Hybrid signature method and system based on quantum key and puf
By combining quantum key distribution and physical non-cloning functions with location and timing information, a signature key is dynamically generated and a hierarchical security strategy is selected. This solves the security deficiencies of existing digital signature schemes under quantum computing threats and the problem of fixed key generation, and achieves coordination between security and computational overhead in different security level scenarios.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- SICHUAN LIANGSHANSHUILUOHE ELECTRICITY DEV CO LTD
- Filing Date
- 2026-05-14
- Publication Date
- 2026-06-19
AI Technical Summary
Existing digital signature schemes are not secure enough in the face of quantum computing threats. Key generation relies on fixed methods and lacks a hierarchical security scheduling mechanism, making it difficult to simultaneously ensure quantum resistance, key security, and application flexibility.
By combining quantum key distribution protocol with physical non-cloning function and location timing information, a dynamic root key is generated and a hierarchical security strategy is implemented based on timestamp and geographic coordinates. The signing key is dynamically generated and the hierarchical security strategy is selected in combination with the attributes of the message to be signed during the signing process.
It enables dynamic generation of signature keys in a quantum computing environment, possesses resistance to quantum attacks, device binding capabilities, and spatiotemporal constraints, and adapts to the balance between security and computational overhead under different security requirements.
Smart Images

Figure CN122247752A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of information security technology, and specifically to a hybrid signature method and system based on quantum key distribution and PUF. Background Technology
[0002] Digital signatures are a core technology in cryptography, used to verify the authenticity, integrity, and non-repudiation of data. Authenticity ensures the signature's origin is traceable, preventing identity forgery; integrity guarantees the data has not been maliciously tampered with during transmission and storage; non-repudiation prevents the signer from later denying the signing, providing a legal basis for determining liability in electronic contracts, financial transactions, and other scenarios. In cryptographic systems, digital signatures are primarily implemented using asymmetric cryptography, generating the signature with the signer's unique private key, which can be verified by any verifier holding the corresponding public key. This process typically involves three key steps: first, a message of arbitrary length is compressed into a fixed-length digest using a hash function, ensuring that even minor alterations can be detected; second, the digest is signed using the private key to generate a signature value; and finally, the verifier uses the public key to verify the signature. If they match, it proves that the data has not been tampered with and was indeed signed by the private key holder.
[0003] In the field of digital signatures, widely used classical cryptographic algorithms include SM2, SM9, RSA, DSA, and ECDSA, whose security relies on mathematical problems such as large integer factorization or elliptic curve discrete logarithm problems. These algorithms have advantages such as high computational efficiency, high standardization, and mature software and hardware ecosystems, and continue to play a crucial role in mainstream scenarios such as e-government, financial payments, and code signing. However, with the rapid development of quantum computing technology, Shor's algorithm can efficiently solve these mathematical problems in polynomial time, posing a fundamental threat to the long-term security of classical digital signature schemes. To address this challenge, academia and industry are accelerating the research and application of post-quantum cryptography (PQC). The security of PQC algorithms is based on mathematical foundations such as lattice theory, hash functions, and coding theory, which are considered resistant to quantum attacks. In the digital signature field, lattice-based CRYSTALS-Dilithium and hash-based SPHINCS+ schemes have become core candidate algorithms in the PQC standardization process of the National Institute of Standards and Technology (NIST). These schemes can still maintain computational security in a quantum computing environment, but they generally face performance bottlenecks such as large signature size and high computational overhead, and there is an urgent need to find a better balance between security and efficiency.
[0004] Quantum Key Distribution (QKD) is a key exchange technology that achieves information-theoretic security based on the principles of quantum mechanics. Its core idea is to use the quantum states of single photons or weakly coherent light to transmit key information. Based on the Heisenberg uncertainty principle and the quantum no-cloning theorem, it ensures that any eavesdropping will introduce a detectable disturbance into the quantum channel. Once both communicating parties detect an abnormally high bit error rate, they can determine that eavesdropping has occurred and stop key generation, thus guaranteeing the absolute security of the final shared key. Currently, mainstream protocols include BB84, E91, and continuous-variable QKD, which have been practically deployed over hundreds of kilometers in fiber optic and free-space channels. Unlike traditional key exchange based on computational complexity, QKD's security does not rely on mathematical problem assumptions, and it still possesses long-term security guarantees even against attacks from future quantum computers. Therefore, QKD is considered a key component in building quantum-resistant cryptographic systems and is widely used in high-security fields such as government affairs, finance, and power.
[0005] A Physically Unclonable Function (PUF) is a hardware security technology based on the inherent differences in the physical characteristics of a chip. Its core principle lies in utilizing unavoidable process variations in semiconductor manufacturing, such as the random distribution of microscopic parameters like transistor threshold voltage, wire resistance, and oxide layer thickness, to generate a unique and uncopyable "digital fingerprint" for each chip. PUFs typically combine fuzzy extractor technology to reliably extract a stable and uniform key seed from the original response, and supplement this with public helper data to achieve key reconstruction. By binding the private key to the chip's physical characteristics, the key can be stored invisibly. The key is generated in real-time by the PUF only when needed and discarded after use, effectively resisting physical probing and side-channel attacks.
[0006] Positioning, navigation, and timing (PNT) technology refers to the key technology that provides users with spatial coordinates (latitude, longitude, and altitude) with centimeter- to meter-level accuracy and time information with nanosecond- to microsecond-level accuracy through satellite navigation systems (such as BeiDou, GPS, Galileo, etc.) or other spatiotemporal reference sources. Its core principle lies in accurately measuring the propagation delay of satellite signals and using the time differences between multiple satellites to calculate the receiver's three-dimensional position and time deviation. Modern high-precision positioning and timing modules integrate inertial navigation, ground-based augmentation, and other technologies, possessing strong anti-interference and anti-spoofing capabilities.
[0007] Against this backdrop, existing digital signature solutions struggle to simultaneously achieve quantum resistance, key security, and application flexibility. Classical algorithms are vulnerable to quantum attacks, post-quantum algorithms are computationally expensive, and existing solutions largely rely on fixed keys, lacking the ability to bind to device characteristics and temporal / spatial information, while also lacking a hierarchical scheduling mechanism based on data attributes. Therefore, how to ensure quantum resistance while achieving dynamic key generation and balancing efficiency and security under different security requirements is a pressing issue that needs to be addressed. Summary of the Invention
[0008] The purpose of this invention is to provide a hybrid signature method and approach based on quantum key distribution and PUF, so as to at least solve the problems of insufficient quantum resistance, fixed key generation, and lack of hierarchical security scheduling mechanism in existing schemes.
[0009] To achieve the above objectives, the first aspect of the present invention provides a hybrid signature method based on quantum key distribution and PUF. The method is executed at the signing end and includes: negotiating with the verification end to generate a quantum key through a quantum key distribution protocol, generating a derived key seed based on a physical non-cloning function, and simultaneously configuring and registering a trusted area for location and timing; acquiring location and timing information, and generating location and timing data including timestamps and geographic coordinates based on the location and timing information; generating a dynamic root key based on the derived key seed, the quantum key, and the location and timing information, and deriving a signature key pair based on the dynamic root key; preprocessing the message to be signed and the location and timing data, matching a hierarchical security policy according to the attributes of the message to be signed and the timestamp in the location and timing information, selecting the corresponding signing end, and performing a signature based on the preprocessed data of the signature key pair to generate a signature data packet, and sending the signature data packet to the verification end.
[0010] Preferably, a quantum key is generated through negotiation with the verification end via a quantum key distribution protocol, and a derived key seed is generated based on the Physical Non-cloning Function (PUF). Simultaneously, trusted area configuration and registration for location and time synchronization are completed. This includes: constructing a hierarchical security strategy based on the timeliness, security importance, and data lifecycle of the message to be signed, wherein the hierarchical security strategy is divided into multiple security levels, each corresponding to a type of signature endpoint; generating a shared quantum key through key negotiation with the verification end via the quantum key distribution protocol, and encrypting and storing the quantum key; obtaining PUF response characteristics based on the PUF, and extracting a stable derived key seed from the PUF response characteristics; configuring parameters for the geographical location range and time range of location and time synchronization, and registering the location and time synchronization public key to form a trusted identifier.
[0011] Preferably, acquiring location and timing information and generating location and timing data including timestamps and geographic coordinates based on the location and timing information includes: acquiring the timestamps and geographic coordinates from the location and timing information, and concatenating the timestamps and geographic coordinates according to a preset data format to generate raw location and timing data; performing a hash operation on the raw location and timing data to obtain a corresponding hash value; performing a signature operation on the hash value based on a preset signature algorithm to obtain location and timing signature data; and concatenating the raw location and timing data with the location and timing signature data to generate location and timing data.
[0012] Preferably, generating a dynamic root key based on the derived key seed, the quantum key, and the positioning and timing information, and deriving a signature key from the dynamic root key, includes: concatenating the derived key seed, the quantum key, and the positioning and timing information to generate original root key data; performing a hash operation on the original root key data to obtain the dynamic root key; performing a key derivation operation based on the dynamic root key to generate a first key seed and a second key seed; generating a classical signature key pair based on the first key seed and a post-quantum signature key pair based on the second key seed; and using the classical signature key pair and the post-quantum signature key pair as the signature key.
[0013] Preferably, the process involves preprocessing the message to be signed and the location and timing data, matching a hierarchical security policy based on the attributes of the message to be signed and the timestamp in the location and timing information, selecting a corresponding signing endpoint, and performing a signature operation on the preprocessed data based on the signature key to generate a signed data packet. This includes: concatenating the message to be signed with the location and timing data to generate preprocessed raw data; performing a hash operation on the preprocessed raw data to obtain preprocessed data; determining a corresponding hierarchical security policy based on the attributes of the message to be signed and the timestamp in the location and timing information; selecting a corresponding signing endpoint according to the hierarchical security policy, and performing a signature operation on the preprocessed data based on the signature endpoint using the signature key to obtain a signature result; and concatenating the message to be signed, the location and timing data, and the signature result to generate a signed data packet.
[0014] A second aspect of this invention provides a hybrid signature method based on quantum key distribution and PUF (Public-Private Link Function). The method is executed on a verification terminal and includes: acquiring a signature data packet and parsing a message to be signed, location and timing data, and a signature result from the signature data packet; decomposing the location and timing data to obtain location and timing information and corresponding signature data, generating a hash value based on the location and timing information, performing a verification operation on the hash value and the signature data using a location and timing public key, and verifying the legitimacy of the location and timing information; preprocessing the message to be signed and the location and timing data to obtain preprocessed data, and matching a hierarchical security policy based on the timestamp in the location and timing information and the attributes of the message to be signed; selecting a corresponding verification terminal based on the hierarchical security policy, and calling the corresponding public key on the corresponding verification terminal to perform a verification operation on the preprocessed data and the signature result to obtain a verification result.
[0015] Optionally, the location and timing data is decomposed to obtain location and timing information and corresponding signature data. A hash value is generated based on the location and timing information. A signature verification operation is performed on the hash value and the signature data using the location and timing public key, and the legality of the location and timing information is verified. This includes: decomposing the location and timing data to obtain original location and timing data and location and timing signature data; performing a hash operation on the original location and timing data to generate a hash value; performing a signature verification operation on the hash value and the location and timing signature data based on the location and timing public key; parsing the original location and timing data to obtain a timestamp and geographic coordinates if the signature verification operation passes; comparing the geographic coordinates with a configured trusted area, and verifying the legality of the timestamp.
[0016] Optionally, the message to be signed and the location and timing data are preprocessed to obtain preprocessed data, and a hierarchical security policy is matched based on the timestamp in the location and timing information and the attributes of the message to be signed. This includes: concatenating the message to be signed with the location and timing data to generate preprocessed raw data; performing a hash operation on the preprocessed raw data to obtain preprocessed data; obtaining the timestamp in the location and timing information and extracting the attribute information corresponding to the message to be signed; and determining the hierarchical security policy based on the correspondence between the timestamp and the attribute information.
[0017] Optionally, the corresponding verification endpoint is selected according to the hierarchical security policy, and the corresponding public key is invoked based on the corresponding verification endpoint to perform verification operations on the preprocessed data and the signature result to obtain the verification result. This includes: when the hierarchical security policy is at the first security level, invoking the classic signature public key to perform verification operations on the preprocessed data and the signature result; when the hierarchical security policy is at the second security level, first signature data and second signature data are decomposed from the signature result, and the first signature data and second signature data are concatenated to generate intermediate data; the classic signature public key is invoked to perform verification operations on the preprocessed data and the first signature data; the classic signature public key is invoked to perform verification operations on the intermediate data and the second signature data; the post-quantum signature public key is invoked to perform verification operations on the preprocessed data and the first signature data; and the post-quantum signature public key is invoked to perform verification operations on the intermediate data and the second signature data; when the hierarchical security policy is at the third security level, the post-quantum signature public key is invoked to perform verification operations on the preprocessed data and the signature result.
[0018] This invention introduces quantum keys, physical non-cloning functions, and location and timing information to construct a multi-source fusion signature key generation mechanism. This enables the signature key to dynamically change with time, location, and device characteristics, avoiding the leakage risk associated with fixed keys. During the signing process, the message to be signed and location and timing data are jointly preprocessed, and a hierarchical security strategy is matched based on timestamps and data attributes to select the appropriate signing platform, allowing the signature strength to be adjusted according to business needs. During the verification process, the authenticity and integrity of the signature result are ensured by verifying the signature and legality of the location and timing data, combined with the consistency verification of the preprocessed data. While maintaining the basic functions of digital signatures, this method introduces a dynamic key generation and hierarchical strategy control mechanism, enabling the signing process to simultaneously possess resistance to quantum attacks, device binding capabilities, and spatiotemporal constraints, thereby achieving a balance between security and computational overhead in different security level scenarios. Attached Figure Description
[0019] Figure 1 This is an execution flowchart of the hybrid signature method based on quantum key distribution and PUF provided by the present invention;
[0020] Figure 2 This is a flowchart of the execution process at the signing end of the hybrid signature method based on quantum key distribution and PUF provided by this invention;
[0021] Figure 3 This is a flowchart of the execution process of the hybrid signature method based on quantum key distribution and PUF provided by this invention at the signature verification end;
[0022] Figure 4This is a system architecture diagram of the hybrid signature system based on quantum key distribution and PUF provided by the present invention. Detailed Implementation
[0023] Figure 1 This invention provides a hybrid signature method based on quantum key distribution and PUF, which is executed at the signing end and includes:
[0024] Step S110: Generate a quantum key by negotiating with the signature verification end through the quantum key distribution protocol, and generate a derived key seed based on the physical non-cloning function, while completing the trusted area configuration and registration for location and timing.
[0025] Step S120: Obtain positioning and timing information, and generate positioning and timing data including timestamps and geographic coordinates based on the positioning and timing information.
[0026] Step S130: Generate a dynamic root key based on the derived key seed, the quantum key and the positioning and timing information, and derive a signature key pair based on the dynamic root key;
[0027] Step S140: Preprocess the message to be signed and the location and timing data, match the hierarchical security policy according to the attributes of the message to be signed and the timestamp in the location and timing information, select the corresponding signing terminal, and perform signing on the preprocessed data based on the signing key to generate a signed data packet, and send the signed data packet to the verification terminal.
[0028] Specifically, in step S110, a quantum key is generated through negotiation with the verification end via a quantum key distribution protocol, and a derived key seed is generated based on the Physical Non-cloning Function (PUF). Simultaneously, the trusted area configuration and registration for location and timing are completed. This includes: constructing a hierarchical security strategy based on the timeliness, security importance, and data lifecycle of the message to be signed, with the hierarchical security strategy divided into multiple security levels, each corresponding to a type of signature endpoint; generating a shared quantum key through key negotiation with the verification end via the quantum key distribution protocol, and encrypting and storing the quantum key; obtaining PUF response characteristics based on the PUF, and extracting a stable derived key seed from the PUF response characteristics; configuring parameters for the geographical location range and time range of location and timing, and registering the location and timing public key to form a trusted identifier.
[0029] In this embodiment of the invention, a hierarchical security strategy is constructed based on the timeliness, security importance, and data lifecycle of the messages to be signed. Typically, messages to be signed can be divided according to their lifecycle length and security sensitivity. For example, data with high real-time requirements but low value (such as short-cycle status reports) is classified into Level 1 Security Strategy D1; data with a certain retention period and involving business processes is classified into Level 2 Security Strategy D2; and data requiring long-term evidence storage or possessing legal effect is classified into Level 3 Security Strategy D3.
[0030] Different security levels correspond to different signature formats. Level 1 security policy D1 uses the classic digital signature algorithm, Level 2 security policy D2 uses a combination of classic and post-quantum signatures, and Level 3 security policy D3 uses the post-quantum signature algorithm. This classification is not a fixed constraint; in actual deployment, the level boundaries can be dynamically adjusted based on the security policy library. However, the core principle is to establish a one-to-one correspondence between data attributes and signature formats, ensuring the schedulability of the subsequent signing process.
[0031] Shared key Q is achieved through a quantum key distribution protocol. k The generation of the key can be achieved using the BB84 protocol or its equivalent implementation. Initial key transmission is performed in the quantum channel, combined with classical channel processing for bit error rate detection, error correction, and privacy amplification, thus obtaining a shared key Q that is consistent between the two parties. k The generated Q k It does not directly participate in data transmission, but serves as a high-entropy input for subsequent key construction; therefore, Q needs to be... k The key is written to a secure key storage unit and protected by a hardware encryption mechanism, such as encapsulating and storing Qk using a secure chip or trusted execution environment to prevent direct external reading.
[0032] Generating Derivative Key Seeds Based on Physically Unclonable Functions (PUF) S After the device is powered on, the internal physical structure is excited through the PUF circuit to obtain the original response sequence PUF. core Since the PUF response may exhibit minor fluctuations due to environmental disturbances, a fuzz extractor can be used to analyze the PUF. core Stabilization processing is performed to obtain a highly consistent derived key seed PUF. S The PUF S It does not require long-term storage, but is generated in real time by PUF when needed, thus binding the key material to the physical characteristics of the device.
[0033] Building upon the above, the trusted area configuration and registration for location and timing are completed. Specifically, allowed areas are set for geographical locations, such as limiting the boundaries of trusted areas through latitude and longitude intervals, while allowed windows are set for time ranges, such as limiting the effective time period or the maximum time deviation. Based on this, the public key PK built into the location and timing module is... pnt Registration is performed to create a trusted identifier corresponding to the device. This registration process can be understood as establishing a binding relationship between location and timing information and a public key, enabling subsequently acquired location and timing data to be transmitted via PK (Public Key Transfer). pnt Verification is required.
[0034] Through the above steps, three independent but jointly involved key inputs in subsequent calculations are formed: the shared quantum key Qk, the derived key seed PUF, and the derived key seed PUF. S In addition, it includes trusted constraint information for location and timing. These inputs provide the foundation for the subsequent generation of the dynamic root key, making the key no longer dependent on a single source, thereby improving the stability and consistency of the overall signature mechanism. Simultaneously, the establishment of the aforementioned hierarchical security strategy enables the signature process to select different paths based on data attributes during execution, providing a prerequisite for policy scheduling in subsequent signature stages.
[0035] Specifically, in step S120, obtaining location and timing information and generating location and timing data including timestamps and geographic coordinates based on the location and timing information includes: obtaining the timestamp and geographic coordinates from the location and timing information, and concatenating the timestamp and geographic coordinates according to a preset data format to generate raw location and timing data; performing a hash operation on the raw location and timing data to obtain a corresponding hash value; performing a signature operation on the hash value based on a preset signature algorithm to obtain location and timing signature data; and concatenating the raw location and timing data with the location and timing signature data to generate location and timing data.
[0036] In this embodiment of the invention, the process of acquiring positioning and timing information and generating positioning and timing data can be implemented by combining the output characteristics of the positioning and timing module. The positioning and timing information typically includes a timestamp and spatial location information, wherein the timestamp is denoted as... The standard time used to characterize the current data collection moment is denoted by the geographic coordinates as follows: ,in Indicates longitude. Indicates latitude. In practical applications, the timestamp The geographic coordinates can be obtained from high-precision timing signals provided by a satellite navigation system. This is obtained through multi-satellite ranging calculation.
[0037] After obtaining the timestamp and geographic coordinates, data concatenation is performed to form a unified data structure. Specifically, the timestamp and geographic coordinates are concatenated sequentially according to the byte sequence to generate the raw location and timing data. Its form of expression is:
[0038]
[0039] in," The "" indicates a data byte stream concatenation operation. Using this method, information from both the time and spatial dimensions can be uniformly encoded into a single data entity, avoiding information separation or misalignment issues during subsequent processing.
[0040] After obtaining the original positioning and timing data Then, a hash operation is performed on it to compress the data length and enhance its resistance to tampering. Specifically, this is done through a hash function. Calculate its hash value:
[0041]
[0042] in, To locate the hash value corresponding to the original time synchronization data, the hash function can be SM3, SHA-256, or other cryptographic hash algorithms with collision resistance. This step ensures that even if... Even a small change will result in a significant change in its hash value, thus providing a stable input for subsequent signatures.
[0043] Furthermore, based on the private key pre-installed within the positioning and timing module... For the hash value Perform digital signature calculations to generate location and timing signature data. Its form can be expressed as:
[0044]
[0045] in, This represents the signature operation function, which can be the SM2 signature algorithm or other equivalent asymmetric signature algorithms. This signature process makes the location and timing data verifiable, thus enabling the verification of its authenticity during the signature verification stage.
[0046] Finally, the original positioning and timing data With the location and timing signature data The data is stitched together to generate complete positioning and timing data. Its form of expression is:
[0047]
[0048] Through the above construction, the positioning and timing data not only includes time and space information but also corresponding signature data, ensuring its integrity and verifiability during transmission and use. This structure also provides a unified input format for subsequent dynamic root key generation and signature preprocessing, thereby guaranteeing data consistency throughout the entire signature process.
[0049] Specifically, in step S130, a dynamic root key is generated based on the derived key seed, the quantum key, and the positioning and timing information, and a signature key pair is derived from the dynamic root key, including: concatenating the derived key seed, the quantum key, and the positioning and timing information to generate root key raw data; performing a hash operation on the root key raw data to obtain the dynamic root key; performing a key derivation operation based on the dynamic root key to generate a first key seed and a second key seed; generating a classical signature key pair based on the first key seed and a post-quantum signature key pair based on the second key seed; and using the classical signature key pair and the post-quantum signature key pair as signature keys.
[0050] In this embodiment of the invention, based on the derived key seed Quantum key and the raw positioning and timing data corresponding to the positioning and timing information. The generation of a dynamic root key, and the further derivation of a signature key pair, can be achieved through the following process.
[0051] The derived key seed, quantum key, and positioning and timing raw data are concatenated to form a unified key input source. Specifically, the root key raw data is defined. for:
[0052]
[0053] in, This is the key seed obtained stably from a physically non-cloning function. This refers to a shared quantum key obtained through negotiation using a quantum key distribution protocol. This provides the raw location and timing data, including timestamps and geographic coordinates. This concatenation operation integrates the device's physical characteristics, quantum security entropy sources, and spatiotemporal information, enabling the subsequently generated key to possess multi-source dependency characteristics.
[0054] After obtaining the original root key data, a hash operation is performed on it to compress the data length and enhance randomness. Specifically, the SM3 hash function can be used. Processing is performed to obtain the dynamic root key. Its form of expression is:
[0055]
[0056] in, This is a commercial cryptographic hash function with an output length of 256 bits. This step maps the input data to a fixed-length random value, ensuring that small changes in the input lead to significant changes in the output, thus enhancing the unpredictability of the key generation process.
[0057] Furthermore, based on the dynamic root key Perform key derivation operations to generate multiple independent key seeds. Specifically, a hash-based key derivation function (KDF), such as SM3-KDF, can be used. Expand the scope to generate the first key seed. Second key seed Its form can be expressed as:
[0058]
[0059]
[0060] in, This represents the key derivation function. The strings "classic" and "pqc" serve as context identifiers to distinguish derivation results for different purposes. This method ensures that different seeds are statistically independent, avoiding correlation between keys.
[0061] After obtaining the first key seed Then, using this as a source of random entropy, a classic signature key pair is generated according to the key generation rules of classic digital signature algorithms. Specifically, the SM2 algorithm can be used. Generate a private key using random input. And generate the corresponding public key based on the elliptic curve dot product operation. Their relationship can be expressed as:
[0062]
[0063] in, It is the base point of the elliptic curve.
[0064] At the same time, based on the second key seed A post-quantum signature key pair is generated according to the key generation mechanism of the post-quantum signature algorithm. Taking a lattice-based signature algorithm as an example, the post-quantum signature key pair can be generated. As a random seed input to the key generation algorithm, the private key is obtained. With the corresponding public key Since post-quantum algorithms typically rely on large-scale matrix or polynomial structures, their key generation process is completed internally by the algorithm, and the specific structure will not be elaborated here.
[0065] Finally, the classic signature key pair With post-quantum signature key pair Together, they form a set of signature keys that participate in the subsequent signing process. Under different security level policies, a single key pair or a combination of keys can be used to achieve a dynamic balance between signature strength and computational cost.
[0066] Through the above steps, a system was formed with , and The dynamic key generation mechanism for input allows the signature key to change dynamically with device status, communication environment, and spatiotemporal information, avoiding the security risks caused by fixed keys, and providing basic support for the execution of subsequent hierarchical security policies.
[0067] Specifically, in step S140, the message to be signed and the location and timing data are preprocessed, and a hierarchical security policy is matched according to the attributes of the message to be signed and the timestamp in the location and timing information. A corresponding signing terminal is selected, and the preprocessed data is signed based on the signing key to generate a signed data packet. This includes: concatenating the message to be signed with the location and timing data to generate preprocessed raw data; performing a hash operation on the preprocessed raw data to obtain preprocessed data; determining the corresponding hierarchical security policy based on the attributes of the message to be signed and the timestamp in the location and timing information; selecting the corresponding signing terminal according to the hierarchical security policy, and calling the signing key to perform a signing operation on the preprocessed data based on the corresponding signing terminal to obtain a signature result; and concatenating the message to be signed, the location and timing data, and the signature result to generate a signed data packet.
[0068] In this embodiment of the invention, the message to be signed and the location and timing data are preprocessed, and the hierarchical security strategy is determined by combining the timestamp in the location and timing information with the attributes of the message to be signed. Then, the corresponding signing end type is selected and a signature data packet is generated, which is implemented according to the following process.
[0069] Regarding the signing news With positioning and timing data A concatenation process is performed to construct a unified signature input. This concatenation process can use direct byte sequence concatenation to bind the message content with its corresponding location and timing data, resulting in preprocessed raw data, represented as follows:
[0070]
[0071] in," The "" symbol indicates a byte stream concatenation operation. This method ensures that the message content and its spatiotemporal information at the time of generation are logically integrated, thereby avoiding information separation or tampering issues during subsequent signing processes.
[0072] After obtaining the preprocessed raw data Then, a hash operation is performed on the data to compress its length and enhance its resistance to tampering. Specifically, the SM3 hash function is used to process the concatenated data to obtain preprocessed data. Its form of expression is:
[0073]
[0074] in, This is a fixed-length hash value used as input for subsequent signature calculations. Through hashing, it is ensured that even minute changes to the data will lead to significant changes in the output, thereby enhancing the integrity protection capability of the signature.
[0075] Furthermore, based on the attribute information of the message to be signed and the timestamp in the location and timing information... The corresponding tiered security policy is determined. The attributes of the message to be signed may include data type, sensitivity level, business category, or lifecycle identifier, while the timestamp... This is used to reflect the timeliness of the data. In specific implementations, the input attribute information and time information can be mapped to the corresponding security level through rule matching or policy table lookup. For example:
[0076] 1) When the message is short-lived and has low security sensitivity, match the Level 1 security policy. .
[0077] 2) When messages have a medium lifecycle or involve critical business processes, apply a level 2 security policy. .
[0078] 3) When messages require long-term storage or high security, a three-tier security policy should be applied. .
[0079] After determining the hierarchical security policy, the corresponding signature terminal is selected according to the policy, and the corresponding signature key is used to process the preprocessed data. Perform signature calculation.
[0080] When selecting Level 1 security policy At that time, only the private key from the classic signature key pair is used. Perform the signature operation to obtain the signature result:
[0081]
[0082] in, This represents a signature function based on the SM2 algorithm.
[0083] When selecting the secondary security policy At that time, a hybrid signature format combining classical and post-quantum signatures is used. Specifically, firstly, classical private keys are used... and post-quantum private key Preprocessed data Perform the signing to obtain the inner signature result:
[0084]
[0085]
[0086] Then, the inner signature results are concatenated to generate intermediate data:
[0087]
[0088] Based on this, the intermediate data are then processed separately. Perform a second round of signing to obtain the outer signature result:
[0089]
[0090]
[0091] Finally, the four signature results are concatenated to form a hybrid signature result:
[0092]
[0093] This structure, through the nested combination of inner and outer signatures, enables classical and post-quantum algorithms to work together within the same signature structure, thereby improving overall security while ensuring compatibility.
[0094] When choosing a level 3 security strategy At that time, only the private key in the post-quantum signature key pair is used. Perform the signature operation to obtain the signature result:
[0095]
[0096] in, This represents a hash-based post-quantum signature algorithm.
[0097] After completing the signature calculation, the message to be signed will be... Positioning and timing data and signature results The data is concatenated to generate a complete signature data packet, which is expressed as follows:
[0098]
[0099] Through the above steps, a unified data structure containing the original message, location and timing data, and signature results can be formed, enabling the signature verification end to simultaneously perform data integrity verification, source verification, and spatiotemporal legality verification upon receipt. This process achieves dynamic selection of the signature end and balances computational overhead and security strength under different security levels, thus making it suitable for various business scenarios.
[0100] A second aspect of the present invention provides a hybrid signature method based on quantum key distribution and PUF, the method being executed at a signature verification end, the method comprising:
[0101] Step S210: Obtain the signature data packet, and parse the message to be signed, the location timing data, and the signature result from the signature data packet.
[0102] Step S220: Decompose the location and timing data to obtain location and timing information and corresponding signature data, generate a hash value based on the location and timing information, perform a signature verification operation on the hash value and the signature data using the location and timing public key, and verify the legality of the location and timing information.
[0103] Step S230: Preprocess the message to be signed and the location and timing data to obtain preprocessed data, and match the hierarchical security policy according to the timestamp in the location and timing information and the attributes of the message to be signed.
[0104] Step S240: Select the corresponding signature verification terminal according to the hierarchical security policy, and call the corresponding public key based on the corresponding signature verification terminal to perform signature verification operation on the preprocessed data and the signature result to obtain the signature verification result.
[0105] Specifically, in step S210, a signature data packet is obtained, and the message to be signed, location timing data, and signature result are parsed from the signature data packet.
[0106] In this embodiment of the invention, after obtaining the signature data packet, parsing processing is performed on the signature data packet. The signature data packet is organized according to an agreed data structure during generation, containing three parts: a message to be signed, location and timing data, and a signature result. During parsing, the signature data packet is segmented and extracted according to data organization rules. The boundaries of each part can be determined by dividing it into fixed-length segments or reading the length identifier field, thereby extracting the message to be signed, location and timing data, and signature result separately. For the location and timing data part, its original structure is maintained without splitting, so that it can be separately verified for legality later. For the signature result part, it is extracted as a whole for subsequent signature verification calculation. Through the above parsing processing, the message to be signed, location and timing data, and signature result can be recovered from the complete signature data packet, providing complete input data for subsequent location and timing verification and signature verification.
[0107] Specifically, in step S220, the location and timing data is decomposed to obtain location and timing information and corresponding signature data. A hash value is generated based on the location and timing information. A signature verification operation is performed on the hash value and the signature data using the location and timing public key. The legality of the location and timing information is also verified. This includes: decomposing the location and timing data to obtain original location and timing data and location and timing signature data; performing a hash operation on the original location and timing data to generate a hash value; performing a signature verification operation on the hash value and the location and timing signature data based on the location and timing public key; parsing the original location and timing data to obtain a timestamp and geographical coordinates if the signature verification operation passes; comparing the geographical coordinates with the configured trusted area and verifying the legality of the timestamp.
[0108] In this embodiment of the invention, the positioning and timing data is structurally decomposed. The positioning and timing data is encapsulated by concatenating raw data and signature data during generation; therefore, it can be directly parsed according to this structure during the signature verification stage to obtain the original positioning and timing data. and location timing signature data .in, Used to represent positioning and timing information This is the corresponding signature result.
[0109] After the disassembly is completed, a hash operation is performed on the original positioning and timing data to generate a corresponding hash value. Specifically, the hash function is used to process the original data. After processing, we get:
[0110]
[0111] in, For hash functions, This is the hash value corresponding to the original location and timing data. This hash value serves as the input for subsequent signature verification operations.
[0112] Subsequently, based on the public key pre-registered by the positioning and timing module The hash value and the location timing signature data are used to perform a signature verification operation. Specifically, the hash value and the location timing signature data are used to perform a signature verification operation. and As input, execute the digital signature verification function:
[0113]
[0114] If the signature verification result fails, it indicates that the location and timing data has been tampered with during transmission or the source is untrustworthy. In this case, the current signature data packet is directly determined to be illegal and subsequent processing is terminated.
[0115] When the signature verification result is successful, the original positioning and timing data is further parsed and processed to extract the timestamp. and geographic coordinates .in, This indicates the time information output by the positioning and timing module. These represent longitude and latitude, respectively.
[0116] After obtaining the geographic coordinates, they are compared with a pre-configured trusted region. The trusted region can be described by a range of latitude and longitude, for example, limited to:
[0117]
[0118] When the geographic coordinates do not meet the above range constraints, it is determined that the location and timing information is not within the trusted area, thereby terminating the current signature verification process.
[0119] At the same time, for the timestamp Perform a validity check. Specifically, this can be done by checking the current system time. Compare the time deviations to determine if they are within acceptable limits, for example:
[0120]
[0121] in, This indicates the allowable time deviation threshold. When the time deviation exceeds the threshold, the positioning and timing data is deemed invalid, thereby terminating subsequent signature verification processing.
[0122] Through the above steps, the integrity verification, source verification, and spatiotemporal legality constraints of the location and timing data are achieved. This process ensures that location and timing information not only exists as supplementary data but also directly participates in the validity determination before signature verification, thereby introducing spatial and temporal constraints during the signature verification stage and improving the reliability and consistency of the overall signature mechanism.
[0123] Specifically, in step S230, the message to be signed and the location and timing data are preprocessed to obtain preprocessed data, and a hierarchical security policy is matched based on the timestamp in the location and timing information and the attributes of the message to be signed. This includes: concatenating the message to be signed with the location and timing data to generate preprocessed raw data; performing a hash operation on the preprocessed raw data to obtain preprocessed data; obtaining the timestamp in the location and timing information and extracting the attribute information corresponding to the message to be signed; and determining the hierarchical security policy based on the correspondence between the timestamp and the attribute information.
[0124] In this embodiment of the invention, the message to be signed is parsed from the signature data packet. With corresponding positioning and timing data A concatenation process is performed to construct unified signature verification input data. This concatenation process uses the same data organization method as the signing end, directly concatenating byte sequences to form preprocessed raw data, which is expressed as follows:
[0125]
[0126] By using the above concatenation method, it can be ensured that the data structure used on the verification side is consistent with that on the signing side, thereby avoiding verification failure due to inconsistent input.
[0127] After obtaining the preprocessed raw data Then, a hash operation is performed on it to obtain preprocessed data. Specifically, a hash function (e.g., SM3) consistent with the signature is used for processing, and its form is:
[0128]
[0129] This process maps the original input data to a fixed-length hash value, enabling subsequent signature verification operations to be performed based on data in a unified format.
[0130] Subsequently, the timestamp is obtained from the positioning and timing information. Meanwhile, regarding the signing information Extract the corresponding attribute information. This attribute information may include data type, business category, sensitivity level, or lifecycle identifier. In specific implementations, this attribute information can be extracted using predefined data structure fields or metadata identifiers.
[0131] Obtaining the timestamp After considering the message attributes, a joint judgment is made to determine the corresponding tiered security policy. Specifically, based on the data timeliness reflected by the timestamp and the security level requirements reflected by the message attributes, a match is made within a pre-established policy mapping relationship. For example, when the timestamp indicates that the data is short-term valid and the message attribute is of a low sensitivity level, it is determined to be a Level 1 security policy. When the timestamp is in a medium validity range and the message attribute is of a medium security level, it is determined to be a Level 2 security policy. When the timestamp corresponds to long-term valid data and the message attribute is of a high security level, it is determined to be a Level 3 security policy.
[0132] Through the above process, preprocessed data consistent with that of the signing stage can be reconstructed during the verification stage. This process involves determining corresponding tiered security policies, providing a foundation for selecting verification paths based on different policies. This step ensures that the verification side maintains consistency with the signing side in terms of input data and policy selection, thereby improving the matching and reliability of the entire signing and verification process.
[0133] Specifically, in step S240, the corresponding verification terminal is selected according to the hierarchical security policy, and the corresponding public key is called based on the corresponding verification terminal to perform verification operations on the preprocessed data and the signature result to obtain the verification result. This includes: when the hierarchical security policy is at the first security level, calling the classic signature public key to perform verification operations on the preprocessed data and the signature result; when the hierarchical security policy is at the second security level, first signature data and second signature data are obtained by decomposing the signature result, and the first signature data and the second signature data are concatenated to generate intermediate data; the classic signature public key is called to perform verification operations on the preprocessed data and the first signature data, the classic signature public key is called to perform verification operations on the intermediate data and the second signature data, the post-quantum signature public key is called to perform verification operations on the preprocessed data and the first signature data, and the post-quantum signature public key is called to perform verification operations on the intermediate data and the second signature data; when the hierarchical security policy is at the third security level, the post-quantum signature public key is called to perform verification operations on the preprocessed data and the signature result.
[0134] In this embodiment of the invention, a corresponding signature verification path is established for the hierarchical security strategy with different security levels. Since different signature structures are used in the signing stage according to the security level, the signature verification stage needs to perform structural parsing on the signature result and verify it step by step according to the same logic to ensure the consistency of the signature chain.
[0135] When the tiered security policy is set to the first security level At this time, the signature result only contains classic signature data. In this case, the classic signature public key can be directly invoked. Preprocessed data Perform a signature verification operation on the signature result. Specifically, this can be represented as:
[0136]
[0137] If the signature verification result is successful, it means that the signature data is complete and the source is trustworthy; if the signature verification fails, the current signature data packet is directly determined to be illegal.
[0138] When the tiered security policy is set to the second security level In this case, the signature result is generated using a multi-layered nested structure, therefore it needs to be decomposed. Specifically, four components are extracted from the signature result: inner classic signature data... Inner layer post-quantum signature data Outer Classic Signature Data and outer layer post-quantum signature data Then, the inner signature data is concatenated to construct the intermediate data:
[0139]
[0140] After data reconstruction, signatures at different levels are verified. First, based on the classic signature public key... Preprocessed data With inner classic signature data Perform signature verification calculation:
[0141]
[0142] Meanwhile, based on post-quantum signature public keys Preprocessed data With inner layer post-quantum signature data Perform signature verification calculation:
[0143]
[0144] If the inner-layer signature verification passes, the outer-layer signature is further verified. Specifically, this is based on the classic signature public key. For intermediate data With outer classic signature data Perform signature verification calculation:
[0145]
[0146] Meanwhile, based on post-quantum signature public keys For intermediate data With outer layer post-quantum signature data Perform signature verification calculation:
[0147]
[0148] If all four signature verifications pass, the hybrid signature structure is deemed valid; if any verification fails, the signature result is deemed invalid.
[0149] When the tiered security policy is at security level three At this point, the signature result only contains the post-quantum signature data. Then, the post-quantum signature public key is invoked. Preprocessed data Perform a signature verification operation on the signature result:
[0150]
[0151] If the signature verification passes, it means that the data has not been tampered with and the signature source is trustworthy; otherwise, the signature verification is deemed to have failed.
[0152] After completing the above signature verification calculations, if all signature verification processes under the corresponding security policy pass, a successful signature verification result is output. If any signature verification fails, the signed data packet is directly determined to be invalid, and the subsequent processing flow is terminated.
[0153] Through the above steps, a differentiated signature verification mechanism is implemented for different security levels. In low-security scenarios, classical algorithms are used for rapid verification; in high-security scenarios, post-quantum algorithms are used to enhance resistance to quantum attacks. In intermediate-security scenarios, a multi-layered nested hybrid signature verification structure is used to establish a cross-verification relationship between classical and post-quantum algorithms, thereby ensuring both security and system performance.
[0154] like Figure 3 In a complete interaction process, the signing end and the verification end revolve around the same message to be signed. It performs the entire process from key negotiation and data construction to signing and verification.
[0155] At the start of the interaction, the signing and verification ends establish a shared quantum key through a quantum key distribution protocol. In this process, both parties transmit the initial key sequence through a quantum channel and perform error checking and consistency processing using a classical channel, ultimately obtaining a consistent shared key. This shared key does not directly participate in data transmission in subsequent processes, but rather serves as input for dynamic key generation in computation.
[0156] Meanwhile, after power-on, the signing device obtains the PUF response characteristics through a physically non-cloning function and extracts a stable derivative key seed from it. Subsequently, the signing end completes the initial configuration of the location and timing module, including setting the trusted geographical area range and time window, and registers the public key corresponding to the location and timing module to the verification end to form a trusted identifier.
[0157] After completing the above initialization, the signing terminal obtains the current location and timing information, including the timestamp. with geographic coordinates And splice them together to generate the raw positioning and timing data. Subsequently, a hash operation is performed on the original data, and a signature is generated using the private key inside the location and timing module, ultimately constructing the location and timing data. Based on this, Quantum key as well as The keys are concatenated and a dynamic root key is generated through hash operations. Furthermore, two independent key seeds are generated through the key derivation function, and classical signature key pairs and post-quantum signature key pairs are constructed respectively.
[0158] The signature end will display the message to be signed. With positioning and timing data The data is concatenated and a hash operation is performed to obtain the preprocessed data. Based on the attributes and timestamp information of the message to be signed, the corresponding tiered security policy is matched. For example, when the message is of medium security level, a level 2 security policy is selected. The signing end uses both classical and post-quantum signature keys respectively. Perform the signing process and generate the final signature result according to the nested structure. After that, , as well as Concatenate to form a complete signed data packet And send it to the signature verification terminal.
[0159] After receiving the signature data packet, the verification terminal first parses the data packet and extracts the message to be signed. Positioning and timing data and signature results Subsequently, regarding The data is disassembled to obtain the original location and timing data and its corresponding signature. A signature verification operation is then performed using the location and timing public key, simultaneously verifying whether the geographic coordinates are within a trusted area and whether the timestamp is within an allowed range. If this step fails, subsequent processing is terminated.
[0160] After the positioning and timing data verification is successful, the verification terminal performs the verification in the same manner as the signing terminal. and The data is concatenated and hashed to obtain preprocessed data. Then, based on the timestamp and message attributes, the corresponding hierarchical security policy is determined, and the appropriate signature verification path is selected according to this policy. For example, in a level two security policy... The signature result is then broken down and multiple rounds of verification are performed using both classical and post-quantum algorithms. The signature is considered valid only when all verification results pass.
[0161] After completing all verification steps, the verification terminal outputs the verification result. If all verification steps pass, the signature data is considered authentic, complete, and of reliable origin; if any step fails, the signature is deemed invalid and the data is rejected.
[0162] In another possible implementation, a policy synchronization channel is established between the signer and the verifier to correlate the hierarchical security policy with the external environment status. For example, in mobile terminal or vehicle-to-everything (V2X) scenarios, when the device detects that it is in a high-risk area or the network environment is abnormal, it automatically upgrades the security level of the message to be signed, dynamically switching the originally matched Level 1 or Level 2 security policy to Level 3. Simultaneously, on the verifier side, the policy selection result is independently verified by receiving environmental status identifiers or based on location and timing information to ensure consistency.
[0163] If the security policies determined by the signer and the verifier are inconsistent, the verification process is terminated directly, thus preventing the malicious exploitation of low-security policies. By introducing an environment-aware and dynamic policy adjustment mechanism, the signature strength depends not only on the data itself but also on the real-time scenario state. This improves the system's adaptability and overall security in complex application environments without altering the original key generation and signature structure.
[0164] In another possible implementation, when generating the root key raw data, not only the current location and timing raw data is used. Furthermore, the original positioning and timing data sequence from the previous cycle or multiple historical cycles is introduced, and it is concatenated or weighted with the current data in chronological order before participating in the hash operation to obtain the root key input data in an extended form.
[0165] Meanwhile, during the key derivation stage, a perturbation parameter is introduced into the dynamic root key. This perturbation parameter is generated by the local subsequence of the PUF response characteristics or the segmented recombination result of the quantum key, resulting in fine-grained differences in the key seeds generated by the same device in different periods.
[0166] During the signature verification phase, the historical periodic window is back-checked by locating and timing timestamps to ensure the consistency of perturbation inputs. In this way, without changing the original signature and verification process structure, the dynamic root key simultaneously depends on current spatiotemporal information and historical evolution characteristics, increasing the temporal complexity of the key generation process and thus improving the overall resistance to analysis.
[0167] like Figure 4One embodiment of the present invention provides a hybrid signature system based on quantum key distribution and PUF, the system comprising: a signature end and a verification end connected in communication; wherein the signature end and the verification end are combined to perform the above-described hybrid signature method based on quantum key distribution and PUF.
[0168] Those skilled in the art will understand that all or part of the steps in the methods of the above embodiments can be implemented by a program instructing related hardware. This program is stored in a storage medium and includes several instructions to cause a microcontroller, chip, or processor to execute all or part of the steps of the methods described in the various embodiments of the present invention. The aforementioned storage medium includes various media capable of storing program code, such as a USB flash drive, a portable hard drive, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk.
Claims
1. A hybrid signature method based on quantum key distribution and PUF, characterized in that, The method is executed based on the signature end, and the method includes: A quantum key is generated by negotiating with the signature verification end through a quantum key distribution protocol, and a derivative key seed is generated based on the physical non-cloning function. At the same time, the trusted area configuration and registration for location and timing are completed. Acquire positioning and timing information, and generate positioning and timing data including timestamps and geographic coordinates based on the positioning and timing information; A dynamic root key is generated based on the derived key seed, the quantum key, and the positioning and timing information, and a signature key pair is derived from the dynamic root key. The system preprocesses the message to be signed and the location and timing data, matches the hierarchical security policy according to the attributes of the message to be signed and the timestamp in the location and timing information, selects the corresponding signing terminal, and performs signing on the preprocessed data based on the signing key to generate a signed data packet, and sends the signed data packet to the verification terminal.
2. The hybrid signature method based on quantum key distribution and PUF according to claim 1, characterized in that, A quantum key is generated through negotiation with the signature verification end via a quantum key distribution protocol, and a derived key seed is generated based on the physical non-cloning function. Simultaneously, trusted area configuration and registration for location and timing are completed, including: A hierarchical security strategy is constructed based on the timeliness, security importance, and data lifecycle of the messages to be signed. The hierarchical security strategy is divided into multiple security levels, and each security level corresponds to a type of signature terminal. A shared quantum key is generated by performing key negotiation with the signature verification terminal through a quantum key distribution protocol, and the quantum key is then encrypted and stored. PUF response features are obtained based on the Physical Non-cloning Function (PNF), and stable derivative key seeds are extracted from the PUF response features. Configure parameters for the geographic location and time range of positioning and timing, and register the positioning and timing public key to form a trusted identifier.
3. The hybrid signature method based on quantum key distribution and PUF according to claim 1, characterized in that, Acquire positioning and timing information, and generate positioning and timing data including timestamps and geographic coordinates based on the positioning and timing information, including: The timestamp and geographic coordinates in the location and timing information are obtained, and the timestamp and geographic coordinates are concatenated according to a preset data format to generate the original location and timing data. Perform a hash operation on the original positioning and timing data to obtain the corresponding hash value; The hash value is signed using a preset signature algorithm to obtain location and timing signature data. The original positioning and timing data is concatenated with the positioning and timing signature data to generate positioning and timing data.
4. The hybrid signature method based on quantum key distribution and PUF according to claim 1, characterized in that, A dynamic root key is generated based on the derived key seed, the quantum key, and the positioning and timing information, and a signature key is derived from the dynamic root key, including: The derived key seed, the quantum key, and the positioning and timing information are concatenated to generate the root key raw data; Perform a hash operation on the original root key data to obtain the dynamic root key; Based on the dynamic root key, perform key derivation operations to generate a first key seed and a second key seed; Generate a classical signature key pair based on the first key seed, and generate a post-quantum signature key pair based on the second key seed; The classical signature key pair and the post-quantum signature key pair are used as signature keys.
5. The hybrid signature method based on quantum key distribution and PUF according to claim 1, characterized in that, The process involves preprocessing the message to be signed and the location and timing data, matching a hierarchical security policy based on the attributes of the message to be signed and the timestamp in the location and timing information, selecting the corresponding signing endpoint, and signing the preprocessed data based on the signing key to generate a signed data packet, including: The message to be signed is concatenated with the location and timing data to generate preprocessed raw data; Perform a hash operation on the preprocessed raw data to obtain preprocessed data; The corresponding hierarchical security policy is determined based on the attributes of the message to be signed and the timestamp in the location and timing information. Select the corresponding signature terminal according to the hierarchical security policy, and call the signature key to perform signature operation on the preprocessed data based on the corresponding signature terminal to obtain the signature result; The message to be signed, the location and timing data, and the signature result are concatenated to generate a signature data packet.
6. A hybrid signature method based on quantum key distribution and PUF, characterized in that, The method is executed based on the signature verification terminal, and the method includes: Obtain the signature data packet, and parse the message to be signed, location and timing data, and signature result from the signature data packet; The location and timing data is decomposed to obtain location and timing information and corresponding signature data. A hash value is generated based on the location and timing information. The location and timing public key is used to perform a signature verification operation on the hash value and the signature data, and the legality of the location and timing information is verified. The pending signature message and the location and timing data are preprocessed to obtain preprocessed data, and a hierarchical security policy is matched according to the timestamp in the location and timing information and the attributes of the pending signature message. Select the corresponding signature verification terminal according to the hierarchical security policy, and call the corresponding public key based on the corresponding signature verification terminal to perform signature verification operation on the preprocessed data and the signature result to obtain the signature verification result.
7. The hybrid signature method based on quantum key distribution and PUF according to claim 6, characterized in that, The location and timing data is decomposed to obtain location and timing information and corresponding signature data. A hash value is generated based on the location and timing information. A signature verification operation is performed on the hash value and the signature data using the location and timing public key. The legality of the location and timing information is verified, including: The positioning and timing data is decomposed to obtain the original positioning and timing data and the positioning and timing signature data; Perform a hash operation on the original positioning and timing data to generate a hash value; Perform a signature verification operation on the hash value and the location and timing signature data based on the location and timing public key; Under the condition that the signature verification operation is successful, the original location and timing data is parsed to obtain the timestamp and geographic coordinates; The geographic coordinates are compared with the configured trusted regions, and the timestamp is validated for legality.
8. The hybrid signature method based on quantum key distribution and PUF according to claim 6, characterized in that, The pending signature message and the location and timing data are preprocessed to obtain preprocessed data, and a hierarchical security policy is matched based on the timestamp in the location and timing information and the attributes of the pending signature message, including: The message to be signed is concatenated with the location and timing data to generate preprocessed raw data; Perform a hash operation on the preprocessed raw data to obtain preprocessed data; Obtain the timestamp from the location and timing information, and extract the attribute information corresponding to the message to be signed; Based on the timestamp and the attribute information, a correspondence is determined to establish a hierarchical security strategy.
9. The hybrid signature method based on quantum key distribution and PUF according to claim 6, characterized in that, According to the hierarchical security policy, a corresponding signature verification terminal is selected, and based on the corresponding signature verification terminal, the corresponding public key is invoked to perform signature verification operations on the preprocessed data and the signature result to obtain the signature verification result, including: When the hierarchical security policy is at the first security level, the classic signature public key is invoked to perform a signature verification operation on the preprocessed data and the signature result. When the hierarchical security strategy is at the second security level, the first signature data and the second signature data are obtained from the signature result. The first signature data and the second signature data are concatenated to generate intermediate data. The classical signature public key is called to perform a signature verification operation on the preprocessed data and the first signature data. The classical signature public key is called to perform a signature verification operation on the intermediate data and the second signature data. The post-quantum signature public key is called to perform a signature verification operation on the preprocessed data and the first signature data. The post-quantum signature public key is called to perform a signature verification operation on the intermediate data and the second signature data. When the hierarchical security strategy is at the third security level, the post-quantum signature public key is invoked to perform a signature verification operation on the preprocessed data and the signature result.
10. A hybrid signature system based on quantum key distribution and PUF, characterized in that, The system includes: The communication connection includes a signature end and a signature verification end; among which, The signing end is used to execute the hybrid signature method based on quantum key distribution and PUF as described in any one of claims 1-5; The signature verification end is used to execute the hybrid signature method based on quantum key distribution and PUF as described in any one of claims 6-9.