Hash-driven multi-layer anti-quantum security protocol generation verification system and method

By generating and verifying a hash-driven, multi-layered quantum-resistant security protocol, the problem of lack of systematic and security proof in existing protocol designs is solved, achieving continuous security and efficient design resistant to quantum attacks.

CN122160065APending Publication Date: 2026-06-05SHANGHAI UNI SENTRY INTELLIGENT TECH CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
SHANGHAI UNI SENTRY INTELLIGENT TECH CO LTD
Filing Date
2026-03-11
Publication Date
2026-06-05

AI Technical Summary

Technical Problem

Existing quantum-resistant secure communication protocols lack systematic design, rely on expert experience, and are difficult to prove mathematically rigorously. They fail to adequately consider security throughout the entire lifecycle, especially the continuous forward security of session keys.

Method used

A hash-driven, multi-layered quantum-resistant security protocol generation and verification system is adopted. By constructing identity authentication, key exchange, and session evolution layers, and using quantum-resistant hash functions as the core, combined with automated theorem proving tools for formal verification, a closed-loop engineering process is formed to automatically generate and rigorously verify the security protocol.

Benefits of technology

It achieves systematic and in-depth defense, improves the security and trustworthiness of the protocol, can resist quantum computing attacks, ensures the continuous forward security of session keys, reduces the risk of human error, and improves design efficiency.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122160065A_ABST
    Figure CN122160065A_ABST
Patent Text Reader

Abstract

The application provides a kind of multi-layer anti-quantum security protocol generation verification system and method based on hash drive, defines security target, selects the cryptographic primitive pool with anti-quantum hash function as core, and constructs active network enemy model containing quantum query capability;Based on the cryptographic primitive pool, a multi-layer protocol logic framework is constructed, and specific protocol interaction message sequence is generated;Formal modeling is a computational model that can be processed by automated theorem proving tools;The automated theorem proving tool is used to deduce and verify the computational model, if the verification is not passed, return to iterate and optimize the protocol interaction message sequence, until the final protocol specification that meets all the security targets and can be proved safe is generated.The application integrates protocol design, multi-layer architecture construction and formal verification into one, forms a closed-loop engineering process, and aims to automatically generate and strictly verify security protocols with anti-quantum capability and deep defense characteristics.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the fields of communication security and cryptography, and in particular to a hash-driven multi-layer quantum-resistant security protocol generation and verification system and method. Background Technology

[0002] The rapid development of quantum computing technology poses a fundamental threat to existing public-key cryptography systems. Shor's algorithm can break widely used algorithms based on large number factorization and discrete logarithm problems (such as RSA and ECC) in polynomial time, while Grover's algorithm provides quadratic speedups for symmetric cryptography and hash functions. To address this "quantum threat," post-quantum cryptography (PQC) has emerged, aiming to design cryptographic algorithms resistant to quantum computing attacks.

[0003] Currently, the construction of quantum-resistant secure communication protocols typically employs a "point-to-point" replacement approach, simply replacing classical cryptographic primitives (such as RSA signatures and ECDH key exchanges) in traditional protocols with corresponding post-quantum candidate algorithms. However, this approach has significant drawbacks: First, it lacks systematic design, making it difficult to form defenses in depth, and security relies excessively on the strength of a single algorithm; second, protocol design mainly depends on expert experience and manual analysis, easily introducing logical flaws and failing to provide mathematically rigorous security proofs; third, it fails to fully consider the security throughout the protocol's entire lifecycle, especially the continuous forward security of session keys.

[0004] Therefore, there is an urgent need for a systematic, automated, and provably secure method to generate and verify secure communication protocols that can withstand quantum attacks and possess defense-in-depth capabilities. Summary of the Invention

[0005] The purpose of this invention is to provide a hash-driven multi-layer quantum-resistant security protocol generation and verification system and method, which integrates protocol design, multi-layer architecture construction and formal verification into a closed-loop engineering process, aiming to automatically generate and rigorously verify security protocols with quantum resistance and deep defense characteristics.

[0006] To achieve the above objectives, this invention provides a hash-driven multi-layer quantum-resistant security protocol generation and verification method, comprising the following steps: S1. Define the security objective, select a cryptographic primitive pool with quantum-resistant hash functions as its core, and construct an active network adversary model that includes quantum query capabilities. S2. Based on the cryptographic primitive pool, and using the hash function as a unified driving engine, construct a multi-layer protocol logic framework that includes at least an identity authentication layer, a key exchange layer, and a session evolution layer, and generate specific protocol interaction message sequences; S3. The protocol interaction message sequence, the adversary model, and the security target are formally modeled into a computational model that can be processed by automated theorem proving tools. S4. Use the automated theorem proving tool to deduce and verify the computational model. If the verification fails, return to step S2 to iteratively optimize the protocol interaction message sequence until a provably secure final protocol specification that satisfies all the security objectives is generated.

[0007] Furthermore, in step S1, the cryptographic primitive pool includes at least a quantum-resistant hash function as the basic engine, a signature or authentication mechanism built based on the hash function, and a key derivation mechanism based on or combined with the hash function.

[0008] Further, in step S2, the multi-layer protocol logic framework specifically includes: Identity authentication layer: Utilizes a hash-based signature scheme to achieve long-term identity binding and authentication of entities; Key establishment layer: Combining post-quantum key exchange or encapsulation mechanism, and using the hash function to strengthen and context-bind the shared secret, generating forward-secure session key material; Session Evolution Layer: The session key is updated periodically or triggered by a hash chain update mechanism constructed using the hash function, thereby achieving continuous forward security.

[0009] Furthermore, the key establishment layer involves a first entity A and a second entity B, and the specific operations include: A generates a temporary key pair (PK_A, SK_A), and B generates a temporary key pair (PK_B, SK_B). A and B exchange temporary public keys PK_A and PK_B; B uses PK_A to perform key encapsulation, obtains ciphertext C and the original shared secret ss_raw, and sends C to A; After receiving C, A uses SK_A to decapsulate and obtain ss_raw'; A and B independently construct the same context string, which contains the identity identifiers of both parties, the exchanged random numbers, the temporary public key, the ciphertext C, and the protocol identifier; A and B use a key derivation function based on a quantum-resistant hash function to combine ss_raw (or ss_raw') with context to derive the master key master_secret, and then expand it to obtain the session key material session_keys; A portion is allocated from session_keys to serve as a temporary authentication key auth_key. Both parties use auth_key and context to calculate and exchange the authentication tag AuthTag to confirm that the key negotiation was successful and that the context has not been tampered with.

[0010] Furthermore, the specific operations of the session evolution layer include: Derive the initial working key set (EncKey_0, MacKey_0, NextSeed_0) and the initial chain index i=0 from the established session key material; During communication, data is protected using the current key (EncKey_i, MacKey_i); When the preset triggering conditions are met, the key update is performed: NextSeed_{i+1} = H(NextSeed_i|| "Update" || i), where H is a quantum-resistant hash function; a new working key (EncKey_{i+1}, MacKey_{i+1}) is derived from NextSeed_{i+1}; the old key material (EncKey_i, MacKey_i, NextSeed_i) is securely erased; the chain index is updated to i+1; both communicating parties independently perform key evolution according to the same rules, and achieve state synchronization by carrying the current chain index i in plaintext in the data packet.

[0011] Furthermore, in step S3, the formal modeling uses a modeling language supported by automated theorem proving tools such as Tamarin Prover or ProVerif to abstract protocol messages into symbolic terms, participant behaviors into state transition rules, adversary capabilities (including quantum query capabilities for hash functions) into adversary rules, and security objectives into logical lemmas to be proven.

[0012] Furthermore, in step S4, the automated theorem proving tool, based on the computational model, automatically deduces all possible protocol execution paths and adversary attack paths through symbolic execution and constraint solving to verify whether the logical lemma is always true, thereby proving or disproving the security properties of the protocol.

[0013] Therefore, the present invention employs the above-described hash-driven multi-layer quantum-resistant security protocol generation and verification system and method, with the following technical effects: Systematic and in-depth defense: A hierarchical protocol framework (identity authentication, key exchange, session evolution) is proposed and implemented. Each layer is driven by quantum-resistant hash functions, constructing a defense-in-depth system whose security does not depend on a single algorithm.

[0014] Provable security: Through formal modeling and automated theorem proving, the security of the protocol is elevated from empirical assessment to rigorous mathematical proof, which greatly improves credibility and can discover deep logical vulnerabilities that are difficult to detect by manual analysis.

[0015] Quantum-resistant and persistent security: The core building blocks are all quantum-resistant or post-quantum primitives, fundamentally resisting quantum computing attacks. A hash chain mechanism ensures persistent forward security of session keys, strictly limiting the impact on historical and future communications even if a temporary key is leaked.

[0016] Automation and efficiency: An automated closed-loop process of "design-modeling-verification-iteration" has been formed, which significantly improves the efficiency and reliability of designing high-security quantum-resistant protocols and reduces the risk of human error. Attached Figure Description

[0017] Figure 1 This is an overall flowchart of the method of the present invention.

[0018] Figure 2 This is a schematic diagram of the multi-layer protocol logic framework described in this invention.

[0019] Figure 3 This is a timing diagram of protocol interactions for a new device accessing the network in an embodiment of the present invention.

[0020] Figure 4 This is a diagram illustrating the hash chain key update operation during a session. Detailed Implementation

[0021] The technical solution of the present invention will be further described below with reference to the accompanying drawings and embodiments.

[0022] Unless otherwise defined, the technical or scientific terms used in this invention shall have the ordinary meaning as understood by one of ordinary skill in the art to which this invention pertains.

[0023] Example 1: Overall Method Flow like Figure 1 As shown, the implementation of this method begins with step S1. First, the security objectives that the protocol needs to achieve under the quantum adversary model are clarified, such as "two-way entity authentication," "forward-secure key negotiation," and "resistance to replay attacks," and these objectives are formally described. SHAKE128 is selected as the core quantum-resistant hash function (H), XMSS is selected as the hash-based signature scheme, Kyber is selected as the post-quantum key encapsulation mechanism (KEM), and HKDF (based on H) is determined to be used as the key derivation mechanism. Simultaneously, an active Dolev-Yao network adversary model is constructed, and its capabilities are extended to include quantum superposition queries on the hash function H (simulating Grover's algorithm for acceleration).

[0024] Proceed to step S2, based on the aforementioned primitive pool, construct a... Figure 2 The three-layer protocol framework is shown. A specific message sequence containing a three-round handshake is generated (e.g., ...). Figure 3 As shown): In the first round, certificates carrying XMSS signatures and temporary Kyber public keys are exchanged to complete the identity authentication layer; in the second round, Kyber encapsulation / decapsulation is completed, the shared secret is strengthened using HKDF(H(...)) and bound to the session context to generate an authentication tag, completing the key establishment layer; in the third round, the key is confirmed, and a key update strategy based on hash chain H(NextSeed_i) is agreed upon to initialize the session evolution layer.

[0025] In step S3, the modeling language of a formal verification tool (such as Tamarin Prover) is used to encode the above message sequence, participant behavior (rules), adversary capabilities, and security objectives (lemmas) into a symbolic computation model.

[0026] In step S4, Tamarin Prover is run to perform automated analysis of the model. The tool explores all possible protocol execution and adversary interaction paths. If the verification passes, a proof that "all lemmas hold" is output, indicating that the protocol satisfies the security objectives. If the tool finds an attack path (e.g., a replay attack due to a misbinding of a random number), the path is analyzed, and the process returns to step S2 to modify the protocol design (e.g., incorporating more contextual information into the authentication tag calculation). Then, S3 modeling and S4 verification are repeated until all security properties are rigorously proven, ultimately outputting a provably secure protocol specification.

[0027] Example 2: Key Establishment Layer Operations in a New Device Network Access Scenario like Figure 3 As shown, suppose a new device D wants to connect to gateway G. At the key establishment layer: D generates a temporary Kyber key pair (TPK_D, TSK_D), G generates (TPK_G, TSK_G), and exchanges public keys through an initial message containing authentication.

[0028] G encapsulates the data using D's public key: (C, ss_raw) = Kyber.Encap(TPK_D), and sends the ciphertext C to D.

[0029] Decapsulation of D: ss_raw' = Kyber.Decap(C, TSK_D).

[0030] Both parties independently construct the same context: context = H(ID_D || ID_G || Nonce_D || Nonce_G || TPK_D || TPK_G || C || "Access Protocol v1").

[0031] Both parties perform key derivation: PRK = HKDF-Extract(salt, ss_raw); session_keys = HKDF-Expand(PRK, context, length). The derived key contains the encryption key for subsequent communication and the temporary key used to calculate the authentication tag.

[0032] G uses a temporary key to calculate the authentication tag AuthTag_G and sends it to D. D verifies the tag, calculates its own AuthTag_D, and sends it back to G for verification. If both parties successfully verify each other's credentials, the key is established successfully, and both parties confirm the consistency of the context.

[0033] Example 3: Hash chain key update operation during a session like Figure 4 As shown, assuming that device D and gateway G have established a secure session, the initial chain index i=0, the current key is (EncKey_0, MacKey_0), and the current seed is NextSeed_0.

[0034] Normal communication: Both parties use (EncKey_0, MacKey_0) to encrypt and authenticate application data.

[0035] Trigger update: When the amount of data sent reaches a preset threshold (such as 1GB), a key update is triggered.

[0036] Hash chain evolution: Independent computation by both parties: NextSeed_1=SHAKE128(NextSeed_0 || “Update” || 0); (EncKey_1, MacKey_1)=HKDF-Expand(NextSeed_1, "SessionKey", 64); Then, immediately and securely erase EncKey_0, MacKey_0, and NextSeed_0.

[0037] State synchronization: D writes a new chain index i=1 in plaintext in the header of the next data packet it sends. After receiving the packet, G finds that index 1 > the current index 0, and then uses the locally stored NextSeed_0 to calculate NextSeed_1 and (EncKey_1, MacKey_1), and decrypts the data packet content with the new key. If decryption is successful, both parties synchronously enter the new key stage at index i=1.

[0038] This process can be repeated periodically during the session, enabling continuous key updates and forward security.

[0039] Therefore, the present invention adopts the above-mentioned hash-driven multi-layer quantum-resistant security protocol generation and verification system and method, which integrates protocol design, multi-layer architecture construction and formal verification into a closed-loop engineering process, aiming to automatically generate and rigorously verify security protocols with quantum resistance and deep defense characteristics.

[0040] Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention and not to limit them. Although the present invention has been described in detail with reference to preferred embodiments, those skilled in the art should understand that modifications or equivalent substitutions can still be made to the technical solutions of the present invention, and these modifications or equivalent substitutions cannot cause the modified technical solutions to deviate from the spirit and scope of the technical solutions of the present invention.

Claims

1. A hash-driven multi-layer quantum-resistant security protocol generation and verification method, characterized in that, include: S1. Define the security objective, select a cryptographic primitive pool with quantum-resistant hash functions as its core, and construct an active network adversary model that includes quantum query capabilities. S2. Based on the cryptographic primitive pool, and using the hash function as a unified driving engine, construct a multi-layer protocol logic framework that includes at least an identity authentication layer, a key exchange layer, and a session evolution layer, and generate specific protocol interaction message sequences; S3. The protocol interaction message sequence, the adversary model, and the security target are formally modeled into a computational model that can be processed by automated theorem proving tools. S4. Use the automated theorem proving tool to deduce and verify the computational model. If the verification fails, return to step S2 to iteratively optimize the protocol interaction message sequence until a provably secure final protocol specification that satisfies all the security objectives is generated.

2. The method for generating and verifying a multi-layer quantum-resistant security protocol based on hash-driven methods according to claim 1, characterized in that, The cryptographic primitive pool includes at least a quantum-resistant hash function as the underlying engine, a signature or authentication mechanism built upon the hash function, and a key derivation mechanism based on or in combination with the hash function.

3. The method for generating and verifying a multi-layer quantum-resistant security protocol based on hash-driven methods according to claim 1, characterized in that, The multi-layer protocol logic framework specifically includes: Identity authentication layer: Utilizes a hash-based signature scheme to achieve long-term identity binding and authentication of entities; Key establishment layer: Combining post-quantum key exchange or encapsulation mechanism, and using the hash function to strengthen and context-bind the shared secret, generating forward-secure session key material; Session Evolution Layer: The session key is updated periodically or triggered by a hash chain update mechanism constructed using the hash function, thereby achieving continuous forward security.

4. The method for generating and verifying a multi-layer quantum-resistant security protocol based on hash-driven methods according to claim 1, characterized in that, The operations of the key establishment layer specifically include: The two communicating parties exchange temporary public keys; One party uses the other party's temporary public key to perform key encapsulation to obtain ciphertext and the original shared secret, and then sends the ciphertext; The other party decapsulates the shared secret; Both parties independently construct the same context information string, which includes the identity identifiers of both parties, the exchanged random numbers, the temporary public key, the ciphertext, and the protocol identifier; Both parties use a key derivation function based on a quantum-resistant hash function to combine the shared secret with the context information string to derive session key material; Both parties derive a temporary authentication key from the session key material, and calculate and exchange verification authentication tags based on the key and the context information string.

5. The method for generating and verifying a multi-layer quantum-resistant security protocol based on hash-driven methods according to claim 1, characterized in that, The operations of the session evolution layer specifically include: Derive the initial working key set and initial chain index from the established session key material; Use the current working key to communicate; When the preset triggering conditions are met, the current state seed is calculated using a quantum-resistant hash function to obtain a new state seed, from which a new working key set is derived. At the same time, the old working key material and state seed are securely erased, and the chain index is updated. Both communicating parties independently perform the aforementioned key evolution and achieve state synchronization by carrying chain indexes in the communication data.

6. The method for generating and verifying a multi-layered quantum-resistant security protocol based on hash-driven methods according to claim 1, characterized in that, Preset trigger conditions include: Periodic trigger: Timer expires; Count trigger: The amount of data encrypted / authenticated using the current key has reached a threshold; Event triggered: A specific number of data packets were sent; Explicit command: A refresh is required by the application or security policy.

7. The method for generating and verifying a multi-layer quantum-resistant security protocol based on hash-driven methods according to claim 1, characterized in that, The formal modeling uses a modeling language supported by automated theorem proving tools such as Tamarin Prover or ProVerif to abstract protocol messages into symbolic terms, participant behaviors into state transition rules, adversary capabilities into adversary rules, and security objectives into logical lemmas to be proven.

8. The method for generating and verifying a multi-layer quantum-resistant security protocol based on hash-driven methods according to claim 1, characterized in that, In step S4, the automated theorem proving tool, based on the computational model, automatically deduces all possible protocol execution paths and adversary attack paths through symbolic execution and constraint solving to verify whether the logical lemma is always true, thereby proving or disproving the security properties of the protocol.

9. A hash-driven, multi-layered quantum-resistant security protocol generation and verification system, characterized in that, include: The primitive and adversary model definition module is used to define the security objectives under the quantum adversary model and formalize them into security attribute propositions, and to select a pool of cryptographic primitives with a quantum-resistant hash function as the core, wherein the cryptographic primitive pool includes at least a quantum-resistant hash function as the basic engine, a signature or authentication mechanism built on the hash function, and a key derivation mechanism based on or combined with the hash function. A multi-layer protocol generation module, connected to the primitive and adversary model definition module, is used to generate a layered protocol message flow based on the cryptographic primitive pool, which includes at least an identity authentication layer, a key establishment layer, and a session evolution layer. The identity authentication layer is configured to implement entity authentication using a hash-based signature scheme. The key establishment layer is configured to generate a shared secret by combining a post-quantum key encapsulation mechanism and to strengthen and context-bind the shared secret using a key derivation function based on the quantum-resistant hash function to generate session key material. The session evolution layer is configured to periodically or conditionally update the session key using a chained update mechanism constructed by the quantum-resistant hash function. The formal modeling module, connected to the multi-layer protocol generation module, is used to model the generated protocol message flow, the quantum adversary model, and the security attribute proposition into a computational model that can be automatically deduced in the formal verification tool. The verification and iteration module, connected to the formal modeling module, is used to run the formal verification tool to deduce and verify the computational model. If the verification passes, it outputs the formally proven security protocol specification; if the verification fails, it calls the multi-layer protocol generation module to iteratively optimize the protocol message flow.