CN109660338A - Anti- quantum calculation digital signature method and anti-quantum calculation digital signature system based on pool of symmetric keys - Google Patents

Anti- quantum calculation digital signature method and anti-quantum calculation digital signature system based on pool of symmetric keys Download PDF

Info

Publication number
CN109660338A
CN109660338A CN201811376928.4A CN201811376928A CN109660338A CN 109660338 A CN109660338 A CN 109660338A CN 201811376928 A CN201811376928 A CN 201811376928A CN 109660338 A CN109660338 A CN 109660338A
Authority
CN
China
Prior art keywords
key
quantum
pool
signature
symmetric keys
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811376928.4A
Other languages
Chinese (zh)
Other versions
CN109660338B (en
Inventor
富尧
钟民
钟一民
余秋炜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruban Quantum Technology Co Ltd
Original Assignee
Ruban Quantum Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ruban Quantum Technology Co Ltd filed Critical Ruban Quantum Technology Co Ltd
Priority to CN201811376928.4A priority Critical patent/CN109660338B/en
Publication of CN109660338A publication Critical patent/CN109660338A/en
Application granted granted Critical
Publication of CN109660338B publication Critical patent/CN109660338B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to anti-quantum calculation digital signature methods and anti-quantum calculation digital signature system based on pool of symmetric keys, when signature, it include: to generate private key and corresponding public-key cryptography in the signer, encryption is carried out to the public-key cryptography using the pool of symmetric keys and obtains public key, and by the public key publication;It signs to using private key to message, the pool of symmetric keys is recycled to be encrypted to obtain private signature to obtained signature;The message, the private signature and encryption parameter relevant to private signature are sent to authentication;In the present invention, the quantum key card used is independent hardware isolated equipment.Other relevant parameters such as public key, private key and true random number are stored in quantum key card or are substantially reduced a possibility that generating, steal key by Malware or malicious operation, will not be obtained and be cracked by quantum computer.

Description

Anti- quantum calculation digital signature method and anti-quantum calculation number based on pool of symmetric keys Word signature system
Technical field
The present invention relates to public-key cryptosystems and symmetric key pool technology, and in particular to field is DSA&ECDSA number label Name technology.
Background technique
Digital signature (also known as sign electronically) safe practice important as one, in the integrality, privately owned of guarantee data Property and non repudiation in terms of play an important role.Meanwhile with the development of information technology and its business, finance, The departments such as law, government popularize, and the research of digital signature technology will be more and more important.
At present, digital signature technology oneself be applied to the fields such as business, finance, politics, military affairs, especially in Email (E-mial), electronic funds transfer (EFT), electronic data interchange (EDI), electronic cash (E-cash), software distribution data are deposited Application in storage and data integrity check and source identification, more makes people see the importance of digital signature.
Digital signature technology guarantees the integrality of data using hash function, the advantages of in combination with public and private key encryption and decryption, Guarantee the confidentiality and non repudiation of information.
The safety of symmetric key cryptosystem relies on following two factor.First, Encryption Algorithm must be it is sufficiently strong, Being based only on ciphertext itself and removing solution confidential information is impossible in practice;Second, the safety of encryption method is from key Secret, rather than the secret of algorithm.The problem of symmetric encryption system maximum be key distribution and management it is extremely complex, It is of a high price.Symmetric encipherment algorithm, which has another disadvantage that, is not easily accomplished digital signature.So in current mobile e-business Encryption Algorithm realization in field depends primarily on RSA arithmetic.
And the encryption key pair (public key) and decryption key (private key) that Public Key Cryptographic Systems uses are different.Due to adding Key spoon be it is disclosed, the distribution of key and management are just very simple, and Public Key Cryptographic Systems can also be easily carried out number Word signature.
Since public key cryptography system comes out, scholars propose many kinds of public key encryption methods, their safety is all It is based on complicated difficult math question.Classified according to the difficult math question being based on, there is following three classes system to be presently believed to be peace It is complete and effective: big integer factorization system (representative to have RSA), Discrete log systems (representative to have DSA) and ellipse Circle Discrete log systems (ECC).
Digital signature DSA (DSA-Digital Signature Algorithm) is that Schnorr and ElGamal signature is calculated The mutation of method, by National Bureau of Standards NIST be employed as digital signature standard (Digital Signature Standard, DSS).And elliptic curve digital signature algorithm (ECDSA) is using elliptic curve cipher (ECC) to Digital Signature Algorithm (DSA) Simulation.ECDSA became ansi standard in 1999, and became IEEE and NIST standard in 2000.It in 1998 already Received by ISO, and include it some other standard also the ISO the considerations of among.With common discrete logarithm problem (discrete logarithm problem DLP) and big number resolution problem (integer factorization problem IFP) different, elliptic curves discrete logarithm problem (elliptic curve discrete logarithm problem ECDLP) without the solution of subset index time.Therefore the per bit intensity of elliptic curve cipher is higher than other public key bodies System.
But with the development of quantum computer, classical public key cryptography system will be no longer safe, no matter encryption and decryption or close Key exchanges method, and private key can be calculated in quantum computer by public key, therefore is based on used in digital signature at present The endorsement method of unsymmetrical key will become cannot withstand a single blow in the quantum epoch.
Summary of the invention
The present invention provides a kind of anti-quantum calculation digital signature method that safety can be improved.
A kind of anti-quantum calculation digital signature method based on pool of symmetric keys is implemented in signer, and the signer is matched It is equipped with quantum key card, pool of symmetric keys corresponding with authentication is stored in quantum key card;The anti-quantum calculation number Endorsement method includes:
Private key and corresponding public-key cryptography are generated, encryption is carried out to the public-key cryptography using the pool of symmetric keys and is obtained Public key, and by the public key publication;
Signed using private key to message, recycle the pool of symmetric keys obtained signature is encrypted to obtain it is secret Close signature;
The message, the private signature and encryption parameter relevant to private signature are sent to authentication.
Several optional ways also provided below, but be not intended as the additional qualification to above-mentioned overall plan, only into The supplement of one step is preferred, and under the premise of no technology or logical contradiction, each optional way can be individually for above-mentioned totality side Case is combined, and be can also be and is combined between multiple optional ways.
Optionally, include: using the process that the pool of symmetric keys encrypts the public-key cryptography
True random number is generated using party B quantum key card;
Key seed pointer is obtained using the true random number combination key indicator algorithm;
Corresponding random number sequence is taken out from the pool of symmetric keys of party B quantum key card using the key seed pointer Column are used as key seed;
It is calculated using the key seed combination key schedule to key;
It is encrypted using public-key cryptography described in the key pair.
Optionally, further include in the public key between the true random number and the private key and public-key cryptography relationship ginseng Number.
Optionally, include: using the process that the pool of symmetric keys is encrypted to obtain private signature to obtained signature
True random number is generated using party B quantum key card, the true random number is as the encryption parameter;
Key seed pointer is obtained using the true random number combination key indicator algorithm;
Corresponding random number sequence is taken out from the pool of symmetric keys of party B quantum key card using the key seed pointer Column are used as key seed;
It is calculated using the key seed combination key schedule to key;
It is encrypted to obtain the private signature using signature described in the key pair.
The present invention also provides a kind of anti-quantum calculation digital signature system based on pool of symmetric keys, configuration in signer, The signer is configured with quantum key card, is stored with pool of symmetric keys corresponding with authentication in quantum key card;It is described anti- Quantum calculation digital signature system includes memory and processor, and the memory is stored with computer program, the processor Anti- quantum calculation digital signature method according to any one of claims 1 to 4 is realized when executing the computer program Step.
The present invention also provides a kind of anti-quantum calculation digital signature method based on pool of symmetric keys is implemented in authentication, The authentication is configured with quantum key card, is stored with pool of symmetric keys corresponding with signer in quantum key card;It is described anti- Quantum calculation digital signature method includes:
Receive message, private signature and encryption parameter relevant to private signature from signer;
Using the encryption parameter relevant to private signature, decrypted using the pool of symmetric keys of party B quantum key card To signature;
The public key that signer is announced is obtained, decrypts to obtain public-key cryptography using the pool of symmetric keys of party B quantum key card;
Signed using the obtained public-key cryptography of decryption to message, and with the label decrypted from the private signature Name compares certification.
Optionally, the message of the signer, private signature and encryption parameter relevant to private signature, use are above-mentioned Anti- quantum calculation digital signature method generates.
The present invention also provides a kind of anti-quantum calculation digital signature system based on pool of symmetric keys, configuration in authentication, The authentication is configured with quantum key card, is stored with pool of symmetric keys corresponding with signer in quantum key card;It is described anti- Quantum calculation digital signature system includes memory and processor, and the memory is stored with computer program, the processor The step of realizing the anti-quantum calculation digital signature method when executing the computer program.
The present invention also provides a kind of anti-quantum calculation digital signature system based on pool of symmetric keys, including belong to a group Signer and authentication, signer and authentication be each configured with quantum key card, be stored in quantum key card corresponding Pool of symmetric keys;
When signature, include: in the signer
Private key and corresponding public-key cryptography are generated, encryption is carried out to the public-key cryptography using the pool of symmetric keys and is obtained Public key, and by the public key publication;
Signed using private key to message, recycle the pool of symmetric keys obtained signature is encrypted to obtain it is secret Close signature;
The message, the private signature and encryption parameter relevant to private signature are sent to authentication;
When verifying, in the authentication:
Receive message, private signature and encryption parameter relevant to private signature from signer;
Using the encryption parameter relevant to private signature, decrypted using the pool of symmetric keys of party B quantum key card To signature;
The public key that signer is announced is obtained, decrypts to obtain public-key cryptography using the pool of symmetric keys of party B quantum key card;
Signed using the obtained public-key cryptography of decryption to message, and with the label decrypted from the private signature Name compares certification.
The present invention is based on the anti-quantum calculation digital signature systems of pool of symmetric keys can be considered configuration in the calculating of respective party Machine equipment specifically can be terminal, for example including processor, memory, network interface, the display screen connected by system bus And input unit.Wherein, the processor of the computer equipment is for providing calculating and control ability.The storage of the computer equipment Device includes non-volatile memory medium, built-in storage.The non-volatile memory medium is stored with operating system and computer program. The built-in storage provides environment for the operation of operating system and computer program in non-volatile memory medium.The computer is set Standby network interface is used to communicate with external terminal by network connection.To realize when the computer program is executed by processor Anti- quantum calculation digital signature method of the present invention.The display screen of the computer equipment can be liquid crystal display or electricity Sub- ink display screen, the input unit of the computer equipment can be the touch layer covered on display screen, be also possible to computer Key, trace ball or the Trackpad being arranged on device housings can also be external keyboard, Trackpad or mouse etc..
In the present invention, the quantum key card used is independent hardware isolated equipment.Public key, private key and true random number etc. its A possibility that his relevant parameter stores in quantum key card or generates, steal key by Malware or malicious operation is significantly It reduces, will not be obtained and be cracked by quantum computer.Since digital signature is encryption, cipher mode pair in transmission process Claim encryption, and disclosed crucial public key information is encrypted by pool of keys, only the member in relevant groups can just take by calculating Obtain public key.Therefore the digital signature in the present invention is not easy to be calculated private key, improves the safety of digital signature.
Detailed description of the invention
Fig. 1 is the flow chart of the generation signature of embodiment 1;
Fig. 2 is the flow chart of the verifying signature of embodiment 1;
Fig. 3 is the flow chart of the generation signature of embodiment 2;
Fig. 4 is the flow chart of the verifying signature of embodiment 2.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall within the protection scope of the present invention.
In order to better describe and illustrate embodiments herein, one or more attached drawing can refer to, but attached for describing The additional detail or example of figure are not construed as to present invention creation, current described embodiment or preferred side The limitation of the range of any one in formula.
It should be understood that although each step in each flow chart is successively shown according to the instruction of arrow, these Step is not that the inevitable sequence according to arrow instruction successively executes.Unless expressly stating otherwise herein, these steps are held There is no stringent sequences to limit for row, these steps can execute in other order.Moreover, at least part step can wrap Include multiple sub-steps perhaps these sub-steps of multiple stages or stage be not necessarily execute completion in synchronization, but It can execute at different times, the execution in these sub-steps or stage sequence, which is also not necessarily, successively to be carried out, but can be with It is executed in turn or alternately at least part of the sub-step or stage of other steps or other steps.
The present embodiment realizes that scene is any two user possessed in identical pool of symmetric keys group at one, claims respectively For signer and authentication.Pool of symmetric keys is made of the true random number of big data quantity, and data volume is 1GB or more, the amount of being stored in In sub-key card.Preferably, true random number is quantum random number.Quantum key card not only can store a large amount of data, also have There is the ability of processing information.All there is the algorithm of corresponding demand in the local system of signer and authentication.
It itself can also be referring to application No. is the Chinese patent literatures of " 201610843210.6 " with regard to quantum key card. When for mobile terminal, quantum key card is preferably quantum key SD card;When for fixed terminal, quantum key card is preferably measured Sub-key USBkey or host quantum key board.
With application No. is compared with the Chinese patent literature of " 201610843210.6 ", quantum key card has issued mechanism It is different.
This implementation quantum key card side of issuing is the supervisor side of quantum key card, the generally administrative department of group, such as The administrative department of certain enterprise or public institution;The quantum key card side of being awarded by the supervisor side of quantum key card manage at Member, the generally employees at different levels of certain enterprise or public institution.Supervisor side's application that user terminal arrives quantum key card first is opened an account.When User terminal register it is granted after, quantum key card will be obtained (there is unique quantum key card ID).Quantum key card Client enrollment register information is stored, identity authentication protocol is also built-in with, includes at least key schedule and verification function, Or other algorithms relevant to authentication.User side key in quantum key card is all downloaded from down the same quantum network service It stands, and for the supervisor side of the same quantum key card, the pool of keys stored in each quantum key card issued has been It is complete consistent.Preferably, the pool of keys size stored in quantum key card can be 1G, 2G, 4G, 8G, 16G, 32G, 64G, 128G, 256G, 512G, 1024G, 2048G, 4096G etc..Its capacity depends on requirement of the supervisor side to safety, and capacity is bigger Safety is higher.
The embedded chip and operating system of quantum key card can provide the functions such as secure storage and the cryptographic algorithm of key. Since it is with independent data-handling capacity and good safety, quantum key card becomes private key and the safety of pool of keys carries Body.Each quantum key card has the protection of hardware PIN code, and PIN code and hardware constitute user uses quantum key card two A necessary factor.I.e. so-called " double factor authentication ", user only have while obtaining the quantum key card for saving relevant authentication information It, just can be with login system with user's PIN code.Even if the PIN code of user is leaked, if the quantum key card held of user not by It steals, the identity of legitimate user would not be counterfeit;If the quantum key card of user is lost, the person of picking up is not due to knowing user PIN code also cannot counterfeit the identity of legitimate user.
Embodiment 1
Step 1: signer generates and announces public key
Parameter needed for 1.1 signers define: signer selects a Big prime p, and 2L-1≤p<2L, 512≤L < 1024, and L It is 64 multiple.Selecting prime number q, q is the prime factor of (p-1), and 2159<q<2160.Signer generates a random integers h, Parameter g=h is calculated(p-1)/q mod p。
1.2 signers calculate public-key cryptography and openly: signer generates a true random number a (being equivalent to private key), and 0 <a<p.Signer input true random number a, parameter g and parameter p carry out that public-key cryptography y=g is calculateda mod p。
Signer generates a true random number x, obtains key seed pointer kp1 by key indicator algorithm fkp.Signer Corresponding random number sequence X is taken out from the pool of symmetric keys of local system according to pointer kp1 as key seed.Signer Random number sequence X, which is calculated, using key schedule fk obtains key xk.Signer adds public-key cryptography y using key xk It is close to obtain Y.Public key { g, p, q, x, Y } is deposited in some credible open center catalogue by signer, any with may have access to per family.Its Middle g, p, q can be considered the Relation Parameters between private key and public-key cryptography.
Step 2: signer signs to message and sends message
2.1 signers sign to message: assuming that the message that signer is signed is m.Signer generate one with Machine number b, and 1 <b < p.Calculate r=(gbMod p) mod q, calculate s=[b-1(H (m)+ar)] mod q, wherein H (m) is to make With the hash code for the M that the hashing algorithms such as SHA-1 or SHA-2 generate.Signer is signed (r, s).
2.2 signer ciphering signatures: signer generates a true random number c, obtains key by key indicator algorithm fkp Seed pointer kp2.Signer takes out corresponding random number sequence C according to pointer kp2 from the pool of symmetric keys of local system As key seed.Signer calculates random number sequence C using key schedule fk and obtains key k.Signer utilizes key k Signature (r, s) is encrypted, { r, s } k is obtained.
2.3 signers send a message to authentication: signer disappears by private signature { r, s } k, true random number c and in plain text Encryption is sent to authentication after breath m combination.
Step 3: authentication decryption parsing message simultaneously verifies signature
3.1 authentications receive message and decrypt parsing: authentication receives the message from signer, it is decrypted Parsing obtains clear-text message m ', true random number c ' and private signature { r, s } k '.(encryption of step 2.3 and the decryption of this step Existing way can be used accordingly.)
Key is calculated in 3.2 authentications: authentication passes through corresponding key indicator using obtained random number c ' is split Algorithm fkp obtains key seed pointer kp2 '.Authentication takes out from the pool of symmetric keys of local system according to pointer kp2 ' Corresponding random number sequence C ' is used as key seed.Authentication is obtained close using key schedule fk calculating random number sequence C ' Key k '.Key k ' and { r, s } k ' are signed { r, s } ' by corresponding decipherment algorithm by authentication.
Authentication also obtains the public key { g, p, q, x, Y } of signer from credible open center catalogue.
3.3 authentications decrypt public-key cryptography: authentication is obtained according to true random number x by corresponding key indicator algorithm fkp To key seed pointer kp1 '.Authentication takes out from the pool of symmetric keys of local system corresponding random according to pointer kp1 ' Number Sequence X ' is used as key seed.Authentication calculates random number sequence X ' using key schedule fk and obtains key xk '.Verifying Fang Liyong key xk ' is decrypted parameter Y to obtain public-key cryptography y '.
3.4 authentications verify information signature: w=(s ') is obtained by calculation in authentication-1Mod q, u1=(H (m ') * w) V=((g is calculated in mod q, u2=(r ' * w) mod q, last authenticationu1*y’u2)mod p)mod q.If v=r ', The signature of the message be effectively signature, on the contrary it is then be invalid signature.
Embodiment 2
Step 1: signer generates and announces public key, and generates signature
Parameter calculate the signature side public key needed for 1.1 signers define: signer defines prime number p > 3 and selects two small In the nonnegative integer a and b of p.Construct elliptic curve E:y2=x3+ax+b.Meet 4a simultaneously3+27b2(mod p) ≠ 0, this is ellipse The rank n of circular curve is prime number, and n ≠ p, n ≠ pk-1,1≤k≤20.
Signer defines oval group Ep (a, b).Signer picks out a first point, i.e. basic point G (x, y).
Signer generates private key of the truly random integer c less than p as signer, utilizes the private key and basic point G Public-key cryptography A=cG is obtained by calculation.The process of this step is with the calculation for existing elliptic curve.
1.2 signers encryption public-key cryptography simultaneously announces public key: signer generates a true random number t, passes through key indicator Algorithm fkp obtains key seed pointer kp1.Signer takes out phase from the pool of symmetric keys of local system according to pointer kp1 The random number sequence T answered is as key seed.Signer calculates random number sequence T using key schedule fk and obtains key tk.Signer is encrypted to obtain Ak using key tk to public-key cryptography A.
Public key is { Ep (a, b), G, t, Ak, n }, and private key is truly random integer c.Wherein Ep (a, b), G, t, n can be considered private Relation Parameters between key and public-key cryptography.
Public key { Ep (a, b), G, t, Ak, n } is deposited in some credible open center catalogue by signer, and any use per family may be used Access.
1.3 signers generate signature: assuming that the message that signer is signed is m.Signer generates a true random number The size of d, random number d are between 1 and (n-1).Signer calculates point and obtains dG=(e, f) and subsequent r=e mod is calculated N, s=d-1{h(m)+cr}mod n.Function h is Secure Hash Algorithm (hashing algorithms such as SHA-1 or SHA-2).If s is equal to 0, Random number is then chosen again to be calculated.Signer is signed (r, s).
1.4 signer ciphering signatures: signer generates a true random number z, obtains key by key indicator algorithm fkp Seed pointer kp2.Signer takes out corresponding random number sequence Z according to pointer kp2 from the pool of symmetric keys of local system As key seed.Signer calculates random number sequence Z using key schedule fk and obtains key k.Signer utilizes key k Signature (r, s) is encrypted to obtain { r, s } k.
1.5 signers send a message to authentication: signer is by private signature { r, s } k, true random number z and clear-text message m Encryption is sent to authentication after combination.
Step 2: authentication decryption parsing message simultaneously verifies signature
3.1 authentications receive message and decrypt parsing: authentication receives the message from signer, it is decrypted Parsing obtains plaintext m ', true random number z ' and private signature { r, s } k '.
3.2 authentication decrypted signatures: authentication is calculated using obtained true random number z ' is split by corresponding key indicator Method fkp obtains key seed pointer kp2 '.Authentication takes out phase from the pool of symmetric keys of local system according to pointer kp2 ' The random number sequence Z ' answered is used as key seed.Authentication calculates random number sequence Z ' using key schedule fk and obtains key k'.Key k ' and { r, s } k ' are signed (r, s) ' by corresponding decipherment algorithm by authentication.
3.3 authentications obtain public key and decrypt: authentication obtains the public key { Ep of signer from credible open center catalogue (a,b),G,t,Ak,n}.Authentication obtains key seed pointer by corresponding key indicator algorithm fkp according to true random number t kp1'.Authentication takes out corresponding random number sequence T ' according to pointer kp1 ' as close from the pool of symmetric keys of local system Key seed.Authentication calculates random number sequence T ' using key schedule fk and obtains key tk '.Authentication utilizes key tk ' Parameter Ak is decrypted to obtain public-key cryptography A '.
3.4 authentications verify information signature: w=(s ') is obtained by calculation in authentication-1Mod n, authentication calculate u1= (h (m ') * w) mod n, u2=(r ' * w) mod n, last authentication are calculated u1G+u2A '=(e ', f '), v are calculated =e ' mod n.On the contrary if v=r ', the signature of the message is effective signature, then be invalid signature.
Each technical characteristic of embodiment described above can be combined arbitrarily, for simplicity of description, not to above-mentioned reality It applies all possible combination of each technical characteristic in example to be all described, as long as however, the combination of these technical characteristics is not deposited In contradiction, all should be considered as described in this specification.
The embodiments described above only express several embodiments of the present invention, and the description thereof is more specific and detailed, but simultaneously It cannot therefore be construed as limiting the scope of the patent.It should be pointed out that coming for those of ordinary skill in the art It says, without departing from the inventive concept of the premise, various modifications and improvements can be made, these belong to protection of the invention Range.Therefore, the scope of protection of the patent of the invention shall be subject to the appended claims.

Claims (9)

1. a kind of anti-quantum calculation digital signature method based on pool of symmetric keys is implemented in signer, which is characterized in that described Signer is configured with quantum key card, is stored with pool of symmetric keys corresponding with authentication in quantum key card;The anti-quantum Calculating digital signature method includes:
Private key and corresponding public-key cryptography are generated, encryption is carried out to the public-key cryptography using the pool of symmetric keys and obtains public affairs Key, and by the public key publication;
It is signed using private key to message, the pool of symmetric keys is recycled to be encrypted to obtain secret label to obtained signature Name;
The message, the private signature and encryption parameter relevant to private signature are sent to authentication.
2. the anti-quantum calculation digital signature method based on pool of symmetric keys as described in claim 1, which is characterized in that utilize The process that the pool of symmetric keys encrypts the public-key cryptography includes:
True random number is generated using party B quantum key card;
Key seed pointer is obtained using the true random number combination key indicator algorithm;
Corresponding random number sequence is taken out from the pool of symmetric keys of party B quantum key card using the key seed pointer to make For key seed;
It is calculated using the key seed combination key schedule to key;
It is encrypted using public-key cryptography described in the key pair.
3. the anti-quantum calculation digital signature method based on pool of symmetric keys as claimed in claim 2, which is characterized in that described It further include the Relation Parameters between the true random number and the private key and public-key cryptography in public key.
4. the anti-quantum calculation digital signature method based on pool of symmetric keys as described in claim 1, which is characterized in that utilize The process that the pool of symmetric keys is encrypted to obtain private signature to obtained signature includes:
True random number is generated using party B quantum key card, the true random number is as the encryption parameter;
Key seed pointer is obtained using the true random number combination key indicator algorithm;
Corresponding random number sequence is taken out from the pool of symmetric keys of party B quantum key card using the key seed pointer to make For key seed;
It is calculated using the key seed combination key schedule to key;
It is encrypted to obtain the private signature using signature described in the key pair.
5. a kind of anti-quantum calculation digital signature system based on pool of symmetric keys is configured in signer, which is characterized in that described Signer is configured with quantum key card, is stored with pool of symmetric keys corresponding with authentication in quantum key card;The anti-quantum Calculating digital signature system includes memory and processor, and the memory is stored with computer program, and the processor executes The step of anti-quantum calculation digital signature method according to any one of claims 1 to 4 is realized when the computer program.
6. a kind of anti-quantum calculation digital signature method based on pool of symmetric keys is implemented in authentication, which is characterized in that described Authentication is configured with quantum key card, is stored with pool of symmetric keys corresponding with signer in quantum key card;The anti-quantum Calculating digital signature method includes:
Receive message, private signature and encryption parameter relevant to private signature from signer;
Using the encryption parameter relevant to private signature, is decrypted and signed using the pool of symmetric keys of party B quantum key card Name;
The public key that signer is announced is obtained, decrypts to obtain public-key cryptography using the pool of symmetric keys of party B quantum key card;
Signed using the obtained public-key cryptography of decryption to message, and with the signature decrypted from the private signature into Row comparative certification.
7. the anti-quantum calculation digital signature method based on pool of symmetric keys as claimed in claim 6, which is characterized in that described Message, private signature and the encryption parameter relevant to private signature of signer, using any one of claims 1 to 4 institute The anti-quantum calculation digital signature method stated generates.
8. a kind of anti-quantum calculation digital signature system based on pool of symmetric keys is configured in authentication, which is characterized in that described Authentication is configured with quantum key card, is stored with pool of symmetric keys corresponding with signer in quantum key card;The anti-quantum Calculating digital signature system includes memory and processor, and the memory is stored with computer program, and the processor executes The step of anti-quantum calculation digital signature method as claimed in claims 6 or 7 is realized when the computer program.
9. a kind of anti-quantum calculation digital signature system based on pool of symmetric keys, signer and verifying including belonging to a group Side, which is characterized in that signer and authentication are each configured with quantum key card, are stored in quantum key card corresponding symmetrical Pool of keys;
When signature, include: in the signer
Private key and corresponding public-key cryptography are generated, encryption is carried out to the public-key cryptography using the pool of symmetric keys and obtains public affairs Key, and by the public key publication;
It is signed using private key to message, the pool of symmetric keys is recycled to be encrypted to obtain secret label to obtained signature Name;
The message, the private signature and encryption parameter relevant to private signature are sent to authentication;
When verifying, in the authentication:
Receive message, private signature and encryption parameter relevant to private signature from signer;
Using the encryption parameter relevant to private signature, is decrypted and signed using the pool of symmetric keys of party B quantum key card Name;
The public key that signer is announced is obtained, decrypts to obtain public-key cryptography using the pool of symmetric keys of party B quantum key card;
Signed using the obtained public-key cryptography of decryption to message, and with the signature decrypted from the private signature into Row comparative certification.
CN201811376928.4A 2018-11-19 2018-11-19 Anti-quantum computation digital signature method and system based on symmetric key pool Active CN109660338B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811376928.4A CN109660338B (en) 2018-11-19 2018-11-19 Anti-quantum computation digital signature method and system based on symmetric key pool

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811376928.4A CN109660338B (en) 2018-11-19 2018-11-19 Anti-quantum computation digital signature method and system based on symmetric key pool

Publications (2)

Publication Number Publication Date
CN109660338A true CN109660338A (en) 2019-04-19
CN109660338B CN109660338B (en) 2021-07-27

Family

ID=66111308

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811376928.4A Active CN109660338B (en) 2018-11-19 2018-11-19 Anti-quantum computation digital signature method and system based on symmetric key pool

Country Status (1)

Country Link
CN (1) CN109660338B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110138547A (en) * 2019-04-22 2019-08-16 如般量子科技有限公司 Based on unsymmetrical key pond to and sequence number quantum communications service station cryptographic key negotiation method and system
CN110176989A (en) * 2019-05-15 2019-08-27 如般量子科技有限公司 Quantum communications service station identity identifying method and system based on unsymmetrical key pond
CN110519040A (en) * 2019-07-16 2019-11-29 如般量子科技有限公司 The anti-quantum calculation digital signature method and system of identity-based
CN110557246A (en) * 2019-07-16 2019-12-10 如般量子科技有限公司 Anti-quantum-computation access control method and system based on disposable asymmetric key pair and movable identity recognition device
CN110601845A (en) * 2019-08-28 2019-12-20 如般量子科技有限公司 Anti-quantum computation RFID authentication method and system based on symmetric key pool and ECC
CN111314084A (en) * 2020-01-21 2020-06-19 南京如般量子科技有限公司 Anti-quantum computation RFID authentication method and system based on secret sharing and online offline signature
CN113411187B (en) * 2020-03-17 2023-12-15 阿里巴巴集团控股有限公司 Identity authentication method and system, storage medium and processor

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004102860A2 (en) * 2003-05-13 2004-11-25 Bsi2000, Inc. Cryptographically secure transactions with optical cards
US20110191442A1 (en) * 2010-01-29 2011-08-04 Michael Ovsiannikov Systems and methods of using ssl pools for wan acceleration
CN106452793A (en) * 2016-11-21 2017-02-22 航天信息股份有限公司 Method and system of electronic signature
CN106888084A (en) * 2017-01-04 2017-06-23 浙江神州量子网络科技有限公司 A kind of quantum fort machine system and its authentication method
CN107888381A (en) * 2017-11-09 2018-04-06 飞天诚信科技股份有限公司 A kind of implementation method of key importing, apparatus and system
CN108737114A (en) * 2018-06-19 2018-11-02 天津中兴云链技术有限公司 A kind of endorsement method and device of the block catenary system based on quantum key distribution

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004102860A2 (en) * 2003-05-13 2004-11-25 Bsi2000, Inc. Cryptographically secure transactions with optical cards
US20110191442A1 (en) * 2010-01-29 2011-08-04 Michael Ovsiannikov Systems and methods of using ssl pools for wan acceleration
CN106452793A (en) * 2016-11-21 2017-02-22 航天信息股份有限公司 Method and system of electronic signature
CN106888084A (en) * 2017-01-04 2017-06-23 浙江神州量子网络科技有限公司 A kind of quantum fort machine system and its authentication method
CN107888381A (en) * 2017-11-09 2018-04-06 飞天诚信科技股份有限公司 A kind of implementation method of key importing, apparatus and system
CN108737114A (en) * 2018-06-19 2018-11-02 天津中兴云链技术有限公司 A kind of endorsement method and device of the block catenary system based on quantum key distribution

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
DAVID MCGREW1: ""State management for hash-based signatures"", 《INTERNATIONAL CONFERENCE ON RESEARCH IN SECURITY STANDARDISATION》 *
富尧: ""量子通信若干理论研究"", 《中国博士学位论文全文数据库》 *

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110138547A (en) * 2019-04-22 2019-08-16 如般量子科技有限公司 Based on unsymmetrical key pond to and sequence number quantum communications service station cryptographic key negotiation method and system
CN110138547B (en) * 2019-04-22 2023-09-01 如般量子科技有限公司 Quantum communication service station key negotiation method and system based on asymmetric key pool pair and serial number
CN110176989A (en) * 2019-05-15 2019-08-27 如般量子科技有限公司 Quantum communications service station identity identifying method and system based on unsymmetrical key pond
CN110519040A (en) * 2019-07-16 2019-11-29 如般量子科技有限公司 The anti-quantum calculation digital signature method and system of identity-based
CN110557246A (en) * 2019-07-16 2019-12-10 如般量子科技有限公司 Anti-quantum-computation access control method and system based on disposable asymmetric key pair and movable identity recognition device
CN110519040B (en) * 2019-07-16 2023-04-18 如般量子科技有限公司 Anti-quantum computation digital signature method and system based on identity
CN110557246B (en) * 2019-07-16 2023-05-05 如般量子科技有限公司 Quantum-resistant computing access control method and system based on disposable asymmetric key pair and movable identity recognition device
CN110601845A (en) * 2019-08-28 2019-12-20 如般量子科技有限公司 Anti-quantum computation RFID authentication method and system based on symmetric key pool and ECC
CN110601845B (en) * 2019-08-28 2022-11-15 如般量子科技有限公司 Anti-quantum computation RFID authentication method and system based on symmetric key pool and ECC
CN111314084A (en) * 2020-01-21 2020-06-19 南京如般量子科技有限公司 Anti-quantum computation RFID authentication method and system based on secret sharing and online offline signature
CN111314084B (en) * 2020-01-21 2023-02-28 南京如般量子科技有限公司 Anti-quantum-computation RFID authentication method and system
CN113411187B (en) * 2020-03-17 2023-12-15 阿里巴巴集团控股有限公司 Identity authentication method and system, storage medium and processor

Also Published As

Publication number Publication date
CN109660338B (en) 2021-07-27

Similar Documents

Publication Publication Date Title
Menezes et al. Handbook of applied cryptography
CN109660338A (en) Anti- quantum calculation digital signature method and anti-quantum calculation digital signature system based on pool of symmetric keys
CN107483212B (en) Method for generating digital signature by cooperation of two parties
RU2376651C2 (en) Using isogenies to design cryptosystems
CN109728906B (en) Anti-quantum-computation asymmetric encryption method and system based on asymmetric key pool
CN109672537A (en) Anti- quantum certificate acquisition system and acquisition methods based on public key pond
CN109936456B (en) Anti-quantum computation digital signature method and system based on private key pool
US7000110B1 (en) One-way function generation method, one-way function value generation device, proving device, authentication method, and authentication device
CN109787758B (en) Anti-quantum computation MQV key agreement method and system based on private key pool and Elgamal
CN109921905B (en) Anti-quantum computation key negotiation method and system based on private key pool
CN109672530A (en) Anti- quantum calculation digital signature method and anti-quantum calculation digital signature system based on unsymmetrical key pond
CN109905229B (en) Anti-quantum computing Elgamal encryption and decryption method and system based on group asymmetric key pool
CN109918888A (en) Anti- quantum certificate authority method based on public key pond and issue system
CN107425971A (en) Terminal and its data method for encryption/decryption and device without certificate
CN109728905B (en) Anti-quantum computation MQV key negotiation method and system based on asymmetric key pool
CN109818752A (en) Credit scoring generation method, device, computer equipment and storage medium
WO2019121026A1 (en) Homomorphic encryption for password authentication
CN109495244A (en) Anti- quantum calculation cryptographic key negotiation method based on pool of symmetric keys
Alfred et al. Handbook of applied cryptography
CN109347923A (en) Anti- quantum calculation cloud storage method and system based on unsymmetrical key pond
CN110176989A (en) Quantum communications service station identity identifying method and system based on unsymmetrical key pond
CN110519040B (en) Anti-quantum computation digital signature method and system based on identity
CN109905236B (en) Anti-quantum computing Elgamal encryption and decryption method and system based on private key pool
CN110213056A (en) Anti- quantum calculation energy-saving communication method and system and computer equipment based on online static signature
CN109687978A (en) Anti- quantum calculation Proxy Digital Signature method and system based on private key pond and Elgamal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant