Disclosure of Invention
The application provides an anti-quantum security enhancement method of a security shell protocol of a communication network.
The embodiment of the application provides an anti-quantum security enhancement method of a security shell protocol of a communication network, wherein the communication network comprises first network equipment and second network equipment, the method is used for the first network equipment, and the method comprises the following steps:
Acquiring a first quantum key and a quantum key identifier from a first network node accessed to the first network device;
information exchange is carried out with the second network equipment, and a hash key and an initial session key are generated according to the first information of the first network equipment and the second information obtained through the information exchange;
Performing post quantum cryptography encryption processing on the quantum key identifier according to the hash key and the initial session key, and transmitting a first encryption result obtained by the post quantum cryptography encryption processing to the second network device;
the received second encryption result sent by the second network device is decrypted to obtain a second decryption result, the second encryption result is obtained by the second network device performing post quantum cryptography encryption on the first decryption result, and the first decryption result is obtained by the second network device performing decryption on the first encryption result;
And generating an anti-quantum session key according to the initial session key, the first encryption result, the second decryption result and the first quantum key to encrypt communication between the first network device and the second network device.
In this way, in the communication process of the first network device and the second network device, the first network device and the second network device apply for obtaining the quantum key, and encrypt the quantum key by using the post quantum cryptographic algorithm to generate the anti-quantum key capable of resisting the quantum computing attack, where the post quantum cryptographic algorithm is a series of encryption algorithms aimed at resisting the quantum computing attack. And the first network device and the second network device generate an initial session key through key exchange, and then the initial session key, the anti-quantum key and the quantum key are used for communication between the first network device and the second network device in a fusion way. In this way, the quantum computing attack resistance of the network communication between the first network device and the second network device is enhanced.
In certain embodiments, the method further comprises:
Accessing a first network node through a pre-established channel;
loading the security certificate of the second network device or the security certificate of the first network device.
Therefore, before the communication with the second network equipment, the first network node is accessed through the pre-established channel, the pre-established channel can protect data in the communication process, and the risk of unauthorized access in the communication process is reduced. Then, the security certificate of the second network device or the security certificate of the second network device is loaded, and after the security certificate is loaded, the security certificate is used for establishing and maintaining a secure communication channel, so that the security of data in the transmission process is enhanced.
In some embodiments, the obtaining the first quantum key and the quantum key identifier from a first network node that is accessed to the first network device comprises:
filling a plurality of keys with a service node to a cryptographic module of the first network device;
transmitting a quantum key application to the service node, the quantum key application being protected by a protection key, the protection key being one randomly used from a plurality of keys charged to the cryptographic module;
Receiving a quantum key encryption result obtained by the service node through encryption processing of the first quantum key and the quantum key identifier according to the protection key, wherein the first quantum key is generated by a first network node connected with the service node and distributed to the service node, and the quantum key identifier is obtained by the first network node through identification of the first quantum key according to an identification code of the first network node;
And decrypting the quantum key encryption result to obtain the first quantum key and the quantum key identifier.
In this manner, the first network device charges the cryptographic module of the first network device with the plurality of keys using the service node. Next, the first network device sends a quantum key application to the service node, the quantum key application being protected by a protection key, the protection key being one randomly used from a plurality of keys charged to the cryptographic module. Then, the first network device receives a quantum key encryption result obtained by the service node encrypting the first quantum key and a quantum key identifier according to the protection key, the first quantum key is generated by the first network node accessing the service node and distributed to the service node, and the quantum key identifier is obtained by the first network node identifying the first quantum key according to the identification code of the first network node. And finally, the first network device decrypts the quantum key encryption result to obtain a first quantum key and a quantum key identifier. In this way, the first network device obtains the first quantum key and the quantum key identifier, and can be used for subsequently generating a key with stronger quantum computing attack resistance.
In some embodiments, the performing post-quantum cryptography encryption processing on the quantum key identifier according to the hash key and the initial session key, and sending a first encryption result obtained by the post-quantum cryptography encryption processing to the second network device includes:
performing splicing processing on the quantum key identifier and the first random number generated randomly to obtain a first session message;
Encrypting the first session message according to the initial session key to obtain a first encrypted message;
Performing post quantum cryptography derivation processing on the first encrypted message to generate a first anti-quantum key;
Performing post quantum cryptography encryption packaging processing on the first encryption message to generate a first packaging message in the first encryption result;
Splicing the quantum key identifier and the hash key to obtain a first verification message;
performing post quantum cryptography signature processing on the first verification message to generate a first signature message in the first encryption result;
And sending the first encryption result to the second network equipment.
In this way, the first network device performs a concatenation process on the quantum key identifier and the first random number generated randomly to obtain the first session message. Then, the first network device encrypts the first session message according to the initial session key to obtain a first encrypted message. Then, the first network device performs post quantum cryptography derivation processing on the first encrypted message to generate a first anti-quantum key. And carrying out post quantum cryptography encryption packaging processing on the first encrypted message to generate a first packaged message in the first encryption result. And then, the first network device performs splicing processing on the quantum key identifier and the hash key to obtain a first verification message. And performing post quantum cryptography signature processing on the obtained first verification message to generate a first signature message in the first encryption result. Finally, the first network device sends the first encryption result to the second network device. In this way, the first network device obtains the first anti-quantum key with stronger anti-quantum capability, obtains the first signature message and the first encryption message capable of generating the first anti-quantum key, and the first signature message can discover the condition that data is accessed unauthorized in the communication process. And transmitting the first signed message and the first encrypted message to the second network device, enabling the second network device to generate the first anti-quantum key.
In some embodiments, the decrypting the received second encrypted result sent by the second network device to obtain a second decrypted result includes:
Receiving the second encryption result sent by the second network device, wherein the second encryption result is obtained by performing post quantum cryptography encryption processing on a first decryption result by the second network device, and the first decryption result is obtained by performing decryption processing on the first encryption result by the second network device;
and carrying out decryption processing on the second encryption result to obtain a second decryption result, wherein the second decryption result comprises a second encryption message and a second signature message.
In this way, the first network device receives the second encryption result sent by the second network device, the second encryption result is obtained by encrypting the first decryption result by the second network device, and the first decryption result is obtained by decrypting the first encryption result by the second network device. Then, the first network device decrypts the second encryption result to obtain a second decryption result, wherein the second decryption result comprises a second handshake random number, a fourth handshake message and a second signature message. The first network device determines the availability of a channel for communication with the second network device, obtains the relevant information of the key of the second network device, and can use the relevant information of the key to combine with the relevant key information of the first network device to generate the key with high security and strong quantum attack resistance.
In certain embodiments, the method further comprises:
Obtaining a second anti-quantum key according to the second encrypted message;
And obtaining a second session message and a quantum key identifier according to the second encrypted message and the initial session key.
In this way, the first network device obtains a second anti-quantum key from the second encrypted message. The first network device then obtains a second session message and a quantum key identifier from the second encrypted message and the initial session key. The second anti-quantum key is thus obtained for subsequent key generation to obtain a key with a strong resistance to quantum computing attacks. The first network device also obtains the quantum key identifier for subsequent signing to confirm the accuracy of the quantum key identifier received by the server.
In certain embodiments, the method further comprises:
Obtaining a second verification message according to the second signature message;
And performing post quantum cryptography signing verification processing on the second signature message to confirm the correctness of the second verification message, wherein the second verification message is obtained by splicing the quantum key identifier and the hash key.
In this way, the first network device obtains the second authentication message from the second signed message. And then, the first network equipment performs post quantum cryptography signing verification processing on the second signed message to confirm the correctness of the second verification message, wherein the second verification message is obtained by splicing the quantum key identifier and the hash key. In this way, the correctness of the second verification message is determined by performing post quantum cryptography signing verification processing on the second signature message, the integrity of the second network device related data received by the first network device is ensured, the identity of the second network device is verified, and the safety guarantee is provided for subsequent data transmission.
In some embodiments, the first encryption result includes a first anti-quantum key, and the generating the anti-quantum session key according to the initial session key, the first encryption result, the second decryption result, and the first quantum key to encrypt communications between the first network device and the second network device includes:
generating the initial session key, the first anti-quantum key, the second anti-quantum key and the first quantum key to obtain an anti-quantum session key;
and carrying out derivative processing on the anti-quantum session key so as to encrypt communication between the first network device and the second network device.
In this way, the first network device generates the initial session key, the first anti-quantum key, the second anti-quantum key, and the first quantum key to obtain the anti-quantum session key. Then, the first network device performs a derivation process on the anti-quantum session key, and encrypts communication between the first network device and the second network device using the derived key. The quantum-resistant session key generated by combining the quantum key distribution technology and the post quantum cryptography technology enhances the quantum computing attack resistance of the communication between network devices and protects the data transmitted in the communication process.
The embodiment of the application provides an anti-quantum security enhancement method of a security shell protocol of a communication network, wherein the communication network comprises first network equipment and second network equipment, the method is used for the second network equipment, and the method comprises the following steps:
Information exchange is carried out with the first network equipment, and a hash key and an initial session key are generated according to second information of the second network equipment and first information obtained through the information exchange;
Receiving a first encryption result obtained by the first network device through performing post-quantum cryptography encryption processing on a quantum key identifier according to the hash key and the initial session key, wherein the quantum key identifier is acquired from an accessed first network node by the first network device;
decrypting the first encryption result to obtain a first decryption result;
Performing post quantum cryptography encryption processing on the first decryption result to obtain a second encryption result, and sending the second encryption result to the first network device;
And generating an anti-quantum session key according to the initial session key, the first decryption result, the second encryption result and the second quantum key to encrypt communication between the first network device and the second network device.
In this way, in the communication process of the first network device and the second network device, the first network device and the second network device apply for obtaining the quantum key, and encrypt the quantum key by using the post quantum cryptographic algorithm to generate the anti-quantum key capable of resisting the quantum computing attack, where the post quantum cryptographic algorithm is a series of encryption algorithms aimed at resisting the quantum computing attack. And the first network device and the second network device generate an initial session key through key exchange, and then the initial session key, the anti-quantum key and the quantum key are used for communication between the first network device and the second network device in a fusion way. In this way, the quantum computing attack resistance of the network communication between the first network device and the second network device is enhanced.
In some embodiments, the first encryption result comprises a first encapsulated message, the method further comprising:
obtaining a first encrypted message according to the first encapsulated message;
A first session message and the quantum key identifier are obtained from the first encrypted message and the initial session key.
In this way, the second network device obtains the first encrypted message from the first encapsulated message. The second network device then obtains the first session message and the quantum key identifier from the first encrypted message and the initial session key. This results in a quantum key identifier from which the second network device can apply for the second quantum key.
In some embodiments, the first encryption result comprises a first signed message, the first decryption result comprises a quantum key identifier, the method further comprising:
Obtaining a first verification message according to the first signature message;
Performing post quantum cryptography signing verification processing on the first signature message to confirm the correctness of a first verification message, wherein the first verification message is obtained by performing splicing processing on the quantum key identifier and the hash key;
And under the condition that the obtained quantum key identifier is correct, obtaining a second quantum key from a second network node accessed to the second network device according to the quantum key identifier.
In this way, the second network device obtains the first authentication message from the first signed message. And then, the second network equipment performs post quantum cryptography signing verification processing on the first signed message to confirm the correctness of the first verification message, wherein the first verification message is obtained by splicing the quantum key identifier and the hash key. And under the condition that the obtained quantum key identifier is correct, the second network device acquires the second quantum key from a second network node accessed to the second network device according to the quantum key identifier. Therefore, the quantum key is applied through the quantum key identifier, so that the second quantum key obtained through application is matched with the first quantum key of the first network device, and the second quantum key can be used for generating a key with high safety and good quantum computing attack resistance.
In some embodiments, the performing post quantum cryptography encryption processing on the first decryption result to obtain a second encryption result, and sending the second encryption result to the first network device includes:
Splicing the quantum key identifier and the randomly generated second random number to obtain a second session message;
encrypting the second session message according to the initial session key to obtain a second encrypted message;
performing post quantum cryptography derivation processing on the second encrypted message to generate a second anti-quantum key;
Performing post quantum cryptography encryption packaging processing on the second encryption information to generate a second packaging information in the second encryption result;
splicing the quantum key identifier and the hash key to obtain a second verification message;
Performing post quantum cryptography signature processing on the second verification message to generate a second signature message in the second encryption result;
And sending the second encryption result to the first network equipment.
And the second network equipment performs splicing processing on the quantum key identifier and the second random number generated randomly to obtain a second session message. And then, the second network equipment encrypts the second session message according to the initial session key to obtain a second encrypted message. And then, the second network equipment carries out post quantum cryptography derivation processing on the second encrypted message to generate a second anti-quantum key. And carrying out post quantum cryptography encryption packaging processing on the second encryption information to generate a second packaging information in a second encryption result. And the second network equipment performs splicing processing on the quantum key identifier and the hash key to obtain a second verification message. And then, the second network device performs post quantum cryptography signature processing on the second verification message to generate a second signature message in a second encryption result. Finally, the second network device sends the second encryption result to the first network device. In this way, the second network device obtains the second anti-quantum key with stronger anti-quantum capability, obtains the second signature message and the second encryption message capable of generating the second anti-quantum key, and the second signature message can discover the condition that the data is accessed unauthorized in the communication process. And transmitting the second signed message and the second encrypted message to the first network device, enabling the first network device to generate a second anti-quantum key.
In some embodiments, the first decryption result includes a first encrypted message, and the generating the anti-quantum session key according to the initial session key, the first decryption result, the second encryption result, and the second quantum key to encrypt communications between the first network device and the second network device includes:
obtaining a first anti-quantum key according to the first encrypted message;
generating the initial session key, the first anti-quantum key, the second anti-quantum key and the second quantum key to obtain an anti-quantum session key;
and carrying out derivative processing on the anti-quantum session key so as to encrypt communication between the first network device and the second network device.
In this way, the second network device obtains the first anti-quantum key from the first encrypted message. And then, the second network equipment generates the initial session key, the first anti-quantum key, the second anti-quantum key and the second quantum key to obtain the anti-quantum session key. Finally, the second network device derives the anti-quantum session key to encrypt communications between the first network device and the second network device. The quantum-resistant session key generated by combining the quantum key distribution technology and the post quantum cryptography technology enhances the quantum computing attack resistance of the communication between network devices and protects the data transmitted in the communication process.
Additional aspects and advantages of embodiments of the application will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of embodiments of the application.
Detailed Description
Embodiments of the present application are described in detail below, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to like or similar elements or elements having like or similar functions throughout. The embodiments described below by referring to the drawings are exemplary only for explaining the embodiments of the present application and are not to be construed as limiting the embodiments of the present application.
The computational power represented by quantum computation plays a role in security and has a great influence on related algorithms in classical cryptography. That is, quantum computing constitutes a more direct and urgent crack threat to classical cryptography. A series of classical algorithms, such as Diffie-Hellman, RSA, elliptic curve (ECC), etc., face a greater security risk because the number theory problems, such as large prime decomposition, discrete logarithms, etc., on which they are based become no longer difficult in the quantum era. It will be appreciated that with large quantum computer implementations, key agreement, encryption, signing, etc. applications in classical cryptography will have some impact.
As such, the use of classical cryptographic algorithms protects the security of the internet in the course of communications from the threat of quantum computing attacks. For example, the secure shell protocol (Secure Shell Protocol, SSH) that is built on an application layer basis is dedicated to ensuring security of telnet sessions and other network services. The secure shell protocol is mainly composed of four parts, wherein a user authentication protocol (SSH-USERAUTH, defined by RFC 4252) is built on top of a transport layer protocol, a user connection protocol (SSH-CONNECT, defined by RFC 4254) is built on top of the user connection protocol, and the transport layer protocol (SSH-TRANS, defined by RFC 4253) ensures server authentication, data confidentiality and integrity. It employs high-strength encryption techniques, password-based host authentication, and integrity protection mechanisms. The authentication process relies primarily on RSA or DSS signature algorithms, while key exchange uses classical Diffie-Hellman (DH) algorithms. However, these traditional Public Key Infrastructure (PKI) technologies, such as RSA algorithm, DSS algorithm, and DH algorithm, have a potential weakness: they do not have the ability to resist quantum computing attacks. Thus, secure shell protocols present a greater security risk in the face of quantum computing attacks.
