WO2024034699A1 - Procédé pour effectuer une authentification d'utilisateur dans un système de communication quantique, et dispositif associé - Google Patents

Procédé pour effectuer une authentification d'utilisateur dans un système de communication quantique, et dispositif associé Download PDF

Info

Publication number
WO2024034699A1
WO2024034699A1 PCT/KR2022/011803 KR2022011803W WO2024034699A1 WO 2024034699 A1 WO2024034699 A1 WO 2024034699A1 KR 2022011803 W KR2022011803 W KR 2022011803W WO 2024034699 A1 WO2024034699 A1 WO 2024034699A1
Authority
WO
WIPO (PCT)
Prior art keywords
qber
authentication
information
estimation
receiving end
Prior art date
Application number
PCT/KR2022/011803
Other languages
English (en)
Korean (ko)
Inventor
안병규
이상림
이호재
김자영
Original Assignee
엘지전자 주식회사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 엘지전자 주식회사 filed Critical 엘지전자 주식회사
Priority to PCT/KR2022/011803 priority Critical patent/WO2024034699A1/fr
Publication of WO2024034699A1 publication Critical patent/WO2024034699A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • This specification relates to a quantum communication system, and more specifically, to a method and device for performing user authentication in a quantum communication system.
  • Wireless communication systems are being widely deployed to provide various types of communication services such as voice and data.
  • a wireless communication system is a multiple access system that can support communication with multiple users by sharing available system resources (bandwidth, transmission power, etc.).
  • multiple access systems include Code Division Multiple Access (CDMA) systems, Frequency Division Multiple Access (FDMA) systems, Time Division Multiple Access (TDMA) systems, Space Division Multiple Access (SDMA), and Orthogonal Frequency Division Multiple Access (OFDMA) systems.
  • CDMA Code Division Multiple Access
  • FDMA Frequency Division Multiple Access
  • TDMA Time Division Multiple Access
  • SDMA Space Division Multiple Access
  • OFDMA Orthogonal Frequency Division Multiple Access
  • SC-FDMA Single Carrier Frequency Division Multiple Access
  • IDMA Interleave Division Multiple Access
  • quantum communication a next-generation communication technology that can overcome the limitations of existing information and communication, such as security and high-speed computation, by applying quantum mechanical characteristics to the information and communication field.
  • existing communication which is based on binary bit information
  • quantum communication provides a means of generating, transmitting, processing, and storing information in the form of a superposition of 0 and 1.
  • wavelength or amplitude is used to transmit information between the transmitting end and the receiving end, but unlike this, in quantum communication, photons, the smallest unit of light, are used to transmit information between the transmitting end and the receiving end.
  • the purpose of this specification is to provide a method and device for performing user authentication in a quantum communication system.
  • the purpose of this specification is to provide a method and device for performing user authentication using information transmitted through a quantum channel in a quantum communication system.
  • the purpose of this specification is to provide a method and device for user authentication using information used to estimate QBER (Quantum bit error rate) in a quantum communication system.
  • QBER Quantum bit error rate
  • the purpose of this specification is to provide a method and device for updating a symmetric key for user authentication pre-shared between the transmitting end and the receiving end in a quantum communication system.
  • This specification provides a method and device for performing user authentication in a quantum communication system.
  • a method for a transmitter to perform authentication in a quantum communication system involves, at the receiver, estimating QBER (Quantum Bit Error Rate) to determine whether or not there is eavesdropping on a quantum channel. Transmitting QBER estimation information generated based on a checking sequence for; performing the QBER estimation based on the receiving end and the QBER estimation information; And based on the result of the QBER estimation, performing authentication with the receiving end by reusing the checking sequence, wherein the authentication is performed by (i) the reused checking sequence and (ii) the transmitting end and the receiving end. It is characterized in that it is performed based on a pre-shared symmetric key.
  • QBER Quantum Bit Error Rate
  • this specification provides, at the receiving end, to correct errors between (i) the bit value of the checking sequence generated by the transmitting end and (ii) the bit value of the receiving end checking sequence obtained by the receiving end by measuring the QBER estimation information. It may further include the step of transmitting error correction information.
  • the error correction information includes (i) information about the bit value of the checking sequence and (ii) information about the basis used for polarization coding for a bit at a specific position within the bit string of the checking sequence. It may be characterized as including.
  • this specification provides (a) (i) a basis used for polarization coding for a bit at a specific position within the bit stream of the checking sequence at the transmitting end and (ii) a bit stream of the checking sequence at the transmitting end.
  • the basis used for measuring the QBER estimation information corresponding to a specific position is the same, and (b) (i) the bit value of the bit at the specific position and (ii) the QBER estimation information corresponding to the specific position.
  • the measured value at the receiving end of the QBER estimation information corresponding to the specific location is corrected to the same value as the bit value of the bit of the specific location based on the error correction information. .
  • an authentication message for the authentication is generated based on (i) the reused checking sequence and (ii) the pre-shared symmetric key.
  • the pre-shared symmetric key may be used to determine the positions of bits used for generating the authentication message in the bit string of the reused checking sequence.
  • this specification may feature that the length of the bit string of the pre-shared symmetric key and the length of the bit string constituting the reused checking sequence are the same.
  • the present specification provides that at least one bit in the bit string of the reused checking sequence at a position corresponding to the position of at least one bit with a specific bit value in the bit string of the pre-shared symmetric key is used for the authentication. It can be characterized as a message.
  • this specification provides that, based on the bit value of the first position of the bit string of the pre-shared symmetric key, the bit values of the odd positions or the bit values of the even positions in the bit string of the reused checking sequence are used to authenticate the authentication. It may be characterized as being used in the creation of a message.
  • the authentication message is based on (i) the pre-shared symmetric key and (ii) an XOR operation on the bit values at odd positions or the bit values at even positions in the bit string of the checking sequence. It can be characterized as being created.
  • this specification provides that, when bit values in odd positions in the bit string of the checking sequence are used to generate the authentication message, bit values in odd positions in the pre-shared symmetric key are used in an XOR operation, When bit values in even positions in the bit string of the checking sequence are used to generate the authentication message, bit values in even positions in the pre-shared symmetric key may be used for an XOR operation. there is.
  • the pre-shared symmetric key may be used to select a hash function for generating the authentication message.
  • the reused checking sequence is used as an input to a hash function that is mapped to the bit value of the pre-shared symmetric key, and the output value of the hash function that is mapped to the bit value of the pre-shared symmetric key is used for the authentication. It may be characterized as a message.
  • this specification includes the steps of transmitting message information to the receiving end over a quantum channel based on the authentication result; and (i) updating the pre-shared symmetric key based on the message information and (ii) the pre-shared symmetric key.
  • this specification may feature that the pre-shared symmetric key is updated based on (i) the message information and (ii) an XOR operation on the pre-shared symmetric key.
  • a transmitter that performs authentication in a quantum communication system includes a transmitter for transmitting a wireless signal; A receiver for receiving wireless signals; at least one processor; and at least one computer memory operably connectable to the at least one processor and storing instructions that, when executed by the at least one processor, perform operations, the operations comprising: , transmitting QBER estimation information generated based on a checking sequence for QBER (Quantum Bit Error Rate) estimation for determining whether or not there is eavesdropping on a quantum channel; performing the QBER estimation based on the receiving end and the QBER estimation information; And based on the result of the QBER estimation, performing authentication with the receiving end by reusing the checking sequence, wherein the authentication is performed by (i) the reused checking sequence and (ii) the transmitting end and the receiving end. It is characterized in that it is performed based on a pre-shared symmetric key.
  • a method for a receiving end to perform authentication in a quantum communication system is a checking sequence for QBER (Quantum Bit Error Rate) estimation to determine whether or not there is eavesdropping on a quantum channel from the transmitting end.
  • a receiving end that performs authentication in a quantum communication system includes a transmitter for transmitting a wireless signal; A receiver for receiving wireless signals; at least one processor; and at least one computer memory operably connectable to the at least one processor and storing instructions that, when executed by the at least one processor, perform operations, the operations comprising: , receiving QBER estimation information generated based on a checking sequence for QBER (Quantum Bit Error Rate) estimation for determining whether or not there is eavesdropping on a quantum channel; performing the QBER estimation based on the transmitter and the QBER estimation information; And based on the result of the QBER estimation, performing authentication with the transmitting end by reusing the checking sequence, wherein the authentication is performed by (i) the reused checking sequence and (ii) the transmitting end and the receiving end. It is characterized in that it is performed based on a pre-shared symmetric key.
  • the present specification provides that, in a non-transitory computer readable medium (CRM) storing one or more instructions, one or more instructions executable by one or more processors are provided at a transmitting end: a receiving end, a quantum channel (Quantum channel) ) Control to transmit QBER estimation information generated based on a checking sequence for QBER (Quantum Bit Error Rate) estimation for determining whether or not there is eavesdropping on the device, and the receiving end and the QBER estimation information based on the QBER estimation information.
  • CCM computer readable medium
  • Control to perform QBER estimation and control to perform the authentication with the receiving end by reusing the checking sequence based on the result of the QBER estimation, wherein the authentication is performed by (i) the reused checking sequence and (ii) the It is characterized in that it is performed based on a symmetric key previously shared between the transmitting end and the receiving end.
  • the present specification is directed to a device including one or more memories and one or more processors functionally connected to the one or more memories, wherein the one or more processors are used by the device as a receiving end on a quantum channel.
  • Control to perform, and based on the result of the QBER estimation control to perform authentication with the receiving end by reusing the checking sequence, wherein the authentication is performed with (i) the reused checking sequence and (ii) the transmitting end. It is characterized in that it is performed based on a symmetric key pre-shared with the receiving end.
  • This specification has the effect of performing user authentication in a quantum communication system.
  • this specification has the effect of performing user authentication using information transmitted through a quantum channel in a quantum communication system.
  • this specification performs user authentication using information transmitted through a quantum channel in a quantum communication system, safety can be secured without assuming that the transmitting and receiving ends of the classical channel and the quantum channel are the same.
  • this specification has the effect of performing user authentication using information used to estimate QBER (Quantum bit error rate) in a quantum communication system.
  • this specification has the effect of enabling user authentication in a quantum communication system without generating a separate authentication message.
  • this specification does not generate a separate authentication message for user authentication in a quantum communication system, which has the effect of saving communication resources.
  • this specification has the effect of updating the symmetric key for user authentication that is pre-shared between the transmitting end and the receiving end in a quantum communication system.
  • this specification has the effect of ensuring safety because it is possible to update the symmetric key for user authentication that is pre-shared between the transmitting end and the receiving end in a quantum communication system.
  • this specification has the effect of increasing the efficiency of generating secret keys used for data encryption and decryption in a quantum key distribution system.
  • Figure 1 is a diagram showing an example of a communication system applicable to this specification.
  • Figure 2 is a diagram showing an example of a wireless device applicable to this specification.
  • Figure 3 is a diagram showing a method of processing a transmission signal applicable to this specification.
  • Figure 4 is a diagram showing another example of a wireless device applicable to this specification.
  • Figure 5 is a diagram showing an example of a portable device applicable to this specification.
  • Figure 6 is a diagram showing physical channels applicable to this specification and a signal transmission method using them.
  • Figure 7 is a diagram showing the structure of a wireless frame applicable to this specification.
  • Figure 8 is a diagram showing a slot structure applicable to this specification.
  • Figure 9 is a diagram showing an example of a communication structure that can be provided in a 6G system applicable to this specification.
  • Figure 10 shows an example of a man-in-the-middle attack that can occur in quantum communication.
  • Figure 11 is a diagram showing an example of a MAC-based authentication technique.
  • Figure 12 is a diagram showing an example of an authentication method based on Wegman & Carter Authentication (WCA).
  • Figure 13 is a diagram to explain the correlation between the number of hash functions and collision probability.
  • Figure 14 is a diagram showing an example of a symmetric key update method in the quantum key distribution technique.
  • Figure 15 is a diagram showing an example of the tag creation process in the existing authentication technique.
  • Figure 16 is a diagram showing an example in which user authentication is performed through a classical channel in quantum communication.
  • Figure 17 is a diagram illustrating an example in which user authentication is performed using QBER estimation information transmitted through a quantum channel in quantum communication.
  • Figure 18 is a diagram for explaining how a pre-shared symmetric key is used to determine the location of authentication information.
  • Figure 19 is a diagram showing the overall sequence of the user authentication process to which the method proposed in this specification is applied.
  • Figure 20 is a diagram illustrating an example of a method in which a pre-shared symmetric key is used for an XOR operation with a message for MAC generation.
  • Figure 21 is a diagram showing the overall sequence of the user authentication process to which the method proposed in this specification is applied.
  • Figure 22 is a diagram to explain how a pre-shared symmetric key is used to select a hash function to be used for MAC generation among hash functions constituting the hash function set H used in the MAC algorithm.
  • Figure 23 is a diagram showing the overall sequence of the user authentication process to which the method proposed in this specification is applied.
  • Figure 24 is a diagram for explaining a pre-shared symmetric key update method.
  • Figure 25 is a flowchart showing an example of how the user authentication method proposed in this specification is performed at the transmitting end.
  • Figure 26 is a flowchart showing an example of how the user authentication method proposed in this specification is performed at the receiving end.
  • the base station is meant as a terminal node of the network that directly communicates with the mobile station. Certain operations described herein as being performed by the base station may, in some cases, be performed by an upper node of the base station.
  • 'base station' is a term such as fixed station, Node B, eNB (eNode B), gNB (gNode B), ng-eNB, advanced base station (ABS), or access point. It can be replaced by .
  • a terminal may include a user equipment (UE), a mobile station (MS), a subscriber station (SS), a mobile subscriber station (MSS), It can be replaced with terms such as mobile terminal or advanced mobile station (AMS).
  • UE user equipment
  • MS mobile station
  • SS subscriber station
  • MSS mobile subscriber station
  • AMS advanced mobile station
  • the transmitting end refers to a fixed and/or mobile node that provides a data service or a voice service
  • the receiving end refers to a fixed and/or mobile node that receives a data service or a voice service. Therefore, in the case of uplink, the mobile station can be the transmitting end and the base station can be the receiving end. Likewise, in the case of downlink, the mobile station can be the receiving end and the base station can be the transmitting end.
  • Embodiments of the present specification include wireless access systems such as the IEEE 802.xx system, 3GPP (3rd Generation Partnership Project) system, 3GPP LTE (Long Term Evolution) system, 3GPP 5G (5th generation) NR (New Radio) system, and 3GPP2 system. It may be supported by at least one standard document disclosed in the present specification, and in particular, the embodiments of the present disclosure are supported by the 3GPP TS (technical specification) 38.211, 3GPP TS 38.212, 3GPP TS 38.213, 3GPP TS 38.321 and 3GPP TS 38.331 documents. It can be.
  • 3GPP TS technical specification
  • embodiments of the present specification can be applied to other wireless access systems and are not limited to the above-described system. As an example, it may be applicable to systems applied after the 3GPP 5G NR system and is not limited to a specific system.
  • CDMA code division multiple access
  • FDMA frequency division multiple access
  • TDMA time division multiple access
  • OFDMA orthogonal frequency division multiple access
  • SC-FDMA single carrier frequency division multiple access
  • LTE is 3GPP TS 36.xxx Release 8 and later.
  • LTE technology after 3GPP TS 36.xxx Release 10 may be referred to as LTE-A
  • LTE technology after 3GPP TS 36.xxx Release 13 may be referred to as LTE-A pro.
  • 3GPP NR may refer to technology after TS 38.xxx Release 15.
  • 3GPP 6G may refer to technology after TS Release 17 and/or Release 18. “xxx” refers to the standard document detail number.
  • LTE/NR/6G can be collectively referred to as a 3GPP system.
  • the communication system 100 applied herein includes a wireless device, a base station, and a network.
  • a wireless device refers to a device that performs communication using wireless access technology (e.g., 5G NR, LTE) and may be referred to as a communication/wireless/5G device.
  • wireless devices include robots (100a), vehicles (100b-1, 100b-2), extended reality (XR) devices (100c), hand-held devices (100d), and home appliances (100d).
  • appliance) (100e), IoT (Internet of Thing) device (100f), and AI (artificial intelligence) device/server (100g).
  • vehicles may include vehicles equipped with wireless communication functions, autonomous vehicles, vehicles capable of inter-vehicle communication, etc.
  • the vehicles 100b-1 and 100b-2 may include an unmanned aerial vehicle (UAV) (eg, a drone).
  • UAV unmanned aerial vehicle
  • the XR device 100c includes augmented reality (AR)/virtual reality (VR)/mixed reality (MR) devices, including a head-mounted device (HMD), a head-up display (HUD) installed in a vehicle, a television, It can be implemented in the form of smartphones, computers, wearable devices, home appliances, digital signage, vehicles, robots, etc.
  • the mobile device 100d may include a smartphone, smart pad, wearable device (eg, smart watch, smart glasses), computer (eg, laptop, etc.), etc.
  • Home appliances 100e may include a TV, refrigerator, washing machine, etc.
  • IoT device 100f may include sensors, smart meters, etc.
  • the base station 120 and the network 130 may also be implemented as wireless devices, and a specific wireless device 120a may operate as a base station/network node for other wireless devices.
  • Wireless devices 100a to 100f may be connected to the network 130 through the base station 120.
  • AI technology may be applied to the wireless devices 100a to 100f, and the wireless devices 100a to 100f may be connected to the AI server 100g through the network 130.
  • the network 130 may be configured using a 3G network, 4G (eg, LTE) network, or 5G (eg, NR) network.
  • Wireless devices 100a to 100f may communicate with each other through the base station 120/network 130, but communicate directly (e.g., sidelink communication) without going through the base station 120/network 130. You may.
  • vehicles 100b-1 and 100b-2 may communicate directly (eg, vehicle to vehicle (V2V)/vehicle to everything (V2X) communication).
  • the IoT device 100f eg, sensor
  • the IoT device 100f may communicate directly with other IoT devices (eg, sensor) or other wireless devices 100a to 100f.
  • Wireless communication/connection may be established between the wireless devices (100a to 100f)/base station (120) and the base station (120)/base station (120).
  • wireless communication/connection includes various methods such as uplink/downlink communication (150a), sidelink communication (150b) (or D2D communication), and inter-base station communication (150c) (e.g., relay, integrated access backhaul (IAB)).
  • IAB integrated access backhaul
  • This can be achieved through wireless access technology (e.g. 5G NR).
  • wireless communication/connection 150a, 150b, 150c
  • a wireless device and a base station/wireless device, and a base station and a base station can transmit/receive wireless signals to each other.
  • wireless communication/connection 150a, 150b, and 150c may transmit/receive signals through various physical channels.
  • various configuration information setting processes for transmitting/receiving wireless signals various signal processing processes (e.g., channel encoding/decoding, modulation/demodulation, resource mapping/demapping, etc.) , at least some of the resource allocation process, etc. may be performed.
  • FIG. 2 is a diagram illustrating an example of a wireless device that can be applied to this specification.
  • the first wireless device 200a and the second wireless device 200b can transmit and receive wireless signals through various wireless access technologies (eg, LTE, NR).
  • ⁇ first wireless device 200a, second wireless device 200b ⁇ refers to ⁇ wireless device 100x, base station 120 ⁇ and/or ⁇ wireless device 100x, wireless device 100x) in FIG. ⁇ can be responded to.
  • the first wireless device 200a includes one or more processors 202a and one or more memories 204a, and may further include one or more transceivers 206a and/or one or more antennas 208a.
  • Processor 202a controls memory 204a and/or transceiver 206a and may be configured to implement the descriptions, functions, procedures, suggestions, methods and/or operational flowcharts disclosed herein.
  • the processor 202a may process information in the memory 204a to generate first information/signal and then transmit a wireless signal including the first information/signal through the transceiver 206a.
  • the processor 202a may receive a wireless signal including the second information/signal through the transceiver 206a and then store information obtained from signal processing of the second information/signal in the memory 204a.
  • the memory 204a may be connected to the processor 202a and may store various information related to the operation of the processor 202a.
  • memory 204a may perform some or all of the processes controlled by processor 202a or instructions for performing the descriptions, functions, procedures, suggestions, methods and/or operational flowcharts disclosed herein.
  • Software code containing them can be stored.
  • the processor 202a and the memory 204a may be part of a communication modem/circuit/chip designed to implement wireless communication technology (eg, LTE, NR).
  • Transceiver 206a may be coupled to processor 202a and may transmit and/or receive wireless signals via one or more antennas 208a.
  • Transceiver 206a may include a transmitter and/or receiver.
  • the transceiver 206a may be used interchangeably with a radio frequency (RF) unit.
  • RF radio frequency
  • a wireless device may mean a communication modem/circuit/chip.
  • the second wireless device 200b includes one or more processors 202b, one or more memories 204b, and may further include one or more transceivers 206b and/or one or more antennas 208b.
  • Processor 202b controls memory 204b and/or transceiver 206b and may be configured to implement the descriptions, functions, procedures, suggestions, methods and/or operational flowcharts disclosed herein.
  • the processor 202b may process information in the memory 204b to generate third information/signal and then transmit a wireless signal including the third information/signal through the transceiver 206b.
  • the processor 202b may receive a wireless signal including the fourth information/signal through the transceiver 206b and then store information obtained from signal processing of the fourth information/signal in the memory 204b.
  • the memory 204b may be connected to the processor 202b and may store various information related to the operation of the processor 202b. For example, memory 204b may perform some or all of the processes controlled by processor 202b or instructions for performing the descriptions, functions, procedures, suggestions, methods, and/or operational flowcharts disclosed herein. Software code containing them can be stored.
  • the processor 202b and the memory 204b may be part of a communication modem/circuit/chip designed to implement wireless communication technology (eg, LTE, NR).
  • Transceiver 206b may be coupled to processor 202b and may transmit and/or receive wireless signals via one or more antennas 208b.
  • the transceiver 206b may include a transmitter and/or a receiver.
  • the transceiver 206b may be used interchangeably with an RF unit.
  • a wireless device may mean a communication modem/circuit/chip.
  • one or more protocol layers may be implemented by one or more processors 202a and 202b.
  • one or more processors 202a and 202b may operate on one or more layers (e.g., physical (PHY), media access control (MAC), radio link control (RLC), packet data convergence protocol (PDCP), and radio resource (RRC). control) and functional layers such as SDAP (service data adaptation protocol) can be implemented.
  • layers e.g., physical (PHY), media access control (MAC), radio link control (RLC), packet data convergence protocol (PDCP), and radio resource (RRC). control
  • SDAP service data adaptation protocol
  • One or more processors 202a, 202b may generate one or more Protocol Data Units (PDUs) and/or one or more service data units (SDUs) according to the descriptions, functions, procedures, suggestions, methods, and/or operational flowcharts disclosed herein. can be created.
  • One or more processors 202a and 202b may generate messages, control information, data or information according to the descriptions, functions, procedures, suggestions, methods and/or operational flowcharts disclosed herein.
  • One or more processors 202a and 202b generate signals (e.g., baseband signals) containing PDUs, SDUs, messages, control information, data or information according to the functions, procedures, proposals and/or methods disclosed herein.
  • transceivers 206a, 206b can be provided to one or more transceivers (206a, 206b).
  • One or more processors 202a, 202b may receive signals (e.g., baseband signals) from one or more transceivers 206a, 206b, and the descriptions, functions, procedures, suggestions, methods, and/or operational flowcharts disclosed herein.
  • PDU, SDU, message, control information, data or information can be obtained.
  • One or more processors 202a, 202b may be referred to as a controller, microcontroller, microprocessor, or microcomputer.
  • One or more processors 202a and 202b may be implemented by hardware, firmware, software, or a combination thereof.
  • ASICs application specific integrated circuits
  • DSPs digital signal processors
  • DSPDs digital signal processing devices
  • PLDs programmable logic devices
  • FPGAs field programmable gate arrays
  • firmware or software may be implemented using firmware or software, and the firmware or software may be implemented to include modules, procedures, functions, etc.
  • Firmware or software configured to perform the descriptions, functions, procedures, suggestions, methods and/or operational flowcharts disclosed herein may be included in one or more processors 202a and 202b or stored in one or more memories 204a and 204b. It may be driven by the above processors 202a and 202b.
  • the descriptions, functions, procedures, suggestions, methods and/or operational flowcharts disclosed herein may be implemented using firmware or software in the form of codes, instructions and/or sets of instructions.
  • One or more memories 204a and 204b may be connected to one or more processors 202a and 202b and may store various types of data, signals, messages, information, programs, codes, instructions and/or commands.
  • One or more memories 204a, 204b may include read only memory (ROM), random access memory (RAM), erasable programmable read only memory (EPROM), flash memory, hard drives, registers, cache memory, computer readable storage media, and/or It may be composed of a combination of these.
  • One or more memories 204a and 204b may be located internal to and/or external to one or more processors 202a and 202b. Additionally, one or more memories 204a and 204b may be connected to one or more processors 202a and 202b through various technologies, such as wired or wireless connections.
  • One or more transceivers may transmit user data, control information, wireless signals/channels, etc. mentioned in the methods and/or operation flowcharts of this specification to one or more other devices.
  • One or more transceivers 206a, 206b may receive user data, control information, wireless signals/channels, etc. referred to in the descriptions, functions, procedures, suggestions, methods and/or operational flowcharts disclosed herein, etc. from one or more other devices. there is.
  • one or more transceivers 206a and 206b may be connected to one or more processors 202a and 202b and may transmit and receive wireless signals.
  • one or more processors 202a, 202b may control one or more transceivers 206a, 206b to transmit user data, control information, or wireless signals to one or more other devices. Additionally, one or more processors 202a and 202b may control one or more transceivers 206a and 206b to receive user data, control information, or wireless signals from one or more other devices. In addition, one or more transceivers (206a, 206b) may be connected to one or more antennas (208a, 208b), and one or more transceivers (206a, 206b) may be connected to the description and functions disclosed herein through one or more antennas (208a, 208b).
  • one or more antennas may be a plurality of physical antennas or a plurality of logical antennas (eg, antenna ports).
  • One or more transceivers (206a, 206b) process the received user data, control information, wireless signals/channels, etc. using one or more processors (202a, 202b), and convert the received wireless signals/channels, etc. from the RF band signal. It can be converted to a baseband signal.
  • One or more transceivers (206a, 206b) may convert user data, control information, wireless signals/channels, etc. processed using one or more processors (202a, 202b) from a baseband signal to an RF band signal.
  • one or more transceivers 206a, 206b may include (analog) oscillators and/or filters.
  • Figure 3 is a diagram illustrating a method of processing a transmission signal applied to this specification.
  • the transmission signal may be processed by a signal processing circuit.
  • the signal processing circuit 300 may include a scrambler 310, a modulator 320, a layer mapper 330, a precoder 340, a resource mapper 350, and a signal generator 360.
  • the operation/function of FIG. 3 may be performed in the processors 202a and 202b and/or transceivers 206a and 206b of FIG. 2.
  • the hardware elements of FIG. 3 may be implemented in the processors 202a and 202b and/or transceivers 206a and 206b of FIG. 2.
  • blocks 310 to 350 may be implemented in the processors 202a and 202b of FIG. 2
  • block 360 may be implemented in the transceivers 206a and 206b of FIG. 2, but are not limited to the above-described embodiment.
  • the codeword can be converted into a wireless signal through the signal processing circuit 300 of FIG. 3.
  • a codeword is an encoded bit sequence of an information block.
  • the information block may include a transport block (eg, UL-SCH transport block, DL-SCH transport block).
  • Wireless signals may be transmitted through various physical channels (eg, PUSCH, PDSCH) in FIG. 6.
  • the codeword may be converted into a scrambled bit sequence by the scrambler 310.
  • the scramble sequence used for scrambling is generated based on an initialization value, and the initialization value may include ID information of the wireless device.
  • the scrambled bit sequence may be modulated into a modulation symbol sequence by the modulator 320.
  • Modulation methods may include pi/2-binary phase shift keying (pi/2-BPSK), m-phase shift keying (m-PSK), and m-quadrature amplitude modulation (m-QAM).
  • the complex modulation symbol sequence may be mapped to one or more transport layers by the layer mapper 330.
  • the modulation symbols of each transport layer may be mapped to corresponding antenna port(s) by the precoder 340 (precoding).
  • the output z of the precoder 340 can be obtained by multiplying the output y of the layer mapper 330 by the N*M precoding matrix W.
  • N is the number of antenna ports and M is the number of transport layers.
  • the precoder 340 may perform precoding after performing transform precoding (eg, discrete Fourier transform (DFT) transform) on complex modulation symbols. Additionally, the precoder 340 may perform precoding without performing transform precoding.
  • transform precoding eg, discrete Fourier transform (DFT) transform
  • the resource mapper 350 can map the modulation symbols of each antenna port to time-frequency resources.
  • a time-frequency resource may include a plurality of symbols (eg, CP-OFDMA symbol, DFT-s-OFDMA symbol) in the time domain and a plurality of subcarriers in the frequency domain.
  • the signal generator 360 generates a wireless signal from the mapped modulation symbols, and the generated wireless signal can be transmitted to another device through each antenna.
  • the signal generator 360 may include an inverse fast fourier transform (IFFT) module, a cyclic prefix (CP) inserter, a digital-to-analog converter (DAC), a frequency uplink converter, etc. .
  • IFFT inverse fast fourier transform
  • CP cyclic prefix
  • DAC digital-to-analog converter
  • the signal processing process for a received signal in a wireless device may be configured as the reverse of the signal processing processes 310 to 360 of FIG. 3.
  • a wireless device eg, 200a and 200b in FIG. 2
  • the received wireless signal can be converted into a baseband signal through a signal restorer.
  • the signal restorer may include a frequency downlink converter, an analog-to-digital converter (ADC), a CP remover, and a fast fourier transform (FFT) module.
  • ADC analog-to-digital converter
  • FFT fast fourier transform
  • the baseband signal can be restored to a codeword through a resource de-mapper process, postcoding process, demodulation process, and de-scramble process.
  • a signal processing circuit for a received signal may include a signal restorer, resource de-mapper, postcoder, demodulator, de-scrambler, and decoder.
  • Figure 4 is a diagram showing another example of a wireless device applied to this specification.
  • the wireless device 400 corresponds to the wireless devices 200a and 200b of FIG. 2 and includes various elements, components, units/units, and/or modules. ) can be composed of.
  • the wireless device 400 may include a communication unit 410, a control unit 420, a memory unit 430, and an additional element 440.
  • the communication unit may include communication circuitry 412 and transceiver(s) 414.
  • communication circuitry 412 may include one or more processors 202a and 202b and/or one or more memories 204a and 204b of FIG. 2 .
  • transceiver(s) 414 may include one or more transceivers 206a, 206b and/or one or more antennas 208a, 208b of FIG. 2.
  • the control unit 420 is electrically connected to the communication unit 410, the memory unit 430, and the additional element 440 and controls overall operations of the wireless device.
  • the control unit 420 may control the electrical/mechanical operation of the wireless device based on the program/code/command/information stored in the memory unit 430.
  • the control unit 420 transmits the information stored in the memory unit 430 to the outside (e.g., another communication device) through the communication unit 410 through a wireless/wired interface, or to the outside (e.g., to another communication device) through the communication unit 410.
  • Information received through a wireless/wired interface from another communication device can be stored in the memory unit 430.
  • the additional element 440 may be configured in various ways depending on the type of wireless device.
  • the additional element 440 may include at least one of a power unit/battery, an input/output unit, a driving unit, and a computing unit.
  • the wireless device 400 may include a robot (FIG. 1, 100a), a vehicle (FIG. 1, 100b-1, 100b-2), an XR device (FIG. 1, 100c), and a portable device (FIG. 1, 100d).
  • FIG. 1, 100e home appliances
  • IoT devices Figure 1, 100f
  • digital broadcasting terminals hologram devices
  • public safety devices MTC devices
  • medical devices fintech devices (or financial devices)
  • security devices climate/ It can be implemented in the form of an environmental device, AI server/device (FIG. 1, 140), base station (FIG. 1, 120), network node, etc.
  • Wireless devices can be mobile or used in fixed locations depending on the usage/service.
  • various elements, components, units/parts, and/or modules within the wireless device 400 may be entirely interconnected through a wired interface, or at least some of them may be wirelessly connected through the communication unit 410.
  • the control unit 420 and the communication unit 410 are connected by wire, and the control unit 420 and the first unit (e.g., 430, 440) are connected wirelessly through the communication unit 410.
  • each element, component, unit/part, and/or module within the wireless device 400 may further include one or more elements.
  • the control unit 420 may be comprised of one or more processor sets.
  • control unit 420 may be comprised of a communication control processor, an application processor, an electronic control unit (ECU), a graphics processing processor, and a memory control processor.
  • memory unit 430 may be comprised of RAM, dynamic RAM (DRAM), ROM, flash memory, volatile memory, non-volatile memory, and/or a combination thereof. It can be configured.
  • Figure 5 is a diagram showing an example of a portable device applied to this specification.
  • FIG. 5 illustrates a portable device to which this specification applies.
  • Portable devices may include smartphones, smart pads, wearable devices (e.g., smart watches, smart glasses), and portable computers (e.g., laptops, etc.).
  • a mobile device may be referred to as a mobile station (MS), user terminal (UT), mobile subscriber station (MSS), subscriber station (SS), advanced mobile station (AMS), or wireless terminal (WT).
  • MS mobile station
  • UT user terminal
  • MSS mobile subscriber station
  • SS subscriber station
  • AMS advanced mobile station
  • WT wireless terminal
  • the portable device 500 includes an antenna unit 508, a communication unit 510, a control unit 520, a memory unit 530, a power supply unit 540a, an interface unit 540b, and an input/output unit 540c. ) may include.
  • the antenna unit 508 may be configured as part of the communication unit 510.
  • Blocks 510 to 530/540a to 540c correspond to blocks 410 to 430/440 in FIG. 4, respectively.
  • the communication unit 510 can transmit and receive signals (eg, data, control signals, etc.) with other wireless devices and base stations.
  • the control unit 520 can control the components of the portable device 500 to perform various operations.
  • the control unit 520 may include an application processor (AP).
  • the memory unit 530 may store data/parameters/programs/codes/commands necessary for driving the portable device 500. Additionally, the memory unit 530 can store input/output data/information, etc.
  • the power supply unit 540a supplies power to the portable device 500 and may include a wired/wireless charging circuit, a battery, etc.
  • the interface unit 540b may support connection between the mobile device 500 and other external devices.
  • the interface unit 540b may include various ports (eg, audio input/output ports, video input/output ports) for connection to external devices.
  • the input/output unit 540c may input or output video information/signals, audio information/signals, data, and/or information input from the user.
  • the input/output unit 540c may include a camera, a microphone, a user input unit, a display unit 540d, a speaker, and/or a haptic module.
  • the input/output unit 540c acquires information/signals (e.g., touch, text, voice, image, video) input from the user, and the obtained information/signals are stored in the memory unit 530. It can be saved.
  • the communication unit 510 can convert the information/signal stored in the memory into a wireless signal and transmit the converted wireless signal directly to another wireless device or to a base station. Additionally, the communication unit 510 may receive a wireless signal from another wireless device or a base station and then restore the received wireless signal to the original information/signal.
  • the restored information/signal may be stored in the memory unit 530 and then output in various forms (eg, text, voice, image, video, haptic) through the input/output unit 540c.
  • a terminal can receive information from a base station through downlink (DL) and transmit information to the base station through uplink (UL).
  • Information transmitted and received between the base station and the terminal includes general data information and various control information, and various physical channels exist depending on the type/purpose of the information they transmit and receive.
  • Figure 6 is a diagram showing physical channels applied to this specification and a signal transmission method using them.
  • a terminal that is turned on again from a power-off state or newly entered a cell performs an initial cell search task such as synchronizing with the base station in step S611.
  • the terminal receives the primary synchronization channel (P-SCH) and secondary synchronization channel (S-SCH) from the base station to synchronize with the base station and obtain information such as cell ID. .
  • the terminal can obtain intra-cell broadcast information by receiving a physical broadcast channel (PBCH) signal from the base station. Meanwhile, the terminal can check the downlink channel status by receiving a downlink reference signal (DL RS) in the initial cell search stage.
  • PBCH physical broadcast channel
  • DL RS downlink reference signal
  • the UE receives a physical downlink control channel (PDCCH) and a physical downlink shared channel (PDSCH) according to the physical downlink control channel information in step S612 and further You can obtain specific system information.
  • PDCCH physical downlink control channel
  • PDSCH physical downlink shared channel
  • the terminal may perform a random access procedure such as steps S613 to S616 to complete access to the base station.
  • the terminal transmits a preamble through a physical random access channel (PRACH) (S613), and RAR (RAR) for the preamble through the physical downlink control channel and the corresponding physical downlink shared channel.
  • PRACH physical random access channel
  • RAR RAR
  • a random access response can be received (S614).
  • the terminal transmits a physical uplink shared channel (PUSCH) using scheduling information in the RAR (S615), and a contention resolution procedure such as reception of a physical downlink control channel signal and a corresponding physical downlink shared channel signal. ) can be performed (S616).
  • PUSCH physical uplink shared channel
  • S615 scheduling information in the RAR
  • a contention resolution procedure such as reception of a physical downlink control channel signal and a corresponding physical downlink shared channel signal.
  • the terminal that has performed the above-described procedure can then receive a physical downlink control channel signal and/or a physical downlink shared channel signal (S617) and a physical uplink shared channel (physical uplink shared channel) as a general uplink/downlink signal transmission procedure.
  • a physical downlink control channel signal and/or a physical downlink shared channel signal S617
  • a physical uplink shared channel physical uplink shared channel
  • Transmission of a channel (PUSCH) signal and/or a physical uplink control channel (PUCCH) signal may be performed (S618).
  • UCI uplink control information
  • UCI includes HARQ-ACK/NACK (hybrid automatic repeat and request acknowledgment/negative-ACK), SR (scheduling request), CQI (channel quality indication), PMI (precoding matrix indication), RI (rank indication), and BI (beam indication). ) information, etc.
  • HARQ-ACK/NACK hybrid automatic repeat and request acknowledgment/negative-ACK
  • SR scheduling request
  • CQI channel quality indication
  • PMI precoding matrix indication
  • RI rank indication
  • BI beam indication
  • Figure 7 is a diagram showing the structure of a wireless frame applicable to this specification.
  • Uplink and downlink transmission based on the NR system may be based on the frame shown in FIG. 7.
  • one wireless frame has a length of 10ms and can be defined as two 5ms half-frames (HF).
  • One half-frame can be defined as five 1ms subframes (SF).
  • One subframe is divided into one or more slots, and the number of slots in a subframe may depend on subcarrier spacing (SCS).
  • SCS subcarrier spacing
  • each slot may include 12 or 14 OFDM(A) symbols depending on the cyclic prefix (CP).
  • CP cyclic prefix
  • each slot When normal CP (normal CP) is used, each slot may include 14 symbols.
  • extended CP extended CP
  • each slot may include 12 symbols.
  • the symbol may include an OFDM symbol (or CP-OFDM symbol) and an SC-FDMA symbol (or DFT-s-OFDM symbol).
  • Table 1 shows the number of symbols per slot according to SCS, the number of slots per frame, and the number of slots per subframe when a general CP is used
  • Table 2 shows the number of symbols per slot according to SCS when an extended CSP is used. Indicates the number of symbols, the number of slots per frame, and the number of slots per subframe.
  • Nslotsymb represents the number of symbols in a slot
  • Nframe, ⁇ slot represents the number of slots in a frame
  • Nsubframe, ⁇ slot may represent the number of slots in a subframe.
  • OFDM(A) numerology eg, SCS, CP length, etc.
  • OFDM(A) numerology eg, SCS, CP length, etc.
  • the (absolute time) interval of a time resource e.g., SF, slot, or TTI
  • a time unit (TU) for convenience, referred to as a time unit (TU)
  • NR can support multiple numerologies (or subcarrier spacing (SCS)) to support various 5G services. For example, if SCS is 15kHz, it supports wide area in traditional cellular bands, and if SCS is 30kHz/60kHz, it supports dense-urban, lower latency. And it supports a wider carrier bandwidth, and when the SCS is 60kHz or higher, it can support a bandwidth greater than 24.25GHz to overcome phase noise.
  • SCS subcarrier spacing
  • the NR frequency band is defined as two types (FR1, FR2) of frequency range.
  • FR1 and FR2 can be configured as shown in the table below. Additionally, FR2 may mean millimeter wave (mmW).
  • mmW millimeter wave
  • the above-described numerology may be set differently in a communication system to which this specification is applicable.
  • a terahertz wave (THz) band may be used as a higher frequency band than the above-described FR2.
  • THz terahertz wave
  • the SCS can be set larger than the NR system, and the number of slots can also be set differently, and is not limited to the above-described embodiment.
  • Figure 8 is a diagram showing a slot structure applicable to this specification.
  • One slot includes multiple symbols in the time domain. For example, in the case of normal CP, one slot includes 7 symbols, but in the case of extended CP, one slot may include 6 symbols.
  • a carrier includes a plurality of subcarriers in the frequency domain.
  • RB Resource Block
  • BWP Bandwidth Part
  • P Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband Physical Broadband, etc.
  • numerology e.g., SCS, CP length, etc.
  • a carrier wave may contain up to N (e.g., 5) BWPs. Data communication is performed through an activated BWP, and only one BWP can be activated for one terminal. Each element in the resource grid is referred to as a Resource Element (RE), and one complex symbol can be mapped.
  • RE Resource Element
  • 6G (wireless communications) systems require (i) very high data rates per device, (ii) very large number of connected devices, (iii) global connectivity, (iv) very low latency, (v) battery- The goal is to reduce the energy consumption of battery-free IoT devices, (vi) ultra-reliable connectivity, and (vii) connected intelligence with machine learning capabilities.
  • the vision of the 6G system can be four aspects such as “intelligent connectivity”, “deep connectivity”, “holographic connectivity”, and “ubiquitous connectivity”, and the 6G system can satisfy the requirements as shown in Table 4 below. In other words, Table 4 is a table showing the requirements of the 6G system.
  • the 6G system includes enhanced mobile broadband (eMBB), ultra-reliable low latency communications (URLLC), massive machine type communications (mMTC), AI integrated communication, and tactile communication.
  • eMBB enhanced mobile broadband
  • URLLC ultra-reliable low latency communications
  • mMTC massive machine type communications
  • AI integrated communication and tactile communication.
  • tactile internet high throughput, high network capacity, high energy efficiency, low backhaul and access network congestion, and improved data security. It can have key factors such as enhanced data security.
  • Figure 9 is a diagram showing an example of a communication structure that can be provided in a 6G system applicable to this specification.
  • the 6G system is expected to have simultaneous wireless communication connectivity 50 times higher than that of the 5G wireless communication system.
  • URLLC a key feature of 5G, is expected to become an even more mainstream technology in 6G communications by providing end-to-end delays of less than 1ms.
  • the 6G system will have much better volume spectrum efficiency, unlike the frequently used area spectrum efficiency.
  • 6G systems can provide very long battery life and advanced battery technologies for energy harvesting, so mobile devices in 6G systems may not need to be separately charged. Additionally, new network characteristics in 6G may include:
  • 6G is expected to be integrated with satellites to serve the global mobile constellation. Integration of terrestrial, satellite and aerial networks into one wireless communications system could be critical for 6G.
  • 6G wireless networks will deliver power to charge the batteries of devices such as smartphones and sensors. Therefore, wireless information and energy transfer (WIET) will be integrated.
  • WIET wireless information and energy transfer
  • Small cell networks The idea of small cell networks was introduced to improve received signal quality resulting in improved throughput, energy efficiency and spectral efficiency in cellular systems. As a result, small cell networks are an essential feature for 5G and Beyond 5G (5GB) communications systems. Therefore, the 6G communication system also adopts the characteristics of a small cell network.
  • Ultra-dense heterogeneous networks will be another important characteristic of the 6G communication system. Multi-tier networks comprised of heterogeneous networks improve overall QoS and reduce costs.
  • Backhaul connections are characterized by high-capacity backhaul networks to support high-capacity traffic.
  • High-speed fiber and free-space optics (FSO) systems may be possible solutions to this problem.
  • High-precision localization (or location-based services) through communication is one of the functions of the 6G wireless communication system. Therefore, radar systems will be integrated with 6G networks.
  • Softwarization and virtualization are two important features that are fundamental to the design process in 5GB networks to ensure flexibility, reconfigurability, and programmability. Additionally, billions of devices may be shared on a shared physical infrastructure.
  • Quantum communication is a next-generation communication technology that can overcome the limitations of existing information and communication, such as security and high-speed computation, by applying quantum mechanical characteristics to the information and communication field.
  • Quantum communication provides a means of generating, transmitting, processing, and storing information that cannot be expressed or is difficult to express in the form of 0 and 1 according to the binary bit information used in existing communication technology.
  • wavelength or amplitude is used to transmit information between the transmitting end and the receiving end, but unlike this, in quantum communication, photons, the smallest unit of light, are used to transmit information between the transmitting end and the receiving end.
  • quantum communication in the case of quantum communication, quantum uncertainty, quantum irreversibility, and unclonability can be used for the polarization or phase difference of photons (light), so quantum communication has the characteristic of enabling communication with complete security. Additionally, quantum communication may enable ultra-fast communication using quantum entanglement under certain conditions.
  • QKD quantum key distribution
  • QDC quantum direct communication
  • user authentication refers to a procedure to confirm whether the transmitting and receiving entity exchanging information through a channel is an authorized entity.
  • the channel may include a classical channel and a quantum channel.
  • this specification provides an ideal assumption in the existing authentication method that performs user authentication between the transmitting and receiving end using information transmitted in a quantum channel, and performs authentication with information transmitted in a classical channel. It complements the shortcomings of existing authentication methods by eliminating the possibility of information manipulation/falsification by eavesdroppers, and presents an efficient user authentication method that can reuse existing resources without creating additional resources for authentication.
  • the safety of information transmitted through quantum channels is guaranteed through the non-cloning theorem, a characteristic of quantum mechanics. More specifically, through the QBER (Quantum Bit Error Rate) estimation process using some of the information transmitted through the quantum channel, it is possible to determine whether message information transmitted through the quantum channel has been eavesdropped by a third party, and through this, the transmission message safety can be guaranteed.
  • QBER Quantum Bit Error Rate
  • Figure 10 which shows an example of a third-party attack that can occur in quantum communication
  • a third party Eve (1030) exists between Alice (1010), the transmitter, and Bob (1020), the receiver.
  • Existing authentication techniques can be divided into hash function-based authentication methods that include cryptographically strong elements and authentication methods based on security from an information theory perspective.
  • the collision probability of the hash function is used as an authentication technology based on computational complexity
  • a representative hash function-based technology is the SHA technique.
  • the hash function-based authentication method is based on computational complexity, there is a high possibility that its security will be threatened in the future due to the emergence of quantum computers.
  • authentication technology using a keyed hash function family that combines a symmetric key and a hash function based on information theoretic safety is applied and used, and ETSI (European Telecommunications Standards Institute), etc.
  • the quantum communication standards organization is adopting the method of using the keyed hash function family as a standard authentication method.
  • the method uses a hash function called Strongly Universal Hashing as a Message authentication code (MAC) algorithm to generate a Message authentication code (MAC) to be used in the authentication process, and an additional one time pad is added during the generation process.
  • MAC Message authentication code
  • OTP symmetric key used as
  • a representative example of a method using the keyed hash function family is the Wegman & Carter Authentication (WCA) technique proposed by M. Wegman and J. Carter.
  • MAC Message authentication code
  • Figure 11 is a diagram showing an example of a MAC-based authentication technique.
  • MAC is used to verify the integrity of the message, and is an authentication technique based on the fact that it is difficult for a third party who does not know the one-time symmetric key information pre-shared between the transmitter and receiver (1110 and 1120) to know which MAC algorithm was used when creating the MAC. am.
  • the transmitting end 1110 and the receiving end 1120 share the same symmetric key information 1100 and MAC algorithms 1101 and 1103.
  • the transmitter 1110 inputs a plaintext message to be used for authentication into the MAC algorithm 1101, which of the MAC algorithms will be used is selected from the value of the pre-shared key 1100.
  • the transmitting end 1110 uses a classic It transmits the plaintext message (1103) and MAC (1105) it created through the channel.
  • the receiving end inputs the received plaintext message 1104 into the MAC algorithm 1102 of the receiving end 1120.
  • the MAC can be generated using the same MAC algorithm 1102 as that of the transmitting end 1110.
  • the receiving end 1120 compares whether the MAC 1105 transmitted by the transmitting end 1110 matches the MAC generated by the receiving end 1120. If the value of the MAC 1105 transmitted by the transmitting end 1110 matches the MAC value generated by the receiving end 1120, authentication is passed/successful. If the two values do not match, the authentication fails.
  • the pre-shared symmetric key information is not information transmitted through a classical channel, but is information held only by the pre-arranged transmitter and receiver, so a third party who does not know the pre-shared symmetric key information can use the message information. Even if a symmetric key is not secured, it is impossible to know which MAC algorithm was applied from the message information obtained by a third party, and thus safety can be guaranteed. Therefore, the security of the authentication method using MAC can be understood to be higher as the variety of methods for configuring the MAC algorithm increases.
  • FIG. 12 is a diagram showing an example of an authentication method based on Wegman & Carter Authentication (WCA).
  • the authentication method of FIG. 12 can be applied to both user authentication to check whether the sender and receiver have changed during message transmission, and message authentication to check whether the contents and order of message information have changed.
  • the transmitting end 1210 generates tag information 1205 serving as a MAC from message information 1203 using a pre-shared key 1200 and a MAC algorithm 1201, similar to the MAC of FIG. 11.
  • the Hash function of the Strongly Universal Hash class is used as the MAC algorithm.
  • the pre-shared key information 1200 is a hash function in H (1201 and 1202) of the transmitting and receiving ends (1210 and 1210).
  • the tag information (1205) is It is expressed as a hash function selected from the pre-shared key with the message m of the authentication process as the input value. It is obtained from the results obtained after passing. Afterwards, the receiving end 1220 uses the message 1203 received by the receiving end 1220 to obtain the tag information 1206 of the receiving end 1220 from the pre-shared key 1200 and the hash function 1202 of the receiving end 1220. ) is compared with the tag information 1205 received from the transmitting end 1210, it is confirmed whether the two tag information matches, and then authentication is determined (1208).
  • the hash function is a function that receives information of a random length and outputs a hash value of a fixed length, and the sentence of the original length is It is also called Message digest because it is reduced to a certain length.
  • the hash function can be used as a MAC in the authentication process based on the three characteristics below.
  • Figure 13 is a diagram to explain the correlation between the number of hash functions and collision probability.
  • WCA attempts a man-in-the-middle attack when a third party, eve, replaces message m with m' and guesses the tag and sends it. Since eve does not know what hash function the sender and receiver used, a random Since the tag is estimated by selecting a hash function, the success probability is This happens. here means the number of tags. In other words, the number of tags depends on the type of hash function used. Since it is determined by the number of hash functions, it can be said that the more types of hash functions used, the lower the possibility of eve estimating the tag. Therefore, as shown in the collision probability formula of FIG. 13, it can be seen that the larger the number of hash functions, the lower the collision probability.
  • user authentication in the QKD protocol uses a method in which secret key information is exchanged between the transmitter and receiver through a quantum channel, and then user authentication is performed in a classical channel.
  • this authentication method includes the ideal assumption that the quantum channel and the classical channel are always connected between the same user, so even if eve does not exist in the classical channel, a situation may occur where a Man in middle attack attempt is made in the quantum channel. In this case, the QKD technique cannot secure/guarantee unconditional security.
  • classical channels and quantum channels are used not only in QKD but also in general quantum communication techniques, and verification of the sender and receiver of the message transmitted through the quantum channel must be based on the information transmitted through the quantum channel. Since the integrity of can be guaranteed, an authentication technique using authentication message information transmitted through a quantum channel is required.
  • the transmitting end separately generates message information for user authentication in addition to the message and QBER estimation information, and uses the separately generated message information for user authentication as input information for MAC generation in the authentication process. use.
  • additional authentication information is separately generated can result in more time delay between the transmitter generating a single block of transmission information and sending the next block's transmission information.
  • greater power consumption occurs in the process of creating more signals. Therefore, there is a need for a method that can generate information for user authentication without allocating additional resources to generate a separate message for user authentication.
  • Figure 14 is a diagram showing an example of a symmetric key update method in the quantum key distribution technique.
  • QKD quantum key distribution technique
  • information is exchanged through a quantum channel (S1410), and then the final key is obtained through post-processing processes through a classical channel (S1420 to S1440).
  • some of the final keys are used as pre-shared keys to be used in the next authentication process (1401), and previously used pre-shared keys are discarded after one use. Therefore, a significant portion of the secret key obtained through a complex process cannot be used to encrypt the classical message information to be transmitted but is used as an authentication message, resulting in a decrease in the efficiency of secret key generation.
  • FIG. 15 is a diagram showing an example of the tag creation process in the existing authentication technique.
  • the authentication message is divided into several blocks (1510), the blocks are grouped into two blocks, and the Strongly Universal (SU) hash function selected by the first preshared key is used.
  • the reduced blocks are grouped into two again, and the process of passing the hash function selected by the second pre-shared key is repeated, resulting in one final block.
  • the existing authentication technique is very complex because the MAC algorithm, which takes a message as an input value and sends a tag as an output value, follows a tree-structured iterative compression method.
  • this specification is intended to exclude the possibility of third-party attacks that occur in existing authentication techniques that are performed with subjects connected through classical channels in the authentication process of the transmitter and receiver, which is the subject of transmission, even though information is transmitted through a quantum channel.
  • the method proposed in this specification proposes a method of reusing checking sequence information transmitted through a quantum channel for QBER estimation as message information for authentication without separately generating message information required for the authentication process. Through this, authentication can be performed without generating additional information for user authentication.
  • the method proposed in this specification presents a method of simply performing authentication using a pre-shared symmetric key and authentication message information without using a complicated MAC algorithm.
  • the method proposed in this specification proposes a method in which, after the transmitting and receiving end performs authentication, the pre-shared symmetric key used once is discarded for security and updated with a new symmetric key.
  • a method of generating a new symmetric key by combining the transmitted message and the used pre-shared symmetric key can be used.
  • the method proposed in this specification proceeds with the user authentication process in the following order.
  • the transmitter generates sequence information for QBER estimation.
  • the transmitting end transmits sequence information for QBER estimation through a quantum channel, then estimates QBER through measurement at the receiving end and determines whether to proceed with authentication through the estimation result.
  • the transmitting end and the receiving end reuse the information used for QBER estimation and perform an error correction process to use it as message information for authentication. Through this process, the message information used for authentication at the transmitting and receiving end can be matched.
  • the transmitting and receiving ends each set the message information to be used for error-corrected authentication as input values, the sending and receiving ends generate a MAC using the pre-shared key information, and the transmitting and receiving ends compare the MACs each created. The user authentication process is performed based on whether there is a match or not.
  • Figure 16 is a diagram showing an example in which user authentication is performed through a classical channel in quantum communication.
  • message information 1610 for authentication is separately generated, the generated message information 1610 is shared through a classical channel, and the transmitting end and receiving end each use the same authentication message information 1610 using the MAC algorithm. After outputting the MAC used for authentication by using it as an input value, the authentication process was performed by applying the WCA technique that compares the MAC values between the transmitting and receiving ends.
  • Figure 17 is a diagram illustrating an example in which user authentication is performed using QBER estimation information transmitted through a quantum channel in quantum communication. That is, Figure 17 relates to a user authentication method performed by reusing information used for QBER estimation.
  • the checking sequence information 1710 used in the QBER estimation process to check whether message information transmitted through a quantum channel is eavesdropped is reused as message information for user authentication after the QBER estimation process is completed. It is used.
  • the user authentication method proposed in this specification uses the checking sequence information used in QBER estimation as authentication message information and applies it as the input value of the MAC algorithm.
  • the MAC value to be used for authentication is derived through a pre-shared key-based MAC algorithm.
  • the transmitting and receiving end derives the MAC value through the same process, checks whether the two values match, and decides whether to pass authentication.
  • the method proposed in this specification does not separately generate message information for authentication, so there is no need for additional resource allocation for the authentication process.
  • the ideal assumption is required that the quantum channel and the classical channel are always connected to the same sender and receiver. This assumption makes it possible for the transmission information to be transmitted through the quantum channel. It is transmitted through a channel, but if the user is authenticated by transmitting authentication information through a classical channel, it is determined that the user authentication is complete based on the assumption that the quantum channel is also connected to the same transmitter and receiver.
  • the integrity of the transmitter and receiver connected to the quantum channel can be directly verified without assuming an ideal situation.
  • This method concerns a method for solving the high configuration complexity problem of the complex MAC algorithm used in existing user authentication methods. More specifically, this method proposes three user authentication methods based on the role/use of the pre-shared symmetric key.
  • This method uses a pre-shared symmetric key to determine the location of authentication information. More specifically, based on the position of each bit of the bit string constituting the pre-shared symmetric key and the bit value of the corresponding position, the bits of authentication information corresponding to the positions of each bit are used as authentication information.
  • Figure 18 is a diagram for explaining how a pre-shared symmetric key is used to determine the location of authentication information.
  • the pre-shared symmetric key 1820 is used to select a portion of the checking sequence 1810 for QBER estimation, which is message information input for MAC generation, and the bits of the entire checking sequence 1810. Among these, some bits selected by the pre-shared symmetric key 1820 constitute the MAC. That is, the pre-shared symmetric key (Pre-shared key) 1820 is used to determine which position value in the checking sequence (1810) will be used as MAC information for authentication.
  • the checking sequence value corresponding to the position of the bit whose bit value is 1 is extracted, and the extracted sequence is used as MAC information.
  • the remaining sequences other than the extracted sequence that is, the checking sequence values corresponding to the positions of bits with a bit value of 0, are not used as MAC information and are discarded.
  • the checking sequence value corresponding to the position of the bit where the bit value is 0 is extracted, and the extracted sequence may be used as MAC information.
  • the length of the bit string constituting the pre-shared symmetric key and the length of the bit string constituting the reused checking sequence may be the same.
  • at least one bit in the bit string of the reused checking sequence at a position corresponding to the position of at least one bit with a specific bit value in the bit string of the shared symmetric key is sent to the authentication message (MAC).
  • the transmitting and receiving ends can generate the same MAC information, and this method can be used as an authentication method between the transmitting and receiving ends.
  • This method is effective in generating MAC information from an authentication message with low complexity when configuring the authentication protocol without using a complex MAC algorithm as before.
  • Figure 19 is a diagram showing the overall sequence of the user authentication process to which the method proposed in this specification is applied.
  • QBER estimation information is generated. More specifically, the transmitting end 1910 generates QBER estimation information (checking sequence) (1.), converts it into a quantum state corresponding to the value of the QBER estimation information, and transmits it to the receiving end 1920 through a quantum channel (2.) . and 3.). Afterwards, the receiving end (1920) measures the QBER estimation information converted to a quantum state based on random measurement (4.), and determines the location of the measured information and the basis used for measurement (5.). Next, the receiving end 1920 transmits information about the location of the measured information and basis information used for measurement to the transmitting end 1910 (6.). Next, the transmitting end 1910 selects information corresponding to the location where the receiving end 1920 performed the measurement using the same basis as the basis used for quantum state conversion at the transmitting end (7.).
  • the receiving end 1920 stores the measured value and basis (8.). Next, the receiving end 1920 transmits the value measured at the receiving end to the transmitting end 1910 (9.). Afterwards, the transmitting end 1910 compares the information generated and transmitted by the transmitting end 1910 with the measured value at the receiving end 1920 and performs QBER estimation (10.). At this time, if the QBER estimate value is equal to or smaller than the preset threshold, user authentication is performed. If the QBER estimate value is greater than the preset threshold, the transmission process is stopped and user authentication is not performed (11.)
  • S1930 In this step, a process is performed to match the message information used for authentication between the transmitting and receiving ends. More specifically, since a certain percentage of errors occur in the checking sequence for QBER estimation transmitted as authentication message information through a quantum channel due to the quantum channel passing process, etc., the checking sequence at the transmitting and receiving end may not completely match. . In other words, the QBER estimation result (ex) 5%) is lower than the threshold (ex) 11%), so it can be determined that there is no eavesdropper, but the value of the QBER estimation result is not 0, and in this case, the QBER estimation result is not 0. The value of may be due to a certain ratio occurring due to the quantum channel passing process in the checking sequence for QBER estimation.
  • step S1930 which is an error correction process of message information to be used for authentication, may be added. Through step S1930, the checking sequence generated at the transmitting end 1910 and the receiving checking sequence in which an error occurred due to the receiving process at the receiving end 1920 can be completely matched.
  • the transmitter 1910 starts the user authentication process (11.) and transmits the basis and measurement value corresponding to the measurement position (12.).
  • the transmitting end 1910 transmits (i) location information on what basis was used to convert the bits constituting the checking sequence into a quantum state and (ii) information about the checking sequence value converted to a quantum state. do.
  • the receiving end 1920 selects only the measurement values corresponding to the same position as the basis used for quantum state conversion at the transmitting end 1910 and the basis used for measurement at the receiving end 1920. Select (13.), and compare the information on the checking sequence value converted to quantum state transmitted from the transmitting end (1910) with the value measured by the receiving end (1920) (14.). As a result of the comparison, bit flip error correction is performed on the discrepancy between the information received from the transmitting end 1910 and the value measured by the receiving end 1920 (15.).
  • step S1940 In this step, user authentication is performed. More specifically, since the message information to be used in the authentication process of the transmitting and receiving ends matches through step S1930, based on the matched message information (checking sequence), the sending and receiving ends each use the method described in FIG. 18 (the pre-shared symmetric key is used in the MAC (used to determine the location of message information to be used) is applied to generate and output the MAC (16.). Afterwards, the receiving end 1920 transmits the generated MAC to the transmitting end 1910 (17.). The transmitting end 1910 compares the MAC generated by the transmitting end 1910 with the MAC received from the receiving end 1920 (18.), and if the MAC of the transmitting end 1910 matches the MAC of the receiving end 1920, authentication is successful.
  • the third party does not possess the symmetric key information pre-shared with the transmitter and receiver, so even if the third party steals the message information, the third party Since the user cannot know which location value is used to generate the MAC, it is impossible for a third party to generate MAC information identical to the MAC generated at the transmitting and receiving end.
  • FIG. 20 is a diagram illustrating an example of a method in which a pre-shared symmetric key is used for an XOR operation with a message for MAC generation.
  • the checking sequence used for QBER estimation is used as an input message in the authentication process (S2010), and according to the value of the first bit information of the pre-shared symmetric key, the odd position of the input message (checking sequence) The value of or the value of the even position is used as input information to be used for authentication (S2020).
  • the pre-shared symmetric key can be set/generated to be half the length of the checking sequence.
  • Step S2020 corresponds to step 16 of FIG. 21, which will be described below.
  • Step S2030 corresponds to step 17 of FIG. 21, which will be described below.
  • the length of the pre-shared symmetric key can be configured to be shorter than the checking sequence length.
  • the length of the bit string of the checking sequence is an even number
  • the length of the bit string of the pre-shared authentication key may be set to half the length of the bit string of the checking sequence.
  • the length of the bit string of the checking sequence is an odd number:
  • the length of the bit string of the pre-shared authentication key is set to a length obtained by rounding up half the length of the bit string of the checking sequence, and when bit values at even positions in the bit string of the checking sequence are used to generate the authentication message, the pre-shared authentication key
  • the length of the bit string of may be set to a length obtained by rounding down half of the length of the bit string of the checking sequence.
  • Figure 21 is a diagram showing the overall sequence of the user authentication process to which the method proposed in this specification is applied.
  • QBER estimation information is generated. More specifically, the transmitting end 2110 generates QBER estimation information (checking sequence) (1.), converts it into a quantum state corresponding to the value of the QBER estimation information, and transmits it to the receiving end 2120 through a quantum channel (2.) . and 3.). Afterwards, the receiving end 2120 measures the QBER estimation information converted to a quantum state based on random measurement (4.), and determines the location of the measured information and the basis used for measurement (5.). Next, the receiving end 2120 transmits information about the location of the measured information and basis information used for measurement to the transmitting end 2110 (6.). Next, the transmitting end 2110 selects information corresponding to the location where the receiving end 2120 performed the measurement using the same basis as the basis used for quantum state conversion at the transmitting end (7.).
  • the receiving end 2120 stores the measured value and basis (8.). Next, the receiving end 2120 transmits the value measured at the receiving end to the transmitting end 2110 (9.). Afterwards, the transmitting end 2110 compares the information generated and transmitted by the transmitting end 2110 with the measured value at the receiving end 2120 and performs QBER estimation (10.). At this time, if the QBER estimate value is equal to or smaller than the preset threshold, user authentication is performed. If the QBER estimate value is greater than the preset threshold, the transmission process is stopped and user authentication is not performed (11.)
  • S2130 In this step, a process is performed to match the message information used for authentication by the transmitting and receiving ends. More specifically, since a certain percentage of errors occur in the checking sequence for QBER estimation transmitted as message information through a quantum channel due to the quantum channel passage process, etc., the checking sequence at the transmitting and receiving end may not completely match. In other words, the QBER estimation result (ex) 5%) is lower than the threshold (ex) 11%), so it can be determined that there is no eavesdropper, but the value of the QBER estimation result is not 0, and in this case, the QBER estimation result is not 0. The value of may be due to a certain ratio occurring due to the quantum channel passing process in the checking sequence for QBER estimation.
  • step S2130 which is an error correction process of message information to be used for authentication, may be added. Through step S2130, the checking sequence generated at the transmitting end 2110 and the receiving checking sequence in which an error occurred due to the receiving process at the receiving end 2120 can be completely matched.
  • the transmitter 2110 starts the user authentication process (11.) and transmits the basis and measurement value corresponding to the measurement position (12.).
  • the transmitting end 2110 transmits (i) location information on what basis was used to convert the bits constituting the checking sequence into a quantum state and (ii) information about the checking sequence value converted to a quantum state. do.
  • the receiving end 2120 selects only the measurement values corresponding to the position where the basis used for quantum state conversion at the transmitting end 2110 and the basis used for measurement at the receiving end 2120 are the same. Select (13.), and compare the information on the checking sequence value converted to quantum state transmitted from the transmitting end (2110) with the value measured by the receiving end (2120) (14.). As a result of the comparison, bit flip error correction is performed on the discrepancy between the information received from the transmitting end 2110 and the value measured by the receiving end 2120 (15.).
  • step S2140 In this step, user authentication is performed. More specifically, since the message information to be used in the authentication process of the transmitting and receiving ends matches through step S2130, based on the matched message information (checking sequence), the sending and receiving ends each use the method described in FIG. 20 (the pre-shared symmetric key is used in the MAC (used in XOR operation with input information to generate message information to be used) is applied to generate and output MAC (16.). Afterwards, the receiving end 2120 transmits the generated MAC to the transmitting end 2110 (17.).
  • the transmitting end 2110 compares the MAC generated by the transmitting end 2110 with the MAC received from the receiving end 2120 (18.), and if the MAC of the transmitting end 2110 matches the MAC of the receiving end 2120, authentication is successful. If the MAC of the transmitting end 2110 and the MAC of the receiving end 2120 do not match, it is determined that authentication has failed.
  • the third party does not possess the symmetric key information pre-shared with the transmitter and receiver, so even if the third party steals the message information, the third party Since the user cannot know which location value is used to generate the MAC, it is impossible for a third party to generate MAC information identical to the MAC generated at the transmitting and receiving end.
  • This method relates to a method in which a pre-shared symmetric key is used to select a hash function to be used for MAC generation among the hash functions constituting the hash function set H used as the MAC algorithm.
  • Figure 22 is a diagram to explain how a pre-shared symmetric key is used to select a hash function to be used for MAC generation among hash functions constituting the hash function set H used in the MAC algorithm.
  • the checking sequence (2210) used in QBER estimation is used as an input value of the Hash function set used in the MAC algorithm, and the value of the pre-shared symmetric key is used to configure the hash function set H (2220). It is decided which hash function to select among the many hash functions. Therefore, the length of the pre-shared key is It is bits (R: the number of hash functions that make up H), and is set to a length that can distinguish all the hash functions that make up the hash function set H.
  • Figure 23 is a diagram showing the overall sequence of the user authentication process to which the method proposed in this specification is applied.
  • the transmission and reception starts the authentication process after sharing not only the preshared key but also the Universal 2 hash function set to be used as the MAC algorithm in advance before the authentication process.
  • QBER estimation information is generated. More specifically, the transmitting end 2310 generates QBER estimation information (checking sequence) (1.), converts it into a quantum state corresponding to the value of the QBER estimation information, and transmits it to the receiving end 2320 through a quantum channel (2.) . and 3.). Afterwards, the receiving end 2320 measures the QBER estimation information converted to a quantum state based on random measurement (4.), and determines the location of the measured information and the basis used for measurement (5.). Next, the receiving end 2320 transmits information about the location of the measured information and basis information used for measurement to the transmitting end 2310 (6.). Next, the transmitting end 2310 selects information corresponding to the location where the receiving end 2320 performed the measurement using the same basis as the basis used for quantum state conversion at the transmitting end (7.).
  • the receiving end 2320 stores the measured value and basis (8.). Next, the receiving end 2320 transmits the value measured at the receiving end to the transmitting end 2310 (9.). Afterwards, the transmitting end 2310 compares the information generated and transmitted by the transmitting end 2310 with the measured value at the receiving end 2320 and performs QBER estimation (10.). At this time, if the QBER estimate value is equal to or smaller than the preset threshold, user authentication is performed. If the QBER estimate value is greater than the preset threshold, the transmission process is stopped and user authentication is not performed (11.)
  • S2330 In this step, a process is performed to match the message information used for authentication by the transmitting and receiving ends. More specifically, since a certain percentage of errors occur in the checking sequence for QBER estimation transmitted as message information through a quantum channel due to the quantum channel passage process, etc., the checking sequence at the transmitting and receiving end may not completely match. In other words, the QBER estimation result (ex) 5%) is lower than the threshold (ex) 11%), so it can be determined that there is no eavesdropper, but the value of the QBER estimation result is not 0, and in this case, the QBER estimation result is not 0. The value of may be due to a certain ratio occurring due to the quantum channel passing process in the checking sequence for QBER estimation.
  • step S2330 which is an error correction process of message information to be used for authentication, may be added. Through step S2330, the checking sequence generated at the transmitting end 2310 and the receiving checking sequence in which an error occurred due to the receiving process at the receiving end 2320 can be completely matched.
  • the transmitter 2310 starts the user authentication process (11.) and transmits the basis and measurement value corresponding to the measurement position (12.).
  • the transmitting end 2310 transmits (i) location information on what basis was used to convert the bits constituting the checking sequence into a quantum state and (ii) information about the checking sequence value converted to a quantum state. do.
  • the receiving end 2320 selects only the measurement values corresponding to the same position as the basis used for quantum state conversion at the transmitting end 2310 and the basis used for measurement at the receiving end 2320. Select (13.), and compare the information on the checking sequence value converted to quantum state transmitted from the transmitting end (2310) with the value measured by the receiving end (2320) (14.). As a result of the comparison, bit flip error correction is performed on the discrepancy between the information received from the transmitting end 2310 and the value measured by the receiving end 2320 (15.).
  • step S2340 In this step, user authentication is performed. More specifically, since the message information to be used in the authentication process of the transmitting and receiving ends matches through step S2330, based on the matched message information (checking sequence), the sending and receiving ends each use the method described in FIG. 20 (the pre-shared symmetric key hash A MAC is generated and output by applying the function set (used to select a specific hash function to be used for MAC generation) (16.). Afterwards, the receiving end 2320 transmits the generated MAC to the transmitting end 2310 (17.).
  • the transmitting end 2310 compares the MAC generated by the transmitting end 2310 with the MAC received from the receiving end 2320 (18.), and if the MAC of the transmitting end 2310 matches the MAC of the receiving end 2320, authentication is successful. If the MAC of the transmitting end 2310 and the MAC of the receiving end 2320 do not match, it is determined that authentication has failed.
  • the third party does not possess the symmetric key information pre-shared with the transmitter and receiver, so even if the third party steals the message information, the third party Since the user cannot know which location value is used to generate the MAC, it is impossible for a third party to generate MAC information identical to the MAC generated at the transmitting and receiving end.
  • MAC information is output using one function among the many hash functions that make up the hash function set. Since there is no choice but to take this method, the more hash functions are used, the higher safety can be guaranteed.
  • This method relates to a method for updating a pre-shared symmetric key.
  • the user authentication technique using the MAC algorithm uses symmetric key information in the form of one time pad (OTP) to ensure high security in the authentication process. Therefore, when one user authentication is completed, the updated symmetric key is used for the next authentication to prevent the same symmetric key from being used more than once, thereby ensuring safety.
  • OTP one time pad
  • the QKD technique among existing quantum communication techniques proposes a method of using some of the final secret keys shared between the transmitter and receiver as a preshared key for authentication, and ETSI also uses this method to update the symmetric key. It is presented as a standard technique for
  • Figure 24 is a diagram for explaining a pre-shared symmetric key update method.
  • an XOR operation 2430 is performed to combine message information 2410 transmitted through a quantum channel, which is information that changes every time, and preshared key information 2420 used for the last user authentication, and the result of the XOR operation is Used as an updated preshared key to be used for next user authentication.
  • This specification proposes a method to increase the reliability and efficiency of the user authentication process of the transmitter and receiver, who are the users of information transmitted through a quantum channel, and can have the following effects.
  • This specification proposes a method of performing authentication by generating a new preshared key by combining newly transmitted message information and the used preshared key each time.
  • the preshared key information is used for one authentication only. When the process is completed, it is discarded, updated with new key information, and must be used in the next authentication process.
  • the existing key renewal technique is presented only in QKD, and there is no method of updating the preshared key in the authentication process of the remaining quantum communication techniques, and the QKD method Even in this case, it has the effect of solving the problem of using an inefficient method of discarding some of the resources used for communication for authentication by replacing some of the secret keys used for information encryption with a preshared key for authentication.
  • the method proposed in this specification is applied to QKD, unlike the existing method, there is no need to use some of the secret keys for authentication, which has the effect of improving the key rate of the quantum cryptography communication process.
  • Figure 25 is a flowchart showing an example of how the user authentication method proposed in this specification is performed at the transmitting end.
  • the transmitting end transmits QBER estimation information generated based on a checking sequence for QBER (Quantum Bit Error Rate) estimation to determine whether or not there is eavesdropping on a quantum channel to the receiving end (S2510) ).
  • QBER Quality Bit Error Rate
  • the transmitting end performs the QBER estimation based on the receiving end and the QBER estimation information (S2520).
  • the transmitting end performs the authentication with the receiving end by reusing the checking sequence based on the result of the QBER estimation (S2530).
  • the authentication is performed based on (i) the reused checking sequence and (ii) a symmetric key previously shared between the transmitting end and the receiving end.
  • the transmitting end includes a transmitter for transmitting a wireless signal; A receiver for receiving wireless signals; at least one processor; and at least one computer memory operably connectable to the at least one processor and storing instructions that, when executed by the at least one processor, perform operations.
  • the operations include the steps described in FIG. 25 above.
  • FIG. 25 may be stored in a non-transitory computer readable medium (CRM) that stores one or more instructions.
  • CRM computer readable medium
  • the non-transitory computer-readable medium stores one or more instructions executable by one or more processors, and the one or more instructions cause the transmitter to perform the operation described in FIG. 25.
  • a device including one or more memories and one or more processors functionally connected to the one or more memories, wherein the one or more processors control the device to perform the operations described in FIG. 25 .
  • Figure 26 is a flowchart showing an example of how the user authentication method proposed in this specification is performed at the receiving end.
  • the receiving end receives QBER estimation information generated based on a checking sequence for QBER (Quantum Bit Error Rate) estimation to determine whether or not there is eavesdropping on a quantum channel from the transmitting end (S6510). .
  • QBER Quality Bit Error Rate
  • the receiving end performs the QBER estimation based on the transmitting end and the QBER estimation information (S2620).
  • the receiving end performs the authentication with the transmitting end by reusing the checking sequence based on the result of the QBER estimation (S2630).
  • the authentication is performed based on (i) the reused checking sequence and (ii) a symmetric key previously shared between the transmitting end and the receiving end.
  • the receiving end includes a transmitter for transmitting a wireless signal; A receiver for receiving wireless signals; at least one processor; and at least one computer memory operably connectable to the at least one processor and storing instructions that, when executed by the at least one processor, perform operations.
  • the operations include the steps described in FIG. 26 above.
  • FIG. 26 may be stored in a non-transitory computer readable medium (CRM) that stores one or more instructions.
  • CRM computer readable medium
  • the non-transitory computer-readable medium stores one or more instructions executable by one or more processors, and the one or more instructions cause the receiving end to perform the operation described in FIG. 26.
  • a device including one or more memories and one or more processors functionally connected to the one or more memories, the one or more processors control the device to perform the operations described in FIG. 26.
  • Embodiments according to the present specification may be implemented by various means, for example, hardware, firmware, software, or a combination thereof.
  • an embodiment of the present specification includes one or more application specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), and FPGAs ( It can be implemented by field programmable gate arrays, processors, controllers, microcontrollers, microprocessors, etc.
  • ASICs application specific integrated circuits
  • DSPs digital signal processors
  • DSPDs digital signal processing devices
  • PLDs programmable logic devices
  • FPGAs field programmable gate arrays, processors, controllers, microcontrollers, microprocessors, etc.
  • an embodiment of the present specification may be implemented in the form of a module, procedure, function, etc. that performs the functions or operations described above.
  • Software code can be stored in memory and run by a processor.
  • the memory is located inside or outside the processor and can exchange data with the processor through various known means.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention concerne un procédé pour effectuer une authentification d'utilisateur dans un système de communication quantique. De façon plus précise, le procédé comprend les étapes consistant : à transmettre, à une extrémité de réception, des informations d'estimation de taux d'erreur sur les bits quantiques (QBER pour Quantum Bit Error Rate) générées sur la base d'une séquence de vérification pour une estimation de taux QBER pour déterminer si une écoute illicite s'est produite sur un canal quantique ; à effectuer l'estimation de taux QBER avec l'extrémité de réception sur la base des informations d'estimation de taux QBER ; et, sur la base du résultat de l'estimation de taux QBER, à effectuer une authentification avec l'extrémité de réception par réutilisation de la séquence de vérification, l'authentification étant effectuée sur la base (i) de la séquence de vérification réutilisée et (ii) d'une clé symétrique prépartagée à l'extrémité de transmission et à l'extrémité de réception.
PCT/KR2022/011803 2022-08-08 2022-08-08 Procédé pour effectuer une authentification d'utilisateur dans un système de communication quantique, et dispositif associé WO2024034699A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/KR2022/011803 WO2024034699A1 (fr) 2022-08-08 2022-08-08 Procédé pour effectuer une authentification d'utilisateur dans un système de communication quantique, et dispositif associé

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/KR2022/011803 WO2024034699A1 (fr) 2022-08-08 2022-08-08 Procédé pour effectuer une authentification d'utilisateur dans un système de communication quantique, et dispositif associé

Publications (1)

Publication Number Publication Date
WO2024034699A1 true WO2024034699A1 (fr) 2024-02-15

Family

ID=89851743

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2022/011803 WO2024034699A1 (fr) 2022-08-08 2022-08-08 Procédé pour effectuer une authentification d'utilisateur dans un système de communication quantique, et dispositif associé

Country Status (1)

Country Link
WO (1) WO2024034699A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150222619A1 (en) * 2012-08-30 2015-08-06 Los Alamos National Security, Llc Multi-factor authentication using quantum communication
US20180109372A1 (en) * 2016-10-14 2018-04-19 Alibaba Group Holding Limited Method and system for quantum key distribution based on trusted computing
KR20190091838A (ko) * 2018-01-29 2019-08-07 한국전자통신연구원 양자암호통신 인증 장치 및 방법
KR20190093641A (ko) * 2016-12-20 2019-08-09 아이디 퀀티크 에스.에이. 양자 키 분배(qkd) 시스템에서 양자 채널을 통한 비밀 키 레이트 교환을 향상시키기 위한 장치 및 방법
WO2021213631A1 (fr) * 2020-04-21 2021-10-28 Dotquantum Holdings Ltd Procédé et système cryptographiques améliorés

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150222619A1 (en) * 2012-08-30 2015-08-06 Los Alamos National Security, Llc Multi-factor authentication using quantum communication
US20180109372A1 (en) * 2016-10-14 2018-04-19 Alibaba Group Holding Limited Method and system for quantum key distribution based on trusted computing
KR20190093641A (ko) * 2016-12-20 2019-08-09 아이디 퀀티크 에스.에이. 양자 키 분배(qkd) 시스템에서 양자 채널을 통한 비밀 키 레이트 교환을 향상시키기 위한 장치 및 방법
KR20190091838A (ko) * 2018-01-29 2019-08-07 한국전자통신연구원 양자암호통신 인증 장치 및 방법
WO2021213631A1 (fr) * 2020-04-21 2021-10-28 Dotquantum Holdings Ltd Procédé et système cryptographiques améliorés

Similar Documents

Publication Publication Date Title
WO2020060332A1 (fr) Procédé et appareil pour effectuer une prédiction de qos sur la base d'une assistance de réseau en nr v2x
WO2020060333A1 (fr) Procédé et appareil permettant d'effectuer une prédiction de qos sur la base d'une prédiction autonome d'ue dans nr v2x
WO2021112602A1 (fr) Procédé et appareil d'accès multiple
WO2023003054A1 (fr) Procédé de réalisation d'une communication directe à sécurité quantique dans un système de communication quantique, et appareil associé
WO2022080983A1 (fr) Embrouillage pour répétition pusch
WO2020060334A1 (fr) Procédé et appareil permettant de réaliser une prédiction de qos dans nr v2x
WO2022014751A1 (fr) Procédé et appareil de génération de mots uniques pour estimation de canal dans le domaine fréquentiel dans un système de communication sans fil
WO2022025321A1 (fr) Procédé et dispositif de randomisation de signal d'un appareil de communication
WO2024034699A1 (fr) Procédé pour effectuer une authentification d'utilisateur dans un système de communication quantique, et dispositif associé
WO2020060024A1 (fr) Procédé et dispositif de détermination de groupement de ressources pour communication en liaison latérale de v2x en nr
WO2024063185A1 (fr) Procédé de mise à jour d'une clé prépartagée dans une technique de communication directe quantique comprenant une authentification d'utilisateur, et dispositif associé
WO2022124606A1 (fr) Procédé et dispositif d'utilisation d'informations auxiliaires transmises depuis une direction avant d'une procédure de distribution de clé quantique bidirectionnelle dans un système de communication
WO2022092815A1 (fr) Procédé et dispositif de correction d'une distorsion de polarisation d'un miroir de rotateur de faraday pour la distribution de clé quantique dans un système de communication
WO2024071458A1 (fr) Procédé de mise en oeuvre d'authentification d'utilisateur par application d'une clé pré-partagée à une sélection de base dans un système de communication quantique et dispositif s'y rapportant
WO2023238972A1 (fr) Procédé de communication directe quantique unidirectionnelle et en une étape basée sur une paire de photons uniques, et dispositif associé
WO2022004921A1 (fr) Procédé et dispositif pour corriger une distorsion de polarisation dans un système de distribution de clés quantiques prêtes à l'emploi
WO2022045378A1 (fr) Procédé et dispositif d'estimation de taux d'erreur binaire quantique sur la base d'un groupe de bits maximum et d'une parité bidimensionnelle
WO2021117940A1 (fr) Procédé d'émission de signal de synchronisation dans un système de communication sans fil, et appareil associé
WO2023054778A1 (fr) Procédé permettant de rapporter des informations d'état de canal dans un système de communication sans fil, et appareil associé
WO2023068399A1 (fr) Procédé et dispositif de transmission et de réception d'informations d'état de canal dans un système de communication sans fil
WO2023095933A1 (fr) Procédé et appareil pour réaliser une communication directe sécurisée quantique à l'aide d'un état quantique à haute dimension basé sur des informations de polarisation et de phase dans un système de communication
WO2023013795A1 (fr) Procédé de réalisation d'un apprentissage fédéré dans un système de communication sans fil, et appareil associé
WO2023054777A1 (fr) Procédé de transmission de données sémantiques et dispositif associé dans un système de communication sans fil
WO2024063173A1 (fr) Procédé de transmission d'informations dans un système de communication quantique et dispositif associé
WO2023033203A1 (fr) Procédé de réalisation d'un apprentissage fédéré dans un système de communication sans fil, et appareil associé

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22955074

Country of ref document: EP

Kind code of ref document: A1