Search

CN-122027124-A - Message processing method and device based on post quantum cryptography algorithm

CN122027124ACN 122027124 ACN122027124 ACN 122027124ACN-122027124-A

Abstract

The application provides a message processing method and a device based on a post quantum cryptography algorithm, and relates to the technical fields of data processing, terminals and security. The method comprises the steps of sampling a first random number for N times according to a preset first matrix size, performing block calculation on a first candidate matrix for N times according to a first random submatrix obtained by the N times of sampling to obtain a dynamically loaded first ciphertext, obtaining an encryption public key matrix, a message to be processed and a second error matrix, obtaining a second ciphertext according to the encryption public key matrix, the message to be processed, the first secret matrix and the second error matrix, and obtaining a target ciphertext message corresponding to the message to be processed according to respective byte streams of the first ciphertext and the second ciphertext. In the environment with limited resources, the application realizes the message processing based on the post quantum cryptography algorithm, balances the high efficiency and the safety of key generation and message processing, improves the processing efficiency and the flexibility, and avoids wasting storage resources.

Inventors

  • SUN SHUO
  • ZHUANG YAN
  • SU RU
  • SU ZHUOHAN
  • Xiong Zhongzhi
  • CUI HANDONG
  • GUO KAIWEN
  • DONG XIAOYANG

Assignees

  • 中移互联网有限公司
  • 清华大学

Dates

Publication Date
20260512
Application Date
20251218

Claims (14)

  1. 1. The message processing method based on the post quantum cryptography algorithm is characterized by comprising the following steps of: Acquiring a first random number and a first candidate matrix, wherein the first candidate matrix comprises a first secret matrix and a first error matrix; Sampling the first random number for N times according to a preset first matrix size, performing block calculation on the first candidate matrix for N times according to a first random sub-matrix obtained by N times of sampling to obtain a dynamically loaded first ciphertext, wherein the first matrix size is determined by a preset first row number and an error matrix column number, and N is determined according to a quotient of the error matrix row number and the first row number; acquiring an encryption public key matrix, a message to be processed and a second error matrix, and acquiring a second ciphertext according to the encryption public key matrix, the message to be processed, the first secret matrix and the second error matrix; And acquiring a target ciphertext message corresponding to the message to be processed according to the byte streams of the first ciphertext and the second ciphertext.
  2. 2. The method of claim 1, wherein the performing N-time block computations on the first candidate matrix according to the first random submatrix obtained by N-time sampling to obtain a dynamically loaded first ciphertext includes: For the ith sampling, respectively performing block processing on the first secret matrix and the first error matrix according to the first matrix size, and determining a matrix block i of the first secret matrix and a matrix block i of the first error matrix; According to a matrix block i of the first secret matrix, the matrix block i of the first error matrix and a first random submatrix i obtained by sampling for the ith time, calculating the matrix block i of the first ciphertext, dynamically loading the matrix block i of the first ciphertext into a memory space of the matrix block i of the first error matrix until loading of N matrix blocks of the first ciphertext is completed, obtaining the first ciphertext, wherein the memory space occupied by the first random submatrix i is obtained after releasing the memory space occupied by the first random submatrix i-1; And when the i takes the values of 1 to N and the division of the number of the error matrix lines and the number of the first lines has a remainder, N is an upward rounding value of the quotient value of the number of the error matrix lines and the number of the first lines.
  3. 3. The method according to claim 1 or 2, wherein the obtaining a second ciphertext from the encrypted public key matrix, the message to be processed, the first secret matrix, and the second error matrix, further comprises: Converting the message to be processed into a message matrix according to a message coding function; Acquiring a second ciphertext according to the encryption public key matrix, the message matrix, the first secret matrix and the second error matrix; the memory space occupied by the second ciphertext is obtained after the memory space occupied by the second error matrix is released.
  4. 4. The method according to claim 1 or 2, wherein before the obtaining the first random number and the first candidate matrix, further comprises: And calling a dynamic memory allocation function according to a preset first byte number, and respectively allocating different memory spaces for the message matrix, the first candidate matrix, the second error matrix and the first random submatrix.
  5. 5. The method according to claim 1 or 2, wherein the process of obtaining the encrypted public key matrix comprises: Obtaining an encrypted public key byte stream, and performing deserialization conversion on the encrypted public key byte stream to obtain the encrypted public key matrix; the memory space occupied by the encryption public key matrix is obtained by acquiring the byte stream of the first ciphertext and releasing the memory space occupied by the first ciphertext.
  6. 6. The method of claim 5, wherein the process of obtaining the encrypted public key byte stream comprises: acquiring a first random number and a second candidate matrix, wherein the second candidate matrix comprises a second secret matrix and a third error matrix; Sampling the first random number for X times according to a preset second matrix size, performing block calculation on the second candidate matrix for X times according to a second random sub-matrix obtained by sampling for X times to obtain the dynamically loaded encryption public key matrix, wherein the second matrix size is determined by a preset second row number and an error matrix column number, and X is determined according to a quotient of the error matrix row number and the second row number; And carrying out serialization conversion on the encryption public key matrix to obtain the encryption public key byte stream.
  7. 7. The method of claim 6, wherein prior to the obtaining the first random number and the second candidate matrix, further comprising: and calling a dynamic memory allocation function according to a preset second byte number, and respectively allocating different memory spaces for the second candidate matrix and the second random submatrix.
  8. 8. The method according to claim 1 or 2, further comprising: According to a preset key generation algorithm, a candidate private key and a target public key for key encapsulation are obtained; Acquiring a second random number and a first hash value of the target public key; And determining a target private key for key encapsulation according to the candidate private key, the second random number and the first hash value.
  9. 9. The method as recited in claim 8, further comprising: obtaining a first ciphertext message, decrypting the first ciphertext message according to the candidate private key, and obtaining a decrypted message; performing hash calculation and segmentation after splicing the decrypted message and the first hash value to obtain a second hash value and a third hash value; Re-encrypting the decrypted message according to the second hash value to obtain a second ciphertext message; Comparing the byte streams of the first ciphertext message and the second ciphertext message, and acquiring a negotiation key according to the third hash value and the first ciphertext message when the byte streams are the same, or acquiring the negotiation key according to the second random number and the first ciphertext message when the byte streams are different; The third memory space occupied by the second ciphertext message is obtained by releasing the memory space occupied by the first ciphertext message after obtaining the decrypted message.
  10. 10. A message processing apparatus based on a post quantum cryptography algorithm, comprising: The first processing module is used for acquiring a first random number and a first candidate matrix, wherein the first candidate matrix comprises a first secret matrix and a first error matrix, sampling the first random number for N times according to a preset first matrix size, performing block calculation on the first candidate matrix for N times according to a first random submatrix obtained by the N times of sampling to obtain a dynamically loaded first ciphertext, the first matrix size is determined by a preset first row number and an error matrix column number, and N is determined according to a quotient value of the error matrix row number and the first row number; The second processing module is used for acquiring an encryption public key matrix, a message to be processed and a second error matrix, and acquiring a second ciphertext according to the encryption public key matrix, the message to be processed, the first secret matrix and the second error matrix; and the acquisition module is used for acquiring the target ciphertext message corresponding to the message to be processed according to the byte streams of the first ciphertext and the second ciphertext.
  11. 11. An electronic device, comprising: A processor; A memory for storing executable instructions of the processor; Wherein the processor is configured to execute the instructions to implement the method of any of claims 1-9.
  12. 12. A computer readable storage medium, characterized in that instructions in the computer readable storage medium, when executed by a processor of an electronic device, enable the electronic device to perform the method of any one of claims 1-9.
  13. 13. A computer program product comprising a computer program which, when executed by a processor, implements the method according to any of claims 1-9.
  14. 14. A terminal device comprising a post quantum cryptography algorithm based message processing apparatus according to claim 10.

Description

Message processing method and device based on post quantum cryptography algorithm Technical Field The application relates to the technical fields of data processing, terminals and security, in particular to a message processing method and a message processing device based on a post quantum cryptography algorithm. Background In the related art, with the rapid development of quantum computers in theory and hardware, a public key cryptosystem based on mathematical problems such as large integer decomposition, discrete logarithm and the like faces security challenges. Post quantum cryptography refers to cryptographic algorithms that can still maintain security in designing and analyzing quantum computing. The types of post quantum cryptography include cryptographic schemes based on lattice, encoding, multivariate, hash function, elliptic curve homologous transformation, and the like. Among post quantum cryptography algorithms, the unstructured cryptographic schemes (such as SCLOUD +, frodoKEM) are of great interest due to their strong security and resistance to quantum attacks. However, such schemes typically require handling large-scale matrix operations, with high demands on computational resources and memory space. Therefore, how to implement message processing based on the post quantum cryptography algorithm in a resource-limited environment (such as an embedded device or an internet of things device), balance the high efficiency and the safety of generating a key and processing the message, improve the processing efficiency and the flexibility, avoid wasting storage resources, and enable the lattice cryptography algorithm to still have practicability under limited computing resources, so that the method has become one of important research directions. Disclosure of Invention The present application aims to solve at least one of the technical problems in the related art to some extent. The technical scheme of the present disclosure is as follows: An embodiment of a first aspect of the present application provides a message processing method based on a post quantum cryptography algorithm, including: acquiring a first random number and a first candidate matrix, wherein the first candidate matrix comprises a first secret matrix and a first error matrix; Sampling the first random number for N times according to a preset first matrix size, performing block calculation on the first candidate matrix for N times according to a first random sub-matrix obtained by the N times of sampling to obtain a dynamically loaded first ciphertext, wherein the first matrix size is determined by a preset first row number and an error matrix column number, and N is determined according to a quotient value of the error matrix row number and the first row number; acquiring an encryption public key matrix, a message to be processed and a second error matrix, and acquiring a second ciphertext according to the encryption public key matrix, the message to be processed, the first secret matrix and the second error matrix; and acquiring a target ciphertext message corresponding to the message to be processed according to the byte stream of each of the first ciphertext and the second ciphertext. In some embodiments, before obtaining the first random number and the first candidate matrix, further comprising: And calling a dynamic memory allocation function according to the preset first byte number, and respectively allocating different memory spaces for the message matrix, the first candidate matrix, the second error matrix and the first random submatrix. In some embodiments, according to a first random submatrix obtained by N times of sampling, performing N times of block computation on a first candidate matrix to obtain a dynamically loaded first ciphertext, including: For the ith sampling, respectively carrying out blocking processing on a first secret matrix and a first error matrix according to the size of the first matrix, and determining a matrix blocking i of the first secret matrix and a matrix blocking i of the first error matrix; According to a first random sub-matrix i obtained by the ith sampling, a matrix partition i of a first secret matrix and a matrix partition i of a first error matrix, calculating a matrix partition i of a first ciphertext, dynamically loading the matrix partition i of the first ciphertext into a memory space of the matrix partition i of the first error matrix until N matrix partitions of the first ciphertext are loaded to obtain the first ciphertext, wherein the memory space occupied by the first random sub-matrix i is obtained after the memory space occupied by the first random sub-matrix i-1 is released; When the i takes the values of 1 to N and the division of the number of the error matrix lines and the number of the first lines has a remainder, N is the upward rounding value of the quotient value of the number of the error matrix lines and the number of the first lines. In some embodiments, obtaining