Currently, technologies for dealing with quantum computing attack threats internationally fall into two main categories: the first is to study the symmetric key negotiation by using a quantum key distribution (Quantum Key Distribution, QKD) network to protect the security of the key for the scene of (symmetric) key negotiation by using an asymmetric algorithm and then encrypting transmission by the symmetric algorithm; the other is Post-research quantum cryptography algorithm (Post-Quantum Cryptography, PQC), which directly replaces the existing asymmetric algorithm. The quantum key distribution technology utilizes the quantum mechanics principle, can generate a key which cannot be stolen by a third party, and ensures the security of key transmission. The method is particularly suitable for the key exchange scene, and can replace the existing asymmetric key negotiation algorithm such as RSA or ECC to improve the security of the key. However, quantum key distribution techniques currently cannot completely replace all applications of asymmetric algorithms, such as signature verification, integrity protection, and anti-repudiation scenarios, and still require the use of asymmetric algorithms.
The post quantum cryptography algorithm is an asymmetric cryptography algorithm designed based on a new mathematical problem, and aims to resist the threat possibly brought by a quantum computer. NIST has published the first 4 post quantum cryptography algorithms to be standardized, including Kyber, dilithium, falcon and SPHINCS +, which cover multiple technical routes to reduce the risk of single technology hacking. The post quantum cryptography algorithm can theoretically replace all asymmetric algorithms and is more general. However, the security of post quantum cryptography algorithms still depends on the complexity of computational challenges, and may face new cracking methods or become unsafe with the increase of computational power in the future. In addition, the post quantum cryptography algorithm standard is not formally published, and the production and authentication of related products also need time, so that the large-scale application of the post quantum cryptography algorithm also needs a longer period.
The post quantum cryptography algorithm and the quantum key distribution technology have the capability of resisting quantum computing attacks, but each has limitations, so that the provision of the cryptography technology which has relatively low cost and high security and can resist quantum computing attacks is a problem to be solved.
Based on the above-mentioned problems, referring to fig. 1, an embodiment of the present application provides an anti-quantum security enhancement method of a security shell protocol of a communication network, where the communication network includes a first network device and a second network device, and the method is used for the first network device, and includes:
011: acquiring a first quantum key and a quantum key identifier from a first network node accessed to first network equipment;
012: information exchange is carried out with the second network equipment, and a hash key and an initial session key are generated according to the first information of the first network equipment and the second information obtained through the information exchange;
013: performing post quantum cryptography encryption processing on the quantum key identifier according to the hash key and the initial session key, and transmitting a first encryption result obtained by the post quantum cryptography encryption processing to second network equipment;
014: the received second encryption result sent by the second network device is decrypted to obtain a second decryption result, the second encryption result is obtained by performing post quantum cryptography encryption on the first decryption result by the second network device, and the first decryption result is obtained by performing decryption on the first encryption result by the second network device;
015: and generating an anti-quantum session key according to the initial session key, the first encryption result, the second decryption result and the first quantum key to encrypt communication between the first network device and the second network device.
The embodiment of the application also provides first network equipment which comprises a memory and a processor. The method of the embodiment of the present application may be implemented by the first network device of the embodiment of the present application. In particular, the memory has stored therein a computer program for the processor to obtain a first quantum key and a quantum key identifier from a first network node that is accessed to a first network device. And exchanging information with the second network device, and generating a hash key and an initial session key according to the first information of the first network device and the second information obtained by the information exchange. The processor is further configured to perform post-quantum cryptography encryption processing on the quantum key identifier according to the hash key and the initial session key, and send a first encryption result obtained by the post-quantum cryptography encryption processing to the second network device. And decrypting the received second encryption result sent by the second network device to obtain a second decryption result, wherein the second encryption result is obtained by performing post quantum cryptography encryption on the first decryption result by the second network device, and the first decryption result is obtained by performing decryption on the first encryption result by the second network device. The processor is further configured to generate an anti-quantum session key based on the initial session key, the first encryption result, the second decryption result, and the first quantum key to encrypt communications between the first network device and the second network device.
The embodiment of the application also provides a first network equipment security enhancement device. The method of the embodiment of the application can be realized by the first network equipment security enhancement device of the embodiment of the application. Specifically, the first network device security enhancement device comprises an acquisition module, a switching module, an encryption module, a decryption module and a deriving module. The acquisition module is used for acquiring a first quantum key and a quantum key identifier from a first network node accessed to the first network device. The exchange module is used for exchanging information with the second network equipment and generating a hash key and an initial session key according to the first information of the first network equipment and the second information obtained through information exchange. The encryption module is used for carrying out post-quantum cryptography encryption processing on the quantum key identifier according to the hash key and the initial session key, and sending a first encryption result obtained by the post-quantum cryptography encryption processing to the second network device. The decryption module is used for performing decryption processing on a second encryption result sent by the second network device to obtain a second decryption result, the second encryption result is obtained by performing post quantum cryptography encryption processing on the first decryption result by the second network device, and the first decryption result is obtained by performing decryption processing on the first encryption result by the second network device. The deriving module is used for generating an anti-quantum session key according to the initial session key, the first encryption result, the second decryption result and the first quantum key so as to encrypt communication between the first network device and the second network device.
The present application provides a secure shell protocol based communication system comprising a first network device, a second network device and a quantum key distribution network of the above embodiments, the quantum key distribution network being configured to distribute quantum keys to the first network device or the second network device.
In particular, the quantum key distribution network comprises a network node, a quantum network link control center, the network node being used in the quantum key distribution network for storing and distributing quantum keys. The quantum network link center can establish quantum key distribution and relay links among network nodes according to the names of the network nodes, and the quantum key distribution and relay links are used for data transfer and other functions. The quantum key distribution network is used for realizing services such as quantum key generation, quantum key relay, quantum key provision and the like.
Referring to fig. 2, in some embodiments, the first network device and the second network device communicate via an SSH transport layer encrypted channel. For example, when performing an SSH user authentication protocol or a user connection protocol, the SSH transport layer encryption channel is a key part of the secure shell protocol, and refers to an encryption communication channel established between the first network device and the second network device, and is used for providing server authentication, data confidentiality and integrity, so that the security and reliability of the SSH connection are ensured. The SSH user authentication protocol is responsible for user authentication of the first network device, supporting various authentication methods, such as password, public key authentication, etc. The first network device accesses a service node, which is a transfer station used by the first network device to connect with the network node, and is used to charge the secret key to the second network device and transfer and store the quantum secret key. After the first network device sends the quantum key application, the network node sends the quantum key generated by the quantum key distribution network to a service node accessed to the first network device, and the service node sends the quantum key to the first network device. The simple process of the first network device and the second network device obtaining the quantum key is as follows: first, a first network device sends a quantum key application to a service node that accesses the first network device. The service node then applies for the quantum key from the first network node accessing the service node. Then, the first network node distributes the quantum key generated according to the quantum key application to the service node, and the service node distributes the quantum key to the first network device. Meanwhile, the quantum network link control center synchronously enables a second network node accessed to the second network device to generate a quantum key, but the quantum key is not immediately distributed to the second network device, but is stored in the network node. The corresponding relation among the first network equipment, the second network equipment, the service node and the network node is provided by the management and control platform.
It should be noted that, in the embodiment of the present application, the FIPS203 Module-Lattice-based Key-Encapsulation MECHANISM STANDARD is taken as a PQC Key Encapsulation algorithm, the FIPS 204 Module-Lattice-Based Digital Signature Standard is taken as a PQC digital signature algorithm, and the following description of the related operations of the PQC algorithm refers to the above FIPS standard. Of course, in other embodiments, other algorithms such as NewHope algorithm, sidh algorithm, HQC algorithm, etc. may be used as the related algorithm of the PQC. It should be further noted that, the embodiments of the present application are directed to a secure shell protocol (Secure Shell Protocol, SSH) composed of four parts, namely a protocol architecture (SSH-ARCH) defined by RFC4251, a transport layer protocol (SSH-TRANS) defined by RFC4253, a user authentication protocol (SSH-USERAUTH) defined by RFC4252, and a user connection protocol (SSH-CONNECT) defined by RFC4254, hereinafter referred to as SSH protocol.
Specifically, the hash key is obtained by calculating related information in information exchange according to an SSH protocol, and the initial session key is obtained by independently calculating the first network device and the second network device according to the SSH protocol according to respective private keys and public keys of the other party.
The first network device sends a quantum key application to a first network node accessed to the first network device, and then obtains a first quantum key and a quantum key identifier from the first network node, wherein the first quantum key and the quantum key identifier can be used for generating a key with quantum computing attack resistance, and the quantum key identifier is helpful for using and managing the quantum key.
And then, the first network equipment and the second network equipment exchange information, after the information exchange, the first network equipment has the first information of the first network equipment and the second information of the second network equipment, and a hash key and an initial session key are generated according to the information.
And then, the first network device performs post-quantum cryptography encryption processing on the quantum key identifier according to the hash key and the initial session key, and sends a first encryption result of the post-quantum cryptography encryption processing to the second network device. The quantum key distribution technology is combined with the post quantum cryptographic algorithm in a mode of carrying out post quantum cryptographic encryption processing on the quantum key identifier, so that the complexity of the key is improved, and an encryption result is sent to the second network device to be shared, so that communication data of the network device and the second network device in a communication network are kept consistent.
The second network device receives the first encryption result sent by the network device, and decrypts the first encryption result to obtain a first decryption result. And the second network equipment performs post quantum cryptography encryption processing on the first decryption result to obtain a second encryption result. After the second encryption result is obtained, the second network device sends the second encryption result to the network device so that the network device can also share the second network device information and the generated key. And the second network equipment generates an anti-quantum session key according to the initial session key, the first decryption result, the second encryption result and the second quantum key to encrypt communication between the first network equipment and the second network equipment.
Meanwhile, the first network device receives a second encryption result sent by the second network device, and decrypts the second encryption result to obtain a second decryption result. And the network equipment generates an anti-quantum session key according to the initial session key, the first encryption result, the second decryption result and the first quantum key to encrypt communication between the first network equipment and the second network equipment.
In the following, an example is used to describe a method of the present application, where in the embodiment of the present application, the first network device is a client, the client is a user side of an SSH protocol, and integrity and confidentiality protection is performed on user data such as SSH telnet through acquiring a key between the client and a server through an SSH transport layer protocol (SSH-TRANS). The second network device is a server, the server is a server of an SSH protocol, and the key between the second network device and the client is acquired through an SSH transport layer protocol (SSH-TRANS) to carry out integrity and confidentiality protection on user data such as SSH telnet. The quantum network node is a network node, and the quantum network node stores and provides the generated quantum key for the server through a trusted channel or provides the generated quantum key for the client through a password service node. The password service node is a service node and is used for connecting with the quantum network node to provide pre-shared key filling and quantum key service for a plurality of clients.
The ssh_msg_ KEXDH _init message and the ssh_msg_ KEXDH _reply message are messages in the information exchange. The first encryption result is the ssh_msg_ KEXPQCQKD _init message and the second encryption result is the ssh_msg_ KEXPQCQKD _reply message.
The ssh_msg_ KEXINIT-1 message of the client includes information such as a key exchange algorithm, an encryption algorithm, a MAC algorithm, a compression algorithm and the like supported by the client. The SSH_MSG_ KEXINIT-2 message of the server side comprises information such as a key exchange algorithm, an encryption algorithm, a MAC algorithm, a compression algorithm and the like supported by the server side.
The ssh_msg_ KEXDH _init message and the ssh_msg_ KEXDH _reply message are used to calculate the hash key and the initial session key.
In addition, in the embodiment of the present application, after the client obtains the first quantum key and before the client exchanges messages with the client, the present application selects a number in a Local extensions (192-255) interval in a Message number (Message Numbers) of the SSH protocol, and uses the number as a Message number of a byte type definition ssh_msg_ KEXPQCQKD _init Message and ssh_msg_ KEXPQCQKD _reply Message.
Referring to fig. 3, a first quantum key qk_uuid-1 and a quantum key identifier uuid_qk sent by a client from a first quantum network node that is accessed to a network appliance, the quantum key identifier facilitating management and use of the quantum key. Then, the client sends an ssh_msg_ KEXINIT-1 message of the client to the server according to the SSH transport layer protocol defined in RFC4253, and adds a new term "pqc-qkd-aes" in the key exchange algorithm name list (name-list kex_ algorithms) of the message. After receiving the ssh_msg_ KEXINIT message from the client, the server returns the ssh_msg_ KEXINIT-2 message to the client, and adds a new item "pqc-qkd-aes" in the key exchange algorithm name list (name-list kex_ algorithms) of the message.
After receiving the ssh_msg_ KEXINIT-2 message from the server, the client sends the ssh_msg_ KEXDH _init message according to the SSH transport layer protocol defined by RFC4253, and the server receives the ssh_msg_ KEXDH _init message and calculates to generate a hash key H and an initial session key Y1 according to the SSH transport layer protocol defined by RFC4253, then replies to the ssh_msg_ KEXDH _reply message, and after receiving the REPLY message, the client calculates to generate the hash key H and the initial session key Y1 according to the SSH transport layer protocol defined by RFC 4253.
And then, the client performs post quantum cryptography encryption processing on the quantum key identifier UUID_QK according to the hash key H and the initial session key Y1 to obtain an SSH_MSG_ KEXPQCQKD _INIT message. Then, the process is carried out. The client sends an ssh_msg_ KEXPQCQKD _init message to the server. After receiving the ssh_msg_ KEXPQCQKD _init message, the server decrypts the ssh_msg_ KEXPQCQKD _init message to obtain a first decryption result. The server encrypts the first decryption result to obtain an SSH_MSG_ KEXPQCQKD _REPLY message, and sends the SSH_MSG_ KEXPQCQKD _REPLY message to the client. The server generates an anti-quantum session key Y2 according to the initial session key Y1, the SSH_MSG_ KEXPQCQKD _REPLY message, the second quantum key and the SSH_MSG_ KEXPQCQKD _INIT message.
After receiving the ssh_msg_ KEXPQCQKD _reply message, the client generates an anti-quantum session key Y2 according to the initial session key Y1, the ssh_msg_ KEXPQCQKD _reply message, the ssh_msg_ KEXPQCQKD _init message and the first quantum key.
In summary, in the anti-quantum security enhancement method, the communication system, the first network device and the second network device for the secure shell protocol of the communication network according to the embodiments of the present application, for the communication process of the first network device and the second network device, the first network device and the second network device apply for obtaining the quantum key, and encrypt the quantum key by using the post quantum cryptographic algorithm to generate the anti-quantum key capable of resisting the quantum computing attack, where the post quantum cryptographic algorithm is a series of encryption algorithms aimed at resisting the quantum computing attack. And the first network device and the second network device generate an initial session key through key exchange, and then the initial session key, the anti-quantum key and the quantum key are used for communication between the first network device and the second network device in a fusion way. In this way, the quantum computing attack resistance of the network communication between the first network device and the second network device is enhanced.
Referring to fig. 4, in some embodiments, the method further comprises:
016: accessing a first network node through a pre-established channel;
017: loading a security certificate of the second network device or a security certificate of the first network device.
In some embodiments, the access module is configured to access the first network node through a pre-established channel, and the loading module is configured to load a security certificate of the second network device or a security certificate of the first network device.
In some embodiments, the processor is further configured to access the first network node over a pre-established channel and load a security certificate of the second network device or a security certificate of the first network device.
Specifically, before data transmission is performed with the second network device, the network device accesses the first network node through a pre-established channel, and the pre-established channel can protect data in the data transmission process and reduce the risk of unauthorized access in the transmission process. Then, the network device loads the security certificate of the network device or the security certificate of the second network device, and after the security certificate is loaded, the security certificate is used for establishing and maintaining a secure communication channel, so that the security of data in the transmission process is enhanced.
Continuing the above example, please refer to fig. 3 again, before the client and the server perform data transmission, the client accesses the first quantum network node with the closest physical distance and authorized completion through a trusted channel, where the trusted channel refers to a mechanism or protocol for providing a secure communication path between two communication entities, and one way of establishing the mechanism is that the client and the first quantum network node are directly connected in the same cabinet and shielded by a network cable. Such a channel ensures confidentiality, integrity and availability of data during transmission, preventing unauthorized access, tampering or eavesdropping. Meanwhile, the client loads a key pair of a post quantum cryptography algorithm of the server side in an offline import mode, the key pair comprises an encryption key pair and a signature key pair, or a certificate of the post quantum cryptography algorithm of the client side issued by a certificate system comprises an encryption certificate and a signature certificate, and the transmission of the key or the certificate cannot pass through the Internet or other network paths which are possibly monitored or attacked in an offline import mode, so that the safety of the transmission process is ensured. Therefore, the client accesses the first quantum network node through the trusted channel and loads the security certificate in an offline import mode, so that confidentiality of network equipment data is ensured, and the risk of data leakage is reduced.
Referring to fig. 5, in some embodiments, step 011 (acquiring the first quantum key and quantum key identifier from a first network node accessing the first network device) includes:
0111: filling a plurality of keys into a cryptographic module of the first network device by using the service node;
0112: sending a quantum key application to a service node, wherein the quantum key application is protected by a protection key, and the protection key is one randomly used from a plurality of keys filled to a password module;
0113: receiving a quantum key encryption result obtained by the service node through encryption processing of a first quantum key and a quantum key identifier according to a protection key, wherein the first quantum key is generated by a first network node connected with the service node and distributed to the service node, and the quantum key identifier is obtained by the first network node through identification of the first quantum key according to an identification code of the first network node;
0114: and decrypting the quantum key encryption result to obtain a first quantum key and a quantum key identifier.
In some embodiments, the charging module is configured to charge the cryptographic module of the first network device with the plurality of keys using the service node. The sending module is used for sending the quantum key application to the service node. The receiving module is used for receiving a quantum key encryption result obtained by the service node through encryption processing of the first quantum key and the quantum key identifier according to the protection key. The decryption module is used for decrypting the quantum key encryption result to obtain a first quantum key and a quantum key identifier.
In some embodiments, the processor is further configured to charge the cryptographic module of the first network device with a plurality of keys using the service node, and to send a quantum key application to the service node. The processor is further used for receiving a quantum key encryption result obtained by the service node through encryption processing of the first quantum key and the quantum key identifier according to the protection key, and decrypting the quantum key encryption result to obtain the first quantum key and the quantum key identifier.
In particular, the first network device charges a cryptographic module of the first network device with a plurality of keys using the service node. Next, the first network device sends a quantum key application to the service node, the quantum key application being protected by a protection key, the protection key being one randomly used from a plurality of keys charged to the cryptographic module. Then, the first network device receives a quantum key encryption result obtained by the service node encrypting the first quantum key and a quantum key identifier according to the protection key, the first quantum key is generated by the first network node accessing the service node and distributed to the service node, and the quantum key identifier is obtained by the first network node identifying the first quantum key according to the identification code of the first network node. And finally, the first network device decrypts the quantum key encryption result to obtain a first quantum key and a quantum key identifier.
Continuing the above example, please refer again to fig. 3, the client uses the cryptographic service node to perform pre-key charging for the client's personal cryptographic module, including but not limited to smart cryptographic key (HSM), virtual Security Module (VSM), with a total of 1 mbit of 128-bit keys. Then, the client sends a quantum key application to the password service node, and uses one key in the intelligent password key as a protection key randomly. The client hashes the key ID and the application content using SM3 algorithm and the protection key (Hash-based Message Authentication Code, HMAC). Thereafter, the cryptographic service node also hashes the key ID and the application content by using the SM3 algorithm and the protection key to verify the integrity and authenticity of the data, HMAC is a method of providing data integrity and source authentication using a hash function and the key.
After the quantum key application succeeds, the client receives a quantum key encryption result obtained by encrypting the first quantum key QK_UUID-1 and the quantum key identifier UUID_QK according to the protection key, the first quantum key QK_UUID-1 is generated by a first quantum network node accessing the password service node and distributed to the password service node, and the quantum key identifier UUID_QK is obtained by the first quantum network node by carrying out identification processing on the first quantum key according to a unique identifier which is common to the first quantum network node. And the client decrypts the quantum key encryption result according to the protection key to obtain a first quantum key QK_UUID-1 and a quantum key identifier UUID_QK.
In this way, the client obtains the first quantum key QK_UUID-1 and the quantum key identifier UUID_QK, and can be used for subsequently generating a key with stronger quantum computing attack resistance.
Referring to fig. 6, in some embodiments, step 013 (performing post-quantum cryptography encryption processing on the quantum key identifier according to the hash key and the initial session key, and transmitting a first encryption result obtained by the post-quantum cryptography encryption processing to the second network device) includes:
0131: performing splicing processing on the quantum key identifier and the first random number generated randomly to obtain a first session message;
0132: encrypting the first session message according to the initial session key to obtain a first encrypted message;
0133: performing post quantum cryptography derivation processing on the first encrypted message to generate a first anti-quantum key;
0134: performing post quantum cryptography encryption packaging processing on the first encryption message to generate a first packaging message in a first encryption result;
0135: splicing the quantum key identifier and the hash key to obtain a first verification message;
0136: performing post quantum cryptography signature processing on the first verification message to generate a first signature message in a first encryption result;
0137: and sending the first encryption result to the second network equipment.
In some embodiments, the concatenation module is configured to perform a concatenation process on the quantum key identifier and the randomly generated first random number to obtain the first session message. The encryption module is used for encrypting the first session message according to the initial session key to obtain a first encrypted message. The deriving module is used for performing post quantum cryptography derivation processing on the first encrypted message and generating a first anti-quantum key. The encryption packaging module is used for carrying out post quantum cryptography encryption packaging processing on the first encryption information to generate a first packaging information in the first encryption result. The splicing module is also used for carrying out splicing processing on the quantum key identifier and the hash key to obtain a first verification message. The signature module is used for carrying out post quantum cryptography signature processing on the first verification message and generating a first signature message in the first encryption result. The sending module is used for sending the first encryption result to the second network equipment.
In some embodiments, the processor is further configured to splice the quantum key identifier and the first random number generated randomly to obtain a first session message, encrypt the first session message according to the initial session key to obtain a first encrypted message, and perform post quantum cryptography derivation processing on the first encrypted message to generate the first anti-quantum key. The processor is further configured to perform post quantum cryptography encryption encapsulation processing on the first encrypted message, and generate a first encapsulated message in the first encryption result. The processor is further used for performing splicing processing on the quantum key identifier and the hash key to obtain a first verification message. The processor is further configured to perform post quantum cryptographic signing on the first verification message, generate a first signed message in the first encryption result, and send the first encryption result to the second network device.
Specifically, the first network device performs a concatenation process on the quantum key identifier and the first random number generated randomly to obtain a first session message. Then, the first network device encrypts the first session message according to the initial session key to obtain a first encrypted message. Then, the first network device performs post quantum cryptography derivation processing on the first encrypted message to generate a first anti-quantum key. And carrying out post quantum cryptography encryption packaging processing on the first encrypted message to generate a first packaged message in the first encryption result. And then, the first network device performs splicing processing on the quantum key identifier and the hash key to obtain a first verification message. And performing post quantum cryptography signature processing on the obtained first verification message to generate a first signature message in the first encryption result. Finally, the first network device sends the first encryption result to the second network device.
Continuing with the example above, the first encryption result is an ssh_msg_ KEXPQCQKD _init message. Referring back to fig. 3, when provided with the post quantum cryptography certificate, the client places the client PQC signature certificate and the PQC encryption certificate in the CERTIFICATES _client message of the ssh_msg_ KEXPQCQKD _init message. When the post quantum cryptography certificate is not provided, the client and the server can mutually import the PQC signature public key or the PQC encryption public key of the other party in an offline mode. The ssh_msg_ KEXPQCQKD _init message sent by the client contains the following contents:
byte SSH_MSG_KEXPQCQKD_INIT
string certificates_client
string encap_c
string sign_c
The client randomly generates a 128-bit random number R1 and a quantum key identifier UUID_QK (128 bits) to splice to obtain a first session message h1, wherein the splicing mode is (UUID_QK|R1). Next, the client encrypts h1 using the initial session key Y1 generated by the client as a key and an AES symmetric encryption algorithm to obtain a first encrypted message m1 (m1=aes_enc (h 1, Y1)). And then the client uses the first encrypted message m1 as the encrypted message in the PQC key encapsulation algorithm, and operates the G function of the PQC algorithm on the m1 to obtain a first anti-quantum key K1. And performing PQC encryption encapsulation on the m1 to obtain a first encapsulation message f1, wherein the encapsulation information is taken as encap _c content.
And the client performs splicing processing on the quantum key identifier UUID_QK and the hash key H to obtain a first verification message, wherein the splicing mode is UUID_QK|H. And the client side then takes the first verification message as M in the PQC signature algorithm to carry out PQC signature protection to obtain a first signature message M1, and the signature information is taken as sign_c content.
The client sends an ssh_msg_ KEXPQCQKD _init message to the server.
In this way, the client obtains the first anti-quantum key K1 with strong anti-quantum capability, obtains the first signature message M1 and the first encryption message M1 capable of generating the first anti-quantum key, and the first signature message M1 can discover the condition that data is accessed unauthorized in the communication process. And the first signature message M1 and the first encryption message M1 are sent to the server side, so that the server side can generate the first anti-quantum key.
Referring to fig. 7, in some embodiments, step 014 (performing decryption processing on the received second encryption result sent by the second network device to obtain a second decryption result) includes:
0141: receiving a second encryption result sent by the second network device, wherein the second encryption result is obtained by performing post quantum cryptography encryption processing on the first decryption result by the second network device, and the first decryption result is obtained by performing decryption processing on the first encryption result by the second network device;
0142: and carrying out decryption processing on the second encryption result to obtain a second decryption result, wherein the second decryption result comprises the second encryption message and the second signature message.
In some embodiments, the receiving module is configured to receive a second encryption result sent by the second network device, where the second encryption result is obtained by performing post quantum cryptography encryption processing on the first decryption result by the second network device, and the first decryption result is obtained by performing decryption processing on the first encryption result by the second network device. The decryption module is used for decrypting the second encryption result to obtain a second decryption result, wherein the second decryption result comprises a second handshake random number, a fourth handshake message and a second signature message.
In some embodiments, the processor is further configured to receive a second encryption result sent by the second network device, where the second encryption result is obtained by performing post quantum cryptography encryption processing on the first decryption result by the second network device, and the first decryption result is obtained by performing decryption processing on the first encryption result by the second network device. The processor is further configured to decrypt the second encryption result to obtain a second decryption result, where the second decryption result includes a second handshake random number, a fourth handshake message, and a second signature message.
Specifically, the first network device receives a second encryption result sent by the second network device, the second encryption result is obtained by encrypting the first decryption result by the second network device, and the first decryption result is obtained by decrypting the first encryption result by the second network device. Then, the first network device decrypts the second encryption result to obtain a second decryption result, wherein the second decryption result comprises a second handshake random number, a fourth handshake message and a second signature message. In this way, the first network device determines the availability of a channel for communication with the second network device, and obtains the key information of the second network device, and the key information can be combined with the related key information of the first network device to generate a key with high security and strong quantum attack resistance.
Continuing with the example above, the second encryption result is an ssh_msg_ KEXPQCQKD _reply message. Referring to fig. 3 again, after receiving the ssh_msg_ KEXPQCQKD _reply message sent by the server, the client encrypts the ssh_msg_ KEXPQCQKD _reply message according to a first decryption result, where the first decryption result is obtained by the server performing PQC key decapsulation on the ssh_msg_ KEXPQCQKD _init message sent by the client. And performing PQC key decapsulation on the SSH_MSG_ KEXPQCQKD _REPLY message sent by the server to obtain a second encrypted message M2 and a second signed message M2.
In this way, the client determines the availability of the channel used for communication with the server, and obtains the second encrypted message M2 and the second signed message M2 of the server, and the second encrypted message M2 and the second signed message M2 can be used for generating a secret key with high security and strong quantum attack resistance.
Referring to fig. 8, in some embodiments, the method further comprises:
018: obtaining a second anti-quantum key according to the second encrypted message;
019: the second encrypted message and the quantum key identifier are derived from the second encrypted message and the initial session key.
In some embodiments, the deriving module is configured to derive a second anti-quantum key from the second encrypted message, and to derive the second session message and the quantum key identifier from the second encrypted message and the initial session key.
In some embodiments, the processor is further configured to derive a second anti-quantum key from the second encrypted message, and to derive a second session message and a quantum key identifier from the second encrypted message and the initial session key.
Specifically, the first network device obtains a second anti-quantum key according to the second encrypted message. The first network device then obtains a second session message and a quantum key identifier from the second encrypted message and the initial session key. The second anti-quantum key is thus obtained for subsequent key generation to obtain a key with a strong resistance to quantum computing attacks. The first network device also obtains the quantum key identifier for subsequent signing to confirm the accuracy of the quantum key identifier received by the server.
Continuing the above example, please refer to fig. 3 again, the ue decapsulates the received ssh_msg_ KEXPQCQKD _reply message sent by the server to obtain the second encrypted message m2. And the client runs the G function of the PQC algorithm on the second encrypted message m2 to obtain a second anti-quantum key K2. Then, the client obtains a second session message h2 and a quantum key identifier uuid_qk according to the initial session key Y1 and the AES symmetric encryption algorithm.
In this way, the client obtains the second anti-quantum key Y2 for subsequent key generation to obtain a key with strong resistance to quantum computing attacks. The client also obtains the quantum key identifier UUID_QK for subsequent signing verification processing to confirm the accuracy of the quantum key identifier UUID_QK received by the server.
Referring to fig. 9, in some embodiments, the method further comprises:
020: obtaining a second verification message according to the second signature message;
021: and performing post quantum cryptography signing verification processing on the second signed message to confirm the correctness of the second verification message, wherein the second verification message is obtained by splicing the quantum key identifier and the hash key.
In some embodiments, the deriving module is further configured to obtain a second verification message according to the second signature message, and the signature verification module is configured to perform post quantum cryptography signature verification processing on the second signature message to confirm correctness of the second verification message, where the second verification message is obtained by splicing a quantum key identifier and a hash key.
In some embodiments, the processor is further configured to obtain a second verification message according to the second signature message, and perform post quantum cryptography signature verification processing on the second signature message to confirm correctness of the second verification message, where the second verification message is obtained by splicing the quantum key identifier and the hash key.
Specifically, the first network device obtains the second verification message according to the second signature message. And then, the first network equipment performs post quantum cryptography signing verification processing on the second signed message to confirm the correctness of the second verification message, wherein the second verification message is obtained by splicing the quantum key identifier and the hash key. In this way, the correctness of the second verification message is determined by performing post quantum cryptography signing verification processing on the second signature message, the integrity of the second network device related data received by the first network device is ensured, the identity of the second network device is verified, and the safety guarantee is provided for subsequent data transmission.
Continuing the above example, please refer to fig. 3 again, the client obtains the second verification message according to the second signature message M2, and then performs post quantum cryptography signing verification processing on the second signature message M2 to confirm the correctness of the second verification message, that is, confirm that the correct quantum key identifier uuid_qk is received.
Therefore, the client and the server realize safe data exchange and communication, and ensure confidentiality, integrity and source authenticity of the data.
Referring to fig. 10, in some embodiments, the first encryption result includes a first anti-quantum key, and step 015 (the anti-quantum session key is generated according to the initial session key, the first encryption result, the second decryption result, and the first quantum key to encrypt communications between the first network device and the second network device) includes:
0151: generating an initial session key, a first anti-quantum key, a second anti-quantum key and a first quantum key to obtain an anti-quantum session key;
0152: the anti-quantum session key is derived to encrypt communications of the first network device and the second network device.
In some embodiments, the deriving module is further configured to generate the initial session key, the first anti-quantum key, the second anti-quantum key, and the first quantum key to obtain the anti-quantum session key. The encryption module is further configured to derive an anti-quantum session key to encrypt communications between the first network device and the second network device.
In some embodiments, the processor is further configured to generate the initial session key, the first anti-quantum key, the second anti-quantum key, and the first quantum key to obtain an anti-quantum session key, and to derive the anti-quantum session key to encrypt communications between the first network device and the second network device.
Specifically, the first network device generates an initial session key, a first anti-quantum key, a second anti-quantum key and a first quantum key to obtain an anti-quantum session key. Then, the first network device performs a derivation process on the anti-quantum session key, and encrypts communication between the first network device and the second network device using the derived key. The quantum-resistant session key generated by combining the quantum key distribution technology and the post quantum cryptography technology enhances the quantum computing attack resistance of the communication between network devices and protects the data transmitted in the communication process.
Continuing the above example, the ssh_msg_ NEWKEYS message itself does not contain any data to indicate that both parties have completed the key exchange process and are ready to use a new session key and algorithm to encrypt subsequent communications. The initialization vector IV is a random or pseudo-random value that is used in a pattern in an encryption algorithm, such as CBC pattern, to ensure that even multiple encryptions of the same data will produce different ciphertexts. Initializing vector IV prevents replay attacks and ensures randomness of encryption.
Referring to fig. 3 again, the client performs an exclusive-or operation on the initial session key Y1, the first quantum key qk_uuid-1, the first quantum key K1 in the ssh_msg_ KEXPQCQKD _init message, and the second quantum key K2 in the ssh_msg_ KEXPQCQKD _reply message to obtain the quantum-resistant session key Y2 (y2=y1_qk_uuid-1K 1_k2). And then carrying out derivation treatment on the quantum session resistant key Y2 according to a key derivation method in an SSH transport layer protocol defined by RFC4253, and deriving to obtain an initialization vector IV, an encryption key and an integrity key from the client to the server. The client and the server mutually send SSH_MSG_ NEWKEYS messages to carry out SSH user data transmission protection by using the key negotiated in the process.
Referring to fig. 11, an embodiment of the present application provides an anti-quantum security enhancement method of a security shell protocol of a communication network, where the communication network includes a first network device and a second network device, and the method is used for the second network device, and the method includes:
031: information exchange is carried out with the first network equipment, and a hash key and an initial session key are generated according to second information of the second network equipment and first information obtained through the information exchange;
032: receiving a first encryption result obtained by the first network device through performing post-quantum cryptography encryption processing on a quantum key identifier according to the hash key and the initial session key, wherein the quantum key identifier is acquired from an accessed first network node by the first network device;
033: decrypting the first encryption result to obtain a first decryption result;
034: performing post quantum cryptography encryption processing on the first decryption result to obtain a second encryption result, and sending the second encryption result to the first network device;
035: and generating an anti-quantum session key according to the initial session key, the first decryption result, the second encryption result and the second quantum key to encrypt communication between the first network device and the second network device.
The embodiment of the application also provides second network equipment which comprises a memory and a processor. The method of the embodiment of the present application may be implemented by the second network device of the embodiment of the present application. Specifically, the memory stores a computer program, and the processor is configured to exchange information with the first network device, and generate a hash key and an initial session key according to second information of the second network device and first information obtained through information exchange. And receiving a first encryption result of the quantum key identifier after the quantum key identifier is subjected to the post-quantum cryptographic encryption processing by the first network device, wherein the quantum key identifier is acquired from the accessed first network node by the first network device. The processor is further configured to decrypt the first encryption result to obtain a first decryption result. And carrying out post quantum cryptography encryption processing on the first decryption result to obtain a second encryption result, and sending the second encryption result to the first network equipment. And generating an anti-quantum session key according to the initial session key, the first decryption result, the second encryption result and the second quantum key to encrypt communication between the first network device and the second network device.
The embodiment of the application also provides a second network equipment security enhancement device. The method of the embodiment of the application can be realized by the second network equipment security enhancement device of the embodiment of the application. Specifically, the second network device security enhancement device includes a switching module, a receiving module, a decrypting module, an encrypting module and a deriving module. The exchange module is used for exchanging information with the first network equipment and generating a hash key and an initial session key according to second information of the second network equipment and the first information obtained through information exchange. The receiving module is used for receiving a first encryption result of the quantum key identifier after the quantum key identifier is subjected to the quantum cipher encryption processing by the first network device, and the quantum key identifier is acquired from the accessed first network node by the first network device. The decryption module is used for decrypting the first encryption result to obtain a first decryption result. The encryption module is used for carrying out post quantum cryptography encryption processing on the first decryption result to obtain a second encryption result, and sending the second encryption result to the first network equipment. The deriving module is used for generating an anti-quantum session key according to the initial session key, the first decryption result, the second encryption result and the second quantum key to encrypt communication between the first network device and the second network device.
The present application provides a secure shell protocol based communication system comprising the second network device of the above embodiments, a first network device and a quantum key distribution network configured to distribute quantum keys to the first network device or the second network device.
Specifically, the quantum security enhancement method of the present embodiment is substantially the same as the quantum security enhancement method of the foregoing embodiment using the first network device as the execution object, and specific reference may be made to the explanation of the corresponding portion, where the difference is that the present embodiment uses the second network device as the execution object, which is not described herein again.
In summary, in the anti-quantum security enhancement method, the communication system, the first network device and the second network device for the secure shell protocol of the communication network according to the embodiments of the present application, for the communication process of the first network device and the second network device, the first network device and the second network device apply for obtaining the quantum key, and encrypt the quantum key by using the post quantum cryptographic algorithm to generate the anti-quantum key capable of resisting the quantum computing attack, where the post quantum cryptographic algorithm is a series of encryption algorithms aimed at resisting the quantum computing attack. And the first network device and the second network device generate an initial session key through key exchange, and then the initial session key, the anti-quantum key and the quantum key are used for communication between the first network device and the second network device in a fusion way. In this way, the quantum computing attack resistance of the network communication between the first network device and the second network device is enhanced.
Referring to fig. 12, in some embodiments, the first encryption result includes a first encapsulated message, and the method further includes:
036: obtaining a first encrypted message according to the first encapsulated message;
037: the first session message and the quantum key identifier are obtained from the first encrypted message and the initial session key.
In some embodiments, the deriving module is configured to obtain the first encrypted message from the first encapsulated message, and the processing module is configured to obtain the first session message and the quantum key identifier from the first encrypted message and the initial session key.
In some embodiments, the processor is further configured to obtain a first encrypted message from the first encapsulated message, and obtain the first session message and the quantum key identifier from the first encrypted message and the initial session key.
Specifically, the second network device obtains a first encrypted message according to the first encapsulated message. The second network device then obtains the first session message and the quantum key identifier from the first encrypted message and the initial session key. This results in a quantum key identifier from which the second network device can apply for the second quantum key.
Continuing the above example, please refer to fig. 3 again, the server performs PQC decapsulation on the first encapsulated message f1 to obtain a first encrypted message m1, and then obtains a quantum key identifier uuid_qk according to the first encrypted message m1 and the initial session key Y1.
In this way, the server obtains the quantum key identifier uuid_qk in such a way that the quantum key identifier uuid_qk can be used to apply for the quantum key.
Referring to fig. 13, in some embodiments, the first encryption result comprises a first signed message, the first decryption result comprises a quantum key identifier, the method further comprising:
038: obtaining a first verification message according to the first signature message;
039: performing post quantum cryptography signing verification processing on the first signed message to confirm the correctness of the first verification message, wherein the first verification message is obtained by splicing a quantum key identifier and a hash key;
and acquiring a second quantum key from a second network node accessed to the second network device according to the quantum key identifier under the condition that the acquired quantum key identifier is correct.
In some embodiments, the processing module is further configured to obtain a first verification message according to the first signature message, and the signature verification module is configured to perform post quantum cryptography signature verification processing on the first signature message to confirm correctness of the first verification message, where the first verification message is obtained by performing concatenation processing on a quantum key identifier and a hash key. The acquisition module is used for acquiring a second quantum key from a second network node accessed to the second network device according to the quantum key identifier under the condition that the acquired quantum key identifier is correct.
In some embodiments, the processor is further configured to obtain a first verification message according to the first signature message, perform post quantum cryptography signing processing on the first signature message to confirm correctness of the first verification message, where the first verification message is obtained by performing stitching processing on a quantum key identifier, a first handshake random number, and a signature parameter corresponding to a public key exchange algorithm used by the network device, and obtain a second quantum key from a service node accessing the second network device if the obtained quantum key identifier is correct, where the second quantum key is distributed to the service node by the second network node.
Specifically, the second network device obtains the first verification message according to the first signature message. And then, the second network equipment performs post quantum cryptography signing verification processing on the first signed message to confirm the correctness of the first verification message, wherein the first verification message is obtained by splicing the quantum key identifier and the hash key. And under the condition that the obtained quantum key identifier is correct, the second network device acquires the second quantum key from a second network node accessed to the second network device according to the quantum key identifier. Therefore, the quantum key is applied through the quantum key identifier, so that the second quantum key obtained through application is matched with the first quantum key of the first network device, and the second quantum key can be used for generating a key with high safety and good quantum computing attack resistance.
Continuing the above example, please refer to fig. 3 again, the server obtains the first verification message according to the first signature message M1. Then, the client performs post quantum cryptography signing verification processing on the first signature message M1, and confirms that the correct first verification message is received, that is, confirms that the correct quantum key identifier uuid_qk is received. When the received first verification message is correct, namely the received quantum key identifier UUID_QK is correct, the server applies for obtaining a second quantum key QK_UUID-2 from a second quantum network node accessed to the server through the quantum key identifier UUID_QK.
In this way, it is ensured that the second quantum key qk_uuid-2 obtained matches the first quantum key qk_uuid-1 of the client, which is used to generate a key with higher security.
Referring to fig. 14, in some embodiments, step 034 (performing post quantum cryptography encryption processing on the first decryption result to obtain a second encryption result, and transmitting the second encryption result to the first network device) includes:
0341: splicing the quantum key identifier and the second random number generated randomly to obtain a second session message;
0342: encrypting the second session message according to the initial session key to obtain a second encrypted message;
0343: performing post quantum cryptography derivation processing on the second encrypted message to generate a second anti-quantum key;
0344: performing post quantum cryptography encryption packaging processing on the second encrypted message to generate a second packaged message in a second encryption result;
0345: splicing the quantum key identifier and the hash key to obtain a second verification message;
0346: performing post quantum cryptography signature processing on the second verification message to generate a second signature message in a second encryption result;
0347: and sending the second encryption result to the first network equipment.
In some embodiments, the concatenation module is configured to perform a concatenation process on the quantum key identifier and the randomly generated second random number to obtain the second session message. The encryption module is used for encrypting the second session message according to the initial session key to obtain a second encrypted message. The deriving module is used for performing post quantum cryptography derivation processing on the second encrypted message to generate a second anti-quantum key. The encryption module is used for carrying out post quantum cryptography encryption packaging processing on the second encryption information to generate a second packaging information in a second encryption result. The splicing module is also used for carrying out splicing processing on the quantum key identifier and the hash key to obtain a second verification message. The signature module is used for carrying out post quantum cryptography signature processing on the second verification message and generating a second signature message in a second encryption result. The sending module is used for sending the second encryption result to the first network equipment.
In some embodiments, the processor is further configured to splice the quantum key identifier and the randomly generated second random number to obtain a second session message, encrypt the second session message according to the initial session key to obtain a second encrypted message, and perform post quantum cryptography derivation processing on the second encrypted message to generate a second anti-quantum key. The processor is further configured to perform post quantum cryptography encryption packaging processing on the second encrypted message, generate a second packaged message in a second encrypted result, perform concatenation processing on the quantum key identifier and the hash key to obtain a second verification message, perform post quantum cryptography signing processing on the second verification message, generate a second signed message in the second encrypted result, and send the second encrypted result to the first network device.
Specifically, the second network device performs a concatenation process on the quantum key identifier and the second random number generated randomly to obtain a second session message. And then, the second network equipment encrypts the second session message according to the initial session key to obtain a second encrypted message. And then, the second network equipment carries out post quantum cryptography derivation processing on the second encrypted message to generate a second anti-quantum key. And carrying out post quantum cryptography encryption packaging processing on the second encryption information to generate a second packaging information in a second encryption result. And the second network equipment performs splicing processing on the quantum key identifier and the hash key to obtain a second verification message. And then, the second network device performs post quantum cryptography signature processing on the second verification message to generate a second signature message in a second encryption result. Finally, the second network device sends the second encryption result to the first network device. In this way, the second network device obtains the second anti-quantum key with stronger anti-quantum capability, obtains the second signature message and the second encryption message capable of generating the second anti-quantum key, and the second signature message can discover the condition that the data is accessed unauthorized in the communication process. And transmitting the second signed message and the second encrypted message to the first network device, enabling the first network device to generate a second anti-quantum key.
Continuing with the example above, the second encryption result is an ssh_msg_ KEXPQCQKD _reply message. Referring to fig. 3 again, when the post quantum cryptography certificate is provided, the server side places the client PQC signature certificate and the PQC encryption certificate in the CERTIFICATES _server message of the ssh_msg_ KEXPQCQKD _reply message. When the post quantum cryptography certificate is not provided, the client and the server can mutually import the PQC signature public key or the PQC encryption public key of the other party in an offline mode. The content of the ssh_msg_ KEXPQCQKD _reply message sent by the server is as follows:
byte SSH_MSG_KEXPQCQKD_REPLY
string certificates_server
string encap_s
string sign_s
the server randomly generates a 128-bit random number R2 and a quantum key identifier UUID_QK (128 bits) to splice to obtain a second session message h2, wherein the splicing mode is (UUID_QK|R2). Next, the server encrypts h2 using the initial session key Y1 generated by the server as a key and an AES symmetric encryption algorithm to obtain a second encrypted message m2 (m2=aes_enc (h 2, Y1)). And then the server takes the first encrypted message m2 as the encrypted message in the PQC key encapsulation algorithm, and operates the G function of the PQC algorithm on the m2 to obtain a second anti-quantum key K2. And performing PQC encryption encapsulation on the m2 to obtain a second encapsulation message f2, wherein the encapsulation information is taken as encap _s content.
And the server performs splicing processing on the quantum key identifier UUID_QK and the hash key H to obtain a second verification message, wherein the splicing mode is UUID_QK|H. And the client side then takes the second verification message as M in the PQC signature algorithm to carry out PQC signature protection to obtain a second signature message M2, and the signature information is taken as sign_s content.
The server sends an ssh_msg_ KEXPQCQKD _reply message to the client.
In this way, the server obtains the second anti-quantum key K2 with stronger anti-quantum capability, and obtains the second signature message M2 and the second encryption message M2 capable of generating the second anti-quantum key, and the second signature message M2 can discover the condition that data is accessed unauthorized in the communication process. And sends the second signed message M2 and the second encrypted message M2 to the client, enabling the client to generate the second anti-quantum key.
Referring to fig. 15, in some embodiments, the first decryption result includes a first encrypted message, step 035 (generating an anti-quantum session key from the initial session key, the first decryption result, the second encryption result, and the second quantum key to encrypt communications between the first network device and the second network device) includes:
0351: obtaining a first anti-quantum key according to the first encrypted message;
0352: generating an initial session key, a first anti-quantum key, a second anti-quantum key and a second quantum key to obtain an anti-quantum session key;
0353: the anti-quantum session key is derived to encrypt communications of the first network device and the second network device.
In some embodiments, the deriving module is further configured to obtain a first anti-quantum key according to the first encrypted message, and the processing module is further configured to generate the initial session key, the first anti-quantum key, the second anti-quantum key, and the second quantum key to obtain the anti-quantum session key. The derivation module is further configured to derive an anti-quantum session key to encrypt communications between the first network device and the second network device.
In some embodiments, the processor is further configured to derive a first anti-quantum key from the first encrypted message, and generate the initial session key, the first anti-quantum key, the second anti-quantum key, and the second quantum key to obtain the anti-quantum session key. The processor is further configured to derive an anti-quantum session key to encrypt communications of the first network device and the second network device.
Specifically, the second network device obtains a first anti-quantum key according to the first encrypted message. And then, the second network equipment generates the initial session key, the first anti-quantum key, the second anti-quantum key and the second quantum key to obtain the anti-quantum session key. Finally, the second network device derives the anti-quantum session key to encrypt communications between the first network device and the second network device. The quantum-resistant session key generated by combining the quantum key distribution technology and the post quantum cryptography technology enhances the quantum computing attack resistance of the communication between network devices and protects the data transmitted in the communication process.
Continuing the above example, please refer to fig. 3 again, the server obtains the first anti-quantum key K1 according to the first encrypted message m 1. Then, the client performs exclusive-or operation on the initial session key Y1, the first anti-quantum key K1 in the ssh_msg_ KEXPQCQKD _init message, the second anti-quantum key qk_uuid-2 in the ssh_msg_ KEXPQCQKD _reply message, and the second anti-quantum key K2 in the ssh_msg_ KEXPQCQKD _reply message to obtain an anti-quantum session key Y2 (y2=y1_qk_uuid-2K 1_k2). And then carrying out derivation treatment on the quantum session resistant key Y2 according to a key derivation method in an SSH transport layer protocol defined by RFC4253, and deriving to obtain an initialization vector IV, an encryption key and an integrity key from a server side to a client side. The client and the server mutually send SSH_MSG_ NEWKEYS messages to carry out SSH user data transmission protection by using the key negotiated in the process.
The present application also provides a computer-readable storage medium containing a computer program. The computer programs, when executed by one or more processors, cause the one or more processors to perform the voice interaction method of the present application.
It is understood that the computer program comprises computer program code. The computer program code may be in the form of source code, object code, executable files, or in some intermediate form, among others. The computer readable storage medium may include: any entity or device capable of carrying computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer Memory, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a software distribution medium, and so forth.
In the description of the present specification, reference to the terms "specifically," "further," "particularly," "understandably," and the like means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present application. In the present specification, schematic representations of the above terms are not intended to refer to the same embodiments or examples. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, the different embodiments or examples described in this specification and the features of the different embodiments or examples may be combined and combined by those skilled in the art without contradiction.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and further implementations are included within the scope of the preferred embodiment of the present application in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present application.
While embodiments of the present application have been shown and described above, it will be understood that the above embodiments are illustrative and not to be construed as limiting the application, and that variations, modifications, alternatives and variations may be made to the above embodiments by one of ordinary skill in the art within the scope of the application.