CN111404674B - Method and equipment for generating and receiving session key - Google Patents
Method and equipment for generating and receiving session key Download PDFInfo
- Publication number
- CN111404674B CN111404674B CN201910002534.0A CN201910002534A CN111404674B CN 111404674 B CN111404674 B CN 111404674B CN 201910002534 A CN201910002534 A CN 201910002534A CN 111404674 B CN111404674 B CN 111404674B
- Authority
- CN
- China
- Prior art keywords
- random number
- quantum
- key
- session key
- receiving
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method and equipment for generating and receiving a session key, which are used for solving the problem that quantum communication is easy to be interfered. The method comprises the following steps: generating at least one random number S; transmitting the corresponding random number S through the quantum channel corresponding to each random number S, so that a receiving party carries out hash operation on the received random number S and a preset key by utilizing a hash function to generate a session key Ks; receiving a corresponding random number S transmitted by a quantum key distribution terminal through at least two quantum channels; and carrying out hash operation on the received random number S and the preset key by utilizing a hash function to generate a session key Ks. The method is used for transmitting the quantum key in the quantum communication in a long distance and performing anti-interference transmission on the quantum key.
Description
Technical Field
The present invention relates to quantum key distribution, and in particular, to a method and apparatus for generating and receiving a session key.
Background
Due to the rapid development of quantum computing technology, the security of many classical cryptographic algorithms faces an increasingly serious challenge. Quantum computing techniques have different effects on asymmetric cryptographic algorithms and symmetric cryptographic algorithms. The existing symmetric cryptographic algorithm can ensure the safety of the key under the condition of quantum computation as long as the key length is doubled. While quantum computing technology will render all of the currently commonly used asymmetric algorithms based on computational complexity, such as RSA, DH, ineffective. Because most systems use symmetric key algorithms for data protection, but the keys they use are generated in dependence on asymmetric algorithms, quantum computing technology poses a serious threat to current security systems.
Based on the characteristics of non-subdivision, inaccurate measurement, non-replicability, ideal randomness and the like of the quantum mechanics law, the quantum key distribution (Quantum Key Distribution) is a key technology capable of guaranteeing the secure distribution of keys in the quantum age and does not depend on any requirement and assumption of computational complexity. The method replaces the existing asymmetric algorithm to realize key negotiation, and can enable the existing security system to be still used in the quantum age. Although it has wide application prospect, it has the following disadvantages:
in the quantum communication process, when quanta are measured, abrupt change of state occurs, and when the two communication parties find that the state is changed, the communication is stopped. Thus any form of intrusion by an adversary, whether eavesdropping, copying, or interference, can frustrate the communication.
Disclosure of Invention
The invention provides a method and equipment for generating and receiving a session key, which can solve the problem that quantum communication is easy to be interfered.
In a first aspect, the present invention provides a method for generating a session key, the method comprising:
generating at least one random number;
and transmitting the corresponding random number through the quantum channel corresponding to the random number, so that a receiving party carries out hash operation on the received random number and a preset key by utilizing a hash function to generate a session key.
In a second aspect, the present invention provides a method for receiving a session key, the method comprising:
receiving corresponding random numbers transmitted by a quantum key distribution terminal through at least two quantum channels;
and carrying out hash operation on the received random number and the preset key by utilizing a hash function to generate a session key.
In a third aspect, the present invention provides a session key generation apparatus, the apparatus comprising: a processor and a memory, wherein the memory stores program code that, when executed by the processor, causes the processor to perform the steps of:
generating at least one random number;
and transmitting the corresponding random number through the quantum channel corresponding to the random number, so that a receiving party carries out hash operation on the received random number and a preset key by utilizing a hash function to generate a session key.
In a fourth aspect, the present invention provides a receiving apparatus for a session key, the apparatus comprising: a processor and a memory, wherein the memory stores program code that, when executed by the processor, causes the processor to perform the steps of:
receiving corresponding random numbers transmitted by a quantum key distribution terminal through at least two quantum channels;
and carrying out hash operation on the received random number and the preset key by utilizing a hash function to generate a session key.
The method and the device for generating and receiving the session key have the following beneficial effects:
the session key is generated based on the hash function according to the preset key and the random number, so that the security of the session key is not dependent on whether the relay station of the quantum network is trusted, and therefore, when the quantum key is transmitted by the relay station in a long distance, the quantum communication is not easy to be blocked, and the requirement of a user on the security of the session key can be met;
in addition, when multiple quantum channel key distribution is adopted, the whole quantum communication system is not affected when one quantum channel is interfered, and the anti-interference capability of quantum communication is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the description of the embodiments will be briefly described below, it will be apparent that the drawings in the following description are only some embodiments of the present invention, and that other drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a diagram of a system for generating and receiving session keys;
FIG. 2 is a diagram of a single quantum channel key generation system;
FIG. 3 is a diagram of a two quantum channel key generation system;
FIG. 4 is a diagram of a multiple quantum channel key generation system;
FIG. 5 is a diagram of a method of generating a session key;
fig. 6 is a diagram of a method of receiving a session key.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail below with reference to the accompanying drawings, and it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Example 1
The embodiment of the invention provides a system for generating and receiving a session key, which comprises a quantum key distribution end, at least one quantum key receiving end and at least two quantum channels, as shown in figure 1, wherein:
the quantum key distribution terminal is used for generating at least one random number S, and transmitting the generated random number S to the at least one quantum key receiving terminal through at least two quantum channels;
the quantum key receiving end receives the corresponding random number S transmitted by the quantum key distributing end through at least two quantum channels, and generates a session key Ks after carrying out hash operation on the received random number S and a preset key K by utilizing a hash function.
Because the hash function is a one-way hash function which compresses data with any length to a certain fixed length through a hash algorithm, even if an attacker acquires a random number S transmitted by a quantum channel, the attacker cannot acquire the session key Ks because the secret key preset by both communication users is not known, thereby ensuring the reliability of quantum communication and ensuring the safety of generating the session key.
In addition, in the quantum communication process, based on the characteristics of the quantum channels, consistency of a transmitted message and a received message can be ensured, an attacker cannot modify the random number S, and in addition, when the quantum is measured, a state mutation occurs, the communication parties can stop communication once the state is found to be changed, but the embodiment provides that the random number S is transmitted by using a plurality of quantum channels, so that even if one quantum channel is interfered, the communication parties can not stop communication, and still can generate a session key by using the random number S transmitted in the quantum channel which is not interfered.
As an alternative embodiment, the hash function is a secure hash algorithm SHA-256 or a secure hash algorithm SHA-512 or a secure hash algorithm SHA-3.
As an alternative embodiment, the random number S represents a single random number, or may represent a random number stream.
According to the difference between the random number S and the number of quantum channels, the random number S generated by the at least two quantum channels is sent to at least one quantum key receiving end in the following cases:
case one: when the random number S represents a single random number, the single random number S is correspondingly transmitted by using one quantum channel A;
and a second case: when the random number S represents a random number stream, the random number stream S is correspondingly transmitted by using a quantum channel A;
and a third case: n (n is a positive integer and is equal to or greater than 2) random values S represent n random values S 1 S 2 …S n When each random number is transmitted by a quantum channel A, n quantum channels are used for transmission, for example, the single random number S is transmitted by the quantum channel A 1 Transmitting a random number S 1 Through quantum channel A 2 Transmitting a random number S 2 Similarly, through quantum channel A n The random number Sn is transmitted.
Case four: n (n is a positive integer and equal to or greater than 2) random number streams S represent n random number streams S 1 S 2 …S n When each random number stream is transmitted by using one quantum channel A, n quantum channels are used for transmission, for example, the single random number stream S is transmitted by the quantum channel A 1 Transmitting a random number stream S 1 Through quantum channel A 2 Transmitting a random number stream S 2 Similarly, through quantum channel A n Transmitting a random number stream S n 。
As an alternative embodiment, transmitting the corresponding random number S through the quantum channel corresponding to each random number S includes:
and transmitting the corresponding random number S through a quantum channel corresponding to each random number S in the quantum communication relay network.
Because the quantum communication uses single photon as carrier, considering the attenuation of single photon in fiber channel and the sensitivity of detector, the quantum communication distance will not exceed 200 km, which limits the application range of quantum key distribution, and the relay network has several relay stations to relay the quantum key, which can realize the remote transmission of quantum communication.
In the prior art, at least more than one relay station is arranged between two remote communication users, a shared quantum key is obtained by utilizing a quantum channel between every two adjacent relay stations, and a relay forwarding operation of encryption-decryption-encryption … decryption is carried out on a session key to be transmitted by utilizing the shared quantum key section by section, so that a receiver finally obtains the session key, and remote quantum communication is realized. And the quantum key transmission in the prior art relies on the relay station being a trusted relay station.
In this embodiment, quantum communication remote transmission can be realized by using a quantum communication relay network, and in particular, the quantum communication relay network is a relay network architecture formed by at least one relay station, and the relay station is used as relay forwarding to forward information transmitted by a user at a distribution end to a receiving end for receiving. At least more than one relay station is arranged between two communication users, corresponding random numbers S are transmitted between every two adjacent relay stations through at least one quantum channel, the random numbers S are forwarded through a plurality of relay stations, and finally a receiver acquires a session key to realize remote quantum communication.
Because the relay station is a relay forwarding operation on the random number S, the relay station is not required to be a trusted relay station, and even if the relay station is not trusted, an attacker acquires the random number, because the receiving end hashes the received random number S with a preset key by using a hash function to generate a session key Ks, based on the characteristics of the hash function, the attacker cannot acquire the session key Ks according to S without knowing the preset keys of both communication parties, and the security of transmitting the session key Ks generated by the random number S based on the hash function by using a quantum channel in the relay network is ensured.
In summary, the distribution end transmits the corresponding random number S by using the quantum channel corresponding to each random number S in the quantum communication relay network, and the receiving end hashes the received random number S with the preset key by using the hash function to generate the session key Ks, so that not only can the remote transmission of the quantum channel be realized, but also the problem that the quantum communication is easy to be blocked can be solved.
As an alternative implementation manner, the distributing end may send at least one random number S to one receiving end, or may send at least one random number S to multiple receiving ends. The distributing end can also generate a session key Ks based on a hash function by using the preset key K and the generated random number S, so that the distributing end and one or more receiving ends can communicate by using the session key Ks.
As an alternative embodiment, the communication between the distributing end and the one or more receiving ends using the session key Ks includes:
the distributing terminal receives the confirmation message fed back by the receiving party and determines the random number S successfully received by the receiving party;
and carrying out hash operation on the random number S successfully received by the receiver and the preset key by utilizing a hash function to generate a session key Ks.
At this time, the distributing end receives the confirmation message fed back by the receiving end, knows which random numbers S are received by the receiving end, and the distributing end and the receiving end can perform hash operation on the preset secret key K and the random numbers S successfully received by using a hash function to generate the same session secret key Ks, and encrypt the message to be transmitted by the distributing end by using the session secret key Ks, so as to ensure the safety of the communication between the distributing end and the receiving end user.
As another alternative embodiment, the distributing end may send at least one random number S to the plurality of receiving ends as a distributor for distributing the quantum key. Each receiving end receives the same random number S or the same plurality of random numbers S, and each receiving end generates a session key Ks based on a hash function by using the received random number S and a preset key K. Because the random number S received by each receiving end is the same as the preset key K, the same session key Ks is generated based on the hash function, and the session key Ks can be used as a shared session key to encrypt the information transmitted between any two receiving ends in the plurality of receiving ends, so that the safety of the information transmitted by both communication parties is ensured.
In summary, the problem of short quantum communication distance is solved by using the relay network in the embodiment, and the problem of easy interference of quantum communication is solved by using multiple quantum channels in the relay network.
In order to clearly describe a quantum key secure distribution system provided by an embodiment of the present invention, taking two quantum channel key distribution systems as an example, the system is defined as including: the device comprises a quantum key distribution terminal, a quantum key receiving terminal, a quantum relay network and a quantum channel. As shown in fig. 2, the interaction flow between the quantum key distribution end and the quantum key receiving end in the system is as follows:
step 201: the distribution end generates a random number S, and the random number S represents a single random value;
step 202: transmitting a corresponding random number S to a receiving end through one quantum channel in the quantum relay network;
the relay network is provided with a plurality of relay stations, the quantum channel relays and forwards the random number S sent by the distribution terminal through the relay forwarding operation of each relay station, and finally the random number S is transmitted to the receiving terminal for receiving.
Step 203: the receiving end receives the corresponding random number S transmitted by the single quantum channel, and performs hash operation on the received random number S and a preset key K by utilizing a hash function to generate a session key Ks.
The preset key K is the same preset key K agreed in advance by the distributor and the receiver.
Step 204: after the receiving end successfully receives the random number S, a confirmation message is fed back to the distributing end.
After the receiving end does not receive the random number S, the distributing end cannot receive the feedback confirmation message sent by the receiving end.
Step 205: the distribution terminal receives the feedback confirmation message sent by the receiving terminal, determines the random number S successfully received by the receiving terminal, and performs hash operation on the random number S successfully received by the receiving terminal and a preset key by using a hash function to generate a session key Ks.
The same random number S and the same preset secret key are used by the distributing end and the receiving end to generate the same session secret key Ks by using a hash function, and the session secret key Ks is used for encrypting information transferred between the distributing end and the receiving end, so that the safety of information transmission of both communication parties is ensured.
Taking two quantum channel key distribution systems as an example, the system is defined as comprising: the device comprises a quantum key distribution end, a quantum key receiving end, a quantum relay network and two quantum channels. As shown in fig. 3, the interaction flow between the quantum key distribution end and the quantum key receiving end in the system is as follows:
step 301: the distribution end generates two random numbers S 1 、S 2 Random number S 1 、S 2 All represent a single random number;
step 302: through two quantum channels a in a quantum relay network 1 、A 2 Respectively transmitting corresponding random numbers S to receiving ends 1 、S 2 ;
The relay network is provided with a plurality of relay stations and a quantum channel A 1 、A 2 Through relay forwarding operation of each relay station, two random numbers S sent by a distribution terminal are sent 1 、S 2 Relay forwarding is carried out, and finally the random number S is obtained 1 、S 2 Transmitting to the receiving end for receiving.
Step 303: the receiving end receives two quantum channels A 1 、A 2 Corresponding random number S of transmission 1 、S 2 The received random number S is subjected to Hash function 1 、S 2 And carrying out hash operation on the preset key K to generate a session key Ks.
The preset key K is the same preset key K agreed in advance by the distributor and the receiver.
Step 304: the receiving end successfully receives the random number S 1 、S 2 And then feeding back a confirmation message to the distributing end.
Step 305: the distributing end receives the feedback confirmation message sent by the receiving end,determining a random number S successfully received by a receiver 1 、S 2 Utilizing hash function to make said random number S successfully received by receiver 1 、S 2 And carrying out hash operation on the preset key to generate a session key Ks.
If the receiving end only receives the random number S 1 Transmitting the received random number S to a distributing end 1 The distribution end confirms that only the random number S is confirmed by the feedback confirmation message of (a) 1 The receiving end receives the preset key K and the random number S successfully, and the distributing end and the receiving end can still utilize the hash function to perform the function 1 Hash operation is performed to generate a session key Ks.
The same random number S and the same preset secret key are used by the distributing end and the receiving end to generate the same session secret key Ks by using a hash function, and the session secret key Ks is used for encrypting information transferred between the distributing end and the receiving end, so that the safety of information transmission of both communication parties is ensured.
Taking a multiple quantum channel key distribution system as an example, the system is defined to include: the device comprises a quantum key distribution end, a quantum key receiving end, a quantum relay network and a plurality of quantum channels. As shown in fig. 4, the interaction flow between the quantum key distribution end and the quantum key receiving end in the system is as follows:
step 401: the distributing end generates n (n is a positive integer and is more than or equal to 2) random numbers S which represent n random values S 1 S 2 …S n ;
Step 402: and transmitting a corresponding random number S to a receiving end through n (n is a positive integer and is more than or equal to 2) quantum channels A in the quantum relay network.
Wherein each quantum channel transmits a corresponding random number S, namely a quantum channel A 1 Transmitting a random number S 1 Through quantum channel A 2 Transmitting a random number S 2 Similarly, through quantum channel A n Transmitting a random number Sn;
the relay network is provided with a plurality of relay stations, each relay station in each quantum channel can relay and forward the random number S transmitted in the quantum channel sent by the distributing end, and finally the random number S is transmitted to the receiving end for receiving.
Step 403: the receiving end receives the corresponding random number S transmitted by each quantum channel, and performs hash operation on the received random number S and a preset key K by utilizing a hash function to generate a session key Ks.
The receiving end receives the random number S transmitted by each quantum channel, namely the random number received by the receiving end is: s is S 1 S 2 …S n The preset key K is the same preset key K agreed in advance by the distributor and the receiver, and the preset key K and the random number S are utilized based on a hash function 1 S 2 …S n Hash operation is performed to generate a session key Ks.
Step 404: after the receiving end successfully receives the random number S, a confirmation message is fed back to the distributing end.
The receiving end does not receive the random number S, and the distributing end cannot receive the feedback confirmation message sent by the receiving end.
Step 405: the distribution terminal receives the feedback confirmation message sent by the receiving terminal, determines the random number S successfully received by the receiving terminal, and performs hash operation on the random number S successfully received by the receiving terminal and a preset key by using a hash function to generate a session key Ks.
For example, the receiving end successfully receives the random number S 1 、S 2 、S 3 、S 4 A feedback confirmation message is sent to the distributing end, and S sent by the distributing end is not received 4 Then send feedback confirmation message to the distributing end as S 1 、S 2 、S 3 The method comprises the steps of carrying out a first treatment on the surface of the After receiving the feedback confirmation message, the distributing end determines that the receiving end receives the random number S 1 、S 2 、S 3 。
The same random number S is used at the distributing end and the receiving end 1 、S 2 、S 3 And the same session key Ks is generated by the preset key K through a hash function, and information transmitted between the distributing end and the receiving end is encrypted by the session key Ks, so that the safety of information transmission of both communication parties is ensured.
In summary, according to the different numbers of quantum channels in the relay network, taking a single quantum channel and a plurality of quantum channels as examples, the beneficial effects of the invention are summarized as follows:
taking a single quantum channel and a random number S sent by a distributing end as an example, the random number S is sent to a receiving end by utilizing the single quantum channel in a relay network, and the receiving end generates a session key by utilizing a hash function.
Based on the unidirectional characteristic of the hash function, even if the relay station in the relay network is not trusted, an attacker acquires the random number S, but the attacker does not know the preset key K between communication users, so that the session key cannot be acquired. The security of the session key is independent of whether the relay station of the quantum network is trusted or not, so that the requirement of a communication user on the security of the session key is ensured.
Transmitting n random numbers S by multiple quantum channels and distribution terminals 1 S 2 …S n Or n random number streams S 1 S 2 …S n (n is a positive integer and is greater than or equal to 2) for example, the random number or random number stream is sent to the receiving end by using the quantum channel corresponding to each random number, and the receiving end generates the session key by using the hash function.
Based on the unidirectional characteristic of the hash function and the transmission of the multiple quantum channels, even if all quantum channels are not trusted, an attacker cannot acquire the session key, and the multiple quantum channels are adopted for key distribution, so that even if one quantum channel is interfered, the communication of the whole quantum communication system is not affected.
Example two
Based on the same inventive concept, the embodiment of the invention provides a device for securely distributing and receiving a quantum key, and the specific implementation of the device can be referred to the description of the embodiment part of the system, and the repetition is omitted.
The device includes a processor, a memory, and a transceiver.
The processor is responsible for managing the bus architecture and general processing, and the memory may store data used by the processor in performing operations. The transceiver is used for receiving and transmitting data under the control of the processor.
A bus architecture may comprise any number of interconnecting buses and bridges, and in particular one or more processors represented by a processor and various circuits of memory represented by a memory, linked together. The bus architecture may also link together various other circuits such as peripheral devices, voltage regulators, power management circuits, etc., which are well known in the art and, therefore, will not be described further herein. The bus interface provides an interface. The processor is responsible for managing the bus architecture and general processing, and the memory may store data used by the processor in performing operations.
The flow disclosed by the embodiment of the invention can be applied to a processor or realized by the processor. In implementation, each step of the signal processing flow may be implemented by an integrated logic circuit of hardware in a processor or an instruction in a software form. The processor may be a general purpose processor, a digital signal processor, an application specific integrated circuit, a field programmable gate array or other programmable logic device, a discrete gate or transistor logic device, a discrete hardware component, and may implement or perform the methods, steps, and logic blocks disclosed in embodiments of the invention. The general purpose processor may be a microprocessor or any conventional processor or the like. The steps of a method disclosed in connection with the embodiments of the present invention may be embodied directly in a hardware processor for execution, or in a combination of hardware and software modules in the processor for execution. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in the memory, and the processor reads the information in the memory and completes the steps of the signal processing flow in combination with the hardware.
The first device, a generation device of the session key.
Wherein the processor is configured to read the program in the memory and perform the following:
generating at least one random number;
and transmitting the corresponding random number through the quantum channel corresponding to the random number, so that a receiving party carries out hash operation on the received random number and a preset key by utilizing a hash function to generate a session key.
As an alternative embodiment, generating at least one random number includes:
generating a random number;
transmitting the corresponding random number through a quantum channel corresponding to the random number, including:
the random number is transmitted through a quantum channel corresponding to the random number.
As an alternative embodiment, generating at least one random number includes:
generating at least two random numbers;
transmitting the corresponding random number through a quantum channel corresponding to the random number, including:
and transmitting the corresponding random number through one quantum channel corresponding to each random number, wherein one random number corresponds to one quantum channel.
As an alternative embodiment, the processor is further configured to:
and transmitting the corresponding random numbers through quantum channels corresponding to each random number in the quantum communication relay network.
As an alternative embodiment, the processor is further configured to:
receiving the confirmation message fed back by the receiver, and determining the random number successfully received by the receiver;
performing hash operation on the received random number and a preset key by using a hash function to generate a session key, including:
and carrying out hash operation on the random number successfully received by the receiver and the preset key by utilizing a hash function to generate a session key.
Optionally, the hash function is a secure hash algorithm SHA-256 or a secure hash algorithm SHA-512 or a secure hash algorithm SHA-3.
The second device, a receiving device for the session key.
Wherein the processor is configured to read the program in the memory and perform the following:
receiving corresponding random numbers transmitted by a quantum key distribution terminal through at least two quantum channels;
and carrying out hash operation on the received random number and the preset key by utilizing a hash function to generate a session key.
As an alternative embodiment, the processor is further configured to:
corresponding random numbers transmitted by at least two quantum channels in the quantum communication relay network are received.
As an alternative embodiment, the processor is further configured to:
and after the random number is successfully received, feeding back a confirmation message to the distributing end.
Optionally, the hash function is a secure hash algorithm SHA-256 or a secure hash algorithm SHA-512 or a secure hash algorithm SHA-3.
Example III
Based on the same inventive concept, the embodiment of the invention provides a quantum key secure distribution receiving device, the specific implementation of the device can be referred to the description of the embodiment part of the system, and the repetition is omitted.
First device, a generation device of session key.
The device comprises:
a random number generation unit for generating at least one random number;
and the session key unit is used for transmitting the corresponding random number through the quantum channel corresponding to the random number, so that the receiving party performs hash operation on the received random number and the preset key by using a hash function to generate the session key.
As an alternative embodiment, generating at least one random number includes:
generating a random number;
transmitting the corresponding random number through a quantum channel corresponding to the random number, including:
the random number is transmitted through a quantum channel corresponding to the random number.
As an alternative embodiment, generating at least one random number includes:
generating at least two random numbers;
transmitting the corresponding random number through a quantum channel corresponding to the random number, including:
and transmitting the corresponding random number through one quantum channel corresponding to each random number, wherein one random number corresponds to one quantum channel.
As an alternative embodiment, the session key unit is further configured to transmit the corresponding random number through a quantum channel corresponding to each random number in the quantum communication relay network.
As an alternative embodiment, it is also used for:
receiving the confirmation message fed back by the receiver, and determining the random number successfully received by the receiver;
and carrying out hash operation on the received random number and a preset key by utilizing a hash function to generate a session key, wherein the session key is used for:
and carrying out hash operation on the random number successfully received by the receiver and the preset key by utilizing a hash function to generate a session key.
As an alternative embodiment, the hash function is a secure hash algorithm SHA-256 or a secure hash algorithm SHA-512 or a secure hash algorithm SHA-3.
Second means, a receiving means for the session key.
The device comprises:
the receiving key unit is used for receiving the corresponding random numbers transmitted by the quantum key distribution terminal through at least two quantum channels;
and the session key unit is used for carrying out hash operation on the received random number and the preset key by utilizing a hash function to generate a session key.
As an alternative embodiment, the receive key unit is further configured to:
corresponding random numbers transmitted by at least two quantum channels in the quantum communication relay network are received.
As an alternative embodiment, the above device is further used for:
and after the random number is successfully received, feeding back a confirmation message to the distributing end.
As an alternative embodiment, the hash function is a secure hash algorithm SHA-256 or a secure hash algorithm SHA-512 or a secure hash algorithm SHA-3.
Example IV
The first method, the embodiment of the invention provides a method for generating a session key at a distributing end, as shown in fig. 5, the method includes:
step 501: at least one random number is generated.
In practice, the following cases are classified according to quantum channel differences:
case one: the distribution end generates a random number and sends the random number to the receiving end through a quantum channel;
and a second case: the distributing terminal generates at least two random numbers, and the random numbers are sent to the receiving terminal through at least two quantum channels corresponding to the random numbers.
Step 502: and transmitting the corresponding random number through the quantum channel corresponding to the random number, so that a receiving party carries out hash operation on the received random number and a preset key by utilizing a hash function to generate a session key.
As an alternative embodiment, transmitting the corresponding random numbers through the quantum channel corresponding to each random number includes:
and transmitting the corresponding random numbers through quantum channels corresponding to each random number in the quantum communication relay network.
As an alternative embodiment, further comprising:
receiving the confirmation message fed back by the receiver, and determining the random number successfully received by the receiver;
performing hash operation on the received random number and a preset key by using a hash function to generate a session key, including:
and carrying out hash operation on the random number successfully received by the receiver and the preset key by utilizing a hash function to generate a session key.
As an alternative embodiment, the hash function is a secure hash algorithm SHA-256 or a secure hash algorithm SHA-512 or a secure hash algorithm SHA-3.
The second method, in an embodiment of the present invention, provides a method for receiving a session key at a receiving end, as shown in fig. 6, where the method includes:
step 601: receiving corresponding random numbers transmitted by a quantum key distribution terminal through at least two quantum channels;
in practice, the sender sends at least two random numbers and the receiver receives at least one random number, since if the sender sends two random numbers, the receiver can only receive one random number once one quantum link is interfered.
Step 602: and carrying out hash operation on the received random number and the preset key by utilizing a hash function to generate a session key.
As an alternative embodiment, receiving the corresponding random number transmitted by the quantum key distribution terminal through at least two quantum channels includes:
corresponding random numbers transmitted by at least two quantum channels in the quantum communication relay network are received.
As an alternative embodiment, further comprising:
and after the random number is successfully received, feeding back a confirmation message to the distributing end.
As an alternative embodiment, the hash function is a secure hash algorithm SHA-256 or a secure hash algorithm SHA-512 or a secure hash algorithm SHA-3.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, magnetic disk storage, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.
Claims (8)
1. A method for generating a session key, the method comprising:
generating at least two random numbers;
transmitting a corresponding random number through a quantum channel corresponding to each random number, so that a receiving party carries out hash operation on the received random number and a preset key by using a hash function to generate a session key; one of the random numbers corresponds to one quantum channel;
receiving the confirmation message fed back by the receiver, and determining the random number successfully received by the receiver;
and carrying out hash operation on the random number S successfully received by the receiver and the preset key by utilizing a hash function to generate a session key.
2. The method of claim 1, wherein transmitting the corresponding random number through the quantum channel corresponding to the random number comprises:
and transmitting the corresponding random numbers through quantum channels corresponding to each random number in the quantum communication relay network.
3. The method of claim 1, wherein the hash function is a secure hash algorithm SHA-256 or a secure hash algorithm SHA-512 or a secure hash algorithm SHA-3.
4. A method for receiving a session key, the method comprising:
receiving corresponding random numbers transmitted by a quantum key distribution terminal through at least two quantum channels; after the random number is successfully received, a confirmation message is fed back to the distributing end;
and carrying out hash operation on the received random number and the preset key by utilizing a hash function to generate a session key Ks.
5. The method of claim 4, wherein receiving the corresponding random numbers transmitted by the quantum key distribution terminal through the at least two quantum channels comprises:
corresponding random numbers transmitted by at least two quantum channels in the quantum communication relay network are received.
6. The method of claim 4, wherein the hash function is a secure hash algorithm SHA-256 or a secure hash algorithm SHA-512 or a secure hash algorithm SHA-3.
7. A session key generation apparatus, characterized in that the apparatus comprises: a processor and a memory, wherein the memory stores program code that, when executed by the processor, causes the processor to perform the steps of the method of any of claims 1 to 3.
8. A receiving device for a session key, the device comprising: a processor and a memory, wherein the memory stores program code that, when executed by the processor, causes the processor to perform the steps of the method of any of claims 4 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910002534.0A CN111404674B (en) | 2019-01-02 | 2019-01-02 | Method and equipment for generating and receiving session key |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910002534.0A CN111404674B (en) | 2019-01-02 | 2019-01-02 | Method and equipment for generating and receiving session key |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111404674A CN111404674A (en) | 2020-07-10 |
| CN111404674B true CN111404674B (en) | 2023-06-27 |
Family
ID=71430221
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910002534.0A Active CN111404674B (en) | 2019-01-02 | 2019-01-02 | Method and equipment for generating and receiving session key |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111404674B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112165443B (en) * | 2020-08-01 | 2023-06-02 | 广东电网有限责任公司广州供电局 | Multi-key information encryption and decryption method, device and storage medium |
| CN112512038B (en) * | 2020-11-19 | 2022-11-29 | 中国建设银行股份有限公司 | Method and device for generating session key, electronic equipment and readable storage medium |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7639947B2 (en) * | 2005-09-19 | 2009-12-29 | The Chinese University Of Hong Kong | System and methods for quantum key distribution over WDM links |
| EP3094038B1 (en) * | 2015-05-12 | 2019-08-07 | ID Quantique S.A. | Apparatus and method for providing eavesdropping detection of an optical fiber communication |
| CN105471576B8 (en) * | 2015-12-28 | 2017-07-21 | 科大国盾量子技术股份有限公司 | A kind of method of quantum key relaying, quantum terminal node and system |
| CN106612176B (en) * | 2016-12-16 | 2019-09-24 | 中国电子科技集团公司第三十研究所 | One kind being based on quantum true random number arranging key negotiating system and machinery of consultation |
| CN108064436A (en) * | 2017-11-21 | 2018-05-22 | 深圳市汇顶科技股份有限公司 | Biometric information transmission method for building up, device, system and storage medium |
| CN108365953B (en) * | 2018-02-06 | 2020-06-23 | 中南大学 | Adaptive differential phase shift quantum key distribution system based on deep neural network and implementation method thereof |
-
2019
- 2019-01-02 CN CN201910002534.0A patent/CN111404674B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN111404674A (en) | 2020-07-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108768607B (en) | Voting method, device, equipment and medium based on block chain | |
| US10785019B2 (en) | Data transmission method and apparatus | |
| KR101725847B1 (en) | Master key encryption functions for transmitter-receiver pairing as a countermeasure to thwart key recovery attacks | |
| Rahim et al. | Study of three pass protocol on data security | |
| Bordel et al. | An intra-slice security solution for emerging 5G networks based on pseudo-random number generators | |
| CN111371790B (en) | Data encryption sending method based on alliance chain, related method, device and system | |
| KR101608815B1 (en) | Method and system for providing service encryption in closed type network | |
| US7894608B2 (en) | Secure approach to send data from one system to another | |
| KR101516114B1 (en) | Certificate-based proxy re-encryption method and its system | |
| CN111555880B (en) | Data collision method and device, storage medium and electronic equipment | |
| Lesjak et al. | Hardware-secured and transparent multi-stakeholder data exchange for industrial IoT | |
| CN110378128A (en) | Data ciphering method, device and terminal device | |
| CN111404674B (en) | Method and equipment for generating and receiving session key | |
| CN111181944B (en) | Communication system, information distribution method, device, medium, and apparatus | |
| CN114338005A (en) | Data transmission encryption method and device, electronic equipment and storage medium | |
| CN111953487B (en) | Key management system | |
| CN116488919B (en) | Data processing method, communication node and storage medium | |
| CN106487761B (en) | Message transmission method and network equipment | |
| CN115412365B (en) | Data privacy protection method based on multilayer encryption | |
| CN115828310A (en) | Data query method and device based on privacy calculation and storage medium | |
| Kushwaha et al. | Enhancing Selective Encryption Algorithm for Secured MANET | |
| CN114679262A (en) | Quantum key distribution system and method fusing asymmetric system | |
| JP2018042081A (en) | Data transmitting/receiving method and sensing system | |
| CN102291377A (en) | Data safe transmission method and device | |
| CN111131158A (en) | Single byte symmetric encryption and decryption method, device and readable medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |