CN109951513B - Quantum-resistant computing smart home quantum cloud storage method and system based on quantum key card - Google Patents

Quantum-resistant computing smart home quantum cloud storage method and system based on quantum key card Download PDF

Info

Publication number
CN109951513B
CN109951513B CN201910027000.3A CN201910027000A CN109951513B CN 109951513 B CN109951513 B CN 109951513B CN 201910027000 A CN201910027000 A CN 201910027000A CN 109951513 B CN109951513 B CN 109951513B
Authority
CN
China
Prior art keywords
key
file
quantum
service station
communication service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910027000.3A
Other languages
Chinese (zh)
Other versions
CN109951513A (en
Inventor
富尧
钟一民
杨羽成
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruban Quantum Technology Co Ltd
Original Assignee
Ruban Quantum Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ruban Quantum Technology Co Ltd filed Critical Ruban Quantum Technology Co Ltd
Priority to CN201910027000.3A priority Critical patent/CN109951513B/en
Publication of CN109951513A publication Critical patent/CN109951513A/en
Application granted granted Critical
Publication of CN109951513B publication Critical patent/CN109951513B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention relates to a quantum-computing-resistant intelligent home quantum cloud storage method and system based on a quantum key card, wherein each intelligent home component, a quantum communication service station and a secure cloud are respectively provided with the quantum key card, a private key, an asymmetric key pool and a public key pointer random number are stored in each quantum key card, a third symmetric key pool is also stored in the quantum key cards of a mobile terminal, a home gateway and the secure cloud, and all the symmetric key pools are also stored in the quantum key cards of the quantum communication service station at the same time; when the intelligent home component is communicated with the secure cloud to access a file, the file is signed and verified by using quantum key cards of both sides and adopting an asymmetric algorithm; and when the files are forwarded between the intelligent home component and the quantum communication service station and between the quantum communication service station and the security cloud, keys are generated by using corresponding symmetric key pools, and encrypted communication is performed by adopting a symmetric algorithm.

Description

Quantum-resistant computing smart home quantum cloud storage method and system based on quantum key card
Technical Field
The invention relates to the technical field of intelligent home equipment, in particular to a quantum-resistant computing intelligent home communication method based on a quantum key card.
Background
With the continuous development of information technology and social economy, the living standard of people is continuously improved, the living pace is gradually accelerated, and residents can conveniently and quickly enjoy intelligent, comfortable, efficient and safe home life through terminals such as mobile phones. With the gradual increase of household intelligent devices, people put higher requirements on the intelligent operation of the household devices. In a general intelligent home device communication method, asymmetric key encryption is used for ensuring data security, different keys are used for encryption and decryption in asymmetric key encryption, one key is published publicly, namely a public key, and the other key is kept secretly by a user, namely a private key. The information sender uses the public key to decrypt, and the information receiver uses the private key to decrypt; or the sender of the information is decrypted with the private key and the receiver of the information is decrypted with the public key.
At present, traditional communication encryption and transmission security both rely on complex mathematical algorithms. That is, because the computing power of the computer is limited at present, the result cannot be calculated in the time period of the demand, so that the present digital cryptosystem is safe. But this state of security has become increasingly compromised by quantum computers. For example, for asymmetric key algorithms in classical cryptography, there is a dedicated quantum computer algorithm (shor algorithm, etc.) for cracking. In the presence of quantum computers with high computing power, even higher-level secure communication is likely to be deciphered and intercepted by the current communication means. Therefore, it is an urgent need to establish a practically usable whole set of quantum communication network schemes.
As most people know, quantum computers have great potential in password cracking. The asymmetric (public key) encryption algorithms, such as the RSA encryption algorithm, which are mainstream today, are mostly based on two mathematical challenges, namely factorization of large integers or computation of discrete logarithms over a finite field. Their difficulty in breaking is also dependent on the efficiency with which these problems are solved. On a traditional computer, the two mathematical problems are required to be solved, and the time is taken to be exponential (namely, the cracking time increases in exponential order along with the increase of the length of the public key), which is not acceptable in practical application. The xiuer algorithm tailored for quantum computers can perform integer factorization or discrete logarithm calculation within polynomial time (i.e. the cracking time increases at the speed of k power along with the increase of the length of a public key, wherein k is a constant irrelevant to the length of the public key), thereby providing possibility for the cracking of RSA and discrete logarithm encryption algorithms.
The problems existing in the prior art are as follows:
(1) in the prior art, the home gateway has no reliable protection measures. The home gateway is a central network element of an intelligent home, has Internet surfing capability and is likely to be infected with viruses Trojan horse so as to steal information; or is attacked to cause paralysis, resulting in paralysis of the entire smart-home solution.
(2) In the prior art, a mobile terminal key is stored in a mobile terminal memory, and can be stolen by malicious software or malicious operations when exposed to the threat of a virus trojan of a mobile terminal.
(3) Because the quantum computer can quickly obtain the corresponding private key through the public key, the existing intelligent home communication method established on the basis of the public and private keys is easy to crack by the quantum computer.
(4) In the prior art, the input and the output of a digital signature based on a public key and a private key can be known by an adversary, and the private key can be deduced under the condition that a quantum computer exists, so that an intelligent home communication system established on the basis of the public key and the private key is cracked by the quantum computer.
(5) In the prior art, if the files stored on the cloud are not subjected to digital signature, the anti-repudiation effect is not achieved, and if illegal files appear, the sources are difficult to trace. Even if a digital signature is used, there is an illegal signature due to the theft of the private key.
(6) In the prior art, a security problem may be caused by the use of a cloud by an unauthorized user.
(7) If the cloud storage key is not protected by hardware, the cloud storage key is not safe enough.
(8) Uploading cloud storage generally uses an SSL protocol of a public key system to negotiate a session key, and the process can be cracked by a quantum computer.
Disclosure of Invention
The invention provides a quantum-computing-resistant intelligent home quantum cloud storage method based on a quantum key card, which comprises the steps that an intelligent home component accesses a file to a secure cloud through a quantum communication service station, wherein the intelligent home component comprises a home gateway and a mobile terminal, each intelligent home component, the quantum communication service station and the secure cloud are respectively provided with the quantum key card, each quantum key card stores a private key, an asymmetric key pool and a public key pointer random number, the asymmetric key pool stores public keys of all parties, and the public key pointer random number can be combined with the asymmetric key pool to obtain a public key corresponding to any private key;
a first symmetric key pool is further stored in the quantum key card of the mobile terminal, a second symmetric key pool is further stored in the quantum key card of the home gateway, a third symmetric key pool is further stored in the quantum key card of the secure cloud, and all the symmetric key pools are further stored in the quantum key card of the quantum communication service station at the same time;
when the intelligent home component is communicated with the secure cloud to access a file, the file is signed and verified by using quantum key cards of both sides and adopting an asymmetric algorithm;
and when the files are forwarded between the intelligent home component and the quantum communication service station and between the quantum communication service station and the security cloud, keys are generated by using corresponding symmetric key pools, and encrypted communication is performed by adopting a symmetric algorithm.
Optionally, when the smart home component stores the file to the secure cloud communication, the smart home component includes:
signing the file by using a private key to obtain a file signature;
generating a true random number RMAnd using true random number RMExtracting a secret key K from a pool of symmetric keysM
Using a secret key KMEncrypting the file and the file signature to obtain a file ciphertext, and then combining the file ciphertext with the true random number RMAnd sending to the quantum communication service station.
Optionally, the smart home component and the security cloud directly communicate with the same quantum communication service station, where the quantum communication service station includes:
receiving a file ciphertext and a true random number R from the smart home componentM
Using true random numbers RMExtracting a secret key K from a pool of symmetric secret keys corresponding to smart home componentsM
Using a secret key KMDecrypting the file ciphertext to obtain a file and a file signature;
signing the decrypted file and the file signature again by using a private key to obtain a secondary signature;
generating a key Kss extracted from the third symmetric key pool by using the true random number Rss;
and encrypting the file, the file signature and the secondary signature by using a key Kss to obtain a file ciphertext, and then sending the file ciphertext and the true random number Rss to the secure cloud.
Optionally, the smart home component and the quantum communication service station QMThe security cloud is in direct communication with the quantum communication service station Qss; at the quantum communication service station QMThe method comprises the following steps:
receiving a file ciphertext and a true random number R from the smart home componentM
Using true random numbers RMExtracting a secret key K from a pool of symmetric secret keys corresponding to smart home componentsM
Using a secret key KMDecrypting the file ciphertext to obtain a file and a file signature;
for the true random number RMAnd the file signature carry out the way of signature among stations and encryption among stations until the file and the file signature are sent to the quantum communication service station Qss;
the quantum communication service station Qss comprises:
obtaining a file and a file signature by adopting an inter-station verification and inter-station decryption mode;
signing the decrypted file and the file signature again by using a private key to obtain a secondary signature;
generating a key Kss extracted from the third symmetric key pool by using the true random number Rss;
and encrypting the file, the file signature and the secondary signature by using a key Kss to obtain a file ciphertext, and then sending the file ciphertext and the true random number Rss to the secure cloud.
Optionally, the secure cloud includes:
receiving a file ciphertext and a true random number Rss from a quantum communication service station in direct communication with a secure cloud;
extracting a key Kss from the third symmetric key pool by using the true random number Rss;
decrypting the file ciphertext by using the key Kss to obtain the file, the file signature and the secondary signature;
obtaining a public key of the quantum communication service station by combining a public key pointer random number of the quantum communication service station which is in direct communication with the secure cloud with the asymmetric key pool;
verifying the secondary signature by using a public key of the quantum communication service station;
obtaining a public key of the intelligent home component by combining a public key pointer random number corresponding to the intelligent home component with the asymmetric key pool;
verifying the file signature by using the public key of the intelligent home component;
and after the verification is passed, encrypting and storing.
Optionally, the smart home component further includes a home device, and the home device accesses a file to a secure cloud via the home gateway; the sending of the file to the home gateway by the home device includes:
signing the file;
generating a secret key K in a true random number form by using a quantum key card;
encrypting the file and the file signature by using the key K to obtain a ciphertext, and encrypting the key K by using a public key of the home gateway;
sending the encrypted key K and the encrypted ciphertext to the home gateway;
and after decryption and verification, the home gateway sends the obtained file to the security cloud.
Optionally, when the smart home component downloads a file from a secure cloud, the method includes:
sending a download request to the secure cloud via the quantum communication service station;
the security cloud corresponds to the downloading request and extracts a corresponding file;
signing and encrypting the file and then sending the file to a quantum communication service station;
the quantum communication service station decrypts the file and the file signature, carries out secondary signature on the file and the file signature, encrypts the file and sends the encrypted file and the encrypted file to the intelligent home component;
the smart home component decrypts and validates accordingly.
Optionally, each party also sends a corresponding identity when communicating, and the receiving party can obtain a public key pointer random number corresponding to the identity in the quantum key fob as needed by using the identity.
Optionally, a legal user list is stored in the security cloud, and the security cloud verifies the identity of the other party according to the identity identifier.
The invention also provides a quantum-key-card-based quantum-computation-resistant intelligent home quantum cloud storage system, which comprises an intelligent home component for accessing files to a secure cloud through a quantum communication service station, wherein the intelligent home component comprises a home gateway and a mobile terminal, each intelligent home component, the quantum communication service station and the secure cloud are respectively provided with a quantum key card, each quantum key card stores a private key, an asymmetric key pool and a public key pointer random number, the asymmetric key pool stores public keys of all parties, and the public key pointer random number can be combined with the asymmetric key pool to obtain a public key corresponding to any private key of any party;
a first symmetric key pool is further stored in the quantum key card of the mobile terminal, a second symmetric key pool is further stored in the quantum key card of the home gateway, a third symmetric key pool is further stored in the quantum key card of the secure cloud, and all the symmetric key pools are further stored in the quantum key card of the quantum communication service station at the same time;
when the intelligent home component is communicated with the secure cloud to access a file, the file is signed and verified by using quantum key cards of both sides and adopting an asymmetric algorithm;
and when the files are forwarded between the intelligent home component and the quantum communication service station and between the quantum communication service station and the security cloud, keys are generated by using corresponding symmetric key pools, and encrypted communication is performed by adopting a symmetric algorithm.
The quantum key card is an identity authentication, encryption and decryption product combining a cryptography technology, a hardware security isolation technology and a quantum physics technology (under the condition of carrying a quantum random number generator). The embedded chip and operating system of the quantum key fob may provide secure storage of keys and cryptographic algorithms, among other functions. Due to its independent data processing capabilities and good security, quantum key fobs become a secure carrier for private keys and key pools. Each quantum key card can be protected by a hardware PIN code, the PIN code and the hardware form two necessary factors for a user to use the quantum key card, namely, the two-factor authentication, and the user can log in the system only by simultaneously obtaining the quantum key card and the user PIN code which store relevant authentication information. Even if the PIN code of the user is leaked, the identity of the legal user cannot be counterfeited as long as the quantum key card held by the user is not stolen; if the user's quantum key card is lost, the finder cannot imitate the identity of the legitimate user because the finder does not know the user PIN code. In short, the quantum key fob prevents confidential information such as keys from appearing in the form of plaintext in the disk and memory of the host, thereby effectively ensuring the security of the confidential information.
The mobile terminal and the home gateway in the intelligent family member are both provided with a quantum key fob, and the quantum communication service station and the security cloud are also provided with the quantum key fob, and the quantum key fob is used for storing keys. Quantum key fobs are stand-alone hardware devices and the likelihood of stealing keys by malware or malicious operations is greatly reduced. Meanwhile, each intelligent family member extracts the public key of the required intelligent family member by utilizing the public anti-quantum computation public key to be combined with the asymmetric key pool, and the public key of the intelligent family member is stored in the quantum key card, so that the quantum computer is ensured not to obtain the user public key and further not to obtain the corresponding private key, and the risk of cracking by the quantum computer is reduced. In addition, a digital signature is added to each file uploaded to the secure cloud, and the digital signature based on the public and private keys is further encrypted by the random number key to form an encrypted digital signature. Even in the presence of quantum computers, it is difficult to derive the private key. Therefore, the scheme is not easy to crack by a quantum computer. The digital signature is added to each message, so that the real source of each message can be clarified, and the safety of the intelligent home system is improved. And a legal user list is stored in the security cloud, so that the use of the security cloud by illegal users can be prevented.
Drawings
Fig. 1 is a diagram of an intelligent home networking provided by an embodiment of the present invention;
FIG. 2 is a schematic diagram of a quantum key fob key zone;
part (a) of the figure illustrates the structure of a home gateway quantum key fob;
part (b) of the figure illustrates the structure of a quantum key fob for a home device;
part (c) of the figure illustrates the structure of a quantum key fob of a quantum communication service station.
Fig. 3 is a flowchart of a public key storage method according to an embodiment of the present invention;
fig. 4 is a flowchart of a public key reading method according to an embodiment of the present invention;
FIG. 5 is a flow chart of key generation according to an embodiment of the present invention;
FIG. 6 is a block diagram of messages between a mobile terminal and a quantum communication service station;
fig. 7 is a message structure diagram of a request transmitted from a home device to a home gateway;
fig. 8 is a diagram illustrating a message structure transmitted from a home gateway to a home device.
Detailed Description
Quantum communication technology is an emerging secure communication technology established based on quantum physics. The quantum communication technology of China has already entered the stage of practicability, and its application prospect and strategic significance have also drawn extensive attention to the development of the industry by local governments and important industries. In addition to establishing quantum communication trunks, some large-scale metropolitan quantum communication networks have also been successfully built and operated. Based on the metropolitan area quantum communication network, the quantum communication technology also has primary application, and high-security video voice communication and other applications can be realized. Quantum communication networks such as quantum communication trunk and quantum communication metropolitan area networks constitute a quantum communication network, and the essence of the quantum communication network is Quantum Key Distribution (QKD). Quantum communication networks built on QKD technology can therefore be referred to as QKD networks.
Although quantum metropolitan area networks have now allowed users to access and enjoy the high security features of quantum networks, the portion of a user accessing a quantum network is still the soft rib in the entire quantum communication network. On one hand, the key after quantum key distribution safely reaches the user, which is a great problem, and the risk of stealing or tampering exists; on the other hand, the number of users that can be connected to the same quantum key distribution device is limited, and a large number of users cannot be connected simultaneously. Therefore, it is necessary to adopt a quantum communication service station to solve the above problems in the part where the user accesses the quantum network:
(1) the quantum communication service station is used as a role similar to an operator, on one hand, a cooperative relationship is established with the QKD network, and the guarantee of safe connection is realized, so that the quantum key can be safely distributed to the quantum communication service station; on the other hand, the quantum communication service station issues a quantum key card to the user, issues a quantum random number key to the user, and simultaneously stores the key owned by the user, so that the secure communication between the quantum communication service station and the user can be realized.
(2) The quantum communication service station can be set up as a cluster server mode and can be accessed to a large number of users at the same time.
In the intelligent home quantum communication scheme, a mobile terminal and a home gateway are users of a quantum communication service station, and the quantum communication service station issues quantum key cards for the users respectively.
In this embodiment, all members of the smart home have the matched quantum key fob, the issuer of the quantum key fob is the supervisor of the quantum key fob, typically the smart home itself, or a management department of the smart home, such as a community property, and the issuer of the quantum key fob is a member managed by the supervisor of the quantum key fob, typically a family member, a maintainer, and a visitor of the smart home.
The quantum key card is provided with an asymmetric key pool for storing public keys. The asymmetric key pool has public keys of all users adopting a public and private key system, and each public key corresponds to an ID corresponding to the public key one by one. The public key of the home gateway, the home equipment and the mobile terminal is included.
The storage method of the public key is shown in fig. 3, and the specific steps are as follows: a random number rk of the public key pointer (i.e. a storage location parameter of the public key) is randomly taken for a certain user, and a public key pointer rkp is obtained by combining with a specific public key pointer function frkp and is stored into the public key krk of the user from a corresponding location in the corresponding asymmetric key pool. The key reading mode is as shown in fig. 4, and is the same as the key storing mode. And publishing a public key pointer random number rk as a quantum computation resistant public key.
As shown in fig. 1, the home gateway (S) has a routing function and is a management center for connecting all home devices. Can be connected with the mobile terminal through Wifi or Internet. The ID is assumed to be SID. For convenience of processing by the information receiver, the SID contains a random number of a public key pointer thereof, and can also be used for specifying a Q key pool in the quantum communication service station. The quantum key fob of the home gateway is located inside the home gateway and is generally embodied in the form of a key fob. The specific structure is as shown in fig. 2(a), the card includes a Q key pool, which is from the quantum communication service station, and its keys are private keys, each member being different, in addition to the asymmetric key pool, the public key pointer random number and the private key. The pool of Q keys is stored not only in the member's quantum key fob, but also in the member's matching quantum communication service station's quantum key fob.
The household equipment (C) comprises a monitoring camera, a cat eye, a door lock, an intelligent switch, a video server, a monitoring server and the like. It is assumed herein that the ID thereof is CID. To facilitate the handling of the information receiver, the CID contains its public key pointer random number. The household device uses a C quantum key fob, and the specific structure is shown in part (b) of FIG. 2. The difference with the home gateway quantum key card is that there is no pool of Q keys for contacting the quantum communication service station.
The mobile terminal (M) comprises a mobile phone of a home owner, a tablet personal computer and the like. The home gateway can be accessed through Wifi or Internet and the home equipment can be controlled. The ID is assumed herein to be MID. In order to facilitate the processing of the information receiver, the MID contains a random number of a public key pointer thereof and can also be used for specifying a Q key pool in the quantum communication service station. The mobile terminal uses a mobile terminal quantum key card, and the internal storage key area of the mobile terminal quantum key card is the same as that of the home gateway. The difference is that the quantum key card is generally embodied in a portable form such as SDKEY, UKEY, or a mobile phone motherboard chip.
A secure cloud (SS) refers to a public cloud or a private cloud of a smart home for storing encrypted data of the smart home, such as video, images, text, and other types of data. The security of the cloud is guaranteed by the quantum key card, and the key of the data cannot be exposed to the administrator of the cloud, so that various data stored by a user do not need to worry about the security of the data. The ID is assumed to be SSID herein. In order to facilitate the processing of the information receiver, the SSID contains the random number of the public key pointer thereof and can also be used for specifying a Q key pool in the quantum communication service station. The secure cloud uses a secure cloud quantum key fob, the internal storage key zone of which is the same as the home gateway. The difference is that the secure cloud quantum key fob also stores a legitimate user list, which is formed by user registration, the list members are represented by way of public key pointer random numbers, and the user list can be changed and maintained by the quantum key fob administrator.
The quantum communication service station comprises a quantum service center which is mainly used for being in communication connection with each user side of a user side and other quantum communication service stations through a classical network, wherein the classical network comprises but is not limited to a telecommunication network, the Internet, a broadcast network or other communication networks and the like; the system also comprises quantum key distribution equipment which is mainly used for realizing the sharing of the quantum key between stations in a QKD mode. The quantum communication service station uses a Q quantum key fob, and the internal structure is shown in fig. 2 (c). Wherein, the asymmetric key pool in the Q quantum key card is the same as the intelligent family system. In addition to the asymmetric key pool, the Q quantum key fob also maintains a legal service station list, the user list is formed by the registration of the operation and maintenance personnel of the quantum communication service station, the members of the list are represented by a mode of a public key pointer random number, and the service station list can be changed and maintained by a quantum key fob manager. The Q quantum key card comprises a plurality of Q key pools corresponding to the matched Q key pools in the quantum communication service respectivelyA home gateway or a mobile terminal. It is assumed herein that the ID of the quantum communication service station corresponding to M is QIDMSimilarly, the ID of the quantum communication service station corresponding to S is QIDS. For convenience of processing by the information receiver, the QID contains its public key pointer random number, and can also be used to specify a Q key pool corresponding to the matched home gateway or mobile terminal.
Example 1
In this embodiment, the method for uploading the file to the security cloud by the smart family member includes the following three conditions: the mobile terminal M uploads the file to the security cloud, the home gateway S uploads the file to the security cloud, and the home device C uploads the file to the security cloud.
Case 1: and uploading the file to a security cloud by the mobile terminal. As shown in fig. 1, a mobile terminal uploads a file to a secure cloud through a quantum communication service station.
Step 1.1.1: and the mobile terminal sends the file to the quantum communication service station.
The mobile terminal M generates a true random number R from a true random number generator in the matched quantum key fobM(hereinafter referred to as R)MAnd the Chinese character part is omitted as a short term in other similar ways). RMObtaining the pointer P in conjunction with a specific key generation algorithm fM。PMSome part of the Q key pool pointing to M, in which the corresponding key K can be extractedM. Encrypting the file F and the file signature MS by using the key to obtain a ciphertext, and then encrypting the ciphertext together with the true random number RMAnd the MID is sent to the quantum communication service station Q matched with the mobile terminal togetherMThe message structure is shown in FIG. 6 and can be expressed as { MID | | | RM||{F||SM}KM}. Here the document signs SMNamely, the mobile terminal M carries out the digital signature algorithm on the original file to obtain the file signature SM
Step 1.1.2: and information is transmitted between the quantum communication service stations.
Quantum communication service station QMReceiving encrypted message and R from mobile terminal MMAnd after MID, using RMObtaining the pointer P in conjunction with a specific key generation algorithm fMThrough PMExtracting a corresponding key K from a Q key pool which is specified by the MID and matched with the mobile terminal MM
Quantum communication service station QMUsing KMDecrypting the ciphertext to obtain a file F and a file signature SM。QMTaking out the public key of M by using MID, the method is shown in figure 4; with public key pair S of MMCarrying out signature verification, and stopping processing if the verification fails; and if the verification is successful, continuing the subsequent flow. Using QMPrivate key pair of (MID), original file F and SMCarrying out digital signature algorithm to obtain file signature SQM. Combined into a new message, which can be expressed as { MID | | | F | | | SM||SQM}。
Passing messages to a quantum communication service station Q matched to a secure cloud SSSSTo (3). Quantum communication service station QMAnd quantum communication service station QSSRespective quantum key distribution equipment is utilized to realize the sharing of quantum keys between stations, so that the full text of messages in a plaintext form is in the quantum communication service station QMEncrypted and sent to quantum communication service station QSSAnd then the full text of the message in a plaintext form is recovered through decryption. The full text content of the message delivered here includes QIDMAnd { MID | | F | | S encrypted by QKD keyM||SQM}。
Quantum communication service station QMAnd quantum communication service station QSSIf the transfer is carried out through other network nodes, the inter-station quantum key formed by the corresponding quantum key distribution equipment is carried out between two quantum communication service stations (or network nodes) which are in direct communication connection, and the ciphertext is transferred and transmitted in turn. In the transfer process, other network nodes pass through QIDMObtaining QMThe public key of (a) pointer(s) to the random number and further to obtain QMPublic key of, view QMWhether the random number of the public key pointer belongs to a legal service station list of the service station or not is judged, and if not, the processing is stopped; if the flow belongs to the following flow, the subsequent flow is continued. By QMIs a public key pair SQMCarrying out digital signature verification, and stopping processing if the verification fails; and if the verification is successful, continuing the subsequent flow. SQMThe quantum communication service station makes itself after verifying that the document is trustedBy signing the MID, the original document and the S with their own private keyMAnd carrying out a digital signature algorithm to obtain a file signature. The message is encrypted in its entirety using the QKD key. The own ID is attached to the encrypted message in advance of its full text and is passed to the next network node.
The quantum key distribution between stations is a mode of remote key sharing realized by using the basic principle of quantum mechanics, and is preferably BB84 protocol.
Step 1.1.3: and uploading the file to a security cloud by the quantum communication service station.
Quantum communication service station QSSAfter receiving the message, the QID is passedMObtaining QMThe public key of (a) pointer(s) to the random number and further to obtain QMThe specific process of the public key of (2) is shown in fig. 4. View QMWhether the random number of the public key pointer belongs to a legal service station list of the service station or not is judged, and if not, the processing is stopped; if the flow belongs to the following flow, the subsequent flow is continued. By QMIs a public key pair SQMCarrying out digital signature verification, and stopping processing if the verification fails; and if the verification is successful, continuing the subsequent flow.
SQMThe quantum communication service station makes a file signature after the file is verified and trusted, namely the private key of the quantum communication service station is used for carrying out the signature on the MID, the original file and the SMCarrying out digital signature algorithm to obtain file signature SQSS
Quantum communication service station QSSGenerating a true random number R from a true random number generator in a matched quantum key fobSS,RSSObtaining the pointer P in conjunction with a specific key generation algorithm fSS,PSSPointing to a portion of the pool of Q keys specified by the SSID that matches the secure cloud SS, a corresponding key K can be extracted from the pool of keysSS. The message is encrypted using the key to obtain a ciphertext, which may be denoted as QIDSS||RSS||{MID||F||SM||SQSS}KSSAnd passed to the next network node, i.e., SS.
Step 1.1.4: and the security cloud receives and stores the file.
Secure cloud SS accepts data from QSSAfter the message of (2), R isSSBonding ofThe specific key generation algorithm f derives a pointer PSSThrough PSSExtracting corresponding key K from the Q key poolSS. Using KSSDecrypting the ciphertext to obtain { MID | | | F | | | SM||SQSS}. QID for SSSSTaking out QSSSee fig. 4 for a method; by QSSIs a public key pair SQSSCarrying out signature verification, and stopping processing if the verification fails; and if the verification is successful, continuing the subsequent flow. And the SS verifies the MID, and if the MID exists in a legal user list, the MID passes the verification. After verification, the M public key pointer random number is obtained through the MID and the M public key is further obtained, and the specific process is shown in fig. 4. And (4) carrying out digital signature verification on the file by using the public key of the M, and trusting the message if the verification is passed.
After the message is verified, the secure cloud generates a file key according to the true random number generator in the matched quantum key fob, encrypts the file and its signature using the key, encrypts the file key using the secure key in the quantum key fob, and stores the MID, the encrypted file key, the encrypted file and its signature in the cloud storage space.
Particularly, when the mobile terminal and the quantum communication service station matched with the security cloud are the same, the specific steps of the process of uploading the file to the security cloud by the mobile terminal M are described as follows:
and step 1.2.1, the mobile terminal encrypts the file.
The mobile terminal M will generate a true random number R from the true random number generator in the matched quantum key fobM。RMObtaining the pointer P in conjunction with a specific key generation algorithm fM。PMSome part of the Q key pool pointing to M, in which the corresponding key K can be extractedM. Encrypting a file F and a file signature S using the keyMObtaining a ciphertext, and then combining the ciphertext with a true random number RMAnd MID are sent to the quantum communication service station Q matched with the mobile terminal together, and the message structure is shown in figure 6 and can be expressed as { MID | | RM||{F||SM}KM}. Here the document signs SMNamely, the mobile terminal M carries out the digital signature algorithm on the original file to obtain the file signature SM
Step 1.2.2: and uploading the file to a security cloud.
The quantum communication service station Q receives the encrypted message and R from the mobile terminal MMAnd after MID, using RMObtaining the pointer P in conjunction with a specific key generation algorithm fMThrough PMExtracting a corresponding key K from a Q key pool which is specified by the MID and matched with the mobile terminal MM
Quantum communication service station Q uses KMDecrypting the ciphertext to obtain a file F and a file signature SM. Taking out the public key of M through MID, the method is shown in figure 4; with public key pair S of MMCarrying out signature verification, and stopping processing if the verification fails; and if the verification is successful, continuing the subsequent flow. The quantum communication service station Q makes a file signature by verifying that the file is trusted, namely the private key of the quantum communication service station Q is used for carrying out the signature on the MID, the original file and the SMCarrying out digital signature algorithm to obtain file signature SQ
The quantum communication service station Q generates a true random number R according to a true random number generator in the matched quantum key fobSS,RSSObtaining the pointer P in conjunction with a specific key generation algorithm fSS,PSSPointing to a portion of the pool of Q keys specified by the SSID that matches the secure cloud SS, a corresponding key K can be extracted from the pool of keysSS. The key is used for encrypting the message to obtain a ciphertext which can be expressed as QID RSS||{MID||F||SM||SQ}KSSAnd passed to the next network node, i.e., SS.
Step 1.2.3: and the security cloud receives and stores the file.
After the security cloud SS receives the message from the Q, the R is sentSSObtaining the pointer P in conjunction with a specific key generation algorithm fSSThrough PSSExtracting corresponding key K from the Q key poolSS. Using KSSDecrypting the ciphertext to obtain { MID | | | F | | | SM||SQ}. The SS fetches the public key of Q with QID, the method is shown in FIG. 4; using public key pair S of QQCarrying out signature verification, and stopping processing if the verification fails; and if the verification is successful, continuing the subsequent flow. The SS verifies the MID ifIf the user exists in the legal user list, the authentication is passed. After verification, the M public key pointer random number is obtained through the MID and the M public key is further obtained, and the specific process is shown in fig. 4. And performing digital signature verification on the file by using the public key of M. And if the results are consistent, trusting the message.
After the message is verified, the secure cloud generates a file key according to the true random number generator in the matched quantum key fob, encrypts the file and its signature using the key, encrypts the file key using the secure key in the quantum key fob, and stores the MID, the encrypted file key, the encrypted file and its signature in the cloud storage space.
Case 2: and the home gateway uploads the file to the security cloud. The specific process is the same as the process of uploading the file to the security cloud by the mobile terminal.
Case 3: the home device uploads the file to the security cloud by means of the home gateway. As shown in fig. 1, a home device uploads a file to a secure cloud through a home gateway.
Step 1.3.1: the home device sends the file to the home gateway.
The home device C generates a key K from the matching true random number generator in the quantum key fob, uses the key to encrypt the file F and the file signature SCAnd encrypts the key K using the public key of S. The CID, the encrypted key K, and the ciphertext are sent to the home gateway S. Here, the ciphertext is to encrypt the file F and the file signature S using the key KCHere, the signature, namely the home device C, performs a digital signature algorithm on the original file to obtain a file signature SC. The message structure is shown in FIG. 7 and can be expressed as { CID | { K } PKS||{F||SC}K}。
Step 1.3.2: and the home gateway uploads the file to the security cloud.
And after receiving the message from the home device C, the security gateway S verifies the CID, and if the CID exists in the legal user list, the authentication is passed. And after verification, the private key is used for decryption to obtain a secret key K, and the K is used for decrypting the request to obtain the file and the signature. The public key of C is derived by CID, see fig. 4. And D, performing digital signature verification on the file by using the public key of the C, and trusting the message if the results are consistent.
And after verification, making a signature of the security gateway on the file, uploading the file and the signature to a security cloud SS through a quantum communication service station, wherein the specific steps are the same as those described in the case 1.
Step 1.3.3: and the security cloud receives and stores the file.
The specific procedure is as described in case 1, step 1.1.4.
Example 2
In this embodiment, the intelligent family member downloads the file from the security cloud, and the downloading of the file from the security cloud by the intelligent family member is divided into the following three cases: the mobile terminal M downloads files from the secure cloud, the home gateway S downloads files from the secure cloud, and the home device C downloads files from the secure cloud.
Case 1: the mobile terminal downloads the file from the secure cloud.
Step 2.1.1: and the mobile terminal sends a file downloading request to the security cloud.
And the mobile terminal transfers a file downloading request sent to the security cloud through the quantum communication service station, wherein the request comprises the MID of the mobile terminal.
Step 2.1.2: and the quantum communication service station acquires and transmits the file.
And after receiving the request for downloading the file, the security cloud SS verifies the MID, and if the MID exists in the legal user list, the MID passes the verification. And after the verification, the secure cloud SS extracts the corresponding encrypted file and decrypts the file by using the file key.
The secure cloud SS generates a true random number R from a true random number generator in a matched quantum key fobSS,RSSObtaining the pointer P in conjunction with a specific key generation algorithm fSS,PSSA certain part of the Q key pool pointing to the secure cloud SS may extract a corresponding key K from the key poolSS. Secure cloud use key KSSEncrypted file F and signature SSSObtaining a ciphertext, and then combining the ciphertext with a true random number RSSAnd SSID together to the Quantum communication service station QSSThe message structure may be represented as { SSID | | RSS||{F||SSS}KSS}. Here the document signs SSSNamely, the secure cloud SS performs a digital signature algorithm on the original file to obtain a file signature SSS
Quantum communication service station Q matched with security cloud SSSSObtaining encrypted files F and signatures S from a secure cloud SSSSThrough RSSTo obtain KSSThen decrypting to obtain a file, obtaining a public key of the SS through the SSID, and then comparing the public key with the SSSCarrying out signature verification, and stopping processing if the verification fails; and if the verification is successful, continuing the subsequent flow. Using QSSPrivate key pair of (1) SSID, original files F and SSSCarrying out digital signature algorithm to obtain file signature SQSS. Combined into a new message, which can be expressed as { SSID | | F | | | SSS||SQSS}。
Delivery of messages to a quantum communication service station Q matched to a mobile terminal MMTo (3). Sending new information to quantum communication service station Q matched with mobile terminal M through inter-station information transmissionM. If the mobile terminal M and the security cloud SS are matched with the same quantum communication service station, information transmission between the stations is not needed. The signature and signature verification steps in the specific process are consistent with the inter-station information transmission process described in the embodiment 1. Quantum communication service station QMAfter obtaining and trusting the message, generating a true random number R according to a true random number generator in the matched quantum key fobM,RMObtaining the pointer P in conjunction with a specific key generation algorithm fM,PMPointing to a part of the pool of Q keys, designated by the MID, matching the mobile terminal M, in which the corresponding key K can be extractedM. The message is encrypted using the key to obtain a ciphertext, which may be denoted as QIDM||RM||{SSID||F||SSS||SQM}KMAnd passed on to the next network node, i.e. the mobile terminal M.
Step 2.1.3: the mobile terminal acquires the file.
Mobile terminal M slave quantum communication service station QMAfter obtaining the message, RMObtaining the pointer P in conjunction with a specific key generation algorithm fMThrough PMExtracting corresponding key K from the Q key poolM. Using KMDecrypting a fileThe ciphertext may be obtained as { SSID F S | |)SS||SQM}. QID for MMTaking out QMSee fig. 4 for a method; by QMIs a public key pair SQMCarrying out signature verification, and stopping processing if the verification fails; and if the verification is successful, continuing the subsequent flow. The public key pointer random number of the SS is obtained through the SSID, and the public key of the SS is further obtained, and the specific process is shown in fig. 4. And carrying out digital signature verification on the file by using the public key of the SS, and trusting the message if the verification is passed. And obtaining the file after verifying the signature.
Case 2: the home gateway downloads the file from the secure cloud. The specific process is the same as the process of downloading the file from the secure cloud by the mobile terminal.
Case 3: the home device downloads the file from the secure cloud by means of the home gateway.
Step 2.3.1: the home device sends a request to the home gateway.
The household device C generates a secret key K according to the true random number generator in the matched quantum key card1The request is encrypted using the key, and the key K is encrypted using the public key of S1. CID, encrypted secret key K1And request ciphertext to send to the home gateway S, the message structure may be represented as { CID | { K |)1}PKS||{request||SC}K1}. Here, the request ciphertext, i.e., the use key K1The request and the signature are encrypted, where the signature, i.e. the digital signature algorithm performed by the home device C on the original request, results in the signature. The message structure is shown in fig. 7.
Step 2.3.2: the home gateway processes the request and replies.
And after receiving the request from the home device C, the security gateway S verifies the CID, and if the CID exists in the legal user list, the authentication is passed. The security gateway S uses the private key to decrypt and obtain the secret key K after the authentication1Using K1And decrypting the request ciphertext to obtain the request and the signature. And D, decrypting the signature by using the public key of the C, verifying the signature, and trusting the request if the verification is passed.
After verification, the security gateway S obtains the encrypted file F and the file signature S from the security cloud SS through the quantum communication service stationC. Utensil for cleaning buttockSee example 2, case 1. And after the file signature is verified, the file is sent to the home device C. The home gateway S generates a random number K from a true random number generator in the matched quantum key fob2Encrypting the file using the key, and encrypting the key K using the public key of C2SID, encrypted key K2Encrypted file F and signature SSSent to home device C, the message structure may be represented as { SIDI | { K |)2}PKC||{F||SS}K2}. Here the signature SSNamely, the home gateway S performs a digital signature algorithm on the original file to obtain the signature. The message structure is shown in fig. 8.
Step 2.3.3: the home device gets the file.
After receiving the response from the home gateway S, the home device C decrypts the response by using the private key thereof to obtain the secret key K2Using K2And decrypting the response ciphertext to obtain the file and the signature. Using the public key pair S of SSCarrying out signature verification, and stopping processing if the verification fails; and if the verification is successful, continuing the subsequent flow. And obtaining the file after the verification is successful.
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (6)

1. The quantum-computing-resistant intelligent home quantum cloud storage method based on the quantum key card is characterized by comprising an intelligent home component and a security cloud access file via a quantum communication service station, wherein the intelligent home component comprises a home gateway and a mobile terminal, each intelligent home component, the quantum communication service station and the security cloud are respectively provided with the quantum key card, each quantum key card stores a private key, an asymmetric key pool and a public key pointer random number, the asymmetric key pool stores public keys of all parties, and the public key pointer random number can be combined with the asymmetric key pool to obtain a public key corresponding to a private key of any party;
a first symmetric key pool is further stored in the quantum key card of the mobile terminal, a second symmetric key pool is further stored in the quantum key card of the home gateway, a third symmetric key pool is further stored in the quantum key card of the secure cloud, and all the symmetric key pools are further stored in the quantum key card of the quantum communication service station at the same time;
when the intelligent home component is communicated with the secure cloud to access a file, the file is signed and verified by using quantum key cards of both sides and adopting an asymmetric algorithm;
when the files are forwarded between the intelligent home component and the quantum communication service station and between the quantum communication service station and the security cloud, keys are generated by using corresponding symmetric key pools, and encrypted communication is performed by adopting a symmetric algorithm;
when the intelligent home component stores the file to the secure cloud communication, the intelligent home component comprises the following components:
signing the file by using a private key to obtain a file signature;
generating a true random number RMAnd using true random number RMExtracting a secret key K from a pool of symmetric keysM
Using a secret key KMEncrypting the file and the file signature to obtain a file ciphertext, and then combining the file ciphertext with the true random number RMSending the data to a quantum communication service station;
the smart home component and the security cloud are in direct communication with the same quantum communication service station, and the quantum communication service station comprises:
receiving a file ciphertext and a true random number R from the smart home componentM
Using true random numbers RMExtracting a secret key K from a pool of symmetric secret keys corresponding to smart home componentsM
Using a secret key KMDecrypting the file ciphertext to obtain a file and a file signature;
signing the decrypted file and the file signature again by using a private key to obtain a secondary signature;
generating a key Kss extracted from the third symmetric key pool by using the true random number Rss;
encrypting the file, the file signature and the secondary signature by using a key Kss to obtain a file ciphertext, and then sending the file ciphertext and a true random number Rss to the secure cloud;
the security cloud comprises:
receiving a file ciphertext and a true random number Rss from a quantum communication service station in direct communication with a secure cloud;
extracting a key Kss from the third symmetric key pool by using the true random number Rss;
decrypting the file ciphertext by using the key Kss to obtain the file, the file signature and the secondary signature;
obtaining a public key of the quantum communication service station by combining a public key pointer random number of the quantum communication service station which is in direct communication with the secure cloud with the asymmetric key pool;
verifying the secondary signature by using a public key of the quantum communication service station;
obtaining a public key of the intelligent home component by combining a public key pointer random number corresponding to the intelligent home component with the asymmetric key pool;
verifying the file signature by using the public key of the intelligent home component;
and after the verification is passed, encrypting and storing.
2. The quantum key card-based quantum computing-resistant smart home quantum cloud storage method of claim 1, wherein the smart home components are in communication with a quantum communication service station QMDirect communication, the secure cloud in quantum communicationThe service station Qss directly communicates; at the quantum communication service station QMThe method comprises the following steps:
receiving a file ciphertext and a true random number R from the smart home componentM
Using true random numbers RMExtracting a secret key K from a pool of symmetric secret keys corresponding to smart home componentsM
Using a secret key KMDecrypting the file ciphertext to obtain a file and a file signature;
for the true random number RMAnd the file signature carry out the way of signature among stations and encryption among stations until the file and the file signature are sent to the quantum communication service station Qss;
the quantum communication service station Qss comprises:
obtaining a file and a file signature by adopting an inter-station verification and inter-station decryption mode;
signing the decrypted file and the file signature again by using a private key to obtain a secondary signature;
generating a key Kss extracted from the third symmetric key pool by using the true random number Rss;
and encrypting the file, the file signature and the secondary signature by using a key Kss to obtain a file ciphertext, and then sending the file ciphertext and the true random number Rss to the secure cloud.
3. The quantum key card-based quantum computing-resistant smart home quantum cloud storage method of claim 1, wherein the smart home component further comprises a home device that accesses files to a secure cloud via the home gateway; the sending of the file to the home gateway by the home device includes:
signing the file;
generating a secret key K in a true random number form by using a quantum key card;
encrypting the file and the file signature by using the key K to obtain a ciphertext, and encrypting the key K by using a public key of the home gateway;
sending the encrypted key K and the encrypted ciphertext to the home gateway;
and after decryption and verification, the home gateway sends the obtained file to the security cloud.
4. The quantum key card-based quantum computing-resistant smart home quantum cloud storage method of claim 1, wherein the smart home component, when downloading a file from a secure cloud, comprises:
sending a download request to the secure cloud via the quantum communication service station;
the security cloud corresponds to the downloading request and extracts a corresponding file;
signing and encrypting the file and then sending the file to a quantum communication service station;
the quantum communication service station decrypts the file and the file signature, carries out secondary signature on the file and the file signature, encrypts the file and sends the encrypted file and the encrypted file to the intelligent home component;
the smart home component decrypts and validates accordingly.
5. The quantum key card-based quantum computing smart home quantum cloud storage method as claimed in claim 1, wherein each party also sends a corresponding identity when communicating, and the identity can be used by the receiving party to obtain a public key pointer random number corresponding to the identity in the quantum key card as required.
6. The quantum key card-based quantum computing-resistant smart home quantum cloud storage method according to claim 5, wherein a legal user list is stored in the secure cloud, and the secure cloud verifies the identity of the other party according to the identity.
CN201910027000.3A 2019-01-11 2019-01-11 Quantum-resistant computing smart home quantum cloud storage method and system based on quantum key card Active CN109951513B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910027000.3A CN109951513B (en) 2019-01-11 2019-01-11 Quantum-resistant computing smart home quantum cloud storage method and system based on quantum key card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910027000.3A CN109951513B (en) 2019-01-11 2019-01-11 Quantum-resistant computing smart home quantum cloud storage method and system based on quantum key card

Publications (2)

Publication Number Publication Date
CN109951513A CN109951513A (en) 2019-06-28
CN109951513B true CN109951513B (en) 2021-10-22

Family

ID=67007268

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910027000.3A Active CN109951513B (en) 2019-01-11 2019-01-11 Quantum-resistant computing smart home quantum cloud storage method and system based on quantum key card

Country Status (1)

Country Link
CN (1) CN109951513B (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110519223B (en) * 2019-07-12 2023-05-05 如般量子科技有限公司 Anti-quantum computing data isolation method and system based on asymmetric key pair
CN112134695B (en) * 2020-08-14 2022-09-06 江苏亨通问天量子信息研究院有限公司 Cloud platform management method and system based on quantum key distribution technology
CN114301595B (en) * 2020-09-22 2023-09-29 如般量子科技有限公司 Quantum secret communication system based on witness and communication method thereof
CN114244551B (en) * 2021-09-28 2024-01-30 自然资源部第三地形测量队 Data application protection method, equipment and wild external painting verification method
CN114255533B (en) * 2022-01-28 2024-04-16 无锡融卡科技有限公司 Intelligent lock system and implementation method thereof
CN115174145B (en) * 2022-05-30 2023-12-19 青岛海尔科技有限公司 Equipment control method and edge gateway equipment
CN115242785B (en) * 2022-09-22 2022-12-16 长江量子(武汉)科技有限公司 Secure communication method between desktop cloud server and terminal

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103475464A (en) * 2013-08-20 2013-12-25 国家电网公司 Power special quantum encryption gateway system
CN106357396A (en) * 2016-09-23 2017-01-25 浙江神州量子网络科技有限公司 Digital signature method, digital signature system and quantum key card
CN106961327A (en) * 2017-02-27 2017-07-18 北京邮电大学 Key management system and method based on quantum key pond
CN109104276A (en) * 2018-07-31 2018-12-28 如般量子科技有限公司 A kind of cloud storage method of controlling security and system based on pool of keys
CN109150835A (en) * 2018-07-20 2019-01-04 国科量子通信网络有限公司 Method, apparatus, equipment and the computer readable storage medium of cloud data access
CN109150519A (en) * 2018-09-20 2019-01-04 如般量子科技有限公司 Anti- quantum calculation cloud storage method of controlling security and system based on public keys pond

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2697931B1 (en) * 2011-04-15 2017-12-13 Quintessencelabs Pty Ltd Qkd key management system
US9948459B2 (en) * 2014-07-25 2018-04-17 Cheng-Han KO Multiple encrypting method and system for encrypting a file and/or a protocol

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103475464A (en) * 2013-08-20 2013-12-25 国家电网公司 Power special quantum encryption gateway system
CN106357396A (en) * 2016-09-23 2017-01-25 浙江神州量子网络科技有限公司 Digital signature method, digital signature system and quantum key card
CN106961327A (en) * 2017-02-27 2017-07-18 北京邮电大学 Key management system and method based on quantum key pond
CN109150835A (en) * 2018-07-20 2019-01-04 国科量子通信网络有限公司 Method, apparatus, equipment and the computer readable storage medium of cloud data access
CN109104276A (en) * 2018-07-31 2018-12-28 如般量子科技有限公司 A kind of cloud storage method of controlling security and system based on pool of keys
CN109150519A (en) * 2018-09-20 2019-01-04 如般量子科技有限公司 Anti- quantum calculation cloud storage method of controlling security and system based on public keys pond

Also Published As

Publication number Publication date
CN109951513A (en) 2019-06-28

Similar Documents

Publication Publication Date Title
CN109951513B (en) Quantum-resistant computing smart home quantum cloud storage method and system based on quantum key card
US10785019B2 (en) Data transmission method and apparatus
CN109151053B (en) Anti-quantum computing cloud storage method and system based on public asymmetric key pool
CN106104562B (en) System and method for securely storing and recovering confidential data
CN109495250B (en) Quantum-computation-resistant intelligent home communication method and system based on key fob
CN110069918B (en) Efficient double-factor cross-domain authentication method based on block chain technology
CN104023013B (en) Data transmission method, server side and client
CN109495251B (en) Anti-quantum-computation intelligent home cloud storage method and system based on key fob
US10594479B2 (en) Method for managing smart home environment, method for joining smart home environment and method for connecting communication session with smart device
Bhattasali et al. Secure and trusted cloud of things
JP2009529832A (en) Undiscoverable, ie secure data communication using black data
CN111404664B (en) Quantum secret communication identity authentication system and method based on secret sharing and multiple mobile devices
CN110535626B (en) Secret communication method and system for identity-based quantum communication service station
CN111914291A (en) Message processing method, device, equipment and storage medium
CN110224816B (en) Anti-quantum computing application system based on key fob and serial number, near-field energy-saving communication method and computer equipment
Guo et al. A Secure and Efficient Mutual Authentication and Key Agreement Protocol with Smart Cards for Wireless Communications.
CN113411187A (en) Identity authentication method and system, storage medium and processor
CN109347923B (en) Anti-quantum computing cloud storage method and system based on asymmetric key pool
CN111416712B (en) Quantum secret communication identity authentication system and method based on multiple mobile devices
CN106230840B (en) A kind of command identifying method of high security
CN109787747B (en) Anti-quantum-computation multi-encryption cloud storage method and system based on multiple asymmetric key pools
CN109299618B (en) Quantum-resistant computing cloud storage method and system based on quantum key card
CN109889329A (en) Anti- quantum calculation wired home quantum communications method and system based on quantum key card
CN110519214B (en) Application system short-distance energy-saving communication method, system and equipment based on online and offline signature and auxiliary verification signature
CN110213056B (en) Anti-quantum computing energy-saving communication method and system and computer equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant