WO2021075653A1 - Intelligent quantum entropy management and distribution system - Google Patents
Intelligent quantum entropy management and distribution system Download PDFInfo
- Publication number
- WO2021075653A1 WO2021075653A1 PCT/KR2020/005644 KR2020005644W WO2021075653A1 WO 2021075653 A1 WO2021075653 A1 WO 2021075653A1 KR 2020005644 W KR2020005644 W KR 2020005644W WO 2021075653 A1 WO2021075653 A1 WO 2021075653A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- entropy
- quantum
- management
- distribution system
- quantum entropy
- Prior art date
Links
- 238000000034 method Methods 0.000 claims abstract description 51
- 230000006854 communication Effects 0.000 claims abstract description 18
- 230000008569 process Effects 0.000 claims abstract description 17
- 238000004891 communication Methods 0.000 claims abstract description 16
- 238000012360 testing method Methods 0.000 claims description 17
- 230000036541 health Effects 0.000 claims description 16
- 238000010200 validation analysis Methods 0.000 claims description 8
- 230000003750 conditioning effect Effects 0.000 claims description 5
- 230000004044 response Effects 0.000 claims description 5
- 241001269238 Data Species 0.000 claims 1
- 238000012795 verification Methods 0.000 claims 1
- 238000007726 management method Methods 0.000 description 28
- 238000010586 diagram Methods 0.000 description 16
- 238000005516 engineering process Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 5
- 230000007246 mechanism Effects 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 238000004590 computer program Methods 0.000 description 3
- 238000010276 construction Methods 0.000 description 3
- 238000011160 research Methods 0.000 description 3
- 238000006243 chemical reaction Methods 0.000 description 2
- 238000000605 extraction Methods 0.000 description 2
- 230000014509 gene expression Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000004888 barrier function Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 239000002245 particle Substances 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 230000026676 system process Effects 0.000 description 1
- VLCQZHSMCYCDJL-UHFFFAOYSA-N tribenuron methyl Chemical compound COC(=O)C1=CC=CC=C1S(=O)(=O)NC(=O)N(C)C1=NC(C)=NC(OC)=N1 VLCQZHSMCYCDJL-UHFFFAOYSA-N 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
- H04L9/0656—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
- H04L9/0662—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F7/58—Random or pseudo-random number generators
Definitions
- This invention describes managing and distributing quantum entropy on a server so that quantum entropy is delivered to needy clients upon request.
- the end results are edge devices with DRBG (Deterministic Random Bit Generator) receive Quantum Entropy from server to generate Quantum Random Number without dedicated Quantum-related hardware on the client side.
- DRBG Deterministic Random Bit Generator
- the most widely used security technology is a method of enhancing security by creating an encryption key through an encryption algorithm.
- the encryption key used for security must be configured so that it cannot be easily guessed by others. Secrecy of encryption key is of the utmost importance.
- a random number is required to generate an encryption key.
- random number generation is essential for just about every security related application, such as cryptographic protocols.
- cryptographic protocols For example, those of well-known and existing asymmetric key protocols such as DSA, RSA and Diffie-Hellman algorithms generate their keys using random numbers based on prime numbers.
- OTP one-time pad
- QKD Quantum Key Distribution
- QKD provides a way to generate two secure keys at a distant location, which requires a huge amount of random numbers. All of these examples reflect the Kerckhoffs's principle, which states that cypher should be entirely in the key.
- Random number refers to a randomly generated number. There are two types of random numbers, one of which is a true random number, which is an ideal random number that cannot be predicted: the front / back like a coin toss, and has an independent form of the event that will occur later.
- PRNG random number generation algorithm
- the non-deterministic random number generator refers to a technique for generating random numbers using a large entropy input obtained by observing a physical phenomenon of a predetermined noise source.
- the uncertainty of the number of photons exhibited by the particle characteristics of light possessed by the light source is generated as noise.
- This is a method of generating random numbers by obtaining entropy data with shot (light/photon) noise. Since the random number using the non-deterministic random number generator is difficult to predict the generation pattern, its use is increasing in banking, governments, enterprises, and military security facilities dealing with data requiring maximum security. However, it is difficult for these institutions to secure entropy data through various noise sources. Therefore, there is a need for research to support the secure distribution and management of entropy data acquired through various noise sources to generate encryption keys.
- QRNG quantum random number generator
- Quantum Entropy Management and Distribution System was devised to solve the conventional problems as described above and presents the following solutions.
- the present invention provides a Quantum Entropy Management and Distribution System which is designed to perform encryption communication such as SSL and/or TLS using QRNG (Quantum Random Number Generator) in network connection handshaking step.
- QRNG Quadratum Random Number Generator
- control unit includes an [Entropy Manager] module designed to manage entropy processed through AMQP (Advanced Message Queuing Protocol), and a [Service Gateway] module configured to control distribution of entropy processed in the [Entropy Manager] module.
- AMQP Advanced Message Queuing Protocol
- Service Gateway configured to control distribution of entropy processed in the [Entropy Manager] module.
- the [Entropy Manager] module is formed to fetch an API for QRNG encrypted communication through the [Service Gateway] module.
- the [Service Gateway] module uses HTTPS to encrypt the data delivered in response to requests and responses to QRNG and transmits it to the edge devices upon requests.
- the edge devices construct the entropy by conforming to the conditioning method illustrated by NIST SP800-90C.
- the conditioning method includes an XOR method and/or an oversampling method.
- AMQP includes an [Entropy Loader] module configured to extract quantum entropy generated from QRNG and deliver the extracted quantum entropy to other modules to be processed and an [Entropy Monitor] module which is designed and configured to validate quantum entropy through health testing method illustrated by NIST SP800-90B.
- the [Entropy Manager] module is configured to update and process the entropy in accordance with the result of the SP800-90B entropy health test process.
- health testing is done through mode estimation.
- the health test only a data set consisting of up to 8-bit samples is used as an input, and when the size of the extracted quantum entropy is greater than 8 bits, the bit that has the biggest changes is converted into samples of 8 bits or fewer.
- the health test runs continuously validating the extracted quantum entropy in real-time.
- the mode estimation estimates the ratio (p) of the most frequently occurring samples in the input quantum entropy data set, and estimates the minimum entropy per sample using the upper limit of the 99% confidence interval for the ratio (p).
- the [Service Gateway] module implements a quantum entropy preloaded in an entropy cache based on a RESTful API and/or a user-defined protocol.
- Quantum Entropy Management and Distribution System provides the following impacts.
- quantum entropy is used to solve security vulnerabilities caused by the use of similar pseudo-random numbers, and entropy is delivered through network, thereby enabling QRNG virtualization.
- the enhanced entropy is strengthened by constructing the enhanced entropy by mixing local device entropy with delivered quantum entropy.
- entropy can be provided to create a highly secure encryption keys.
- Figure 1 is a conceptual diagram of Quantum Entropy Management and Distribution System.
- Figure 2 is a conceptual diagram for explaining the entropy construction process in an edge device.
- Figure 3 is a conceptual diagram illustrating a method for constructing an entropy in an XOR method of NIST SP800-90C in an edge device.
- Figure 4 is a conceptual diagram illustrating a method of constructing entropy by an oversampling method of NIST SP800-90C in an edge device.
- Figure 5 is a conceptual diagram illustrating modules of a system configured to implement a Quantum Entropy Management and Distribution System for quantum random number generation.
- Figure 6 is a conceptual diagram showing the structure of the Quantum Entropy Management and Distribution System illustrated in Figure 1.
- control unit may include an API that performs a specific function in a distributed application environment such as a single system or a cloud service, a module, a component, a chip, or a terminal that performs a specific function, or software such as an application or program.
- a distributed application environment such as a single system or a cloud service
- module a component, a chip, or a terminal that performs a specific function
- software such as an application or program.
- performance objects described in this specification may each have a physically separated structure or are functionally separated.
- these execution objects and elements constituting the execution object may be included in one control unit.
- the blocks in the accompanying block diagrams and the steps in the flow diagram refer to computer program instructions that are mounted on a processor or memory of data processing equipment such as a general purpose computer, special purpose computer, portable notebook, and network computer to perform designated functions.
- Figure 1 is a conceptual diagram of Quantum Entropy Management and Distribution System according to an example of the present invention.
- the present invention is formed to perform cryptographic communications using a QRNG (Quantum Random Number Generator) in network handshaking step of the SSL and/or TLS process.
- QRNG Quantum Random Number Generator
- an Entropy Manager module is configured to manage entropy processed through AMQP (Advanced Message Queuing Protocol) and a Service Gateway module is designed and configured to control distribution of entropy processed in the Entropy Manager module may be included.
- AMQP Advanced Message Queuing Protocol
- the present invention relates to QRNG encrypted communication made over HTTPS protocol. It is involved in the request / response of the network connection step between the client and the server.
- the HTTPS protocol works by providing an SSL or TLS security layer over HTTP.
- the author of a message can be verified through an electronic signature, and whether the message is forged or not can be proved.
- the owner of the private key encrypts the information using the private key and sends the encrypted information together with the public key
- the recipient can decrypt the information encrypted with the public key.
- QRNG Quick Network Address Translation
- participant in transmission and reception in order to transmit a message using the system, participants in transmission and reception must be registered as personal participants in the system in advance and approved as an allowed participant.
- personal identification information such as a user identification factor (phone number, user id, email address etc.) and a terminal device identification factor (device id, MAC address, IP address, Face ID, fingerprint etc.) is registered so as to identify a participating object. According to this information, the identification number, master key, etc. of the object to be registered can be generated.
- the client performs interfacing to exchange entropy through the API provided by the system.
- a public key and a symmetric key encryption method are mixed and used to transmit encrypted data.
- the client performs interfacing to exchange entropy through the API provided by the server. Therefore, it is possible to construct the NRBG (non-deterministic random bit generator) by receiving the entropy processed by the [Entropy Manager] module.
- NRBG non-deterministic random bit generator
- NRBG is constructed using local DRBG (deterministic random bit generator) and received entropy. After this stage, a key can be generated using the newly constructed NRBG.
- the encryption key is periodically generated (also known as session keys) using quantum entropy to be distributed in real-time or configured to directly manage a specific amount of quantum entropy at an edge device.
- the client sends the constructed key to the server to complete secure network connection.
- the system of the present invention transmits and receives data through a quantized random bits unlike the conventional pseudo-random number communications, before processed through DRBG on an edge device, quantum entropy being transferred is considered useless noise to any attackers. Therefore, it is possible to maintain secure connection even when entropy is distributed directly through network.
- AMQP outputs the entropy generated by the QRNG device and performs an entropy health check conforming to NIST SP800-90B.
- the [Entropy Manager] module uses a time stamp to store the new quantum entropy in the [Inventory]. And the entropy can be updated according to the result of the entropy health check (validation) process.
- RabbitMQ which is an open source message queuing protocol may be used.
- AMQP outputs the entropy generated by the QRNG device and performs an entropy health check.
- Entropy integrity (validation) test the test can run continuously in real time while quantum entropy is continuously being extracted.
- Quantum entropy after the health check is sequentially transferred to the [Entropy Manager] module.
- the [Entropy Manager] module updates the entropy in accordance with the test result.
- Figure 2 is a conceptual diagram illustrating an entropy construction process in an edge device according to an example of the present invention.
- the edge device requests the entropy to the [Service Gateway] and receives the entropy.
- the edge device can be configured for a local entropy pool so that quantum entropy is preloaded in the edge device's entropy pool based on RESTful API or custom protocol.
- the edge device may request and receive quantum entropy through the [Service Gateway].
- the entropy generated by the local deterministic random bit generator (DRBG) and the quantum entropy extracted from the QRNG device are used.
- mixing entropy in various ways recommended by NIST SP 800-90C to construct new quantum entropy is used for security algorithm.
- the edge device receives the entropy from the [Service Gateway] and constructs the NRBG. Secure cryptographic keys can be generated using the constructed NRBG.
- Figure 3 is a conceptual diagram illustrating a method for constructing an entropy in an XOR method of NIST SP800-90C in an edge device according to an example of the present invention.
- Figure 4 is a conceptual diagram illustrating a method of constructing entropy in an NIST SP800-90C oversampling method in an edge device according to an example of the present invention.
- edge devices can create new quantum entropy by mixing in various ways recommended by NIST SP800-90C and can be applied to security algorithms. Conditioning can be done in XOR, oversampling, and various ways.
- the XOR method is a mechanism for generating NRBG using full entropy as shown in Figure 3.
- NRBG is generated by combining the output values of the full entropy source and DRBG using XOR operation.
- the oversampling method is a mechanism for generating NRBG using full entropy as shown in Figure 4.
- DRBG receives an entropy input from an entropy source and generates an NRBG output
- Figure 5 is a conceptual diagram illustrating modules of a system configured to implement a quantum entropy management and distribution operation service for quantum random number generation according to an example of the present invention.
- Figure 6 is a conceptual diagram illustrating a process of driving each module of a quantum entropy operation service system for generating quantum random numbers according to an example of the present invention.
- the present invention can also be considered as a microservice based architecture for QEaaS (Quantum Entropy-as-a-Service) implementation.
- the Quantum Entropy Management and Distribution System consists of the following seven parts: Entropy Extraction, Entropy Validation, Entropy Management, Entropy Delivery, Edge Device Construction, Server Operation & Management, Service Administration.
- the system includes an NTP (Network Time Protocol) server, an [Entropy Loader] module, an [Entropy Monitor] module, an [Entropy Manager] module, a [Service Gateway] module, an [Operation and Management] module, and a [Service Administration] module.
- NTP Network Time Protocol
- NTP server runs networking protocol for clock synchronization between computer systems and helps logging.
- the NTP server prevents data loss and increases log analysis efficiency.
- the [Entropy Loader] module extracts quantum entropy from the QRNG device.
- the [Entropy Loader] module delivers the extracted quantum entropy to other modules described below. Within the entire system, the [Entropy Loader] acts as a postman delivering entropy to needy modules.
- the [Entropy Monitor] module tests the integrity and quality of quantum entropy conforming to NIST SP800-90B.
- non-IID non-independent and identically distributed
- the integrity test is a real-time validation performed while the quantum entropy is being extracted.
- the mode estimation is performed through entropy measurement based on probability theory and information theory. Specifically, it is achieved by obtaining the minimum entropy as the frequency of the most occurring samples in the quantum entropy data set.
- the method for estimating the mode finds the ratio (p) of the most frequently occurring samples in the input quantum entropy data set.
- the minimum entropy per sample (H ⁇ ) is estimated by using the upper limit of the 99% confidence interval for the ratio (p) of the sample.
- Quantum entropy after the health check is sequentially transferred to the [Entropy Manager] module.
- the [Entropy Manager] module is configured to update the entropy in accordance with the result of the entropy health (validation) test process.
- the [Entropy Manager] module uses a time stamp to store the new quantum entropy in the Inventory.
- the Entropy Manager module is responsible for delivering requested entropy to the Service Gateway module.
- the [Entropy Loader], the [Entropy Monitor], and the [Entropy Manager] module are designed to operate organically through RabbitMQ technology.
- each module responds faster, so that quantum entropy can be managed and distributed in real time with the lowest possible latency.
- the [Service Gateway] module is configured to control entropy distribution.
- the [Service Gateway] may be formed to be specified by a user among a user-defined protocol-based communication gateway and an API service gateway.
- the module includes a user-defined protocol-based communication gateway and an API service gateway. In the present invention, it is designed to allow a user to specify an existing case within business requirements or an edge device.
- the automotive industry seeks to defend and prevent malicious attacks through over-the-air (OTA) programming.
- OTA over-the-air
- the [Service Gateway] may be designed to change the distribution method depending on the business model by preloading a large amount of quantum entropy, rather than distributing the entropy required to periodically update the OTA firmware in real time.
- the [Service Gateway] module can implement quantum entropy preloaded in the entropy pool based on RESTful API or user-defined protocol for the fastest possible response. Through this, it is possible to distribute the quantum entropy stored in the [Entropy Manager] module faster with the lowest possible latency.
- the edge device can be an automobile, a smartphone, an application, or any type of communication capable devices.
- the edge device can request and receive quantum entropy from the system of this present invention.
- the service of the present invention may provide recommendations in the following two typical scenarios:
- the first use is the entropy generated by the local deterministic random bit generator and the quantum entropy extracted from the QRNG device attached to cloud and/or server.
- the new quantum entropy mixed in various ways recommended by the NIST SP800-90C, can be used for security algorithms.
- the second is that quantum entropy can be managed and utilized for various types of edge devices.
- Entropy Management Life Cycle Policy can be configured and deployed through API.
- the [Operation and Management] modules are configured to monitor the operations of other modules and the overall process of the system.
- the [Operation and Management] module may form a server in which system management and monitoring tools are integrated.
- the [Operations and Management] module monitors the entire system, process and resources of the present invention in real time.
- [Operations and Management] modules monitor processes or meaningful parameters. It runs commands such as run / stop / kill / suspend / wake-up and manages process flow.
- the [Operation and Management] module can report logs and statistical data for each system process to the user and/or administrator.
- the [Service Administration] module is designed to manage the operational elements of the system.
- the [Service Administration] module is the overall operating tool of the present invention.
- Operation tools consist of user management using services, entropy policy, entropy extraction rules, entropy monitor configuration, entropy management configuration, entropy pool configuration, gateway configuration, server and process flow configuration.
- the present invention described above by using a quantum random number to solve the security vulnerability due to the use of a software-like pseudo-random number, it is possible to deliver the entropy via network, thereby enabling the implementation of virtualization of QRNG.
- quantum entropy with enhanced security via network encrypted communication is possible even without a dedicated quantum encryption module mounted on edge devices. It is possible to create an encryption key using a virtualized QRNG and securely provide the encryption key to needy clients such as banks, governments, and enterprises. Therefore, it is possible to provide entropy by using quantum entropy data to create a highly secure encryption key. Accordingly, the Quantum Entropy Management and Distribution System allows to embrace the existing (legacy) cryptographic systems to improve security and be quantum-resistant.
- the present invention described above is not limited to the configuration and/or method of the described examples.
- the above examples may be configured by selectively combining all or part of each component so that various modifications can be made.
- Entropy management 40 Entropy transmission
- NTP Server 220 Entropy loader module
- Entropy monitor module 240 Entropy management module
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention provides Quantum Entropy Management and Distribution System including a control unit designed and configured to perform cryptographic communications using a QRNG (Quantum Random Number Generator) via network connection handshaking step of an SSL or TLS process.
Description
This invention describes managing and distributing quantum entropy on a server so that quantum entropy is delivered to needy clients upon request. The end results are edge devices with DRBG (Deterministic Random Bit Generator) receive Quantum Entropy from server to generate Quantum Random Number without dedicated Quantum-related hardware on the client side.
Recently, problems such as leakage of personal information due to attacks by hackers on computerized systems are frequently occurring, and research on various security technologies to prevent data leakage has been conducted. The most widely used security technology is a method of enhancing security by creating an encryption key through an encryption algorithm. The encryption key used for security must be configured so that it cannot be easily guessed by others. Secrecy of encryption key is of the utmost importance.
A random number is required to generate an encryption key. In fact, random number generation is essential for just about every security related application, such as cryptographic protocols. For example, those of well-known and existing asymmetric key protocols such as DSA, RSA and Diffie-Hellman algorithms generate their keys using random numbers based on prime numbers. Another example, one-time pad (OTP) technique requires a random number string of the same length as the data to be encrypted. The main limitation of this technique is the requirements for key exchange. Quantum Key Distribution (QKD) provides a way to generate two secure keys at a distant location, which requires a huge amount of random numbers. All of these examples reflect the Kerckhoffs's principle, which states that cypher should be entirely in the key. Therefore, the key used in the encryption algorithm must be secure, which actually requires and involves random selection. Thus, random number generation not only considers Kerckhoffs's initial research concerns about cyber defense, but also affects computer technology, science, economics, lottery, gaming, encrypted institutions using random numbers and personal data privacy issues. Random number refers to a randomly generated number. There are two types of random numbers, one of which is a true random number, which is an ideal random number that cannot be predicted: the front / back like a coin toss, and has an independent form of the event that will occur later.
And there is a pseudo-random number generated by the random number generation algorithm (PRNG). In general, a random number used for generating an encryption key is often used as a pseudo-random number, and since the pseudo-random number has a specific pattern, a random number generation pattern is easily exposed by others. Accordingly, various studies for generating pure random numbers have been conducted in recent years in order to solve the vulnerability of pseudo-random numbers.
However, high-quality random numbers are difficult to generate, and cannot be generated by deterministic algorithms such as computer programs. In fact, existing algorithm-based pseudo-random number generators can be used for simulation purposes, but the resulting pseudo-random numbers are, in principle, reproducible, making them unsuitable for encryption. A physical random number generator is required to ensure the uniqueness and, optionally, randomness of the generated bit string.
One of the representative techniques for generating true random numbers is a random number generation technique using a non-deterministic random number generator (NRBG). The non-deterministic random number generator refers to a technique for generating random numbers using a large entropy input obtained by observing a physical phenomenon of a predetermined noise source.
For example, by using an image sensor such as a CMOS image sensor or a CCD sensor as a noise source, the uncertainty of the number of photons exhibited by the particle characteristics of light possessed by the light source is generated as noise. This is a method of generating random numbers by obtaining entropy data with shot (light/photon) noise. Since the random number using the non-deterministic random number generator is difficult to predict the generation pattern, its use is increasing in banking, governments, enterprises, and military security facilities dealing with data requiring maximum security. However, it is difficult for these institutions to secure entropy data through various noise sources. Therefore, there is a need for research to support the secure distribution and management of entropy data acquired through various noise sources to generate encryption keys.
In order to solve this problem, recently, a technology using a quantum random number generator (QRNG) has been developed. However, integrating QRNG technologies on the existing devices are no easy task. Physical size, heat, power consumption, high material and implementation costs are the main barrier for a wide adoption.
The Quantum Entropy Management and Distribution System was devised to solve the conventional problems as described above and presents the following solutions.
A system-wide capable of quantum cryptographic communications even when a dedicated quantum encryption module is not integrated to an edge device by delivering entropy with enhanced security through network.
In order to solve the above problems, the present invention provides a Quantum Entropy Management and Distribution System which is designed to perform encryption communication such as SSL and/or TLS using QRNG (Quantum Random Number Generator) in network connection handshaking step.
According to an example of the present invention, the control unit includes an [Entropy Manager] module designed to manage entropy processed through AMQP (Advanced Message Queuing Protocol), and a [Service Gateway] module configured to control distribution of entropy processed in the [Entropy Manager] module.
According to an example of the present invention, the [Entropy Manager] module is formed to fetch an API for QRNG encrypted communication through the [Service Gateway] module.
According to an example of the present invention, the [Service Gateway] module uses HTTPS to encrypt the data delivered in response to requests and responses to QRNG and transmits it to the edge devices upon requests.
According to an example of the present invention, the edge devices construct the entropy by conforming to the conditioning method illustrated by NIST SP800-90C.
According to an example of the present invention, the conditioning method includes an XOR method and/or an oversampling method.
According to an example of the present invention, AMQP includes an [Entropy Loader] module configured to extract quantum entropy generated from QRNG and deliver the extracted quantum entropy to other modules to be processed and an [Entropy Monitor] module which is designed and configured to validate quantum entropy through health testing method illustrated by NIST SP800-90B.
According to an example of the present invention, the [Entropy Manager] module is configured to update and process the entropy in accordance with the result of the SP800-90B entropy health test process.
According to an example of the present invention, health testing is done through mode estimation.
According to an example of the present invention, in the health test, only a data set consisting of up to 8-bit samples is used as an input, and when the size of the extracted quantum entropy is greater than 8 bits, the bit that has the biggest changes is converted into samples of 8 bits or fewer.
According to an example of the present invention, the health test runs continuously validating the extracted quantum entropy in real-time.
According to an example of the present invention, the mode estimation estimates the ratio (p) of the most frequently occurring samples in the input quantum entropy data set, and estimates the minimum entropy per sample using the upper limit of the 99% confidence interval for the ratio (p).
According to an example of the present invention, the [Service Gateway] module implements a quantum entropy preloaded in an entropy cache based on a RESTful API and/or a user-defined protocol.
The Quantum Entropy Management and Distribution System according to the present invention provides the following impacts.
First, quantum entropy is used to solve security vulnerabilities caused by the use of similar pseudo-random numbers, and entropy is delivered through network, thereby enabling QRNG virtualization.
Second, the enhanced entropy is strengthened by constructing the enhanced entropy by mixing local device entropy with delivered quantum entropy.
Third, by utilizing the virtualized QRNG module, institutions such as banks, governments, military and enterprises can create and enhance security of encryption keys.
Fourth, by using quantum entropy data, entropy can be provided to create a highly secure encryption keys.
Figure 1 is a conceptual diagram of Quantum Entropy Management and Distribution System.
Figure 2 is a conceptual diagram for explaining the entropy construction process in an edge device.
Figure 3 is a conceptual diagram illustrating a method for constructing an entropy in an XOR method of NIST SP800-90C in an edge device.
Figure 4 is a conceptual diagram illustrating a method of constructing entropy by an oversampling method of NIST SP800-90C in an edge device.
Figure 5 is a conceptual diagram illustrating modules of a system configured to implement a Quantum Entropy Management and Distribution System for quantum random number generation.
Figure 6 is a conceptual diagram showing the structure of the Quantum Entropy Management and Distribution System illustrated in Figure 1.
The invention will be described in more detail with reference to the drawings.
The words "module" and "part" for the components used in the description below are given or mixed for ease of specification only. It does not have meanings or roles that are distinct from each other.
When it is determined that a detailed description of related technologies may obscure the subject matter of the present specification, the detailed description will be omitted. For example, the description of the NIST SP800-90 series applied to the present invention or the contents of the various QRNG structure s will be omitted unless it is directly related to the present invention.
Attached figures are to help understanding of the present specification. Technical concept disclosed in the present specification is not limited by attached figures.
All modifications, equivalents, and substitutes are included in the concept and scope of the present invention.
When an element is said to be "connected" or "accessed" to another component, it may be directly connected to or accessed to the other component, but other components may exist in the middle. On the other hand, when a component is said to be "directly connected" or "directly accessed" to another component, there is no other component in the middle.
Singular expressions include plural expressions unless expressly stated otherwise.
In this specification, the terms "include" or "have" are intended to designate the presence of features, numbers, steps, actions, components, parts or combinations thereof described in the specification. It should be understood that one or more other features or numbers, steps, operations, components, parts, or combinations thereof are not excluded in advance.
In the present invention, the control unit may include an API that performs a specific function in a distributed application environment such as a single system or a cloud service, a module, a component, a chip, or a terminal that performs a specific function, or software such as an application or program. Also, the performance objects described in this specification may each have a physically separated structure or are functionally separated.
When only functionally, these execution objects and elements constituting the execution object may be included in one control unit.
Also, the blocks in the accompanying block diagrams and the steps in the flow diagram refer to computer program instructions that are mounted on a processor or memory of data processing equipment such as a general purpose computer, special purpose computer, portable notebook, and network computer to perform designated functions.
Since computer program commands can be stored in a memory provided in a computer device or in a computer readable memory, the functions described in the steps of the block diagrams or flowcharts of the block diagram are produced as an article containing commands and means for performing them. Each block or step represents a module, segment, or portion of code that contains one or more executable instructions for executing a specified logical function.
Figure 1 is a conceptual diagram of Quantum Entropy Management and Distribution System according to an example of the present invention.
The present invention is formed to perform cryptographic communications using a QRNG (Quantum Random Number Generator) in network handshaking step of the SSL and/or TLS process. To this end, an Entropy Manager module is configured to manage entropy processed through AMQP (Advanced Message Queuing Protocol) and a Service Gateway module is designed and configured to control distribution of entropy processed in the Entropy Manager module may be included.
Referring to Figure 1, the present invention relates to QRNG encrypted communication made over HTTPS protocol. It is involved in the request / response of the network connection step between the client and the server.
The HTTPS protocol works by providing an SSL or TLS security layer over HTTP.
In the HTTPS protocol, the author of a message can be verified through an electronic signature, and whether the message is forged or not can be proved.
If the owner of the private key encrypts the information using the private key and sends the encrypted information together with the public key, the recipient can decrypt the information encrypted with the public key.
Security was weak because the existing encryption and decryption was done through software-like pseudo-random numbers.
In addition, to solve this security vulnerability, encrypted communication using QRNG has been developed, but in order to implement this, there is a problem that QRNG hardware must be integrated on either a server and/or a client.
According to an example of the present invention, in order to transmit a message using the system, participants in transmission and reception must be registered as personal participants in the system in advance and approved as an allowed participant.
Therefore, in the message transmission method according to an example of the present invention, personal identification information such as a user identification factor (phone number, user id, email address etc.) and a terminal device identification factor (device id, MAC address, IP address, Face ID, fingerprint etc.) is registered so as to identify a participating object. According to this information, the identification number, master key, etc. of the object to be registered can be generated.
The client performs interfacing to exchange entropy through the API provided by the system.
In the SSL communication process, a public key and a symmetric key encryption method are mixed and used to transmit encrypted data.
When establishing a secure communication channel, public key cryptography is used and a temporary random symmetric key is generated and exchanged through the secure channel.
In the SSL communication process, when computers communicate each other through the network, the process of handshaking, session, and session termination is performed. Before exchanging the encrypted HTTP message, the client and the server perform SSL handshaking.
The concept of the present invention will be explained by taking 3-way handshaking as an example. When the client connects to the server, the server asks about the encryption method, and at this time, the entropy processed through the [Entropy Manager] module is delivered.
At this stage, the client performs interfacing to exchange entropy through the API provided by the server. Therefore, it is possible to construct the NRBG (non-deterministic random bit generator) by receiving the entropy processed by the [Entropy Manager] module.
That is, NRBG is constructed using local DRBG (deterministic random bit generator) and received entropy. After this stage, a key can be generated using the newly constructed NRBG.
According to an example of the present invention, it is possible that the encryption key is periodically generated (also known as session keys) using quantum entropy to be distributed in real-time or configured to directly manage a specific amount of quantum entropy at an edge device.
The client sends the constructed key to the server to complete secure network connection.
Since the system of the present invention transmits and receives data through a quantized random bits unlike the conventional pseudo-random number communications, before processed through DRBG on an edge device, quantum entropy being transferred is considered useless noise to any attackers. Therefore, it is possible to maintain secure connection even when entropy is distributed directly through network.
According to what is shown, AMQP outputs the entropy generated by the QRNG device and performs an entropy health check conforming to NIST SP800-90B.
The [Entropy Manager] module uses a time stamp to store the new quantum entropy in the [Inventory]. And the entropy can be updated according to the result of the entropy health check (validation) process.
Referring to Figure 1, in the present invention, the quantum entropy generated in the QRNG device and is extracted using AMQP, and the health check (validation) of the quantum entropy is performed.
Preferably, in the present invention, RabbitMQ which is an open source message queuing protocol may be used.
AMQP outputs the entropy generated by the QRNG device and performs an entropy health check.
Entropy integrity (validation) test, the test can run continuously in real time while quantum entropy is continuously being extracted.
Quantum entropy after the health check is sequentially transferred to the [Entropy Manager] module. The [Entropy Manager] module updates the entropy in accordance with the test result.
Figure 2 is a conceptual diagram illustrating an entropy construction process in an edge device according to an example of the present invention.
Referring to Figure 2, to achieve quantum cryptographic communications, the edge device requests the entropy to the [Service Gateway] and receives the entropy.
According to an example of the present invention, for the lowest possible server-client latency, the edge device can be configured for a local entropy pool so that quantum entropy is preloaded in the edge device's entropy pool based on RESTful API or custom protocol.
According to what is shown, the edge device may request and receive quantum entropy through the [Service Gateway].
In the present invention, the entropy generated by the local deterministic random bit generator (DRBG) and the quantum entropy extracted from the QRNG device are used. At this stage, mixing entropy in various ways recommended by NIST SP 800-90C to construct new quantum entropy is used for security algorithm.
For example, the edge device receives the entropy from the [Service Gateway] and constructs the NRBG. Secure cryptographic keys can be generated using the constructed NRBG.
In addition, according to another example of the present invention, it is also possible to manage and utilize quantum entropy to embrace various types of edge devices.
Figure 3 is a conceptual diagram illustrating a method for constructing an entropy in an XOR method of NIST SP800-90C in an edge device according to an example of the present invention.
Figure 4 is a conceptual diagram illustrating a method of constructing entropy in an NIST SP800-90C oversampling method in an edge device according to an example of the present invention.
As explained above, edge devices can create new quantum entropy by mixing in various ways recommended by NIST SP800-90C and can be applied to security algorithms. Conditioning can be done in XOR, oversampling, and various ways.
The XOR method is a mechanism for generating NRBG using full entropy as shown in Figure 3.
In this mechanism, NRBG is generated by combining the output values of the full entropy source and DRBG using XOR operation.
The oversampling method is a mechanism for generating NRBG using full entropy as shown in Figure 4.
In this mechanism, a method in which DRBG receives an entropy input from an entropy source and generates an NRBG output is used.
The detailed configuration for driving the system will be described in detail with reference to Figures 5 and 6.
Figure 5 is a conceptual diagram illustrating modules of a system configured to implement a quantum entropy management and distribution operation service for quantum random number generation according to an example of the present invention.
Figure 6 is a conceptual diagram illustrating a process of driving each module of a quantum entropy operation service system for generating quantum random numbers according to an example of the present invention.
The present invention can also be considered as a microservice based architecture for QEaaS (Quantum Entropy-as-a-Service) implementation. The Quantum Entropy Management and Distribution System consists of the following seven parts: Entropy Extraction, Entropy Validation, Entropy Management, Entropy Delivery, Edge Device Construction, Server Operation & Management, Service Administration.
Referring to Figure 5 and Figure 6, the system includes an NTP (Network Time Protocol) server, an [Entropy Loader] module, an [Entropy Monitor] module, an [Entropy Manager] module, a [Service Gateway] module, an [Operation and Management] module, and a [Service Administration] module.
NTP server runs networking protocol for clock synchronization between computer systems and helps logging. The NTP server prevents data loss and increases log analysis efficiency.
The [Entropy Loader] module extracts quantum entropy from the QRNG device.
In addition, the [Entropy Loader] module delivers the extracted quantum entropy to other modules described below. Within the entire system, the [Entropy Loader] acts as a postman delivering entropy to needy modules.
The [Entropy Monitor] module tests the integrity and quality of quantum entropy conforming to NIST SP800-90B.
As it is defined and illustrated in NIST SP800-90B, a method of non-IID (non-independent and identically distributed) validation scheme with 1,000,000 entropy samples was used.
The amount of computation of each algorithm and the amount of memory required are affected by the sample size of quantum entropy. Therefore, in the present invention, only a data set consisting of up to 8-bit samples S=(S
1 … S
n) is used as an input, and when the size of the extracted quantum entropy is greater than 8 bits (N>S), the bit that has the biggest changes is converted into samples of 8 bits or fewer.
This sample conversion is based on the Section 6.4 of NIST SP800-90B. The conversion itself corresponds to the disclosed technical information, and thus is not described in detail herein.
Also, In the present invention, the integrity test is a real-time validation performed while the quantum entropy is being extracted.
The mode estimation is performed through entropy measurement based on probability theory and information theory. Specifically, it is achieved by obtaining the minimum entropy as the frequency of the most occurring samples in the quantum entropy data set.
The method for estimating the mode finds the ratio (p) of the most frequently occurring samples in the input quantum entropy data set. The minimum entropy per sample (H
∞) is estimated by using the upper limit of the 99% confidence interval for the ratio (p) of the sample.
Quantum entropy after the health check is sequentially transferred to the [Entropy Manager] module.
The [Entropy Manager] module is configured to update the entropy in accordance with the result of the entropy health (validation) test process.
The [Entropy Manager] module uses a time stamp to store the new quantum entropy in the Inventory.
The Entropy Manager module is responsible for delivering requested entropy to the Service Gateway module.
According to an example of the present invention, the [Entropy Loader], the [Entropy Monitor], and the [Entropy Manager] module are designed to operate organically through RabbitMQ technology.
Through this design, each module responds faster, so that quantum entropy can be managed and distributed in real time with the lowest possible latency.
The [Service Gateway] module is configured to control entropy distribution.
According to an example of the present invention, the [Service Gateway] may be formed to be specified by a user among a user-defined protocol-based communication gateway and an API service gateway. In general, the module includes a user-defined protocol-based communication gateway and an API service gateway. In the present invention, it is designed to allow a user to specify an existing case within business requirements or an edge device.
For example, as the core value of automobiles has recently shifted from hardware to software, the automotive industry seeks to defend and prevent malicious attacks through over-the-air (OTA) programming. In this case, the [Service Gateway] may be designed to change the distribution method depending on the business model by preloading a large amount of quantum entropy, rather than distributing the entropy required to periodically update the OTA firmware in real time.
Also, the [Service Gateway] module can implement quantum entropy preloaded in the entropy pool based on RESTful API or user-defined protocol for the fastest possible response. Through this, it is possible to distribute the quantum entropy stored in the [Entropy Manager] module faster with the lowest possible latency.
The edge device can be an automobile, a smartphone, an application, or any type of communication capable devices.
The edge device can request and receive quantum entropy from the system of this present invention.
According to an example of the present invention, the service of the present invention may provide recommendations in the following two typical scenarios:
The first use is the entropy generated by the local deterministic random bit generator and the quantum entropy extracted from the QRNG device attached to cloud and/or server. The new quantum entropy, mixed in various ways recommended by the NIST SP800-90C, can be used for security algorithms.
The second is that quantum entropy can be managed and utilized for various types of edge devices.
For example, if a quantum entropy is periodically consumed when generating encryption keys in a security authentication procedure, it is possible to serve as a real-time distribution service.
Also, should edge devices choose to have a certain amounts of quantum entropy preloaded in their local storage, Entropy Management Life Cycle Policy can be configured and deployed through API.
The [Operation and Management] modules are configured to monitor the operations of other modules and the overall process of the system. The [Operation and Management] module may form a server in which system management and monitoring tools are integrated.
The [Operations and Management] module monitors the entire system, process and resources of the present invention in real time.
For example, [Operations and Management] modules monitor processes or meaningful parameters. It runs commands such as run / stop / kill / suspend / wake-up and manages process flow.
In addition, the [Operation and Management] module can report logs and statistical data for each system process to the user and/or administrator.
The [Service Administration] module is designed to manage the operational elements of the system. The [Service Administration] module is the overall operating tool of the present invention.
Operation tools consist of user management using services, entropy policy, entropy extraction rules, entropy monitor configuration, entropy management configuration, entropy pool configuration, gateway configuration, server and process flow configuration.
The present invention described above, by using a quantum random number to solve the security vulnerability due to the use of a software-like pseudo-random number, it is possible to deliver the entropy via network, thereby enabling the implementation of virtualization of QRNG. In addition, by delivering quantum entropy with enhanced security via network, encrypted communication is possible even without a dedicated quantum encryption module mounted on edge devices. It is possible to create an encryption key using a virtualized QRNG and securely provide the encryption key to needy clients such as banks, governments, and enterprises. Therefore, it is possible to provide entropy by using quantum entropy data to create a highly secure encryption key. Accordingly, the Quantum Entropy Management and Distribution System allows to embrace the existing (legacy) cryptographic systems to improve security and be quantum-resistant.
The present invention described above is not limited to the configuration and/or method of the described examples. The above examples may be configured by selectively combining all or part of each component so that various modifications can be made.
10 : Entropy generator 20 : Entropy inspector
30 : Entropy management 40 : Entropy transmission
50 : Edge device
100 : Quantum entropy operation service system
200 : Structure of quantum entropy operation service system
210 : NTP Server 220 : Entropy loader module
230 : Entropy monitor module 240 : Entropy management module
250 : Service gateway module
260 : Operation and management module
270 : Service management module
Claims (14)
- Quantum Entropy Management and Distribution System, comprising:control unit configured to perform cryptographic communication using QRNG via network connection handshaking step of the SSL and/or TLS process.
- Quantum Entropy Management and Distribution System of claim 1, wherein said control unit comprising,Manager module formed to manage entropy processed through AMQP, andService Gateway module formed to control the distribution of entropy processed by the Entropy Manager module.
- Quantum Entropy Management and Distribution System of claim 2,Said Entropy Manager module formed to fetch an API for QRNG encrypted communications through said Service Gateway module.
- Quantum Entropy Management and Distribution System of claim 3,Said Service Gateway module formed to transmit datas encrypted with QRNG to edge devices during request and response of HTTPS.
- Quantum Entropy Management and Distribution System of claim 4,Said edge devices formed to construct an entropy by utilizing a conditioning method of NIST SP800-90C.
- Quantum Entropy Management and Distribution System of claim 5,Said conditioning method comprises an XOR method and/or an oversampling method.
- Quantum Entropy Management and Distribution System of claim 2, wherein said AMQP comprising,an Entropy Loader module formed to extract the quantum entropy generated by the QRNG device and deliver the extracted quantum entropy to other modules, andan entropy monitor module formed to verify the quantum entropy through integrity test.
- Quantum Entropy Management and Distribution System of claim 7,Said Entropy Manager module formed to update the entropy in accordance with the results of the entropy health (validation) test process.
- Quantum Entropy Management and Distribution System of claim 8,Said health test being made through mode estimation.
- Quantum Entropy Management and Distribution System of claim 9,Said health test uses data sets of up to 8-bit samples as input, and selects the most variable bit among the samples and converts it into a sample of 8 bits or fewer if the size of the extracted quantum entropy is greater than 8 bits.
- Quantum Entropy Management and Distribution System of claim 10,Said health test repeatedly tests quantum entropy continuously extracted through real-time verification while quantum entropy is output.
- Quantum Entropy Management and Distribution System of claim 11,Said mode estimate formed to find the ratio (p) of the most frequently occurring samples in the input quantum entropy data set, and estimate the minimum entropy per sample using the upper bound of the 99% confidence interval for the ratio p.
- Quantum Entropy Management and Distribution System of claim 3, 4, 7, 8 or 10,Said Quantum Entropy Management & Distribution System implements quantum entropy life cycle management in conjunction with NTP server, entropy consumption rate, entropy generation rate and size of local entropy cache pool.
- Quantum Entropy Management and Distribution System of claim 2,Said Service Gateway module implements the quantum entropy preloaded in the entropy pool based on a RESTful API and/or a user-defined protocol.
Applications Claiming Priority (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| KR10-2019-0128396 | 2019-10-16 | ||
| KR20190128396 | 2019-10-16 | ||
| KR10-2020-0051015 | 2020-04-27 | ||
| KR1020200051015A KR20210045285A (en) | 2019-10-16 | 2020-04-27 | Quantum Entropy Management and Distribution System |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| WO2021075653A1 true WO2021075653A1 (en) | 2021-04-22 |
Family
ID=75538721
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/KR2020/005644 WO2021075653A1 (en) | 2019-10-16 | 2020-04-29 | Intelligent quantum entropy management and distribution system |
Country Status (1)
| Country | Link |
|---|---|
| WO (1) | WO2021075653A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116170232A (en) * | 2023-04-21 | 2023-05-26 | 安徽中科锟铻量子工业互联网有限公司 | Quantum gateway data display management system |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180239592A1 (en) * | 2011-09-30 | 2018-08-23 | Los Alamos National Security, Llc | Quantum random number generators |
-
2020
- 2020-04-29 WO PCT/KR2020/005644 patent/WO2021075653A1/en active Application Filing
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180239592A1 (en) * | 2011-09-30 | 2018-08-23 | Los Alamos National Security, Llc | Quantum random number generators |
Non-Patent Citations (4)
| Title |
|---|
| AGUADO A., LOPEZ D.R., LOPEZ V., DE LA IGLESIA F., PASTOR A., PEEV M., AMAYA W., MARTIN F., ABELLAN C., MARTIN V.: "Quantum technologies in support for 5G services: ordered proof-of-transit", 45TH EUROPEAN CONFERENCE ON OPTICAL COMMUNICATION (ECOC 2019), INSTITUTION OF ENGINEERING AND TECHNOLOGY, 1 January 2019 (2019-01-01), pages 341 - 341, XP055803701, ISBN: 978-1-83953-185-9, DOI: 10.1049/cp.2019.1075 * |
| AGUADO ALEJANDRO; LOPEZ VICTOR; MARTINEZ-MATEO JESUS; SZYRKOWIEC THOMAS; AUTENRIETH ACHIM; PEEV MOMTCHIL; LOPEZ DIEGO; MARTIN VICE: "Hybrid conventional and quantum security for software defined and virtualized networks", JOURNAL OF OPTICAL COMMUNICATIONS AND NETWORKING, INSTITUTE OF ELECTRICAL AND ELECTRONICS ENGINEERS, US, vol. 9, no. 10, 1 October 2017 (2017-10-01), US, pages 819 - 825, XP011671107, ISSN: 1943-0620, DOI: 10.1364/JOCN.9.000819 * |
| BARKER ELAINE, KELSEY JOHN, GALLAGHER PATRICK D: "Recommendation for Random Bit Generator (RBG) Constructions National Institute of Standards and Technology", NIST SPECIAL PUBLICATION 800-90C, 1 August 2012 (2012-08-01), pages 1 - 50, XP055803705, Retrieved from the Internet <URL:https://csrc.nist.gov/csrc/media/publications/sp/800-90c/draft/documents/draft-sp800-90c.pdf> [retrieved on 20210511] * |
| NEMANJA MAJSTOROVIC ; MILENKO ANDRIC ; DAVORIN MIKLUC: "Entropy-based algorithm for speech recognition in noisy environment", TELECOMMUNICATIONS FORUM (TELFOR), 2011 19TH, IEEE, 22 November 2011 (2011-11-22), pages 667 - 670, XP032106106, ISBN: 978-1-4577-1499-3, DOI: 10.1109/TELFOR.2011.6143635 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116170232A (en) * | 2023-04-21 | 2023-05-26 | 安徽中科锟铻量子工业互联网有限公司 | Quantum gateway data display management system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Van Den Hooff et al. | Vuvuzela: Scalable private messaging resistant to traffic analysis | |
| Winter et al. | ScrambleSuit: A polymorphic network protocol to circumvent censorship | |
| Choi et al. | Digital forensic analysis of encrypted database files in instant messaging applications on Windows operating systems: Case study with KakaoTalk, NateOn and QQ messenger | |
| US11588627B2 (en) | Systems and methods for utilizing quantum entropy in single packet authorization for secure network connections | |
| US9065642B2 (en) | Intercepting key sessions | |
| US20170244687A1 (en) | Techniques for confidential delivery of random data over a network | |
| Puthal et al. | Decision tree based user-centric security solution for critical IoT infrastructure | |
| Kim et al. | Resilient end-to-end message protection for cyber-physical system communications | |
| WO2019182377A1 (en) | Method, electronic device, and computer-readable recording medium for generating address information used for transaction of blockchain-based cryptocurrency | |
| WO2023160420A1 (en) | Group message encryption method and apparatus, device and storage medium | |
| Yuan et al. | Assuring string pattern matching in outsourced middleboxes | |
| CN105049448B (en) | Single-sign-on device and method | |
| Guo et al. | Enabling privacy-preserving header matching for outsourced middleboxes | |
| WO2021075653A1 (en) | Intelligent quantum entropy management and distribution system | |
| EP2892206B1 (en) | System and method for push framework security | |
| CN111065097A (en) | Method and system for channel protection based on shared key in mobile internet | |
| CN113037611B (en) | Mobile safety instant communication method based on multiple public IM channels | |
| KR20210045285A (en) | Quantum Entropy Management and Distribution System | |
| Qiu et al. | Privacy-preserving health data sharing for medical cyber-physical systems | |
| Hitaswi et al. | A bio-inspired model to provide data security in cloud storage | |
| CN109120576A (en) | Data sharing method and device, computer equipment and storage medium | |
| Abukhait et al. | An adaptive confidentiality security service enhancement protocol using image-based key generator for multi-agent ethernet packet switched networks | |
| CN101552667A (en) | Method for synchronously realizing encryption and authentication | |
| Manojkumar et al. | Prevent data in embedded based customized wireless message transmitting system using aes algorithm with artificial bee colony optimisation techniques | |
| Rhbech et al. | An optimized and intelligent security-based message queuing protocol S-MQTT applied to medical IOT COVID-19 DATA monitoring platforms |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 20875810 Country of ref document: EP Kind code of ref document: A1 |
|
| NENP | Non-entry into the national phase |
Ref country code: DE |
|
| 122 | Ep: pct application non-entry in european phase |
Ref document number: 20875810 Country of ref document: EP Kind code of ref document: A1 |