[go: up one dir, main page]

CN110336775A - A Quantum Swarm Authentication Method Based on Grover Algorithm - Google Patents

A Quantum Swarm Authentication Method Based on Grover Algorithm Download PDF

Info

Publication number
CN110336775A
CN110336775A CN201910331441.2A CN201910331441A CN110336775A CN 110336775 A CN110336775 A CN 110336775A CN 201910331441 A CN201910331441 A CN 201910331441A CN 110336775 A CN110336775 A CN 110336775A
Authority
CN
China
Prior art keywords
authentication
quantum
group
management center
private
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910331441.2A
Other languages
Chinese (zh)
Other versions
CN110336775B (en
Inventor
宋秀丽
曹耘凡
周道洋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing University of Post and Telecommunications
Original Assignee
Chongqing University of Post and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing University of Post and Telecommunications filed Critical Chongqing University of Post and Telecommunications
Priority to CN201910331441.2A priority Critical patent/CN110336775B/en
Publication of CN110336775A publication Critical patent/CN110336775A/en
Application granted granted Critical
Publication of CN110336775B publication Critical patent/CN110336775B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3278Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Optical Communication System (AREA)

Abstract

本发明属于量子计算和量子认证技术领域,涉及一种基于Grover算法的量子群认证方法,包括认证管理中心制备初始认证量子态,并且通过安全量子信道发送给需要认证的网络群组,接着制备多个私密份额作为注册用户身份信息并通过经典信道发送给注册用户,并且为网络群组生成一个群组标识符并通过经典信道发送给网络群组;认证阶段每个参与认证的用户根据自己身份信息和群组标识符对认证量子态进行酉变换,最后群组将酉变换后的认证量子态传回给认证管理中心,进行对比得出认证结果;本发明使用了Grover算子,对Grover算子的用法进行了扩展,能够对群体用户身份和网络群组标识符同时进行认证,双重认证提高了认证方法的安全性。

The invention belongs to the technical field of quantum computing and quantum authentication, and relates to a quantum group authentication method based on the Grover algorithm. A private share is used as the identity information of the registered user and sent to the registered user through the classic channel, and a group identifier is generated for the network group and sent to the network group through the classic channel; in the authentication stage, each user participating in the authentication according to his own identity information Carry out unitary transformation to the authentication quantum state with the group identifier, and finally the group returns the authentication quantum state after the unitary transformation to the authentication management center for comparison to obtain the authentication result; the present invention uses the Grover operator, and the Grover operator The usage of the system has been extended, and the group user identity and the network group identifier can be authenticated at the same time, and the double authentication improves the security of the authentication method.

Description

一种基于Grover算法的量子群认证方法A Quantum Swarm Authentication Method Based on Grover Algorithm

技术领域technical field

本发明属于量子计算和量子认证技术领域,涉及一种基于Grover算法的量子群认证方法。The invention belongs to the technical field of quantum computing and quantum authentication, and relates to a quantum group authentication method based on a Grover algorithm.

背景技术Background technique

众所周知,认证是保证传输信息完整性的一种有效方法,而身份认证技术也常被应用于电子商务和投票等具体场景中,在现实生活中有非常广泛的应用场景。传统认证协议的安全性基于的大多是经典密码学中关于离散对数、二次剩余、大数因子分解等计算复杂度问题的。但是近年来随着量子技术的飞速发展,量子计算机的强大计算能力对这些经典协议安全性构成能巨大的挑战。而同时代背景下的量子加密技术则是基于量子物理学的基本原理,其安全性是建立在Heisenberg测不准原理及量子不可克隆定理基础上的,特别是一些量子密钥分配协议如BB84,B92协议已经被证明是无条件安全的,量子认证是量子密码学中的重要分支,因而量子认证技术是前沿安全技术的焦点领域其应用量子投票也是今年来研究热点。As we all know, authentication is an effective method to ensure the integrity of transmitted information, and identity authentication technology is often used in specific scenarios such as e-commerce and voting, and has a very wide range of application scenarios in real life. The security of traditional authentication protocols is mostly based on the computational complexity of discrete logarithms, quadratic residues, and factorization of large numbers in classical cryptography. However, with the rapid development of quantum technology in recent years, the powerful computing power of quantum computers poses a huge challenge to the security of these classical protocols. The quantum encryption technology in the contemporary background is based on the basic principles of quantum physics, and its security is based on the Heisenberg uncertainty principle and the quantum non-cloning theorem, especially some quantum key distribution protocols such as BB84, The B92 protocol has been proven to be unconditionally secure. Quantum authentication is an important branch of quantum cryptography. Therefore, quantum authentication technology is the focus of cutting-edge security technology, and its application of quantum voting is also a research hotspot this year.

在量子技术环境中,量子并行计算具有强大的计算潜力,量子搜索算法中的Grover算法是量子并行计算运用的代表,因而受到人们高度关注。其算法中的旋转算子和投影算子具有很高的研究价值,且现有的一些量子联想记忆模型和量子机器学习算法都利用了Grover算法的思想,但是基于Grover算法的群体身份认证方案还没有出现,特别是Grover算子的特性其实能够和门限思想相结合作为一种群体身份认证算法。In the environment of quantum technology, quantum parallel computing has strong computing potential. The Grover algorithm in the quantum search algorithm is a representative of the application of quantum parallel computing, so it has attracted great attention. The rotation operator and projection operator in the algorithm have high research value, and some existing quantum associative memory models and quantum machine learning algorithms use the idea of the Grover algorithm, but the group identity authentication scheme based on the Grover algorithm still has No, especially the characteristics of the Grover operator can actually be combined with the threshold idea as a group identity authentication algorithm.

最近几年利用量子技术提出的量子身份认证方案研究日益增多,但是现有多数量子认证方案中考虑的是量子通信双方的身份认证,如果在多用户参与认证的情况下,认证过程需要多次进行迭代认证,效率较低,浪费了经典资源和量子资源,而且无法对多用户身份同时进行认证。In recent years, the research on quantum identity authentication schemes proposed by quantum technology has been increasing, but most of the existing quantum authentication schemes consider the identity authentication of both quantum communication parties. If multiple users participate in the authentication, the authentication process needs to be carried out multiple times. Iterative authentication is inefficient, wastes classical resources and quantum resources, and cannot authenticate multiple user identities at the same time.

针对现有量子认证方案无法对多用户身份进行同时认证的缺陷和效率低下的问题提出了本认证方法。This authentication method is proposed aiming at the defect and low efficiency that the existing quantum authentication scheme cannot simultaneously authenticate multiple user identities.

发明内容Contents of the invention

有鉴于此,针对需要对多个用户身份同时进行认证的需求,提出了一种能够对用户群体身份和网络标识符进行双重认证,且基于Grover算法的量子群体认证方法,本发明一种基于Grover算法的量子群认证方法,当网络群组GM中多个用户需要对身份同时进行认证,则网络群组GM向认证管理中心发起认证请求。认证管理中心负责对用户群体身份和网络群组身份进行认证,包括以下步骤:In view of this, in view of the need to authenticate multiple user identities at the same time, a quantum group authentication method based on the Grover algorithm that can perform dual authentication on user group identities and network identifiers is proposed. The quantum group authentication method of the algorithm, when multiple users in the network group GM need to authenticate their identities at the same time, the network group GM initiates an authentication request to the authentication management center. The authentication management center is responsible for authenticating user group identities and network group identities, including the following steps:

S1、认证管理中心为网络群组制备认证量子态,该量子态是一个两粒子态,表示为|Sw>;S1. The authentication management center prepares the authentication quantum state for the network group. The quantum state is a two-particle state, expressed as |S w >;

S2、认证管理中心根据Shamir(t,n)门限思想随机生成n个私密份额和群组认证码,将私密份额发放给网络群组中需注册的普通用户,普通用户保留自己的群组认证码,认证管理中心生成一个群组标识符并发送给网络群组;S2. The authentication management center randomly generates n private shares and group authentication codes according to the Shamir(t,n) threshold idea, and distributes the private shares to ordinary users who need to register in the network group, and ordinary users keep their own group authentication codes , the authentication management center generates a group identifier and sends it to the network group;

S3、网络群组中需注册的普通用户n人得到私密份额后,普通用户计算出各自的私密认证码,参与身份认证的t人根据自己的私密认证码和群组标识符对认证量子态分别执行相应酉操作,网络群组将认证量子态传送回认证管理中心;S3. After the n ordinary users who need to register in the network group get their private shares, the ordinary users calculate their own private authentication codes, and the t people who participate in the identity authentication respectively compare the authentication quantum states according to their own private authentication codes and group identifiers. Execute the corresponding unitary operation, and the network group will send the authentication quantum state back to the authentication management center;

S4、认证管理中心根据群组标识符计算出认证参数,根据群组认证码对认证量子态执行酉操作并进行测量,通过认证参数和测量结果进行对比得出认证结果;S4. The authentication management center calculates the authentication parameters according to the group identifier, performs unitary operation and measurement on the authentication quantum state according to the group authentication code, and compares the authentication parameters with the measurement results to obtain the authentication result;

其中,|·>表示狄拉克符号右矢符号,|a>表示单粒子量子态,两个单粒子量子态通过张量积符号表示一个两粒子量子态,即|aa>表示一个两粒子量子态。Among them, |·> represents the right vector symbol of the Dirac symbol, |a> represents the single-particle quantum state, and two single-particle quantum states represent a two-particle quantum state through the tensor product symbol, namely |aa> represents a two-particle quantum state.

进一步的,步骤S1的两粒子量子态|Sw>定义为:Further, the two-particle quantum state |S w > in step S1 is defined as:

初始认证量子态的制备。初始认证量子态是一个两粒子态,由认证管理中心制备。两粒子量子态|Sw>定义为:Preparation of initial authentication quantum states. The initial authentication quantum state is a two-particle state prepared by the authentication management center. The two-particle quantum state |S w > is defined as:

其中,w∈{00,01,10,11},w为每个两粒子量子态对应的参数值,认证中心从以上四个量子态中随机制备一种作为认证量子,并将认证量子态通过安全量子信道发送给需要认证的网络群组GM;α和β为两个中间参数,分别表示为 Among them, w∈{00,01,10,11}, w is the parameter value corresponding to each two-particle quantum state, and the authentication center randomly prepares one of the above four quantum states as the authentication quantum, and passes the authentication quantum state through The secure quantum channel is sent to the network group G M that needs authentication; α and β are two intermediate parameters, expressed as

进一步的,步骤S2具体包括:Further, step S2 specifically includes:

S21、认证管理中心随机选取一个t-1次多项式,表示为:f(x)=a0+a1x+a2x2+...+at-1xt-1;其中a0为常数项,a1~at-1为多项式的系数;S21. The authentication management center randomly selects a polynomial of degree t-1, expressed as: f(x)=a 0 +a 1 x+a 2 x 2 +...+a t-1 x t-1 ; where a 0 is a constant term, and a 1 ~a t-1 are polynomial coefficients;

S22、生成n个私密份额f(xl),l=1,2,...,n;S22. Generate n private shares f(x l ), l=1,2,...,n;

S23、认证管理中心将n个私密份额通过安全经典信道分发给n个需要注册的普通用户P1,P2,...,PnS23. The authentication management center distributes n private shares to n common users P 1 , P 2 ,...,P n who need to register through the secure classic channel;

S24、接着认证管理中心为网络群组GM设定2t位群组标识符IDM(i1,i2,...,i2t),并通过安全经典信道发送给网络群组GMS24, then the authentication management center sets a 2t-bit group identifier ID M (i 1 , i 2 ,...,i 2t ) for the network group GM , and sends it to the network group GM through a secure classic channel;

其中, 表示比d小的非负整数集合;a0是群组认证码,由认证管理中心保留。in, Indicates a set of non-negative integers smaller than d; a 0 is a group authentication code, reserved by the authentication management center.

进一步的,步骤S3具体包括:Further, step S3 specifically includes:

S31、网络群组中需注册的普通用户n人表示为P1,P2,...,.Pl,...,Pn,其中Pl收到的私密份额表示为:(xl,f(xl)),通过私密份额计算出普通用户的私密认证码,该私密认证码即为身份信息;S31. The n ordinary users who need to register in the network group are expressed as P 1 , P 2 ,...,.P l ,...,P n , where the private share received by P l is expressed as: (x l , f(x l )), calculate the private authentication code of ordinary users through the private share, and the private authentication code is the identity information;

S32、需要参与身份认证的t人表示为P1,P2,...,Pi,...,Pt,网络群组将两粒子认证量子态|Sw>发送给网络群组,网络群组将认证量子态传送给第一个认证者;S32. The t persons who need to participate in identity authentication are expressed as P 1 , P 2 ,...,P i ,...,P t , and the network group sends the two-particle authentication quantum state |S w > to the network group, The network group transmits the authentication quantum state to the first authenticator;

S33、需要参与身份认证的用户Pi确认收到认证量子态|Sw>后,根据私密认证码si对认证量子态|Sw>执行一个酉操作;S33. After the user P i who needs to participate in identity authentication confirms the receipt of the authentication quantum state |S w > , perform a unitary operation;

S34、需要参与身份认证的用户Pi根据群组GM标识符IDM(i1,i2,...,i2t)的第i2i-1,i2i位信息对认证量子态|Sw>执行一个酉操作; S34 . The user P i who needs to participate in identity authentication performs the authentication quantum state | S w > Execute a unitary operation;

S35、第一个认证参与者P1操作完成后传送给下一个认证参与者,直至传送t-1次到达Pt;执行完成后网络群组GM将认证量子态传送回认证管理中心;S35. After the first authentication participant P 1 completes the operation, it is sent to the next authentication participant until the transmission t-1 times reaches Pt ; after the execution is completed, the network group G M sends the authentication quantum state back to the authentication management center;

其中,xl表示用户Pl在x坐标轴上的值;f(xl)表示二维坐标系上位于x坐标轴上x=xl上的点;i2t表示第2i个比特值。进一步的,步骤S4具体包括:Wherein, x l represents the value of user P l on the x-coordinate axis; f(x l ) represents a point on x=x l on the x-coordinate axis in the two-dimensional coordinate system; i 2t represents the 2ith bit value. Further, step S4 specifically includes:

S41、认证管理中心根据群体身份认证码a0对认证量子态|Sw>执行一个Uθ酉操作;S41. The authentication management center performs a U θ unitary operation on the authentication quantum state |S w > according to the group identity authentication code a 0 ;

S42、认证管理中心根据初始量子态|Sw>对应的参数值w的选择,对认证量子态执行一个酉操作;S42. The authentication management center executes an authentication quantum state according to the selection of the initial quantum state |S w > the corresponding parameter value w. unitary operation;

S43、认证管理中心将群组GM的标识符IDM(i1,i2,...,i2t)两位一组进行异或操作计算出认证参数r,即将IDM(i1,i2,...,i2t)两位一组划分为K(k1,k2,...,ki,...,kt),其中ki∈(00,01,10,11),即k1=i1i2,k2=i3i4,...,ki=i2i-1i2i,...,kt=i2t-1i2t,通过异或运算得到认证参数r∈{00,01,10,11},表示为 S43. The authentication management center performs an XOR operation on the identifier ID M (i 1 , i 2 ,...,i 2t ) of the group G M in pairs to calculate the authentication parameter r, that is, the ID M (i 1 , i 2 ,...,i 2t ) two-bit groups are divided into K(k 1 ,k 2 ,...,k i ,...,k t ), where k i ∈(00,01,10, 11), that is, k 1 =i 1 i 2 ,k 2 =i 3 i 4 ,...,k i =i 2i-1 i 2i ,...,k t =i 2t-1 i 2t , through different Or operation to obtain the authentication parameter r∈{00,01,10,11}, expressed as

S44、认证管理中心对|Sw>进行测量,并将测量结果和认证参数对比进行认证,如果参与认证人数t是偶数,认证管理中心利用X基对认证量子进行测量,根据认证参数r得出测量结果记为|±Sr>,|±Sr>定义为:S44. The authentication management center measures |S w >, and compares the measurement result with the authentication parameters for authentication. If the number of participants in the authentication t is an even number, the authentication management center uses the X base to measure the authentication quantum, and obtains according to the authentication parameter r The measurement result is denoted as |± Sr >, and |± Sr > is defined as:

S45、如果参与认证人数t是奇数,认证管理中心利用Z基对认证量子进行测量,根据认证参数r得出测量结果记为|±r>,|±r>定义为:S45. If the number of participants in the authentication t is an odd number, the authentication management center uses the Z base to measure the authentication quantum, and the measurement result obtained according to the authentication parameter r is recorded as |±r>, and |±r> is defined as:

S46、如果得出的测量结果与认证参数的值可以满足步骤S44或S45中的对应关系,则群体身份和群组标识符认证通过;S46. If the obtained measurement result and the value of the authentication parameter can satisfy the corresponding relationship in step S44 or S45, then the group identity and group identifier authentication is passed;

其中,+表示正相位,-表示负相位;α和β为两个中间参数,分别表示为 Among them, + means positive phase, - means negative phase; α and β are two intermediate parameters, expressed as

本发明的有益效果在于:The beneficial effects of the present invention are:

1.认证算法基于Grover算子能对网络标识符进行认证,认证场景类似计算机网络中IP多播场景,IP多播技术的结构模型存在两个部分:一是多个网络群组,网络群组有一个网络标识符;二是用户个人主机,且每个用户主机有一个IP地址;并且本发明引入了量子Shamir(t,n)门限的思想能对多用户身份同时进行认证,具有较好适用性;1. The authentication algorithm is based on the Grover operator that can authenticate the network identifier. The authentication scenario is similar to the IP multicast scenario in the computer network. The structural model of the IP multicast technology has two parts: one is multiple network groups, and the network group There is a network identifier; the second is the user's personal host, and each user host has an IP address; and the invention introduces the idea of quantum Shamir (t, n) threshold, which can simultaneously authenticate multiple user identities, and has better applicability sex;

2.在本发明中的初始量子制备相比同类方案较少,且量子传输次数少,因此效率较高;2. Compared with similar schemes, the initial quantum preparation in the present invention is less, and the number of quantum transmissions is less, so the efficiency is higher;

3.本发明基于量子不可克隆原理和海森堡测不准原理等量子特性保证了方法的安全性,本方法的双重认证进一步提升了安全性。3. The present invention guarantees the security of the method based on quantum characteristics such as the quantum non-cloning principle and the Heisenberg uncertainty principle, and the double authentication of the method further improves the security.

附图说明Description of drawings

为了使本发明的目的、技术方法和有益效果更加清楚,本发明提供如下附图进行说明:In order to make the purpose, technical method and beneficial effect of the present invention clearer, the present invention provides the following drawings for illustration:

图1为本发明方法流程图;Fig. 1 is a flow chart of the method of the present invention;

图2为量子群认证方法网络结构示意图。Fig. 2 is a schematic diagram of the network structure of the quantum group authentication method.

图3为量子群认证方法网络群组内部结构示意图Figure 3 is a schematic diagram of the internal structure of the network group of the quantum group authentication method

图4为本发明量子线路图。Fig. 4 is a quantum circuit diagram of the present invention.

具体实施方式Detailed ways

下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

本发明提供一种基于Grover算法的量子群认证方法,包括以下步骤:The invention provides a quantum group authentication method based on the Grover algorithm, comprising the following steps:

S1、认证管理中心为网络群组制备认证量子态,该量子态是一个两粒子态,表示为|Sw>;S1. The authentication management center prepares the authentication quantum state for the network group. The quantum state is a two-particle state, expressed as |S w >;

S2、认证管理中心根据Shamir(t,n)门限思想随机生成n个私密份额和群组认证码,将私密份额发放给网络群组中需注册的普通用户,普通用户保留自己的群组认证码,认证管理中心生成一个群组标识符并发送给网络群组;S2. The authentication management center randomly generates n private shares and group authentication codes according to the Shamir(t,n) threshold idea, and distributes the private shares to ordinary users who need to register in the network group, and ordinary users keep their own group authentication codes , the authentication management center generates a group identifier and sends it to the network group;

S3、网络群组中需注册的普通用户n人得到私密份额后,普通用户计算出各自的私密认证码,参与身份认证的t人根据自己的私密认证码和群组标识符对认证量子态分别执行相应酉操作,网络群组将认证量子态传送回认证管理中心;S3. After the n ordinary users who need to register in the network group get their private shares, the ordinary users calculate their own private authentication codes, and the t people who participate in the identity authentication respectively compare the authentication quantum states according to their own private authentication codes and group identifiers. Execute the corresponding unitary operation, and the network group will send the authentication quantum state back to the authentication management center;

S4、认证管理中心根据群组标识符计算出认证参数,根据群组认证码对认证量子态执行酉操作并进行测量,通过认证参数和测量结果进行对比得出认证结果;S4. The authentication management center calculates the authentication parameters according to the group identifier, performs unitary operation and measurement on the authentication quantum state according to the group authentication code, and compares the authentication parameters with the measurement results to obtain the authentication result;

其中,|·>表示狄拉克符号右矢符号,|a>表示单粒子量子态,两个单粒子量子态通过张量积符号表示一个两粒子量子态,即|aa>表示一个两粒子量子态。Among them, |·> represents the right vector symbol of the Dirac symbol, |a> represents the single-particle quantum state, and two single-particle quantum states represent a two-particle quantum state through the tensor product symbol, namely |aa> represents a two-particle quantum state.

本实例是一种基于Grover算法,而且利用了shamir(t,n)门限思想的量子群认证方法。本实例按照网络中IP多播结构模型分为了以下各方:认证管理中心、N个网络群组G1,G2,...,GN和网络群组中的多个用户P1,P2,...,Pn。参照图1的方法流程图,本发明的方法可以分为初始化阶段和群体身份认证阶段。认证管理中心和多个网络群组G1,G2,...,GN之间都能建立安全的量子信道和安全的经典信道,认证管理中心在安全的量子信道上传输初始量子态,在安全的经典信道上传输私密份额和群组标识符信息。This example is a quantum group authentication method based on the Grover algorithm and using the shamir(t,n) threshold idea. This example is divided into the following parties according to the IP multicast structure model in the network: authentication management center, N network groups G 1 , G 2 ,...,G N and multiple users P 1 , P in the network groups 2 ,...,P n . Referring to the method flowchart in FIG. 1, the method of the present invention can be divided into an initialization stage and a group identity authentication stage. A secure quantum channel and a secure classical channel can be established between the authentication management center and multiple network groups G 1 , G 2 ,..., GN , and the authentication management center transmits the initial quantum state on the secure quantum channel, Transfer private share and group identifier information over a secure classic channel.

如图1,本实施例中主要分为两个部分来实现上述方案,一是初始化阶段,二是群体身份认证和测量认证阶段,具体步骤如下:As shown in Figure 1, this embodiment is mainly divided into two parts to realize the above scheme, one is the initialization phase, and the other is the group identity authentication and measurement authentication phase, the specific steps are as follows:

一、初始化阶段:1. Initialization phase:

假设网络群组GM向认证管理中心发起认证请求,其中GM共有普通用户n人,其中t人准备参与身份认证。Assuming that the network group GM initiates an authentication request to the authentication management center, GM has a total of n common users, and t of them are ready to participate in identity authentication.

根据图2和图3所示,本阶段主要是认证管理中心与需要认证的网络群组共享初始信息。According to Fig. 2 and Fig. 3, at this stage, the authentication management center mainly shares the initial information with the network groups requiring authentication.

步骤1:首先认证管理中心接收到群组GM的认证请求后,认证管理中心为群组GM制备认证量子态|Sw>,该量子态|Sw>是一个两粒子态,其中|Sw>定义如下:Step 1: First, after the authentication management center receives the authentication request from the group GM , the authentication management center prepares the authentication quantum state | S w > for the group GM, and the quantum state |S w > is a two-particle state, where | S w > is defined as follows:

其中,w∈{00,01,10,11},w为每个两粒子量子态对应的参数值,认证中心从以上四个量子态中随机制备一种作为认证量子,并将认证量子态通过安全量子信道发送给需要认证的网络群组GM;α和β为两个中间参数,分别表示为 Among them, w∈{00,01,10,11}, w is the parameter value corresponding to each two-particle quantum state, and the authentication center randomly prepares one of the above four quantum states as the authentication quantum, and passes the authentication quantum state through The secure quantum channel is sent to the network group G M that needs authentication; α and β are two intermediate parameters, expressed as

认证管理中心为群组GM随机制备上述量子态中一个,并将认证初始量子态|Sw>通过安全量子信道分发给网络群组GMThe authentication management center randomly prepares one of the above quantum states for the group GM , and distributes the authenticated initial quantum state |S w > to the network group GM through a secure quantum channel.

步骤2:网络群组GM中的普通用户P1,P2,...,Pn需要注册才能进行认证,认证管理中心利用Shamir(t,n)门限思想,随机生成n个私密份额(xi,f(xi)),(i=1,2,...,n)和群体身份认证码a0,自己保留a0并将私密份额通过安全经典信道分发给群组GM中的多个用户P1,P2,...,PnStep 2: Ordinary users P 1 , P 2 ,...,P n in the network group G M need to register to be authenticated. The authentication management center uses the Shamir(t,n) threshold idea to randomly generate n private shares ( x i , f( xi )), (i=1,2,...,n) and group identity authentication code a 0 , keep a 0 for yourself and distribute the private share to the group G M through a secure classical channel Multiple users P 1 , P 2 ,...,P n .

其中私密份额制备算法为:The secret share preparation algorithm is:

S21、认证管理中心随机选取一个t-1次多项式,表示为:f(x)=a0+a1x+a2x2+...+at-1xt-1S21. The authentication management center randomly selects a polynomial of degree t-1, expressed as: f(x)=a 0 +a 1 x+a 2 x 2 +...+a t-1 x t-1 ;

S22、生成n个私密份额f(xl),l=1,2,...,n;S22. Generate n private shares f(x l ), l=1,2,...,n;

S23、认证管理中心将n个私密份额通过安全经典信道分发给n个需要注册的普通用户P1,P2,...,PnS23. The authentication management center distributes n private shares to n common users P 1 , P 2 ,...,P n who need to register through the secure classic channel;

S24、接着认证管理中心为网络群组GM设定2t位群组标识符IDM(i1,i2,...,i2t),并通过安全经典信道发送给网络群组GMS24, then the authentication management center sets a 2t-bit group identifier ID M (i 1 , i 2 ,...,i 2t ) for the network group GM , and sends it to the network group GM through a secure classic channel;

其中, 表示比d小的非负整数集合;a0是群组认证码,由认证管理中心保留。in, Indicates a set of non-negative integers smaller than d; a 0 is a group authentication code, reserved by the authentication management center.

经过上述操作,每个用户Pl,(l=1,2,...,n)拥有一个自己的私密份额,表示为(xl,f(xl))。After the above operations, each user P l , (l=1,2,...,n) has its own private share, expressed as (x l , f(x l )).

步骤3:认证管理中心为群组GM设定2t位的群组标识符IDM(i1,i2,...,i2t),并通过安全经典信道发送给网络群组GMStep 3: The authentication management center sets a 2t-bit group identifier ID M (i 1 , i 2 ,...,i 2t ) for the group GM , and sends it to the network group GM through a secure classical channel.

本发明方案利用了两量子作为认证载体,初始量子由认证管理中心制备,如图4,认证阶段P1,P2...Pt分别对两量子进行认证酉操作,最后认证方认证管理中心也会对量子系统进行量子酉变换去测量认证。方案整体线路较简单易于实现,整个过程一共使用2t+2量子逻辑门,测量阶段认证管理中心利用了二维Hilbert空间下的X基或Z基进行测量。且整个量子信道只需要传输两个粒子;图4中TC指认证管理中心。The scheme of the present invention utilizes two quanta as the authentication carrier, and the initial quantum is prepared by the authentication management center, as shown in Figure 4, the authentication phases P 1 , P 2 ... P t respectively perform authentication unitary operations on the two quanta, and finally the authentication party authentication management center Quantum unitary transformation will also be performed on the quantum system to measure and verify. The overall circuit of the scheme is relatively simple and easy to implement. The whole process uses a total of 2t+2 quantum logic gates. In the measurement phase, the certification management center uses the X base or Z base in the two-dimensional Hilbert space for measurement. And the entire quantum channel only needs to transmit two particles; TC in Figure 4 refers to the certificate management center.

二、群体身份认证和测量认证阶段2. Group identity authentication and measurement authentication stage

步骤1:GM中的用户P1,P2,...,Pn收到的私密份额(xl,f(xl)),l=1,2,...,n后,各自计算出以下值:sl作为Pl的私密认证码和身份信息。Step 1: The private share (x l ,f(x l )) received by users P 1 , P 2 ,...,P n in G M , after l=1,2,...,n, each The following values are calculated: s l is used as the private authentication code and identity information of P l .

步骤2:群组GM中t个成员要通过认证管理中心进行群体身份认证。假设参与认证的成员为P1,P2...,Pt,网络群组将初始阶段认证管理中心制备的认证量子态|Sw>传给参与认证的第一个人P1Step 2: t members in the group G M need to perform group identity authentication through the authentication management center. Assuming that the members participating in the authentication are P 1 , P 2 ..., P t , the network group transmits the authentication quantum state |S w > prepared by the authentication management center in the initial stage to the first person P 1 participating in the authentication.

步骤3:P1收到认证量子态|Sw>后根据私密认证码s1对认证量子态|Sw>执行一个酉操作,其中旋转算子定义为:Step 3: After receiving the authenticated quantum state |S w >, P 1 performs an authentication on the authenticated quantum state |S w > according to the private authentication code s 1 unitary operation, where the rotation operator defined as:

U(θ1)=cos(θ1)|0><0|-sin(θ1)|0><1|+sin(θ1)|1><0|+cos(θ1)|1><1|U(θ 1 )=cos(θ 1 )|0><0|-sin(θ 1 )|0><1|+sin(θ 1 )|1><0|+cos(θ 1 )|1><1|

其中这里的d是门限思想中t次多项式的限定域参数,即为量子维度。in The d here is the limited field parameter of the t-degree polynomial in the threshold thought, that is, the quantum dimension.

步骤4:P1根据群组GM标识符IDM(i1,i2,...,i2t)的第一位和第二位信息对认证量子态|Sw>执行一个酉操作,其中为Grover旋转算子定义为: Step 4 : P 1 executes a unitary operation, where The Grover rotation operator is defined as:

步骤5:P1将酉变换后的|Sw>传递给下一个成员P2,类似的P2根据私密认证码s2对认证量子态|Sw>执行一个酉操作,并根据群组GM标识符IDM(i1,i2,...,i2t)的第三位和第四位信息对认证量子态|Sw>执行一个酉操作。这个过程一直持续到将|Sw〉传递给最后一个认证参与者PtStep 5: P 1 passes the unitary transformed |S w > to the next member P 2 , similarly P 2 executes an authentication quantum state |S w > according to the private authentication code s 2 unitary operation , and perform a unitary operation. This process continues until passing |S w 〉 to the last authenticating participant P t .

步骤6:Pt根据私密认证码st对认证量子态|Sw〉执行一个酉操作,并根据群组GM标识符IDM(i1,i2,...,i2t)的第2t-1位和第2t位信息对认证量子态|Sw〉执行一个酉操作,Pt将|Sw〉通过安全量子信道传给认证管理中心,。Step 6: P t executes an authentication quantum state |S w 〉 according to the private authentication code s t unitary operation, and according to the 2t-1 and 2t bit information of the group G M identifier ID M (i 1 ,i 2 ,...,i 2t ), perform an authentication quantum state |S w unitary operation, P t transmits |S w 〉 to the authentication management center through a secure quantum channel.

步骤7:认证管理中心根据自己手中的成员群体身份认证码a0准备一个相位旋转算子Uθ对|Sw〉进行一个酉操作,其中Uθ定义如下:Step 7: The authentication management center prepares a phase rotation operator U θ to perform a unitary operation on |S w 〉 according to the member group identity authentication code a 0 in its own hands, where U θ is defined as follows:

U(θ)=cos(θ)|0><0|-sin(θ)|0><1|+sin(θ)|1><0|+cos(θ)|1><1|U(θ)=cos(θ)|0><0|-sin(θ)|0><1|+sin(θ)|1><0|+cos(θ)|1><1|

其中|·><·|表示两个量子态的外积。in |·><·| represents the outer product of two quantum states.

步骤8:认证管理中心根据初始量子态|Sw>参数w的选择,对认证量子态执行一个酉操作:Step 8: According to the selection of the initial quantum state |S w > parameter w, the authentication management center executes a Unitary operation:

其中U(Sw)USw酉操作旋转算子,也是Grover投影算子,I为单位矩阵。where U(S w )U Sw is The unitary operation rotation operator is also the Grover projection operator, and I is the identity matrix.

步骤9:最后是认证管理中心对群组GM群体用户身份和群组标识符进行认,认证管理中心将群组GM的标识符IDM(i1,i2,...,i2t)两位一组进行异或操作计算出认证参数r,即将IDM(i1,i2,...,i2i,...,i2t)两位一组划分为K(k1,k2,...,ki,...,kt),其中ki∈(00,01,10,11),即k1=i1i2,k2=i3i4,...,ki=i2i-1i2i,...,kt=i2t-1i2t,通过异或运算得到认证参数r∈{00,01,10,11},表示为 Step 9: Finally, the authentication management center authenticates the group G M group user identity and group identifier, and the authentication management center uses the group G M identifier ID M (i 1 ,i 2 ,...,i 2t ) to calculate the authentication parameter r by XOR operation in groups of two bits, that is, ID M (i 1 ,i 2 ,...,i 2i ,...,i 2t ) in groups of two bits is divided into K(k 1 , k 2 ,..., ki ,...,k t ), where ki ∈(00,01,10,11), namely k 1 =i 1 i 2 ,k 2 =i 3 i 4 ,. ..,k i =i 2i-1 i 2i ,...,k t =i 2t-1 i 2t , the authentication parameter r∈{00,01,10,11} is obtained through XOR operation, expressed as

步骤10:认证管理中心对|Sw>进行测量,并将测量结果和认证参数对比进行认证,如果参与认证人数t是偶数,认证管理中心利用X基对认证量子进行测量,根据认证参数r得出测量结果记为|±Sr>,|±Sr>定义为:Step 10: The authentication management center measures |S w >, and compares the measurement result with the authentication parameters for authentication. If the number t of participants in the authentication is even, the authentication management center uses the X basis to measure the authentication quantum, and obtains according to the authentication parameter r The measurement result is recorded as |±S r >, and |±S r > is defined as:

如果参与认证人数t是奇数,认证管理中心利用Z基对认证量子进行测量,根据认证参数r得出测量结果记为|±r>,|±r>定义为:If the number of participants in the certification t is an odd number, the certification management center uses the Z base to measure the certification quantum, and the measurement result obtained according to the certification parameter r is recorded as |±r>, and |±r> is defined as:

如果得出的测量结果与认证参数的值可以满足步骤S44或S45中的对应关系,则群体身份和群组标识符认证通过;上述本发明具体实例仅为投票满足有效性的一个具体实例而已,发明可以根据实际情况而设定对应的参数。此处所描述的具体实例仅用于解释本发明,并不用于限定本发明。If the measurement result obtained and the value of the authentication parameter can satisfy the corresponding relationship in step S44 or S45, then the group identity and the group identifier are authenticated; The invention can set corresponding parameters according to the actual situation. The specific examples described here are only used to explain the present invention, not to limit the present invention.

本发明结合当前技术背景,针对多用户身份同时认证的需求,提出了一种基于Grover算法的群体身份认证方法。Combining with the current technical background, the present invention proposes a group identity authentication method based on the Grover algorithm, aiming at the requirement of multi-user authentication at the same time.

从效率上看,本方案初始量子制备只需要制备两个粒子,相比同类认证协议较少,而且参照图3量子线路图方案只需要测量两次,测量消耗资源少,量子信道传输的粒子总数为2t+2,总体来说本认证方法效率较高;从安全性上看,本方法基于量子不可克隆原理和海森堡测不准原理等量子特性保证了方法的安全性,方法能够双重认证进一步提升了安全性;从适用性上看,本方法能够同时对多用户身份同时进行认证,认证方法基于了Shamir门限思想,能够克服存在用户缺席,部分用户认证的特殊情况。From the perspective of efficiency, the initial quantum preparation of this scheme only needs to prepare two particles, which is less than similar authentication protocols, and referring to the quantum circuit diagram scheme in Figure 3, only two measurements are required, the measurement consumes less resources, and the total number of particles transmitted by the quantum channel It is 2t+2. Generally speaking, this authentication method is more efficient; in terms of security, this method is based on quantum characteristics such as the quantum non-cloning principle and the Heisenberg uncertainty principle to ensure the security of the method, and the method can be double-authenticated The security is further improved; from the applicability point of view, this method can simultaneously authenticate multiple user identities. The authentication method is based on the Shamir threshold idea, which can overcome the special situation of absent users and partial user authentication.

在本发明中,|·>表示狄拉克符号右矢符号,<·|表示狄拉克符号左矢符号,|·><·|表示两个量子态的外积,均为量子态的符号。In the present invention, |·> represents the right arrow symbol of the Dirac symbol, <·| represents the left arrow symbol of the Dirac symbol, and |·><·| represents the outer product of two quantum states, all of which are symbols of quantum states.

尽管已经示出和描述了本发明的实施例,对于本领域的普通技术人员而言,可以理解在不脱离本发明的原理和精神的情况下可以对这些实施例进行多种变化、修改、替换和变型,本发明的范围由所附权利要求及其等同物限定。Although the embodiments of the present invention have been shown and described, those skilled in the art can understand that various changes, modifications and substitutions can be made to these embodiments without departing from the principle and spirit of the present invention. and modifications, the scope of the invention is defined by the appended claims and their equivalents.

Claims (10)

1.一种基于Grover算法的量子群认证方法,其特征在于,包括以下步骤:1. A quantum group authentication method based on Grover algorithm, is characterized in that, comprises the following steps: S1、认证管理中心为网络群组制备认证量子态,该量子态是一个两粒子态,表示为|Sw>;S1. The authentication management center prepares the authentication quantum state for the network group. The quantum state is a two-particle state, expressed as |S w >; S2、认证管理中心根据Shamir(t,n)门限思想随机生成n个私密份额和群组认证码,将私密份额发放给网络群组中需注册的普通用户,普通用户保留自己的群组认证码,认证管理中心生成一个群组标识符并发送给网络群组;S2. The authentication management center randomly generates n private shares and group authentication codes according to the Shamir(t,n) threshold idea, and distributes the private shares to ordinary users who need to register in the network group, and ordinary users keep their own group authentication codes , the authentication management center generates a group identifier and sends it to the network group; S3、网络群组中需注册的普通用户n人得到私密份额后,普通用户计算出各自的私密认证码,参与身份认证的t人根据自己的私密认证码和群组标识符对认证量子态分别执行相应酉操作,网络群组将认证量子态传送回认证管理中心;S3. After the n ordinary users who need to register in the network group get their private shares, the ordinary users calculate their own private authentication codes, and the t people who participate in the identity authentication respectively compare the authentication quantum states according to their own private authentication codes and group identifiers. Execute the corresponding unitary operation, and the network group will send the authentication quantum state back to the authentication management center; S4、认证管理中心根据群组标识符计算出认证参数,根据群组认证码对认证量子态执行酉操作并进行测量,通过认证参数和测量结果进行对比得出认证结果;S4. The authentication management center calculates the authentication parameters according to the group identifier, performs unitary operation and measurement on the authentication quantum state according to the group authentication code, and compares the authentication parameters with the measurement results to obtain the authentication result; 其中,|·>表示狄拉克符号右矢符号,|a>表示单粒子量子态,两个单粒子量子态通过张量积符号表示一个两粒子量子态,即|aa>表示一个两粒子量子态。Among them, |·> represents the right vector symbol of the Dirac symbol, |a> represents the single-particle quantum state, and two single-particle quantum states represent a two-particle quantum state through the tensor product symbol, namely |aa> represents a two-particle quantum state. 2.如权利要求1所述的一种基于Grover算法的量子群认证方案,其特征在于,步骤S1的两粒子量子态|Sw>定义为:2. A kind of quantum swarm authentication scheme based on Grover algorithm as claimed in claim 1, it is characterized in that, the two-particle quantum state |S w > of step S1 is defined as: 其中,w∈{00,01,10,11},w为每个两粒子量子态对应的参数值,认证中心从以上四个量子态中随机制备一种作为认证量子,并将认证量子态通过安全量子信道发送给需要认证的网络群组GM;α和β为两个中间参数,分别表示为 Among them, w∈{00,01,10,11}, w is the parameter value corresponding to each two-particle quantum state, and the authentication center randomly prepares one of the above four quantum states as the authentication quantum, and passes the authentication quantum state through The secure quantum channel is sent to the network group G M that needs authentication; α and β are two intermediate parameters, expressed as 3.如权利要求1所述的一种基于Grover算法的量子群认证方案,其特征在于,步骤S2具体包括:3. A kind of quantum group authentication scheme based on Grover algorithm as claimed in claim 1, is characterized in that, step S2 specifically comprises: S21、认证管理中心随机选取一个t-1次多项式,表示为:f(x)=a0+a1x+a2x2+...+at-1xt -1S21. The authentication management center randomly selects a polynomial of degree t-1, expressed as: f(x)=a 0 +a 1 x+a 2 x 2 +...+a t-1 x t -1 ; S22、生成n个私密份额f(xl),l=1,2,...,n;S22. Generate n private shares f(x l ), l=1,2,...,n; S23、认证管理中心将n个私密份额通过安全经典信道分发给n个需要注册的普通用户P1,P2,...,PnS23. The authentication management center distributes n private shares to n common users P 1 , P 2 ,...,P n who need to register through the secure classic channel; S24、接着认证管理中心为网络群组GM设定2t位群组标识符IDM(i1,i2,...,i2t),并通过安全经典信道发送给网络群组GMS24, then the authentication management center sets a 2t-bit group identifier ID M (i 1 , i 2 ,...,i 2t ) for the network group GM , and sends it to the network group GM through a secure classic channel; 其中, 表示比d小的非负整数集合;a0是群组认证码,由认证管理中心保留。in, Indicates a set of non-negative integers smaller than d; a 0 is a group authentication code, reserved by the authentication management center. 4.如权利要求1所述的一种基于Grover算法的量子群认证方案,其特征在于,步骤S3具体包括:4. A kind of quantum group authentication scheme based on Grover algorithm as claimed in claim 1, is characterized in that, step S3 specifically comprises: S31、网络群组中需注册的普通用户n人表示为P1,P2,...,.Pl,...,Pn,其中Pl收到的私密份额表示为:(xl,f(xl)),通过私密份额计算出普通用户的私密认证码,该私密认证码即为身份信息;S31. The n ordinary users who need to register in the network group are expressed as P 1 , P 2 ,...,.P l ,...,P n , where the private share received by P l is expressed as: (x l , f(x l )), calculate the private authentication code of ordinary users through the private share, and the private authentication code is the identity information; S32、需要参与身份认证的t人表示为P1,P2,...,Pi,...,Pt,网络群组将两粒子认证量子态|Sw>发送给网络群组,网络群组将认证量子态传送给第一个认证者;S32. The t persons who need to participate in identity authentication are expressed as P 1 , P 2 ,...,P i ,...,P t , and the network group sends the two-particle authentication quantum state |S w > to the network group, The network group transmits the authentication quantum state to the first authenticator; S33、需要参与身份认证的用户Pi确认收到认证量子态|Sw>后,根据私密认证码si对认证量子态|Sw>执行一个酉操作;S33. After the user P i who needs to participate in identity authentication confirms the receipt of the authentication quantum state |S w > , perform a unitary operation; S34、需要参与身份认证的用户Pi根据群组GM标识符IDM(i1,i2,...,i2t)的第i2i-1,i2i位信息对认证量子态|Sw>执行一个酉操作; S34 . The user P i who needs to participate in identity authentication performs the authentication quantum state | S w > Execute a unitary operation; S35、第一个认证参与者P1操作完成后传送给下一个认证参与者,直至传送t-1次到达Pt;执行完成后网络群组GM将认证量子态传送回认证管理中心;S35. After the first authentication participant P 1 completes the operation, it is sent to the next authentication participant until the transmission t-1 times reaches Pt ; after the execution is completed, the network group G M sends the authentication quantum state back to the authentication management center; 其中,xl表示用户Pl在x坐标轴上的值;f(xl)表示二维坐标系上位于x坐标轴上x=xl上的点;i2t表示第2i个比特值。Wherein, x l represents the value of user P l on the x-coordinate axis; f(x l ) represents a point on x=x l on the x-coordinate axis in the two-dimensional coordinate system; i 2t represents the 2ith bit value. 5.如权利要求4所述的一种基于Grover算法的量子群认证方案,其特征在于,所述通过私密份额计算出普通用户的私密认证码包括:5. A kind of quantum group authentication scheme based on Grover's algorithm as claimed in claim 4, it is characterized in that, said calculating the secret authentication code of common user by private share comprises: 其中,sl表示第l个普通用户的私密认证码,xm表示用户Pm在x坐标轴上的值;mod表示模运算,t表示参与认证的人数;d表示门限思想中t次多项式的限定域参数,即为量子维度。Among them, s l represents the private authentication code of the lth ordinary user, x m represents the value of user P m on the x-coordinate axis; mod represents the modulo operation, t represents the number of people participating in the authentication; d represents the polynomial of degree t in the threshold idea The limited domain parameter is just the quantum dimension. 6.如权利要求4所述的一种基于Grover算法的量子群认证方案,其特征在于,步骤S33中酉操作表示为:6. a kind of quantum group authentication scheme based on Grover algorithm as claimed in claim 4, is characterized in that, in step S33 The unitary operation is expressed as: U(θi)=cos(θi)|0><0|-sin(θi)|0><1|+sin(θi)|1><0|+cos(θi)|1><1|U(θ i )=cos(θ i )|0><0|-sin(θ i )|0><1|+sin(θ i )|1><0|+cos(θ i )|1><1| 其中, 表示张量积符号,|>表示狄拉克符号右矢;<|表示狄拉克符号左矢;si表示表示私密认证码;d表示门限思想中t次多项式的限定域参数,即为量子维度;U(θi)表示酉操作的旋转算子。in, Represents the tensor product symbol, |> represents the right vector of the Dirac symbol; <| represents the left vector of the Dirac symbol; si represents the private authentication code; d represents the limited field parameter of the t-degree polynomial in the threshold idea, which is the quantum dimension; U(θ i ) means Rotation operator for unitary operation. 7.如权利要求1所述的一种基于Grover算法的量子群认证方案,其特征在于,步骤S34中酉操作表示为:7. A kind of quantum group authentication scheme based on Grover algorithm as claimed in claim 1, is characterized in that, in step S34 The unitary operation is expressed as: U(wi)=I-2|i2i-1i2i><i2i-1i2i|U(w i )=I-2|i 2i-1 i 2i ><i 2i-1 i 2i | 其中,I表示单位矩阵;i2i表示第2i个比特值;表示张量积符号;|i2i-1,i2i><i2i-1,i2i|表示两个两粒子量子态的外积;<|表示狄拉克符号左矢。Among them, I represents the identity matrix; i 2i represents the 2ith bit value; Indicates the tensor product symbol; |i 2i-1 , i 2i ><i 2i-1 , i 2i | indicates the outer product of two two-particle quantum states; <| indicates the Dirac symbol left vector. 8.如权利要求1所述的一种基于Grover算法的量子群认证方案,其特征在于,步骤S4具体包括:8. A kind of quantum group authentication scheme based on Grover algorithm as claimed in claim 1, is characterized in that, step S4 specifically comprises: S41、认证管理中心根据群体身份认证码a0对认证量子态|Sw>执行一个Uθ酉操作;S41. The authentication management center performs a U θ unitary operation on the authentication quantum state |S w > according to the group identity authentication code a 0 ; S42、认证管理中心根据初始量子态|Sw>对应的参数值w的选择,对认证量子态执行一个酉操作;S42. The authentication management center executes an authentication quantum state according to the selection of the initial quantum state |S w > the corresponding parameter value w. unitary operation; S43、认证管理中心将群组GM的标识符IDM(i1,i2,...,i2t)两位一组进行异或操作计算出认证参数r,即将IDM(i1,i2,...,i2i,...,i2t)两位一组划分为K(k1,k2,...,ki,...,kt),其中ki∈(00,01,10,11),即k1=i1i2,k2=i3i4,...,ki=i2i-1i2i,...,kt=i2t-1i2t,通过异或运算得到认证参数r∈{00,01,10,11},表示为 S43. The authentication management center performs an XOR operation on the identifier ID M (i 1 , i 2 ,...,i 2t ) of the group G M in pairs to calculate the authentication parameter r, that is, the ID M (i 1 , i 2 ,...,i 2i ,...,i 2t ) two-bit pairs are divided into K(k 1 ,k 2 ,...,k i ,...,k t ), where k i ∈ (00,01,10,11), namely k 1 =i 1 i 2 , k 2 =i 3 i 4 ,...,k i =i 2i-1 i 2i ,...,k t =i 2t -1 i 2t , the authentication parameter r∈{00,01,10,11} is obtained through XOR operation, expressed as S44、认证管理中心对|Sw>进行测量,并将测量结果和认证参数对比进行认证,如果参与认证人数t是偶数,认证管理中心利用X基对认证量子进行测量,根据认证参数r得出测量结果记为|±Sr>,|±Sr>定义为:S44. The authentication management center measures |S w >, and compares the measurement result with the authentication parameters for authentication. If the number of participants in the authentication t is an even number, the authentication management center uses the X base to measure the authentication quantum, and obtains according to the authentication parameter r The measurement result is denoted as |± Sr >, and |± Sr > is defined as: S45、如果参与认证人数t是奇数,认证管理中心利用Z基对认证量子进行测量,根据认证参数r得出测量结果记为|±r>,|±r>定义为:S45. If the number of participants in the authentication t is an odd number, the authentication management center uses the Z base to measure the authentication quantum, and the measurement result obtained according to the authentication parameter r is recorded as |±r>, and |±r> is defined as: S46、如果得出的测量结果与认证参数的值可以满足步骤S44或S45中的对应关系,则群体身份和群组标识符认证通过;S46. If the obtained measurement result and the value of the authentication parameter can satisfy the corresponding relationship in step S44 or S45, then the group identity and group identifier authentication is passed; 其中,+表示正相位,-表示负相位;α和β为两个中间参数,分别表示为 Among them, + means positive phase, - means negative phase; α and β are two intermediate parameters, expressed as 9.如权利要求8所述的一种基于Grover算法的量子群认证方案,其特征在于,步骤S41中的酉操作Uθ表示为:9. A kind of quantum group authentication scheme based on Grover's algorithm as claimed in claim 8, is characterized in that, the unitary operation U θ in the step S41 is expressed as: U(θ)=cos(θ)|0><0|-sin(θ)|0><1|+sin(θ)|1><0|+cos(θ)|1><1|U(θ)=cos(θ)|0><0|-sin(θ)|0><1|+sin(θ)|1><0|+cos(θ)|1><1| 其中,θ为认证管理中心根据a0和d设定的值,表示为a0表示群体认证码;d表示门限思想中t次多项式的限定域参数,即为量子维度;<·|表示狄拉克符号左矢;|·>表示狄拉克符号右矢。Among them, θ is the value set by the authentication management center according to a 0 and d, expressed as a 0 represents the group authentication code; d represents the limited domain parameter of the t-degree polynomial in the threshold idea, which is the quantum dimension; <·| represents the left vector of the Dirac symbol; |·> represents the right vector of the Dirac symbol. 10.如权利要求8所述的一种基于Grover算法的量子群认证方案,其特征在于,步骤S41中的酉操作表示为:10. A kind of quantum group authentication scheme based on Grover's algorithm as claimed in claim 8, is characterized in that, the unitary operation in step S41 Expressed as: 其中,U(Sw)为酉操作的旋转算子,I为单位矩阵;<·|表示狄拉克符号左矢;|·>表示狄拉克符号右矢;|·><·|表示两个量子态的外积。Among them, U(S w ) is a unitary operation The rotation operator of , I is the identity matrix; <·| represents the Dirac symbol left vector; |·> represents the Dirac symbol right vector; |·><·| represents the outer product of two quantum states.
CN201910331441.2A 2019-04-24 2019-04-24 Quantum group authentication method based on Grover algorithm Active CN110336775B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910331441.2A CN110336775B (en) 2019-04-24 2019-04-24 Quantum group authentication method based on Grover algorithm

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910331441.2A CN110336775B (en) 2019-04-24 2019-04-24 Quantum group authentication method based on Grover algorithm

Publications (2)

Publication Number Publication Date
CN110336775A true CN110336775A (en) 2019-10-15
CN110336775B CN110336775B (en) 2021-11-16

Family

ID=68139779

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910331441.2A Active CN110336775B (en) 2019-04-24 2019-04-24 Quantum group authentication method based on Grover algorithm

Country Status (1)

Country Link
CN (1) CN110336775B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113708926A (en) * 2021-08-25 2021-11-26 重庆邮电大学 Safe multi-party computing method based on verifiable blind quantum computing
CN114640449A (en) * 2022-03-29 2022-06-17 重庆邮电大学 A multi-user high-dimensional quantum privacy block query method

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050249352A1 (en) * 2004-04-13 2005-11-10 Sora Choi Quantum-key distribution method between a plurality of users or groups
CN102946313A (en) * 2012-10-08 2013-02-27 北京邮电大学 Model and method for user authentication for quantum key distribution network
CN104393957A (en) * 2014-11-27 2015-03-04 苏州大学 X state based quantum parallel multiple controllable dense coding method
CN104618119A (en) * 2015-03-02 2015-05-13 浙江工商大学 Quantum authentication encryption protocol suitable for quantum Email and based on double-photon entanglement state
CN106411521A (en) * 2015-07-31 2017-02-15 阿里巴巴集团控股有限公司 Identity authentication methods, devices and system for quantum key distribution process
CN107070664A (en) * 2017-04-01 2017-08-18 成都信息工程大学 A kind of quantum authorization management method based on EPR pairs and entanglement transfer
US20170324553A1 (en) * 2015-01-23 2017-11-09 University Of Seoul Industry Cooperation Foundation Secure payment and authentication system having security function enhanced by using quantum cryptography
US20180091309A1 (en) * 2016-09-27 2018-03-29 Intel Corporation Hash-based signature balancing
CN108694580A (en) * 2018-04-23 2018-10-23 三峡大学 A kind of payment system and method based on quantum cryptography
CN108737116A (en) * 2018-06-27 2018-11-02 重庆邮电大学 It is a kind of to vote protocol method based on d three Quantum Entangled States of dimension
CN109257169A (en) * 2018-09-27 2019-01-22 中国科学技术大学 Sequence communication can verify that threshold amount sub-secret sharing method

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050249352A1 (en) * 2004-04-13 2005-11-10 Sora Choi Quantum-key distribution method between a plurality of users or groups
CN102946313A (en) * 2012-10-08 2013-02-27 北京邮电大学 Model and method for user authentication for quantum key distribution network
CN104393957A (en) * 2014-11-27 2015-03-04 苏州大学 X state based quantum parallel multiple controllable dense coding method
US20170324553A1 (en) * 2015-01-23 2017-11-09 University Of Seoul Industry Cooperation Foundation Secure payment and authentication system having security function enhanced by using quantum cryptography
CN104618119A (en) * 2015-03-02 2015-05-13 浙江工商大学 Quantum authentication encryption protocol suitable for quantum Email and based on double-photon entanglement state
CN106411521A (en) * 2015-07-31 2017-02-15 阿里巴巴集团控股有限公司 Identity authentication methods, devices and system for quantum key distribution process
US20180091309A1 (en) * 2016-09-27 2018-03-29 Intel Corporation Hash-based signature balancing
CN107070664A (en) * 2017-04-01 2017-08-18 成都信息工程大学 A kind of quantum authorization management method based on EPR pairs and entanglement transfer
CN108694580A (en) * 2018-04-23 2018-10-23 三峡大学 A kind of payment system and method based on quantum cryptography
CN108737116A (en) * 2018-06-27 2018-11-02 重庆邮电大学 It is a kind of to vote protocol method based on d three Quantum Entangled States of dimension
CN109257169A (en) * 2018-09-27 2019-01-22 中国科学技术大学 Sequence communication can verify that threshold amount sub-secret sharing method

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
R. SARATH、A. SHAJIN NARGUNAM、R. P. SUMITHRA: "Dual Channel Authentication in Cryptography Using Quantum Stratagem", 《2012 INTERNTIONAL CONFERENCE ON COMPUTING, ELECTRONICS AND ELECTRICAL TECHNOLOGIES [ICCEET]》 *
宋秀丽、徐建坤: "基于d维多粒子纠缠态的_t_n_门限量子秘密共享", 《计算机工程与应用》 *
林崧、王宁、郭躬德、刘晓芬: "具有双向认证功能的多方量子密钥分发", 《中国科学》 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113708926A (en) * 2021-08-25 2021-11-26 重庆邮电大学 Safe multi-party computing method based on verifiable blind quantum computing
CN113708926B (en) * 2021-08-25 2024-05-10 重庆邮电大学 Safe multiparty calculation method based on verifiable blind quantum calculation
CN114640449A (en) * 2022-03-29 2022-06-17 重庆邮电大学 A multi-user high-dimensional quantum privacy block query method
CN114640449B (en) * 2022-03-29 2024-05-28 北京神州数码云科信息技术有限公司 Multi-user high-dimensional quantum privacy block query method

Also Published As

Publication number Publication date
CN110336775B (en) 2021-11-16

Similar Documents

Publication Publication Date Title
CN108173882B (en) Edge computing node identity authentication method based on AES algorithm
Zhang et al. An authenticated asymmetric group key agreement based on attribute encryption
CN106027241B (en) A Method for Resilient Asymmetric Group Key Negotiation
Zhang et al. A hierarchical group key agreement protocol using orientable attributes for cloud computing
CN105871869B (en) Hash function and false identity anonymous bidirectional authentication method are based in mobile social networking
CN111682938A (en) A three-party verifiable key agreement method for centralized mobile positioning system
CN111049647B (en) Asymmetric group key negotiation method based on attribute threshold
CN114362932B (en) An Anonymous Authenticated Key Agreement Protocol Method Based on ECP
CN104754570B (en) Key distribution and reconstruction method and device based on mobile internet
CN106506165B (en) Anonymous sorting method of virtual assets based on homomorphic encryption
Xu et al. A novel quantum group signature scheme without using entangled states
Cheng et al. Batten down the hatches: Securing neighborhood area networks of smart grid in the quantum era
CN113330712A (en) Encryption system and method using permutation group-based encryption technology
Li et al. Cryptographic algorithms for privacy-preserving online applications.
CN110336775B (en) Quantum group authentication method based on Grover algorithm
Shi et al. Verifiable quantum key exchange with authentication
CN110912695A (en) A quantum arbitration signature method and system based on six-particle teleportation
Kiraz et al. Anonymous RFID authentication for cloud services
CN110932856B (en) Verifiable quantum key negotiation method
CN107070869B (en) Anonymous authentication method based on secure hardware
Sutradhar et al. An efficient simulation of quantum secret sharing
Yang et al. Quantum authenticated direct communication using Bell states
He et al. Semi-quantum ring signature protocol based on multi-particle GHZ state
Ioannou et al. Public-key cryptography based on bounded quantum reference frames
CN110572788B (en) Wireless sensor communication method and system based on asymmetric key pool and implicit certificate

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant