CN110365477A - Can collusion resistant quantum key agreement method, terminal and storage device - Google Patents

Can collusion resistant quantum key agreement method, terminal and storage device Download PDF

Info

Publication number
CN110365477A
CN110365477A CN201910600517.7A CN201910600517A CN110365477A CN 110365477 A CN110365477 A CN 110365477A CN 201910600517 A CN201910600517 A CN 201910600517A CN 110365477 A CN110365477 A CN 110365477A
Authority
CN
China
Prior art keywords
quantum
state
sequence
message sequence
interaction end
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910600517.7A
Other languages
Chinese (zh)
Other versions
CN110365477B (en
Inventor
孙志伟
成荣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Polytechnic
Original Assignee
Shenzhen Polytechnic
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Polytechnic filed Critical Shenzhen Polytechnic
Priority to CN201910600517.7A priority Critical patent/CN110365477B/en
Publication of CN110365477A publication Critical patent/CN110365477A/en
Application granted granted Critical
Publication of CN110365477B publication Critical patent/CN110365477B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Computer And Data Communications (AREA)
  • Optical Communication System (AREA)

Abstract

The present invention provides it is a kind of can collusion resistant quantum key agreement method, terminal and storage device, including third party's interaction end TP and N number of negotiation interaction end Pi, N number of message sequence { S is prepared by TP0,...,SN‑1, each message sequence SiComprising the orderly quantum bits of m, TP is by each SiCorrespondence is sent to corresponding Pi;N number of negotiation interaction end is by the secret information K of oneselfiMessage sequence S is encoded to according to coding ruleiIn, while PiM quantum is randomly generated and inveigles state, and by the message sequence after its radom insertion to coding, obtains new sequencePiIt sendsTo Pi+1;Then eavesdropping detection is carried out, sends S until completing N wheel circulation, then by TPiIn quantum base information where each quantum bit to Pi‑1, Pi‑1To message sequence S under corresponding baseiIt measures, and calculates final arranging key.This method can prevent internal conspirator from obtaining the key exclusive or information of other legal negotiation interaction ends in the key stage of stealing, and then control in the key overturning stage final shared key.

Description

Can collusion resistant quantum key agreement method, terminal and storage device
Technical field
The invention belongs to field of information security technology, more particularly to it is a kind of can collusion resistant quantum key agreement method.
Background technique
It is to realize key using quantum-mechanical theory that quantum key, which negotiates (Quantum Key Agreement, QKA), Negotiation tasks.Quantum key negotiates the emerging research field as quantum cryptography, solves group in network and knits movable key Sharing problem.
Under different security definitions, QKA can be divided into two classes.One is the QKA agreement under weak security definitions, two sides Or passes through overt channel in many ways and negotiate a key.Under the weak security definitions, QKA agreement is exactly the quantum known to us Code key distributes (Quantum Key Distribution, QKD) agreement.Under strong security definitions, QKA does not require nothing more than all User participates in key generation process by overt channel and it is necessary to (solve fairness demand) in a manner of fair, equity and come Generate shared key.In QKD, since a side can fully control final key, it is not a justice, right Deng key agreement protocol.Internaling attack for external attacker and dishonest participant can not be resisted.
Therefore, there are also to be developed for the prior art.
Summary of the invention
Technical problem to be solved by the present invention lies in provide it is a kind of can collusion resistant quantum key agreement method, it is intended to Solve existing distribution of quantum key agreement can not resist external attacker and dishonest participant internal attack ask Topic.
In order to solve the above technical problems, the present invention is implemented as follows:
It is a kind of can collusion resistant quantum key agreement method, including third party's interaction end and N number of negotiation interaction end Pi, 0≤ I≤N-1, each secret information for negotiating interaction end is respectively K0,K1,...,kN-1∈{0,1}m, m is quantum bit number, Pi In cipher key agreement process, under be designated as modN operation, machinery of consultation includes the following:
Step S1, third party's interaction end prepares N number of quantum sequence { S0,...,SN-1, referred to as message sequence, each message Sequence SiComprising the orderly quantum bits of m, third party's interaction end is by each SiCorrespondence is sent to corresponding Pi
Step S2, the first round recycles: PiBy the secret information K of oneselfiMessage sequence S is encoded to according to coding ruleiIn, P simultaneouslyiM quantum is randomly generated and inveigles state, and by the message sequence after its radom insertion to coding, obtains new sequencePiIt sendsTo Pi+1
Step S3, eavesdropping detection: Pi+1With PiAccording toAnd the initial quantum state information for inveigling state carries out channel peace Full inspection is surveyed, if being judged as, safety thens follow the steps S4, otherwise return step S1;
Step S4, the second wheel circulation: Pi+1By what is receivedState is inveigled in removal, is obtained through PiMessage sequence after coding, Pi+1According to the coding rule by the secret information K of oneselfi+1It is encoded to through PiIn message sequence after coding, and with mechanism Standby m quantum inveigles state, is then inserted into through Pi+1In message sequence after coding, new message sequence is obtained Pi+1It sendsTo Pi+2
Step S5, eavesdropping detection: Pi+2With Pi+1According toAnd Pi+1The initial quantum state information of the trick state of preparation Channel safety detection is carried out, next circulation with step S4 is executed if being judged as safety, it is no until completing N wheel circulation Then return step S1;
Step S6, third party's interaction end sends each message sequence SiIn quantum base information where each quantum bit To Pi-1, each negotiates interaction end Pi-1According to the quantum base information to message sequence SiIt measures, obtains message sequenceAccordingly, Pi-1Calculating final arranging key isPi0 all≤i≤N-1 is traversed, the final association is calculated Quotient's key.
Further, between the step S1 and the step S2 further include: to PiBetween third party's interaction end Channel carries out safety detection.
Further, described to PiThe method that channel between third party's interaction end carries out safety detection includes:
Third party's interaction end prepares N number of trick state sequence, { C0,...,CN-1, each trick state sequence CiSeparately include m A orderly quantum bit, third party's interaction end will inveigle state sequence CiIt is inserted randomly into message sequence SiIn, it obtains new Sequence Si', and by Si' it is sent to Pi, then to PiOpen Si' C in sequenceiPosition and the quantum base where it, PiTo Si' C in sequenceiQuantum state measures under corresponding quantum base, then discloses the survey of half at random to third party's interaction end Amount as a result, third party's interaction end to PiThe other half C is disclosediInitial quantum state information, PiWith third party's interaction end according to measurement As a result and initial quantum state information carries out safety detection to channel.
Further, state sequence C is inveiglediIn, each quantum bit it is random from |+y >, |-y >, |+>, | -> choose; Wherein |+y >, |-y >, |+>, | -> indicate different quantum states,
Further, in the step S2, the coding rule are as follows:
Work as KiJth ∈ { 1 ..., m } position bit be 0, then to message sequence SiJth position quantum state execute the tenth of the twelve Earthly Branches operate I =| 0><0 |+| 1><1 |;Work as KiJth ∈ { 1 ..., m } position bit be 1, then to message sequence SiJth position quantum state hold The row tenth of the twelve Earthly Branches operates U=| 0><1 |-| 1><0 |.
Further, the step S3 includes: PiTo Pi+1It is open eachThe position and its place of state are inveigled in sequence Quantum base, Pi+1It is rightTrick state in sequence measures under corresponding quantum base, and discloses the measurement of half at random As a result P is giveni, then PiDisclosing the other half inveigles the initial quantum state information of state to Pi+1, PiWith Pi+1According to measurement result and just Beginning quantum state information carries out safety detection to channel.
Further, message sequence SiIn, each quantum bit from | 0 >, | 1 >, |+>, | -> in choose, wherein | 0 >, | 1 >, |+>, | -> indicate different quantum states, | 0 >, | 1 > mutually orthogonal,
A kind of terminal carries out multi-party quantum key negotiation, the terminal for N number of negotiation interaction end It include: processor, the memory that is connect with processor communication, the memory is stored with computer program, the processor tune With when the computer program realize as described above can collusion resistant quantum key agreement method.
A kind of storage device carries out multi-party quantum key negotiation, the storage device storage for N number of negotiation interaction end Have a computer program, the computer program be performed realize as described above can collusion resistant quantum key agreement method.
Compared with prior art, the present invention beneficial effect is: in multi-party quantum key agreement method of the invention, just Beginning quantum state is prepared by third party's interaction end (Third Party, TP).The effect of TP is exactly to prepare initial quantum state, traffic volume Sub- state finally announces the information of initial quantum state to user, in agreement, can prevent internal conspirator from obtaining in the key stage of stealing The key exclusive or information of other legal negotiation interaction ends is taken, and then final shared key is controlled in the key overturning stage System.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to embodiments, to this hair It is bright to be further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, not For limiting the present invention.
Multi-user is in cipher key agreement process in the present invention, it is assumed that and classical channel has been certified with quantum channel, and There is no the loss of noise and information.N participants pass through N number of negotiation interaction end P respectivelyi(0≤i≤N-1) carries out key association Quotient.Half honest third party (Third Party, TP) helps N by third party's interaction end, the loyal process according to agreement Position participant completes protocol procedures.So-called half honest third party refers to that allowing third party TP to calculate by calculated result participates in The secret information of person, but third party TP and any key agreement participant is not allowed to conspire.Assuming that each negotiation interaction end Secret information is respectively K0,K1,...,kN-1∈{0,1}m, m is quantum bit number, and N participant's joint consultations obtain Final key:Participant PiIn cipher key agreement process, under be designated as modN operation, i.e. N ginseng It is P in sequence in cipher key agreement process with sidei→Pi+1→…→PN-1→PN-2→…→Pi-1→PiSuccessively hold consultation.
Machinery of consultation includes the following:
Step S1, third party's interaction end prepares N number of quantum sequence { S0,...,SN-1, referred to as message sequence, each message Sequence SiComprising the orderly quantum bits of m, third party's interaction end is by each SiCorrespondence is sent to corresponding Pi
Specifically, message sequence SiIn, each quantum bit can from | 0 >, | 1 >, |+>, | -> in choose, wherein | 0 >, | 1 >, |+>, | -> indicate different quantum states, | 0 >, | 1 > mutually orthogonal,
Initial quantum state, that is, message sequence, is prepared by TP, and by each message sequence SiCorrespondence is sent to corresponding Pi.By Be divided into two processes in the attack of internal attacker: key steals stage and key overturning stage.It is stolen the stage in key, it is interior The key exclusive or information of other available legitimate users of portion conspirator.Then they can overturn the stage to final in key Shared key controlled so that final shared code key is not by the common fair generation of all participants.Why altogether Scheme person can obtain the exclusive or information of legitimate user's key, be conspirator generate initial quantum state, i.e., above-mentioned message sequence, And conspirator shares all information of the initial quantum state.There is the information of initial state, the user in two specific positions The key exclusive or information for obtaining intermediate legitimate user can smoothly be measured.In order to prevent the generation of the collusion, initial quantum state It is prepared by the TP by possessing the sub- preparative capacibility of higher amount.The effect of TP is exactly to prepare initial quantum state, quantum state to user, The information of initial quantum state is finally announced in agreement.Preparing initial quantum state by TP can prevent internal conspirator in key The stage of stealing obtains the key exclusive or information of other legal negotiation interaction ends, and then shares in the key overturning stage to final Key is controlled.
It optionally, can be to PiChannel between third party's interaction end TP carries out safety detection, close to further increase The safety that key is negotiated.A kind of P provided by the inventioniChannel safety detection between third party's interaction end TP is implemented for example Under: N number of quantum sequence { C can be prepared by TP0,...,CN-1, referred to as inveigle state sequence, each trick state sequence CiRespectively Comprising the orderly quantum bits of m, specifically, each quantum bit can be random from |+y >, |-y >, |+>, | -> in choosing It takes;Wherein |+y >, |-y >, |+>, |-> indicates different quantum states,TP will inveigle state sequence CiIt is inserted randomly into message Sequence SiIn, obtain new sequence Si', and by Si' it is sent to Pi.P is worked as all i=0,1 ..., N-1iIt receives Si', it can be sent to TP and receive Si' receipt.After TP receives the acknowledgement information of all N users, TP is to PiIt is disclosed in every A Si' C in sequenceiPosition and the quantum base information where it.Pass through the public information of TP, PiTo Si' C in sequenceiAmount Sub- state measures under corresponding quantum base, and records measurement result.Then PiThe measurement result of random open half is given TP;Correspondingly, TP discloses the other half CiInitial quantum state information to Pi。PiSafety detection is carried out to channel with TP, is calculated Error rate.If error rate is more than preset threshold value, PiThere is eavesdropping with TP acknowledgement channel, and terminate and this time communicate, returns Most starts, and re-executes;When all N number of quantum channels are all safe, then agreement enters in next step.
Step S2, the first round recycles: PiBy the secret information K of oneselfiMessage sequence S is encoded to according to coding ruleiIn, P simultaneouslyiM quantum is randomly generated and inveigles state, and by the message sequence after its radom insertion to coding, obtains new sequencePiIt sendsTo Pi+1
Specifically, for all i=0,1 ..., N-1, PiReceive the message sequence S of TP transmissioniAfterwards, by the secret of oneself Confidential information KiIt is encoded to message sequence Si.Coding rule can be operated by the tenth of the twelve Earthly Branches to be encoded.For example, working as KiJth ∈ { 1 ..., m } position bit is 0, then to message sequence SiJth position quantum state execute the tenth of the twelve Earthly Branches and operate I=| 0><0 |+| 1><1 |; Work as KiJth ∈ { 1 ..., m } position bit be 1, then to message sequence SiJth position quantum state execute the tenth of the twelve Earthly Branches operate U=| 0><1 |-|1><0|.Then, according to step S1, PiM quantum is randomly generated and inveigles state, random inserts it into disappearing after encoding Sequence is ceased, the new sequence labelling of generation isPiIt sendsTo Pi+1
Step S3, eavesdropping detection: Pi+1With PiAccording toAnd the initial quantum state information for inveigling state carries out channel peace Full inspection is surveyed, if being judged as, safety thens follow the steps S4, otherwise return step S1.
The present invention provides the channel safety detection method between two interaction ends is as follows: PiTo Pi+1It is open each The position of state and its quantum base information at place, P are inveigled in sequencei+1It is rightTrick state in sequence is in corresponding quantum base Under measure, and the measurement result of half is disclosed at random to Pi, then PiThe other half initial quantum state letter for inveigling state is disclosed It ceases to Pi+1, PiWith Pi+1Safety detection is carried out to channel.
Above-mentioned detection specifically the step of be: for all i=0,1 ..., N-1, when determining Pi+1It receives Afterwards, PiAnd Pi+1Start to detect the eavesdropping in quantum channel, PiIt is disclosed in eachPosition and its institute of state are inveigled in sequence Quantum base information.Pass through PiPublic information, Pi+1It is rightTrick state in sequence is surveyed under corresponding quantum base Amount, and record measurement result.Then the measurement result of random open half is to Pi;Correspondingly, PiIt discloses the other half and inveigles state Initial quantum state information to Pi+1。PiWith Pi+1Safety detection is carried out to channel, that is, compare measurement result and inveigles the initial of state Quantum state information, calculates error rate.If error rate is more than preset threshold value, PiWith Pi+1Acknowledgement channel has eavesdropping, And it terminates and this time communicates, and return step S1, agreement re-execute;When the whole safety of all N number of quantum channels, then execute In next step.
Step S4, the second wheel circulation: Pi+1By what is receivedState is inveigled in removal, is obtained through PiMessage sequence after coding, Pi+1According to the coding rule by the secret information K of oneselfi+1It is encoded to through PiIn message sequence after coding, and with mechanism Standby m quantum inveigles state, is then inserted into through Pi+1In message sequence after coding, new message sequence is obtained Pi+1It sendsTo Pi+2
Step S5, eavesdropping detection: Pi+2With Pi+1According toAnd Pi+1The initial quantum state information of the trick state of preparation Channel safety detection is carried out, next circulation with step S4 is executed if being judged as safety, it is no until completing N wheel circulation Then return step S1;
For step S4 with step S2, step S5 respectively corresponds different round quantum key negotiation loops and not with step S3 It eavesdrops and detects with round, the present invention repeats no more.
Step S6, third party's interaction end sends each message sequence SiIn quantum base information where each quantum bit To Pi-1, each negotiates interaction end Pi-1To message sequence S under corresponding baseiIt measures, obtains disappearing for a string of m bits Cease sequenceAccordingly, Pi-1Calculating final arranging key isPi0 all≤i≤N-1 is traversed, the final association is calculated Quotient's key.
After having executed last wheel information coding and eavesdropping detection, Pi-1Receive Pi-2The message sequence sentMessage sequence S after obtaining the coding of safety after eavesdropping detectioni, Pi-1TP, confirmation circulation knot can be sent messages to Beam.TP sends each message sequence S at this timeiIn quantum base information where each quantum bit give corresponding Pi-1, each Negotiate interaction end Pi-1To message sequence S under corresponding baseiIt measures, obtains the message sequence of a string of m bitsThen, Pi-1Calculating final arranging key isN number of users all at this time can be calculated identical using same method Arranging key K.
The all or part of technical solution of the present invention the part that contributes to existing technology or the technical solution can To be expressed in the form of software products, which is stored in a storage medium, including some instructions With so that terminal (can be personal computer, server or the network equipment an etc.) execution present invention is each The all or part of the steps of embodiment the method.And storage device above-mentioned includes: USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic or disk Etc. the various media that can store program code.
The safety of agreement
Safety analysis for this agreement, the attack of Main Analysis two ways.One is external attacks: outside is attacked The person of hitting attempts to obtain the secret information and final arranging key of user;One is internal attack: participant attempts to control final Key generate.TP is a special internal attacker, he possesses attacking ability more stronger than other users.Attack analysis Process is as follows:
(1) external attack
In this agreement, in order to detect external attack, between any two subscriber channel, state is inveigled to examine using m quantum Survey attack.Inveigling state technology is one of main detection Eavesdropping of quantum cryptography, and this method is most mentioned early in BB84 agreement Out, and the Security Proof of this method has been proved to.The eavesdropping behavior of any pair of quantum channel, will all be detected.Benefit With the eavesdropping detection technique, present existing various attack means such as intercept Replay Attack, measurement Replay Attack, tangle measurement Attack etc., will be all invalid.
(2) it internals attack
Internal participant possesses more resources than external attacker, can be obtained by lying in protocol procedures Economic interests.Therefore, all QKA agreements must can resist the attack of internal attacker.The attack of internal attacker can be with Be divided into two processes: key steals stage and key overturning stage.Stolen the stage in key, internal conspirator it is available its The key exclusive or information of his legitimate user.Then they can control final shared key in the key overturning stage, So that final shared code key is not by the common fair generation of all participants.Why conspirator can obtain legal use The exclusive or information of family key is that conspirator generates initial quantum state, and conspirator shares all letters of the initial quantum state Breath.There is the information of initial state, the user in two specific positions, which can smoothly measure, obtains the close of intermediate legitimate user Key exclusive or information.In order to prevent the generation of the collusion, initial quantum state is prepared by the TP for possessing the sub- preparative capacibility of higher amount.TP Effect be exactly to prepare initial quantum state, quantum state finally announces the information of initial quantum state to user, in agreement.Association In view, it is assumed that TP is half honest user, i.e. TP is honest as required to execute agreement, is not conspired with any user, but he can lead to It crosses protocol procedures and obtains certain advantageous information.
Consider under worst case, only one honest user Pt, t ∈ { 0 ..., N-1 }, other N-1 user's collusion. In the case, if collusion attack success, N-1 user needs to obtain P before agreement terminatestKey Kt, specifically describe For TP quantum sequence St+1Give user Pt+1, then other N-2 user successively carry out eavesdropping detection operation and without Any information coding operation.Work as Pt-1Receive user Pt-2The quantum sequence S sentt+1, he willIt is encoded to sequence St+1, and it is sent to P safelyt.By protocol procedures, can calculate, PtThe shared key of acquisition is K'.Wherein K' is N-1 total Seek the key of user's control.
However, the P in protocol procedurestKey KtIt is not revealed to anyone.Main reason is that TP prepares primary quantity Sub- state, and he will not conspire with any participant, and conspirator goes for PtKey Kt, unique method is exactly to pass through survey Measure quantum channel.However utilize and inveigle quantum state detection technique, any measurement eavesdropping behavior can all be detected by legitimate user It arrives.Therefore the attack is infeasible, and agreement can resist safely internal attacker.
(3) TP is attacked: TP attempts to obtain the shared key of participant
Since under the semi-honesty model, TP will not be conspired with any participant.Therefore, TP can regard an ability as more Strong external attacker.Analysis is made to external attack in front, it is known that the attack of any external attacker It will all be detected.Therefore the attack of TP will be also found by great probability.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all in essence of the invention Made any modifications, equivalent replacements, and improvements etc., should all be included in the protection scope of the present invention within mind and principle.

Claims (9)

1. one kind can collusion resistant quantum key agreement method, which is characterized in that interacted including third party's interaction end and N number of negotiation Hold Pi, 0≤i≤N-1, each secret information for negotiating interaction end is respectively K0,K1,...,kN-1∈{0,1}m, m is quantum bit Number, PiIn cipher key agreement process, under be designated as modN operation, machinery of consultation includes the following: step S1, third party's interaction end system Standby N number of quantum sequence { S0,...,SN-1, referred to as message sequence, each message sequence SiComprising the orderly quantum bits of m, the Tripartite's interaction end is by each SiCorrespondence is sent to corresponding Pi
Step S2, the first round recycles: PiBy the secret information K of oneselfiMessage sequence S is encoded to according to coding ruleiIn, while Pi M quantum is randomly generated and inveigles state, and by the message sequence after its radom insertion to coding, obtains new sequencePiHair It sendTo Pi+1
Step S3, eavesdropping detection: Pi+1With PiAccording toAnd the initial quantum state information for inveigling state carries out channel safety inspection It surveys, if being judged as, safety thens follow the steps S4, otherwise return step S1;
Step S4, the second wheel circulation: Pi+1By what is receivedState is inveigled in removal, is obtained through PiMessage sequence after coding, Pi+1Root According to the coding rule by the secret information K of oneselfi+1It is encoded to through PiIn message sequence after coding, and m amount is prepared at random Son inveigles state, is then inserted into through Pi+1In message sequence after coding, new message sequence is obtainedPi+1It sendsTo Pi+2
Step S5, eavesdropping detection: Pi+2With Pi+1According toAnd Pi+1The initial quantum state information of the trick state of preparation carries out Channel safety detection executes next circulation with step S4 if being judged as safety, until completing N wheel circulation, otherwise returns Return step S1;
Step S6, third party's interaction end sends each message sequence SiIn quantum base information where each quantum bit to Pi-1, Each negotiates interaction end Pi-1According to the quantum base information to message sequence SiIt measures, obtains message sequenceAccordingly, Pi-1Calculating final arranging key isPi0 all≤i≤N-1 is traversed, the final negotiation is calculated Key.
2. as described in claim 1 can collusion resistant quantum key agreement method, which is characterized in that in the step S1 and institute It states between step S2 further include: to PiChannel between third party's interaction end carries out safety detection.
3. as claimed in claim 2 can collusion resistant quantum key agreement method, which is characterized in that it is described to PiWith third party The method that channel between interaction end carries out safety detection includes:
Third party's interaction end prepares N number of trick state sequence, { C0,...,CN-1, each trick state sequence CiSeparately include m orderly Quantum bit, third party's interaction end will inveigle state sequence CiIt is inserted randomly into message sequence SiIn, obtain new sequence Si', And by Si' it is sent to Pi, then to PiOpen Si' C in sequenceiPosition and the quantum base where it, PiTo Si' in sequence CiQuantum state measures under corresponding quantum base, then discloses the measurement result of half at random to third party's interaction end, the Tripartite's interaction end is to PiThe other half C is disclosediInitial quantum state information, PiWith third party's interaction end according to measurement result and initially Quantum state information carries out safety detection to channel.
4. as claimed in claim 3 can collusion resistant quantum key agreement method, which is characterized in that inveigle state sequence CiIn, often A quantum bit it is random from |+y >, |-y >, |+>, | -> choose;Wherein |+y >, |-y >, |+>, | -> indicate different quantum State,
5. as described in claim 1 can collusion resistant quantum key agreement method, which is characterized in that in the step S2, The coding rule are as follows:
Work as KiJth ∈ { 1 ..., m } position bit be 0, then to message sequence SiJth position quantum state execute the tenth of the twelve Earthly Branches operate I=| 0>< 0|+|1><1|;Work as KiJth ∈ { 1 ..., m } position bit be 1, then to message sequence SiJth position quantum state execute the tenth of the twelve Earthly Branches behaviour Make U=| 0><1 |-| 1><0 |.
6. as described in claim 1 can collusion resistant quantum key agreement method, which is characterized in that the step S3 includes: Pi To Pi+1It is open eachThe position of state and its quantum base at place, P are inveigled in sequencei+1It is rightTrick state in sequence is in phase It is measured under the quantum base answered, and discloses the measurement result of half at random to Pi, then PiIt discloses the other half and inveigles the initial of state Quantum state information is to Pi+1, PiWith Pi+1Safety detection is carried out to channel according to measurement result and initial quantum state information.
7. as described in claim 1-6 is any can collusion resistant quantum key agreement method, which is characterized in that message sequence Si In, each quantum bit from | 0 >, | 1 >, |+>, | -> in choose, wherein | 0 >, | 1 >, |+>, | -> indicate different quantum state, | 0 >, | 1 > mutually orthogonal,
8. a kind of terminal, which is characterized in that carry out multi-party quantum key negotiation, the meter for N number of negotiation interaction end The memory that calculation machine terminal includes: processor, is connect with processor communication, the memory is stored with computer program, described Realized when processor calls the computer program as claim 1-7 it is described in any item can the quantum key of collusion resistant negotiate Method.
9. a kind of storage device, which is characterized in that carry out multi-party quantum key negotiation, the storage for N number of negotiation interaction end Device is stored with computer program, and the computer program is performed realization and resists as claim 1-7 is described in any item The quantum key agreement method of collusion.
CN201910600517.7A 2019-07-04 2019-07-04 Collusion-resistant quantum key negotiation method, computer terminal and storage device Active CN110365477B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910600517.7A CN110365477B (en) 2019-07-04 2019-07-04 Collusion-resistant quantum key negotiation method, computer terminal and storage device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910600517.7A CN110365477B (en) 2019-07-04 2019-07-04 Collusion-resistant quantum key negotiation method, computer terminal and storage device

Publications (2)

Publication Number Publication Date
CN110365477A true CN110365477A (en) 2019-10-22
CN110365477B CN110365477B (en) 2022-11-15

Family

ID=68218020

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910600517.7A Active CN110365477B (en) 2019-07-04 2019-07-04 Collusion-resistant quantum key negotiation method, computer terminal and storage device

Country Status (1)

Country Link
CN (1) CN110365477B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112600666A (en) * 2020-11-18 2021-04-02 中山大学 Quantum secure communication method and device, computer equipment and storage medium
CN114389800A (en) * 2020-10-06 2022-04-22 特拉量子股份公司 Method, apparatus, computer program and data carrier for determining a shared secret cryptographic key

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105846999A (en) * 2016-06-14 2016-08-10 泰山学院 Multi-side quantum secret key negotiation method based on unidirectional transmission loop
CN106712936A (en) * 2016-12-20 2017-05-24 中国电子科技集团公司第三十研究所 Ring structure based multi-party quantum key agreement protocol
CN108809644A (en) * 2018-07-17 2018-11-13 苏州大学 The multi-party quantum key agreement method of unordered high power capacity based on high level bell states

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105846999A (en) * 2016-06-14 2016-08-10 泰山学院 Multi-side quantum secret key negotiation method based on unidirectional transmission loop
CN106712936A (en) * 2016-12-20 2017-05-24 中国电子科技集团公司第三十研究所 Ring structure based multi-party quantum key agreement protocol
CN108809644A (en) * 2018-07-17 2018-11-13 苏州大学 The multi-party quantum key agreement method of unordered high power capacity based on high level bell states

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
于浩等: "基于诱骗态的BB84协议量子秘密共享方案", 《量子电子学报》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114389800A (en) * 2020-10-06 2022-04-22 特拉量子股份公司 Method, apparatus, computer program and data carrier for determining a shared secret cryptographic key
CN112600666A (en) * 2020-11-18 2021-04-02 中山大学 Quantum secure communication method and device, computer equipment and storage medium

Also Published As

Publication number Publication date
CN110365477B (en) 2022-11-15

Similar Documents

Publication Publication Date Title
Zeng et al. E-AUA: An efficient anonymous user authentication protocol for mobile IoT
Zhou et al. Provable secure authentication protocol with anonymity for roaming service in global mobility networks
Castelluccia et al. Efficient and provably secure aggregation of encrypted data in wireless sensor networks
CN108809644B (en) Disorder high-capacity multiparty quantum key negotiation method based on high-energy level bell state
Guo et al. Fog-centric authenticated key agreement scheme without trusted parties
WO2021000329A1 (en) Multi-party quantum key agreement method, computer terminal and storage device
CN107248909A (en) It is a kind of based on SM2 algorithms without Credential-Security endorsement method
CN107493168B (en) Quanta identity authentication method and its application method during quantum key distribution
CN109379176B (en) Password leakage resistant authentication and key agreement method
Boureanu et al. On the pseudorandom function assumption in (secure) distance-bounding protocols: PRF-ness alone does not stop the frauds!
CN109995528A (en) Bidirectional identity authentication and half quantum safety direct communication method for resisting channel noise
Li et al. Improved eavesdropping detection strategy based on four-particle cluster state in quantum direct communication protocol
CN110365477A (en) Can collusion resistant quantum key agreement method, terminal and storage device
Xu et al. Three-factor anonymous authentication and key agreement based on fuzzy biological extraction for Industrial Internet of Things
Billet et al. Lightweight privacy preserving authentication for RFID using a stream cipher
Wang et al. Efficient and provably secure generic construction of three-party password-based authenticated key exchange protocols
Indushree et al. Mobile-Chain: Secure blockchain based decentralized authentication system for global roaming in mobility networks
CN111404691B (en) Quantum secret sharing method with credible authentication based on quantum walking
Ruan et al. Provably leakage-resilient password-based authenticated key exchange in the standard model
Nikooghadam et al. HAKECC: Highly efficient authentication and key agreement scheme based on ECDH for RFID in IOT environment
Lee et al. Provably secure and efficient authentication techniques for the global mobility network
Li et al. An efficient authentication protocol with user anonymity for mobile networks
Bindel et al. Hybrid key encapsulation mechanisms and authenticated key exchange
CN110247768A (en) Certificable semi-quantum secret sharing method and system based on GHZ state
CN110336659A (en) A kind of multi-party quantum key machinery of consultation, terminal and storage device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant