CN118381608B - Noise protocol implementation method and device based on out-of-band quantum key - Google Patents
Noise protocol implementation method and device based on out-of-band quantum key Download PDFInfo
- Publication number
- CN118381608B CN118381608B CN202410807075.4A CN202410807075A CN118381608B CN 118381608 B CN118381608 B CN 118381608B CN 202410807075 A CN202410807075 A CN 202410807075A CN 118381608 B CN118381608 B CN 118381608B
- Authority
- CN
- China
- Prior art keywords
- quantum key
- key
- quantum
- party
- protocol
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 47
- 238000004891 communication Methods 0.000 claims abstract description 117
- 238000004422 calculation algorithm Methods 0.000 claims description 46
- 230000000977 initiatory effect Effects 0.000 claims description 7
- 238000009795 derivation Methods 0.000 claims description 6
- 230000007246 mechanism Effects 0.000 claims description 6
- 230000005540 biological transmission Effects 0.000 claims description 4
- 239000003999 initiator Substances 0.000 description 9
- 230000008569 process Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 230000003068 static effect Effects 0.000 description 4
- 238000004590 computer program Methods 0.000 description 3
- 238000013461 design Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 238000013473 artificial intelligence Methods 0.000 description 2
- 230000003190 augmentative effect Effects 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000004927 fusion Effects 0.000 description 2
- 230000010354 integration Effects 0.000 description 2
- 230000007774 longterm Effects 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 101000838578 Homo sapiens Serine/threonine-protein kinase TAO2 Proteins 0.000 description 1
- 102100028949 Serine/threonine-protein kinase TAO2 Human genes 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 230000002457 bidirectional effect Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000000295 complement effect Effects 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 239000003607 modifier Substances 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application provides a noise protocol implementation method and a device based on an out-of-band quantum key, wherein the noise protocol supports a pre-shared key, the noise protocol is realized by two communication parties through a first communication link negotiation, and one specific implementation mode of the method is applied to any one of the two communication parties and comprises the following steps: in a handshake phase of a noise protocol, a key request message is initiated to a first quantum key server; receiving a quantum key identifier fed back by a first quantum key server; sending the quantum key identification to the other party in the two communication parties through exchange messages in a handshake stage so that the other party obtains a quantum key corresponding to the quantum key identification from a second quantum key service party; the quantum key is pre-negotiated by the first quantum key server and the second quantum key server using the second communication link. Therefore, the quantum key with quantum attack resistance can be simply and efficiently combined with a noise protocol by acquiring the quantum key from the out-of-band quantum key server.
Description
Technical Field
The application belongs to the technical field of cryptography, and particularly relates to a noise protocol implementation method and device based on an out-of-band quantum key.
Background
The noise protocol (noiseprotocol) framework is a series of cryptographic protocols used to establish a secure communication channel between two communication endpoints. It provides a simple, efficient and secure way of communication, and has been widely used in various applications. The security of the noise protocol is based on Curve25519, which is a key exchange protocol based on elliptic Curve cryptography, and can provide secure and reliable key exchange and identity verification.
At present, due to development of quantum computers, conventional public key encryption algorithms, including key 25519 elliptic Curve cryptography, are at risk of being cracked. Post quantum cryptography (post quantum cryptography, PQC) algorithms are an important complement to combat quantum computer attacks. The PQC algorithm is designed to resist quantum computing attacks and is being standardized by the national institute of standards and technology (national institute of STANDARDS AND technology, NIST). Integrating the PQC algorithm into the noise protocol can enhance its resistance to quantum computer attacks and preserve its security.
Therefore, a method for simply and efficiently combining the quantum attack resistance attribute obtained by the quantum attack resistance algorithm such as the PQC algorithm with the noise protocol is needed to enhance the security of the communication system.
Disclosure of Invention
In order to solve the above problems, the present application provides a noise protocol method, device, computer readable storage medium and electronic equipment based on out-of-band quantum key, which can simply and efficiently combine the quantum attack resistance attribute obtained by the PQC algorithm with the noise protocol to improve the security performance of the communication system.
In a first aspect, the present application provides a noise protocol method based on an out-of-band quantum key, the noise protocol supporting a pre-shared key, the noise protocol being implemented by two communication parties through a first communication link negotiation, the method being applied to any one of the two communication parties, the method comprising:
in a handshake phase of a noise protocol, a key request message is initiated to a first quantum key server;
Receiving a quantum key identifier fed back by a first quantum key server;
Sending the quantum key identification to the other party in the two communication parties through exchange messages in a handshake stage, so that the other party obtains a quantum key corresponding to the quantum key identification from a second quantum key service party, wherein the quantum key is a pre-shared key of a noise protocol; the quantum key identification and the quantum key are pre-negotiated by the first quantum key server and the second quantum key server using the second communication link.
