CN114169015B - Quantum digital signature method and system based on phase encoding - Google Patents
Quantum digital signature method and system based on phase encoding Download PDFInfo
- Publication number
- CN114169015B CN114169015B CN202111521943.5A CN202111521943A CN114169015B CN 114169015 B CN114169015 B CN 114169015B CN 202111521943 A CN202111521943 A CN 202111521943A CN 114169015 B CN114169015 B CN 114169015B
- Authority
- CN
- China
- Prior art keywords
- signature
- key
- module
- terminal
- polarized light
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 27
- 230000000977 initiatory effect Effects 0.000 claims abstract description 46
- 239000011159 matrix material Substances 0.000 claims abstract description 12
- 230000008569 process Effects 0.000 claims abstract description 7
- 239000013598 vector Substances 0.000 claims description 26
- 238000012795 verification Methods 0.000 claims description 21
- 238000012545 processing Methods 0.000 claims description 18
- ZLHLYESIHSHXGM-UHFFFAOYSA-N 4,6-dimethyl-1h-imidazo[1,2-a]purin-9-one Chemical compound N=1C(C)=CN(C2=O)C=1N(C)C1=C2NC=N1 ZLHLYESIHSHXGM-UHFFFAOYSA-N 0.000 claims description 6
- 238000005305 interferometry Methods 0.000 claims description 6
- 230000010287 polarization Effects 0.000 claims description 5
- 230000004044 response Effects 0.000 claims description 5
- 238000012937 correction Methods 0.000 claims description 3
- 239000013307 optical fiber Substances 0.000 claims description 3
- 230000001172 regenerating effect Effects 0.000 claims description 3
- 230000003321 amplification Effects 0.000 claims description 2
- 230000005540 biological transmission Effects 0.000 claims description 2
- 238000001514 detection method Methods 0.000 claims description 2
- 238000003199 nucleic acid amplification method Methods 0.000 claims description 2
- 238000004891 communication Methods 0.000 abstract description 4
- ZPUCINDJVBIVPJ-LJISPDSOSA-N cocaine Chemical group O([C@H]1C[C@@H]2CC[C@@H](N2C)[C@H]1C(=O)OC)C(=O)C1=CC=CC=C1 ZPUCINDJVBIVPJ-LJISPDSOSA-N 0.000 description 13
- 230000003287 optical effect Effects 0.000 description 7
- 238000010586 diagram Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000006978 adaptation Effects 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 230000003111 delayed effect Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- JXASPPWQHFOWPL-UHFFFAOYSA-N Tamarixin Natural products C1=C(O)C(OC)=CC=C1C1=C(OC2C(C(O)C(O)C(CO)O2)O)C(=O)C2=C(O)C=C(O)C=C2O1 JXASPPWQHFOWPL-UHFFFAOYSA-N 0.000 description 1
- 238000007792 addition Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000008054 signal transmission Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N10/00—Quantum computing, i.e. information processing based on quantum-mechanical phenomena
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Data Mining & Analysis (AREA)
- Computing Systems (AREA)
- Mathematical Physics (AREA)
- Pure & Applied Mathematics (AREA)
- Mathematical Optimization (AREA)
- Mathematical Analysis (AREA)
- Evolutionary Computation (AREA)
- Condensed Matter Physics & Semiconductors (AREA)
- Computational Mathematics (AREA)
- Artificial Intelligence (AREA)
- Optical Communication System (AREA)
Abstract
The invention provides a quantum digital signature method and a system based on phase coding, wherein a shared third secret key is constructed among a signature initiating terminal, a signature receiving terminal and a signature verifying terminal, before each signature, an n-order irreducible polynomial is adopted according to the length of a message to be sent, a first secret key sequence is obtained from the third secret key to generate a Toeplitz matrix as a hash function, the messages with different lengths can be mapped into digests with finite lengths through the Toeplitz matrix, and the digests are encrypted by utilizing the secret key left by the third secret key; through the process, the hash function is updated every time the signature is performed, the length of the message is not limited, the consumed communication resources are limited, and the efficiency of the digital signature is improved. In addition, the invention also provides a corresponding quantum digital signature system aiming at the signature method, and the system has simple structure and easy realization, and improves the practicability of the signature method.
Description
Technical Field
The invention relates to the technical field of quantum digital signature, in particular to a quantum digital signature method and system based on phase coding.
Background
Quantum digital signature is one direction of research in the field of quantum cryptography, and aims to find a quantum system which can replace a public key cryptography system based on mathematical problem computational complexity to play a signature role after being invalid in the future quantum era. The ideal quantum digital signature scheme can guarantee the security of an information network in the future of mature quantum computing technology, and has absolute advantages compared with a public key cryptosystem digital signature technology which can be cracked under enough strong computing power due to the characteristic of absolute security.
However, the current quantum digital signature scheme generally has the defect of low practicability, for example, gottesman and Chuang proposed the first quantum digital signature protocol in 2001, but in terms of practicality, the value of directly practical application of the protocol is not high because it uses techniques such as quantum storage which are difficult to deploy and implement. For another example, 2016 HL Yin et al propose a quantum digital signature protocol based on quantum key distribution, which removes the assumption of authenticating a quantum channel and reduces the technical requirement of implementing quantum digital signature, and improves the practicability of the quantum digital signature technology, but because each round of signature of the protocol can only be performed for one bit of data, a great deal of communication resources are required for generating the signature, the efficiency of the signature is still very low, and the method is still difficult to be used in a practical digital signature scene.
In summary, it can be found that the present quantum digital signature scheme mainly has the following drawbacks:
1. the existing quantum digital signature protocol consumes more communication resources and has low signature efficiency;
2. The existing quantum digital signature protocol has high requirements on a system when being particularly put into application, and has high implementation difficulty.
Disclosure of Invention
The invention aims to: in order to overcome the defects of the prior art, the invention provides a quantum digital signature method and a system based on phase encoding.
The technical scheme is as follows: in order to achieve the above object, the present invention firstly proposes a quantum digital signature method, which is implemented between a signature initiating terminal, a signature receiving terminal and a signature verifying terminal, comprising the steps of:
(1) Performing key negotiation between a signature initiating terminal and a signature receiving terminal to obtain a first key; a second secret key is obtained by carrying out secret key negotiation between the signature initiating terminal and the signature verifying terminal;
(2) The signature initiating terminal generates an n-order irreducible polynomial in GF (2);
(3) The signature initiating terminal obtains a third key after exclusive-or of the first key and the second key, selects a first key sequence with the length of n from the third key, and generates an n multiplied by m Toeplitz matrix as a hash function together with the n-order irreducible multiple obtained in the step (2), wherein m is the length of a message to be sent;
(4) The signature initiating terminal maps the message to be sent into an n-bit abstract by using the hash function generated in the step (3); selecting a second key sequence with the length of 2n from the rest part of the third key, and performing exclusive or encryption operation on a character string formed by the abstract and each term of coefficients of the irreducible polynomial except the highest term by using the second key sequence to obtain a2 n-bit digital signature;
(5) The signature initiating terminal sends the message and the digital signature to the signature receiving terminal;
(6) The signature receiving end sends the received message and the digital signature together with the first secret key to the signature verification end; after receiving the message of the receiver, the signature verification terminal sends a second secret key to the signature receiving terminal;
(7) The signature receiving end and the signature verifying end execute the following steps: firstly, the first key and the second key are exclusive-ored to obtain a third key, and the first key sequence and the second key sequence are extracted in the same mode as the sender; then decrypting the signature by using the second key sequence to obtain a first abstract and a character string; then, each bit of the obtained character string corresponds to the coefficient of each term except the highest term in the irreducible polynomials, and an irreducible polynomial with the highest term coefficient of 1 is generated; and finally, generating a Toeplitz matrix with the generated irreducible polynomial and the first key sequence to map the message, obtaining a second digest, comparing whether the first digest and the second digest are consistent, and receiving a signature if the first digest and the second digest are consistent, otherwise, not receiving the signature.
Further, the method for generating the n-th order irreducible polynomial in the step (2) is as follows:
1) The signature initiating terminal generates an n-bit random number and judges the generated random number: if the last bit of the random number is 0, the last bit of the random number is 1; or if the last bit of the n-bit random number is 0, regenerating the n-bit random number until the last bit of the generated n-bit random number is 1;
2) Sequentially using the coefficients of each item except the highest item in each corresponding polynomial of the n-bit random numbers to generate an n-order polynomial with the highest item coefficient of 1 in the GF (2) domain;
3) Verifying whether the n-order polynomial obtained in the step 2) is an irreducible polynomial or not by utilizing an FMC algorithm, and returning to the step 1) if the verification result is negative; if the verification result is yes, stopping verification to obtain the irreducible polynomial.
On the other hand, the invention provides a quantum digital signature system based on phase encoding, which comprises a signature initiating terminal, a signature receiving terminal and a signature verifying terminal, wherein the quantum digital signature is carried out among the signature initiating terminal, the signature receiving terminal and the signature verifying terminal by adopting the quantum digital signature method.
For the quantum digital signature system, several alternatives are provided below, but not as additional limitation to the above general schemes, but only further additions or preferred, and each alternative may be individually combined for the above general schemes or may be combined among multiple alternatives without technical or logical contradiction.
Optionally, the signature initiating terminal includes a first key generating module and a first classical processing module; the signature receiving end comprises a second secret key generation module and a second classical processing module; the signature verification terminal comprises a third key generation module and a third classical processing module; the first key generation module, the second key generation module and the third key generation module are connected through a quantum channel and are used for completing an initial key negotiation process between a signature initiating terminal and a signature receiving terminal and between the signature initiating terminal and a signature verification terminal; the first classical processing module, the second classical processing module and the third classical processing module are connected through a classical channel and are used for carrying out error correction and privacy amplification on the initial key after the initial key negotiation is completed so as to obtain a first key between the signature initiating terminal and the signature receiving terminal and a second key between the signature initiating terminal and the signature verifying terminal; and the method is also used for completing the quantum digital signature method.
Optionally, the first key generation module includes a pulse laser generation module, an intensity modulation module, a first beam splitting module, a first beam combining module, a first phase modulation module, and a time division multiplexing module; the pulse laser generation module is used for generating pulse laser, and the intensity modulation module is used for modulating the intensity of the pulse laser to form pulse laser capable of being used for phase encoding; the first beam splitting module splits the incident pulse laser into two paths of lasers with the same intensity, and transmits the two paths of lasers to the first beam combining module through polarization maintaining optical fibers respectively; the first beam combining module combines the two paths of laser beams to form horizontal polarized light and vertical polarized light with a certain time difference in time sequence; the first phase modulation module selects horizontal polarized light/vertical polarized light according to a preset convention to perform phase encoding: randomly selecting an X base vector or a Y base vector, and loading corresponding phases onto horizontal polarized light/vertical polarized light to obtain signal light; the time division multiplexing module is used for selectively transmitting the signal light to the signature receiving end/the signature verification end according to the flow of the key agreement.
Optionally, the second key generation module and the third key generation module have identical structures; the second key generation module comprises a second phase modulation module, a second beam splitting module, a second beam combining module, a first single photon detector and a second single photon detector; the second phase modulation module receives the signal light and performs phase modulation on the horizontally polarized light or the vertically polarized light which is not subjected to phase modulation: randomly selecting an X base vector or a Y base vector, and loading a phase corresponding to the base vector to the selected horizontal polarized light/vertical polarized light; the second beam splitting module is used for separating the horizontal polarized light and the vertical polarized light which are subjected to phase modulation by the second phase modulation module, and respectively transmitting the horizontal polarized light and the vertical polarized light to the second beam combining module through transmission paths with different lengths so as to eliminate the delay difference between the horizontal polarized light and the vertical polarized light; and the second beam combination module combines the received two paths of light beams, and then the first single photon detector and the second single photon detector perform interferometry.
Optionally, after interferometry is performed on the second key generation module and the third key generation module, the detection result is disclosed to the first key generation module; the first, second and third key generation modules record the condition that only one detector responds as valid response, and keep bits corresponding to the valid response as an initial key.
The beneficial effects are that: compared with the prior art, the invention has the following advantages:
1. In the signature method provided by the invention, each time of signature firstly generates a key, a hash function is generated by using a part of keys, a message is input into the hash function to generate a digest, and the digest is encrypted by using the rest of keys; through the process, the hash function is updated every time the signature is performed, the length of the message is not limited, the consumed communication resources are limited, and the efficiency of the digital signature is improved.
2. The quantum digital signature system provided by the invention has the advantages of simple structure, easiness in realization, convenience in implementation in actual application scenes and full improvement of the practicability of the quantum digital signature method.
Drawings
Fig. 1 is a block diagram of a quantum digital signature system based on phase encoding according to an embodiment;
Fig. 2 is a specific structural diagram of the first key generation module, the second key generation module, and the third key generation module.
Detailed Description
The technical solutions in the embodiments of the present invention will be described below with reference to the accompanying drawings. It will be apparent that the described embodiments are only some, but not all, of the embodiments of the present specification.
Reference in the specification to "one embodiment" or "some embodiments" or the like means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the specification. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," and the like in the specification are not necessarily all referring to the same embodiment, but mean "one or more but not all embodiments" unless expressly specified otherwise.
Wherein, in the description of the present specification, "/" means or is meant unless otherwise indicated, for example, a/B may represent a or B; "and/or" herein is merely an association relationship describing an association object, and means that three relationships may exist, for example, a and/or B may mean: a exists alone, A and B exist together, and B exists alone. In addition, in the description of the embodiments of the present application, "plurality" means two or more than two.
In the description of this specification, the terms "first," "second," and the like are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include one or more such feature. The terms "comprising," "including," "having," and variations thereof mean "including but not limited to," unless expressly specified otherwise.
It will be appreciated that the various numerical numbers referred to in the embodiments of the present application are merely for ease of description and are not intended to limit the scope of the embodiments of the present application.
Examples:
the embodiment exemplarily provides a quantum digital signature system based on phase encoding, the structure of which is shown in fig. 1, and the quantum digital signature system comprises a signature initiating terminal Alice, a signature receiving terminal Bob and a signature verifying terminal Charlie.
The signature initiating terminal Alice comprises a first key generation module and a first classical processing module, the signature receiving terminal Bob comprises a second key generation module and a second classical processing module, and the signature verifying terminal Charlie comprises a third key generation module and a third classical processing module. The first key generation module, the second key generation module and the third key generation module are connected by a quantum channel, and the quantum channel is represented by a dotted line in fig. 1. The first classical processing module, the second classical processing module and the third classical processing module are connected by classical channels, which are indicated by solid lines in fig. 1.
Fig. 2 is a specific structural diagram showing signing of the first key generation module, the second key generation module, and the third key generation module.
The first key generation module comprises a pulse laser generation module 1-1, an intensity modulation module 1-2, a first beam splitting module 1-3, a first beam combining module 1-4, a first phase modulation module 1-5 and a time division multiplexing module 1-6. The pulse laser generating module 1-1 is used for generating pulse laser. The intensity modulation module 1-2 is used for intensity modulating the pulsed laser light, including decoy-state modulation, to form pulsed laser light that can be used for phase encoding. The first beam splitting module 1-3 splits the incident pulse laser into two paths of lasers with the same intensity, and transmits the two paths of lasers to two input ends of the first beam combining module 1-4 through polarization maintaining optical fibers respectively. The first beam combining module 1-4 combines two paths of laser beams into horizontally polarized light and vertically polarized light with a certain time difference in time sequence. The first phase modulation module 1-5 selects horizontal polarized light or vertical polarized light to carry out phase modulation, and the specific modulation mode is as follows: randomly selecting an X base vector or a Y base vector, loading a phase corresponding to the base vector onto the selected horizontal polarized light/vertical polarized light, and realizing phase modulation to obtain signal light; global phase difference between X and Y basis vectorsFor example, the X basis vector is {0, pi }, and the Y basis vector isOr X basis vector is {0, pi }, Y basis vector isThe time division multiplexing modules 1-6 are used to select the transmission of signal light to the second key generation module or the third key generation module.
The second key generation module comprises a second phase modulation module 2-1, a second beam splitting module 2-2, a second beam combining module 2-3, a first single photon detector 2-4 and a second single photon detector 2-5. After receiving the signal light, the second phase modulation module 2-1 performs phase modulation on the horizontally polarized light or the vertically polarized light which is not subjected to phase modulation, specifically: the X base vector or Y base vector is randomly selected, and the phase corresponding to the base vector is loaded on the selected horizontal polarized light/vertical polarized light. The second beam splitting module 2-2 is configured to split the horizontally polarized light and the vertically polarized light after being phase-modulated by the second phase modulating module 2-1, and enable the polarized light delayed by the long optical path before in the horizontally polarized light and the vertically polarized light to be transmitted to the second beam combining module 2-3 through the short optical path, and the non-delayed polarized light to be transmitted to the second beam combining module 2-3 through the long optical path, where the sum of the distances of the short optical paths of the signature receiving end of the long optical path of the signature initiating end is equal to the sum of the distances of the long optical paths of the signature receiving end of the short optical path of the signature initiating end, so as to eliminate the time delay difference between the horizontally polarized light and the vertically polarized light. The second beam combining module 2-3 combines the received two beams, and then the first single photon detector 2-4 and the second single photon detector 2-5 perform interferometry, if the basis vectors selected by the first phase modulating module 1-5 and the second phase modulating module 2-1 are consistent, only one single photon detector responds, and if the basis vectors selected by the first phase modulating module 1-5 and the second phase modulating module 2-1 are inconsistent, both single photon detectors respond.
In this embodiment, the pulse laser generating module 1-1 may be implemented by a pulse laser; the intensity modulation module 1-2 may be implemented using an intensity modulator; the first beam splitting module 1-3 can be realized by a beam splitter; the first beam combination module 1-4 can be realized by adopting a polarization beam splitter; the first phase modulation modules 1-5 may be implemented with phase modulators; the time division multiplexing modules 1-6 are implemented using time division multiplexers. The second phase modulation module 2-1 and the third phase modulation module 3-1 may be implemented using phase modulators; the second beam splitting module 2-2 and the third beam splitting module 3-2 can be realized by adopting a polarization beam splitter; the second beam combining module 2-3 and the third beam combining module 3-3 may be implemented using beam splitters.
When the key negotiation process is performed, the sequence of phase modulation during key distribution is preset between the signature initiating terminal Alice, the signature receiving terminal Bob and the signature verifying terminal Charlie, for example, when the signature initiating terminal Alice performs phase modulation on the horizontally polarized light, the signature receiving terminal Bob and the signature verifying terminal Charlie perform phase modulation on the vertically polarized light. In addition, the encoding mode is preset between the signature initiating terminal Alice, the signature receiving terminal Bob and the signature verifying terminal Charlie, for example, when the initiating terminal Alice selects the X-base vector {0, pi }, then the phase 0 corresponds to the bit 0, and the phase pi corresponds to the bit 1; or when the originating terminal Alice selects the Y-basis vectorThen the phase isCorresponding bit 0, phaseCorresponding to bit 1.
After interferometry is carried out, the signature receiving terminal Bob publishes a measurement result to the signature initiating terminal Alice. And marking only one detector response as a valid event, and respectively reserving bits corresponding to the valid event by the signature initiating terminal Alice and the signature receiving terminal Bob as an initial key between the signature initiating terminal Alice and the signature receiving terminal Bob.
The third key generation module is completely consistent with the second key generation module in structure, and comprises a third phase modulation module 3-1, a third beam splitting module 3-2, a third beam combining module 3-3, a third single photon detector 3-4 and a fourth single photon detector 3-5, wherein the functions of all the modules in the third key generation module are consistent with the functions of the corresponding modules in the second key generation module, and the detailed description is omitted. And the third key generation module and the first key generation module also finish the key negotiation process between the signature initiating terminal Alice and the signature verification terminal Charlie by referring to the mode, so as to obtain an initial key between the signature initiating terminal Alice and the signature verification terminal Charlie.
After the initial secret key is obtained, error correction and privacy methods are carried out on the held initial secret key through the classical modules respectively between the signature initiating terminal Alice and the signature receiving terminal Bob and between the signature initiating terminal Alice and the signature verifying terminal Charlie, so that a final secret key is obtained.
After the key agreement is completed, the key generated between Alice and Bob is K AB, and the key generated between Charlie and Alice is K AC. The signing process between Alice, bob and Charlie is described in detail below with the length of 256 bits for K AB and K AC as examples.
Step 1: alice generates an irreducible polynomial of order n in GF (2) domain, comprising the steps of:
1) Alice generates an n-bit random number and judges the generated random number: if the last bit of the random number is 0, the last bit of the random number is 1; or if the last bit of the n-bit random number is 0, regenerating the n-bit random number until the last bit of the generated n-bit random number is 1;
2) Sequentially using the coefficients of each item except the highest item in each corresponding polynomial of the n-bit random numbers to generate an n-order polynomial with the highest item coefficient of 1 in the GF (2) domain;
3) Verifying whether the n-order polynomial obtained in the step 2) is an irreducible polynomial or not by utilizing an FMC algorithm, and returning to the step 1) if the verification result is negative; if the verification result is yes, stopping verification to obtain the irreducible polynomial.
Step 2: alice exclusive-ors K AB and K AC to obtain a key K, and then extracts a first key sequence of n bits from the key K, and generates an n×m Toeplitz matrix as a hash function together with the n-th-order irreducible polynomial obtained in step 1, where m is the length of the message to be sent. The message is input into the Toeplitz matrix to get an n-bit digest. Alice takes n bits from K as a second key sequence, and uses the second key sequence to carry out exclusive or encryption operation on the character string formed by the abstract and each term of coefficients except the highest term of the irreducible polynomial, so as to obtain a 2 n-bit digital signature.
Specifically, the specific steps of performing exclusive or encryption operation on the character string formed by the abstract and each term coefficient of the irreducible polynomial except the highest term by using the second key sequence are as follows:
Setting a first key sequence T represents the transpose, and the coefficient vector of the irreducible polynomial p 1 (x) isThen there are recurrence rules as follows: … …, the Toeplitz matrix is thus in the form:
for a message mes= (b 1,b2,b3,...,bm)T, toeplitz matrix mapping result is:
That is, the Toeplitz matrix may map an m-bit message to an n-bit digest.
Next, we take a second key sequence Y A=(c1,c2,…,c2n)T of length 2n bits, and exclusive-or encrypt the string (d 1,d2,…,dn,a0,a1,…,an-1) composed of the digest and each term coefficient of the irreducible polynomial except the highest term, to obtain a digital signature of 2n bits.
Step 3: alice sends the message and the digital signature to Bob;
Step 4: bob sends the received message and digital signature together with its own key K AB to Charlie; after receiving the message of Bob, charlie sends K AC to Bob;
Step 5: bob and Charlie perform the following steps: firstly, carrying out exclusive OR on K AB and K AC to obtain K, and extracting a first key sequence and a second key sequence in the same mode as Alice; then decrypting the signature by using the second key sequence to obtain a first abstract and a character string; then, each bit of the obtained character string corresponds to the coefficient of each term except the highest term in the irreducible polynomials, and an irreducible polynomial with the highest term coefficient of 1 is generated; and finally, generating a Toeplitz matrix with the generated irreducible polynomial and the first key sequence to map the message, obtaining a second digest, comparing whether the first digest and the second digest are consistent, and receiving a signature if the first digest and the second digest are consistent, otherwise, not receiving the signature.
The foregoing is only a preferred embodiment of the invention, it being noted that: it will be apparent to those skilled in the art that various modifications and adaptations can be made without departing from the principles of the present invention, and such modifications and adaptations are intended to be comprehended within the scope of the invention.
Claims (6)
1. The quantum digital signature method based on phase encoding is characterized by being implemented among a signature initiating terminal, a signature receiving terminal and a signature verifying terminal, and comprises the following steps of:
(1) Performing key negotiation between a signature initiating terminal and a signature receiving terminal to obtain a first key; a second secret key is obtained by carrying out secret key negotiation between the signature initiating terminal and the signature verifying terminal;
(2) The signature initiating terminal generates an n-order irreducible polynomial in GF (2);
(3) The signature initiating terminal obtains a third key after exclusive-or of the first key and the second key, selects a first key sequence with the length of n from the third key, and generates an n multiplied by m Toeplitz matrix as a hash function together with the n-order irreducible polynomial obtained in the step (2), wherein m is the length of a message to be sent;
(4) The signature initiating terminal maps the message to be sent into an n-bit abstract by using the hash function generated in the step (3); selecting a second key sequence with the length of 2n from the rest part of the third key, and performing exclusive or encryption operation on a character string formed by the abstract and each term of coefficients of the irreducible polynomial except the highest term by using the second key sequence to obtain a2 n-bit digital signature;
(5) The signature initiating terminal sends the message and the digital signature to the signature receiving terminal;
(6) The signature receiving end sends the received message and the digital signature together with the first secret key to the signature verification end; after receiving the message of the receiver, the signature verification terminal sends a second secret key to the signature receiving terminal;
(7) The signature receiving end and the signature verifying end execute the following steps: firstly, the first key and the second key are exclusive-ored to obtain a third key, and the first key sequence and the second key sequence are extracted in the same mode as the sender; then decrypting the signature by using the second key sequence to obtain a first abstract and a character string; then, each bit of the obtained character string corresponds to the coefficient of each term except the highest term in the irreducible polynomials, and an irreducible polynomial with the highest term coefficient of 1 is generated; finally, generating a Toeplitz matrix with the generated irreducible polynomial and the first key sequence to map the message, obtaining a second digest, comparing whether the first digest and the second digest are consistent, and receiving a signature if the first digest and the second digest are consistent, otherwise, not receiving the signature;
The method for generating the n-order irreducible polynomial in the step (2) comprises the following steps:
1) The signature initiating terminal generates an n-bit random number and judges the generated random number: if the last bit of the random number is 0, the last bit of the random number is 1; or if the last bit of the n-bit random number is 0, regenerating the n-bit random number until the last bit of the generated n-bit random number is 1;
2) Sequentially using the coefficients of each item except the highest item in each corresponding polynomial of the n-bit random numbers to generate an n-order polynomial with the highest item coefficient of 1 in the GF (2) domain;
3) Verifying whether the n-order polynomial obtained in the step 2) is an irreducible polynomial or not by utilizing an FMC algorithm, and returning to the step 1) if the verification result is negative; if the verification result is yes, stopping verification to obtain the irreducible polynomial.
2. The quantum digital signature system based on the phase coding comprises a signature initiating terminal, a signature receiving terminal and a signature verifying terminal, and is characterized in that quantum digital signature is carried out among the signature initiating terminal, the signature receiving terminal and the signature verifying terminal.
3. The quantum digital signature system of claim 2, wherein the signature initiation terminal comprises a first key generation module and a first classical processing module; the signature receiving end comprises a second secret key generation module and a second classical processing module; the signature verification terminal comprises a third key generation module and a third classical processing module;
The first key generation module, the second key generation module and the third key generation module are connected through a quantum channel and are used for completing an initial key negotiation process between a signature initiating terminal and a signature receiving terminal and between the signature initiating terminal and a signature verification terminal;
The first classical processing module, the second classical processing module and the third classical processing module are connected through a classical channel and are used for carrying out error correction and privacy amplification on the initial key after the initial key negotiation is completed so as to obtain a first key between the signature initiating terminal and the signature receiving terminal and a second key between the signature initiating terminal and the signature verifying terminal; and is also used for completing the quantum digital signature method.
4. The quantum digital signature system of claim 3, wherein the first key generation module comprises a pulsed laser generation module, an intensity modulation module, a first beam splitting module, a first beam combining module, a first phase modulation module, a time division multiplexing module; the pulse laser generation module is used for generating pulse laser, and the intensity modulation module is used for modulating the intensity of the pulse laser to form pulse laser capable of being used for phase encoding; the first beam splitting module splits the incident pulse laser into two paths of lasers with the same intensity, and transmits the two paths of lasers to the first beam combining module through polarization maintaining optical fibers respectively; the first beam combining module combines the two paths of laser beams to form horizontal polarized light and vertical polarized light with a certain time difference in time sequence; the first phase modulation module selects horizontal polarized light/vertical polarized light according to a preset convention to perform phase encoding: randomly selecting an X base vector or a Y base vector, and loading a corresponding phase onto the selected polarized light to obtain signal light; the time division multiplexing module is used for selectively transmitting the signal light to the signature receiving end/the signature verification end according to the flow of the key agreement.
5. The quantum digital signature system based on phase encoding as claimed in claim 4, wherein the second key generation module and the third key generation module are identical in structure; the second key generation module comprises a second phase modulation module, a second beam splitting module, a second beam combining module, a first single photon detector and a second single photon detector; the second phase modulation module receives the signal light and performs phase modulation on the horizontally polarized light or the vertically polarized light which is not subjected to phase modulation: randomly selecting an X base vector or a Y base vector, and loading a phase corresponding to the base vector to the selected polarized light; the second beam splitting module is used for separating the horizontal polarized light and the vertical polarized light which are subjected to phase modulation by the second phase modulation module, and respectively transmitting the horizontal polarized light and the vertical polarized light to the second beam combining module through transmission paths with different lengths so as to eliminate the delay difference between the horizontal polarized light and the vertical polarized light; and the second beam combination module combines the received two paths of light beams, and then the first single photon detector and the second single photon detector perform interferometry.
6. The quantum digital signature system based on phase encoding according to claim 5, wherein the second key generation module and the third key generation module disclose the detection result to the first key generation module after performing interferometry; the first, second and third key generation modules record the condition that only one detector responds as valid response, and keep bits corresponding to the valid response as an initial key.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111521943.5A CN114169015B (en) | 2021-12-13 | 2021-12-13 | Quantum digital signature method and system based on phase encoding |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111521943.5A CN114169015B (en) | 2021-12-13 | 2021-12-13 | Quantum digital signature method and system based on phase encoding |
Publications (2)
Publication Number | Publication Date |
---|---|
CN114169015A CN114169015A (en) | 2022-03-11 |
CN114169015B true CN114169015B (en) | 2024-07-26 |
Family
ID=80486069
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111521943.5A Active CN114169015B (en) | 2021-12-13 | 2021-12-13 | Quantum digital signature method and system based on phase encoding |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114169015B (en) |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105007158A (en) * | 2015-07-09 | 2015-10-28 | 中国科学技术大学先进技术研究院 | Quantum digital signing method and system |
CN109787770A (en) * | 2018-12-27 | 2019-05-21 | 安徽继远软件有限公司 | A kind of public key arbitration quantum signature protocol based on quantum block encryption |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4575283B2 (en) * | 2005-11-15 | 2010-11-04 | 株式会社東芝 | ENCRYPTION DEVICE, DECRYPTION DEVICE, PROGRAM, AND METHOD |
JP5790319B2 (en) * | 2011-08-29 | 2015-10-07 | ソニー株式会社 | Signature verification apparatus, signature verification method, program, and recording medium |
KR102028092B1 (en) * | 2018-04-20 | 2019-10-02 | 한국전자통신연구원 | Apparatus and method for reliable quantum signature |
KR102350015B1 (en) * | 2019-09-17 | 2022-01-11 | 주식회사 이와이엘 | Method and System for Authentication and Key Agreement through One Time Quantum Symmetric Key based on Elliptic Curve Diffie Hellman Algorithm |
CN111447056B (en) * | 2020-03-17 | 2022-09-16 | 南京邮电大学 | Configurable decoy state quantum digital signature method |
CN113297633B (en) * | 2021-07-26 | 2021-11-02 | 南京大学 | Quantum digital signature method |
CN113645038B (en) * | 2021-07-30 | 2023-07-11 | 矩阵时光数字科技有限公司 | Quantum digital signature system and method irrelevant to measuring equipment |
CN113779645B (en) * | 2021-11-12 | 2022-02-22 | 南京大学 | Quantum digital signature and quantum digital signature encryption method |
-
2021
- 2021-12-13 CN CN202111521943.5A patent/CN114169015B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105007158A (en) * | 2015-07-09 | 2015-10-28 | 中国科学技术大学先进技术研究院 | Quantum digital signing method and system |
CN109787770A (en) * | 2018-12-27 | 2019-05-21 | 安徽继远软件有限公司 | A kind of public key arbitration quantum signature protocol based on quantum block encryption |
Also Published As
Publication number | Publication date |
---|---|
CN114169015A (en) | 2022-03-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Kong | A review of quantum key distribution protocols in the perspective of smart grid communication security | |
CN109495249B (en) | Data storage method of block chain system, node and block chain system | |
US20200252215A1 (en) | Streaming authentication and multi-level security for communications networks using quantum cryptography | |
CA2883444C (en) | System and method for quantum key distribution | |
CN110719165B (en) | Block chain distributed dynamic network key generation and encryption method | |
US7616765B2 (en) | Method and system for generating shared information | |
CN113141252B (en) | Quantum key distribution method, quantum communication method, device and system | |
CN106254072B (en) | Quantum key distribution method | |
KR20110057448A (en) | A method of user-authenticated quantum key distribution | |
CN113297633B (en) | Quantum digital signature method | |
CN113645038B (en) | Quantum digital signature system and method irrelevant to measuring equipment | |
Sun et al. | Design and implementation of a practical quantum secure direct communication system | |
CN113794573A (en) | Digital signature system and method based on discrete modulation CV-QKD | |
KR20210063378A (en) | Computer-implemented systems and methods that share common secrets | |
CN113961954B (en) | Quantum digital signature system and method based on time phase coding | |
CN113572606B (en) | Quantum digital signature system and method based on Gaussian modulation and homodyne detection | |
CN108809996B (en) | Integrity auditing method for duplicate deletion stored data with different popularity | |
CN114169015B (en) | Quantum digital signature method and system based on phase encoding | |
EP4236194A1 (en) | Authentication method and system, a quantum communication network, and a node for quantum communication | |
CN111865578A (en) | SM 2-based multi-receiver public key encryption method | |
CN113810188B (en) | Quantum digital signature system and method based on polarization coding | |
CN114667710A (en) | Qubit decoding apparatus, systems, and methods | |
CN114268432B (en) | Device-independent quantum secure direct communication method based on single photon source | |
CN114205077B (en) | Mixed encryption secure communication method based on boom key distribution algorithm | |
Yan et al. | Optical communication security transmission based on blockchain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |