Disclosure of Invention
In order to solve the problems, the invention provides a method for carrying out identity authentication based on a quantum key, which adopts a mode of acquiring a shared key from a quantum key distribution network, the complexity of presetting the shared key by the user can be greatly reduced, and the security of the identity authentication process is enhanced.
According to some embodiments, the present invention employs the following technical solutions:
A method for identity authentication based on quantum key comprises the following steps:
Each communication direction sends a request to a quantum key distribution node connected with the communication direction, and the quantum key which is the same as other communication parties participating in identity authentication is obtained;
each communication party divides the acquired multiple groups of quantum keys into an authentication key pool and a communication key pool for storage respectively;
One communication party initiates an identity authentication request, receives authentication results of other communication parties on the identity information of the requesting party, authenticates the identity information of the opposite party, authenticates the identity of the opposite party through authentication of the message check code in the authentication process, and obtains a shared secret key for calculating the message check code from an authentication secret key pool;
After the identity information passes verification, data transmission is carried out, the transmitted data is encrypted by utilizing an encryption key obtained from a communication key pool, and a check code for verifying the identity of a data sender and the integrity of the data is obtained by calculating the check code obtained from the communication key pool.
As an alternative embodiment, the communication parties participating in the information interaction are configured or connected with quantum key distribution nodes, the quantum key distribution nodes distribute shared quantum keys through a quantum key distribution technology, and the communication parties acquire the shared quantum keys through the quantum key distribution nodes.
As an alternative embodiment, the quantum key distribution node comprises a quantum key distribution device and a quantum key management device according to the actual deployment of the quantum key distribution network.
Alternatively, the communication key pool includes an encryption key and a verification key, and the storage medium capacity of the authentication key pool and the communication key pool is set by the communication requirement of the communication party.
Alternatively, the authentication key pool and the communication key pool are labeled with key type and key identification information when stored.
As an alternative embodiment, each authentication key in the authentication key pool, each communication key in the communication key pool is used only once, and is cleared after use, and a new key is used in the next communication.
As an alternative embodiment, when one of the communication parties initiates an identity authentication request, user information of the communication party and a locally generated random number are sent, wherein the user information comprises at least one of a user name, a user IP address and a user serial number.
The method comprises the steps of receiving a request message, selecting a first key for authentication from an authentication key pool by a receiver, calculating a message check code of a local random number of the request party by using the first key as a response message, generating another section of random number locally, and sending user information, the response message, a key identification of the first key and the other random number to the identity authentication request party together.
As a further limitation, when the message check code of the local random number of the requester is calculated using the first key as the response message, the calculation method is an HMAC algorithm implemented as a one-way hash function or a block cipher calculation method is used.
As an alternative implementation mode, the process of verifying the identity information of the opposite party by the requesting party comprises the steps of verifying whether the user information of the opposite party is legal or not, and terminating the authentication process if the user is illegal; if the user is legal, selecting a corresponding authentication key from the authentication key pool according to the authentication key identification, calculating a message check code of the random number of the user, comparing the message check code with the received response message, if the comparison fails, terminating the authentication process, and sending a message of authentication failure to the opposite party, if the comparison succeeds, sending a message of authentication success to the opposite party.
Alternatively, the process of verifying the identity information of the requester by the receiver includes:
The identity authentication requester selects a second authentication key from the authentication key pool, calculates a message check code of another random number sent by the opposite party by using the second authentication key, and sends the local user information, the message check code and a second authentication key identifier to the identity authentication receiver;
After receiving the information, the identity authentication receiver firstly verifies the validity of the user information of the identity authentication requester, then selects a corresponding second authentication key according to the authentication key identification, calculates the message check code of another random number by using the key, compares the message check code with the received message check code, if the comparison fails, terminates the authentication process, and sends a message of failure in verification to the identity authentication requester, if the comparison succeeds, sends a message of success in authentication to the identity authentication requester, and the identity authentication of both sides is successful.
When data is transmitted, a data transmitting end selects a key of a first key identifier from a communication key pool as an encryption key, selects a key of a second key identifier as a check key, encrypts data to be transmitted by using the encryption key to generate a ciphertext, calculates a message check code by using the check key to information containing the ciphertext, the user information of the transmitting end, the first key identifier and the second key identifier, and transmits the ciphertext, the user information of the transmitting end, the first key identifier and the second key identifier to a receiving end, and the receiving end uses the check key to calculate a corresponding message check code by using the check key to the information containing the ciphertext, the user information of the transmitting end, the first key identifier and the second key identifier and compares the message check code with the received message check code, if the comparison is consistent, the data is complete and comes from the transmitting end, and then the receiving end uses the encryption key to decrypt the ciphertext to obtain a plaintext.
Compared with the prior art, the invention has the beneficial effects that:
According to the technical scheme provided by the invention, in the process of identity authentication and data transmission, the shared secret key for the message check code is acquired from the quantum secret key distribution network, so that the complexity of presetting the shared secret key can be reduced, the updating period of the shared quantum secret key can be shortened, the safety of the secret key can be improved, and the online acquisition can be supported.
In the data transmission process, the communication parties calculate the check code of the data message transmitted by the two parties by using the shared quantum key as a key, the identity of the data sender and the integrity of the data are verified by identifying the message check code, the shared quantum key is cleared after being used, and a new key is selected in the next communication. Because the shared quantum key uses the quantum key distribution technology, even if the computing capacity is improved, the risk of being stolen can be resisted, and only two communication parties hold the key, so that the security of the message check code is improved, and the security of the identity authentication process is enhanced.
In the data transmission process, the shared quantum key is used for carrying out check code calculation and comparison on the transmitted information, so that the identity authentication of a sender and the integrity verification of the transmitted data can be carried out on each piece of data transmitted by the quantum key again in the data transmission stage on the basis of the identity authentication carried out in the handshake stage, and the strength of the identity authentication is enhanced.
The invention solves the problems that in the identity authentication method based on the symmetric key, a large amount of shared keys are usually needed, and the shared keys need to be re-acquired when updated, and the prior art generally adopts a preset mode in advance, so that the method has higher complexity, greatly shortens the updating period of the shared quantum keys, improves the security of the keys, improves the acquisition efficiency of the keys, can provide a one-time-one-secret key using mode, and solves the transient problem of the shared symmetric keys in the identity authentication.
In order to make the above objects, features and advantages of the present invention more comprehensible, preferred embodiments accompanied with figures are described in detail below.
Detailed Description
The invention will be further described with reference to the drawings and examples.
It should be noted that the following detailed description is illustrative and is intended to provide further explanation of the invention. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments according to the present invention. As used herein, the singular is also intended to include the plural unless the context clearly indicates otherwise, and furthermore, it is to be understood that the terms "comprises" and/or "comprising" when used in this specification are taken to specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof.
In this embodiment, for convenience of understanding of the technician, two communication parties are taken as two communication parties, and the protection scope of the present invention is not limited to this.
The method of the embodiment specifically comprises the following steps:
one quantum key distribution stage
Quantum keys are distributed between two parties of communication Alice and Bob through quantum key distribution technology. The key distribution scheme is shown in fig. 1. The quantum key distribution node 1 and the quantum key distribution node 2 are two nodes in the quantum key distribution network, between which a shared quantum key is distributed by means of a quantum key distribution technique, and then the quantum keys are provided to Alice and Bob, respectively, in which way there will also be a shared quantum key between Alice and Bob.
The quantum key distribution network can distribute shared quantum keys between any two nodes in the network through a quantum key distribution technology. The user can acquire the shared quantum key with any other node through the node as long as the user accesses the node of the quantum key distribution network. The acquisition mode can be near-end filling or far-end online acquisition, wherein online acquisition is recommended preferentially, and because online acquisition has higher convenience, the key updating period is shortened, and the key security is improved.
The quantum key distribution process between Alice and Bob is specifically performed according to the following steps:
step one:
by quantum key distribution techniques, multiple sets of identical quantum keys are distributed between two end quantum key distribution nodes, as shown in fig. 2.
Step two:
before starting identity authentication, alice and Bob respectively acquire the same quantum key as the other party from the quantum key distribution nodes connected with the Alice and Bob, and the key update can also be performed in the same way.
Step three:
Alice and Bob store the obtained or updated multiple groups of quantum keys respectively in two types, wherein one type is an authentication key, the other type is a communication key, and the communication key comprises an encryption key and a verification key. The number of storage of authentication keys and communication keys may be set according to the size of the storage medium or the specific needs of the user. The key storage is shown in fig. 3.
The authentication key and the communication key need to be marked with information such as a key type, a key identification, and the like when stored, as shown in fig. 4.
The authentication key and the communication key are used once in the use process, the authentication key and the communication key are cleared after the authentication key and the communication key are used for the next communication.
(II) handshake phase
In the first stage, alice shares a quantum key with Bob through a quantum key distribution technology, and the quantum key is used as an authentication key and a communication key for an identity authentication process, and in a specific identity authentication mode, alice initiates identity authentication, for example, as shown in fig. 5;
As shown in fig. 5, the detailed steps of the authentication and data transmission process using the quantum key are as follows:
step one:
Alice initiates an identity authentication request to Bob, and the message contains user information UserInfo of Alice and a Random number Random1 generated locally by Alice;
The above "user information" is related information for identifying the user, and may be information unique to each user, such as a user name, a user IP address, a user serial number, and the like.
Step two:
Bob verifies the validity of the user information UserInfo after receiving Alice's message. If UserInfo is illegal, the authentication process is terminated, if UserInfo is legal, a next authentication message is sent to Alice, wherein the content of the message is that Bob selects a secret key AuKey1 for authentication from an authentication secret key pool, the secret key is identified as IDAukey1, a message check code MACAukey1 (Random 1) of Random1 is calculated by using AuKey1 and is used as a response message, a Random number Random2 is generated locally, user information of Bob is UserInfo, and Bob sends UserInfo, MACAukey1(Random1)、IDAukey1 and Random2 to Alice together.
In the above process, (1) the method for calculating the message check code may be implemented using a one-way hash function, for example, HMAC-SHA-256, for a message check code using a SHA-256 one-way hash function, or using a block cipher, for example, AES-CMAC, for a message check code using an AES algorithm CBC mode.
(2) The random number may be a classical random number or a quantum random number.
Step three:
after Alice receives Bob's message, it first verifies if Bob's user information UserInfo is legal, if not, it terminates the authentication process, if not, it selects the corresponding authentication key from the authentication key pool according to authentication key IDAukey1, calculates the message check code of Random number Random1, and compares it with received MACAukey1 (Random 1). If the comparison fails, the authentication process is terminated, and an authentication failure message is sent to Bob, if the comparison is successful, an authentication success message is sent to Bob, and the following step four operation is started.
Step four:
Alice selects an authentication key AuKey from the authentication key pool, the key identification of which is IDAukey2, calculates a message check code MACAukey2 (Random 2) of Random2 by using AuKey2, and sends UserInfo and MACAukey2(Random2)、IDAukey2 together to Bob;
Step five:
After Bob receives the message, first verifies the validity of Alice's user information UserInfo, then selects a corresponding authentication key according to the authentication key IDAukey2, uses the key to calculate a message check code of Random2, and compares it with the received MACAukey2 (Random 2). If the comparison is successful, the identity of the Alice is successfully passed, and the authentication success message is sent to the Alice, and at the moment, the identity authentication of the two parties is successful, so that the following safe data transmission operation can be performed;
(III) data transfer stage
As shown in fig. 5, after the handshake between two parties of communication is completed, the two parties can establish a secure channel to perform secure data transmission, and in the data transmission process, each communication uses a shared quantum key to perform check code calculation and comparison on the transmitted message, and verify the identity of the sender, which is specifically implemented as follows:
When Alice and Bob transmit Data, a transmitting end (taking Alice as an example) selects a secret key with a secret key identification of IDEnkey1 from communication secret keys as an encryption secret key, the secret key with a secret key identification of IDEnkey2 is used as a verification secret key, data to be transmitted are encrypted by using Enkey1 to generate ciphertext EEnkey1 (Data), message verification codes of [ UserInfo1, EEnkey1(Data)、IDEnkey1、IDEnkey2 ] are calculated by using Enkey to be MACEnkey2, and UserInfo and EEnkey1(Data)、IDEnkey1、IDEnkey2、MACEnkey2 are transmitted to a receiving end, the receiving end uses EnKey to calculate message verification codes of [ UserInfo, EEnkey1(Data)、IDEnkey1、IDEnkey2 ] and compares the message verification codes with the MACEnkey2, if the comparison is consistent, the Data are complete and come from Alice, and then the receiving end uses Enckey to decrypt EEnkey1 (Data) and acquire plaintext Data.
The quantum key distribution technology based on quantum mechanics ensures that the key cannot be effectively eavesdropped because the quantum state has the characteristics of unclonable, uncertainty and measurement collapse, and therefore the quantum key distribution technology is used in an identity authentication scheme based on a symmetric cipher, and can provide security guarantee for a key sharing process. Meanwhile, as the quantum communication backbone line and the metropolitan area network are built, the coverage range of quantum key distribution is gradually increased, and key sharing among access nodes in the coverage range can be completed by using a quantum key distribution technology, so that as long as users accessing the quantum communication network through the access nodes can complete key sharing and key updating through quantum key distribution services provided by the network, the users can complete identity authentication and safe data transmission based on symmetric keys, the limitation of complexity increase caused by network scale increase is avoided, the convenience of the users is greatly improved, and the running cost is reduced.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only of the preferred embodiments of the present invention and is not intended to limit the present invention, but various modifications and variations can be made to the present invention by those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
While the foregoing description of the embodiments of the present invention has been presented in conjunction with the drawings, it should be understood that it is not intended to limit the scope of the invention, but rather, it is intended to cover all modifications or variations within the scope of the invention as defined by the claims of the present invention.