum operation. According to this, even if a general traditional key is used, the risk of being compromised by quantum operations can be effectively reduced during the key exchange process based on the embodiment of this creation. This technology can be implemented in electronic devices or systems with reasonable cost, and can avoid the capital expenditure of a large number of traditional key systems in a short period of time. At the same time, it effectively avoids the lack of implementation of the previous technology in the current PQC scheme, the loopholes of symmetric and asymmetric encryption systems on the market, and the computational limitations of quantum keys in Hilbert space.
為達成上述目的,本創作提出一種可用於對抗量子運算攻擊之金鑰交換裝置或系統的實施例,其包括一『線性空間結構』運算模組,該線性空間結構運算模組可以包含以下單元:一『量子運算子整合計算單元』,可於線性空間支援量子基本運算;一『可交換運算子-處理單元』,可用於維護原始訊息的完整性;一『原根產生單元』,可用於導出線性空間中,適用的代數結構循環群;一『量子亂數產生單元』,可提供導出原根的真隨機性;以及一『進階數論運算單元』,可提供代數結構下的模次冪運算能力。In order to achieve the above purpose, the author proposes an embodiment of a key exchange device or system that can be used to resist quantum computing attacks, which includes a "linear space structure" computing module. The linear space structure computing module may include the following units: A "quantum operator integrated computing unit" can support quantum basic operations in linear space; a "swappable operator-processing unit" can be used to maintain the integrity of the original message; a "original root generation unit" can be used for export In linear space, applicable cyclic groups of algebraic structure; a "quantum random number generation unit" can provide true randomness of the derived root; and a "advanced number theory operation unit" can provide modular power operation under algebraic structure ability.
在一實施例中,『量子運算子整合計算單元』包括以下子單元:一么正變換運算子單元;一降維運算子單元;一正交基底篩選子單元;一內積運算子單元;一固有化運算子單元;一厄米特驗證子單元;一基態分析子單元;一拉普拉斯轉換子單元;以及一轉換運算子單元。其中,『么正變換運算子單元』,可對線性矩陣進行么正變換;『降維運算子單元』,可對多維空間之么正矩陣作降維處理;『正交基底篩選子單元』,以驗證向量空間基底之正交性;『內積運算子單元』,以支援向量空間之內積計算;『固有化運算子單元』,以計算向量空間之特徵值與特徵向量;『厄米特驗證子單元』,以確認選用的量子運算子是否為厄米特運算子;『基態分析子單元』,用以計算量子自基態躍遷的機率;『拉普拉斯轉換子單元』,以導出向量空間內互相垂直的波向量;『轉換運算子單元』,可選用合適的轉換運算子,將向量空間轉換為共軛之複數空間。以上之各個子單元可基於相關之習知技術而實現為軟體單元、硬體單元或以軟體結合方式實現,然此組合之整合計算單元可花費有限的運算成本,有效率地提供各種轉換對於線性空間所需的基本運算,並且有助於確保各種基本轉換運算之正確性。In one embodiment, the "quantum operator integrated computing unit" includes the following subunits: a positive transform operator subunit; a dimension reduction operator subunit; an orthogonal basis screening subunit; an inner product operator subunit; a Intrinsic operation subunit; an Hermitian verification subunit; a ground state analysis subunit; a Laplace conversion subunit; and a conversion operator subunit. Among them, "Ma positive transformation operator unit" can perform linear transformation on linear matrix; "Dimension reduction operator unit" can perform dimensionality reduction on multi-dimensional space ma positive matrix; "Orthogonal basis screening subunit", To verify the orthogonality of the base of the vector space; "Inner product operator unit" to support the inner product calculation of the vector space; "Inherent operator unit" to calculate the eigenvalues and eigenvectors of the vector space; "Ermite "Verification subunit" to confirm whether the selected quantum operator is an Hermitian operator; "Ground state analysis subunit" is used to calculate the probability of quantum transition from the ground state; "Laplace transform subunit" to derive a vector Wave vectors that are perpendicular to each other in the space; "Conversion operator unit", you can choose a suitable conversion operator to convert the vector space into a conjugate complex space. Each of the above subunits can be implemented as software units, hardware units, or in a combination of software based on related conventional technologies, but this combined integrated computing unit can cost limited computational costs and efficiently provide various conversions for linear The basic operations required for space, and help ensure the accuracy of various basic conversion operations.
在同一實施例中,上述量子運算子整合計算單元的相關線性轉換運算的結果,需進一步透過可交換運算子處理單元,確認是否其固有值有退化的現象,並以可交換運算子完備集 (Complete set of commuting observables,C.S.C.O.)去除退化問題,以維護原始訊息的完整性;接著將已去退化的完備轉換結果,配合線性空間結構運算模組之量子亂數產生單元與原根產生單元,可進一步產生具有真隨機性的適用代數結構之循環群。In the same embodiment, the result of the related linear conversion operation of the quantum operator integrated computing unit needs to be further confirmed through the exchangeable operator processing unit to determine whether its inherent value is degraded, and a complete set of exchangeable operators ( Complete set of commuting observables (CSCO) to remove the degradation problem in order to maintain the integrity of the original message; then, the complete conversion result of the degeneration has been combined with the quantum random number generation unit and the original root generation unit of the linear space structure operation module. Further generate cyclic groups with true randomness and suitable algebraic structure.
在同一實施例中,『進階數論』運算單元包括一代數環運算子單元;一伽羅瓦群運算子單元;以及一模次冪根連續平方運算子單元。其中,『代數環運算子單元』,可支援代數結構環之維護與運算;『伽羅瓦群運算子單元』,可支援伽羅瓦群之產生與運算;『模次冪根連續平方運算子單元』,利用尤拉定理與費馬小定理之運算程序,可處理模次冪根的連續平方計算。以上之各個子單元可基於相關習知技術而實現為軟體單元、硬體單元或以軟硬體結合方式實現,然此組合之運算單元可提供具高複雜度的安全性代數結構,同時有效率地簡化模次冪根的運算程序。In the same embodiment, the "advanced number theory" arithmetic unit includes a generation number loop arithmetic subunit; a Galois group arithmetic subunit; and a modular power root continuous square arithmetic subunit. Among them, the "algebraic loop operator unit" can support the maintenance and operation of the algebraic structure ring; the "Galova group operator unit" can support the generation and operation of the Galois group; "modular power root continuous square operation subunit" Utilizing the operation procedures of Yura's theorem and Fermat's little theorem, it can handle the continuous square calculation of modular power root. Each of the above subunits can be implemented as software units, hardware units, or a combination of hardware and software based on related conventional technologies. However, this combined arithmetic unit can provide a highly complex security algebra structure while being efficient Simplify the operation procedure of modular power root.
在一實施例中,此創作之系統更可包括一『流形運算』模組,該模組可以包含一金鑰運算單元及一金鑰交換單元。金鑰運算單元用以對金鑰進行流形拓樸進行運算,以得出已轉換的金鑰。金鑰運算單元可包含:一金鑰變形運算單元,可對一『傳統金鑰』使用多種流形運算子單元,將傳統金鑰變形為一『卡拉比丘流形』以作為已轉換的金鑰;以及一金鑰隱藏運算單元,可對一『量子金鑰』使用特定流形運算子單元進行隱藏變換,將該量子金鑰隱藏於一隨時間演化的熱核函數中,以作為已轉換的金鑰。金鑰交換單元,可對傳送端或接收端使用的已變形的傳統金鑰或已隱藏的量子金鑰(已轉換的金鑰)進行處理,以助於強化金鑰交換程序。In one embodiment, the authored system may further include a "manifold operation" module, which may include a key calculation unit and a key exchange unit. The key operation unit is used to perform manifold topology operation on the key to obtain the converted key. The key operation unit may include: a key transformation operation unit, which can use a variety of manifold operation sub-units for a "traditional key" to transform the traditional key into a "Karabic manifold" as the converted key ; And a key hiding operation unit, which can perform a hidden transformation on a "quantum key" using a specific manifold operation subunit, and hide the quantum key in a thermonuclear function that evolves over time as a converted Key. The key exchange unit can process the deformed traditional key or the hidden quantum key (converted key) used by the transmitting end or the receiving end, to help strengthen the key exchange process.
在一實施例中,上述『流形運算』模組之金鑰變形運算單元包括以下子單元:一『偽黎曼流形』運算子單元;一『芬斯勒流形』運算子單元;一『卡拉比丘流形』運算子單元;以及一『平行化流形』驗證子單元。其中,『偽黎曼流形』運算子單元可將傳統金鑰以一洛倫茲流形之模型表示;『芬斯勒流形』運算子單元,可將該洛倫茲流形之度量推廣至芬斯勒空間,使其轉變為芬斯勒流形;『卡拉比丘流形』運算子單元,可將該芬斯勒流形之複三維空間以卡拉比丘五次多項式表示成一卡拉比丘流形;『平行化流形』驗證子單元,用於驗證轉換後的流形是否為一可平行化之流形,以確認此金鑰變形的結果是否適用。以上之各個子單元可基於相關習知技術而實現為軟體單元、硬體單元或以軟硬體結合方式實現,然此組合之運算單元可達成先前技術未提供之金鑰變形功效,將一傳統金鑰成功轉換成一拓樸空間的表示方式,此一變形將使得使用希爾伯特空間基底的量子運算於金鑰交換的過程中,無法對傳統金鑰進行正確的分析。In an embodiment, the key transformation operation unit of the "manifold operation" module includes the following subunits: a "pseudo-Riemannian manifold" operation subunit; a "Fensler manifold" operation subunit; a "kara" Biqiu manifolds operation subunit; and a "parallel manifold" verification subunit. Among them, the "pseudo-Riemannian manifold" operator unit can represent the traditional key in a Lorentz manifold model; the "Fensler manifold" operator unit can generalize the measure of the Lorentz manifold to Finland Siler space, transforming it into a Finsler manifold; the "Karabic manifold" operator unit can express the complex three-dimensional space of the Finsler manifold as a Karabitchu polynomial in the form of a Kara Picchu quintic polynomial; " "Parallel Manifold" verification subunit is used to verify whether the transformed manifold is a parallelizable manifold to confirm whether the result of this key deformation is applicable. Each of the above subunits can be implemented as software units, hardware units, or a combination of software and hardware based on related conventional technologies. However, this combined computing unit can achieve the key modification function not provided by the prior art. The key is successfully converted into a representation of a topological space. This modification will make it impossible for the traditional key to be correctly analyzed in the process of key exchange using quantum operations based on the Hilbert space basis.
在一實施例中,前述『流形運算』模組之金鑰隱藏運算單元包括以下子單元:一『辛流形』運算子單元;一『雙邊濾波』子單元;以及一『熱核函數轉換』子單元。其中,『辛流形』運算子單元用以將量子金鑰之所有組態以相空間進行辛流形建模;『雙邊濾波』子單元,用以汰除不適用的量子態,並保留必要的邊緣訊息;『熱核函數轉換』子單元,則利用狄拉克δ函數將多量子態的位置運算子轉換成熱核函數。以上之各個子單元可基於相關習知技術而實現為軟體單元、硬體單元或以軟硬體結合方式實現,然此組合之運算單元可達成先前技術未提供之金鑰隱藏功效,將一量子金鑰之組態轉換成熱核函數的表達方式,使得一般量子運算攻擊於金鑰交換的過程中,無法找到可做量子運算的金鑰組態。In one embodiment, the key hiding operation unit of the aforementioned "manifold operation" module includes the following subunits: a "symplectic manifold" operation subunit; a "bilateral filtering" subunit; and a "thermal kernel function conversion" 』Subunit. Among them, the "symplectic manifold" operator unit is used to model all configurations of quantum keys in the phase space for symplectic manifold modeling; the "bilateral filtering" subunit is used to eliminate unsuitable quantum states and retain the necessary The marginal message of "Thermal function conversion" subunit uses the Dirac delta function to convert the position operator of multiple quantum states into a thermonuclear function. Each of the above subunits can be implemented as software units, hardware units, or a combination of hardware and software based on related conventional technologies. However, the combined computing unit can achieve the key hiding effect that is not provided by the prior art. The configuration of the key is converted into the expression of the thermonuclear function, so that the general quantum operation is attacked during the key exchange process, and the key configuration that can be used for quantum operation cannot be found.
在另一實施例中,上述金鑰隱藏運算單元之『雙邊濾波』子單元,可進一步包含以下元件:一『退相干過濾器』,用於汰除退相干的量子組態;一『機率過濾器』,可汰除發生機率低的量子態;以及一『訊息保存器』,用於保留金鑰變形後,位於非流形邊緣的重要訊息。以上之各個元件可基於相關習知技術而實現為軟體單元、硬體單元或以軟硬體結合方式實現,然此組合之雙邊濾波子單元可確保金鑰交換過程中,傳送端與接收端執行金鑰隱藏運算的正確性與成功率。In another embodiment, the "bilateral filtering" sub-unit of the key hiding operation unit may further include the following components: a "decoherent filter", used to eliminate the decoherent quantum configuration; and a "probability filter" Device”, which can eliminate the quantum state with low probability; and a “message saver”, which is used to retain the important information on the non-manifold edge after the key is deformed. Each of the above components can be implemented as a software unit, a hardware unit, or a combination of software and hardware based on related conventional technologies. However, the combined bilateral filtering sub-unit can ensure that the sending end and the receiving end are executed during the key exchange process. The accuracy and success rate of key hiding operations.
在一實施例中,前述『流形運算』模組之金鑰交換單元可以包括:一『傳統金鑰交換』子單元與一『量子金鑰交換』子單元。In an embodiment, the key exchange unit of the aforementioned "manifold operation" module may include: a "traditional key exchange" subunit and a "quantum key exchange" subunit.
其中,傳統金鑰交換子單元,包含有以下元件:一『拓樸曲面轉換器』,用以將一拓樸曲面轉換為可微分之流形;以及一『非線性偏微分計算器』用以將一流形以偏微分運算轉換成可參數化的曲率多項式之積分式。以上之各個元件可基於相關習知技術而實現為軟體單元、硬體單元或以軟硬體結合方式實現,然此組合之傳統金鑰交換子單元可達成先前技術未提供之促進金鑰交換的功效,可將已變形之傳統金鑰或量子金鑰所對應的流形資料轉換成代表曲率多項式之積分式的積分式資料,並將該積分式資料中表示的多項式予以參數化,再使用隨時間演化的偏微分方程,以助於傳統通道強化金鑰交換程序。同時,以上的『金鑰變形運算單元』與『傳統金鑰交換子單元』之整合亦有效避免了傳統對稱與非對稱加密系統在金鑰交換過程中,先前技術的可能漏洞。Among them, the traditional key exchange subunit includes the following components: a "topological surface converter", which is used to convert a topological surface into a differentiable manifold; and a "nonlinear partial differential calculator" is used Convert the first-order shape by partial differential operation into a parameterizable integral of curvature polynomial. Each of the above components can be implemented as a software unit, a hardware unit, or a combination of software and hardware based on related conventional technologies. However, this combination of traditional key exchange subunits can achieve key exchange promotion that is not provided by the prior art. Function, can transform the manifold data corresponding to the deformed traditional key or quantum key into integral data representing the integral of the curvature polynomial, and parameterize the polynomial represented in the integral data, and then use the random Partial differential equations evolved over time to help traditional channels strengthen key exchange procedures. At the same time, the integration of the above "key transformation unit" and "traditional key exchange sub-unit" also effectively avoids possible vulnerabilities in the prior art during the key exchange process of traditional symmetric and asymmetric encryption systems.
而前述之量子金鑰交換子單元,則包含有以下元件:一『超奇異橢圓曲線加密器』,用於進行金鑰交換與驗證之程序;一『博德曼集合產生器』,用於產生供數對轉換之無限迭代之複平面;一『非平凡零點產生器』,可根據對應座標產生接近該座標的非平凡零點。以上之各個元件可基於相關習知技術而實現為軟體單元、硬體單元或以軟硬體結合方式實現,然此組合之量子金鑰交換子單元可達成先前技術未提供之促進金鑰交換的功效,可將已隱藏於熱核函數內的量子金鑰之數對轉換至一無限迭代產生之複平面,並尋找其對應座標所接近的非平凡零點,再將所有對應的非平凡零點集合、位於複平面的金鑰數對,以及該複平面的產生參數,以一超奇異橢圓曲線加密,以助於進行金鑰交換與驗證之程序,從而有助於為一般的量子金鑰提供了兼具便利性與安全性且可透過具合理花費的裝置實作之金鑰交換流程。The aforementioned quantum key exchange subunit contains the following components: a "super-singular elliptic curve encryptor" used for key exchange and verification procedures; and a "Bodman set generator" used for generating A complex plane for infinite iteration of the conversion of several pairs; a "non-trivial zero point generator" can generate non-trivial zero points close to the coordinates according to the corresponding coordinates. Each of the above components can be implemented as a software unit, a hardware unit, or a combination of software and hardware based on related conventional technologies. However, this combined quantum key exchange subunit can achieve key exchange promotion that is not provided by the prior art. It can convert the pairs of quantum keys hidden in the thermonuclear function into a complex plane generated by an infinite iteration, and find the non-trivial zero points close to their corresponding coordinates, and then set all the corresponding non-trivial zero points. The key pairs in the complex plane and the generation parameters of the complex plane are encrypted with a super-singular elliptic curve to facilitate the process of key exchange and verification, which helps to provide a common quantum key. A key exchange process that is convenient and secure and can be implemented through a device with reasonable cost.
在另一實施例中,上述之量子金鑰交換子單元,可進一步包含一『孿生質數產生器』,可根據上述的非平凡零點所對應的質數,產生符合孿生質數猜想形式的孿生質數;以及一『模方陣驗證器』,可支援接收端以接收到的質數及所產生的模方陣進行逆運算驗證,以確認加密資料交換的正確性。同時,以上的『金鑰隱藏運算單元』與『量子金鑰交換子單元』之整合亦有效避免了許多PQC方案在金鑰交換過程中,先前技術的相關缺失。In another embodiment, the aforementioned quantum key exchange subunit may further include a "twin prime number generator", which can generate twin prime numbers that conform to the twin prime number conjecture form according to the prime numbers corresponding to the aforementioned non-trivial zero points; and A "modular matrix verifier" can support the receiving end to perform inverse verification with the received prime number and the generated modular square matrix to confirm the accuracy of the encrypted data exchange. At the same time, the integration of the above "key hiding operation unit" and "quantum key exchange sub-unit" also effectively avoids many related PQC solutions in the process of key exchange, the prior art related lack.
在一實施例中,此創作之系統更包含一『巴拿赫空間運算』模組,該模組包含以下單元:一『拓樸-巴拿赫空間轉換』單元,可使用絕妙定理,將表示位於拓樸空間的一流形的一第一流形資料進行拓樸空間至巴拿赫空間之轉換,以得到一第二流形資料,其中該第二流形資料表示於該巴拿赫空間的一流形;一『最小內同構分析』單元,用於以該第二流形資料找出金鑰所對應之最小同構交換群;一『光滑空間驗證』單元,用以確認該拓樸空間至巴拿赫空間之轉換的正確性;一『皮亞諾曲線轉換』單元,從而對該第二流形資料所導出的交換群進行多維度至一維之皮亞諾曲線的轉換,以得到維度轉換後資料,該維度轉換後資料表示一維之皮亞諾曲線;一『黎曼積分運算』單元,可透過黎曼積分之運算,將該維度轉換後資料轉換為表示一平面的一第一幾何資料;一『一致凸空間轉換』單元,用於對該第一幾何資料進行一致凸空間的曲面轉換,以得到表示一曲面的一第二幾何資料;一『超自反巴拿赫空間驗證』單元,用於確認該一致凸空間的曲面轉換是否成功,並可確認該一致凸空間的曲面轉換轉換是否符合對偶可逆性;若該曲面資料代表一可微分曲面,則一『次自反巴拿赫空間運算』單元,可對該第二幾何資料所表示之該曲面進行降維與映射操作,最後形成一具有弱*拓樸(Weak-star Topology)結構的一第三幾何資料;以及一『弱*拓樸空間轉換』單元,可透過對偶空間之線性操作,使具有弱*拓樸結構的該第三幾何資料轉入賦範空間,再導入內積運算與完備性,使原本透過該第一流形所攜帶的金鑰資訊回到希爾伯特空間。以上之各個單元可基於相關習知技術而實現為軟體單元、硬體單元或以軟硬體結合方式實現,然此組合之巴拿赫空間運算模組可達成先前技術未提供之金鑰空間轉換功效,支援流形運算模組於拓樸空間以助完成抗量子運算的金鑰交換程序後,再將該金鑰交換程序中使用的第一流形資料經由巴拿赫空間運算而轉換至希爾伯特空間解出原始金鑰,使得一般於希爾伯特空間所進行的量子運算無法介入基於本創作的實施例所進行的金鑰交換程序。同時,以上的『巴拿赫空間運算』模組與『金鑰隱藏運算單元』以及『量子金鑰交換子單元』之進一步的整合亦有效避免了許多量子金鑰加密系統在金鑰交換過程中,因為希爾伯特空間運算的限制所造成的問題。In one embodiment, the system of this creation further includes a "Banakh space operation" module, which includes the following units: a "topology-Banach space conversion" unit, which can use the exquisite theorem to express A first-class manifold data in top-level space in the topological space is converted from topological space to Banach space to obtain a second manifold data, wherein the second manifold data represents first-class data in the Banach space Shape; a "minimum internal isomorphic analysis" unit, used to find the minimum isomorphic exchange group corresponding to the key with the second manifold data; a "smooth space verification" unit, used to confirm the topology space to The correctness of the transformation of the Banach space; a "Piano curve conversion" unit, so that the exchange group derived from the second manifold data is converted from a multi-dimensional to a one-dimensional Piano curve to obtain the dimension The converted data, the dimension converted data represents a one-dimensional Piano curve; a "Riemann integral operation" unit, through the operation of Riemann integration, the dimension converted data can be converted into a first representing a plane Geometric data; a unit of "conformally convex space conversion", which is used to perform surface conversion of uniformly convex space of the first geometric data to obtain a second geometric data representing a curved surface; a "super-reflexive Banach space verification" 』Unit, used to confirm whether the surface conversion of the uniformly convex space is successful, and can confirm whether the surface conversion of the uniformly convex space conforms to the dual reversibility; if the surface data represents a differentiable surface, then a secondary reflexive The "Nach space operation" unit can perform dimensionality reduction and mapping operations on the surface represented by the second geometric data, and finally form a third geometric data with a weak * topology (Weak-star Topology) structure; and a The "weak * topological space conversion" unit can convert the third geometric data with weak * topological structure into the normed space through linear operation of the dual space, and then introduce inner product operation and completeness to make the original through the original The key information carried by the first manifold returns to Hilbert space. Each of the above units can be implemented as a software unit, a hardware unit, or a combination of software and hardware based on related conventional technologies. However, this combined Banach space operation module can achieve key space conversion not provided by the prior art. Efficacy, support the manifold operation module in the topology space to help complete the key exchange process of anti-quantum operation, and then convert the first manifold data used in the key exchange process to the Hill through the Banach space operation The original key is solved by the Bert space, so that the quantum operations generally performed in the Hilbert space cannot intervene in the key exchange procedure based on the embodiment of the present creation. At the same time, the further integration of the above "Banacher Space Computing" module with the "Key Hiding Operation Unit" and "Quantum Key Exchange Sub-unit" also effectively avoids many quantum key encryption systems during the key exchange process , Because of the problems caused by the limitations of Hilbert space operations.
藉此,上述本創作的多個實施例可實現對抗量子運算攻擊的金鑰交換機制。更可進一步據以實現金鑰變形、金鑰隱藏等機制。此技術可實現為高強度的抗量子運算之金鑰交換裝置或系統,且可實現於欲進行通訊的發送端與接收端。在一些實施例中,此技術可兼容支援傳統金鑰與量子金鑰於不同的代數空間進行運算,除了能夠在金鑰交換的過程中有效避免一般量子運算之破密攻擊之外,此系統之相關技術手段皆能透過具合理成本之裝置實現,有效克服現行多數PQC方案須透過高昂成本之設備運作的瓶頸。同時有效避免先前技術在現行PQC方案的實作缺失、市場上對稱與非對稱加密系統的漏洞、以及量子金鑰在希爾伯特空間的運算限制等問題。In this way, the above embodiments of the present invention can realize a key exchange mechanism against quantum computing attacks. It can further implement mechanisms such as key deformation and key hiding. This technology can be implemented as a high-intensity quantum-resistant key exchange device or system, and can be implemented at the sending end and the receiving end to be communicated. In some embodiments, this technology is compatible to support the operation of traditional keys and quantum keys in different algebraic spaces. In addition to being able to effectively avoid the cracking attacks of general quantum operations during the key exchange process, Relevant technical measures can be realized by devices with reasonable cost, effectively overcoming the bottleneck that most current PQC solutions must operate through high-cost equipment. At the same time, it effectively avoids the lack of implementation of the previous technology in the current PQC scheme, the loopholes of symmetric and asymmetric encryption systems on the market, and the computational limitations of quantum keys in Hilbert space.
此外,在一些實施例中,上述可對抗量子運算之金鑰交換系統,其中該流形運算模組之金鑰運算單元中,金鑰變形運算單元或金鑰隱藏運算單元為可選的。在該流形運算模組之金鑰運算單元中,僅實現金鑰變形運算單元的例子下,對應的該線性空間結構運算模組可以不必實現量子運算子整合計算單元及可交換運算子處理單元。在該流形運算模組之金鑰運算單元中,僅實現金鑰變形運算單元的例子下,前述流形運算模組之金鑰交換單元可包括傳統金鑰交換子單元,而不必實現量子金鑰交換子單元。在該流形運算模組之金鑰運算單元中,僅實現金鑰隱藏運算單元的例子下,前述流形運算模組之金鑰交換單元可包括量子金鑰交換子單元,而不必實現傳統金鑰交換子單元。In addition, in some embodiments, in the key exchange system capable of resisting quantum operations, in the key operation unit of the manifold operation module, the key deformation operation unit or the key hiding operation unit is optional. In the example of the key operation unit of the manifold operation module, which only implements the key deformation operation unit, the corresponding linear space structure operation module does not need to implement the quantum operator integration calculation unit and the exchangeable operator processing unit . In the example of the key operation unit of the manifold operation module, which only implements the key deformation operation unit, the key exchange unit of the aforementioned manifold operation module may include a conventional key exchange sub-unit, without having to implement quantum gold Key exchange subunit. In the example of the key operation unit of the manifold operation module, which only implements the key hiding operation unit, the key exchange unit of the aforementioned manifold operation module may include a quantum key exchange sub-unit without having to implement a traditional gold Key exchange subunit.
此外,在一些實施例中,上述可對抗量子運算之金鑰交換系統,其中該流形運算模組之金鑰運算單元中,對於量子金鑰而言,金鑰變形運算單元與金鑰隱藏運算單元為可合併使用的。量子金鑰可先實施金鑰變形運算,再實施金鑰隱藏運算,而後進入量子金鑰交換子單元,以實現最高強度的安全機制。In addition, in some embodiments, the above key exchange system capable of resisting quantum operations, wherein in the key operation unit of the manifold operation module, for the quantum key, the key deformation operation unit and the key hiding operation Units can be combined. The quantum key can first perform the key deformation operation, then the key hiding operation, and then enter the quantum key exchange subunit to achieve the highest strength security mechanism.
此外,在一些實施例中,上述可對抗量子運算之金鑰交換系統,其中該流形運算模組之金鑰運算單元中,對於量子金鑰而言,亦可單獨搭配金鑰變形運算單元使用。量子金鑰可僅實施金鑰變形運算,而後進入傳統金鑰交換子單元,以迴避在量子通道上已知的惡意偵測。In addition, in some embodiments, the above key exchange system capable of resisting quantum operation, wherein the key operation unit of the manifold operation module, for the quantum key, can also be used alone with the key deformation operation unit . The quantum key can only perform the key deformation operation, and then enter the traditional key exchange subunit to avoid known malicious detection on the quantum channel.
為充分瞭解本創作之目的、特徵及功效,茲藉由下述具體之實施例,並配合所附之圖式,對本創作做詳細說明,說明如後:In order to fully understand the purpose, features and effects of this creation, the following specific examples and the accompanying drawings are used to explain this creation in detail, as follows:
以下提供一種抗量子運算之金鑰交換系統(或可實現為裝置)的多個實施例,可兼容支援傳統金鑰或量子金鑰於不同的代數空間進行運算,以助於完成安全的金鑰交換程序。在一此實施例中,此系統更可進一步實現金鑰變形或金鑰隱藏的機制,或兼備金鑰變形及金鑰隱藏的機制。在一些實施例中,此技術可分別實現為高強度的抗量子運算之金鑰交換之裝置或系統,例如實現於欲進行通訊的發送端與接收端的系統(或裝置)。The following provides multiple embodiments of a key exchange system (or can be implemented as a device) that is resistant to quantum operations, and is compatible with supporting traditional keys or quantum keys to perform operations in different algebraic spaces to help complete secure keys Exchange program. In one embodiment, the system can further implement a mechanism for key deformation or key hiding, or a mechanism for both key deformation and key hiding. In some embodiments, this technology can be implemented as a device or system for high-strength key exchange resistant to quantum operations, such as a system (or device) at the sending end and the receiving end to communicate.
如圖1所示,其為可對抗量子運算之金鑰交換系統的實施例的系統架構方塊圖。舉例而言,可用於抗量子運算之金鑰交換系統S1000,至少包括『線性空間結構運算模組M1001』、『流形運算模組M1002』以及『巴拿赫空間運算模組M1003』。該線性空間結構運算模組M1001,有效率地提供各種轉換對於線性空間所需的基本運算,並且有助於確保各種基本轉換運算之正確性;該流形運算模組M1002,透過金鑰運算單元U200實作金鑰的轉換運算,如金鑰變形或金鑰隱藏,並以金鑰交換單元U203實作與金鑰轉換方式相對應的金鑰交換等機制;此外,於巴拿赫空間運算模組M1003中,除支援流形運算模組於拓樸空間以助於完成抗量子運算的金鑰交換程序以外,在一些實施例中,更可進一步將已變形或已隱藏的金鑰轉換至希爾伯特空間解出原始金鑰。As shown in FIG. 1, it is a system architecture block diagram of an embodiment of a key exchange system that can resist quantum operations. For example, the key exchange system S1000 that can be used for anti-quantum computing includes at least "linear spatial structure computing module M1001", "manifold computing module M1002" and "Banacher spatial computing module M1003". The linear space structure operation module M1001 efficiently provides the basic operations required by various conversions for linear space, and helps to ensure the correctness of various basic conversion operations; the manifold operation module M1002 uses a key operation unit U200 implements key conversion operations, such as key deformation or key hiding, and uses key exchange unit U203 to implement key exchange and other mechanisms corresponding to key conversion methods; in addition, the Banach space operation mode In group M1003, in addition to supporting the manifold operation module in the topology space to help complete the key exchange process of resisting quantum operations, in some embodiments, the deformed or hidden key can be further converted to Greek The Albert key solves the original key.
請參考圖2,其為圖1之可對抗量子運算之金鑰交換系統的使用情景的實施例的示意圖。如圖2所示,通訊裝置10、20以一通訊連結LK進行通訊,通訊裝置10、20分別裝設或實現了如圖1所示意的可對抗量子運算之金鑰交換系統S1000並連接至通訊裝置10、20中各自的通訊模組100、200,其中通訊模組可透過通訊連結LK進行訊號發送或接收金鑰。通訊裝置10、20可進行各種如習知的金鑰交換程序,其中通訊連結LK可以為傳統的通訊通道(如有線或無線網路通訊),或可實現為量子通訊通道(如光量子通道)。通訊裝置10、20因為分別裝設或實現了如圖1所示意的可對抗量子運算之金鑰交換系統S1000並使用於金鑰交換程序中,故可產生可對抗量子運算之金鑰交換的效果。通訊裝置(如10或20)可以基於運算裝置(如電腦、伺服器或其他運算裝置)而實現,通訊模組(如100或200)可以利用通訊裝置(如10或20)中用以實現通訊的軟體、硬體或軟體硬體的組合,如有線或無線網路卡或通訊電路,或相關通訊通道中對應的通訊協定的程式的組合。舉例而言,當通訊裝置(如10、20)之間需要與進行金鑰交換程序時,可以運用通訊裝置(如10或20)上所實現的可用於抗量子運算之金鑰交換系統S1000中流形運算模組M1002,例如將金鑰透過流形運算模組M1002的金鑰運算單元U200進行金鑰的轉換,並利用金鑰交換單元U203對已轉換的金鑰進行處理,金鑰交換單元U203可進一步用以與該通訊裝置的通訊模組(如100或200)協同運作,使經過金鑰交換單元U203處理的已轉換的金鑰透過通訊連結LK傳送至接收端,以助於進行金鑰交換程序。因此,金鑰交換單元U203對已轉換的金鑰進行處理是使已轉換的金鑰能夠適合於透過對應的通訊連結LK來傳送或接收。當利用通訊裝置(如10或20)進行金鑰交換程序時,可以將通訊裝置的可用於抗量子運算之金鑰交換系統S1000作配置以便與該通訊裝置的通訊模組(如100或200)協同運作,故可用於抗量子運算之金鑰交換系統S1000是用以促進通訊模組之間的金鑰交換程序,故不受通訊裝置之間所實作的金鑰交換程序所限制;例如,金鑰交換系統S1000可以程式庫、程式介面或硬體模組來實現,並供通訊裝置中實現金鑰交換程序的專屬的程式、程式模組或硬體模組來呼叫或使用;又例如,可基於可用於抗量子運算之金鑰交換系統S1000而實現為可執行的程式或硬體模組以用於金鑰交換程序,或將可用於抗量子運算之金鑰交換系統S1000實現為金鑰交換程序的部分。然而,本創作的實現並不受上述例子限制。金鑰交換程序可以為各種習知或基於習知的金鑰交換程序或其他合適的金鑰交換程序。Please refer to FIG. 2, which is a schematic diagram of an embodiment of a usage scenario of a key exchange system capable of resisting quantum operations in FIG. 1. As shown in FIG. 2, the
為了便於說明,以下首先提供如圖3所示的可對抗量子運算之金鑰交換系統的實施例中,流形運算模組用於實現兼具金鑰變形及金鑰隱藏的金鑰轉換的機制。其次,提供可對抗量子運算之金鑰交換系統的其他實施例。For ease of explanation, the following first provides an example of a key exchange system that can resist quantum operations as shown in FIG. 3, in which the manifold operation module is used to implement a key conversion mechanism that combines key deformation and key hiding . Secondly, other embodiments of a key exchange system that can resist quantum operations are provided.
關於依據本創作之實施例的抗量子運算之金鑰交換系統(以下稱系統S1000),請參閱圖3所示,系統S1001包括一『線性空間結構運算模組』M1001A;一『流形運算模組』M1002A;以及一『巴拿赫空間運算模組』M1003。For the key exchange system (hereinafter referred to as system S1000) that is resistant to quantum operations according to the embodiment of the present invention, please refer to FIG. 3, system S1001 includes a "linear spatial structure operation module" M1001A; a "manifold operation module Group" M1002A; and a "Banahe Space Computing Module" M1003.
上述之線性空間結構運算模組M1001A係包括:一可於線性空間支援量子基本運算的量子運算子整合計算單元U101;一可用於維護原始訊息的完整性之可交換運算子-處理單元U102;一可用於導出適用的循環群之原根產生單元U103;一可提供真隨機亂數之量子亂數產生單元U104;以及一可提供代數結構下的模次冪運算能力之進階數論運算單元U105。The above linear space structure computing module M1001A includes: a quantum operator integrated computing unit U101 that can support quantum basic operations in linear space; an exchangeable operator-processing unit U102 that can be used to maintain the integrity of the original message; It can be used to derive the original root generation unit U103 of the applicable cyclic group; a quantum random number generation unit U104 that can provide true random random numbers; and an advanced number theory operation unit U105 that can provide the modular power operation capability under the algebraic structure.
如圖4所示,舉例而言,量子運算子整合計算單元U101可包含以下子單元:一么正變換運算子單元U10101,用於對線性矩陣進行么正變換;一降維運算子單元,用於對多維空間之么正矩陣作降維處理;一正交基底篩選子單元U10103,用以驗證向量空間基底之正交性,排除非正交之基底;一內積運算子單元U10104,用於支援向量空間之內積計算;一固有化運算子單元U10105,用於計算向量空間之特徵值(Eigenvalue)與特徵向量(Eigenvector);一厄米特驗證子單元U10106,用於確認選用的量子運算子是否為厄米特運算子;一基態分析子單元U10107,用以計算量子自基態躍遷的機率;一拉普拉斯轉換子單元U10108,用以導出向量空間內互相垂直的波向量;一轉換運算子單元U10109,用於選用合適的轉換運算子,將向量空間轉換為共軛之複數空間。以上之各個子單元可基於相關習知技術而實現為軟體單元、硬體單元或以軟硬體結合方式實現,然此組合之整合計算單元可花費有限的運算成本,有效率地提供各種轉換對於線性空間所需的基本運算,並且有助於確保各種基本轉換運算之正確性。As shown in FIG. 4, for example, the quantum operator integrated computing unit U101 may include the following subunits: a positive transform operator subunit U10101, which is used to perform a linear transform on the linear matrix; a dimensionality reduction operator subunit, which is used In order to reduce the dimension of the positive matrix in the multi-dimensional space; an orthogonal basis filtering subunit U10103 is used to verify the orthogonality of the vector space basis and exclude non-orthogonal basis; an inner product operation unit U10104 is used to Support the inner product calculation of the vector space; an intrinsic operation subunit U10105, used to calculate the eigenvalue (Eigenvalue) and eigenvector (Eigenvector) of the vector space; an Emmett verification subunit U10106, used to confirm the selected quantum operation Is the Hermitian operator; a ground state analysis subunit U10107 to calculate the probability of quantum transition from the ground state; a Laplace transform subunit U10108 to derive mutually perpendicular wave vectors in the vector space; a conversion The operator unit U10109 is used to select a suitable conversion operator to convert the vector space into a conjugate complex space. Each of the above subunits can be implemented as software units, hardware units, or a combination of software and hardware based on related conventional technologies. However, this combined integrated computing unit can cost limited computing costs and efficiently provide various conversions. Basic operations required in linear space, and help to ensure the correctness of various basic conversion operations.
在本較佳實施例中,如圖3所示,上述量子運算子整合計算單元U101的相關線性轉換運算的結果,可再進一步透過可交換運算子處理單元U102,確認是否其固有值有退化的現象,並以可交換運算子完備集 (C.S.C.O.)去除退化問題,以維護原始訊息的完整性;接著將已去退化的完備轉換結果,配合前述線性空間結構運算模組M1001之量子亂數產生單元U104與原根產生單元U103,可進一步產生具有真隨機性的適用代數結構之循環群。In the preferred embodiment, as shown in FIG. 3, the result of the related linear conversion operation of the quantum operator integrated calculation unit U101 can be further confirmed through the exchangeable operator processing unit U102 to determine whether its inherent value is degraded Phenomenon, and use the exchangeable operator complete set (CSCO) to remove the degradation problem to maintain the integrity of the original message; then the degraded complete conversion result is combined with the quantum random number generation unit of the linear space structure operation module M1001 U104 and primitive root generating unit U103 can further generate cyclic groups with true randomness and suitable algebraic structure.
如圖5所示,於本較佳實施例中,上述線性空間結構運算模組M1001中所謂的可提供代數結構下的模次冪運算能力之進階數論運算單元U105,至少包括以下三種子單元:一代數環運算子單元U10501,用於支援代數結構環之維護與運算;一伽羅瓦群運算子單元U10502,用於支援伽羅瓦群(Galois group)之產生與運算;以及一模次冪根連續平方運算子單元U10503,用於利用尤拉定理與費馬小定理之運算程序,以處理模次冪根的連續平方計算。以上之各個子單元可基於相關習知技術而實現為軟體單元、硬體單元或以軟硬體結合方式實現,然此組合之進階數論運算單元可提供具高複雜度的安全性代數結構,同時有效率地簡化模次冪根的運算程序。As shown in FIG. 5, in this preferred embodiment, the so-called advanced number-theoretic operation unit U105 in the linear space structure operation module M1001, which can provide modular power operation capability under an algebraic structure, includes at least the following three subunits :Generation ring operation subunit U10501, used to support the maintenance and operation of algebraic structure ring; a Galois group operation subunit U10502, used to support the generation and operation of Galois group; and a modular power root The continuous square operation subunit U10503 is used to calculate the continuous square calculation of the modular power root by using the operation program of Yura's theorem and Fermat's little theorem. Each of the above subunits can be implemented as software units, hardware units, or a combination of software and hardware based on related conventional technologies. However, this combined advanced number theory operation unit can provide a highly complex and safe algebraic structure. At the same time, the operation procedure of modular power root is simplified efficiently.
參考圖6,在一實施例中,前述抗量子運算之金鑰交換系統之流形運算模組M1002至少可包含一金鑰變形運算單元U201;一金鑰隱藏運算單元U202;以及一金鑰交換單元U203。因此,在此實施例中,可用於抗量子運算之金鑰交換系統S1001的金鑰運算單元U200包含金鑰變形運算單元U201及金鑰隱藏運算單元U202。當該金鑰為傳統金鑰時,該金鑰變形運算單元U201用以對該金鑰進行變形運算,以得到已變形的傳統金鑰作為該已轉換的金鑰。當該金鑰為量子金鑰時,該金鑰隱藏運算單元U202用以對該金鑰進行隱藏變換,以得到已隱藏的量子金鑰作為該已轉換的金鑰。Referring to FIG. 6, in an embodiment, the manifold operation module M1002 of the key exchange system resistant to quantum operations may include at least a key deformation operation unit U201; a key hiding operation unit U202; and a key exchange Unit U203. Therefore, in this embodiment, the key operation unit U200 of the key exchange system S1001 that can be used for anti-quantum calculation includes a key deformation operation unit U201 and a key hiding operation unit U202. When the key is a traditional key, the key transformation operation unit U201 is used to perform a transformation operation on the key to obtain a transformed traditional key as the converted key. When the key is a quantum key, the key hiding operation unit U202 is used to perform a hidden transformation on the key to obtain the hidden quantum key as the converted key.
如圖6所示,在一實施例中,前述流形運算模組M1002之金鑰變形運算單元U201可包含以下子單元:一偽黎曼流形運算子單元U20101;一芬斯勒流形運算子單元U20102;一卡拉比丘流形運算子單元U20103;以及一平行化流形驗證子單元U20104。其中,偽黎曼流形運算子單元U20101,用於將傳統金鑰以一洛倫茲流形(Lorentzian manifold)之模型表示;芬斯勒流形運算子單元U20102,用於將洛倫茲流形之度量推廣至芬斯勒空間,使其轉變為芬斯勒流形(Finsler manifold);卡拉比丘流形運算子單元U20103,用於將芬斯勒流形之複三維空間以卡拉比丘五次多項式表示成一卡拉比丘流形(Calabi–Yau manifold);平行化流形驗證子單元U20104,用於驗證轉換後的流形是否為一可平行化之流形,以確認此金鑰變形的結果是否適用。以上之各個子單元可基於相關習知技術而實現為軟體單元、硬體單元或以軟硬體結合方式實現,然此組合之運算單元可達成先前技術未提供之金鑰變形功效,將一傳統金鑰成功轉換成一拓樸空間的表示方式,此一變形將使得使用希爾伯特空間基底的量子運算於金鑰交換的過程中,無法對傳統金鑰進行正確的分析。As shown in FIG. 6, in one embodiment, the key transformation operation unit U201 of the aforementioned manifold operation module M1002 may include the following subunits: a pseudo-Riemannian manifold operation subunit U20101; and a Fensler manifold operation subunit U20102; a Carabic manifold manifold subunit U20103; and a parallel manifold manifold verification subunit U20104. Among them, the pseudo-Riemannian manifold subunit U20101 is used to represent the traditional key in a Lorentzian manifold model; the Finsler manifold subunit U20102 is used to convert the Lorentz manifold The metric is generalized to the Finsler space and transformed into a Finsler manifold; the Carabichu manifold operator unit U20103 is used to express the complex three-dimensional space of the Finsler manifold as a Carabichu quintic polynomial Into a Calabi–Yau manifold; parallelization manifold verification subunit U20104, used to verify whether the converted manifold is a parallelizable manifold to confirm whether the result of this key deformation is applicable. Each of the above subunits can be implemented as software units, hardware units, or a combination of software and hardware based on related conventional technologies. However, this combined computing unit can achieve the key modification function not provided by the prior art. The key is successfully converted into a representation of a topological space. This modification will make it impossible for the traditional key to be correctly analyzed in the process of key exchange using quantum operations based on the Hilbert space basis.
如圖6所示,在一實施例中,前述流形運算模組M1002之金鑰隱藏運算單元U202可包含以下子單元:一辛流形運算子單元U20201,用以將量子金鑰之所有組態以相空間進行辛流形(Symplectic manifold)建模;一雙邊濾波子單元U20202,用以汰除不適用的量子態,並保留必要的邊緣訊息;以及一熱核函數轉換子單元U20203,利用狄拉克δ函數將多量子態的位置運算子轉換成熱核函數。以上之各個子單元可基於相關習知技術而實現為軟體單元、硬體單元或以軟硬體結合方式實現,然此組合之運算單元可達成先前技術未提供之金鑰隱藏功效,將一量子金鑰之組態轉換成熱核函數的表達方式,使得一般量子運算攻擊於金鑰交換的過程中,無法找到可適用量子運算的金鑰組態。As shown in FIG. 6, in one embodiment, the key concealment operation unit U202 of the aforementioned manifold operation module M1002 may include the following subunits: a symplectic manifold operation subunit U20201, which is used to combine all groups of quantum keys The state is modeled by Symplectic manifold in phase space; a bilateral filter subunit U20202 to eliminate unsuitable quantum states and retain necessary edge information; and a thermonuclear function conversion subunit U20203, using The Dirac delta function converts the position operator of multiple quantum states into a thermonuclear function. Each of the above subunits can be implemented as software units, hardware units, or a combination of hardware and software based on related conventional technologies. However, the combined computing unit can achieve the key hiding effect that is not provided by the prior art. The configuration of the key is converted into the expression of the thermonuclear function, so that the general quantum operation is attacked in the process of key exchange, and the key configuration suitable for quantum operation cannot be found.
如圖7所示,在一實施例中,上述金鑰隱藏運算單元U202之雙邊濾波子單元U20202可包含以下元件:一退相干過濾器D101,用於汰除具有退相干量子態的金鑰組態,以確保金鑰交換過程中的不含已退相干的量子態;一機率過濾器D102,可透過設定一機率門檻,並根據波函數之相關運算,進而排除發生機率低於設定門檻的量子態;以及一訊息保存器D103,用於金鑰變形後,可能形成非流形邊緣,此時對於位於非流形邊緣的重要訊息,則透過此訊息保存器D103予以保留。以上之各個元件可基於相關習知技術而實現為軟體單元、硬體單元或以軟硬體結合方式實現,然此組合之雙邊濾波子單元可確保金鑰交換過程中,傳送端與接收端執行金鑰隱藏運算的正確性與成功率。As shown in FIG. 7, in an embodiment, the bilateral filtering subunit U20202 of the key hiding operation unit U202 may include the following elements: a decoherent filter D101, used to eliminate the key group with decoherent quantum states To ensure that the decoherent quantum states are not included in the key exchange process; a probability filter D102 can set a probability threshold, and according to the related operation of the wave function, to exclude the occurrence of quantum below the set threshold And a message holder D103, which is used to form a non-manifold edge after the key is deformed. At this time, important messages located at the non-manifold edge are retained through this message holder D103. Each of the above components can be implemented as a software unit, a hardware unit, or a combination of software and hardware based on related conventional technologies. However, the combined bilateral filtering sub-unit can ensure that the sending end and the receiving end are executed during the key exchange process. The accuracy and success rate of key hiding operations.
於本較佳實施例中,請參閱圖6所示,上述流形運算模組M1002A之金鑰交換單元U203,可對傳送端或接收端使用已變形的金鑰或已隱藏的金鑰進行處理,以助於進行金鑰交換程序,並包含有以下子單元:一傳統金鑰交換子單元U20301;以及一量子金鑰交換子單元U20302。其中,傳統金鑰交換子單元U20301用於接收來自在金鑰變形運算單元U201的結果,以助於進行傳統通道中的金鑰交換程序;量子金鑰交換子單元U20302則用於接收來自金鑰隱藏運算單元U202的結果,以助於進行量子金鑰的交換程序。In the preferred embodiment, please refer to FIG. 6, the key exchange unit U203 of the manifold operation module M1002A can process the deformed key or the hidden key on the transmitting end or the receiving end. , To facilitate the key exchange process, and includes the following subunits: a traditional key exchange subunit U20301; and a quantum key exchange subunit U20302. Among them, the traditional key exchange subunit U20301 is used to receive the results from the key transformation operation unit U201 to facilitate the key exchange process in the traditional channel; the quantum key exchange subunit U20302 is used to receive the key from The result of the arithmetic unit U202 is hidden to facilitate the quantum key exchange procedure.
參考圖8,在一些實施例中,上述金鑰交換單元U203之傳統金鑰交換子單元U20301可包含以下元件:一拓樸曲面轉換器D201,對於來自U201的變形結果,利用陳-高斯-博內定理(Chern-Gauss-Bonnet theorem),將偶數維度的閉黎曼流形(closed even-dimensional Riemannian manifold)以曲率多項式的積分式表達;以及一非線性偏微分計算器D202,可將曲率多項式的各種曲率參數以不同的可隨時間演化的非線性拋物線偏微分方程式攜帶,只有知道特定目標時間參數的傳送端與接收端可取得各種正確的曲率參數。以上之各個元件可基於相關習知技術而實現為軟體單元、硬體單元或以軟硬體結合方式實現,然此組合之傳統金鑰交換子單元可達成先前技術未提供之促進與強化金鑰交換程序的功效,可將已變形之金鑰其流形轉換成曲率多項式之積分式,並將此多項式予以參數化,再使用隨時間演化的偏微分方程,以助於傳統通道進行金鑰交換程序。Referring to FIG. 8, in some embodiments, the conventional key exchange subunit U20301 of the key exchange unit U203 may include the following elements: a topological surface converter D201. For the deformation results from U201, use Chen-Gauss-Bo Inner theorem (Chern-Gauss-Bonnet theorem), the closed even-dimensional Riemannian manifold (even even-dimensional Riemannian manifold) expressed by the integral of the curvature polynomial; and a nonlinear partial differential calculator D202, the curvature polynomial can be various Curvature parameters are carried in different nonlinear parabolic partial differential equations that can evolve over time. Only the transmitting end and receiving end that know the specific target time parameters can obtain various correct curvature parameters. Each of the above components can be implemented as a software unit, a hardware unit, or a combination of software and hardware based on related conventional technologies. However, this combination of traditional key exchange sub-units can achieve promotion and enhanced keys not provided by the prior art The function of the exchange program can convert the manifold of the deformed key into the integral of the curvature polynomial, and parameterize the polynomial, and then use the partial differential equation that evolves with time to help the traditional channel to exchange the key program.
如圖9所示,在一些實施例中,上述金鑰交換單元U203之量子金鑰交換子單元U20302則包含以下元件:一超奇異橢圓曲線加密器D301;一博德曼集合產生器D302;以及一非平凡零點產生器D303。其中,針對來自U202的金鑰隱藏轉換結果,可利用博德曼集合產生器D302,將已隱藏於熱核函數內的量子金鑰之數對轉換至一無限迭代產生之博德曼集(Mandelbrot set)複平面;接著,非平凡零點產生器D303根據表達於博德曼集複平面的金鑰數對,尋找所有相對接近黎曼猜想之非平凡零點(non-trivial zero);而後,實作上述之超奇異橢圓曲線加密器D301,根據所有對應的非平凡零點集合、位於複平面的金鑰數對,以及該複平面的產生參數,選定合適的超奇異橢圓曲線(super-singular elliptic curve),以符合伽羅瓦群的超奇異質數(Supersingular prime)作為生成點,產生可用於模擬ElGamal加密法的加密參數,以有助於進一步進行金鑰交換與驗證之程序。以上之各個元件可基於相關習知技術而實現為軟體單元、硬體單元或以軟硬體結合方式實現,然此組合之量子金鑰交換子單元可達成先前技術未提供之促進金鑰交換的功效,將已隱藏於熱核函數內的量子金鑰,進一步轉換成可應用於金鑰交換程序的超奇異橢圓曲線參數,為一般的量子金鑰提供了兼具便利性與安全性且可透過具合理花費的裝置實作之金鑰交換流程。As shown in FIG. 9, in some embodiments, the quantum key exchange subunit U20302 of the key exchange unit U203 includes the following components: a super-singular elliptic curve encryptor D301; a Boardman set generator D302; and A non-trivial zero point generator D303. Among them, for the key hiding conversion result from U202, the Boardman set generator D302 can be used to convert the pair of quantum keys hidden in the thermal kernel function to a Boardman set generated by an infinite iteration (Mandelbrot set) complex plane; then, the non-trivial zero generator D303 finds all non-trivial zeros that are relatively close to the Riemann conjecture based on the key-number pairs expressed in the complex plane of the Bodman set; then, implement The above-mentioned super-singular elliptic curve encryptor D301 selects the appropriate super-singular elliptic curve based on all corresponding non-trivial zero point sets, key pairs in the complex plane, and the generation parameters of the complex plane , Using the Supersingular prime in accordance with the Galois Group as the generating point, to generate encryption parameters that can be used to simulate the ElGamal encryption method, to facilitate further key exchange and verification procedures. Each of the above components can be implemented as a software unit, a hardware unit, or a combination of software and hardware based on related conventional technologies. However, this combined quantum key exchange subunit can achieve key exchange promotion that is not provided by the prior art. Efficacy, the quantum key hidden in the thermal core function is further converted into a super-singular elliptic curve parameter that can be used in the key exchange program, which provides convenience and security for the general quantum key and can be passed through A key exchange process implemented by a device with reasonable cost.
參考圖9,在上述較佳實施例中,上述金鑰交換單元U203之量子金鑰交換子單元U20302可再進一步包含以下兩種元件:一孿生質數產生器D304以及一模方陣驗證器D305。其中,該孿生質數產生器D304,根據非平凡零點產生器D303尋找到的非平凡零點所對應的質數,產生符合孿生質數猜想形式的孿生質數(twin prime),並將非平凡零點的質數與其對應產生的孿生質數建構成一模數運算下的方矩陣;而後,上述之模方陣驗證器D305則支援接收端以接收到的來自D301的超奇異質數及D304所產生的模方陣進行逆運算驗證,以確認加密資料交換的正確性。以上之各個元件可基於相關習知技術而實現為軟體單元、硬體單元或以軟硬體結合方式實現,然此組合之量子金鑰交換子單元除具備金鑰交換之功效外,更可進一步確保量子金鑰交換之正確性與成功率。Referring to FIG. 9, in the above preferred embodiment, the quantum key exchange subunit U20302 of the key exchange unit U203 may further include the following two elements: a twin prime number generator D304 and a modular square matrix verifier D305. Among them, the twin prime number generator D304 generates a twin prime number (twin prime) conforming to the twin prime conjecture form according to the prime number corresponding to the non-trivial zero point found by the non-trivial zero point generator D303, and corresponds the non-trivial zero point prime number to it The generated twin prime numbers form a square matrix under a modular operation; then, the above-mentioned modular square matrix validator D305 supports the receiver to perform inverse operation verification on the received super-singular prime number from D301 and the modular square matrix generated by D304, To confirm the accuracy of encrypted data exchange. Each of the above components can be implemented as a software unit, a hardware unit, or a combination of software and hardware based on related conventional technologies. However, this combined quantum key exchange sub-unit can go further than the key exchange function. Ensure the accuracy and success rate of quantum key exchange.
參考圖10,在一些實施例中,上述之巴拿赫空間運算模組M1003,包括以下單元:一拓樸-巴拿赫空間轉換單元U301;一最小內同構分析單元U302;一光滑空間驗證單元U303;一皮亞諾曲線轉換單元U304;一黎曼積分運算單元U305;一『一致凸空間轉換單元』U306;一『超自反巴拿赫空間驗證單元』U307;一『次自反巴拿赫空間運算單元』U308;以及一『弱*拓樸(Weak-star Topology)空間轉換單元』U309。其中,上述之流形運算模組於拓樸空間用以助於完成如圖6之U203所實現之促助金鑰交換程序的處理後,可得一第一流形資料,而圖10之該拓樸-巴拿赫空間轉換單元U301,用於使用絕妙定理(Theorema Egregium),利用曲率的內蘊不變量(intrinsic invariant)與局部等距變換,將位於拓樸空間的第一流形資料轉入巴拿赫空間(Banach space)成為一第二流形資料;接著於巴拿赫空間內,使用最小內同構分析單元U302,以該第二流形資料透過等距逼近之演算法,找出金鑰所對應之最小同構交換群;然後以上述之光滑空間驗證單元U303,透過柯西不等式的運算,進行收斂驗證,以確認該拓樸空間至巴拿赫空間之轉換的正確性;而後實作皮亞諾曲線轉換單元U304,透過迭代運算,以進行維度轉換,亦即對該第二流形資料於U302所導出的交換群,進行多維度至一維之皮亞諾曲線(Peano curve)之轉換,以得到一可表示為皮亞諾曲線之維度轉換後資料;然後執行一黎曼積分運算單元U305,透過黎曼積分之運算,將該維度轉換後資料轉換為以一平面表示的第一幾何資料;接著使用上述之一致凸空間轉換單元U306,可將來自U305之第一幾何資料,進行一致凸空間(Uniformly Convex Banach Space)的曲面轉換,以得到以一曲面表示的第二幾何資料;然後執行超自反巴拿赫空間驗證單元U307,根據該第二幾何資料所代表的曲面是否可順利對應至超自反巴拿赫空間(super-reflexive Banach space),以確認一致凸空間的曲面轉換是否成功,並可確認U306的轉換是否符合對偶可逆性;接著再進一步執行次自反巴拿赫空間(Sub-reflexive Banach space)運算單元U308,可確認該第二幾何資料所代表的曲面是否為可微分曲面,進而對該第二幾何資料所代表的曲面進行降維與映射操作,僅保留其微弱之距離屬性,同時可避免資訊流失,最後形成以一弱*拓樸(Weak-star Topology)結構所表示的第三幾何資料;最後,實作弱*拓樸空間轉換單元U309,透過對偶空間之線性操作,將該第三幾何資料所代表的弱*拓樸結構轉入賦範空間,再導入內積運算與完備性,使原本透過第一流形所攜帶的金鑰資訊回到希爾伯特空間,以便解回原始之金鑰。以上之各個單元可基於相關習知技術而實現為軟體單元、硬體單元或以軟硬體結合方式實現,然此組合之巴拿赫空間運算模組可達成先前技術未提供之金鑰空間轉換功效,支援流形運算模組於拓樸空間用以促進完成抗量子運算的金鑰交換程序後,再轉換至希爾伯特空間解出原始金鑰,使得一般於希爾伯特空間所進行的量子運算無法介入基於本創作的實施例所進行的金鑰交換程序。Referring to FIG. 10, in some embodiments, the above-mentioned Banach spatial operation module M1003 includes the following units: a topology-Banacher spatial conversion unit U301; a minimum internal isomorphic analysis unit U302; and a smooth space verification Unit U303; a Piano curve conversion unit U304; a Riemann integral operation unit U305; a "uniformly convex space conversion unit" U306; a "super reflexive Banach space verification unit" U307; a "secondary reflexive Nach spatial computing unit" U308; and a "weak-topology (Weak-star Topology) space conversion unit" U309. Among them, the above-mentioned manifold operation module is used in the topology space to help complete the process of facilitating the key exchange program as realized by U203 of FIG. 6, and a first manifold data can be obtained, and the extension of FIG. 10 Pak-Banagh space conversion unit U301, used to use Theorema Egregium, using the intrinsic invariant of curvature and local equidistant transformation to transfer the first manifold data in the topological space to Pakistan The Banach space becomes a second manifold data; then in the Banach space, using the smallest internal isomorphic analysis unit U302, the second manifold data is used to find the gold through the isometric approximation algorithm The minimum isomorphic commutative group corresponding to the key; then, using the smooth space verification unit U303 described above, through the operation of Cauchy inequality, convergence verification is performed to confirm the correctness of the conversion of the topology space to the Banach space; As a Piano curve conversion unit U304, iteratively performs dimension conversion, that is, performs a multi-dimensional to one-dimensional Peano curve on the exchange group derived from the second manifold data in U302 Conversion to obtain a dimension converted data that can be expressed as a Piano curve; then a Riemann integral operation unit U305 is executed to convert the dimension converted data into the first A geometric data; then using the above-mentioned uniform convex space conversion unit U306, the first geometric data from U305 can be converted into a surface of a uniformly convex space (Uniformly Convex Banach Space) to obtain second geometric data represented by a curved surface ; Then execute the ultra-reflexive Banach space verification unit U307, according to whether the surface represented by the second geometric data can be successfully mapped to the super-reflexive Banach space (super-reflexive Banach space) to confirm the uniform convex space Whether the surface conversion is successful, and it can be confirmed whether the conversion of U306 conforms to the dual reversibility; then the sub-reflexive Banach space (Sub-reflexive Banach space) operation unit U308 is further executed to confirm the surface represented by the second geometric data Whether it is a differentiable surface, and then performing dimensionality reduction and mapping operations on the surface represented by the second geometric data, only retaining its weak distance attribute, and at the same time avoiding the loss of information, and finally forming a weak * Topology (Weak-star Topology) the third geometric data represented by the structure; finally, the weak * topological space conversion unit U309 is implemented to convert the weak * topological structure represented by the third geometric data into the normed space through the linear operation of the dual space , And then introduce the inner product operation and completeness, so that the key information originally carried through the first manifold returns to the Hilbert space in order to solve the original key. Each of the above units can be implemented as a software unit, a hardware unit, or a combination of software and hardware based on related conventional technologies. However, this combined Banach space operation module can achieve key space conversion not provided by the prior art. Efficacy, support the manifold operation module in the topology space to facilitate the completion of the key exchange process of anti-quantum operation, and then convert to the Hilbert space to solve the original key, so that it is generally carried out in Hilbert space The quantum operation of cannot intervene in the key exchange procedure based on the embodiment of this creation.
此外,在一些實施例中,上述可對抗量子運算之金鑰交換系統,其中該流形運算模組之金鑰運算單元中,金鑰變形運算單元或金鑰隱藏運算單元為可選的,以下提供實施例說明實現方式。In addition, in some embodiments, the above key exchange system capable of resisting quantum operations, wherein in the key operation unit of the manifold operation module, the key deformation operation unit or the key hiding operation unit is optional, the following Provide examples to illustrate the implementation.
可對抗量子運算之金鑰交換系統可實現為應用於傳統金鑰使用的應用情景中。請參考圖11,其可對抗量子運算之金鑰交換系統的另一實施例的的系統架構方塊圖。如圖11所示,可用於抗量子運算之金鑰交換系統S1002,至少包括線性空間結構運算模組M1001B、流形運算模組M1002B以及巴拿赫空間運算模組M1003。圖11的可用於抗量子運算之金鑰交換系統S1002與圖3中可用於抗量子運算之金鑰交換系統S1001的差別在於,流形運算模組M1002B可至少實現金鑰變形運算單元U201;因此,線性空間結構運算模組M1001B中量子運算子整合計算單元U101以及可交換運算子處理單元U102為可選的,故可不必實現量子運算子整合計算單元U101與可交換運算子處理單元U102。請參考圖12,其為圖11中流形運算模組之一實施例的架構方塊圖。如圖12所示,流形運算模組M1002B包含金鑰變形運算單元U201(即可用於抗量子運算之金鑰交換系統S1002的金鑰運算單元包含金鑰變形運算單元U201)及對應的金鑰交換單元U203包含傳統金鑰交換子單元U20301,其中可參照前述相對應的實施例(如圖6或8)加以實現。本實施例或可節省本創作應用於傳統金鑰交換系統時,初期建置的設備成本。The key exchange system that can resist quantum computing can be implemented in the application scenarios where traditional keys are used. Please refer to FIG. 11, which is a block diagram of a system architecture of another embodiment of a key exchange system capable of resisting quantum operations. As shown in FIG. 11, a key exchange system S1002 that can be used for anti-quantum computing includes at least a linear spatial structure computing module M1001B, a manifold computing module M1002B, and a Banach spatial computing module M1003. The difference between the key exchange system S1002 for anti-quantum calculation in FIG. 11 and the key exchange system S1001 for anti-quantum calculation in FIG. 3 is that the manifold operation module M1002B can implement at least the key transformation operation unit U201; therefore In the linear space structure operation module M1001B, the quantum operator integration calculation unit U101 and the exchangeable operator processing unit U102 are optional, so it is not necessary to implement the quantum operator integration calculation unit U101 and the exchangeable operator processing unit U102. Please refer to FIG. 12, which is a block diagram of an embodiment of the manifold computing module in FIG. 11. As shown in FIG. 12, the manifold operation module M1002B includes a key deformation operation unit U201 (that is, the key operation unit of the key exchange system S1002 for anti-quantum operation includes the key deformation operation unit U201) and the corresponding key The exchange unit U203 includes a conventional key exchange subunit U20301, which can be implemented with reference to the aforementioned corresponding embodiments (see FIG. 6 or 8). This embodiment may save the cost of equipment initially built when this creation is applied to a traditional key exchange system.
可對抗量子運算之金鑰交換系統可實現為應用於量子金鑰使用的應用情景中。請參考圖6,在可對抗量子運算之金鑰交換系統的又一實施例中,對於量子金鑰而言,金鑰變形運算單元U201與金鑰隱藏運算單元U202為可合併使用的。量子金鑰可於U201先實施金鑰變形運算,再於U202實施金鑰隱藏運算,而後進入量子金鑰交換子單元U20302。此實施例可實現本創作之最高強度安全機制。A key exchange system that can resist quantum operations can be implemented in an application scenario where quantum keys are used. Please refer to FIG. 6. In another embodiment of a key exchange system capable of resisting quantum operations, for quantum keys, the key deformation operation unit U201 and the key hiding operation unit U202 can be used in combination. The quantum key can perform the key deformation operation on U201, and then the key hiding operation on U202, and then enter the quantum key exchange subunit U20302. This embodiment can realize the highest strength security mechanism of this creation.
可對抗量子運算之金鑰交換系統可實現為應用於量子金鑰使用的應用情景中。請參考圖6,在可對抗量子運算之金鑰交換系統的又一實施例中,對於量子金鑰而言,亦可單獨搭配金鑰變形運算單元U201使用。量子金鑰可於U201實施金鑰變形運算,而後進入傳統金鑰交換子單元U20301。此實施例可實現本創作將量子金鑰予以偽裝後,以用於傳統通道進行金鑰交換程序,為一迴避式的安全機制。A key exchange system that can resist quantum operations can be implemented in an application scenario where quantum keys are used. Please refer to FIG. 6. In another embodiment of a key exchange system capable of resisting quantum operations, for quantum keys, it can also be used alone with the key transformation operation unit U201. The quantum key can perform the key transformation operation on U201, and then enter the traditional key exchange subunit U20301. This embodiment can realize that the quantum key is disguised in this creation and used in the traditional channel for the key exchange procedure, which is a circumvention security mechanism.
可對抗量子運算之金鑰交換系統可實現為應用於量子金鑰使用的應用情景中。請參考圖13,其可對抗量子運算之金鑰交換系統的又一實施例的系統架構方塊圖。如圖13所示,可用於抗量子運算之金鑰交換系統S1003,至少包括線性空間結構運算模組M1001C、流形運算模組M1002C以及巴拿赫空間運算模組M1003。圖13的可用於抗量子運算之金鑰交換系統S1003與圖3中可用於抗量子運算之金鑰交換系統S1001的差別在於,流形運算模組M1002C可至少實現金鑰隱藏運算單元U202。請參考圖14,其為圖13中流形運算模組之一實施例的架構方塊圖。如圖14所示,流形運算模組M1002C包含金鑰隱藏運算單元U202(即可用於抗量子運算之金鑰交換系統S1003的金鑰運算單元包含金鑰隱藏運算單元U202)及對應的金鑰交換單元U203包含量子金鑰交換子單元U20302,其中可參照前述相對應的實施例(如圖6或9)加以實現。A key exchange system that can resist quantum operations can be implemented in an application scenario where quantum keys are used. Please refer to FIG. 13, which is a block diagram of a system architecture of another embodiment of a key exchange system capable of resisting quantum operations. As shown in FIG. 13, a key exchange system S1003 that can be used for anti-quantum operations includes at least a linear space structure operation module M1001C, a manifold operation module M1002C, and a Banach space operation module M1003. The difference between the key exchange system S1003 for anti-quantum operation in FIG. 13 and the key exchange system S1001 for anti-quantum operation in FIG. 3 is that the manifold operation module M1002C can implement at least the key hiding operation unit U202. Please refer to FIG. 14, which is a block diagram of an embodiment of the manifold computing module in FIG. 13. As shown in FIG. 14, the manifold operation module M1002C includes a key hiding operation unit U202 (that is, the key operation unit of the key exchange system S1003 for anti-quantum operation includes the key hiding operation unit U202) and the corresponding key The exchange unit U203 includes a quantum key exchange subunit U20302, which can be implemented with reference to the aforementioned corresponding embodiment (see FIG. 6 or 9).
藉此,上述多個實施例可實現對抗量子運算攻擊的金鑰交換機制。更可進一步據以實現金鑰變形或金鑰隱藏等機制,或兼具金鑰變形及金鑰隱藏等機制。此技術可實現為高強度的抗量子運算之金鑰交換裝置或系統,且可實現於欲進行通訊的發送端與接收端。在一些實施例中,此技術可兼容支援傳統金鑰或量子金鑰於不同的代數空間進行運算,除了能夠在金鑰交換的過程中有效避免一般量子運算之破密攻擊之外,此系統之相關技術手段皆能透過具合理成本之運算裝置實現,有效克服現行多數PQC方案須透過高昂成本之設備運作的瓶頸。例如,對應於金鑰變形機制的實現方式,可以利用屬傳統電腦(其相對於量子電腦而言)的運算裝置(如具高效之處理器或圖形處理器的電腦或伺服器)來加以實現。In this way, the aforementioned multiple embodiments can implement a key exchange mechanism against quantum computing attacks. It can further implement mechanisms such as key deformation or key hiding, or both key deformation and key hiding mechanisms. This technology can be implemented as a high-intensity quantum-resistant key exchange device or system, and can be implemented at the sending end and the receiving end to be communicated. In some embodiments, this technology is compatible to support traditional keys or quantum keys to perform operations in different algebraic spaces. In addition to being able to effectively avoid the general quantum computing cracking attacks during the key exchange process, this system Related technical means can be realized by computing devices with reasonable cost, effectively overcoming the bottleneck that most current PQC solutions must operate through high-cost equipment. For example, the implementation method corresponding to the key deformation mechanism can be implemented by using a computing device (such as a computer or server with a high-efficiency processor or graphics processor) that is a traditional computer (as opposed to a quantum computer).
本創作在上文中已以多個實施例揭露,然熟習本項技術者應理解的是,該實施例僅用於描繪本創作,而不應解讀為限制本創作之範圍。應注意的是,舉凡與該實施例等效之變化與置換,均應設為涵蓋於本創作之範疇內。因此,本創作之保護範圍當以申請專利範圍所界定者為準。This creation has been disclosed in a number of embodiments above, but those skilled in the art should understand that this embodiment is only for depicting this creation, and should not be interpreted as limiting the scope of this creation. It should be noted that all changes and replacements equivalent to this embodiment should be included in the scope of this creation. Therefore, the scope of protection of this creation shall be determined by the scope of the patent application.
10、20:通訊裝置 100、200:通訊模組 LK:通訊連結 S1000、S1001、S1002、S1003:可對抗量子運算之金鑰交換系統 M1001、M1001A、M1001B、M1001C:線性空間結構運算模組 M1002、M1002A、M1002B、M1002C:流形運算模組 M1003:巴拿赫空間運算模組 U101:量子運算子整合計算單元 U10101:么正變換運算子單元 U10102:降維運算子單元 U10103:正交基底篩選子單元 U10104:內積運算子單元 U10105:固有化運算子單元 U10106:厄米特驗證子單元 U10107:基態分析子單元 U10108:拉普拉斯轉換子單元 U10109:轉換運算子單元 U102:可交換運算子處理單元 U103:原根產生單元 U104:量子亂數產生單元 U105:進階數論運算單元 U10501:代數環運算子單元 U10502:伽羅瓦群運算子單元 U10503:模次冪根連續平方運算子單元 U201:金鑰變形運算單元 U20101:偽黎曼流形運算子單元 U20102:芬斯勒流形運算子單元 U20103:卡拉比丘流形運算子單元 U20104:平行化流形驗證子單元 U202:金鑰隱藏運算單元 U20201:辛流形運算子單元 U20202:雙邊濾波子單元 D101:退相干過濾器 D102:機率過濾器 D103:訊息保存器 U20203:熱核函數轉換子單元 U203:金鑰交換單元 U20301:傳統金鑰交換子單元 D201:拓樸曲面轉換器 D202:非線性偏微分計算器 U20302:量子金鑰交換子單元 D301:超奇異橢圓曲線加密器 D302:博德曼集合產生器 D303:非平凡零點產生器 D304:孿生質數產生器 D305:模方陣驗證器 U301:拓樸-巴拿赫空間轉換單元 U302:最小內同構分析單元 U303:光滑空間驗證單元 U304:皮亞諾曲線轉換單元 U305:黎曼積分運算單元 U306:一致凸空間轉換單元 U307:超自反巴拿赫空間驗證單元 U308:次自反巴拿赫空間運算單元 U309:弱*拓樸空間轉換單元 10, 20: Communication device 100, 200: communication module LK: Communication link S1000, S1001, S1002, S1003: Key exchange system that can resist quantum computing M1001, M1001A, M1001B, M1001C: linear spatial structure operation module M1002, M1002A, M1002B, M1002C: manifold computing module M1003: Banach spatial computing module U101: Quantum operator integrated computing unit U10101: Modular transformation operator unit U10102: Dimensionality reduction subunit U10103: Orthogonal basis screening subunit U10104: inner product operator unit U10105: Intrinsic operator subunit U10106: Hermit validated subunit U10107: Ground state analysis subunit U10108: Laplace conversion subunit U10109: Conversion operator subunit U102: Exchangeable operator processing unit U103: Original root generation unit U104: quantum random number generation unit U105: Advanced number theory arithmetic unit U10501: Algebraic loop operator unit U10502: Galois group operator unit U10503: Modular power root continuous square operator unit U201: Key transformation arithmetic unit U20101: pseudo-Riemannian manifold operator unit U20102: Finsler manifold operator unit U20103: Kara Picchu manifold operator unit U20104: Parallelization manifold verification subunit U202: Key hiding operation unit U20201: Symplectic manifold operator unit U20202: Bilateral filtering subunit D101: Decoherent filter D102: Probability filter D103: Message saver U20203: Thermonuclear function conversion subunit U203: key exchange unit U20301: Traditional key exchange subunit D201: Topological surface converter D202: Nonlinear partial differential calculator U20302: quantum key exchange subunit D301: Super Singular Elliptic Curve Encryptor D302: Boardman set generator D303: Non-trivial zero generator D304: twin prime number generator D305: Modular Array Validator U301: Topo-Banacher Space Conversion Unit U302: minimum internal isomorphic analysis unit U303: smooth space verification unit U304: Piano curve conversion unit U305: Riemann integral operation unit U306: Uniformly convex space conversion unit U307: Super Reflexive Banach Space Verification Unit U308: Sub-reflexive Banach Space Computing Unit U309: Weak* Topological Space Conversion Unit
圖1係本創作之可對抗量子運算之金鑰交換系統的實施例的系統架構方塊圖。 圖2係圖1之可對抗量子運算之金鑰交換系統的使用情景的實施例的示意圖。 圖3係本創作之一實施例的可對抗量子運算之金鑰交換系統的系統架構方塊圖。 圖4係圖3中量子運算子整合計算單元之一實施例的架構方塊圖。 圖5係圖3中進階數論運算單元之一實施例的架構方塊圖。 圖6係圖3中流形運算模組之一實施例的架構方塊圖。 圖7係圖3中雙邊濾波子單元之一實施例的架構方塊圖。 圖8係圖6中金鑰交換單元之一實施例的架構方塊圖。 圖9係圖6中金鑰交換單元之一實施例的架構方塊圖。 圖10係圖1中巴拿赫空間運算模組之一實施例的架構方塊圖。 圖11係可對抗量子運算之金鑰交換系統的另一實施例的的系統架構方塊圖。 圖12係圖11中流形運算模組之一實施例的架構方塊圖。 圖13係可對抗量子運算之金鑰交換系統的又一實施例的的系統架構方塊圖。 圖14係圖13中流形運算模組之一實施例的架構方塊圖。 FIG. 1 is a block diagram of a system architecture of an embodiment of a key exchange system that is capable of resisting quantum operations. FIG. 2 is a schematic diagram of an embodiment of a usage scenario of the key exchange system capable of resisting quantum computing of FIG. 1. FIG. 3 is a block diagram of a system architecture of a key exchange system that can resist quantum operations according to an embodiment of the present invention. 4 is a block diagram of an embodiment of the quantum operator integrated computing unit in FIG. 3. FIG. 5 is a structural block diagram of an embodiment of the advanced number theory operation unit in FIG. 3. 6 is a block diagram of an embodiment of the manifold operation module in FIG. 3. FIG. 7 is an architectural block diagram of an embodiment of the bilateral filtering subunit in FIG. 3. 8 is a block diagram of an embodiment of the key exchange unit in FIG. 6. 9 is a block diagram of an embodiment of the key exchange unit in FIG. 6. 10 is a block diagram of an embodiment of a Banach spatial computing module in FIG. 1. 11 is a block diagram of a system architecture of another embodiment of a key exchange system capable of resisting quantum operations. FIG. 12 is a block diagram of an embodiment of the manifold computing module in FIG. 11. 13 is a block diagram of a system architecture of another embodiment of a key exchange system capable of resisting quantum operations. 14 is a block diagram of an embodiment of the manifold computing module in FIG. 13.
S1000:可對抗量子運算之金鑰交換系統 S1000: Key exchange system that can resist quantum computing
M1001:線性空間結構運算模組 M1001: Linear spatial structure operation module
M1002:流形運算模組 M1002: Manifold operation module
M1003:巴拿赫空間運算模組 M1003: Banach spatial computing module
U200:金鑰運算單元 U200: key calculation unit
U203:金鑰交換單元 U203: key exchange unit
Claims (16)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW109203590U TWM596498U (en) | 2020-03-27 | 2020-03-27 | System that promotes and strengthens key exchange procedure to confront quantum computing system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW109203590U TWM596498U (en) | 2020-03-27 | 2020-03-27 | System that promotes and strengthens key exchange procedure to confront quantum computing system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| TWM596498U true TWM596498U (en) | 2020-06-01 |
Family
ID=72177386
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW109203590U TWM596498U (en) | 2020-03-27 | 2020-03-27 | System that promotes and strengthens key exchange procedure to confront quantum computing system |
Country Status (1)
| Country | Link |
|---|---|
| TW (1) | TWM596498U (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11496447B1 (en) | 2021-04-16 | 2022-11-08 | Umm AI-Qura University | Cryptosystem and method with efficient elliptic curve operators for an extraction of EiSi coordinate system |
-
2020
- 2020-03-27 TW TW109203590U patent/TWM596498U/en unknown
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11496447B1 (en) | 2021-04-16 | 2022-11-08 | Umm AI-Qura University | Cryptosystem and method with efficient elliptic curve operators for an extraction of EiSi coordinate system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI804832B (en) | Systems and methods for facilitating and hardening key exchange procedures against quantum computing threats | |
| CN107222307B (en) | Controlled quantum secure direct communication method based on four-particle cluster state | |
| Aman et al. | ATT-Auth: A hybrid protocol for industrial IoT attestation with authentication | |
| EP3069249B1 (en) | Authenticatable device | |
| Barbareschi et al. | A PUF-based hardware mutual authentication protocol | |
| CN112202568B (en) | Software and hardware collaborative design SM9 digital signature communication method and system | |
| US11438148B2 (en) | Quantum computing-threat-resistant method and system for use on cryptography key exchanging processes | |
| Navascués et al. | Characterizing finite-dimensional quantum behavior | |
| Yu et al. | Identity‐Based Proxy Signcryption Protocol with Universal Composability | |
| Feng et al. | Arbitrated quantum signature protocol with boson sampling-based random unitary encryption | |
| TWM596498U (en) | System that promotes and strengthens key exchange procedure to confront quantum computing system | |
| Lv et al. | Research on big data security storage based on compressed sensing | |
| Jian et al. | Quantum identity authentication using a Hadamard gate based on a GHZ state | |
| Jiang et al. | Lattice-based proxy signature scheme with reject sampling method | |
| Bobrysheva et al. | Post-quantum security of communication and messaging protocols: achievements, challenges and new perspectives | |
| CN113765658A (en) | Authentication and key agreement protocol method for Internet of things equipment in distributed cloud computing architecture | |
| CN113094721A (en) | Post-quantum password authentication key exchange method based on modular error learning | |
| Duan et al. | Lightweight key management system for inter-node communication in IoT | |
| Li | Secure encryption algorithms for wireless sensor networks based on node trust value | |
| Ovilla-Martinez et al. | Restoration protocol: Lightweight and secur devices authentication based on PUF | |
| CN117155710B (en) | Industrial Internet of things certificateless grid authentication key negotiation method and system | |
| TWI764811B (en) | Key generating system for hierarchical deterministic wallet and method thereof | |
| Ghilen et al. | Integration and formal security analysis of a quantum key distribution scheme within CHAP protocol | |
| Kataria et al. | SLDEB: Design of a Secure and Lightweight Dynamic Encryption Bio-Inspired Model for IoT Networks | |
| Roy et al. | OTK-based PUF CRP obfuscation for IoT device authentication |