CN109039613A - A kind of quantum key distribution system and method - Google Patents
A kind of quantum key distribution system and method Download PDFInfo
- Publication number
- CN109039613A CN109039613A CN201811076306.XA CN201811076306A CN109039613A CN 109039613 A CN109039613 A CN 109039613A CN 201811076306 A CN201811076306 A CN 201811076306A CN 109039613 A CN109039613 A CN 109039613A
- Authority
- CN
- China
- Prior art keywords
- quantum key
- quantum
- electric terminal
- main website
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Power Engineering (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
This application discloses a kind of quantum key distribution systems, comprising: matches electric terminal, main website operation system, quantum key movable storage device and quantum key distribution network;Main website operation system is requested in response to the quantum key application with electric terminal, to quantum key distribution network application quantum key;Quantum key distribution network issues pairs of quantum key to the first quantum key download interface and the second quantum key download interface according to the application of main website operation system;Main website operation system obtains the quantum key of application from the first quantum key download interface;Quantum key corresponding with the quantum key of main website operation system application is obtained from the second quantum key download interface with electric terminal throughput sub-key movable storage device.The system can realize quantum key with electric terminal low cost, extensive, flexibly distribution by movable storage device.Disclosed herein as well is a kind of quantum key delivering methods.
Description
Technical field
This application involves field of communication technology more particularly to a kind of quantum key distribution system and methods.
Background technique
The both sides of point-to-point communication carry out encryption protection to data using quantum key, can effectively improve data transmission
Safety.Quantum key is symmetric key, there is certain difficulty in the specific application process, on the one hand, quantum key
Distribute at communication both ends, needs to dispose a quantum key generating device, quantum key generating device body respectively in communicating pair
The larger, higher cost of product, it is difficult to be used cooperatively with the terminal of small size, low cost;On the other hand, communication both ends quantum key is raw
Needed between forming apparatus (and must) be directly connected to by optical fiber, it is used for transmission the light quantum of carrying key information.
Quantum key is applied to adapted electrical domain, can be improved adapted electric industry business information transmission security protective capacities.But
It is to have the characteristics that quantity is big, distribution is wide, deployed environment is complicated with electric terminal, although quantum key can be adapted electric industry
Information of being engaged in transmission provides safer means of defence, but is equipped with a quantum key generation with electric terminal for each and sets
It is standby and lay optical fiber, it is all unpractical from the point of view of cost, volume etc. requirement.
Therefore it provides a kind of quantum key delivering method applied to adapted electrical domain becomes a technology urgently to be resolved
Problem.
Summary of the invention
In view of this, this method utilizes the mobile storage of quantum key this application provides a kind of quantum key delivering method
Equipment carries out key distribution, expands quantum key distribution range, also, a quantum key movable storage device can be more
It is a to distribute key with electric terminal, key distribution cost is reduced, realizes quantum key with electric terminal low cost, big rule
Mould, flexibly distribution.Based on this, present invention also provides a kind of quantum key distribution systems.
The application first aspect provides a kind of quantum key distribution system, the system comprises: match electric terminal, main website
Operation system, quantum key movable storage device and quantum key distribution network;
The quantum key distribution network includes the first quantum key download interface and the second quantum key download interface;
The main website operation system, for being requested in response to the quantum key application with electric terminal, to the amount
Quantum key distribution network application quantum key;
The quantum key distribution network, it is close to first quantum for the application according to the main website operation system
Key download interface and the second quantum key download interface issue pairs of quantum key;
The main website operation system is also used to obtain the quantum key of application from the first quantum key download interface;
The quantum key movable storage device, for being obtained and the main website from the second quantum key download interface
The corresponding quantum key of the quantum key of operation system application;
It is described to match electric terminal, for being obtained and main website operation system Shen from the quantum key movable storage device
The corresponding quantum key of quantum key please.
Optionally, the system also includes quantum key management equipment, the key management apparatus and the second quantum keys
Download interface connection, and connect with the quantum key movable storage device, it is to be distributed to electricity consumption for storage and management
The quantum key of network.
Optionally, the quantum key management equipment connects a quantum key movable storage device, if multiple
Described to match electric terminal dispensed amount sub-key, then the quantum key movable storage device is separately connected institute by way of plug
It states with electric terminal.
Optionally, the output of the quantum key movable storage device is unidirectional and single.
Optionally, the quantum key movable storage device, it is described match electric terminal, main website operation system and the amount
The the first quantum key download interface and the second quantum key download interface of quantum key distribution network are equipped with certificate, for docking
Enter equipment validity to be verified.
Optionally, the system also includes data communication networks;
The business main station system and it is described with electric terminal by the data communication network and the quantum key into
Row communication.
Optionally, the business main station system and the electric terminal of matching add business datum using the quantum key
It is close, encryption data is transmitted by the communication channel of the data communication network.
Optionally, the business main station system and the electric terminal of matching utilize the quantum key to the data communication
The communication channel of net is encrypted, and quantum secure channel is obtained, and the quantum secure channel is used for transmission business datum.
The application first aspect provides a kind of quantum key delivering method, applied to amount described in the application first aspect
Quantum key distribution system, which comprises
Receive quantum key corresponding with the quantum key of main website operation system application;
The quantum key corresponding with the quantum key of main website operation system application is sent with electric terminal to described;
Wherein, the quantum key corresponding with the quantum key of main website operation system application is that main website operation system is rung
Quantum key application described in Ying Yu with electric terminal is requested, described to the quantum key distribution network application quantum key
Quantum key distribution network is issued by the second quantum key download interface, and the quantum key distribution network also passes through first
Quantum key download interface issues quantum key to the main website operation system, to realize the main website operation system and described match
The quantum key of electric terminal is shared.
Optionally, the method also includes:
Legitimate verification is carried out to access device.
Optionally, the quantum key distribution system further include: quantum key management equipment;
Then receiving quantum key corresponding with the quantum key of main website operation system application includes:
Amount corresponding with the quantum key of main website operation system application is received from the second quantum key download interface
Sub-key.
As can be seen from the above technical solutions, the embodiment of the present application has the advantage that
The embodiment of the present application provides a kind of quantum key delivering method, and this method provides a kind of quantum key distribution systems
System realizes quantum key distribution, even if adapted by copying key using the movable storage device in quantum key distribution system
Electric terminals can also realize key distribution by the movable storage device, expand quantum key not in key distribution network
Distribute range, also, a quantum key movable storage device can distribute key with electric terminal to be multiple, reduce key
Distribute cost, realizes quantum key with electric terminal low cost, extensive, flexibly distribution.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of application without any creative labor, may be used also for those of ordinary skill in the art
To obtain other drawings based on these drawings.
Fig. 1 is a kind of structural schematic diagram of quantum key distribution system provided by the embodiments of the present application;
Fig. 2 is a kind of functional block diagram with electric terminal provided by the embodiments of the present application;
Fig. 3 is a kind of functional block diagram of main website operation system provided by the embodiments of the present application;
Fig. 4 is a kind of structural schematic diagram of quantum key distribution system provided by the embodiments of the present application;
Fig. 5 is a kind of functional block diagram of quantum key movable storage device provided by the embodiments of the present application;
Fig. 6 is a kind of functional block diagram of quantum key management equipment provided by the embodiments of the present application;
Fig. 7 is a kind of main website operation system provided by the embodiments of the present application and the connection relationship diagram for matching electric terminal;
Fig. 8 is a kind of main website operation system provided by the embodiments of the present application and the connection relationship diagram for matching electric terminal;
Fig. 9 is a kind of flow chart of quantum key delivering method provided by the embodiments of the present application.
Specific embodiment
In order to make those skilled in the art more fully understand application scheme, below in conjunction in the embodiment of the present application
Attached drawing, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described embodiment is only this
Apply for a part of the embodiment, instead of all the embodiments.Based on the embodiment in the application, those of ordinary skill in the art exist
Every other embodiment obtained under the premise of creative work is not made, shall fall in the protection scope of this application.
The description and claims of this application and term " first ", " second ", " third ", " in above-mentioned attached drawing
The (if present)s such as four " are to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should manage
The data that solution uses in this way are interchangeable under appropriate circumstances, so that embodiments herein described herein for example can be to remove
Sequence other than those of illustrating or describe herein is implemented.In addition, term " includes " and " having " and theirs is any
Deformation, it is intended that cover it is non-exclusive include, for example, containing the process, method of a series of steps or units, system, production
Product or equipment those of are not necessarily limited to be clearly listed step or unit, but may include be not clearly listed or for this
A little process, methods, the other step or units of product or equipment inherently.
For big with electric terminal quantity, distribution is wide, deployed environment is complicated, an amount is equipped with electric terminal for each
Sub-key generating device simultaneously lays optical fiber, then distributes higher cost and inflexible technical problem, this application provides one kind
Quantum key distribution system, include in the system with electric terminal, main website operation system, quantum key movable storage device and
Quantum key distribution network, it is close by copying quantum from quantum key distribution network using quantum key movable storage device
The quantum key distribution of the copy is given and matches electric terminal by key, also, quantum key is sent to master by quantum key distribution network
It stands operation system, to realize, main website operation system is shared with the quantum key with electric terminal, and the two can be total according to this
The quantum key enjoyed is communicated, and ensures the safety of data transmission.
By copying key using the movable storage device in quantum key distribution system, quantum key distribution is realized, i.e.,
Make with electric terminal not in key distribution network, key distribution, the amount of expanding can also be realized by the movable storage device
Quantum key distribution range, also, a quantum key movable storage device can distribute key with electric terminal to be multiple, reduce
Key distributes cost, realizes quantum key with electric terminal low cost, extensive, flexibly distribution.
Next, quantum key distribution system provided by the embodiments of the present application is introduced in conjunction with attached drawing.
Fig. 1 is a kind of structural schematic diagram of quantum key distribution system provided by the embodiments of the present application, and referring to Fig. 1, this is
System 100 includes matching electric terminal 10, main website operation system 20, quantum key movable storage device 30 and quantum key distribution net
Network 40;
The quantum key distribution network 40 includes that the first quantum key download interface 41 and the downloading of the second quantum key connect
Mouth 42;
The main website operation system 20, for being requested in response to the quantum key application with electric terminal 10, to institute
It states quantum key distribution network 40 and applies for quantum key;
The quantum key distribution network 40, for the application according to the main website operation system, to first quantum
Key download interface 41 and the second quantum key download interface 42 issue pairs of quantum key;
The main website operation system 20, the quantum for being also used to obtain application from the first quantum key download interface 41 are close
Key;
The quantum key movable storage device 30, for from the second quantum key download interface 42 obtain with it is described
The corresponding quantum key of quantum key that main website operation system 20 is applied;
It is described to match electric terminal 10, for being obtained and main website business system from the quantum key movable storage device 30
The corresponding quantum key of quantum key of 20 application of system.
It wherein, include distribution terminal and/or electric terminal with electric terminal.Distribution terminal refers to the end in distribution system
End, is mounted to the various remote monitorings at power distribution network scene, the general name of control unit.Distribution terminal is specifically as follows panel switches
Monitor terminal, also referred to as feeder terminal unit (Feeder Terminal Unit, FTU), distribution transformer monitoring terminal
(distribution Transformer supervisory Terminal Unit, TTU), switchyard and/or public and use
The monitor terminal of family distribution substation.Electric terminal refers to the terminal in electricity system, is mounted to the electrical equipment with power grid scene,
Including industrial electricity apparatus and civilian electrical equipment etc..
In order to make it easy to understand, referring to Fig. 2, adapted present invention also provides a kind of functional block diagram with electric terminal
It include four module in electric terminals 10, for realizing reading, storage, use, the correlation function for managing quantum key, specifically such as
Under:
Quantum key interface module 11: interacting with quantum key movable storage device 30, complete instruction interaction and
Key obtains function;
Communication interface modules 12: for carrying out communication channel foundation and data transmit-receive with main website operation system;
Encryption and decryption processing module 13: being based on quantum key and traditional secrete key, carries out encryption and decryption operation to data;
Service Processing Module 14: adapted electric industry business relevant treatment, inter-device authentication and quantum key management function are completed.
For with electric terminal 10, above-mentioned module can be a submodule with electric terminal 10, be also possible to
Relatively independent equipment.
In some possible implementations, quantum key distribution system further includes data communication network, the business main website
System 20 and the electric terminal 10 of matching are communicated by the data communication network and the quantum key.
It should be noted that business main station system 20 and being communicated with electric terminal 10 using quantum key, transmit
When instruction or data, encryption and decryption can will be carried out to the instruction of transmission or data using quantum key, realize business main station system
20 and the secure communication with electric terminal 10.Specifically, business main station system 20 and the electric terminal 10 of matching utilize the amount
Sub-key encrypts business datum, and encryption data is transmitted by the communication channel of the data communication network;It is corresponding
Receiving end encryption data is decrypted by shared quantum key, so realize business main station system 20 and the adapted
The secure communication of electric terminals 10.
Business main station system 20 and with electric terminal 10 using quantum key communicate when, also can use quantum key pair
The communication channel of data communication network is encrypted, and quantum secure channel is obtained, then business main station system 20 and match electric terminal
10 transmit data using quantum cryptochannel, to realize secure communication between the two.
In the above-described embodiments, main website operation system 20 is communicated with electric terminal 10 by data communication network, complete
Instruction is sent at adapted electricity service convergence, storage, processing, and to electric terminal.In order to make it easy to understand, the embodiment of the present application is also
A kind of functional block diagram of main website operation system is provided, Fig. 3 is referred to, main website operation system 20 includes four big functional modules,
For realizing include read, storage, use (i.e. encryption and decryption processing), manage quantum key correlation function, it is specific as follows:
Quantum key interface module 21: interacting with the first quantum key download interface 41, completes instruction and information is handed over
Mutually, quantum key receive capabilities;
Communication interface modules 22: for carrying out communication channel foundation and data transmit-receive with electric terminal 10;
Encryption and decryption processing module 23: being based on quantum key and traditional secrete key, carries out encryption and decryption operation to data;
Service Processing Module 24: completing system adapted electricity business processing, matches electric terminal management, and close to the first quantum
Key download interface 41 carries out legitimacy certification, quantum key management.
In some possible implementations, quantum key distribution system further includes quantum key management equipment 50, specifically
Fig. 4 is referred to, Fig. 4 is a structural schematic diagram of quantum key distribution system provided by the embodiments of the present application.In the embodiment
In, the main website operation system 20 is communicated with electric terminal 10 by data communication network 60 with described, the key management apparatus
50 connect with the second quantum key download interface 42, and connect with the quantum key movable storage device 30, for storing
It is to be distributed to the quantum key for matching power utilization network with managing.Wherein, the network formed with electric terminal 10 is referred to power utilization network.
Quantum key movable storage device 30 is for realizing quantum key from 40 edge of quantum key distribution network to adapted
The distribution of each terminal device of electric network.In order to make it easy to understand, the embodiment of the present application also provides a kind of mobile storages of quantum key
The functional block diagram of equipment, refers to Fig. 5, and quantum key movable storage device 30 is mainly close including reading, exporting, store quantum
The related function module of key, specific as follows:
Quantum key interface module 31: for quantum key management equipment 50, and interact with electric terminal 10,
Realize the reading and output of quantum key;
Quantum key processing and memory module 32: for managing and storing quantum key, inter-device authentication is completed.
Inter-device authentication includes the certification with the certification for matching electric terminal 10 and with quantum key management equipment 50.
In some possible implementations, the output of the quantum key movable storage device is unidirectional and single.?
That is, quantum key by with electric terminal 10 read it is primary after, will in quantum key movable storage device 30 auto-destruct, can not
Carry out secondary reading;When quantum key movable storage device 30 with electric terminal 10 with connecting, the mobile storage of quantum key is set
Standby interface is read-only interface, can not carry out write operation, the quantum key read is prevented reversely to be written.In this way, even if quantum
Key movable storage device 30 is lost accidentally, since the quantum key remained in the quantum key movable storage device 30 is not yet defeated
It is arrived out with electric terminal 10, even if key is illegally accessed, the communication security that will not be engaged in adapted electric industry is impacted.
The embodiment of the present application also provides a kind of functional block diagrams of quantum key management equipment, Fig. 6 are referred to, for collecting
Middle storage, management will be distributed to the quantum key in power utilization network, and main includes reading, output, storage quantum key
Related function module, specific as follows:
First quantum key interface module 51: logical with the second quantum key download interface 42 of quantum key distribution network 40
Letter realizes that quantum key is read;
Second quantum key interface module 52: communicating with quantum key movable storage device 30, completes inter-device authentication, with
And quantum key output;
Quantum key storage and management module 53: inter-device authentication, management and storage quantum key are completed.
Wherein, the inter-device authentication that quantum key storage and management module 53 are realized includes connecing with the downloading of the second quantum key
The certification of mouth 42, and the certification with quantum key movable storage device 30.
It further, can also be in each equipment of key distribution system in order to ensure the reliability of key distribution procedure
Middle installation certificate is verified by legitimacy of the certificate to access device.Specifically, the mobile storage of the quantum key is set
Standby 30, under first quantum key with electric terminal 10, main website operation system 20 and the quantum key distribution network
It carries interface 41 and the second quantum key download interface 42 is equipped with certificate, for being verified to access equipment validity.Access
Equipment can be understood as the equipment connecting with current device.For example, quantum key movable storage device 30 with match electric terminal 10
After connection, quantum key movable storage device 30 is verified by preassembled certificate to 10 legitimacy of electric terminal,
It is verified with electric terminal 10 by legitimacy of the preassembled certificate to quantum key movable storage device 30.
In this embodiment, quantum key management equipment 50 is being affixed one's name to 10 side of electric terminal, and not in business system of main website
Unite 20 sides administration quantum key management equipment 50, reason is: main website operation system 20 and the first quantum key download interface 41
Connection relationship fix, be one-to-one relationship, and will not change in whole system life cycle management;And matching electricity consumption
10 side of terminal, it is understood that there may be multiple quantum key movable storage devices 30, there are the old equipment of quantum key movable storage device 30
It exits, situations such as new equipment is added, i.e., the second quantum key download interface 42 can be one with quantum key movable storage device
To more relationships, these quantum key movable storage devices 30 can obtain quantum key from quantum key management equipment 50,
And the same quantum key movable storage device 30 may read key from different quantum key management equipments 50, be
Unified management quantum key, quantum key movable storage device, therefore quantum key pipe is being increased with electric terminal 10 side
Manage equipment 50.From the point of view of facility network tube layer face, quantum key management equipment 50 is able to record, it is close to manage the quantum interacted
Key movable storage device 30 uniformly carries out equipment pipe network convenient for electric power relevant departments.
Certainly, as the extension of above-described embodiment, quantum key management can also also be configured in 20 side of main website operation system
Equipment 50 carries out storage and management to the quantum key for being distributed to business main station system 20.
In some possible implementations, it is mobile that the quantum key management equipment 50 connects the quantum key
Equipment 30 is stored, distributes quantum key if multiple electric terminals 10 of matching, then it is logical to set 30 for the mobile storage of the quantum key
Cross plug mode be separately connected it is described with electric terminal 10.Specifically, quantum key movable storage device 30 is matched with some
After electric terminal 10 completes quantum key interaction, quantum key movable storage device 30 will be extracted from electric terminal 10, so
Quantum key distribution is carried out with electric terminal 10 to subsequent afterwards, rather than keeps connecting with electric terminal 10 with a certain always.
If it is each with the one quantum key movable storage device 30 of corresponding outfit of electric terminal 10, it is assumed that have N number of
Quantum key movable storage device, then needing to do the operation of n times plug, if it is one at quantum key management equipment 50
A quantum key movable storage device, then need to only do the operation once plugged.When N is very big, such as there are up to ten thousand to match electricity consumption end
End 10, the workload for configuring a quantum key movable storage device execution aforesaid operations are much smaller than as each with electric terminal
The case where being equipped with a quantum key movable storage device.
It is appreciated that with electric terminal 10, there may be quantum key deficiencies, or the quantum key of storage is more than validity period
Situations such as or other reasons lead to main website operation system 20 or need to share quantum key again with electric terminal 10, in this way,
Quantum key can also be initiated with electric terminal 10 or main website operation system and updates request, to share quantum key again.
After realizing that quantum key is shared with electric terminal 10 and main website operation system 20, there are two types of realize coded communication
Mode, according to specific implementation difference, relationship and function between modules can form different forms.
Fig. 7 is that main website operation system provided by the embodiments of the present application is illustrated with electric terminal functional module connection relationship
Figure, as shown in fig. 7, quantum key interface 21,11 respectively by interface 1001,1006 from the first quantum key download interface 41,
Quantum key movable storage device 30 obtains quantum key.
For the Service Processing Module 24 of main website operation system 20, three zones are contained, first is that adapted electricity business datum
Processing is interacted by internal interface 1003,1004 with communication interface 22, encryption and decryption processing module 23, finishing service data add
Decryption and data communication;Second is that quantum key is handled, that is, pass through internal interface 1002,1004 and quantum key interface 21 plus solution
The close interaction of processing module 23, completes the application, management and storage to quantum key;Third is that equipment authenticates, that is, pass through internal interface
1002 and external interface 1001 complete to the inter-device authentication of the first quantum key download interface 41.
Similarly, for the Service Processing Module 14 with electric terminal 10, three zones are contained, the number first is that adapted electric industry is engaged in
According to processing, i.e., interacted by internal interface 1008,1009 with communication interface 12, encryption and decryption processing module 13, finishing service data
Encryption and decryption and data communication;Second is that quantum key is handled, that is, passes through internal interface 1007,1009 and quantum key interface 11, adds
The interaction of decryption processing module 13, completes the application, management and storage to quantum key;Third is that equipment authenticates, i.e., connect by inside
Mouth 1007 and external interface 1006 complete the inter-device authentication to quantum key movable storage device 30.
In addition, communication interface 22 and 12 realizes main website operation system 20 and with the number between electric terminal 10 by 1005
According to, instruction etc. interaction.
The embodiment of the present application also provides main website operation systems and another reality for matching electric terminal functional module connection relationship
Existing mode, refers to Fig. 8, other modules and inside/outside interface are based on Service Processing Module 24,14, derive from as Fig. 7
Service Processing Module 241,141 and Co-processor Module 242,142, meanwhile, increase above-mentioned Service Processing Module and association's processing mould
Communication channel 1103,1107 between block.The Co-processor Module 242 derived from, the processing of completion quantum key (including quantum is close
Key application, reading, storage, management and data encrypting and deciphering), inter-device authentication processing etc. functions, Service Processing Module 241,
141 functions are consistent with electricity consumption main website and terminal with (the unused Quantum Secure Communication) of existing deployment, only for business
The data of level are converged, are handled, or receive/under send instructions.
It is that integrated level is relatively high the advantages of implementation shown in Fig. 7, quantum can be directly carried out to business datum and add solution
Close processing reduces equipment total volume and cost.And in implementation shown in Fig. 8, it can be to deployed in power utilization network
But the storage terminal for not having quantum secret communication function provides the short-cut method of a upgrading, that is, retains existing match
Electricity consumption service terminal is constant (i.e. 241 and 141 be the existing Service Processing Module of existing equipment), passes through additional a whole set of self-contained unit
1104,1108 come realize quantum key encrypt.After data complete respective handling in existing equipment processing module 141, by setting
Standby original output interface is output to progress quantum cryptography relevant operation in 1108, then is transferred to opposite end 1104 by 1005, into
The corresponding decryption oprerations of row, then be output in the processing module 241 of existing equipment, it forms a complete Quantum Teleportation channel and adds
Decrypting process.It is initiated by 241, vice versa for 141 received processes.1104,1108 be can individual a set of equipment.
Implementation shown in Fig. 8 can be regarded as the quantum cryptography protection to transmission channel, i.e., in original communication network
Both ends increase quantum secret communication equipment into original main website operation system 20/ with before electric terminal 10;It is real shown in Fig. 7
Existing mode can be regarded as the direct quantum cryptography protection to business datum.Specifically, for implementation shown in Fig. 7, lead to
Service Processing Module 24,14 is crossed, can establish the communication channel between main website and terminal, is directly to carry out plus solve to business datum
It is close;For implementation shown in Fig. 8, new (quantum secure) communication channel is established by association's processing 242,142, and
It is the quantum secure channel set up using 242,142 at this for the channel that the equipment 241,141 of original deployment is set up
The shell for additionally having added a quantum secure on original channel can be set although improving system complexity having deployment
Simple upgrade is carried out by way of add-on device on standby.
From the foregoing, it will be observed that the embodiment of the present application provides a kind of quantum key distribution system, it include whole with electricity consumption in the system
End, main website operation system, quantum key movable storage device and quantum key distribution network, by mobile using quantum key
Storage equipment copies quantum key from quantum key distribution network, and the quantum key distribution of the copy is given and matches electric terminal,
Also, quantum key is sent to main website operation system by quantum key distribution network, to realize main website operation system and match
The quantum key of electric terminal is shared, and the two can be communicated according to the shared quantum key, ensures the peace of data transmission
Quan Xing.
Key is copied using the movable storage device in quantum key distribution system, quantum key distribution is realized, even if matching
Electric terminal can also realize key distribution by the movable storage device, it is close to expand quantum not in key distribution network
Key distributes range, also, a quantum key movable storage device can distribute key with electric terminal to be multiple, reduce close
Key distributes cost, realizes quantum key with electric terminal low cost, extensive, flexibly distribution.
The above are a kind of specific implementations of quantum key distribution system provided by the embodiments of the present application, are based on the quantum
Key distribution system, present invention also provides a kind of quantum key delivering methods, below in conjunction with attached drawing, to the embodiment of the present application
The quantum key delivering method of offer is introduced.
Fig. 8 is the flow chart of quantum key delivering method provided by the embodiments of the present application, and this method is applied to above-mentioned implementation
The quantum key distribution system that example provides, referring to Fig. 8, this method comprises:
S901: quantum key corresponding with the quantum key of main website operation system application is received.
Wherein, the quantum key corresponding with the quantum key of main website operation system application is that main website operation system is rung
Quantum key application described in Ying Yu with electric terminal is requested, described to the quantum key distribution network application quantum key
Quantum key distribution network is issued by the second quantum key download interface, and the quantum key distribution network also passes through first
Quantum key download interface issues quantum key to the main website operation system, to realize the main website operation system and described match
The quantum key of electric terminal is shared.
In specific implementation, quantum key movable storage device receives opposite with the quantum key of main website operation system application
The quantum key answered, to be distributed to the quantum key by copy mode with electric terminal, so that matching electric terminal and master
Operation system of standing is communicated using shared quantum key.
S902: the quantum corresponding with the quantum key of main website operation system application is sent with electric terminal to described
Key.
Quantum key movable storage device sends the quantum key with the application of main website operation system to electric terminal
Corresponding quantum key realizes quantum key distribution.In specific implementation, quantum key movable storage device can pass through
The modes such as USB interface are to electric terminal quantum key.
In some possible implementations, quantum key movable storage device carries out legitimate verification to access device.
For example, quantum key shifting can also be carried out when quantum key movable storage device is connect with the second quantum key download interface
The legitimate verification of dynamic storage equipment and the second quantum key download interface.In another example when quantum key movable storage device with
When with electric terminal connection, quantum key movable storage device can also be carried out and match the legitimate verification of electric terminal.
It is understood that quantum key distribution system can also include quantum key management equipment;Then quantum key moves
Dynamic storage equipment receive quantum key corresponding with the quantum key of main website operation system application be specifically as follows it is close from quantum
Key management equipment receives quantum key corresponding with the quantum key of main website operation system application.Before reception, quantum is close
Key movable storage device can also carry out legitimate verification between quantum key management equipment.
From the foregoing, it will be observed that the embodiment of the present application provides a kind of quantum key delivering method, this method is based on the above embodiment
In quantum key distribution system realize quantum key distribution, specifically, pass through and utilize the movement in quantum key distribution system
It stores equipment and copies key, realize quantum key distribution, even if with electric terminal not in key distribution network, it can also be by
The movable storage device realizes key distribution, expands quantum key distribution range, also, the mobile storage of a quantum key is set
It is standby to distribute key with electric terminal to be multiple, key distribution cost is reduced, realizes quantum key with electric terminal
Low cost, extensive, flexibly distribution.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description,
The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
In several embodiments provided herein, it should be understood that disclosed device and method can pass through it
Its mode is realized.For example, the apparatus embodiments described above are merely exemplary, for example, the division of the unit, only
Only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components can be tied
Another system is closed or is desirably integrated into, or some features can be ignored or not executed.Another point, it is shown or discussed
Mutual coupling, direct-coupling or communication connection can be through some interfaces, the INDIRECT COUPLING or logical of device or unit
Letter connection can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme
's.
It should be appreciated that in this application, " at least one (item) " refers to one or more, and " multiple " refer to two or two
More than a."and/or" indicates may exist three kinds of relationships, for example, " A and/or B " for describing the incidence relation of affiliated partner
It can indicate: only exist A, only exist B and exist simultaneously tri- kinds of situations of A and B, wherein A, B can be odd number or plural number.Word
Symbol "/" typicallys represent the relationship that forward-backward correlation object is a kind of "or"." at least one of following (a) " or its similar expression, refers to
Any combination in these, any combination including individual event (a) or complex item (a).At least one of for example, in a, b or c
(a) can indicate: a, b, c, " a and b ", " a and c ", " b and c ", or " a and b and c ", and wherein a, b, c can be individually, can also
To be multiple.
The above, above embodiments are only to illustrate the technical solution of the application, rather than its limitations;Although referring to before
Embodiment is stated the application is described in detail, those skilled in the art should understand that: it still can be to preceding
Technical solution documented by each embodiment is stated to modify or equivalent replacement of some of the technical features;And these
It modifies or replaces, the spirit and scope of each embodiment technical solution of the application that it does not separate the essence of the corresponding technical solution.
Claims (10)
1. a kind of quantum key distribution system, which is characterized in that the system comprises: with electric terminal, main website operation system, amount
Sub-key movable storage device and quantum key distribution network;
The quantum key distribution network includes the first quantum key download interface and the second quantum key download interface;
The main website operation system, it is close to the quantum for being requested in response to the quantum key application with electric terminal
Key distribution network application quantum key;
The quantum key distribution network, for the application according to the main website operation system, under first quantum key
It carries interface and the second quantum key download interface issues pairs of quantum key;
The main website operation system is also used to obtain the quantum key of application from the first quantum key download interface;
The quantum key movable storage device, for being obtained and the main website business from the second quantum key download interface
The corresponding quantum key of the quantum key of system application;
It is described to match electric terminal, for being obtained and the main website operation system application from the quantum key movable storage device
The corresponding quantum key of quantum key.
2. system according to claim 1, which is characterized in that described the system also includes quantum key management equipment
Key management apparatus is connect with the second quantum key download interface, and is connect with the quantum key movable storage device, is used
It is to be distributed to the quantum key for matching power utilization network in storage and management.
3. system according to claim 2, which is characterized in that the quantum key management equipment connects a quantum
Key movable storage device, if it is multiple it is described match electric terminal dispensed amount sub-key, then the mobile storage of the quantum key is set
It is described with electric terminal for being separately connected by way of plug.
4. system according to claim 1, which is characterized in that the output of the quantum key movable storage device is unidirectional
And single.
5. system according to claim 1, which is characterized in that the quantum key movable storage device, it is described match electricity consumption
The the first quantum key download interface and the second quantum key of terminal, main website operation system and the quantum key distribution network
Download interface is equipped with certificate, for verifying to access equipment validity.
6. system according to claim 1, which is characterized in that the system also includes data communication networks;
The business main station system and the electric terminal of matching are led to by the data communication network and the quantum key
Letter.
7. system according to claim 6, which is characterized in that the business main station system and the electric terminal of matching utilize
The quantum key encrypts business datum, and encryption data is transmitted by the communication channel of the data communication network.
8. system according to claim 6, which is characterized in that the business main station system and the electric terminal of matching utilize
The quantum key encrypts the communication channel of the data communication network, obtains quantum secure channel, the quantum secure
Channel is used for transmission business datum.
9. a kind of quantum key delivering method, which is characterized in that applied to the quantum as described in claim 1 to 8 any one
Key distribution system, which comprises
Receive quantum key corresponding with the quantum key of main website operation system application;
The quantum key corresponding with the quantum key of main website operation system application is sent with electric terminal to described;
Wherein, the quantum key corresponding with the quantum key of main website operation system application be main website operation system in response to
The quantum key application request with electric terminal, to the quantum key distribution network application quantum key, the quantum
Key distribution network is issued by the second quantum key download interface, and the quantum key distribution network also passes through the first quantum
Key download interface issues quantum key to the main website operation system, to realize the main website operation system and described with electricity consumption
The quantum key of terminal is shared.
10. according to the method described in claim 9, it is characterized in that, the method also includes:
Legitimate verification is carried out to access device.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811076306.XA CN109039613A (en) | 2018-09-14 | 2018-09-14 | A kind of quantum key distribution system and method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811076306.XA CN109039613A (en) | 2018-09-14 | 2018-09-14 | A kind of quantum key distribution system and method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109039613A true CN109039613A (en) | 2018-12-18 |
Family
ID=64622379
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811076306.XA Pending CN109039613A (en) | 2018-09-14 | 2018-09-14 | A kind of quantum key distribution system and method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109039613A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109714166A (en) * | 2019-03-07 | 2019-05-03 | 山东鲁能软件技术有限公司 | A kind of mobile distribution method, system, terminal and storage medium based on quantum key |
CN110808834A (en) * | 2019-11-15 | 2020-02-18 | 中国联合网络通信集团有限公司 | Quantum key distribution method and quantum key distribution system |
CN112737781A (en) * | 2021-03-29 | 2021-04-30 | 南京易科腾信息技术有限公司 | Quantum key management service method, system and storage medium |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102196425A (en) * | 2011-07-01 | 2011-09-21 | 安徽量子通信技术有限公司 | Quantum-key-distribution-network-based mobile encryption system and communication method thereof |
CN102983965A (en) * | 2012-10-18 | 2013-03-20 | 中国电力科学研究院 | Transformer substation quantum communication model, quantum secret key distribution center and model achieving method |
CN106941403A (en) * | 2017-04-17 | 2017-07-11 | 江苏亨通问天量子信息研究院有限公司 | Secrecy GSM and method based on quantum key |
CN106972922A (en) * | 2013-06-08 | 2017-07-21 | 科大国盾量子技术股份有限公司 | A kind of mobile secret communication method based on quantum key distribution network |
CN107453868A (en) * | 2017-09-01 | 2017-12-08 | 中国电子科技集团公司第三十研究所 | A kind of safe and efficient quantum key method of servicing |
CN206865469U (en) * | 2017-04-17 | 2018-01-09 | 江苏亨通问天量子信息研究院有限公司 | Secrecy GSM based on quantum key |
CN107682155A (en) * | 2017-11-15 | 2018-02-09 | 浙江神州量子通信技术有限公司 | The application system of quantum key in power distribution terminal communication access net |
CN207339873U (en) * | 2017-11-15 | 2018-05-08 | 浙江神州量子通信技术有限公司 | The application system of quantum key in power distribution terminal communication access net |
-
2018
- 2018-09-14 CN CN201811076306.XA patent/CN109039613A/en active Pending
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102196425A (en) * | 2011-07-01 | 2011-09-21 | 安徽量子通信技术有限公司 | Quantum-key-distribution-network-based mobile encryption system and communication method thereof |
CN102983965A (en) * | 2012-10-18 | 2013-03-20 | 中国电力科学研究院 | Transformer substation quantum communication model, quantum secret key distribution center and model achieving method |
CN106972922A (en) * | 2013-06-08 | 2017-07-21 | 科大国盾量子技术股份有限公司 | A kind of mobile secret communication method based on quantum key distribution network |
CN106941403A (en) * | 2017-04-17 | 2017-07-11 | 江苏亨通问天量子信息研究院有限公司 | Secrecy GSM and method based on quantum key |
CN206865469U (en) * | 2017-04-17 | 2018-01-09 | 江苏亨通问天量子信息研究院有限公司 | Secrecy GSM based on quantum key |
CN107453868A (en) * | 2017-09-01 | 2017-12-08 | 中国电子科技集团公司第三十研究所 | A kind of safe and efficient quantum key method of servicing |
CN107682155A (en) * | 2017-11-15 | 2018-02-09 | 浙江神州量子通信技术有限公司 | The application system of quantum key in power distribution terminal communication access net |
CN207339873U (en) * | 2017-11-15 | 2018-05-08 | 浙江神州量子通信技术有限公司 | The application system of quantum key in power distribution terminal communication access net |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109714166A (en) * | 2019-03-07 | 2019-05-03 | 山东鲁能软件技术有限公司 | A kind of mobile distribution method, system, terminal and storage medium based on quantum key |
CN110808834A (en) * | 2019-11-15 | 2020-02-18 | 中国联合网络通信集团有限公司 | Quantum key distribution method and quantum key distribution system |
CN110808834B (en) * | 2019-11-15 | 2022-05-27 | 中国联合网络通信集团有限公司 | Quantum key distribution method and quantum key distribution system |
CN112737781A (en) * | 2021-03-29 | 2021-04-30 | 南京易科腾信息技术有限公司 | Quantum key management service method, system and storage medium |
CN112737781B (en) * | 2021-03-29 | 2021-06-18 | 南京易科腾信息技术有限公司 | Quantum key management service method, system and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108880800B (en) | Power distribution and utilization communication system and method based on quantum secret communication | |
CN109412794B (en) | Quantum key automatic charging method and system suitable for power business | |
CN109698822A (en) | Combination learning method and system based on publicly-owned block chain and encryption neural network | |
EP0292790B1 (en) | Controlling the use of cryptographic keys via generating station established control values | |
CN104158567B (en) | Matching method between bluetooth equipment and system, data interactive method and system | |
CN107358441B (en) | Payment verification method and system, mobile device and security authentication device | |
CN109525390B (en) | Quantum key wireless distribution method and system for terminal equipment secret communication | |
CN105550600A (en) | Community-based de-duplication for encrypted data | |
CN113114460B (en) | Quantum encryption-based power distribution network information secure transmission method | |
CN109039613A (en) | A kind of quantum key distribution system and method | |
CN109714166A (en) | A kind of mobile distribution method, system, terminal and storage medium based on quantum key | |
US20140161260A1 (en) | Major management apparatus, authorized management apparatus, electronic apparatus for delegated key management, and key management methods thereof | |
CN106953729A (en) | Satellite communication encryption system and method based on quantum key | |
CN101931623B (en) | Safety communication method suitable for remote control with limited capability at controlled end | |
CN105631298B (en) | A kind of ciphering and deciphering device and method | |
CN113612608A (en) | Method and system for realizing cluster encryption of dual-mode interphone based on public network | |
CN106712938B (en) | Quantum whiteboard communication method and system | |
CN110212991B (en) | Quantum wireless network communication system | |
CN103118351B (en) | The generation method and apparatus of repaid card data | |
CN103763095A (en) | Intelligent substation key management method | |
CN206629070U (en) | Satellite communication encryption system and quantum key distribution network | |
CN101150399A (en) | Generation method for share secret key | |
CN103856938A (en) | Encryption and decryption method, system and device | |
KR20160100078A (en) | Client Terminal for Supporting Banking Service, Authentication Server, Method and Application for User Terminal | |
CN110247925A (en) | Power distribution automation information interacting method, system, terminal and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
AD01 | Patent right deemed abandoned | ||
AD01 | Patent right deemed abandoned |
Effective date of abandoning: 20220909 |