A kind of quantum cryptography networks dynamic routing method
Technical field
The present invention relates to the communications field of the quantum cryptography networks of quantum communication network and classical communication network struction, particularly relate to a kind of quantum cryptography networks dynamic routing method.
Background technology
Quantum communications are novel crossed subjects that recent two decades grows up, and are the new research fields that quantum theory and information theory combine.Recently this subject progressively moves towards experiment from theory, and to practical development.The information transmission of highly effective and safe receives the concern of people day by day.
Physically, under quantum communications can be understood to be in physics limit, utilize the high performance communication that quantum effect realizes.In informatics, we then think quantum communications be utilize quantum-mechanical general principle (as quantum state can not cloning mechanisms and quantum state preparation to collapse character etc.) or utilize the quantized system particular attributes such as quantum state Teleportation, and the method measured of quantum completes the information transmission between two places.
Quanta cryptology technique based on quantum-key distribution (QKD) agreement is one of most important practical application of present stage quantum communications.Traditional cryptography is the cryptographic system based on mathematics, and quantum cryptography is based on quantum mechanics, its fail safe be based upon uncertainty principle, quantum can not clone and on the physical characteristic such as quantum coherence, be proved to be to be perfectly safe, so quantum cryptography causes the great attention of academia.
Quantum cryptography networks is a kind of secure communication network adopting quantum cryptography.As shown in Figure 1, quantum cryptography networks is jointly built by classical communication network and QKD network to form.QKD network forms, for key distribution primarily of QKD terminal equipment and quantum link.Classical communication Web vector graphic quantum key realizes the encryption and decryption of data and the transmission of enciphered data.Quantum cryptography networks node is generally made up of a classical communication terminal being connected to classical communication network and the QKD device end that is connected to quantum communication network.The network node of quantum cryptography networks is generally divided into terminal node and via node two kinds.Due to the restriction of quantum communications ultimate range and the consideration for networking cost, direct-connected quantum link is there is not between many terminals, can not realize the direct distribution of quantum key, the coded communication data between them need the forwarding by via node.Fig. 2 and Fig. 3 demonstrates terminal node Alice and Bob realizes quantum key coded communication process by a via node and multiple via node respectively.
Larger quantum cryptography networks can have a large amount of via nodes, and the coded communication data between terminal node by the transfer of one or several via node, and can have different optional via nodes when turning in the data.How to select the communication data of any two nodes in quantum cryptography networks by start node arrive destination node the via node that will pass through in order, we are referred to as quantum cryptography networks route.
The simple quantum cryptography networks of structure, the i.e. negligible amounts of via node and terminal node and the relatively-stationary quantum cryptography networks of network configuration, generally by static routing mode, namely the route lines between static in the via node all terminal nodes of write, realizes the Route Selection of communication data encryption and decryption.The shortcoming of static routing is, when whole network adds or delete a via node, almost to need again the routed path of planning network, and upgrade the routed path of all relevant via nodes.When another shortcoming is the quantum key quantity not sufficient when a paths, communicating pair can only wait for that the QKD equipment on this paths generates enough quantum keys and could continue communication.
Quantum cryptography networks scale constantly increases.Present quantum cryptography networks has expanded to metropolitan area network scope, and terminal node can reach thousands of, and via node quantity can reach up to a hundred, and due to the expansion of node maintenance and network size, network topology is constantly change.In this case, configure loaded down with trivial details static routing method no longer applicable, we need a kind of dynamic routing method of applicable quantum cryptography networks.
Due to the particularity of quantum cryptography networks, the design of the dynamic routing method of quantum cryptography networks must take into full account following factor:
1. network topology change is frequent.In quantum cryptography networks, can communication data arrive another network node by a network node, namely whether there is routed path between two nodes, depend on whether there is enough quantum keys between these two nodes, namely whether quantum key amount determines routed path and can use.And quantum key is constantly consumed and generates, therefore whether path can with also may constantly change.
2. quantum cryptography networks route needs to take into full account and the utilance of increasing amount sub-key.Often jump path through one due to communication data all to need to consume a certain amount of quantum key, and the quantum key Internet resources that to be quantum cryptography networks the most valuable, there is very high manufacturing cost, so the method for routing of quantum cryptography networks will as much as possible make communication data experience fewest number of hops path from start node to destination node, to reach the object of consumes least amount quantum key.
3. quantum cryptography networks route needs the fail safe considering communication data, namely will ensure that each step of the routed path that communication data will pass through has enough quantum keys and realizes data encryption, to realize the absolute safety of quantum cryptography networks.
Due to above factor, the route of quantum cryptography networks route and classic network has the difference of following essence:
1. the routing node of classic network is generally router or switch, only realize the forwarding capability of data, communication data is not processed, and the via node of quantum cryptography networks route is the network node with QKD equipment, needs decrypt data and encryption;
2. whether the path between classic network routing node can connect with depending on the network bandwidth or whether there is reliable physical, and whether there is available quantum key between the via node that two ends, path can be depended on (namely whether communication data can arrive another via node from a via node) in path between the via node of quantum cryptography networks route whether;
3. the encryption mechanism of quantum cryptography networks needs to consume a large amount of keys, sometimes key depletion rate is much larger than formation speed, the path of quantum cryptography networks can be in down state due to the quantum key quantity not sufficient at two ends, path, therefore relative to classic network, the path status change of quantum cryptography networks is often comparatively frequent.
The route that above feature determines quantum cryptography networks can not directly adopt classic network method for routing.Relative to classic network route, the dynamic routing method of quantum cryptography networks must have following characteristics: one is the quantum key amount at network path two ends is one of most important routing parameters determining network topology state; Two is change informations that via node must collect via node and path sooner more accurately; Three is that quantum cryptography networks route needs to have network topological convergence speed faster; Four is that quantum cryptography networks route will have higher quantum key utilance.
And up to now, also do not have a kind of dynamic routing method of perfect applicable quantum cryptography networks to be suggested.The Patents of the quantum cryptography networks route that can retrieve is as described below:
Chinese patent No.201010144106.0 discloses " quantum router and method for routing thereof for multi-user photon communication network ", this patent formula is applied to quantum communication network, by controlling optical cross-connect, realize the connection between two users, do not consider that whether the quantum key amount on communication path is sufficient.United States Patent (USP) NO.8,122,242B2, NO.7,392,378B1 and NO.7,441,267B1, these three sections of patents are a series of Patents, what say is how network node system selects the technical scheme of routed path to the data flow that will enter communication network under the prerequisite of known many quantum cryptography networks routed paths, the different routed paths of node system have different cryptographic capabilities, and according to the cryptographic capabilities of these paths of parameter Estimation such as the size of key of certain paths, the strongest path of Choice encryption ability is as the path of down hop.But this patent formula exists two shortcomings: the first, the overall routed path selected by this patent formula may not be shortest path; Second, the a certain jumping path that in overall routed path selected by this patent formula, cryptographic capabilities is minimum, the cryptographic capabilities in a certain jumping path that may be minimum than cryptographic capabilities in another optionally overall routed path is lower, and the cryptographic capabilities of a paths is often limited by the cryptographic capabilities in that minimum jumping path of its cryptographic capabilities.
Above quantum cryptography networks route Patents, the complete scheme of quantum cryptography networks dynamic routing is not all provided, namely how according to the change of quantum cryptography networks topology status, communication data is sent to destination node from start node by selecting via node, and less quantum key can be consumed while ensuring communication safety property.
Summary of the invention
The present invention proposes a kind of quantum cryptography networks dynamic routing method, the method realizes the dynamics route selection of communication data coded communication between quantum cryptography networks node according to the change of quantum cryptography networks topology status, and permissible dose subcipher network dynamic expansion also realizes data security communication according to the change of network topology state.In quantum cryptography networks, a general via node directly can connect several terminal node and via node, and a terminal node only connects a unique via node usually.
Technical scheme of the present invention is as described below:
The network topology state information that each via node in quantum cryptography networks obtains every the set time upgrade once, interlude we be referred to as topology the update cycle.
For the via node of whole network arranges routing server, each via node is collected and is processed this via node state information within each topology update cycle, and the state information of this via node that each via node is collected comprises:
(1) whether the quantum link between this via node and each adjacent node is in normal operating conditions;
(2) the quantum key amount between this via node and each adjacent node;
(3) pace of change of the quantum key amount between this via node and each adjacent node.
When wherein state information (3) depends on the formation speed of quantum link quantum key and classical channel encryption and decryption, the depletion rate of quantum key, generally calculates according to the statistical value of size of key.
According to above-mentioned state information (2), (3), via node judges whether the neighborhood paths of this via node within the next topology update cycle can be used.Neighborhood paths refers to the shortest quantum cryptography networks routed path between this via node and adjacent node.Whether neighborhood paths can with depending on whether two ends, path exist enough quantum keys.
The state information of via node may be not limited only to the above-mentioned information enumerated, and other all information relevant to network topology state maybe may affect the information of network topology state, can be positioned at considered row according to practical situations.
Within each topology update cycle, each via node is by the state of neighborhood paths, namely whether can use within the next topology update cycle, with the surplus sub-key amount that described available neighborhood paths two ends are predicted, and the operating state of adjacent quantum link, via node information etc., report in routing server.After routing server collects the topology status information of each via node, generate the network topology state information in the next topology update cycle, and send it to all via nodes of network, upgrade the network topology state information of each via node.Routing server, every the set time (i.e. a topological update cycle), issues once up-to-date network topology state information to each via node.Network topology state information herein refers in particular to the neighborhood paths information between quantum cryptography networks via node information, the state information of quantum link and each via node.Each via node according to the network topology state information obtained from server, can calculate the shortest path of this via node to other via nodes, the path that namely jumping figure is minimum, for the network terminal communication data through this via node provides Route Selection.
The determination methods of the state (namely whether can use within the next topology update cycle) of above-mentioned neighborhood paths is as follows:
According to the remaining quantum key amount in neighborhood paths two ends and pace of change thereof, calculate and predict the surplus sub-key amount at next topology update cycle neighborhood paths two ends, if remaining quantum key amount is less than predetermined threshold value, then think that this path is unavailable within the next topology update cycle, on the contrary available.
If the operating state that via node is adjacent the quantum link of node changes, then at any time operating state is reported routing server.If by QKD equipment, via node knows that the quantum link between itself and certain adjacent node is in abnormality, and this abnormality is reported routing server, then routing server send immediately survival detection signal confirm whether the via node of this quantum link other end survives, if routing server does not receive feedback information and its topology status reporting information of this via node within predetermined time of delay, then think that the via node of this quantum link other end is unavailable, delete the network topology state information that the via node of the other end is corresponding.
For the via node of new access network, new via node needs the operating state reporting its essential information and all adjacent quantum link to routing server, and the adjacent node with stylish via node also needs the operating state of the quantum link reported between this new via node; For the direct-connected quantum link of access new between two via nodes, the via node at quantum link two ends needs the operating state reporting this link.In addition, whether the via node at new quantum link two ends, after receiving the topological lastest imformation of routing server, report neighborhood paths can use within the next topology update cycle, and the surplus sub-key amount that described available neighborhood paths two ends are predicted.After routing server receives the reporting information of relevant via node, new via node information and/or new route information are added in network topology structure.
The computational methods of above-mentioned shortest path are as follows:
1) suppose that topology information figure (G, E) of whole network represents, wherein G represents the set on summit, E represents the set in path, and a summit in the corresponding G of this via node, represents with s, construct the tree that take s as root node, using the ground floor node of root node s as tree;
2) t is any one other summit in G, t ≠ s, if have the path (s of s to t in E, t), then using the child node of t as root node s, be also a second layer node of tree, and will with path (s, t) corresponding limit is also added in tree, and all second layer nodes satisfied condition in G are added in search, and add corresponding limit;
3) number of plies of the tree constructed represents with L, by the set expression not belonging to the residue summit of tree in G is
for any summit
consider the quantity n of u to the path of the L node layer of tree:
If n=0, then consider the next one
in summit;
If n>0, if there is path in u and certain L node layer r, then corresponding for this path limit is added in tree, u is added in tree simultaneously, as the L+1 node layer of tree, if L node layer r corresponding to this path occurs m time at L layer, then corresponding for this path limit to be added in tree m time, simultaneously u also corresponding interpolation m time, makes node u and each L node layer r one_to_one corresponding; If u has added complete to the limit that all paths of L node layer of tree are corresponding all, then by u from
middle deletion;
4) if also have summit not add in tree in G, by L=L+1, step 3 is repeated), until the summit in all G is all added in tree, or repeat step 3) after
till the quantity on middle summit does not change;
5) for any one via node v, the shortest path of s to v in the path of s to v and corresponding diagram (G, E) in tree, the i.e. shortest path of via node s to v in a network; If existed more than a shortest path, then by each bar shortest path, each jumps the surplus sub-key amount in path separately by ascending order arrangement, first the minimum value of surplus sub-key amount is compared, choose that paths that minimum value is maximum, if minimum value is all identical, then more secondary minimum value, choose that paths that time minimum value is maximum, the like, if the surplus sub-key amount of each bar shortest path is identical, then random selecting one paths.
If the down hop path of the shortest path searched is unavailable, then this via node deletes the path of down hop in network topology state information, again finds time shortest path according to described method.Following situations likely causes the down hop path of shortest path unavailable:
I. network equipment working abnormal state;
Ii. a topological update cycle does not terminate, and quantum key shifts to an earlier date approach exhaustion.
To terms more of the present invention, be explained as follows:
Quantum cryptography networks: a kind of secure communication network adopting quantum cryptography, jointly built by classical communication network and QKD network to form, QKD network is primarily of QKD terminal equipment and quantum link composition, for key distribution, can share the quantum key for encryption and decryption communication between two QKD terminal equipments, classical communication Web vector graphic quantum key realizes the encryption and decryption of data and the transmission of enciphered data.
Quantum link: for connecting QKD terminal equipment, realizing the connecting link of quantum key distribution in QKD network, be generally optical fiber or free space.
Quantum cryptography networks via node: referred to as via node, is different from terminal node, for realize not existing direct-connected quantum link terminal node between the safe transfer of coded communication data, as shown in accompanying drawing 2 and accompanying drawing 3.
Quantum cryptography networks route: the communication data in quantum cryptography networks in order via one or several via node from initial terminal node arrive object terminal node the path that forms of the via node of process.
Adjacent node: build direct-connected quantum link with this via node, directly can generate other via nodes of shared quantum key.
Adjacent node: there are other via nodes of shared quantum key with this via node, but and not necessarily there is direct-connected quantum link between this via node.
Neighborhood paths: the shortest quantum cryptography networks routed path between this via node and adjacent node.
Operation principle of the present invention is as follows:
1. centralized network Topology Management.For the via node of whole quantum cryptography networks arranges routing server, the topological update cycle of setting quantum cryptography networks; Within each topology update cycle, each via node is collected and is processed the state information of this via node, result is reported in routing server; After routing server collects the topology status information of each via node, generate the quantum cryptography networks topology status information in the next topology update cycle, and send it to all via nodes of quantum cryptography networks; Each via node is according to the quantum cryptography networks topology status information obtained from routing server, calculate the shortest path of this via node to other via nodes, namely the path that jumping figure is minimum, for the network terminal communication information through this via node provides Route Selection.
2. via node state information collection.Within each topology update cycle, each via node in network collects the state information of this via node, comprises the pace of change of the operating state of the quantum link between this via node and each adjacent node, the remaining quantum key amount between this via node and each adjacent node, the quantum key amount between this via node and each adjacent node.
3. in the via node prediction next topology update cycle, whether neighborhood paths can be used.Within each topology update cycle, via node is according to the pace of change of the surplus sub-key amount between adjacent node and quantum key amount, calculate and predict the surplus sub-key amount in the next topology update cycle between via node, if surplus sub-key amount is less than predetermined threshold value, then think that this path is unavailable in the next topology update cycle, otherwise it is available, report in routing server by the surplus sub-key amount that this result and described available neighborhood paths two ends are predicted, each topology update cycle reports once.
4. the reporting of quantum link operating state.If QKD equipment fault or link failure or other fault cause quantum link can not normal generation sub-key, then all think that this quantum link is in abnormality; Otherwise, think that this quantum link is in normal condition.By QKD equipment, via node can know whether its adjacent quantum link is in abnormality, and report in routing server by result, and each topology update cycle reports once.If the operating state of the quantum link of via node and adjacent node changes, then at any time operating state is reported routing server.
5. routing server receives and processes topology status information.Routing server receives the topology status information of each via node.Whether whether the topology status information spinner of described via node will comprise the nodal information of this via node, the neighborhood paths of this via node can be in normal operating conditions with the adjacent quantum link of, surplus sub-key amount that described available neighborhood paths two ends are predicted and this via node within the next topology update cycle.The nodal information of this described via node, mainly refers to the identification information of this via node, and the relevant information that may relate in some Routing Protocols.
If the via node at paths two ends judges that this path can be used simultaneously, then routing server judges that this path can be used; If any one via node at two ends, path judges that this path is unavailable, then routing server judges that this path is unavailable.The result of determination of two ends, path via node should be consistent under normal circumstances.
If routing server knows that the adjacent quantum link operating state of a via node is abnormal, then transmit a signal to the via node of the other end of this quantum link immediately, detect it and whether be in existing state.If routing server does not receive the feedback information of this via node and its topology status information reported within predetermined time of delay, then the neighborhood paths between the via node judging these quantum link two ends is unavailable.
6. routing server distributing network topology status information.Described network topology state information comprise neighborhood paths between via node information in network, the state information of quantum link, via node whether can with and the information of surplus sub-key amount predicted of described available neighborhood paths two ends.Up-to-date network topology state information is distributed to each via node every a topological update cycle by routing server termly.After via node receives up-to-date network topology state information, immediately according to the method computational prediction described in 3 and report the neighborhood paths of this via node within the next topology update cycle whether can with and the information of surplus sub-key amount predicted of described available neighborhood paths two ends, and report the adjacent quantum link of this via node whether to be in normal operating conditions according to the method described in 4, and the nodal information of this via node is reported routing server.
7. the deletion of via node.Routing server initiatively sends survival Detection Information to via node, if routing server does not receive the feedback information of this via node within predetermined time of delay, and do not receive the topology status information that this via node reports yet, then think this via node dead, delete the network topology state information that this via node is corresponding.General following situations, routing server can initiatively send survival Detection Information to via node:
if the network topology state information that via node is distributed for routing server, within a topological update cycle, does not report the topology status information of this via node.
if the via node of quantum link one end reports this link working state abnormal, routing server can send survival Detection Information to the via node of this quantum link other end.
8. the access of via node and quantum link.For the via node of new access network, new via node needs the operating state reporting its essential information and all adjacent quantum link to routing server, and the adjacent node with stylish via node also needs the operating state of the quantum link reported between this new via node; For the direct-connected quantum link of access new between two via nodes, the via node at quantum link two ends needs the operating state reporting this link.In addition, whether the via node at new quantum link two ends, after receiving the topological lastest imformation of routing server, report neighborhood paths can use within the next topology update cycle, and the surplus sub-key amount that described available neighborhood paths two ends are predicted.After routing server receives the reporting information of relevant via node, new via node information and/or new route information are added in network topology structure.
9. the calculating of optimum routed path.Via node obtains the topology status information of whole network from server, calculates the shortest path of this via node to other via nodes according to following method:
1) suppose that topology information figure (G, E) of whole network represents, wherein G represents the set on summit, E represents the set in path, and a summit in the corresponding G of this via node, represents with s, construct the tree that take s as root node, using the ground floor node of root node s as tree;
2) t is any one other summit in G, t ≠ s, if have the path (s of s to t in E, t), then using the child node of t as root node s, be also a second layer node of tree, and will with path (s, t) corresponding limit is also added in tree, and all second layer nodes satisfied condition in G are added in search, and add corresponding limit;
3) number of plies of the tree constructed represents with L, by the set expression not belonging to the residue summit of tree in G is
for any summit
consider the quantity n of u to the path of the L node layer of tree:
If n=0, then consider the next one
in summit;
If n>0, if there is path in u and certain L node layer r, then corresponding for this path limit is added in tree, u is added in tree simultaneously, as the L+1 node layer of tree, if L node layer r corresponding to this path occurs m time at L layer, then corresponding for this path limit to be added in tree m time, simultaneously u also corresponding interpolation m time, makes node u and each L node layer r one_to_one corresponding; If u has added complete to the limit that all paths of L node layer of tree are corresponding all, then by u from
middle deletion;
4) if also have summit not add in tree in G, by L=L+1, step 3 is repeated), until the summit in all G is all added in tree, or repeat step 3) after
till the quantity on middle summit does not change;
5) for any one via node v, the shortest path of s to v in the path of s to v and corresponding diagram (G, E) in tree, the i.e. shortest path of via node s to v in a network; If existed more than a shortest path, then by each bar shortest path, each jumps the surplus sub-key amount in path separately by ascending order arrangement, first the minimum value of surplus sub-key amount is compared, choose that paths that minimum value is maximum, if minimum value is all identical, then more secondary minimum value, choose that paths that time minimum value is maximum, the like, if the surplus sub-key amount of each bar shortest path is identical, then random selecting one paths.
10. the calculating of suboptimum routed path.If via node detects that the down hop path of the shortest path calculated by 9 is unavailable, then this via node deletes the path of down hop in network topology state information, again finds suboptimum routed path according to the method described in 9.
The beneficial effect of technique scheme of the present invention is as follows:
I. the present invention proposes a kind of perfect quantum cryptography networks dynamic routing scheme.The relay route of communication data between network node in quantum cryptography networks is no longer single static path, but the shortest path that the change tread of foundation network topology state is selected.
Ii. the method for routing of the technical program has adaptivity for the deletion of network trunk node and interpolation.This is conducive to the dynamic expansion of network.
Iii. routing server is set according to the scale of quantum cryptography networks and complexity and adopts centralized network Topology Management.This mode meets quantum cryptography networks has very fast convergence rate requirement to network state.
Iv. the Internet resources that quantum cryptography networks is the most valuable are quantum keys, the selection of optimum routed path adopts SPF rule, has saved quantum key, improve network resource utilization, improve network performance.
V. this routing plan has taken into full account each fail safe of jumping of selected path, thus ensure that the fail safe of communication data.
Accompanying drawing explanation
Fig. 1: the general structure of quantum cryptography networks is prior art accompanying drawing;
Fig. 2: terminal node Alice and Bob realizes quantum key coded communication by a via node, is prior art accompanying drawing;
Fig. 3: terminal node Alice and Bob realizes quantum key coded communication by multiple via node is prior art accompanying drawing;
Fig. 4: metropolitan area quantum cryptography networks local;
Fig. 5: quantum cryptography networks routing framework figure;
Fig. 6: routing server main functional modules;
Fig. 7: routing client main functional modules;
Fig. 8: quantum cryptography networks via node Path Connection view;
Fig. 9: the adjacency matrix representing network topology structure;
Figure 10: via node 27 is set to the Shortest Path Searching of other via nodes;
Figure 11: the general work flow process of this dynamic routing method;
Wherein, 1, first quantum concentrator station, 2, second quantum concentrator station, 3, 3rd quantum concentrator station, 4, 4th quantum concentrator station, 5, optical switch, 6, primary user, 7, secondary user, 8, routing server, 9, classical communication equipment, 10, quantum communications equipment, 11, classical communication layer, 12, quantum communications layer, 13, routing client, 14, first network interface module, 15, first topology information transceiver module, 16, via node survival detection module, 17, topology information logic processing module, 18, first via node information data library module, 19, second network interface module, 20, second topology information transceiver module, 21, survival detects feedback module, and 22, routing calculation module, 23, topology information processing module, 24, topology information collection module, 25, routing selecting module, 26, second via node information data library module, 27, first via node, 28, second via node, 29, 3rd via node, 30, 4th via node, 31, 5th via node, 32, 6th via node, 33, 7th via node, 34, 8th via node.
Embodiment
Below in conjunction with drawings and Examples, the invention will be further described:
The present embodiment for be the quantum cryptography networks of a metropolitan area, terminal node is thousands of, and via node is less than 100.The via node of this metropolitan area network is quantum concentrator station, the concentrator station generally several terminal node of direct lower extension or hang several terminal node 5 times by optical switch.Accompanying drawing 4 is metropolitan area quantum cryptography networks partial schematic diagram, terminal node is hung under first quantum concentrator station 1, second quantum concentrator station 2 is direct, 4th quantum concentrator station 4 hangs terminal node 5 times by optical switch, and the 3rd quantum concentrator station 3 directly lower terminal node of hanging hangs terminal node 5 times by optical switch simultaneously.Wherein, the terminal node that quantum concentrator station is hung for 5 times by optical switch is primary user 6, and the quantum concentrator station directly lower terminal node hung is secondary user 7.
Secure communication between metropolitan area quantum cryptography networks terminal node can be divided into following three kinds of situations;
1. the communication of same optical switch 5 times terminal nodes;
2. the communication of different optical switchs 5 times terminal nodes under same concentrator station, comprises directly lower communication of hanging terminal node;
3. the communication of terminal node under different concentrator station.
First two situation is comparatively simple, and the present embodiment only considers the 3rd kind of situation.Path due to terminal node and concentrator station in 3rd kind of situation is unique, so only consider the route belonging to terminal node between concentrator station.
One, route metric and route criterion
Route metric and route criterion are most important two aspects that routing algorithm will be considered.We are using jumping figure as route metric, using the shortest jumping figure as route criterion.When there being mulitpath to arrive identical destination node, via node needs a kind of mechanism to calculate optimal path.Tolerance is a kind of variable being assigned to route, and as a kind of means, tolerance can be the worst by preferably arriving, or carries out grade classification by choosing the order preferably selected at first to route.
Consider the particularity of quantum cryptography networks route, we use jumping figure as route metric.Owing to often just needing an enabling decryption of encrypted process through a concentrator station via node, same communication data hop count is fewer, and the quantum key amount that its coded communication consumes is fewer.Present stage, the quantum cryptography networks traffic was limited to quantum key formation speed, using the shortest jumping figure in path as the first criterion of route, with the service efficiency of increase sub-key.
Two, topological convergence
Topological convergence refer to that the via node in network obtains about the topology status information of whole network and the true topology status information of whole network consistent.In quantum cryptography networks communication data between concentrator station each step relaying all with amount sub-key between concentrator station for prerequisite, quantum key approach exhaustion, this path is unavailable path, and the via node of whole network needs the change knowing this topology status information immediately even in advance.
In order to meet the requirement of Fast Convergent, we adopt centralized topology information management strategy, the topology status information can knowing whole network alternately that all via nodes only need directly and routing server 8 carries out between 2, this is clearly better than the convergence rate of traditional classical network route based on the topology status information transmitting methods of inundation, rearmounted convergence needs the number of times of information interaction often relevant with the diameter of network or network local, much larger than the former.
Three, based on the routing algorithm framework of centralized network Topology Management
Routing server 8 is set, the setting topology update cycle; Within each topology update cycle, the routing client 13 being positioned at concentrator station node is collected and processes the state information of this via node, reports result in routing server 8.After routing server 8 collects the topology status information of each routing client 13, generate the topology status information of the whole network in the next topology update cycle, comprise the surplus sub-key amount that the via node information in network, the state information of quantum link, the adjacency matrix representing network topology structure and available neighborhood paths two ends are predicted, and send it to all routing clients 13 of network.Routing server 8, every a topological update cycle, issues once up-to-date network topology state information to each routing client 13.Each routing client 13 is according to the network topology state information obtained from routing server 8, calculate the shortest path (path that jumping figure minimum) of this via node to other concentrator station nodes, for the network terminal communication data through this via node provides Route Selection.
In order to corresponding with the routing server 8 arranged in the present embodiment, to be that the module being responsible for RI-Pro in concentrator station is referred to as routing client 13 in via node, all routing modules are soft mode block, be placed in high-performance computer, its relevant router-level topology has enough good computational speed.The network bandwidth environments of routing client 13 and routing server 8 is enough good simultaneously, and the transmission of its route topological information has enough little network delay.
Accompanying drawing 5 is quantum cryptography networks routing framework figure.Whole quantum cryptography networks routing framework is divided into classical communication layer 11 and quantum communications layer 12.Quantum communications layer 12 is made up of the quantum link between the quantum communications equipment 10 in concentrator station and quantum communications equipment, for key distribution, can share the quantum key for encryption and decryption communication between two quantum communications equipment 10.Classical communication layer 11 by forming containing the classical communication equipment 9 of routing client 13 and routing server 8 in concentrator station, for the transmission of the encryption and decryption and enciphered data that realize data.Neighborhood paths is there is between the classical communication equipment 9 containing routing client 13 in concentrator station, corresponding with quantum link.Within each topology update cycle, the routing client 13 of the classical communication equipment 9 containing routing client 13 in concentrator station is according to the state information of this collected via node, calculate and predict the surplus sub-key amount at neighborhood paths two ends in the next topology update cycle, if surplus sub-key amount is less than predetermined threshold value, then think that this neighborhood paths is unavailable, otherwise it is available, report in routing server 8 by the surplus sub-key amount that this result and described available neighborhood paths two ends are predicted, each topology update cycle reports once.By the quantum communications equipment 10 in concentrator station, the routing client 13 of the classical communication equipment 9 containing routing client 13 in concentrator station knows whether quantum link is in normal operating conditions, and result is reported in routing server 8, each topology update cycle reports once.If the operating state of quantum link changes, then at any time operating state is reported routing server 8.
Four, routing server function
The main functional modules of routing server 8 as shown in Figure 6, comprises first network interface module 14, first topology information transceiver module 15, via node survival detection module 16, topology information logic processing module 17 and the first via node information data library module 18.
first network interface module 14, according to network communication protocol transceiver network data, and the accuracy of checking data transmitting-receiving, and be responsible for the concurrent processing of network service.
first topology information transceiver module 15, is responsible for the topology status information of each routing client 13 in receiving network data, the topology status information of whole network is sent to routing client 13.
via node survival detection module 16, sends survival Detection Information to via node, receives the feedback information of via node, is responsible for confirming whether via node survives.
topology information logic processing module 17, by database purchase, inquire about the basic configuration information of each via node and the state information of quantum link, the information of the topology status information reported according to routing client 13 and via node survival detection module 16, generates the adjacency matrix representing network topology structure; The each via node information of network obtained by first topology information transceiver module 15 and the state information of quantum link are stored in via node information database.
first via node information data library module 18, stores the basic configuration information of each via node and the state information of quantum link.
Five, routing client function
The main functional modules of routing client 13 as shown in Figure 7, comprises second network interface module 19, second topology information transceiver module 20, survival detects feedback module 21, routing calculation module 22, topology information processing module 23, topology information collection module 24, routing selecting module 25 and the second via node information data library module 26.
second network interface module 19, according to network communication protocol transceiver network data, and the accuracy of checking data transmitting-receiving.
second topology information transceiver module 20, is responsible for the network topology state information receiving routing server 8 transmission, by the topology status information reporting of this via node to routing server 8.
survival detects feedback module 21, receives the survival Detection Information that routing server 8 sends, and sends feedback information, inform that routing server 8 via nodes are still survived.
routing calculation module 22, via node information in the surplus sub-key amount that the adjacency matrix of expression network topology structure sent according to routing server 8, available neighborhood paths two ends are predicted and database calculates the shortest path of this via node to other via nodes, and by shortest path stored in database.
topology information processing module 23, the information that process topology information collection module 24 is collected, determine the topology status information reporting routing server 8, comprise this via node information, whether whether the neighborhood paths of this via node can be in normal operating conditions with the adjacent quantum link of, surplus sub-key amount that described available neighborhood paths two ends are predicted and this via node within the next topology update cycle; The each via node information of network obtained by second topology information transceiver module 20 and the state information of quantum link are stored in via node information database.
topology information collection module 24, collect the state information of this via node, comprise the operating state of the quantum link between this via node and each adjacent node, remaining quantum key amount between this via node and each adjacent node, the formation speed of quantum key and depletion rate between this via node and each adjacent node.
routing selecting module 25, reads the routing information in via node information database, for communication data provides down hop route.
second via node information data library module 26, stores the routing information that the basic configuration information of each via node, the state information of quantum link and routing calculation module 22 calculate.
Six, shortest path first
Via node obtains the topology status information of whole network from server, calculates the shortest path of this via node to other via nodes according to following method:
1) suppose that topology information figure (G, E) of whole network represents, wherein G represents the set on summit, E represents the set in path, and a summit in the corresponding G of this via node, represents with s, construct the tree that take s as root node, using the ground floor node of root node s as tree;
2) t is any one other summit in G, t ≠ s, if have the path (s of s to t in E, t), then using the child node of t as root node s, be also a second layer node of tree, and will with path (s, t) corresponding limit is also added in tree, and all second layer nodes satisfied condition in G are added in search, and add corresponding limit;
3) number of plies of the tree constructed represents with L, by the set expression not belonging to the residue summit of tree in G is
for any summit
consider the quantity n of u to the path of the L node layer of tree:
If n=0, then consider the next one
in summit;
If n>0, if there is path in u and certain L node layer r, then corresponding for this path limit is added in tree, u is added in tree simultaneously, as the L+1 node layer of tree, if L node layer r corresponding to this path occurs m time at L layer, then corresponding for this path limit to be added in tree m time, simultaneously u also corresponding interpolation m time, makes node u and each L node layer r one_to_one corresponding; If u has added complete to the limit that all paths of L node layer of tree are corresponding all, then by u from
middle deletion;
4) if also have summit not add in tree in G, by L=L+1, step 3 is repeated), until the summit in all G is all added in tree, or repeat step 3) after
till the quantity on middle summit does not change;
5) for any one via node v, the shortest path of s to v in the path of s to v and corresponding diagram (G, E) in tree, the i.e. shortest path of via node s to v in a network; If existed more than a shortest path, then by each bar shortest path, each jumps the surplus sub-key amount in path separately by ascending order arrangement, first the minimum value of surplus sub-key amount is compared, choose that paths that minimum value is maximum, if minimum value is all identical, then more secondary minimum value, choose that paths that time minimum value is maximum, the like, if the surplus sub-key amount of each bar shortest path is identical, then random selecting one paths.
Seven, the access of concentrator station node and quantum link.
For the concentrator station node of new access network, new via node needs the operating state reporting its basic configuration information and all adjacent quantum link to routing server 8, and the adjacent node with stylish via node also needs the operating state of the quantum link reported between this new via node; For the direct-connected quantum link of access new between two via nodes, the via node at quantum link two ends needs the operating state reporting this link.In addition, whether the via node at new quantum link two ends, after receiving the topological lastest imformation of routing server 8, report neighborhood paths can use within the next topology update cycle, and the surplus sub-key amount that described available neighborhood paths two ends are predicted.After routing server 8 receives the reporting information of interdependent node, new via node and/or new route information are added in network topology structure.
Fig. 8 gives the small-sized prediction connection layout of quantum cryptography networks via node within some topology update cycles, and wherein dotted line represents that the quantum key on path is not enough, and can not realize the quantum key coded communication on this path, namely path is unavailable; Solid line represents the quantum key coded communication can carried out on this path, and namely path can be used.
Fig. 9 gives the adjacency matrix representing Fig. 8 network topology structure.Matrix dimension is 8X8, represents between first these 8 via nodes of via node 27 to the eight via node 34 in Fig. 8, whether neighborhood paths can be used.Matrix element (i, j) (wherein 1≤i≤8,1≤j≤8) represents whether i-th via node can be used to the neighborhood paths of a jth via node, and its value is that 1 expression is available, is that 0 expression is unavailable or there is not neighborhood paths; Matrix diagonals element is 0, represents via node and self does not form neighborhood paths.Such as, the neighborhood paths of the first via node 27 to the four via node 30 in Fig. 8 can be used, then the value of the matrix element (Isosorbide-5-Nitrae) in corresponding Fig. 9 is 1; The neighborhood paths of the second via node 28 to the six via node 32 in Fig. 8 is unavailable, then the value of the matrix element (2,6) in corresponding Fig. 9 is 0; There is not neighborhood paths between the 5th via node 31 in Fig. 8 and the 7th via node 33, then the value of the matrix element (5,7) in corresponding Fig. 9 is 0; In Fig. 8, the 3rd via node 29 and the 8th relaying save between 34 and there is not neighborhood paths, then the value of the matrix element (3,8) in corresponding Fig. 9 is 0.
Figure 10 illustrates the Shortest Path Searching tree of the network topology structure structure of the first via node 27 represented by Fig. 9 adjacency matrix.Especially, there are two shortest paths in the first via node 27 to the six via node 32, and the first via node 27 to the eight via node 34 exists three shortest paths, now need to choose a shortest path according to the step 5) of shortest path first described in the present invention.Such as, if the surplus sub-key amount predicted between the first via node 27 and the 4th via node 30, the 7th via node 33 is respectively 70kB and 50kB, and the 6th via node 32 and the 4th via node 30, the surplus sub-key amount predicted between the 7th via node 33 are respectively 40kB and 60kB; In two shortest paths due to the first via node 27 to the six via node 32, the minimum value of the surplus sub-key amount that each jumping path respective is predicted is respectively 40kB and 50kB, and 50kB is greater than 40kB, then choose the first via node 27 arrives the 6th via node 32 this paths via the 7th via node 33, as the shortest path of the first via node 27 to the six via node 32.
As shown in figure 11, the general realization flow of this routing algorithm, is divided into following concrete steps:
Step (1), arranges routing server;
Step (2), the process of via node state information periodic harvest;
Step (3), via node topology status property information cycle reports;
Step (4), routing server is collected and is processed the topology status information of each via node;
Step (5), routing server is to each via node distributing network topology status information;
Step (6), the optimal path computation of via node.
By reference to the accompanying drawings the specific embodiment of the present invention is described although above-mentioned; but not limiting the scope of the invention; one of ordinary skill in the art should be understood that; on the basis of technical scheme of the present invention, those skilled in the art do not need to pay various amendment or distortion that creative work can make still within protection scope of the present invention.