CN109756328B - Key generation method based on self-adaptive adjustment of error rate parameters and client - Google Patents
Key generation method based on self-adaptive adjustment of error rate parameters and client Download PDFInfo
- Publication number
- CN109756328B CN109756328B CN201811511967.0A CN201811511967A CN109756328B CN 109756328 B CN109756328 B CN 109756328B CN 201811511967 A CN201811511967 A CN 201811511967A CN 109756328 B CN109756328 B CN 109756328B
- Authority
- CN
- China
- Prior art keywords
- error rate
- key
- measurement
- quantization
- bit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Detection And Prevention Of Errors In Transmission (AREA)
Abstract
The invention discloses a key generation method and a client based on error rate parameter self-adaptive adjustment, wherein the method comprises the following steps: in the parameter adjustment stage, error rate measurement and quantization are carried out on a channel shared by an opposite terminal for many times, and error rate measurement/quantization parameters are adjusted, so that the resultant code rate of the quantization result of the error rate meets the preset requirement; and based on the adjusted parameters, measuring the error rate of the channel, and quantizing the measured error rate to obtain a consistent key. Compared with a physical layer key generation scheme based on polarization mode dispersion, the method and the device do not need to be provided with additional key distribution devices and the like, do not need to modify lines, are compatible with the existing information transmission system, and are favorable for saving cost; and parameters can be adaptively adjusted according to different channel environments in the process of producing the key based on the error rate of the channel, so that the key utilization rate is improved, namely, a high-rate key and a consistent key meeting the requirements are generated.
Description
Technical Field
The invention relates to the technical field of information security transmission, in particular to a key generation method based on self-adaptive adjustment of bit error rate parameters and a client.
Background
The rapid development of information networks, the popularization of internet plus application and the rise of smart cities change the traditional business forms and service modes of electric power, finance, telecommunication, traffic, energy and city gas supply, water supply, heating and the like, and bring unprecedented security challenges to key information infrastructure guarantee. The earthquake network virus event, the Ukrainian power grid power failure and the Mirai worm cause a national internet large-scale paralysis event, which shows that the attack mode aiming at key infrastructure is also continuously evolving.
The optical communication speed and distance are greatly improved, and the optical network opening capacity is obviously enhanced. The existing optical communication can not resist line or node eavesdropping attack, faces the risks of hijacking information by being tapped and hijacking information by being connected in series, and poses serious threat to the high-speed interconnection security of key information infrastructure. With the development of quantum computers with strong deciphering capacity, the data content of optical communication has the major hidden trouble of being intercepted, copied and tampered. In key-based security techniques, the security of the key determines the security of the information. It is therefore desirable to have a reliable cryptographic design to ensure security. Most of the most advanced encryption algorithms require pre-shared keys, but are easily accessible if an attacker has full system knowledge. The existing key generation technology includes classical key technology, quantum key technology and the like. Quantum key distribution, which relates to the application of the cryptographic technology of the physical layer in an optical fiber communication system, is Quantum Key Distribution (QKD) that uses a single photon to perform one-time keying. The classical key generation technology is based on amplitude, polarization and the like, and key distribution is realized by more researches. However, the two schemes have limited key generation efficiency and transmission distance, and cannot adaptively quantize and adjust the key according to environmental changes, so that the security cannot be verified.
In the existing key agreement method of polarization mode effect (PMD), PMD is a random effect, and PMD varies with physical parameters such as temperature, pressure, external and internal stresses, etc. as time goes by. As transmission rates increase, PMD has an increasingly significant impact on system error rates. The polarization mode dispersion phenomenon is utilized to make the bidirectional transmission fiber generate symmetrical random variation. The polarization mode dispersion evolution in the standard single mode fiber is completely random, and the security strength of the key generated based on the polarization mode dispersion is higher. However, the existing physical layer key generation scheme based on polarization mode dispersion for optical communication has the disadvantages of low key rate, incompatibility with the existing equipment, and the like.
A conventional key generation model based on channel feature extraction is shown in fig. 1. The client A is a sender, the client B is a legal receiver, the client E is a passive eavesdropper, and the client A, the client B and the client E are all single antennas. The channel between the client A and the client B is called a main channel, and the phase response of the main channel is selected as a random variable for generating the key. If the channel is a block fading channel, the channel is unchanged in one time slot and independent in different time slots. The key is obtained by quantizing the channel characteristics, the communication safety is guaranteed by utilizing the time variability and the uniqueness of the channel, and the method is an effective physical layer safety method. However, the existing method for extracting the secret key based on the physical characteristics of the wireless channel often fails to meet the requirements on the bit error rate of schemes such as loss and fading, the influence of the secret key on the environment is large, and the secret key utilization rate is low.
Disclosure of Invention
Compared with a physical layer key generation scheme based on polarization mode dispersion, the method does not need to be provided with additional key distribution devices and the like, does not need to modify lines, is compatible with the existing information transmission system, and is favorable for saving the cost; and parameters can be adaptively adjusted according to different channel environments in the process of producing the key based on the error rate of the channel, so that the key utilization rate is improved, namely, a high-rate key and a consistent key meeting the requirements are generated.
Based on the above object, the present invention provides a key generation method based on error rate parameter adaptive adjustment, comprising:
in the parameter adjustment stage, error rate measurement and quantization are carried out on a channel shared by an opposite terminal for many times, and error rate measurement/quantization parameters are adjusted, so that the resultant code rate of the quantization result of the error rate meets the preset requirement;
and based on the adjusted parameters, measuring the error rate of the channel, and quantizing the measured error rate to obtain a consistent key.
In the parameter adjustment process, the error rate measurement and quantization are performed on a channel shared by the opposite terminal for multiple times, and the error rate measurement/quantization parameter is adjusted, so that the resultant code rate of the quantization result of the error rate meets the preset requirement, and the method specifically comprises the following steps:
in the parameter adjustment process, calculating the bit rate for at least one time;
after the calculation of one bit rate is finished, if the bit rate is judged to meet the preset requirement, the parameter adjusting process is finished; otherwise, adjusting the error rate measurement/quantization parameter, and calculating the next bit rate;
wherein, the calculation process of one coding rate comprises the following steps:
based on the current error rate measurement parameters, carrying out multiple error rate measurements on the channel;
and quantizing the error rate obtained by each measurement based on the current error rate quantization parameter, and further obtaining the resultant code rate of the quantization result of the error rates of multiple measurements as the calculation result of the present resultant code rate.
The bit error rate measurement parameter is specifically the data length L of negotiation data sent by performing one-time bit error rate measurement;
the bit error rate quantization parameter is specifically a calculation coefficient alpha of an upper decision threshold and a lower decision threshold adopted by the quantization bit error rate.
Wherein, the measuring of the bit error rate for the channel for multiple times based on the current bit error rate measurement parameter specifically includes:
based on the current data length L, carrying out K times of error rate measurement on the channel; wherein, K is Z/L, and Z is the total length of the negotiation data generated locally and randomly;
wherein performing one bit error rate measurement for the channel comprises:
mapping the local randomly generated negotiation data with the length of L by using a key base to a near noise area, and then sending the negotiation data to the opposite terminal through the channel;
after loop-back negotiation data with the length of L is obtained according to the signal returned by the opposite terminal, the loop-back negotiation data is compared with the locally randomly generated negotiation data;
and obtaining the bit error rate of the measurement according to the comparison result.
The method for quantizing the bit error rate obtained by each measurement based on the current bit error rate quantization parameter specifically comprises the following steps:
calculating an upper decision threshold and a lower decision threshold based on the current calculation coefficient alpha;
and quantizing the bit error rate obtained by each measurement according to the upper and lower judgment thresholds obtained by calculation.
Preferably, the adjusting the ber measurement/quantization parameter specifically includes:
the L/α is adjusted up/down.
The present invention also provides a client, including:
the parameter adjusting module is used for measuring and quantizing the error rate of a channel shared by the opposite terminal for multiple times and adjusting the error rate measurement/quantization parameter so that the resultant code rate of the quantization result of the error rate meets the preset requirement;
and the key distribution module is used for measuring the error rate of the channel based on the parameters obtained by the adjustment of the parameter adjustment module, and quantizing the measured error rate to obtain a consistent key.
In the technical scheme of the invention, the error rate of the physical characteristics of a channel is utilized, the measurement or quantization parameters of the error rate are adjusted in a self-adaptive manner, and the consistency keys of two mutually communicated clients are generated by the error rate quantization; because the two communication parties generate the consistent key in a self-adaptive quantization mode mainly by analyzing the change situation of the error rate of the characteristic quantity of the channel shared by the two communication parties, the consistent key is difficult to detect the same error rate characteristic quantity and acquire the key as a third party eavesdropping party which does not share the channel, so that the consistent key has the advantages of strong randomness, high confidentiality and difficulty in being intercepted by the eavesdropping party, meanwhile, an additional key distribution device and the like are not required to be arranged, the line is not required to be modified, the consistent key is compatible with the existing information transmission system, and the cost is saved; the invention can flexibly and adaptively adjust the measurement or quantization parameter of the error rate according to the environment change, dynamically adapt to the change of the environment, adaptively quantize and generate the key, extract the available key and improve the effectiveness of the key, thereby improving the key utilization rate, namely generating the high-speed key and the consistent key which meet the requirements.
Drawings
FIG. 1 is a schematic diagram of a key generation model based on channel feature extraction in the prior art;
fig. 2a is a flowchart of a key generation method based on error rate parameter adaptive adjustment according to an embodiment of the present invention;
fig. 2b is a schematic diagram of an error rate measurement result and a quantization result obtained by performing multiple error rate measurements on a shared channel by two clients in communication with each other according to an embodiment of the present invention;
FIG. 3 is a flowchart of a parameter adjusting method according to an embodiment of the present invention;
fig. 4 is a flowchart of a key distribution method according to an embodiment of the present invention;
fig. 5 is a flowchart of a method for performing an error rate measurement on a channel according to an embodiment of the present invention;
fig. 6 is a block diagram of an internal structure of a client according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to specific embodiments and the accompanying drawings.
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative only and should not be construed as limiting the invention.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
It should be noted that all expressions using "first" and "second" in the embodiments of the present invention are used for distinguishing two entities with the same name but different names or different parameters, and it should be noted that "first" and "second" are merely for convenience of description and should not be construed as limitations of the embodiments of the present invention, and they are not described in any more detail in the following embodiments.
The inventor of the invention considers that the key is extracted based on the physical characteristics of the wireless channel, such as loss, fading and the like, but the error rates of the two schemes often do not meet the requirements, the key is greatly influenced by the environment, and the key utilization rate is low; the physical layer key generation scheme based on polarization mode dispersion in optical communication has the defects of low key rate, incompatibility with the existing equipment and the like, so that the high-rate and large-capacity data encryption is difficult to meet. Therefore, the invention provides a method for generating a consistency key of two mutually communicated clients by utilizing the self physical characteristic error rate of a channel and adaptively adjusting the measurement or quantization parameter of the error rate and quantizing the error rate; because the two communication parties generate the consistent key in a self-adaptive quantization mode mainly by analyzing the change situation of the error rate of the characteristic quantity of the channel shared by the two communication parties, the consistent key is difficult to detect the same error rate characteristic quantity and acquire the key as a third party eavesdropping party which does not share the channel, so that the consistent key has the advantages of strong randomness, high confidentiality and difficulty in being intercepted by the eavesdropping party, meanwhile, an additional key distribution device and the like are not required to be arranged, the line is not required to be modified, the consistent key is compatible with the existing information transmission system, and the cost is saved; the invention can flexibly and adaptively adjust the measurement or quantization parameter of the error rate according to the environment change, dynamically adapt to the change of the environment, adaptively quantize and generate the key, extract the available key and improve the effectiveness of the key, thereby improving the key utilization rate, namely generating the high-speed key and the consistent key which meet the requirements.
The technical solution of the embodiments of the present invention is described in detail below with reference to the accompanying drawings.
For two clients that communicate with each other, such as a first client and a second client, a key generation method based on error rate parameter adaptive adjustment provided by the embodiment of the present invention has a flow shown in fig. 2a, and includes the following steps:
step S201: in the parameter adjustment stage, two clients which are communicated with each other perform error rate measurement and quantization on a channel shared by the opposite terminal for many times, and adjust error rate measurement/quantization parameters, so that the resultant code rate of the quantization result of the error rate meets the preset requirement.
In the parameter adjustment stage of this step, the first and second clients simultaneously perform multiple error rate measurements on the shared channel, and adjust the error rate measurement and quantization parameters in the quantization process, so as to achieve the purpose of enabling the resultant code rate of the quantization result of the error rate to meet the preset requirement. For example, fig. 2b shows the error rate measurement result and the quantization result obtained by the first client and the second client performing the error rate measurement on the channel multiple times. The following describes the parameter adjustment process in detail by taking the first client as an example; the second client also adopts the same parameter adjustment method, which is not described herein again.
The first client side calculates the bit rate at least once in the parameter adjustment process; after the calculation of the one-time code forming rate is finished, if the first client judges that the code forming rate meets the preset requirement, the parameter adjusting process is finished; otherwise, adjusting the current error rate measurement/quantization parameter, and calculating the next bit rate; wherein, the calculation process of one coding rate comprises the following steps: based on the current error rate measurement parameters, carrying out multiple error rate measurements on the channel; and quantizing the error rate obtained by each measurement based on the current error rate quantization parameter, and further obtaining the resultant code rate of the quantization result of the error rates of multiple measurements as the calculation result of the present resultant code rate.
Fig. 3 shows a specific flow of the parameter adjustment process, which includes the following sub-steps:
substep S300: and setting initial values for error rate measurement and quantization parameters.
Specifically, the error rate measurement parameter may be a data length L of negotiation data transmitted by performing one error rate measurement; preferably, the initial value of L may be a smaller value, and specifically may be a minimum value within a variation range thereof, such as 500, and in the subsequent adjusting sub-step, the value of L is gradually increased, such as the increasing step size may be 500; the range of L can be set to 500-10000.
The bit error rate quantization parameter can be a calculation coefficient alpha of an upper decision threshold and a lower decision threshold adopted by the quantization bit error rate, and the value range of the alpha is 0-1; preferably, the initial value of α may be a large value, and may specifically be the maximum value within its variation range, such as 1, and the α value will be gradually decreased in the subsequent adjustment substep.
Substep S301: based on the current error rate measurement parameters, the first client performs a round (multiple times) of error rate measurements for a channel shared with the opposite end (second client).
Specifically, the first client may perform K error rate measurements for the channel based on the current error rate measurement parameter L; wherein, K is Z/L, and Z is the total length of the negotiation data generated locally and randomly; the specific process of obtaining an error rate measurement result by performing an error rate measurement on the channel based on a section of negotiation data with a length of L is as follows:
the first client side performs near-noise area mapping on a piece of negotiation data with the length of L, which is locally and randomly generated, by using a key base based on a quantum noise encryption technology and then sends the negotiation data to the opposite terminal (a second client side) through the channel;
after receiving the signal sent by the first client, an opposite end (a second client) performs near-noise region demapping on the received signal by using the same key base based on a quantum noise encryption technology to obtain received negotiation data; the opposite end (the second client) uses the key base to map the noise-approximating region of the received negotiation data and then returns the mapping data to the first client;
and the first client performs near-noise region demapping on the signal returned by the opposite end (the second client) by using the key base, so as to obtain looped-back negotiation data.
After a first client obtains loopback negotiation data with the length of L, comparing the loopback negotiation data with the locally randomly generated negotiation data; and obtaining the error rate result of the measurement according to the comparison result. Obviously, the smaller L, the larger K, the greater the number of measured bit error rates, and the greater the number of bits of the key composed of the quantization results of the bit error rates measured K times.
As can be seen from fig. 2b, since the first and second clients simultaneously perform the error rate measurement on the shared channel, the error rate measurement results obtained by the first and second clients are very close to each other.
Substep S302: based on the current error rate quantization parameter, the first client quantizes the error rate obtained by each measurement, and further obtains the resultant code rate of the quantization result of the error rates of multiple measurements.
Specifically, the error rate obtained by the first client for each measurement is quantified according to the following method: for the bit error rate obtained by each measurement, the first client compares the bit error rate obtained by the measurement with an upper decision threshold Th1 and a lower decision threshold Th0 respectively; if the bit error rate is greater than Th1, judging the quantization result of the bit error rate to be 1, and if the bit error rate is less than Th0, judging the quantization result of the bit error rate to be 0; and if the bit error rate is between Th0 and Th1, judging that the quantization result of the bit error rate is invalid. The quantization results of 0 and 1 are effective quantization results.
The code forming rate of the quantization results of the error rates measured for multiple times refers to the number of effective quantization results in unit time counted by the quantization results of the error rates measured for multiple times, namely the generation rate of the effective quantization results. Therefore, the first client counts the number of effective quantization results in the quantization results of the bit error rate obtained by K times of measurement in unit time, namely the generation rate of the effective quantization results, and the effective quantization results are used as the calculation result of the current bit rate. The higher the coding rate, the higher the rate of the key generated based on the quantization result of the bit error rate.
Wherein, the lower decision threshold Th0 is c- α x, and the upper decision threshold Th1 is c + α x; c is the mean of the error rates measured a plurality of times in the above sub-step S301, and is the variance of the error rates measured a plurality of times in the above sub-step S301. Obviously, the larger the α value is, the larger the distance between Th0 and Th1 is, and the coding rate is relatively lowered, but the higher the consistency of the obtained key is based on the effective result of quantization.
As can be seen from fig. 2b, since the error rate measurement results of the first and second clients are very close to each other, the quantization results obtained by quantizing the error rates of the first and second clients are also substantially the same.
Substep S303: the first client side judges whether the calculated code forming rate meets a preset requirement or not; if yes, go to substep S305 to end the parameter adjustment process; if not, then go to substep S304 to adjust the ber measurement/quantization parameter.
Specifically, the first client determines whether the bitrate calculated this time meets a preset requirement, for example, determines whether the bitrate calculated this time is greater than a preset threshold; if yes, go to substep S305 to end the parameter adjustment process; if not, then go to substep S304 to adjust the ber measurement/quantization parameter.
Substep S304: after the error rate measurement/quantization parameter is adjusted, the substep S301 is skipped to, and the next error rate measurement and the next code rate calculation are continued.
Specifically, when the first client determines that the bit error rate does not meet the preset requirement, the bit error rate measurement parameter or the bit error rate quantization parameter needs to be adjusted, so that the bit error rate obtained based on the adjusted parameter can be closer to the preset requirement.
Preferably, L may be adjusted to be increased, or α may be adjusted to be decreased.
As a more preferred embodiment, the adjustment sequence of the parameters may be: firstly fixing an alpha value, increasing a step value delta L to L when each parameter is adjusted, and reducing the alpha value by a step value delta alpha when the L reaches the maximum value; namely, the parameter adjusting method comprises the following steps:
judging whether the current L is the maximum value in the variation range; if not, L is increased by a step value Δ L, otherwise α is decreased by a step value Δ α.
Based on the parameter adjustment strategy, when the bit rate meets the preset requirement, a larger alpha value and a smaller L value can be obtained, so that the rate of generating the key based on the bit error rate quantization result meets the requirement, and the key has higher consistency, more key bits and higher safety.
Substep S305: the parameter adjustment process is ended.
After the first client determines that the bit rate meeting the preset requirement is obtained, for example, the bit rate greater than the preset threshold is obtained, the parameter adjustment process is ended, and the adjusted bit error rate measurement parameter L and the adjusted bit error rate quantization parameter α are output.
Step S202: in the key distribution stage, based on the adjusted parameters, two clients which are communicated with each other measure the error rate of the channel, and quantize the measured error rate to obtain a consistent key.
In the key distribution stage of the step, the first client and the second client can measure the error rate of the shared channel for multiple times, quantize the measured error rate, and obtain a consistent key according to the quantization result.
The following describes the key distribution process of the first client in detail by taking the first client as an example; the second client may also use the same key distribution method, which is not described herein again.
Fig. 4 shows a specific flow of a key distribution process, which includes the following steps:
step S401: based on the adjusted error rate measurement parameter L, the first client performs one round (multiple times) of error rate measurement for a channel shared with an opposite end (second client).
Specifically, the first client may perform one round of error rate measurement, that is, K times of error rate measurement, on the channel based on the error rate measurement parameter L obtained through adjustment in the parameter adjustment stage; wherein, K is Z/L, and Z is the total length of the negotiation data generated locally and randomly;
as shown in fig. 5, the method flow for performing one bit error rate measurement on the channel based on a piece of negotiation data with a length of L includes the following sub-steps:
substep S501: the first client side performs near-noise area mapping on locally randomly generated negotiation data with the length of L by using a key base based on a quantum noise encryption technology and then sends the negotiation data to the opposite terminal (second client side) through the channel;
substep S502: after receiving the signal sent by the first client, an opposite end (a second client) performs near-noise region demapping on the received signal by using the same key base based on a quantum noise encryption technology to obtain received negotiation data; the opposite end (the second client) uses the key base to map the noise-approximating region of the received negotiation data and then returns the mapping data to the first client;
substep S503: and the first client performs near-noise region demapping on the signal returned by the opposite end (the second client) by using the key base, so as to obtain looped-back negotiation data.
Substep S504: after a first client obtains loopback negotiation data with the length of L, comparing the loopback negotiation data with the locally randomly generated negotiation data; and obtaining the bit error rate of the measurement according to the comparison result.
Step S402: based on the error rate quantization parameter alpha obtained by adjustment, the first client quantizes the error rate obtained by each measurement, and generates a consistency key according to the quantization result.
Specifically, the error rate obtained by the first client for each measurement is quantified according to the following method: for the bit error rate obtained by each measurement, the first client compares the bit error rate obtained by the measurement with an upper decision threshold Th1 and a lower decision threshold Th0 respectively; if the bit error rate is greater than Th1, judging the quantization result of the bit error rate to be 1, and if the bit error rate is less than Th0, judging the quantization result of the bit error rate to be 0; and if the bit error rate is between Th0 and Th1, judging that the quantization result of the bit error rate is invalid. The quantization results of 0 and 1 are effective quantization results.
Wherein, the lower decision threshold Th0 is c- α x, and the upper decision threshold Th1 is c + α x; c is the mean value of the error rates measured for a plurality of times in the step S401, and is the variance of the error rates measured for a plurality of times in the step S401, and α is an error rate quantization parameter obtained by the adjustment in the parameter adjustment stage.
One method of generating a key according to the quantization result of the bit error rate may be to directly compose an effective quantization result of the bit error rate obtained by K measurements into a key;
preferably, to further improve the security of the key, the key may be generated by xoring the effective quantization result of the bit error rate obtained by the K measurements with the average value of the bit error rate obtained by the K measurements.
In fact, as shown in fig. 2b, since the first and second clients share the channel, the bit error rates measured by both clients are substantially close to each other, so that the quantization results obtained by quantizing the bit error rates by both clients are substantially identical, and the keys generated based on the quantization results are also identical.
After the first client and the second client generate the consistency key, the first client and the second client can use the key to encrypt and decrypt data to realize secure communication.
Based on the above method for generating a key based on adaptive adjustment of bit error rate parameters, an internal structure of a client provided in an embodiment of the present invention is shown in fig. 6, and the method includes: a parameter adjusting module 601 and a key distribution module 602.
The parameter adjusting module 601 is configured to perform error rate measurement and quantization on a channel shared with an opposite end for multiple times, and adjust an error rate measurement/quantization parameter so that a resultant code rate of a quantization result of an error rate meets a preset requirement. Specifically, the parameter adjusting module 601 performs at least one calculation of the bit rate during the parameter adjusting process; after the calculation of one bit rate is finished, if the bit rate is judged to meet the preset requirement, the parameter adjusting process is finished; otherwise, adjusting the current error rate measurement/quantization parameter, and calculating the next bit rate; wherein, the calculation process of one coding rate comprises the following steps: based on the current error rate measurement parameters, carrying out multiple error rate measurements on the channel; and quantizing the error rate obtained by each measurement based on the current error rate quantization parameter, and further obtaining the resultant code rate of the quantization result of the error rates of multiple measurements as the calculation result of the present resultant code rate. The bit error rate measurement parameter is specifically the data length L of negotiation data sent by performing one-time bit error rate measurement; the bit error rate quantization parameter is specifically a calculation coefficient alpha of an upper decision threshold and a lower decision threshold adopted by the quantization bit error rate. The detailed functions of the parameter adjustment module 601 refer to the method detailed in step S201, and are not described herein again.
The key distribution module 602 is configured to measure an error rate of the channel based on the parameter obtained by the parameter adjustment module, and quantize the measured error rate to obtain a consistent key. The specific functions of the key distribution module 602 may refer to the method detailed in step S202, and are not described herein again.
In addition, the parameter adjusting module 601 may be further configured to, when receiving a signal sent by an opposite end after performing near-noise region mapping on negotiation data randomly generated by the opposite end using a key base, perform near-noise region demapping on the received signal using the key base to obtain received negotiation data, and return the received negotiation data to the opposite end after performing near-noise region mapping on the received negotiation data using the key base.
Similarly, the key distribution module 602 may also be configured to, when receiving a signal sent by an opposite end after performing near-noise region mapping on negotiation data randomly generated by the opposite end using a key base, perform near-noise region demapping on the received signal using the key base to obtain received negotiation data, and return the received negotiation data to the opposite end after performing near-noise region mapping on the received negotiation data using the key base.
The invention provides a key generation method based on error rate parameter self-adaptive adjustment, which extracts the characteristic error rate of an optical communication physical layer channel through double-end measurement to generate a key. The key with high randomness can be obtained by utilizing the inherent randomness characteristics (temperature, pressure and vibration) of the physical layer channel. Meanwhile, parameters can be flexibly adjusted according to environment change, the environment change is dynamically adapted, keys are generated in a self-adaptive quantization mode, and available keys are extracted. Because both ends measure the same channel at the same time, better consistency can be obtained. The inherent noise of the channel enhances the randomness of the key. Therefore, the invention solves the key technology of channel security feature extraction and consistency negotiation, thereby ensuring the reciprocity, randomness and independence.
That is to say, in the technical scheme of the invention, the error rate of the physical characteristics of the channel is utilized, the measurement or quantization parameter of the error rate is adjusted in a self-adaptive manner, and the consistency keys of two mutually communicated clients are generated through error rate quantization; because the two communication parties generate the consistent key in a self-adaptive quantization mode mainly by analyzing the change situation of the error rate of the characteristic quantity of the channel shared by the two communication parties, the consistent key is difficult to detect the same error rate characteristic quantity and acquire the key as a third party eavesdropping party which does not share the channel, so that the consistent key has the advantages of strong randomness, high confidentiality and difficulty in being intercepted by the eavesdropping party, meanwhile, an additional key distribution device and the like are not required to be arranged, the line is not required to be modified, the consistent key is compatible with the existing information transmission system, and the cost is saved; the invention can flexibly and adaptively adjust the measurement or quantization parameter of the error rate according to the environment change, dynamically adapt to the change of the environment, adaptively quantize and generate the key, extract the available key and improve the effectiveness of the key, thereby improving the key utilization rate, namely generating the high-speed key and the consistent key which meet the requirements.
Those of skill in the art will appreciate that various operations, methods, steps in the processes, acts, or solutions discussed in the present application may be alternated, modified, combined, or deleted. Further, various operations, methods, steps in the flows, which have been discussed in the present application, may be interchanged, modified, rearranged, decomposed, combined, or eliminated. Further, steps, measures, schemes in the various operations, methods, procedures disclosed in the prior art and the present invention can also be alternated, changed, rearranged, decomposed, combined, or deleted.
Those of ordinary skill in the art will understand that: the discussion of any embodiment above is meant to be exemplary only, and is not intended to intimate that the scope of the disclosure, including the claims, is limited to these examples; within the idea of the invention, also features in the above embodiments or in different embodiments may be combined, steps may be implemented in any order, and there are many other variations of the different aspects of the invention as described above, which are not provided in detail for the sake of brevity. Therefore, any omissions, modifications, substitutions, improvements and the like that may be made without departing from the spirit and principles of the invention are intended to be included within the scope of the invention.
Claims (5)
1. A key generation method based on error rate parameter self-adaptive adjustment is characterized by comprising the following steps:
in the parameter adjustment stage, the error rate measurement and quantization are carried out on a channel shared by the opposite terminal for many times, and the error rate measurement/quantization parameter is adjusted, so that the resultant code rate of the quantization result of the error rate meets the preset requirement: in the parameter adjustment process, calculating the bit rate for at least one time; after the calculation of one bit rate is finished, if the bit rate is judged to meet the preset requirement, the parameter adjusting process is finished; otherwise, adjusting the error rate measurement/quantization parameter, and calculating the next bit rate; wherein, the calculation process of one coding rate comprises the following steps: based on the current error rate measurement parameters, carrying out multiple error rate measurements on the channel; quantizing the bit error rate obtained by each measurement based on the current bit error rate quantization parameter, and further obtaining the bit rate of the quantization result of the bit error rates of multiple measurements as the calculation result of the current bit rate; the bit error rate measurement parameter is specifically the data length L of negotiation data sent by performing one-time bit error rate measurement; the bit error rate quantization parameter is specifically a calculation coefficient alpha of an upper decision threshold and a lower decision threshold adopted by the quantization bit error rate;
based on the adjusted parameters, carrying out error rate measurement on the channel, quantizing the measured error rate to obtain a consistent secret key: performing Z/L times of error rate measurement on the channel based on the adjusted data length L; quantizing the measured bit error rate according to the upper and lower decision thresholds calculated by the adjusted calculation coefficient alpha; obtaining a consistent key according to a quantization result; where Z is the total length of the locally randomly generated negotiation data.
2. The method according to claim 1, wherein the performing a plurality of ber measurements for the channel based on the current ber measurement parameter specifically comprises:
based on the current data length L, carrying out K times of error rate measurement on the channel; wherein, K is Z/L, and Z is the total length of the negotiation data generated locally and randomly;
wherein performing one bit error rate measurement for the channel comprises:
mapping the local randomly generated negotiation data with the length of L by using a key base to a near noise area, and then sending the negotiation data to the opposite terminal through the channel;
after loop-back negotiation data with the length of L is obtained according to the signal returned by the opposite terminal, the loop-back negotiation data is compared with the locally randomly generated negotiation data;
and obtaining the bit error rate of the measurement according to the comparison result.
3. The method according to claim 1, wherein the quantizing the bit error rate obtained from each measurement based on the current bit error rate quantization parameter specifically comprises:
calculating an upper decision threshold and a lower decision threshold based on the current calculation coefficient alpha;
and quantizing the bit error rate obtained by each measurement according to the upper and lower judgment thresholds obtained by calculation.
4. The method of claim 1, wherein the adjusting the ber measurement/quantization parameter specifically comprises:
the L/α is adjusted up/down.
5. A client, comprising:
the parameter adjusting module is used for measuring and quantizing the error rate of a channel shared by the opposite terminal for multiple times, and adjusting the error rate measurement/quantization parameter to ensure that the resultant code rate of the quantization result of the error rate meets the preset requirement: in the parameter adjustment process, calculating the bit rate for at least one time; after the calculation of one bit rate is finished, if the bit rate is judged to meet the preset requirement, the parameter adjusting process is finished; otherwise, adjusting the error rate measurement/quantization parameter, and calculating the next bit rate; wherein, the calculation process of one coding rate comprises the following steps: based on the current error rate measurement parameters, carrying out multiple error rate measurements on the channel; quantizing the bit error rate obtained by each measurement based on the current bit error rate quantization parameter, and further obtaining the bit rate of the quantization result of the bit error rates of multiple measurements as the calculation result of the current bit rate; the bit error rate measurement parameter is specifically the data length L of negotiation data sent by performing one-time bit error rate measurement; the bit error rate quantization parameter is specifically a calculation coefficient alpha of an upper decision threshold and a lower decision threshold adopted by the quantization bit error rate;
a key distribution module, configured to measure an error rate of the channel based on the parameter obtained by the parameter adjustment module, and quantize the measured error rate to obtain a consistent key: performing Z/L times of error rate measurement on the channel based on the adjusted data length L; quantizing the measured bit error rate according to the upper and lower decision thresholds calculated by the adjusted calculation coefficient alpha; obtaining a consistent key according to a quantization result; where Z is the total length of the locally randomly generated negotiation data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811511967.0A CN109756328B (en) | 2018-12-11 | 2018-12-11 | Key generation method based on self-adaptive adjustment of error rate parameters and client |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811511967.0A CN109756328B (en) | 2018-12-11 | 2018-12-11 | Key generation method based on self-adaptive adjustment of error rate parameters and client |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109756328A CN109756328A (en) | 2019-05-14 |
| CN109756328B true CN109756328B (en) | 2020-09-25 |
Family
ID=66402610
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811511967.0A Active CN109756328B (en) | 2018-12-11 | 2018-12-11 | Key generation method based on self-adaptive adjustment of error rate parameters and client |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109756328B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3742663B1 (en) * | 2019-05-20 | 2024-02-07 | Nokia Technologies Oy | Shared secret generation |
| CN110635902B (en) * | 2019-09-12 | 2020-10-30 | 太原理工大学 | Chaotic key distribution system and method based on dispersion keying synchronization |
| CN114339744A (en) * | 2020-10-10 | 2022-04-12 | 中移(成都)信息通信科技有限公司 | Communication method, device, equipment and storage medium |
| CN112865874B (en) * | 2021-01-12 | 2022-07-01 | 上海交通大学 | Self-adaptive decryption optical encryption transmission system and method based on optical self-interference elimination |
| CN113239348B (en) * | 2021-04-21 | 2023-01-10 | 北京邮电大学 | Multi-core redundancy system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007035598A3 (en) * | 2005-09-16 | 2008-01-17 | Allied Telesyn Inc | Apparatus and method for adaptive adjustment and performance monitoring of avalanche photo-diode optical receiver and laser transmitter for fiber link long haul applications |
| CN104219539A (en) * | 2014-09-29 | 2014-12-17 | 公安部第一研究所 | Video encoding and transmitting method based on TD-LTE (time division long term evolution) channel detection |
| CN104640110A (en) * | 2015-01-15 | 2015-05-20 | 南京邮电大学 | Symmetric key generating method based on channel characteristics in terminal direct communication |
| CN107113169A (en) * | 2015-01-09 | 2017-08-29 | 巴黎矿业电信学院 | Come from the communication with permanent security that short term security encrypts quantum communications |
| CN107508676A (en) * | 2017-09-25 | 2017-12-22 | 北京邮电大学 | A kind of measuring apparatus unrelated quantum key distribution protocol safety detection method under the conditions of joint rotational noise |
-
2018
- 2018-12-11 CN CN201811511967.0A patent/CN109756328B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007035598A3 (en) * | 2005-09-16 | 2008-01-17 | Allied Telesyn Inc | Apparatus and method for adaptive adjustment and performance monitoring of avalanche photo-diode optical receiver and laser transmitter for fiber link long haul applications |
| CN104219539A (en) * | 2014-09-29 | 2014-12-17 | 公安部第一研究所 | Video encoding and transmitting method based on TD-LTE (time division long term evolution) channel detection |
| CN107113169A (en) * | 2015-01-09 | 2017-08-29 | 巴黎矿业电信学院 | Come from the communication with permanent security that short term security encrypts quantum communications |
| CN104640110A (en) * | 2015-01-15 | 2015-05-20 | 南京邮电大学 | Symmetric key generating method based on channel characteristics in terminal direct communication |
| CN107508676A (en) * | 2017-09-25 | 2017-12-22 | 北京邮电大学 | A kind of measuring apparatus unrelated quantum key distribution protocol safety detection method under the conditions of joint rotational noise |
Non-Patent Citations (2)
| Title |
|---|
| "Physical Layer Security Based on Chaotic Spatial Symbol Transforming in Fiber-Optic Systems";jie zhang;《IEEE Photonics Journal》;20180514;全文 * |
| "量子密钥分配系统实际安全性研究";黄靖正;《中国科学技术大学博士学位论文》;20140501;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109756328A (en) | 2019-05-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109756328B (en) | Key generation method based on self-adaptive adjustment of error rate parameters and client | |
| Xiong et al. | Secure transmission against pilot spoofing attack: A two-way training-based scheme | |
| CN109819444B (en) | Physical layer initial authentication method and system based on wireless channel characteristics | |
| CN110493010B (en) | Mail receiving and sending method of mail system based on quantum digital signature | |
| CN112104454B (en) | Data secure transmission method and system | |
| CN104333860A (en) | ZigBee security network with public key cryptography system NTRU (number theory research unit) | |
| Wang et al. | Security enhancement on a lightweight authentication scheme with anonymity fog computing architecture | |
| Jose et al. | Energy efficient recoverable concealed data aggregation in wireless sensor networks | |
| CN113078997A (en) | Terminal protection method based on lightweight cryptographic algorithm | |
| CN109412797B (en) | Key negotiation method and client based on bit error rate decision state base | |
| CN109495167B (en) | Client and consistent key negotiation method based on bit error rate | |
| CN110932863B (en) | Generalized signcryption method based on coding | |
| CN106789020B (en) | Decoy state quantum key distribution system and method | |
| CN112039654A (en) | Electric meter data security acquisition method for resisting man-in-the-middle attack | |
| Li et al. | Deterministic quantum secure direct communication protocol based on hyper-entangled state | |
| CN111586687A (en) | Active channel key generation method and system for preventing near-end eavesdropping | |
| An et al. | A tag-based PHY-layer authentication scheme without key distribution | |
| Xiao et al. | Fault‐tolerant controlled quantum dialogue using logical qubit | |
| CN104993927A (en) | Symmetric key generation method and application thereof | |
| CN111464299B (en) | Physical layer key generation method for constructing reciprocal channel parameters based on frequency division duplex mode | |
| CN114390518A (en) | Encryption method, device, equipment and storage medium | |
| CN113795023A (en) | Bluetooth data transmission encryption method based on chaotic sequence and block encryption | |
| CN113194466A (en) | Hybrid key system and method based on wireless channel characteristic simulation | |
| CN109547118B (en) | Method for data transmission by using near-noise bit and client | |
| CN111246460A (en) | Low-complexity and low-time-delay secure transmission method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20200716 Address after: 1111, floor 11, building 1, No. 18, Kechuang 13th Street, Beijing Economic and Technological Development Zone, Daxing District, Beijing 100176 Applicant after: Beijing jieantong Technology Co.,Ltd. Address before: 100876 Beijing city Haidian District Xitucheng Road No. 10 Applicant before: Beijing University of Posts and Telecommunications |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20230526 Address after: Room 303, Building 2, No. 721 Yanhu Road, Jiangshan Town, Yinzhou District, Ningbo City, Zhejiang Province, 315191 Patentee after: Beiqing Jinru Communication Technology Co.,Ltd. Address before: 1111, 11th Floor, Building 1, No. 18 Kechuang 13th Street, Beijing Economic and Technological Development Zone, Daxing District, Beijing, 100176 Patentee before: Beijing jieantong Technology Co.,Ltd. |
|
| TR01 | Transfer of patent right |