Therefore, the quantum key resistant to quantum attack is obtained from the out-of-band quantum key server, and the quantum key can be simply and efficiently combined with the noise protocol, so that the safety performance of a communication system is enhanced.
In a second aspect, the present application provides a method for implementing a noise protocol based on an out-of-band quantum key, where the noise protocol supports a pre-shared key, and the noise protocol is implemented by two communication parties through a first communication link negotiation, where the method includes:
In a handshake phase of a noise protocol, a first party of two communication parties initiates a key request message to a first quantum key server;
the first quantum key service feeds back a quantum key identification to a first party;
the first party sends the quantum key identification to the second party in the two communication parties through exchange messages in a handshake stage;
the second party sends the quantum key identification to the second quantum key server;
The second quantum key service side returns a quantum key corresponding to the quantum key identification to the second side, wherein the quantum key is a pre-shared key of a noise protocol; the quantum key identification and the quantum key are pre-negotiated by the first quantum key server and the second quantum key server using the second communication link.
In a third aspect, the present application provides a device for implementing a noise protocol based on an out-of-band quantum key, where the noise protocol supports a pre-shared key, the noise protocol is implemented by two communication parties through a first communication link negotiation, and the device is disposed on any one of the two communication parties, and the device includes:
The sending module is used for initiating a key request message to the first quantum key server;
The receiving module is used for receiving the quantum key identification fed back by the first quantum key server;
The communication module is used for sending the quantum key identification to the other party in the two communication parties so that the other party can acquire the quantum key from the second quantum key service party, and the quantum key is the pre-shared key of the noise protocol; the quantum key identifications and the quantum keys are in one-to-one correspondence, and the quantum key identifications and the quantum keys are generated by the first quantum key server and the second quantum key server through negotiation by using a second communication link.
In a fourth aspect, the present application provides a computer readable storage medium having stored thereon a computer program which, when executed in a computer, causes the computer to perform the method described in the first aspect or any one of the possible implementations of the first aspect.
In a fifth aspect, the present application provides an electronic device, comprising: at least one memory for storing a program; at least one processor for executing programs stored in the memory; wherein the processor is adapted to perform the method described in the first aspect or any one of the possible implementations of the first aspect and to perform the method described in the second aspect or any one of the possible implementations of the second aspect when the program stored in the memory is executed.
It will be appreciated that the advantages of the second to fifth aspects may be found in the relevant description of the first aspect, and are not described here again.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required for the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram of a handshake phase of a noise protocol;
FIG. 2 is a flowchart of a noise protocol implementation method based on an out-of-band quantum key according to an embodiment of the present application;
FIG. 3 is a schematic diagram of a noise protocol implementation method based on an out-of-band quantum key according to an embodiment of the present application;
fig. 4 is a schematic diagram of a noise protocol implementation device based on an out-of-band quantum key according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the embodiments of the present application will be described below with reference to the accompanying drawings.
In describing embodiments of the present application, words such as "exemplary," "such as" or "for example" are used to mean serving as examples, illustrations or explanations. Any embodiment or design described herein as "exemplary," "such as" or "for example" is not necessarily to be construed as preferred or advantageous over other embodiments or designs. Rather, the use of words such as "exemplary," "such as" or "for example," etc., is intended to present related concepts in a concrete fashion.
In the description of the embodiments of the present application, the term "and/or" is merely an association relationship describing an association object, and indicates that three relationships may exist, for example, a and/or B may indicate: a alone, B alone, and both A and B. In addition, unless otherwise indicated, the term "plurality" means two or more. For example, a plurality of systems means two or more systems, and a plurality of screen terminals means two or more screen terminals.
Furthermore, the terms "first," "second," and the like, are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating an indicated technical feature. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include one or more such feature. The terms "comprising," "including," "having," and variations thereof mean "including but not limited to," unless expressly specified otherwise.
The noise protocol is a lightweight transport layer secure encryption protocol based on diffie-hellman (DH) key exchange, which is an algorithm that allows two parties to communication to establish a key over an unsecure common channel.
The flow of the noise protocol comprises the following basic steps:
1. protocol initialization: the two parties of agreement communication select an encryption suite to generate a long-term identity key and a key pair;
2. negotiating a session key: the two communication parties negotiate to generate a session key by exchanging handshake messages;
3. And (3) identity authentication: the two communication parties use the long-term identity key to carry out identity verification;
4. Key confirmation: the communication parties ensure the consistency of the keys by mutually confirming the validity of the session keys;
5. data encryption: the communication dual uses the session key to encrypt and decrypt communication data.
The core part of the noise protocol is a handshake protocol, and negotiation of session keys is performed based on the handshake protocol. The noise protocol supports 12 different negotiated modes in total to support different applications. These patterns may be further arranged to combine hundreds of different protocol variables with pre-shared-key (PSK), public key algorithms, symmetric encryption algorithms, hash algorithms, etc.
By way of example, fig. 1 shows a schematic diagram of a handshake phase of a noise protocol.
As shown in fig. 1, the communication parties are the initiator and the responder of the handshake protocol, and a communication link is pre-established between the communication parties, wherein the communication link is a common channel established based on physical media such as twisted pair, optical fiber, microwave and the like.
In the handshake phase, the negotiation mode between the initiator and the responder is 1-RTT (round TRIP TIMES), i.e. the initiator and the receiver have the capability of transmitting the data stream after performing handshake communication comprising a first exchange of information and a second exchange of information (one round).
Different protocol variables are set in the first exchange information and the second exchange information, so that a fixed public key and a temporary public key transmitted from the opposite end are recorded by adopting an algorithm represented by the protocol variables, temporary data is calculated by a DH algorithm, and the like.
When the entire handshake is completed, the communicating parties may generate a consistent session key based on the peer-to-peer information, which may be used by each party to send encrypted transfer messages.
In order to integrate quantum cryptography algorithms into noise protocols to enhance their resistance to quantum computer attacks, current PQC algorithm modifications to noise protocols are mainly the replacement or mixing of elliptic curve key exchange algorithms (EDCH) based on the curve25519 elliptic curve using the Key Encapsulation Method (KEM) for quantum security. EDCH is an efficient and secure variant of DH that incorporates elliptic curve challenge generation based on DH exchange keys.
However, this approach suffers from two disadvantages:
1. The influence on the performance may cause slow encryption and decryption due to higher computational complexity of the PQC algorithm, thereby affecting the overall performance of the noise protocol;
2. the integration of the PQC algorithm into the noise protocol framework increases the overall complexity of the protocol, as a consequence of the complexity of the noise protocol.
In addition, PSK variables may also be set in the exchanged information in the handshake phase, and the noise protocol framework currently shares 59+ different protocols, 21 of which support PSK. PSK is a mechanism for enhancing communication security. By pre-sharing a key between the parties, the noise protocol is able to use this key in establishing encrypted communications, thereby improving security and resisting certain types of attacks, such as quantum computing attacks. However, the current PSK is mainly input at the communication end by a user manually, and needs to be shared in advance until both communication parties store, so that the safety is lower; and because of the static setup procedure with pre-shared PSK, flexibility is poor.
In view of this, in the noise protocol implemented by the present solution, by setting PSK variables in exchange information in the handshake phase to support PSK and acquiring an out-of-band quantum key from the quantum key server, dynamic generation of quantum security PSK can be implemented, thereby improving flexibility and security of PSK acquisition. In addition, the combination of the quantum attack resistance attribute of the out-of-band quantum key and the noise protocol is realized by setting the PSK variable, so that the capacity of the system for resisting the quantum attack can be further improved.
Next, based on the above analysis, a method for implementing a noise protocol based on an out-of-band quantum key according to an embodiment of the present application will be described in detail.
Fig. 2 shows a flowchart of a noise protocol implementation method based on an out-of-band quantum key according to an embodiment of the present application. The noise protocol supports a pre-shared key, which is negotiated by both parties over a first communication link. The noise protocol implementation method is applied to any one of two communication parties, and mainly comprises the following steps:
Step S201, in a handshake phase of the noise protocol, initiates a key request message to a first quantum key server.
In this embodiment, the first quantum key server is a provider of an out-of-band quantum key, which is a quantum key generated by the first quantum key server over a non-first communication link. The first quantum key server is a party that can generate a quantum key based on a national cryptographic algorithm (national cryptographic algorithm recognized by the national institutes of cryptography, such as SM1, SM2, SM3, SM 4), a PQC algorithm, a quantum key distribution (quantum key distribution, QKD) algorithm, and the like.
The key request message may be an authentication-based request message or a virtual private network-based (virtual private networks, VPN) request message, so long as the authentication or data communication between the communication party and the first quantum key service party can be achieved through the key request message. The communication party is either of the communication parties, such as the sender as shown in fig. 1.
Illustratively, a network link of the first quantum key server and the communication party initiating the key request message is pre-established for identity authentication or to establish a VPN. Based on the established network link, the communication party initiates a key request message to the first quantum key service party using an explicit STATE TRANSFER API, REST API provided by the first quantum key service party. After the first quantum key service side generates the quantum key, the first quantum key service side can provide key service to the outside through the REST API. REST API is a software architecture style and communication protocol for building distributed systems for transmitting and exchanging data over a network that provides a flexible, extensible, and easily integrated way to access and operate remote resources.
The purpose of the communication initiating the key request message to the first quantum key server is to obtain the quantum key identification to obtain the target session key, so the execution timing of this embodiment is in the handshake phase of the noise protocol.
In one implementation, the communication party may execute a new round of noise protocol before each round of data transmission, and initiate a key request message to the first quantum key server in a handshake phase of the noise protocol to obtain a new quantum key identifier. Or the communication party establishes a channel for secure communication based on the noise protocol framework and designs a timeout mechanism, such as requiring a new round of noise protocol to be executed every 3 minutes, etc.
In another implementation manner, the communication party may further execute a new round of noise protocol based on the setting of the key rotation mechanism of the noise protocol, and initiate a key request message to the first quantum key server in a handshake phase of the noise protocol to obtain a new quantum key identifier. The noise protocol includes a key rotation mechanism for replacing the session key, and by opening an interface, such as rekey interface, to a user, the user of the communication party can call the interface provided by the noise protocol to set a key rotation flag bit after the noise protocol ends the handshake phase and enters the transmission phase, so as to prompt the noise protocol to update the session key and realize rotation of the session key.
Therefore, when a new noise protocol is executed or a user manually sets key rotation to update a quantum key, new quantum security PSK can be acquired, key rotation is realized, and the security of the system is further improved.
Step S202, a quantum key identification fed back by a first quantum key server is received.
In this embodiment, when the first quantum key server generates the quantum key, the first quantum key server also establishes a corresponding quantum key identifier for the quantum key. And storing the generated quantum key in a key bank of the first quantum key service side. And storing the one-to-one correspondence between the quantum key identifications and the quantum keys in an index table of the first quantum key server. The corresponding quantum key may be found by querying the index table for the quantum key identification.
Illustratively, for a key request message initiated by a communicating party, a first quantum key server randomly allocates a currently available quantum key identification and transmits to the communicating party. And the first quantum key service side can also simultaneously send the quantum key corresponding to the quantum key identification to the communication side.
In one implementation, the first quantum key server dynamically updates the key store and the index table according to a preset frequency to maintain currently available quantum keys and their corresponding quantum key identifications.
In another implementation manner, the key store may also be updated in real time according to a manual operation of a user to maintain the currently available quantum key and the quantum key identifier corresponding to the currently available quantum key, which is not limited herein.
Step S203, the quantum key identification is sent to the other party in the two communication parties through the exchange message of the handshake stage, so that the other party obtains the quantum key corresponding to the quantum key identification from the second quantum key service party, and the quantum key is the pre-shared key of the noise protocol. The quantum key identification and the quantum key are pre-negotiated by the first quantum key server and the second quantum key server using the second communication link.
In this embodiment, the quantum key identifier and the quantum key are generated by the first quantum key server and the second quantum key server through negotiation using the second communication link, and the quantum key identifier and the quantum key are in one-to-one correspondence.
Similar to the first quantum key server, the second quantum key server is also a participant that can generate a quantum key based on a national cryptographic algorithm, a PQC algorithm, a quantum key distribution algorithm, and the like. The second communication link is an out-of-band (outofband) communication link that is different from the first communication link, i.e., a different communication link is used in generating the out-of-band quantum key and implementing the noise protocol, and may also be a common channel established based on physical media such as twisted pair, fiber optics, and microwave. The first quantum key service party and the second quantum key service party can generate the same quantum key resistant to quantum attack and the corresponding quantum key identification by utilizing the second communication link based on the same encryption algorithm.
Illustratively, the first quantum key server and the second quantum key server may negotiate to generate a quantum key, and their corresponding quantum key identifications, using the second communication link based on a cryptographic algorithm. The quantum key, and the corresponding quantum key identification, may also be generated using a second communication link negotiation based on a PQC algorithm, or a quantum key distribution algorithm, or a combination of any at least two of the foregoing algorithms. When any combination of at least two algorithms is used, the symmetric key respectively negotiated based on different algorithms needs to be subjected to modulo-2 addition operation or key derivation operation to obtain the quantum key.
Specifically, a protocol of out-of-band key negotiation is designed based on a second communication link between the first quantum key server and the second quantum key server, so that the protocol can flexibly support multiple parallel key negotiation modes, such as three modes of a national encryption algorithm, a PQC algorithm, quantum key distribution and the like, or any combination of at least two of the three modes. And then mixing the symmetric keys respectively negotiated by the modes, wherein the mixing mode can adopt an exclusive-or operation or a key derivation algorithm. The finally obtained quantum key needs to be stored by adopting a reliable and safe key management mechanism, and can provide key service to the outside. It can be appreciated that the first quantum key server and the second quantum key server store the same quantum key and its corresponding quantum key identification.
After receiving the quantum key identification fed back by the first quantum key service side, the communication side sends the quantum key identification to the other party in the communication sides, so that the other party obtains the quantum key from the second quantum key service side, and the quantum key is the pre-shared key of the noise protocol. The other party is one of the communication parties, such as the recipient shown in fig. 1, relative to the communication party.
Specifically, after receiving the quantum key identification, the other party initiates a key request message for specifying the quantum key identification to the second quantum key server. After receiving the key request message, the second quantum key service side feeds back the quantum key corresponding to the designated quantum key identification to the other side. By transmitting the quantum key identification over the first communication link, the same quantum key can be shared by the communication party and the other party. The quantum key is an out-of-band quantum key provided by the first quantum key server and the second quantum key server through external interfaces such as REST API.
Alternatively, the correspondent and the first quantum key server may be deployed within a relatively closed internal network, such as a local area network. The other party and the second quantum key server are configured in another relatively closed internal network in a peer-to-peer manner.
Thus, although the first communication link of both communication parties is usually an unsafe public channel, the security performance of the system can be improved by transmitting the quantum key identification only on the first communication link to enable both communication parties to obtain the same quantum key. The quantum key is the pre-shared key of the noise protocol.
Furthermore, the two communication parties can also use the first communication link negotiation to generate the EDCH exchange key based on the elliptic curve key exchange algorithm. And respectively carrying out operation based on key derivation on the EDCH exchange key and the pre-shared key to generate target session keys of the two communication parties, wherein the target session keys are used for encrypting data transmitted by the two communication parties.
Specifically, during the handshake phase of the noise protocol, both parties may utilize a temporary chained key (CHAINING KEY), CHAINING KEY being a symmetric key that is generated and updated multiple times during the handshake process. It is formed by a fusion of multiple keying materials, including static and ephemeral Diffie-Hellman keys (based on elliptic curves), and PSK. After the handshake is completed CHAINING KEY is used to generate the final target session key for encrypting subsequent communications.
In addition, the noise protocol framework currently shares 59+ different protocols, 21 of which support PSK. While different noise protocol variants supporting PSK modes may place PSK in different locations in the protocol message and provide different levels of security capabilities. For example, according to a pattern modifier in the protocol:
psk0: indicating that adding a PSK identification bit (pskID for storing the acquired quantum key identification) at the beginning of the first exchange message provides basic PSK verification.
Psk1: it means that a PSK identification bit is added at the end of the first exchange message, and PSK is mixed with other random numbers to generate a new session key, so as to avoid PSK disclosure.
Psk2: indicating that a PSK identification bit is added at the end of the second exchanged message, PSK is not used until the identity of the other party is verified, which provides a greater capability to prevent man-in-the-middle attacks.
Taking IKpsk2 as an example, the indication PSKID is added at the end of the second exchange message. When the pre-shared key conforms to IKpsk's 2 protocol, the quantum key identification is sent to the other of the two communicating parties using IKpsk's 2 protocol. For other protocol variants of PSK0 or PSK1, the variation of the position of PSK IDs in different exchange messages, and the specific timing and positions when fusing PSK and other keys, may be involved. However, the specific steps for obtaining the out-of-band quantum secure PSK still remain consistent, so that corresponding adjustment can be made for specific varieties, and detailed description is omitted.
Therefore, according to the noise protocol realized by the scheme, PSK variables are set in exchange information in a handshake stage to support PSK, and an out-of-band quantum key is acquired from a quantum key service side, so that quantum security PSK can be dynamically generated, and the flexibility and the security of PSK acquisition are improved. In addition, the combination of the quantum attack resistance attribute of the out-of-band quantum key and the noise protocol is realized by setting the PSK variable, so that the capacity of the system for resisting the quantum attack can be further improved.
Compared with the prior art, the scheme provided by the application mainly comprises the following advantages:
1. the performance of the original noise protocol is not affected, the calculation of the post quantum algorithm with high calculation complexity is completed in an out-of-band pre-negotiation stage, and the negotiation of the noise protocol is not affected.
2. The protocol complexity of the noise protocol itself is not increased, and only small changes, such as obtaining out-of-band PSK, transferring PSK ID, and key fusion of PSK, are needed.
3. The method has higher flexibility, can realize out-of-band key negotiation by decoupling with the noise protocol, and can realize the combination of various quantum security technologies more flexibly without any additional modification to the noise protocol.
Next, taking an implementation method of a noise protocol based on an out-of-band quantum key as an example, which is provided by the embodiment of the present application shown in fig. 3, a scheme used in the present application will be described in detail.
As shown in fig. 3, the upper half of fig. 3 is a noise protocol, and a IKpsk protocol mode is adopted, which is one of 21 noise protocols supporting PSK mode. The noise protocol initiator and the noise protocol responder are the communication party and the other party as shown in steps S201-S203.
The lower half of fig. 3 is used for out-of-band quantum security key agreement, and consists of a quantum security key service a and a quantum security key service B which are two "support national secret, PQC, QKD techniques flexibly combined" as a generator and a responder of the generated quantum key.
Out-of-band quantum security key the negotiation flow includes:
First, out-of-band quantum security key agreement is performed, and the negotiation process supports flexible combinations of national encryption algorithm, PQC algorithm, and QKD techniques. After the symmetric keys are respectively obtained through negotiation by three modes of a cryptographic algorithm sm2dh, a PQC algorithm Kyber and a QKD, the final quantum key is obtained by exclusive-or key derivation of the three pairs of symmetric keys. After the quantum key is stored safely, key service can be provided to the outside through REST API.
Next, a noise protocol procedure is performed, and the IKpsk protocol adopted in the present embodiment provides bidirectional authentication and confidentiality, and PSK is used to enhance security. The PSK is 32 bytes in length and the PSK pattern mixes the PSK into the encryption key and the h value. The h value represents a handshake hash value for hashing all sent and received handshake data.
As shown in fig. 3, the static public keys for both ends of the communication required by the IKpsk protocol need to be pre-generated and configured in advance. The negotiation messages of the handshake phase in fig. 3 are totally two, the solution does not involve any modification of the first exchanged message, and it contains the main fields: the temporary public key of the initiator, the encrypted static public key of the initiator, the encrypted time stamp and the like are used for negotiation of the EDCH key, identity authentication of two communication parties and the like.
When the noise protocol responder prepares to send a second exchange message, the interface of the out-of-band quantum security key service A end is called to acquire a quantum key (32 bytes) and a quantum key identification key_id, the quantum key identification key_id is used as a PSK ID and is put into the second exchange message to be sent to the noise protocol initiator, and the quantum key is the PSK. And when the noise protocol initiator receives the PSK ID, the interface of the quantum security key service B end is called, and the corresponding quantum key is acquired through giving the PSK ID, namely the quantum key identification key_id. The quantum key obtained by the noise protocol initiator and the noise protocol responder should be the same at this time.
After the two communication parties acquire the PSK, the PSK is used as one of the inputs of the derivative key to generate a session key used by the two communication parties to finally encrypt the subsequent data payload, and the final session key has quantum attack resistance.
Based on the above, the embodiment of the present application further provides a noise protocol method based on an out-of-band quantum key, where the noise protocol supports a pre-shared key, and the noise protocol is implemented by two communication parties through a first communication link negotiation, and the method is applied to any one of the two communication parties, and the method mainly includes the following steps:
1. In a handshake phase of the noise protocol, a key request message is initiated to a first quantum key server.
2. Receiving a quantum key identifier fed back by a first quantum key server;
3. And sending the quantum key identification to the other party in the two communication parties through exchange messages in a handshake stage, so that the other party obtains a quantum key corresponding to the quantum key identification from the second quantum key service party, and the quantum key is a pre-shared key of a noise protocol. The quantum key identification and the quantum key are pre-negotiated by the first quantum key server and the second quantum key server using the second communication link.
The specific implementation principle and details are shown in the above steps S201 to S203, and will not be repeated. It should be noted that while in the above embodiments the operations of the methods of embodiments of the present application are described in a particular order, this does not require or imply that the operations must be performed in that particular order or that all of the illustrated operations be performed in order to achieve desirable results. Rather, the steps depicted in the flowcharts may change the order of execution. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step to perform, and/or one step decomposed into multiple steps to perform.
Based on the method in the above embodiment, fig. 4 illustrates an exemplary schematic diagram of a noise protocol implementation device based on an out-of-band quantum key according to an embodiment of the present application. The noise protocol supports a pre-shared key, the noise protocol is realized by two communication parties through a first communication link negotiation, and the device is deployed on any one of the two communication parties. As shown in fig. 4, the noise protocol implementing apparatus 400 includes:
a sending module 410, configured to initiate a key request message to a first quantum key server;
a receiving module 420, configured to receive a quantum key identifier fed back by the first quantum key server;
The communication module 430 is configured to send the quantum key identifier to the other party in the two parties of communication, so that the other party obtains the quantum key from the second quantum key service party, where the quantum key is a pre-shared key of the noise protocol; the quantum key identifications and the quantum keys are in one-to-one correspondence, and the quantum key identifications and the quantum keys are generated by the first quantum key server and the second quantum key server through negotiation by using a second communication link.
Based on the method in the above embodiment, the embodiment of the application provides an electronic device. The electronic device may include: at least one memory for storing a program; at least one processor for executing the programs stored in the memory. Wherein the processor is adapted to perform the method described in the above embodiments when the program stored in the memory is executed. By way of example, the electronic device may be a cell phone, tablet computer, desktop computer, laptop computer, handheld computer, notebook computer, server, ultra-mobile personal computer, UMPC, netbook, as well as a cellular telephone, personal Digital Assistant (PDA), augmented reality (augmented reality, AR) device, virtual Reality (VR) device, artificial intelligence (ARTIFICIAL INTELLIGENCE, AI) device, wearable device, vehicle device, smart home device, and/or smart city device, the specific type of electronic device being not particularly limited by the embodiments of the present application.
In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, produces a flow or function in accordance with embodiments of the present invention, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in or transmitted from one computer-readable storage medium to another, for example, by wired (e.g., coaxial cable, optical fiber, digital Subscriber Line (DSL)), or wireless (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid State Disk (SSD)), etc.
It will be appreciated that the various numerical numbers referred to in the embodiments of the present application are merely for ease of description and are not intended to limit the scope of the embodiments of the present application. It should be understood that, in the embodiment of the present application, the sequence number of each process does not mean the sequence of execution, and the execution sequence of each process should be determined by the function and the internal logic of each process, and should not limit the implementation process of the embodiment of the present application.
The foregoing embodiments have been provided for the purpose of illustrating the general principles of the present application in further detail, and are not to be construed as limiting the scope of the application, but are merely intended to cover any modifications, equivalents, improvements, etc. based on the teachings of the application.
Claims (7)
1. A noise protocol implementation method based on an out-of-band quantum key, the noise protocol supporting a pre-shared key PSK, the noise protocol being implemented by both communication parties through a first communication link negotiation, includes:
In a pre-performed quantum security key negotiation stage, a first quantum key server and a second quantum key server respectively negotiate to obtain symmetric keys through a national cryptographic algorithm, a post quantum cryptographic PQC algorithm and a quantum key distribution QKD mode, and then three pairs of symmetric keys are subjected to exclusive OR or key derivation to obtain a final quantum key; each quantum key service side stores the generated quantum key in a key bank thereof, and stores the one-to-one correspondence between the quantum key identification and the quantum key in an index table;
in the handshake phase of the noise protocol:
A first quantum key server initiates a key request message to a first party of the two communication parties;
a first quantum key service party randomly distributes currently available quantum key identifiers from the key store and sends the currently available quantum key identifiers to the first party;
a first party receives a quantum key identifier fed back by the first quantum key server;
the first party sends the quantum key identification to a second party in the two communication parties by setting a PSK variable in the exchange message of the handshake stage;
the second party sends the quantum key identification to a second quantum key server;
the second quantum key service side inquires the quantum key identification in the index table, and the searched corresponding quantum key is returned to the second side;
the second party receives the corresponding quantum key from the second quantum key server as a pre-shared key for the noise protocol.
2. The method of claim 1, the first quantum key server further feeding back the quantum key;
The method further comprises the steps of:
the two communication parties negotiate to generate a switching key by using a first communication link based on an elliptic curve key exchange algorithm;
and the communication parties respectively conduct key derivative-based operation on the exchange key and the pre-shared key to generate target session keys of the communication parties, wherein the target session keys are used for encrypting data transmitted by the communication parties.
3. The method of claim 1, the initiating a key request message to a first quantum key server comprising:
Before each round of data transmission is carried out by both communication parties, a key request message is initiated to a first quantum key server; or alternatively
And a key rotation mechanism based on a noise protocol initiates a key request message to the first quantum key server.
4. The method of claim 1, the initiating a key request message to a first quantum key server comprising:
And initiating a key request message to the first quantum key service party by using the apparent state transmission application interface provided by the first quantum key service party.
5. The method of claim 1, wherein the pre-shared key conforms to IKpsk's 2 protocol,
The sending the quantum key identification to the other of the two communication parties includes: and transmitting the quantum key identification to the other one of the two communication parties by using the IKpsk protocol.
6. A system for implementing a noise protocol based on an out-of-band quantum key, wherein the noise protocol supports a pre-shared key PSK, the noise protocol being implemented by two parties of a communication through a first communication link negotiation, the system comprising: the first quantum key service party and the second quantum key service party are used as a first party and a second party of two communication parties; wherein:
The first quantum key server and the second quantum key server are used for respectively negotiating to obtain symmetric keys through a national cryptographic algorithm, a post quantum cryptographic PQC algorithm and a quantum key distribution QKD mode in a quantum security key negotiation stage performed in advance, and then obtaining a final quantum key through exclusive or key derivation modes of three pairs of symmetric keys; the generated quantum key is stored in a key bank, and the one-to-one correspondence relation between the quantum key identification and the quantum key is stored in an index table;
The first party is used for initiating a key request message to a first quantum key server in a handshake stage of the noise protocol;
The first quantum key service side is further used for randomly distributing currently available quantum key identifiers from the key store and sending the currently available quantum key identifiers to the first side;
The first party is also used for receiving the quantum key identification fed back by the first quantum key service party;
The first party is further configured to send the quantum key identifier to a second party by setting a PSK variable in an exchange message in the handshake phase;
the second party is used for sending the quantum key identification to a second quantum key service party;
The second quantum key service side is further used for inquiring the quantum key identification in the index table, searching the corresponding quantum key and returning the quantum key to the second side;
The second party is further configured to receive a corresponding quantum key from a second quantum key server as a pre-shared key of the noise protocol.
7. An electronic device, comprising: at least one memory for storing a program; at least one processor for executing the programs stored in the memory; wherein the processor is adapted to perform the method of any of claims 1-5 when the program stored in the memory is executed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410807075.4A CN118381608B (en) | 2024-06-21 | 2024-06-21 | Noise protocol implementation method and device based on out-of-band quantum key |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410807075.4A CN118381608B (en) | 2024-06-21 | 2024-06-21 | Noise protocol implementation method and device based on out-of-band quantum key |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN118381608A CN118381608A (en) | 2024-07-23 |
| CN118381608B true CN118381608B (en) | 2024-09-03 |
Family
ID=91909124
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410807075.4A Active CN118381608B (en) | 2024-06-21 | 2024-06-21 | Noise protocol implementation method and device based on out-of-band quantum key |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN118381608B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN118659923B (en) * | 2024-08-15 | 2025-01-03 | 中电信量子信息科技集团有限公司 | A quantum-resistant security enhancement method for the Simple Authentication and Security Layer protocol |
| CN119945660B (en) * | 2025-04-10 | 2025-08-19 | 中国电信股份有限公司 | Signal encryption processing method, signal decryption processing method and signal processing system |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2020260751A1 (en) * | 2019-06-27 | 2020-12-30 | Nokia Technologies Oy | Encrypted communication based on quantum key |
| CN115767518A (en) * | 2022-11-04 | 2023-03-07 | 深圳软牛科技有限公司 | A WhatsApp end-to-end encryption key acquisition method, device and related media |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA2886849A1 (en) * | 2015-04-07 | 2016-10-07 | Brisson, Andre J. | A secure mobile electronic payment system where only the bank has the key, distributed key handshakes, one way and two way authentication distributed key processes and setting up a dynamic distributed key server |
| CN106612176B (en) * | 2016-12-16 | 2019-09-24 | 中国电子科技集团公司第三十研究所 | One kind being based on quantum true random number arranging key negotiating system and machinery of consultation |
| CN113038468B (en) * | 2021-04-07 | 2022-09-09 | 东南大学 | A quantum key distribution and negotiation method for wireless terminals in the Internet of Things |
| CN116132025A (en) * | 2022-11-22 | 2023-05-16 | 武汉船舶通信研究所(中国船舶重工集团公司第七二二研究所) | Key negotiation method, device and communication system based on preset key group |
-
2024
- 2024-06-21 CN CN202410807075.4A patent/CN118381608B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2020260751A1 (en) * | 2019-06-27 | 2020-12-30 | Nokia Technologies Oy | Encrypted communication based on quantum key |
| CN115767518A (en) * | 2022-11-04 | 2023-03-07 | 深圳软牛科技有限公司 | A WhatsApp end-to-end encryption key acquisition method, device and related media |
Also Published As
| Publication number | Publication date |
|---|---|
| CN118381608A (en) | 2024-07-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10291596B2 (en) | Installation of a terminal in a secure system | |
| US20220345298A1 (en) | Systems and methods for providing signatureless, confidential and authentication of data during handshake for classical and quantum computing environments | |
| US10567165B2 (en) | Secure key transmission protocol without certificates or pre-shared symmetrical keys | |
| CN118381608B (en) | Noise protocol implementation method and device based on out-of-band quantum key | |
| CN104023013A (en) | Data transmission method, server side and client | |
| CN111049647B (en) | Asymmetric group key negotiation method based on attribute threshold | |
| JP2002532985A (en) | Improved subscriber authentication protocol | |
| CN113079022B (en) | Secure transmission method and system based on SM2 key negotiation mechanism | |
| AU2019381522A1 (en) | Encryption system and method employing permutation group-based encryption technology | |
| WO2023082599A1 (en) | Blockchain network security communication method based on quantum key | |
| CN114362944B (en) | D2D secure mobile communication method and system based on quantum key | |
| CN117201000A (en) | Mass data secure communication method, equipment and medium based on temporary key agreement | |
| CN114173328B (en) | Key exchange method and device and electronic equipment | |
| CN117278330B (en) | Lightweight networking and secure communication method for electric power Internet of things equipment network | |
| Wang et al. | Key escrow protocol based on a tripartite authenticated key agreement and threshold cryptography | |
| WO2024041498A1 (en) | Secret communication processing method, first terminal, and storage medium | |
| WO2025185627A1 (en) | Secure communication method, key distribution center, device, medium, and product | |
| US20240323028A1 (en) | Identity authentication method and apparatus | |
| CN114339740B (en) | AKA authentication method and system for 5G communication | |
| CN118659881B (en) | Quantum-resistant security enhancement method for secure shell protocol | |
| CN107104888B (en) | A Secure Instant Messaging Method | |
| Arora et al. | Handling Secret Key Compromise by Deriving Multiple Asymmetric Keys based on Diffie-Hellman Algorithm | |
| CN106487502A (en) | A kind of lightweight key negotiation method based on password | |
| CN117857065A (en) | Secure communication processing method, first terminal, second terminal and storage medium | |
| CN114760042A (en) | Identity authentication method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |