[go: up one dir, main page]

CN116301726B - Multiparty combined random seed negotiation method and device - Google Patents

Multiparty combined random seed negotiation method and device Download PDF

Info

Publication number
CN116301726B
CN116301726B CN202310441579.4A CN202310441579A CN116301726B CN 116301726 B CN116301726 B CN 116301726B CN 202310441579 A CN202310441579 A CN 202310441579A CN 116301726 B CN116301726 B CN 116301726B
Authority
CN
China
Prior art keywords
public key
party
signature
seed
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310441579.4A
Other languages
Chinese (zh)
Other versions
CN116301726A (en
Inventor
徐基明
侯伟星
胡磊
邹银超
武鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alipay Hangzhou Digital Service Technology Co ltd
Original Assignee
Alipay Hangzhou Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alipay Hangzhou Information Technology Co Ltd filed Critical Alipay Hangzhou Information Technology Co Ltd
Priority to CN202310441579.4A priority Critical patent/CN116301726B/en
Publication of CN116301726A publication Critical patent/CN116301726A/en
Application granted granted Critical
Publication of CN116301726B publication Critical patent/CN116301726B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/58Random or pseudo-random number generators
    • G06F7/588Random number generators, i.e. based on natural stochastic processes
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Computational Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the specification provides a multiparty joint random seed negotiation method and device. The first party can acquire a first public key and a first private key of a first post quantum cryptography algorithm and send a first message at least comprising the first public key to the second party; the second party can process the first public key according to the first post quantum cryptography algorithm in the safe environment to obtain a first random seed and a seed ciphertext of the first random seed, and then send a second message at least comprising the seed ciphertext to the first party; correspondingly, the first party can decrypt the seed ciphertext according to the first private key to obtain a first random seed; wherein the first random seed is used to support the first party and the second party to generate a number of random numbers.

Description

Multiparty combined random seed negotiation method and device
Technical Field
One or more embodiments of the present disclosure relate to the field of computers, and in particular, to a method and apparatus for multi-party combined random seed negotiation.
Background
For a transaction that is partially required to be jointly performed by multiple participants, it may be necessary for the multiple participants to jointly negotiate a random seed, which is then used to generate a number of random numbers that support their joint execution of the relevant transaction. For example, for a Secure Multi-party computing (SMPC) task that is jointly performed by multiple parties, particularly for example, a Secure Multi-party computing multiplication task based on a secret sharing technique, it may be desirable for the multiple parties to jointly negotiate a random seed that is used to generate a number of random numbers that are used to support their joint performance of the Secure Multi-party computing multiplication task.
A new solution is desired to enable more secure negotiation of random seeds by multiple participants.
Disclosure of Invention
One or more embodiments of the present disclosure provide a method and apparatus for multi-party joint random seed negotiation.
In a first aspect, a method for negotiating random seeds by combining multiple parties is provided, including: a first party obtains a first public key and a first private key of a first post quantum cryptography algorithm; the first party sends a first message to the second party, wherein the first message comprises the first public key; the second party processes the first public key according to the first post quantum cryptography algorithm in the safe environment to obtain a first random seed and a seed ciphertext of the first random seed; the second party sends a second message to the first party, wherein the second message comprises the seed ciphertext; the first party decrypts the seed ciphertext according to the first private key to obtain the first random seed; wherein the first random seed is used to support the first party and the second party to generate a plurality of random numbers.
In one possible embodiment, the method further comprises: the first party clears the first public key and the first private key; the second party clears the first public key.
In one possible embodiment, the method further comprises: the first party generates a first signature of the first public key according to a second private key of a second postquantum cryptographic algorithm in a secure environment of the first party, and the first message also comprises the first signature and the second public key of the second postquantum cryptographic algorithm; and the second party verifies the validity of the second public key, and verifies the validity of the first signature according to the second public key under the condition that the second public key passes the verification.
In one possible implementation, the second party verifies the validity of the second public key, including: and the second party verifies the validity of the second public key through an authentication server.
In one possible implementation, the second party verifies the validity of the second public key, including: and the second party verifies the validity of the second public key through the preset first party rear quantum public key.
In one possible embodiment, the method further comprises: the second party generates a second signature of the seed ciphertext according to a third private key of a second postquantum cryptography algorithm in a secure environment of the second party, and the second message also comprises the second signature and a third public key of the second postquantum cryptography algorithm; the first party verifies the legitimacy of the third public key and verifies the legitimacy of the second signature if the third public key passes verification.
In one possible embodiment, the method further comprises: the first party obtains a fourth public key and a fourth private key of a third cryptographic algorithm, wherein the third cryptographic algorithm is a cryptographic algorithm based on an elliptic curve, and the fourth public key is further included in the first message; the second party obtains a fifth public key and a fifth private key of the third cryptographic algorithm, and the second message further comprises the fifth public key; the second party calculates to obtain intermediate data according to the fourth public key and the fifth private key in the safe environment; the second party calculates a second random seed according to the intermediate data and the first random seed; the first party calculates to obtain intermediate data according to the fifth public key and the fourth private key in the safe environment; the first party calculates a second random seed according to the intermediate data and the first random seed; wherein the second random seed is used to support the first party and the second party to generate a plurality of random numbers.
In one possible embodiment, the method further comprises: the first party generates a third signature of the first public key and the fourth public key according to a second private key of a second postquantum cryptographic algorithm in a secure environment of the first party, and the first message also comprises the third signature and the second public key of the second postquantum cryptographic algorithm; and the second party verifies the legitimacy of the second public key, and verifies the legitimacy of the third signature according to the second public key under the condition that the second public key passes the verification.
In one possible embodiment, the method further comprises: the second party generates a fourth signature of the seed ciphertext and the fifth public key according to a third private key of a second postquantum cryptographic algorithm in a secure environment of the second party, and the second message also comprises the fourth signature and the third public key of the second postquantum cryptographic algorithm; the first party verifies the legitimacy of the third public key and verifies the legitimacy of the fourth signature if the third public key passes verification.
In one possible embodiment, the method further comprises: generating a fifth signature of the first public key and the fourth public key according to a sixth private key of a fourth cryptographic algorithm by the first party in a secure environment, wherein the first message also comprises the fifth signature and the sixth public key of the fourth cryptographic algorithm; the fourth cryptographic algorithm is an elliptic curve-based cryptographic algorithm; and the second party verifies the validity of the sixth public key, and verifies the validity of the fifth signature according to the sixth public key under the condition that the sixth public key passes the verification.
In one possible embodiment, the method further comprises: the second party generates a sixth signature of the seed ciphertext and the fifth public key according to a seventh private key of a fourth cryptographic algorithm in a secure environment of the second party, and the second message further comprises the sixth signature and the seventh public key of the fourth cryptographic algorithm; the fourth cryptographic algorithm is an elliptic curve-based cryptographic algorithm; the second party verifies the validity of the seventh public key and verifies the validity of the sixth signature according to the seventh public key if the seventh public key passes verification.
In one possible implementation, the secure environment includes a trusted execution environment (Trusted execution environment, TEE), trusted platform module (Trusted Platform Module, TPM) device, or a secure cryptographic card.
In a second aspect, a method for negotiating random seed by combining multiple parties is provided, which is applied to a first party, and the method includes: acquiring a first public key and a first private key of a first post quantum cryptography algorithm; sending a first message to a second party, wherein the first message comprises the first public key, so that the second party processes the first public key according to the first post quantum cryptography algorithm in a secure environment of the second party, obtains a first random seed and a seed ciphertext of the first random seed, and returns a second message at least comprising the seed ciphertext to the first party; decrypting the seed ciphertext according to the first private key to obtain the first random seed; wherein the first random seed is used to support the first party and the second party to generate a plurality of random numbers.
In one possible embodiment, the method further comprises: in a secure environment, generating a first signature of the first public key according to a second private key of a second postquantum cryptographic algorithm, wherein the first message also comprises the first signature and the second public key of the second postquantum cryptographic algorithm, so that the second party verifies the validity of the second public key, and in the case that the second public key passes the verification, verifying the validity of the first signature according to the second public key.
In a possible implementation manner, the second message further comprises a second signature of the seed key and a third public key of a second post quantum cryptography algorithm, wherein the second signature is generated by the second party in the secure environment according to a third private key of the second post quantum cryptography algorithm; wherein the method further comprises: verifying the legitimacy of the third public key, and verifying the legitimacy of the second signature if the third public key passes the verification.
In one possible embodiment, the method further comprises: acquiring a fourth public key and a fourth private key of a third cryptographic algorithm, wherein the third cryptographic algorithm is a cryptographic algorithm based on an elliptic curve, the fourth public key is also included in the first message, and a fifth public key of the third cryptographic algorithm is also included in the second message; in a secure environment, calculating according to the fifth public key and the fourth private key to obtain intermediate data; and calculating a second random seed according to the intermediate data and the first random seed, wherein the second random seed is used for supporting the first party and the second party to generate a plurality of random numbers.
In one possible embodiment, the method further comprises: in a secure environment, generating a third signature of the first public key and the fourth public key according to a second private key of a second postquantum cryptographic algorithm, wherein the first message also comprises the third signature and a second public key of the second postquantum cryptographic algorithm, so that the second party verifies the validity of the second public key, and in the case that the second public key passes verification, verifying the validity of the third signature according to the second public key.
In a possible implementation manner, the second message further includes a fourth signature of the seed ciphertext and the fifth public key, and a third public key of a second post quantum cryptography algorithm, where the fourth signature is generated by the second party in its secure environment according to a third private key of the second post quantum cryptography algorithm; wherein the method further comprises: verifying the validity of the third public key, and verifying the validity of the fourth signature in the case that the third public key passes the verification.
In a third aspect, a method for negotiating random seed by combining multiple parties is provided, which is applied to a second party, and the method includes: receiving a first message, wherein the first message comprises a first public key of a first post quantum cryptography algorithm acquired by a first party; in a safe environment, processing the first public key according to the first post quantum cryptography algorithm to obtain a first random seed and a seed ciphertext of the first random seed; and sending a second message to the first party, wherein the second message comprises the seed ciphertext, so that the first party decrypts the seed ciphertext according to the obtained first private key of the first post quantum cryptography algorithm to obtain the first random seed, and the first random seed is used for supporting the first party and the second party to generate a plurality of random numbers.
In a possible implementation manner, the first message further comprises a second public key of a second post quantum cryptography algorithm and a first signature of the first public key, wherein the first signature is generated by the first party in the secure environment according to a second private key of the second post quantum cryptography algorithm; wherein the method further comprises: verifying the validity of the second public key, and verifying the validity of the first signature according to the second public key under the condition that the second public key passes the verification.
In one possible embodiment, the method further comprises: in a secure environment, generating a second signature of the seed ciphertext according to a third private key of a second postquantum cryptography algorithm, wherein the second message further comprises the second signature and a third public key of the second postquantum cryptography algorithm, so that the first party verifies the validity of the third public key, and in the case that the third public key passes the verification, the validity of the second signature is verified.
In a possible implementation manner, the first message further includes a fourth public key of a third cryptographic algorithm acquired by the first party, where the third cryptographic algorithm is an elliptic curve-based cryptographic algorithm; the method further comprises the steps of: obtaining a fifth public key and a fifth private key of the third cryptographic algorithm, wherein the second message further comprises the fifth public key, so that the first party calculates intermediate data according to the fifth public key and the obtained fourth private key of the third cryptographic algorithm in a secure environment of the first party, and calculates a second random seed according to the intermediate data and the first random seed; in a secure environment, calculating according to the fourth public key and the fifth private key to obtain the intermediate data; calculating to obtain the second random seed according to the intermediate data and the first random seed; wherein the second random seed is used to support the first party and the second party to generate a plurality of random numbers.
In a possible implementation manner, the first message further includes a third signature of the first public key and the fourth public key and a second public key of the second postquantum cryptography algorithm, wherein the third signature is generated by the first party in the secure environment according to a second private key of the second postquantum cryptography algorithm; the method further comprises the steps of: verifying the validity of the second public key, and verifying the validity of the third signature according to the second public key under the condition that the second public key passes the verification.
In one possible embodiment, the method further comprises: in a secure environment, generating a fourth signature of the seed ciphertext and the fifth public key according to a third private key of a second postquantum cryptography algorithm, wherein the second message further comprises the fourth signature and a third public key of the second postquantum cryptography algorithm, so that the first party verifies the validity of the third public key, and in the case that the third public key passes the verification, the validity of the fourth signature is verified.
In a fourth aspect, a multi-party joint random seed negotiation apparatus is provided, deployed at a first party, the apparatus comprising: a key acquisition unit configured to acquire a first public key and a first private key of a first post quantum cryptography algorithm; a communication processing unit configured to send a first message to a second party, where the first message includes the first public key, so that the second party processes the first public key according to the first post quantum cryptography algorithm in its secure environment, obtains a first random seed and a seed ciphertext of the first random seed, and returns a second message including at least the seed ciphertext to the first party; the encryption and decryption unit is configured to decrypt the seed ciphertext according to the first private key to obtain the first random seed; wherein the first random seed is used to support the first party and the second party to generate a plurality of random numbers.
In a fifth aspect, there is provided a multiparty joint random seed negotiation apparatus for deployment at a second party, the apparatus comprising: a communication processing unit configured to receive a first message from a first party, wherein the first message comprises a first public key of a first post quantum cryptography algorithm acquired by the first party; the secure environment is configured to process the first public key according to the first post quantum cryptography algorithm to obtain a first random seed and a seed ciphertext of the first random seed; the communication processing unit is configured to send a second message to the first party, wherein the second message comprises the seed ciphertext, so that the first party decrypts the seed ciphertext according to the obtained first private key of the first post quantum cryptography algorithm to obtain the first random seed, and the first random seed is used for supporting the first party and the second party to generate a plurality of random numbers.
In a sixth aspect, there is provided a computer readable storage medium having stored thereon a computer program/instruction which, when executed in a computing device, implements the method of any of the second or third aspects.
In a seventh aspect, there is provided a computing device comprising a memory having executable code stored therein and a processor which, when executing the executable code, implements the method of any of the second or third aspects.
Through the method and the device provided in one or more embodiments of the present disclosure, a first party may obtain a first public key and a first private key of a first post quantum cryptography algorithm, and send a first message including at least the first public key to a second party; the second party can process the first public key according to the first post quantum cryptography algorithm in the safe environment to obtain a first random seed and a seed ciphertext of the first random seed, and then send a second message at least comprising the seed ciphertext to the first party; correspondingly, the first party can decrypt the seed ciphertext according to the first private key to obtain a first random seed; wherein the first random seed is used to support the first party and the second party to generate a number of random numbers. In this way, by acquiring the first public key and the first private key of the standard post-quantum cryptography algorithm by the first party, and adopting the standard post-quantum cryptography algorithm in the secure environment of the second party, the first random seed is generated according to the first public key and the corresponding package is made into the seed ciphertext according to the first public key, even if an intruder intercepts all communication data including the seed ciphertext interacted by the first party and the second party, and successfully breaks the secure environment of the second party in the future, the first random seed for supporting the first party and the second party to generate a plurality of random numbers is still difficult to deduce, and the forward security is extremely high.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present description, the drawings that are needed in the description of the embodiments will be briefly introduced below, it being obvious that the drawings in the following description are only some embodiments of the present invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram illustrating an exemplary process for providing two parties to jointly perform a secure multiparty computing-based multiplication;
FIG. 2 is one of the flowcharts of a multi-party joint random seed negotiation method provided in the embodiments of the present disclosure;
FIG. 3 is a second flowchart of a multi-party joint random seed negotiation method provided in the embodiments of the present disclosure;
FIG. 4 is a schematic diagram of a multi-party joint random seed negotiation apparatus according to an embodiment of the present disclosure;
Fig. 5 is a schematic diagram of a multi-party joint random seed negotiation apparatus according to an embodiment of the present disclosure.
Detailed Description
Various non-limiting embodiments provided by the present specification are described in detail below with reference to the attached drawings.
For a transaction that is partially required to be jointly performed by multiple participants, it may be necessary for the multiple participants to jointly negotiate a random seed, which in turn is used to generate several random numbers for supporting their joint execution of the relevant transaction, e.g., for a secure multi-party computing task that is jointly performed by multiple participants, it may be necessary for the multiple participants to jointly negotiate a random seed.
The secure multiparty computation solves the cooperative computation problem of protecting privacy among a group of mutually-untrusted participants, ensures the independence of input and the correctness of computation, and does not leak each input data to other members participating in computation. Secret sharing (SECRET SHARING, also referred to as secret sharing, SS) techniques may be generally employed to support the implementation of secure multiparty computing. The idea of secret sharing is to split the private data as a secret in a proper way, and the split shares/fragments are managed by multiple participants, which cooperate in a specific way to restore the private data.
The following exemplary description describes a process in which party Alice and party Bob jointly perform secure multiparty computing-based multiplication on privacy values x and y using secret sharing techniques. Referring to fig. 1, alice may hold a current slice x1 of the privacy value x and a current slice y1 of the privacy value y, and Bob may hold a current slice x2 of the privacy value x and a current slice y2 of the privacy value y. The slices x1 and x2 may be used to restore the privacy value, for example, the privacy value x may be obtained by performing addition or exclusive-or operation on the slices x1 and x 2; based on similar principles, shard y1 and shard y2 may be used to recover the privacy value y. Alice may obtain multiple random numbers such as r 1、r2 and q 1, bob may obtain multiple random numbers such as r 1、r2 and q 1 in a secure environment, which are also expressed as multiplication triplets.
The process by which Alice and Bob jointly perform a secure multiparty calculation-based multiplication on the privacy value x and the privacy value y may include, but not precede, some or all of steps 1-7 below.
Step 1, alice calculates the difference between the slice x1 and the random number r 1 to obtain intermediate data d.
And 2, alice calculates the difference between the slice y1 and the random number r 2 to obtain intermediate data e.
And 3, alice sends the intermediate data d and the intermediate data e to Bob.
In step 4, alice uses the random number q 1 as the present slice z1 of the product z of the privacy value x and the privacy value y.
Step 5, bob calculates the sum of the fragment x2 and the intermediate data d in a safe environment to obtain intermediate data u; where it is understood that the value of u is equal to the difference between the privacy value x and the random number r 1.
Step 6, bob calculates the sum of the fragment y2 and the intermediate data e in a safe environment to obtain intermediate data v; where it is understood that the value of v is equal to the difference between the privacy value y and the random number r 2.
In step 7, bob performs a masked secure multiplication on the intermediate data u and the intermediate data v based on the random number q 1 in the secure environment to obtain a slice z2= (u+r 1)*(v+r2)-q1, where slice z2 is the present slice of the product z of the privacy value x and the privacy value y obtained by Bob, and the result of performing the addition operation or the exclusive-or operation on the slices z1 and z2 is equal to z.
The foregoing process is exemplary, alice and Bob may use more or less of the same random number, and use other schemes than the foregoing steps 1-7 to securely calculate the product z of the privacy value x and the privacy value y. In addition, alice may implement the related functions of some or all of the foregoing steps 1 to 4 in its secure environment, which may be implemented, for example, as a TEE, a TPM device/chip, or a secure cryptographic card.
The same pseudo-random number generators Gen-a and Gen-B may be deployed in Alice and Bob's secure environment, and if it is possible to ensure that Alice and Bob securely negotiate a random seed, the random seed may be input into Gen-a and Gen-B, so that Gen-a and Gen-B output random numbers for supporting Alice and Bob to securely multiply the privacy value x and the privacy value y, for example, outputting the aforementioned multiplication triplets composed of a plurality of random numbers such as r 1、r2 and q 1.
The foregoing illustrates the use of a random seed for multiparty joint negotiation in a joint execution of secure multiparty computing multiplication tasks by a plurality of parties, however it will be appreciated that the random seed for multiparty joint negotiation may also be applied to other technical scenarios, such as key negotiation scenarios performed by a joint execution of a plurality of parties, such that a plurality of parties may generate the same number of random numbers to be used as keys or key pairs based on the same random seed.
The embodiment of the specification at least provides a multiparty joint random seed negotiation method and device. The first party can acquire a first public key and a first private key of a first post quantum cryptography algorithm and send a first message at least comprising the first public key to the second party; the second party can process the first public key according to the first post quantum cryptography algorithm in the safe environment to obtain a first random seed and a seed ciphertext of the first random seed, and then send a second message at least comprising the seed ciphertext to the first party; correspondingly, the first party can decrypt the seed ciphertext according to the first private key to obtain a first random seed; wherein the first random seed is used to support the first party and the second party to generate a number of random numbers. In this way, by acquiring the first public key and the first private key of the standard post quantum cryptography algorithm by the first party, and adopting the standard post quantum cryptography algorithm in the secure environment of the second party, the first random seed is generated according to the first public key and the corresponding first random seed is packaged into the seed ciphertext according to the first public key, and even if an intruder intercepts all communication data including the seed ciphertext interacted by the first party and the second party and successfully breaks the secure environment of the second party in the future, the forward security is extremely high, and the first random seed for supporting the first party and the second party to generate a plurality of random numbers is still difficult to deduce.
Standard post quantum cryptography algorithms can resist quantum computer based attacks. The post quantum cryptography algorithm used for encrypting and decrypting the data comprises Kyber, aigis-Enc and the like, and the post quantum cryptography algorithm used for signing and verifying the data comprises Dilithium, FALCON, SPHINCS, aigis-Sig and the like.
The method is in the transition period of standardization and application transformation of the post quantum cryptography algorithm, namely in the coexistence state of the traditional public key algorithm and the post quantum cryptography algorithm. In the embodiment of the specification, the security of the random seed can be ensured by using the post quantum cryptography algorithm only, or in order to avoid the technical defect that the post quantum cryptography algorithm is not found at present, the security of the random seed can be ensured by combining the traditional public key algorithm and the post quantum cryptography algorithm, and compared with the mode of only adopting the post quantum cryptography algorithm, the mode of combining the traditional public key algorithm and the post quantum cryptography algorithm has higher security.
Fig. 2 is one of flowcharts of a multi-party joint random seed negotiation method provided in an embodiment of the present disclosure. In the method, a process of jointly negotiating a random seed for generating a plurality of random numbers is exemplarily described in the case that Alice (corresponding to a first party) and Bob (corresponding to a second party) only use a post quantum cryptography algorithm to ensure security; where Alice and Bob may be implemented as any apparatus, platform, device, or cluster of devices configured with computing/processing capabilities.
Wherein Alice may store the second private key SKPQ 0 of the second postquantum cryptographic algorithm in its secure environment and store the second public key PKPQ 0 of the second postquantum cryptographic algorithm in its secure environment or outside the secure environment. Bob may store the third private key SKPQ 1 of the second post-quantum cryptographic algorithm in his secure environment, and store the third public key PKPQ 1 of the second post-quantum cryptographic algorithm in his secure environment or outside the secure environment. Wherein the second private key SKPQ 0 and the second public key PKPQ 0 are public-private key pairs corresponding to each other, and the third private key SKPQ 1 and the third public key PKPQ 1 are public-private key pairs corresponding to each other. The second post quantum cryptography algorithm may comprise Dilithium, FALCON, SPHINCS or Aigis-Sig, for example.
Referring to fig. 2, the method may include, but is not limited to, some or all of the following steps S201 to S217.
In step S201, alice obtains a first public key pk and a first private key sk of a first post quantum cryptography algorithm.
The first post quantum cryptography algorithm includes Kyber or Aigis-Enc, for example. Alice may randomly generate a temporary key pair consisting of the first public key pk and the first private key sk by invoking a key generation function of the first post quantum cryptography algorithm.
Optionally, in step S203, alice generates a first signature S 0 of the first public key pk from the second private key SKPQ 0 of the second post quantum cryptography algorithm in its secure environment.
In step S205, alice sends a first message to the second party, where the first message includes the first public key pk.
In the case where Alice performs the aforementioned step S203, the first message may further include a first signature S 0 and a second public key PKPQ 0 of the second postquantum cryptography algorithm.
In the case that the first message includes the first signature S 0 and the second public key PKPQ 0 of the second postquantum cryptography algorithm, bob may perform the following step S207 to verify the validity of the second public key PKPQ 0, and in the case that the second public key PKPQ 0 is verified, verify the validity of the first signature S 0 according to the second public key PKPQ 0.
Bob can interact with an authentication server provided by a third party in his secure environment, thereby implementing verification of the legitimacy of the second public key PKPQ 0 by the authentication server. Or Bob may preset the first-party post-quantum public key corresponding to Alice in its secure environment, and if the second public key PKPQ 0 is the same as the first-party post-quantum public key corresponding to Alice, determine that the second public key PKPQ 0 passes the validity verification. Wherein, if either the second public key PKPQ 0 or the first signature S 0 fails the validity verification, bob may terminate the continued execution of the subsequent step S209. If either the second public key PKPQ 0 or the first signature S 0 passes the validity verification, bob may proceed to the subsequent step S209.
In step S209, bob processes the first public key pk according to the first post-quantum cryptography algorithm in its secure environment to obtain a first random seed k1 and a seed ciphertext c of the first random seed k 1.
Optionally, in step S211, bob generates a second signature S 1 of the seed ciphertext c from the third private key SKPQ 1 of the second post quantum cryptography algorithm in its secure environment.
In step S213, bob sends a second message to Alice, where the second message includes the seed ciphertext c.
In the case where Bob performs the aforementioned step S211, the second message may further include the second signature S 1 and the third public key PKPQ 1 of the second postquantum cryptography algorithm.
In the case that the second message includes the second signature S 1 and the third public key PKPQ 1 of the second postquantum cryptography algorithm, alice may perform the following step S215, in its secure environment, of verifying the legitimacy of the third public key PKPQ 1, and in the case that the third public key PKPQ 1 passes the verification, of verifying the legitimacy of the second signature S 1.
Alice may interact with an authentication server provided by a third party in its secure environment, thereby implementing verification of the validity of the third public key PKPQ 1 by the authentication server. Or Alice may preset a second party post quantum public key corresponding to Bob in its secure environment, and if the third public key PKPQ 1 is the same as the second party post quantum public key corresponding to Bob, determine that the third public key PKPQ 1 passes the validity verification. If, among other things, the third public key PKPQ 1 or the second signature S 1 fails the validity verification, alice may terminate the continued execution of the subsequent step S217. If either the third public key PKPQ 1 or the second signature S 1 passes the validity verification, bob may proceed to the subsequent step S217.
In step S217, alice decrypts the seed ciphertext c according to the first private key sk, and obtains a first random seed k1.
After Alice and Bob each obtain the first random seed k1, alice may also clear the temporary key pair composed of the first public key pk and the first private key sk obtained in the foregoing step S201, and Bob may clear the first public key pk that Bob receives from Alice. Therefore, after intercepting the intermediate data interacted by Alice and Bob, an attacker is prevented from cracking the first random seed k1 by stealing the temporary keys such as the first public key pk, the first private key sk and the like, and the forward security of the first random seed is ensured.
The first random seed k1 may be used to support Alice and Bob to generate several random numbers. For example, alice may deploy a pseudorandom number generator Gen-A within its secure environment or outside of the secure environment, and Bob may deploy the same pseudorandom number generator Gen-B as the pseudorandom number generator Gen-A in its secure environment. Alice and Bob may each input their obtained first random seed k1 into Gen-a and Gen-B such that Gen-a and Gen-B output several random numbers, respectively, according to the first random seed k 1. Wherein, because Gen-A and Gen-B are the same, the random numbers output by Gen-A according to the first random number k1 are the same as the random numbers output by Gen-B according to the first random number k 1. The random numbers can be used for supporting Alice and Bob to jointly execute specific transactions, for example, the random numbers can be multiplication triplets for supporting Alice and Bob to jointly execute multiplication tasks based on secure multiparty calculation, namely, the random numbers correspond to the random numbers such as r 1、r2, q 1 and the like; furthermore, in the case where Alice holds the current slice x1 of the privacy value x and the current slice y1 of the privacy value y, and Bob holds the current slice x2 of the privacy value x and the current slice y2 of the privacy value y, alice and Bob may execute the processes of steps 1 to 7 of the foregoing examples based on the random correspondence, so as to complete the joint execution of the multiplication based on the secure multiparty calculation on the privacy value x and the privacy value y.
Fig. 3 is a second flowchart of a multi-party joint random seed negotiation method according to an embodiment of the present disclosure. In the method, a process of jointly negotiating a random seed for generating a plurality of random numbers by Alice and Bob under the condition that Alice and Bob combine a traditional public key algorithm and a post quantum cryptography algorithm to ensure the security of the random seed is exemplarily described.
In one possible implementation, alice may store the second private key SKPQ 0 of the second postquantum cryptographic algorithm in its secure environment, and store the second public key PKPQ 0 of the second postquantum cryptographic algorithm in its secure environment or outside the secure environment. Correspondingly, bob may store the third private key SKPQ 1 of the second postquantum cryptographic algorithm in his secure environment, and store the third public key PKPQ 1 of the second postquantum cryptographic algorithm in his secure environment or outside the secure environment. Wherein the second private key SKPQ 0 and the second public key PKPQ 0 are public-private key pairs corresponding to each other, and the third private key SKPQ 1 and the third public key PKPQ 1 are public-private key pairs corresponding to each other. The aforementioned second post quantum cryptography algorithm may include Dilithium, FALCON, SPHINCS or Aigis-Sig, for example.
In one possible implementation, alice may store the sixth private key SKEC 0 of the fourth cryptographic algorithm in its secure environment and the sixth public key PKEC 0 of the fourth cryptographic algorithm in its secure environment or outside the secure environment. Correspondingly, bob may store the seventh private key SKEC 1 of the fourth cryptographic algorithm in his secure environment, and store the seventh public key PKEC 1 of the fourth cryptographic algorithm in his secure environment or outside the secure environment. Sixth private key SKEC 0 and sixth public key PKEC 0 are mutually corresponding public-private key pairs, and seventh private key SKEC 1 and seventh public key PKEC 1 are mutually corresponding public-private key pairs. The fourth cryptographic algorithm may be, for example, a conventional public key algorithm based on elliptic curves, such as ECDH.
Referring to fig. 3, the method may include, but is not limited to, some or all of the following steps S301 to S333.
In step S301, alice obtains a first public key pk and a first private key sk of a first post quantum cryptography algorithm.
The first post quantum cryptography algorithm includes Kyber or Aigis-Enc, for example. Alice may randomly generate a temporary key pair consisting of the first public key pk and the first private key sk by invoking a key generation function of the first post quantum cryptography algorithm.
In step S3031, alice obtains, in its secure environment, a fourth public key Q 0 and a fourth private key d 0 of the third cryptographic algorithm.
In step S3033, bob obtains the fifth public key Q 1 and the fifth private key d 1 of the third cryptographic algorithm in its secure environment.
The third cryptographic algorithm is an elliptic curve-based cryptographic algorithm, such as ECDH. Alice may randomly generate a temporary key pair consisting of a fourth public key Q 0 and a fourth private key d 0 by invoking a key generation function of a third cryptographic algorithm in its secure environment; bob may randomly generate a temporary key pair consisting of the fifth public key Q 1 and the fifth private key d 1 by invoking a key generation function of the third cryptographic algorithm in his secure environment.
Optionally, in step S305, alice generates a third signature SPQ 0 of the first public key pk and the fourth public key Q 0 from the second private key SKPQ 0 of the second post quantum cryptography algorithm in its secure environment.
Optionally, in step S307, alice generates a fifth signature SEC 0 of the first public key pk and the fourth public key Q 0 from the sixth private key SKEC 0 of the fourth cryptographic algorithm in its secure environment.
In step S309, alice sends a first message to the second party, where the first message includes the first public key pk and the fourth public key Q 0. Depending on whether Alice performs the foregoing step S305 and step S307, part or all of the information, such as the third signature SPQ 0, the fifth signature SEC 0, the second public key PKPQ 0 of the second post quantum cryptography algorithm, and the sixth public key PKEC 0 of the fourth cryptography algorithm, may be further included in the first message.
In case the third signature SPQ 0 and the second public key PKPQ 0 of the second postquantum cryptographic algorithm are included in the first message, bob may perform the following step S311 to verify the legitimacy of the second public key PKPQ 0 and, in case the second public key PKPQ 0 is verified, verify the legitimacy of the third signature SPQ 0 according to the second public key PKPQ 0.
Bob can verify the legitimacy of the second public key PKPQ 0 and the third signature SPQ 0 in his secure environment, the verification process being similar to the legitimacy of the first signature S 0 and the second public key PKPQ 0 of the previous Wen Yanzheng, and will not be repeated here.
In case the fifth signature SEC 0 and the sixth public key PKEC 0 of the fourth cryptographic algorithm are included in the first message Bob may perform the following step S313 to verify the legitimacy of the sixth public key PKEC 0 and in case the sixth public key PKEC 0 is verified, verify the legitimacy of the fifth signature SEC 0 according to the sixth public key PKEC 0.
Bob can exchange information with an authentication server provided by a third party in his secure environment, thereby implementing verification of the validity of the sixth public key PKEC 0 by the authentication server. Or Bob may preset a first party's conventional public key corresponding to Alice in its secure environment, and determine that the sixth public key PKEC 0 passes the validity verification if the sixth public key PKEC 0 is the same as the first party's conventional public key corresponding to Alice.
Wherein Bob may terminate the continued execution of the subsequent step S315 if any of the second public key PKPQ 0, the third signature SPQ 0, the sixth public key PKEC 0, and the fifth signature SEC 0 fails the validity verification.
In step S315, bob processes the first public key pk according to the first post-quantum cryptography algorithm in its secure environment to obtain a first random seed k1 and a seed ciphertext c of the first random seed k 1.
In step S317, bob calculates intermediate data according to the fourth public key Q 0 and the fifth private key d 1, and calculates the second random seed k according to the intermediate data and the first random seed k1 in its secure environment.
The fourth public key Q 0 and the fifth private key d 1 may be point multiplied to obtain affine coordinates (x b,yb) on an elliptic curve, where x b may be used as calculated intermediate data. Further, for example, the fourth public key Q 0, the fifth public key Q 1, and the intermediate data x b may be transferred to a certain key generation function f to obtain the third random seed k2, and the second random seed k may be generated from the first random seed k1 and the third random seed k 2.
Optionally, bob generates a seed ciphertext c and a fourth signature SPQ 1 of the fifth public key Q 1 from the third private key SKPQ 1 of the second post-quantum cryptography algorithm in its secure environment at step S319.
Optionally, bob generates a seed ciphertext c and a sixth signature SEC 1 of the fifth public key Q 1 from the seventh private key SKEC 1 of the fourth cryptographic algorithm in its secure environment at step S321.
In step S323, bob sends a second message to Alice, where the second message includes the seed ciphertext c and the public key Q 1. Depending on whether Bob performs the foregoing step S319 and step S321, some or all of the information such as the fourth signature SPQ 1, the sixth signature SEC 1, the third public key PKPQ 1 of the second post quantum cryptography algorithm, and the seventh public key PKEC 1 of the fourth cryptography algorithm may be further included in the second message.
In the case that the second message includes the fourth signature SPQ 1 and the third public key PKPQ 1 of the second postquantum cryptography algorithm, alice may perform the following step S325 of verifying the validity of the third public key PKPQ 1 and, in the case that the third public key PKPQ 1 passes the verification, verifying the validity of the fourth signature SPQ 1.
Alice may verify the legitimacy of the third public key PKPQ 1 and the fourth signature SPQ 1 in its secure environment, the verification process being similar to the legitimacy of the first Wen Yanzheng third public key PKPQ 1 and the second signature S 1 and will not be repeated here.
In case the sixth signature SEC 1 and the seventh public key PKEC 1 of the fourth cryptographic algorithm are included in the second message, alice may perform the following step S327 of verifying the validity of the seventh public key PKEC 1 and, in case the seventh public key PKEC 1 is verified, verifying the validity of the sixth signature SEC 1 according to the seventh public key PKEC 1.
Alice may interact with an authentication server provided by a third party in its secure environment, thereby implementing verification of validity of the seventh public key PKEC 1 by the authentication server. Or Bob may preset a second party's conventional public key corresponding to Alice in its secure environment, and determine that the seventh public key PKEC 1 passes the validity verification if the seventh public key PKEC 1 is the same as the second party's conventional public key corresponding to Bob.
Wherein, if any one of the third public key PKPQ 1, the seventh public key PKEC 1, the fourth signature SPQ 1, and the sixth signature SEC 1 fails the validity verification, alice may terminate to continue to perform the subsequent step S329.
In step S329, alice decrypts the seed ciphertext c according to the first private key sk, and obtains a first random seed k1.
In step S331, alice calculates intermediate data from the fifth public key Q 1 and the fourth private key d 0 in its secure environment.
The fifth public key Q 1 and the fourth private key d 0 may be point multiplied to obtain affine coordinates (x a,ya) on an elliptic curve, where x a may be used as calculated intermediate data. It should be noted that, depending on the characteristics of the elliptic curve-based cryptographic algorithm, the point multiplication of the fourth public key Q 0 and the fifth private key d 1 is performed to obtain affine coordinates (x b,yb) on the elliptic curve, and the point multiplication of the fifth public key Q 1 and the fourth private key d 0 is performed to obtain affine coordinates (x a,ya) on the elliptic curve, and x b is identical to x a. Alice and Bob can thus obtain the same intermediate data in their respective secure environments.
Thus, alice may proceed to step S333 to calculate a second random seed from the intermediate data and the first random seed k 1. Similar to Bob's second random seed obtaining process, alice may, for example, transfer the fourth public key Q 0, the fifth public key Q 1, and the intermediate data x a into a certain key generation function f to obtain a third random seed k2, and further generate the second random seed k according to the first random seed k1 and the third random seed k 2.
After Alice and Bob each obtain the first random seed k1, alice may also clear the temporary key pair composed of the first public key pk and the first private key sk obtained in the foregoing step S301, and the temporary key pair composed of the fourth public key Q 0 and the fourth private key d 0 obtained in the foregoing step S3031, and Bob may clear the first public key pk received from Alice, and the temporary key pair composed of the fifth public key Q 1 and the fifth private key d 1 obtained in the foregoing step S3033. Therefore, after intercepting the intermediate data interacted by Alice and Bob, an attacker is prevented from cracking the first random seed k1 and the second random seed k by stealing temporary keys such as the first public key pk, the first private key sk, the fourth public key Q 0, the fourth private key d 0, the fifth public key Q 1, the fifth private key d 1 and the like, and ensuring the forward security of the first random seed k1 and the second random seed k.
A second random seed k may be used to support Alice and Bob to generate several random numbers. For example, alice may deploy a pseudorandom number generator Gen-A within its secure environment or outside of the secure environment, and Bob may deploy the same pseudorandom number generator Gen-B as the pseudorandom number generator Gen-A in its secure environment. Alice and Bob may each input their obtained second random seed k into Gen-a and Gen-B, such that Gen-a and Gen-B output several random numbers, respectively, according to the second random seed k. Wherein, because Gen-A and Gen-B are the same, gen-A outputs a plurality of random numbers according to the second random number k, which is the same as Gen-B outputs a plurality of random numbers according to the second random number k. The random numbers can be used for supporting Alice and Bob to jointly execute specific transactions, for example, the random numbers can be used as multiplication triplets for supporting Alice and Bob to jointly execute multiplication tasks based on secure multiparty calculation, namely, the random numbers correspond to the random numbers such as r 1、r2, q 1 and the like; furthermore, in the case where Alice holds the current slice x1 of the privacy value x and the current slice y1 of the privacy value y, and Bob holds the current slice x2 of the privacy value x and the current slice y2 of the privacy value y, alice and Bob may execute the processes of steps 1 to 7 of the foregoing examples based on the random correspondence, so as to complete the joint execution of the multiplication based on the secure multiparty calculation on the privacy value x and the privacy value y.
In the foregoing embodiments, in the case where, in each method step performed by Alice (corresponding to the first party), it is not indicated that the method step needs to be implemented in the secure environment of Alice, the method step may be implemented either outside the secure environment of Alice or inside the secure environment, that is, the corresponding function may be selectively implemented inside or outside the secure environment.
Based on the same concept as the foregoing method embodiments, in the present embodiment, a multi-party joint random seed negotiation apparatus 400 is provided and deployed on a first party. Referring to fig. 4, the apparatus 400 includes: a key acquisition unit 401 configured to acquire a first public key and a first private key of a first post quantum cryptography algorithm; a communication processing unit 403 configured to send a first message to a second party, where the first message includes the first public key, so that the second party processes the first public key according to the first post quantum cryptography algorithm in its secure environment, obtains a first random seed and a seed ciphertext of the first random seed, and returns a second message including at least the seed ciphertext to the first party; an encrypting and decrypting unit 405 configured to decrypt the seed ciphertext according to the first private key to obtain the first random seed; wherein the first random seed is used to support the first party and the second party to generate a plurality of random numbers.
Based on the same concept as the foregoing method embodiments, in the present embodiment, a multi-party joint random seed negotiation apparatus 500 is provided and deployed on a second party. Referring to fig. 5, the apparatus 500 includes: a communication processing unit 501 configured to receive a first message from a first party, where the first message includes a first public key of a first post quantum cryptography algorithm acquired by the first party; a secure environment 503 configured to process the first public key according to the first post quantum cryptography algorithm to obtain a first random seed and a seed ciphertext of the first random seed; the communication processing unit 501 is configured to send a second message to the first party, where the second message includes the seed ciphertext, so that the first party decrypts the seed ciphertext according to the obtained first private key of the first post quantum cryptography algorithm to obtain the first random seed, where the first random seed is used to support the first party and the second party to generate a plurality of random numbers.
Those of skill in the art will appreciate that in one or more of the examples described above, the functions described herein may be implemented in hardware, software, firmware, or any combination thereof. When implemented in software, the computer programs corresponding to these functions may be stored in a computer readable medium or transmitted as one or more instructions/codes on a computer readable medium, so that the computer programs corresponding to these functions are executed by a computer, by which the methods described in any of the embodiments of the present specification are implemented.
There is also provided in embodiments of the present specification a computer readable storage medium having stored thereon a computer program/instructions which, when executed in a computing device, performs the method steps provided in any of the embodiments of the present specification as performed by a first party/Alice or a second party/Bob.
Embodiments of the present disclosure also provide a computing device, including a memory and a processor, where the memory stores executable code/instructions that, when executed by the processor, implement the method steps provided in any one embodiment of the present disclosure as performed by the first party/Alice or the second party/Bob.
In this specification, each embodiment is described in a progressive manner, and the same and similar parts in each embodiment are referred to each other, and each embodiment is mainly described in a different point from other embodiments. In particular, for the device embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments in part.
The foregoing describes specific embodiments of the present disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
The foregoing embodiments have been provided for the purpose of illustrating the general principles of the present invention in further detail, and are not to be construed as limiting the scope of the invention, but are merely intended to cover any modifications, equivalents, improvements, etc. based on the teachings of the invention.

Claims (23)

1. A multi-party joint random seed negotiation method comprises the following steps:
a first party obtains a first public key and a first private key of a first post quantum cryptography algorithm;
The first party sends a first message to the second party, wherein the first message comprises the first public key;
The second party processes the first public key according to the first post quantum cryptography algorithm in the safe environment to obtain a first random seed and a seed ciphertext of the first random seed;
the second party sends a second message to the first party, wherein the second message comprises the seed ciphertext;
the first party decrypts the seed ciphertext according to the first private key to obtain the first random seed;
wherein the first random seed is used to support the first party and the second party to generate the same plurality of random numbers.
2. The method of claim 1, the method further comprising:
the first party clears the first public key and the first private key;
The second party clears the first public key.
3. The method of claim 1, the method further comprising:
The first party generates a first signature of the first public key according to a second private key of a second postquantum cryptographic algorithm in a secure environment of the first party, and the first message also comprises the first signature and the second public key of the second postquantum cryptographic algorithm;
and the second party verifies the validity of the second public key, and verifies the validity of the first signature according to the second public key under the condition that the second public key passes the verification.
4. A method according to claim 3, the second party verifying the legitimacy of the second public key, comprising:
The second party verifies the validity of the second public key through an authentication server; or alternatively
And the second party verifies the validity of the second public key through the preset first party rear quantum public key.
5. The method of claim 1, the method further comprising:
The second party generates a second signature of the seed ciphertext according to a third private key of a second postquantum cryptography algorithm in a secure environment of the second party, and the second message also comprises the second signature and a third public key of the second postquantum cryptography algorithm;
The first party verifies the legitimacy of the third public key and verifies the legitimacy of the second signature if the third public key passes verification.
6. The method of claim 1, the method further comprising:
the first party obtains a fourth public key and a fourth private key of a third cryptographic algorithm, wherein the third cryptographic algorithm is a cryptographic algorithm based on an elliptic curve, and the fourth public key is further included in the first message;
the second party obtains a fifth public key and a fifth private key of the third cryptographic algorithm, and the second message further comprises the fifth public key;
the second party calculates to obtain intermediate data according to the fourth public key and the fifth private key in the safe environment;
The second party calculates a second random seed according to the intermediate data and the first random seed;
the first party calculates to obtain intermediate data according to the fifth public key and the fourth private key in the safe environment;
the first party calculates a second random seed according to the intermediate data and the first random seed;
wherein the second random seed is used to support the first party and the second party to generate the same plurality of random numbers.
7. The method of claim 6, the method further comprising:
the first party generates a third signature of the first public key and the fourth public key according to a second private key of a second postquantum cryptographic algorithm in a secure environment of the first party, and the first message also comprises the third signature and the second public key of the second postquantum cryptographic algorithm;
And the second party verifies the legitimacy of the second public key, and verifies the legitimacy of the third signature according to the second public key under the condition that the second public key passes the verification.
8. The method of claim 6, the method further comprising:
the second party generates a fourth signature of the seed ciphertext and the fifth public key according to a third private key of a second postquantum cryptographic algorithm in a secure environment of the second party, and the second message also comprises the fourth signature and the third public key of the second postquantum cryptographic algorithm;
the first party verifies the legitimacy of the third public key and verifies the legitimacy of the fourth signature if the third public key passes verification.
9. The method of claim 6, the method further comprising:
Generating a fifth signature of the first public key and the fourth public key according to a sixth private key of a fourth cryptographic algorithm by the first party in a secure environment, wherein the first message also comprises the fifth signature and the sixth public key of the fourth cryptographic algorithm; the fourth cryptographic algorithm is an elliptic curve-based cryptographic algorithm;
And the second party verifies the validity of the sixth public key, and verifies the validity of the fifth signature according to the sixth public key under the condition that the sixth public key passes the verification.
10. The method of claim 6, the method further comprising:
the second party generates a sixth signature of the seed ciphertext and the fifth public key according to a seventh private key of a fourth cryptographic algorithm in a secure environment of the second party, and the second message further comprises the sixth signature and the seventh public key of the fourth cryptographic algorithm; the fourth cryptographic algorithm is an elliptic curve-based cryptographic algorithm;
the second party verifies the validity of the seventh public key and verifies the validity of the sixth signature according to the seventh public key if the seventh public key passes verification.
11. The method of any of claims 1-10, the secure environment comprising a trusted execution environment TEE, a trusted platform module TPM device, or a secure cryptographic card.
12. A multi-party joint random seed negotiation method applied to a first party, the method comprising:
acquiring a first public key and a first private key of a first post quantum cryptography algorithm;
Sending a first message to a second party, wherein the first message comprises the first public key, so that the second party processes the first public key according to the first post quantum cryptography algorithm in a secure environment of the second party, obtains a first random seed and a seed ciphertext of the first random seed, and returns a second message at least comprising the seed ciphertext to the first party;
Decrypting the seed ciphertext according to the first private key to obtain the first random seed;
wherein the first random seed is used to support the first party and the second party to generate the same plurality of random numbers.
13. The method of claim 12, the method further comprising:
In a secure environment, generating a first signature of the first public key according to a second private key of a second postquantum cryptographic algorithm, wherein the first message also comprises the first signature and the second public key of the second postquantum cryptographic algorithm, so that the second party verifies the legitimacy of the second public key, and in the case that the second public key passes the verification, verifying the legitimacy of the first signature according to the second public key;
And/or the second message further comprises a second signature of the seed ciphertext and a third public key of a second post quantum cryptography algorithm, wherein the second signature is generated by the second party in the secure environment according to a third private key of the second post quantum cryptography algorithm; wherein the method further comprises: verifying the legitimacy of the third public key, and verifying the legitimacy of the second signature if the third public key passes the verification.
14. The method of claim 12, the method further comprising:
Acquiring a fourth public key and a fourth private key of a third cryptographic algorithm, wherein the third cryptographic algorithm is a cryptographic algorithm based on an elliptic curve, the fourth public key is also included in the first message, and a fifth public key of the third cryptographic algorithm is also included in the second message;
in a secure environment, calculating according to the fifth public key and the fourth private key to obtain intermediate data;
And calculating a second random seed according to the intermediate data and the first random seed, wherein the second random seed is used for supporting the first party and the second party to generate the same plurality of random numbers.
15. The method of claim 14, the method further comprising:
In a secure environment, generating a third signature of the first public key and the fourth public key according to a second private key of a second postquantum cryptographic algorithm, wherein the first message also comprises the third signature and a second public key of the second postquantum cryptographic algorithm, so that the second party verifies the validity of the second public key, and in the case that the second public key passes the verification, verifies the validity of the third signature according to the second public key;
And/or the second message further comprises a fourth signature of the seed ciphertext and the fifth public key, and a third public key of a second postquantum cryptography algorithm, wherein the fourth signature is generated by the second party in the secure environment according to a third private key of the second postquantum cryptography algorithm; wherein the method further comprises: verifying the validity of the third public key, and verifying the validity of the fourth signature in the case that the third public key passes the verification.
16. A multi-party joint random seed negotiation method applied to a second party, the method comprising:
Receiving a first message, wherein the first message comprises a first public key of a first post quantum cryptography algorithm acquired by a first party;
In a safe environment, processing the first public key according to the first post quantum cryptography algorithm to obtain a first random seed and a seed ciphertext of the first random seed;
and sending a second message to the first party, wherein the second message comprises the seed ciphertext, so that the first party decrypts the seed ciphertext according to the acquired first private key of the first post quantum cryptography algorithm to obtain the first random seed, and the first random seed is used for supporting the first party and the second party to generate the same plurality of random numbers.
17. The method of claim 16, wherein,
The first message also comprises a second public key of a second postquantum cryptography algorithm and a first signature of the first public key, wherein the first signature is generated by the first party in the safety environment according to a second private key of the second postquantum cryptography algorithm; wherein the method further comprises: verifying the validity of the second public key, and verifying the validity of the first signature according to the second public key under the condition that the second public key passes the verification;
And/or, the method further comprises: in a secure environment, generating a second signature of the seed ciphertext according to a third private key of a second postquantum cryptography algorithm, wherein the second message further comprises the second signature and a third public key of the second postquantum cryptography algorithm, so that the first party verifies the validity of the third public key, and in the case that the third public key passes the verification, the validity of the second signature is verified.
18. The method of claim 16, further comprising in the first message a fourth public key of a third cryptographic algorithm obtained by the first party, the third cryptographic algorithm being an elliptic curve-based cryptographic algorithm; the method further comprises the steps of:
Obtaining a fifth public key and a fifth private key of the third cryptographic algorithm, wherein the second message further comprises the fifth public key, so that the first party calculates intermediate data according to the fifth public key and the obtained fourth private key of the third cryptographic algorithm in a secure environment of the first party, and calculates a second random seed according to the intermediate data and the first random seed;
in a secure environment, calculating according to the fourth public key and the fifth private key to obtain the intermediate data;
calculating to obtain the second random seed according to the intermediate data and the first random seed;
wherein the second random seed is used to support the first party and the second party to generate the same plurality of random numbers.
19. The method of claim 18, wherein,
The first message also comprises a third signature of the first public key, a third signature of the fourth public key and a second public key of the second postquantum cryptography algorithm, wherein the third signature is generated by the first party in the safety environment according to a second private key of the second postquantum cryptography algorithm; the method further comprises the steps of: verifying the validity of the second public key, and verifying the validity of the third signature according to the second public key under the condition that the second public key passes the verification;
And/or, the method further comprises: in a secure environment, generating a fourth signature of the seed ciphertext and the fifth public key according to a third private key of a second postquantum cryptography algorithm, wherein the second message further comprises the fourth signature and a third public key of the second postquantum cryptography algorithm, so that the first party verifies the validity of the third public key, and in the case that the third public key passes the verification, the validity of the fourth signature is verified.
20. A multi-party joint random seed negotiation apparatus deployed at a first party, the apparatus comprising:
A key acquisition unit configured to acquire a first public key and a first private key of a first post quantum cryptography algorithm;
A communication processing unit configured to send a first message to a second party, where the first message includes the first public key, so that the second party processes the first public key according to the first post quantum cryptography algorithm in its secure environment, obtains a first random seed and a seed ciphertext of the first random seed, and returns a second message including at least the seed ciphertext to the first party;
The encryption and decryption unit is configured to decrypt the seed ciphertext according to the first private key to obtain the first random seed;
wherein the first random seed is used to support the first party and the second party to generate the same plurality of random numbers.
21. A multi-party joint random seed negotiation apparatus deployed at a second party, the apparatus comprising:
a communication processing unit configured to receive a first message from a first party, wherein the first message comprises a first public key of a first post quantum cryptography algorithm acquired by the first party;
the secure environment is configured to process the first public key according to the first post quantum cryptography algorithm to obtain a first random seed and a seed ciphertext of the first random seed;
The communication processing unit is configured to send a second message to the first party, wherein the second message comprises the seed ciphertext, so that the first party decrypts the seed ciphertext according to the obtained first private key of the first post quantum cryptography algorithm to obtain the first random seed, and the first random seed is used for supporting the first party and the second party to generate the same plurality of random numbers.
22. A computer readable storage medium having stored thereon a computer program which, when executed in a computing device, performs the method of any of claims 12-19.
23. A computing device comprising a memory having executable code stored therein and a processor, which when executing the executable code, implements the method of any of claims 12-19.
CN202310441579.4A 2023-04-13 2023-04-13 Multiparty combined random seed negotiation method and device Active CN116301726B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310441579.4A CN116301726B (en) 2023-04-13 2023-04-13 Multiparty combined random seed negotiation method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310441579.4A CN116301726B (en) 2023-04-13 2023-04-13 Multiparty combined random seed negotiation method and device

Publications (2)

Publication Number Publication Date
CN116301726A CN116301726A (en) 2023-06-23
CN116301726B true CN116301726B (en) 2024-11-19

Family

ID=86815172

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310441579.4A Active CN116301726B (en) 2023-04-13 2023-04-13 Multiparty combined random seed negotiation method and device

Country Status (1)

Country Link
CN (1) CN116301726B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN120074817A (en) * 2025-02-28 2025-05-30 玉溪市电子政务内网信息技术中心 Quantum signature method after two-party synergy Aigis-sig

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115765985A (en) * 2022-10-20 2023-03-07 支付宝(杭州)信息技术有限公司 Processing method and device for multi-party secure computation

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB0809045D0 (en) * 2008-05-19 2008-06-25 Qinetiq Ltd Quantum key distribution involving moveable key device
WO2022021193A1 (en) * 2020-07-30 2022-02-03 华为技术有限公司 Key negotiation method and apparatus

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115765985A (en) * 2022-10-20 2023-03-07 支付宝(杭州)信息技术有限公司 Processing method and device for multi-party secure computation

Also Published As

Publication number Publication date
CN116301726A (en) 2023-06-23

Similar Documents

Publication Publication Date Title
CN109255247B (en) Multi-party security calculation method and device and electronic equipment
KR100845018B1 (en) Authentication system and remotely- distributed storage system
CN110995409A (en) Mimicry defense arbitration method and system based on partial homomorphic encryption algorithm
US6944765B1 (en) Method of authentication anonymous users while reducing potential for “middleman” fraud
CN108933650B (en) Data encryption and decryption method and device
US20120323981A1 (en) Proxy calculation system, proxy calculation method, proxy calculation requesting apparatus, and proxy calculation program and recording medium therefor
CN109921905B (en) Anti-quantum computation key negotiation method and system based on private key pool
CN109787758B (en) Anti-quantum computation MQV key agreement method and system based on private key pool and Elgamal
CN111565108B (en) Signature processing method, device and system
CN112084525B (en) Distributed key encryption method and device, electronic equipment and storage medium
Tang et al. A flexible and scalable malicious secure aggregation protocol for federated learning
CN109728905B (en) Anti-quantum computation MQV key negotiation method and system based on asymmetric key pool
Xi et al. DAA-related APIs in TPM 2.0 revisited
CN116301726B (en) Multiparty combined random seed negotiation method and device
US20220345312A1 (en) Zero-knowledge contingent payments protocol for granting access to encrypted assets
CN110176989B (en) Quantum communication service station identity authentication method and system based on asymmetric key pool
Meshram et al. An efficient certificateless group signcryption scheme using Quantum Chebyshev Chaotic Maps in HC-IoT environments
CN117749360B (en) Collaborative key management method, system, storage medium and electronic device
US20230085577A1 (en) Secured performance of an elliptic curve cryptographic process
CN116506162A (en) Information transmission method, device and related equipment
CN118364477A (en) Data processing method and device, electronic device, and storage medium
CN110176997B (en) Quantum communication service station AKA key negotiation method and system
Gaikwad et al. An efficient provably secure verifier-based three-factor authentication technique using PDL for data exchange in TMIS
CN119338460B (en) Secure and controllable transaction method and system for blockchain
CN115134093B (en) Digital signature method and computing device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address

Address after: 310000 Zhejiang Province, Hangzhou City, Xihu District, Xixi Road 543-569 (continuous odd numbers) Building 1, Building 2, 5th Floor, Room 518

Patentee after: Alipay (Hangzhou) Digital Service Technology Co.,Ltd.

Country or region after: China

Address before: 310000 801-11 section B, 8th floor, 556 Xixi Road, Xihu District, Hangzhou City, Zhejiang Province

Patentee before: Alipay (Hangzhou) Information Technology Co., Ltd.

Country or region before: China

CP03 Change of name, title or address