Certificate-based security using post-quantum cryptography
By combining traditional cryptography and post-quantum cryptography in certificate binding methods, the risk of traditional cryptographic algorithms being cracked by large-scale quantum computing systems is resolved, enabling secure communication in a quantum computing environment and providing backward compatibility and security.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- INTERNATIONAL BUSINESS MACHINE CORPORATION
- Filing Date
- 2021-10-28
- Publication Date
- 2026-06-30
AI Technical Summary
The emergence of large-scale quantum computing systems has increased the risk of traditional cryptographic algorithms such as RSA and ECC being cracked, threatening the security of existing communication and data storage systems. A compatible security protocol is needed to protect communication and data.
A certificate binding method combining traditional cryptography (TC) and post-quantum cryptography (PQC) is adopted. By binding TC and PQC certificates through a hybrid handshake protocol, the security of the communication link is ensured, and the combined verification data of TC and PQC certificates is used to resist quantum computing attacks.
It can effectively protect communication links in both traditional and post-quantum computing environments, provide backward compatibility, prevent malicious actors from forging private keys, and ensure communication security.
Smart Images

Figure CN116491098B_ABST
Abstract
Description
Background Technology
[0001] This disclosure generally relates to establishing secure network communications. In particular, this disclosure relates to communication handshakes utilizing a combination of multiple certificates and encryption algorithms.
[0002] The emergence of large-scale quantum computing systems increases the possibility that Shor's algorithm and the use of such quantum devices could compromise traditional cryptographic algorithms such as RSA (Rivest-Shamir-Adleman), ECC (Elliptic Curve Cryptography), or similar techniques. Furthermore, although no such means to compromise traditional encryption algorithms currently exist, the security of current encrypted communication and data storage systems will be at risk once such systems become available. A security protocol is needed to protect current and future communications and data should traditional encryption methods become insufficient. Traditional communication and data storage protocols must be enhanced to provide this additional protection without disrupting current protocols. Summary of the Invention
[0003] The following overview is presented to provide a basic understanding of one or more embodiments of this disclosure. This overview is not intended to identify key or essential elements or to depict any scope of a particular embodiment or any scope of the claims. Its sole purpose is to present concepts in a simplified form as a prelude to the more detailed description that follows. In one or more embodiments described herein, devices, systems, computer-implemented methods, apparatuses, and / or computer program products enable the establishment of secure network communication channels using certificates.
[0004] Various aspects of the present invention disclose methods, systems, and computer-readable media associated with establishing secure communication by sending server certificate messages, the certificate messages including a first certificate associated with a first encryption algorithm and a second certificate associated with a second encryption algorithm, the first certificate and the second certificate being bound to each other; signing a first message associated with client-server communication using a first private key associated with the first certificate; signing a second message associated with the client-server communication using a second private key associated with the second certificate, the second message including the signed first message; and sending a server certificate verification message, the server certificate verification message including the signed first message and the signed second message. Attached Figure Description
[0005] The above and other objects, features and advantages of this disclosure will become more apparent from the more detailed description of some embodiments thereof in the accompanying drawings, wherein like reference numerals generally refer to like components in the embodiments of this disclosure.
[0006] Figure 1A schematic diagram of a computing environment according to an embodiment of the present invention is provided.
[0007] Figure 2 A flowchart depicting a sequence of operations is provided according to an embodiment of the present invention.
[0008] Figure 3 A schematic diagram depicting a client-server handshake sequence according to an embodiment of the present invention is provided.
[0009] Figure 4 A cloud computing environment according to an embodiment of the present invention is described.
[0010] Figure 5 An abstract model layer according to an embodiment of the present invention is described. Detailed Implementation
[0011] Some embodiments will be described in more detail with reference to the accompanying drawings, in which embodiments of the present disclosure are illustrated. However, the present disclosure can be implemented in various ways and should not be construed as limited to the embodiments disclosed herein.
[0012] In one embodiment, one or more components of the system may employ hardware and / or software to address inherently highly technical problems (e.g., sending and receiving communication protocol messages, verifying entity identity, confirming digital certificates, verifying digital signatures, etc.). These solutions are not abstract and, due to the processing power required, for example, to facilitate the establishment of secure client-server communication links, cannot be performed by a human as a set of mental actions. Furthermore, some of the processes performed may be executed by a dedicated computer for carrying out defined tasks related to securing communications. For example, a dedicated computer may be used to perform tasks related to secure handshake protocols for communications.
[0013] Various aspects of the present invention disclose methods, systems, and computer-readable media associated with establishing secure communication through the following steps: receiving a client greeting message from a client device; sending a server greeting message; sending a server certificate message, the certificate message including a first certificate associated with a first encryption algorithm and a second certificate associated with a second encryption algorithm, the first and second certificates being bound to each other; signing a first message associated with client-server communication using a first private key associated with the first certificate; signing a second message associated with client-server communication using a second private key associated with a second certificate, the second message including the signed first message; and sending a server certificate verification message, the server certificate verification message including the signed first message and the signed second message. The system includes: receiving a client certificate message in response to a server greeting message by one or more server computer processors, the client certificate message including a third certificate associated with a first encryption algorithm and a fourth certificate associated with a second encryption algorithm, the third and fourth certificates being bound to each other; receiving a client certificate verification message in response to a server greeting message by one or more server computer processors, the client certificate verification message including a third message associated with client-server communication signed with a third private key and a fourth message associated with client-server communication signed with a fourth private key, the third private key being associated with a third certificate and the fourth private key being associated with a fourth certificate, the fourth message including the third message; receiving a client completion message from a client device; and sending a server completion message in response to receiving the client completion message.
[0014] The disclosed embodiments provide the following advantages: ensuring that two certificates are linked in a secure communication link established by two certificates, one based on a traditional cryptographic method and the other based on a lattice or post-quantum cryptography (PQC) method, unless both the PQC and TC methods are compromised by malicious actors.
[0015] Traditional cryptographic methods (TCs) based on RSA or ECC are vulnerable to being broken by large-scale quantum computers. RSA and ECC are based on the use of large prime numbers multiplied together to produce the result. Large-scale quantum computers using Shor's algorithm should be able to easily disable factor-based cryptographic algorithms such as RSA or ECC.
[0016] Internet communication between computing entities includes an initial "handshake." This initial, unencrypted communication occurs during the handshake process, in which entities introduce themselves to each other. Through the handshake, entities exchange unencrypted information necessary to establish the attributes required for subsequent communication between them. These attributes include the exchange of information such as: information needed to establish encryption protocols that will be used to encrypt and decrypt data, and information (including public keys) needed for entities to verify each other's identities.
[0017] Typical communication handshakes (such as Transport Level Security (TLS) handshakes) rely on public key certificates such as x.509 certificates, which are verified by secure digital signatures based on RSA, ECC, or similar traditional factor-based cryptographic public key infrastructures. A malicious actor could access the handshake communication, compromise one party's TC, and then impersonate that party using a forged private key.
[0018] Lattice-based encryption algorithms use public-private key pairs generated using lattice or array-based mathematics. Such algorithms are considered difficult to break using quantum computers. These algorithms are considered post-quantum cryptography (PQC) algorithms.
[0019] Because traditional TLS protocols rely on the use of TC (Certificate of Trace), simply replacing TC with PQC could introduce backward compatibility issues into global internet communications. A backward-compatible communication link protocol is needed that is not easily compromised using quantum computers. The disclosed method prevents this by using two certificates cryptographically bound to each other: a TC (Certificate of Trace) and a PQC (Certificate of Lattice). Each of these certificates is issued by a Certificate Authority (CA) trusted by the entity. Malicious actors cannot break lattice-based encryption using quantum computers. A hybrid handshake protocol based on a combination of a TC certificate cryptographically bound to a PQC certificate enables communication links to be established between networked entities in a post-quantum world.
[0020] In TLS terminology, each of the server's certificate and certificate verification message contains two sets of certificate chains and two sets of verification data. The message is constructed as two separate messages, each simplifying processing and enabling the use of current TLS message processing logic. The disclosed embodiments achieve secure communication by requiring PQC verification data to be verified before TC verification data can be verified. PQC must be compromised before TC can be compromised. A malicious actor must compromise both PQC and TC to successfully compromise the communication link.
[0021] A TLS handshake begins with the client device sending a client greeting message to the server. The handshake continues with the server responding to the client greeting message with a server greeting message. The exchange of greeting messages includes negotiation of the encryption protocol to be used and exchange of random numbers generated by the client and server to be used in subsequent exchanges of encrypted data. As an example, the client greeting message includes the TLS version used by the client, the compression method to be used, the cipher suite options supported by the client for communication, and a random string to be used for encrypted data exchange. The client greeting message may include one or more extensions, such as cryptographic extensions for encrypting the TLS handshake data following the greeting message. The server greeting message may include the cipher suite selected by the server from the provided options, and different random numbers for encrypted communication.
[0022] The server then sends a TLS certificate message to the client. The TLS certificate message includes two certificate chains embedded within the message, one based on TC and the other on PQC. Each certificate chain may each include a series of certificates, beginning with the server's final entity certificate, including one or more intermediate certificates, and ending with a root certificate. The root certificate is issued and signed by a certificate authority trusted by the entity. In one embodiment, each certificate chain includes a single certificate.
[0023] Upon receiving a server certificate message, the client device decodes both certificate chains and independently verifies each chain. The client ensures that each certificate in each chain is not expired or revoked, that the certificate's domain name matches the server's domain, that the digital signature of each certificate in each chain is valid, and that the root certificate of each chain was issued by a CA trusted by the client.
[0024] In one embodiment, the client uses the CA's public key to verify the signature of the server's end entity certificate. In another embodiment, the client uses the public key from the intermediate certificate to verify the signature of the final entity certificate, and uses the public key of the CA's root certificate to verify the root certificate signature and the intermediate certificate signature.
[0025] For the TC certificate chain, the public key and digital signature are based on the TC public-private key pair. For the PQC certificate chain, the signature and public key are based on the public-private key pair derived using the PQC algorithm.
[0026] PQC algorithms include lattice-based encryption methods, including CRYSTALS-DILITHIUM, FALCON, RAINBOW, CLASSIC McELIECE, CRYSTALS-KYBER, NTRU, SABER, and other lattice-based algorithms. (Note: The terms “CRYSTALS-DILITHUM,” “FALCON,” “RAINBOW,” “CLASSIC McELIECE,” “CRYSTALS-KYBER,” “NTRU,” and “SABER” may be protected as trademarks in various jurisdictions around the world and are used here only to refer to products or services correctly named by these trademarks, provided that such trademark rights may exist.)
[0027] In one embodiment, the server composes a certificate verification message for the client. The certificate verification message provides proof that the server possesses the PQC private key and TC private key associated with the PQC certificate and TC certificate, respectively. The certificate verification message comprises two messages. The first message includes a current copy of the messages exchanged between the client and server so far, signed using the server's private PQC key. The second message includes a current copy of the exchanged messages appended to the first message, signed using the server's TC private key, thereby generating a conventional server certificate verification message. The server combines the first and second certificate verification messages and sends this combination as a single certificate verification message to the client.
[0028] The client receives the combined certificate verification message and separates the two messages. The client possesses a current message delivery copy of the server's PQC certificate verification process and the server's public PQC key. The client uses the current message delivery copy and the server's PQC public key to verify the PQC digital signature of the PQC certificate verification portion of the server certificate verification message. The client uses a copy of the message containing the signed first message content provided in the PQC portion of the combined server certificate verification message to verify the TC signature of the TC portion of the combined server certificate message. The client uses the attached message delivery copy and the server's public TC key obtained during the TC certificate verification process.
[0029] In one embodiment, the method also binds a TC certificate and a PQC certificate. The method creates a PQC certificate and a TC certificate with the same subject name, issuer name, and subject alternative names. The method sets the constraints of the TC to be the same as those of the PQC, except for the serial numbers, public keys, and signatures of both certificates. In this embodiment, the method sets the TC's serial number or extension to be equal to the hash (SHA1, SHA256, or other hash function) of the PQC certificate data. The binding value set to the output of the hash function cannot be cracked using a large-scale quantum computer or a traditional non-quantum computer. In this embodiment, the client verifies that the TC serial number or extension contains the hash of the PQC certificate data when used, and verifies that all other TC and PQC certificate data attributes match.
[0030] In one embodiment, mutual entity verification is expected, as indicated by the certificate request message sent from the server to the client. In response to the certificate request message, the client sends a certificate message including each of its client TC certificate and PQC certificate. The client then generates and sends the combined certificate verification message. This involves creating a first certificate verification message by signing a copy of the current message with the client's PQC private key, then appending the first certificate verification message to the copy of the current message, and signing the appended copy with the client's TC private key.
[0031] In one embodiment, the exchange of client and server greeting messages does not result in the use of a PQC certificate because the client does not provide support for the use of PQC certificates. In this embodiment, the method only passes the TC certificate and the TC certificate verification portion of the message. In this embodiment, the method provides backward compatibility during any time frame in which not all network entities have transitioned to using a PQC-based protocol.
[0032] Figure 1 A schematic diagram of exemplary network resources associated with the disclosed invention is provided. The invention can be implemented in a processor processing any of the disclosed elements that handle the instruction stream. As shown, a networked client device 110 is wirelessly connected to server subsystem 102. Client device 104 is wirelessly connected to server subsystem 102 via network 114. Client devices 104 and 110 include a communication security program (not shown) and sufficient computing resources (processor, memory, network communication hardware) to execute the program. The communication handshake between client devices 104, 110 and server subsystem 102 may include using the disclosed embodiments to implement secure communication between verified entities and the exchange of encrypted data. Figure 1 As shown, the server subsystem 102 includes a server computer 150. Figure 1A block diagram of the components of a server computer 150 within a networked computer system 1000 according to an embodiment of the present invention is shown. It should be understood that... Figure 1 This is merely an illustration of one implementation and does not imply any limitation on the environment in which different embodiments may be implemented. Many modifications can be made to the described environment.
[0033] Server computer 150 may include processor 154, memory 158, persistent storage device 170, communication unit 152, input / output (I / O) interface 156, and communication structure 140. Communication structure 140 provides communication between cache 162, memory 158, persistent storage device 170, communication unit 152, and input / output (I / O) interface 156. Communication structure 140 can be implemented using any architecture designed to transfer data and / or control information between processors (e.g., microprocessors, communication and network processors, etc.), system memory, peripheral devices, and any other hardware components within the system. For example, communication structure 140 can be implemented using one or more buses.
[0034] Memory 158 and persistent storage device 170 are computer-readable storage media. In this embodiment, memory 158 includes random access memory (RAM) 160. Typically, memory 158 may include any suitable volatile or non-volatile computer-readable storage medium. Cache 162 is a fast memory that enhances the performance of processor 154 by storing recently accessed data from memory 158 and data near the recently accessed data.
[0035] Program instructions and data (e.g., communication security program 175) for implementing embodiments of the present invention are stored in persistent storage device 170 for execution and / or access by one or more corresponding processors 154 of server computer 150 via cache 162. In this embodiment, persistent storage device 170 includes a magnetic hard disk drive (MDD). As an alternative to or supplement to an MDD, persistent storage device 170 may include a solid-state drive (SSD), semiconductor storage device, read-only memory (ROM), erasable programmable read-only memory (EPROM), flash memory, or any other computer-readable storage medium capable of storing program instructions or digital information.
[0036] The media used in persistent storage device 170 can also be removable. For example, a removable hard disk drive can be used in persistent storage device 170. Other examples include optical discs and disks, thumb drives and smart cards, which are inserted into the drive to be transferred to another computer-readable storage medium that is also part of persistent storage device 170.
[0037] In these examples, communication unit 152 provides communication with other data processing systems or devices, including client computing devices 104 and 110. In these examples, communication unit 152 includes one or more network interface cards. Communication unit 152 can provide communication by using one or both of physical and wireless communication links. Software distribution programs, as well as other programs and data for implementing the invention, can be downloaded to persistent storage device 170 of server computer 150 via communication unit 152.
[0038] I / O interface 156 allows data input and output to other devices that can be connected to server computer 150. For example, I / O interface 156 can provide connectivity to external device 190 (e.g., keyboard, keypad, touchscreen, microphone, digital camera, and / or other suitable input devices). External device 190 may also include portable computer-readable storage media, such as thumb drives, portable optical discs or disks, and memory cards. Software and data used to practice embodiments of the invention (e.g., communication security program 175 on server computer 150) can be stored on such portable computer-readable storage media and can be loaded onto persistent storage device 170 via I / O interface 156. I / O interface 156 is also connected to display 180.
[0039] The display 180 provides a mechanism for displaying data to a user and can be, for example, a computer monitor. The display 180 can also be used as a touchscreen, such as the display of a tablet computer.
[0040] Figure 2 Flowchart 200 is provided, illustrating exemplary activities associated with practices of this disclosure. After the program begins, at block 210, the server's communication security program 175 receives a client greeting message including client information about supported TLS protocols, cipher suite options, and a client-generated random number.
[0041] At box 220, the server sends a server greeting message that indicates the server's choice of a cipher suite from the provided options and includes a server-generated random number.
[0042] In box 230, the server sends a server certificate message. The server certificate message includes two certificates or certificate chains. The certificates or certificate chains include a first certificate or certificate chain signed with a first digital signature associated with a first server private key from the PQC algorithm, and a second certificate or certificate chain signed with a second digital signature associated with a second server private key from the TC encryption algorithm.
[0043] In block 240, the server's communication security procedure 175 signs the first message using the first server PQC private key, which includes a copy of the client-server message transmission.
[0044] In block 250, the server's communication security procedure 175 signs the second message using the second server TC private key. The second message includes a copy of the current client-server message transmission appended to include the first message.
[0045] In box 260, the server's communication security program 175 combines the first message and the second message into a single server certificate verification message and sends the combined message to the client.
[0046] In box 270, the communication security procedure 175 receives a client completion message from the client. The client completion message includes a cryptographic hash of all previous client-server message transmissions encrypted using an agreed-upon encryption algorithm.
[0047] In box 280, the communication security procedure 175 sends a server completion message, which includes a cryptographic hash of all previous client-server message transmission transactions from the handshake protocol.
[0048] It should be understood that the TLS handshake protocol may include additional messages between the client and server related to the exchange of information necessary for generating encryption keys for data encryption / decryption and other purposes.
[0049] Figure 3 Schematic diagram 300 illustrates a message transmission service between a client 310 and a server 320 according to an embodiment of the present invention. As shown, the client 310 sends a client greeting message 315 to the server 320. The server 320 responds by sending a server greeting message 325, a server certificate message 330, and a server certificate verification message 340. Each of the server certificate message 330 and the server certificate verification message 340 includes two separate messages. The server certificate message 330 includes a server PQC certificate message 332 and a server TC certificate message 334. The server certificate verification message 340 includes a first message 342 signed with the server PQC private key and including a message transmission copy, while the second message 344 includes a message transmission copy appended to the first message and signed with the server TC private key.
[0050] Figure 3This includes messages associated with mutual authentication, including client certificate message 360 and client certificate verification message 370. Similarly, for the server, client certificate message 360 includes two messages: client PQC certificate message 362 and client TC certificate message 364. Client certificate verification message 370 also includes two messages: message 372 includes a transmitted copy of the message and is signed using the client's PQC private key, and message 374 includes a transmitted copy of the message appended with a message signed using the client's PQC private key, which is then signed using the client's TC private key. Item 380 generally illustrates the additional client-server messaging traffic associated with the communication handshake between the client and server (including client completion messages and server completion messages).
[0051] It should be understood that although this disclosure includes a detailed description of cloud computing, the implementation of the teachings described herein is not limited to a cloud computing environment. Rather, embodiments of the invention can be implemented in conjunction with any other type of computing environment now known or developed hereafter.
[0052] Cloud computing is a service delivery model that enables convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, network bandwidth, servers, processing, storage, applications, virtual machines, and services) that can be rapidly provisioned and released with minimal management effort or interaction with service providers. This cloud model may include at least five features, at least three service models, and at least four deployment models.
[0053] The features are as follows:
[0054] On-demand self-service: Cloud consumers can unilaterally and automatically provide computing power, such as server time and network storage, as needed, without requiring manual interaction with the service provider.
[0055] Extensive network access: Capabilities are available on the network and accessed through standard mechanisms that facilitate use by heterogeneous thin or thick client platforms (e.g., mobile phones, laptops, and PDAs).
[0056] Resource pooling: A provider's computing resources are pooled to serve multiple consumers using a multi-tenant model, where different physical and virtual resources are dynamically allocated and reallocated based on demand. Location independence has significance because consumers typically do not control or know the exact location of the resources provided, but can specify the location at a higher level of abstraction (e.g., country, state, or data center).
[0057] Rapid Flexibility: In some cases, the ability to scale outwards and inwards quickly and flexibly can be provided. For consumers, the available capacity often appears unlimited and can be purchased in any quantity at any time.
[0058] Measurement services: Cloud systems automatically control and optimize resource usage by leveraging metering capabilities at a level of abstraction appropriate to the service type (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency to both the providers and consumers of the services being utilized.
[0059] The service model is as follows:
[0060] Software as a Service (SaaS): The capability offered to consumers is the ability to use the provider's applications running on cloud infrastructure. Applications can be accessed from various client devices through thin client interfaces such as web browsers (e.g., web-based email). Consumers do not manage or control the underlying cloud infrastructure, including the network, servers, operating system, storage, or even individual application capabilities, with possible exceptions such as limited user-specific application configuration settings.
[0061] Platform as a Service (PaaS): This provides consumers with the ability to deploy consumer-created or acquired applications onto cloud infrastructure using programming languages and tools supported by the provider. Consumers do not manage or control the underlying cloud infrastructure, including networks, servers, operating systems, or storage, but they have control over the deployed applications and the configuration of any application hosting environments.
[0062] Infrastructure as a Service (IaaS): This provides consumers with the capability to deliver processing, storage, networking, and other basic computing resources that enable them to deploy and run arbitrary software, which may include operating systems and applications. Consumers do not manage or control the underlying cloud infrastructure, but they do have control over the operating system, storage, deployed applications, and possibly limited control over selected networking components (e.g., host firewalls).
[0063] The deployment model is as follows:
[0064] Private cloud: Cloud infrastructure operated solely by an organization. It can be managed by the organization or a third party and can exist on-site or off-site.
[0065] Community cloud: Cloud infrastructure shared by several organizations and supporting a specific community with shared concerns (e.g., tasks, security requirements, policies, and compliance considerations). It can be managed by an organization or a third party and can exist on-site or off-site.
[0066] Public cloud: Cloud infrastructure available to the general public or large industrial groups and owned by organizations that sell cloud services.
[0067] Hybrid cloud: A cloud infrastructure is a combination of two or more clouds (private, community, or public) that remain a single entity but are bound together by standardized or proprietary technologies that enable data and applications to be ported together (e.g., cloud bursting for load balancing between clouds).
[0068] Cloud computing environments are service-oriented, focusing on statelessness, loose coupling, modularity, and semantic interoperability. At the heart of cloud computing is the infrastructure of a network of interconnected nodes.
[0069] Now for reference Figure 4 The diagram illustrates an illustrative cloud computing environment 50. As shown, the cloud computing environment 50 includes one or more cloud computing nodes 10 to which local computing devices used by cloud consumers can communicate. These local computing devices are, for example, personal digital assistants (PDAs) or cellular phones 54A, desktop computers 54B, laptop computers 54C, and / or automotive computer systems 54N. The nodes 10 can communicate with each other. They can be physically or virtually grouped (not shown) in one or more networks, such as private clouds, community clouds, public clouds, or hybrid clouds, or combinations thereof, as described above. This allows the cloud computing environment 50 to provide Infrastructure as a Service, Platform as a Service, and Software as a Service without requiring cloud consumers to maintain resources on their local computing devices. It should be understood that... Figure 4 The types of computing devices 54A-N shown are for illustrative purposes only, and computing node 10 and cloud computing environment 50 can communicate with any type of computerized device via any type of network and network-addressable connection (e.g., using a web browser).
[0070] Now for reference Figure 5 This demonstrates a cloud computing environment of 50 ( Figure 4 This provides a set of functional abstractions. It should be understood beforehand that... Figure 5 The components, layers, and functions shown are for illustrative purposes only, and embodiments of the invention are not limited thereto. As depicted, the following layers and corresponding functions are provided:
[0071] The hardware and software layer 60 includes hardware and software components. Examples of hardware components include: a host 61; a server 62 based on a RISC (Reduced Instruction Set Computer) architecture; a server 63; a blade server 64; a storage device 65; and network and networking components 66. In some embodiments, software components include network application server software 67 and database software 68.
[0072] The virtualization layer 70 provides an abstraction layer from which the following examples of virtual entities can be provided: virtual server 71; virtual storage device 72; virtual network 73, including virtual private network; virtual application and operating system 74; and virtual client 75.
[0073] In one example, management layer 80 may provide the following functionalities: Resource Provisioning 81 provides dynamic procurement of computing resources and other resources used to perform tasks within the cloud computing environment. Metering and Pricing 82 provides cost tracking as resources are utilized within the cloud computing environment and bills or invoices for the consumption of these resources. In one example, these resources may include application software licenses. Security provides authentication for cloud consumers and tasks, as well as protection for data and other resources. User Portal 83 provides access to the cloud computing environment for consumers and system administrators. Service Level Management 84 provides cloud resource allocation and management to ensure that required service levels are met. Service Level Agreement (SLA) Planning and Fulfillment 85 provides pre-scheduling and procurement of cloud resources, anticipating future requirements for those resources according to the SLA.
[0074] Workload layer 90 provides examples of functionalities that can be leveraged in a cloud computing environment. Examples of workloads and functionalities that can be provided from this layer include: mapping and navigation 91; software development and lifecycle management 92; virtual classroom education delivery 93; data analytics and processing 94; transaction processing 95; and communication security procedures 175.
[0075] This invention can be a system, method, and / or computer program product at any possible level of technical detail integration. This invention can be advantageously implemented in any system that processes instruction streams individually or in parallel. The computer program product may include a computer-readable storage medium (or media) having computer-readable program instructions thereon for causing a processor to execute aspects of the invention.
[0076] A computer-readable storage medium can be a tangible device capable of retaining and storing instructions for use by an instruction execution device. A computer-readable storage medium can be, for example, but not limited to, electronic storage devices, magnetic storage devices, optical storage devices, electromagnetic storage devices, semiconductor storage devices, or any suitable combination of the foregoing. A non-exhaustive list of more specific examples of computer-readable storage media includes: portable computer disks, hard disks, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), static random access memory (SRAM), portable optical disc read-only memory (CD-ROM), digital multifunction disc (DVD), memory sticks, floppy disks, mechanical encoding devices such as punch cards or recessed structures with instructions recorded thereon, and any suitable combination of the foregoing. As used herein, a computer-readable storage medium or computer-readable storage device should not be construed as a transient signal itself, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through waveguides or other transmission media (e.g., light pulses through fiber optic cables), or electrical signals transmitted through wires.
[0077] The computer-readable program instructions described herein can be downloaded from a computer-readable storage medium to a suitable computing / processing device, or downloaded via a network (e.g., the Internet, a local area network, a wide area network, and / or a wireless network) to an external computer or external storage device. The network may include copper cables, optical fibers, wireless transmission, routers, firewalls, switches, gateway computers, and / or edge servers. A network adapter card or network interface in each computing / processing device receives the computer-readable program instructions from the network and forwards them to a computer-readable storage medium within the suitable computing / processing device.
[0078] Computer-readable program instructions for performing the operations of this invention may be assembly instructions, instruction set architecture (ISA) instructions, machine-dependent instructions, microcode, firmware instructions, status setting data, integrated circuit configuration data, or source code or object code written in any combination of one or more programming languages (including object-oriented programming languages such as Smalltalk, C++, etc.) and procedural programming languages (such as the "C" programming language or similar programming languages). The computer-readable program instructions may be executed entirely on the user's computer, partially on the user's computer, as a standalone software package, partially on the user's computer and partially on a remote computer, or entirely on a remote computer or server. In the latter case, the remote computer may be connected to the user's computer via any type of network (including local area network (LAN) or wide area network (WAN)) or may be connected to an external computer (e.g., via the Internet using an Internet service provider). In some embodiments, to perform aspects of this invention, electronic circuits, including, for example, programmable logic circuits, field-programmable gate arrays (FPGAs), or programmable logic arrays (PLAs), may execute computer-readable program instructions to personalize the electronic circuits by utilizing the status information of the computer-readable program instructions.
[0079] Various aspects of the present invention are described herein with reference to flowchart illustrations and / or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and / or block diagrams, and combinations of blocks in the flowchart illustrations and / or block diagrams, can be implemented by computer-readable program instructions.
[0080] These computer-readable program instructions may be provided to a processor of a general-purpose computer, a special-purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions / actions specified in one or more blocks of a flowchart and / or block diagram. These computer-readable program instructions may also be stored in a computer-readable storage medium that can direct a computer, a programmable data processing apparatus, and / or other devices to operate in a particular manner, such that the computer-readable storage medium, in which the instructions are commonly stored, includes an article of writing comprising instructions for implementing aspects of the functions / actions specified in one or more blocks of a flowchart and / or block diagram.
[0081] Computer-readable program instructions may also be loaded onto a computer, other programmable data processing apparatus or other device to cause a series of operational arrangements to be performed on the computer, other programmable apparatus or other device to produce a computer-implemented process, such that the instructions, which execute on the computer, other programmable apparatus or other device, perform the functions / actions specified in one or more boxes of a flowchart and / or block diagram.
[0082] The flowcharts and block diagrams in the accompanying drawings illustrate the architecture, functionality, and operation of possible implementations of systems, methods, and computer program products according to various embodiments of the present invention. In this regard, each block in a flowchart or block diagram may represent a module, segment, or portion of instructions comprising one or more executable instructions for implementing a specified logical function. In some alternative embodiments, the functions indicated in the blocks may occur in a non-consecutive order as shown in the figures. For example, two blocks shown consecutively may actually be executed substantially simultaneously, or these blocks may sometimes be executed in reverse order, depending on the functions involved. It will also be noted that each block in the block diagrams and / or flowcharts, and combinations of blocks in the block diagrams and / or flowcharts, may be implemented by a dedicated hardware-based system that performs the specified function or action or executes a combination of dedicated hardware and computer instructions.
[0083] References to "an embodiment," "an example embodiment," etc., in the specification indicate that the described embodiment may include a particular feature, structure, or characteristic, but each embodiment may not necessarily include that particular feature, structure, or characteristic. Furthermore, these phrases do not necessarily refer to the same embodiment. Additionally, when a particular feature, structure, or characteristic is described in connection with an embodiment, it is assumed that implementing that feature, structure, or characteristic in conjunction with other embodiments is within the knowledge of those skilled in the art, regardless of whether it is explicitly described.
[0084] The terminology used herein is for the purpose of describing particular embodiments only and is not intended to limit the invention. As used herein, the singular forms “a,” “an,” and “the” are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will also be understood that the terms “comprising” and / or “including” as used in this specification designate the presence of stated features, integers, steps, operations, elements, and / or components, but do not exclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and / or groups thereof.
[0085] Various embodiments of the invention have been described for illustrative purposes, but are not intended to be exhaustive or limited to the disclosed embodiments. Many modifications and variations will be apparent to those skilled in the art without departing from the scope and spirit of the invention. The terminology used herein is chosen to best explain the principles of the embodiments, their practical application, or technical improvements to existing technologies on the market, or to enable others skilled in the art to understand the embodiments disclosed herein.
Claims
1. A computer-implemented method for establishing secure network communication, the method comprising: One or more server computer processors send a server certificate message in response to a client greeting message. The certificate message includes a first certificate associated with a first encryption algorithm and a second certificate associated with a second encryption algorithm. The first certificate and the second certificate are bound to each other. One of the first certificate and the second certificate is a factor-based certificate (TC) and the other is a lattice-based certificate (PQC). The one or more server computer processors sign a first message associated with client-server communication using a first private key, the first private key being associated with the first certificate; The one or more server computer processors sign a second message associated with the client-server communication using a second private key, the second private key being associated with the second certificate, the second message including the first message; and The server computer processor sends a server certificate verification message in response to receiving the client greeting message, the server certificate verification message including the first message and the second message.
2. The computer-implemented method according to claim 1, wherein, The first encryption algorithm includes a lattice-based encryption algorithm.
3. The computer-implemented method according to claim 1, wherein, The first message includes a copy of the client-server message transmission.
4. The computer-implemented method according to claim 1, wherein, The first certificate and the second certificate have the same subject name.
5. The computer-implemented method according to claim 1, wherein, The attributes of the second certificate include the hash value of the first certificate.
6. The computer-implemented method according to any one of claims 1-5, further comprising: The server computer processor sends a server greeting message in response to the client greeting message.
7. The computer-implemented method according to claim 6, further comprising: The client certificate message is received by the one or more server computer processors in response to a server greeting message. The client certificate message includes a third certificate associated with the first encryption algorithm and a fourth certificate associated with the second encryption algorithm, the third certificate and the fourth certificate being bound to each other. as well as The one or more server computer processors receive a client certificate verification message, the client certificate verification message including a third message associated with client-server communication signed with a third private key and a fourth message associated with client-server communication signed with a fourth private key, the third private key being associated with the third certificate and the fourth private key being associated with the fourth certificate, the fourth message including the third message.
8. The computer-implemented method according to any one of claims 1-5, further comprising: The data encrypted using the first encryption algorithm is sent by the one or more server computer processors.
9. A computer program product for establishing secure network communication, the computer program product comprising program instructions, the program instructions including: Program instructions for sending a server certificate message in response to a client greeting message, the certificate message including a first certificate associated with a first encryption algorithm and a second certificate associated with a second encryption algorithm, the first certificate and the second certificate being bound to each other, wherein one of the first certificate and the second certificate is a factor-based certificate TC and the other is a lattice-based certificate PQC; Program instructions for signing a first message associated with client-server communication using a first private key, the first private key being associated with the first certificate; Program instructions for signing a second message associated with the client-server communication using a second private key, the second private key being associated with the second certificate, the second message including the first message; and Program instructions for sending a server certificate verification message in response to receiving the client greeting message, the server certificate verification message including the first message and the second message.
10. The computer program product according to claim 9, wherein, The first encryption algorithm includes a lattice-based encryption algorithm.
11. The computer program product according to claim 9, wherein, The first message includes a copy of the client-server message transmission.
12. The computer program product according to claim 9, wherein, The first certificate and the second certificate have the same subject name.
13. The computer program product according to claim 9, wherein, The attributes of the second certificate include the hash value of the first certificate.
14. The computer program product according to any one of claims 9-13, wherein the stored program instructions further include: Program instructions for sending a server greeting message in response to the client greeting message.
15. The computer program product according to claim 14, wherein the stored program instructions further include: Program instructions for receiving a client certificate message in response to a server greeting message, the client certificate message including a third certificate associated with the first encryption algorithm and a fourth certificate associated with the second encryption algorithm, the third certificate and the fourth certificate being bound to each other; as well as Program instructions for receiving client certificate verification messages, the client certificate verification messages including a third message associated with client-server communication signed with a third private key and a fourth message associated with the client-server communication signed with a fourth private key, the third private key being associated with the third certificate, the fourth private key being associated with the fourth certificate, and the fourth message including the third message.
16. The computer program product according to any one of claims 9-13, wherein the stored program instructions further include program instructions for sending data encrypted using the first encryption algorithm.
17. A computer system for establishing secure network communication, the computer system comprising: One or more computer processors; One or more computer-readable storage devices; as well as Program instructions stored on the one or more computer-readable storage devices for execution by the one or more computer processors, the stored program instructions including: Program instructions for sending a server certificate message in response to a client greeting message, the certificate message including a first certificate associated with a first encryption algorithm and a second certificate associated with a second encryption algorithm, the first certificate and the second certificate being bound to each other, wherein one of the first certificate and the second certificate is a factor-based certificate TC and the other is a lattice-based certificate PQC; Program instructions for signing a first message associated with client-server communication using a first private key, the first private key being associated with the first certificate; Program instructions for signing a second message associated with the client-server communication using a second private key, the second private key being associated with the second certificate, the second message including the first message; and Program instructions for sending a server certificate verification message in response to receiving the client greeting message, the server certificate verification message including the first message and the second message.
18. The computer system according to claim 17, wherein, The first encryption algorithm includes a lattice-based encryption algorithm.
19. The computer system according to claim 17, wherein, The first message includes a copy of the client-server message transmission.
20. The computer system according to claim 17, wherein, The first certificate and the second certificate have the same subject name.
21. The computer system according to claim 17, wherein, The attributes of the second certificate include the hash value of the first certificate.
22. The computer system according to any one of claims 17-21, wherein the stored program instructions further include: Program instructions for sending a server greeting message in response to the client greeting message.
23. The computer system according to claim 22, wherein the stored program instructions further include: Program instructions for receiving a client certificate message in response to a server greeting message, the client certificate message including a third certificate associated with the first encryption algorithm and a fourth certificate associated with the second encryption algorithm, the third certificate and the fourth certificate being bound to each other; as well as Program instructions for receiving client certificate verification messages, the client certificate verification messages including a third message associated with client-server communication signed with a third private key and a fourth message associated with the client-server communication signed with a fourth private key, the third private key being associated with the third certificate, the fourth private key being associated with the fourth certificate, and the fourth message including the third message.