CN106452761B - A kind of error correction method of multi-party quantum secret sharing system - Google Patents
A kind of error correction method of multi-party quantum secret sharing system Download PDFInfo
- Publication number
- CN106452761B CN106452761B CN201611028419.3A CN201611028419A CN106452761B CN 106452761 B CN106452761 B CN 106452761B CN 201611028419 A CN201611028419 A CN 201611028419A CN 106452761 B CN106452761 B CN 106452761B
- Authority
- CN
- China
- Prior art keywords
- error correction
- key
- segment length
- receiving end
- transmitting terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B10/00—Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
- H04B10/70—Photonic quantum communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
- H04L9/0858—Details about key distillation or coding, e.g. reconciliation, error correction, privacy amplification, polarisation coding or phase coding
Abstract
The present invention relates to a kind of error correction methods of multi-party quantum secret sharing system, comprising the following steps: S1: the computing system bit error rate;S2: optimal segment length's sequence is found according to error rate of system;S3: loop iteration executes following steps: S3.1: data rearrangement;S3.2: sender's primary key and shared key are segmented according to optimal segment length;The parity check sum of the segment key of transmitting terminal and receiving end is calculated separately, transmitting terminal and each receiving end operation result is compared, obtains the different segment key of operation result;S3.3: errant bit locations are found out by Winnow error correction algorithm;S3.4: negating according to 0 or 1 value of the errant bit locations to corresponding position in sender's primary key, until reaching maximum number of iterations stops circulation;S4: verification error correction result;If error correction success, terminates operation;If error correction is unsuccessful, corresponding secret key is abandoned.The present invention proposes a kind of high reliablity, and error correction efficiency is high, is applicable to the error correction method of multi-party quantum secret sharing system.
Description
Technical field
The present invention relates to Technique on Quantum Communication fields, and in particular to quantum key distribution technical field, more particularly to it is a kind of
The error correction method of multi-party quantum secret sharing system.
Background technique
In certain occasions, in order to allow more people to undertake the risk of protection classified information, or reinforce to some secret information
Encryption strength needs multiple participants to participate in protection secret information jointly.For example, the control of guided missile and transmitting, important place
It is current, testament come into force etc. all to be simultaneously participated in by two or more people can just come into force, that is, need to give secret into more people
Common management.Such case can be by side that secret information is split into several parts and managed jointly by several participants
Formula realizes that the mode of this protection information is known as privacy sharing.
Classical secret sharing scheme is realized multi-party (at least tripartite), wherein a side needs handle as leading side
Encryption key distribution gives other receiving ends, since there may be a mistrustful sides, so recipient needs to join together to carry out
Operation could obtain encryption key.
Recently as the development of Technique on Quantum Communication, the privacy sharing based on quantum key gradually causes information security
The concern in field.The Chinese patent application of Publication No. 104821875A discloses a kind of quantum secret sharing method, specifically such as
Under:
Two unitary trallsformations are constructed, two groups of complete intrinsic quantum states are provided;Annular quantum secret sharing communication is carried out,
Based on intrinsic quantum state space, transmitting terminal Alice prepares photon sequence at random and issues receiving end Bob;Bob from photon sequence with
Machine chooses verification photon and carries out or measure, and is encoded according to key word string to remaining photon, photon issues reception after coding
Hold Charlie;Charlie carries out verification photon survey to received photon sequence, is carried out according to key word string to remaining photon
It encodes, photon issues Alice after coding;Alice judges whether communication channel is safe, reads Bob and Charlie joint and is carried out
Encoding operation.
On the one hand, what is carried out during the privacy sharing method is annular quantum secret sharing communication, the light of Alice preparation
Subsequence is successively returned again to after Bob and Charlie processing to Alice, is deposited in complicated photon sequence transmission, treatment process
The light loss, error code the problems such as, the reliability of the sharing method is also influenced whether.
On the other hand, key is related merely to during the privacy sharing and share distribution problem, be not related to distributing
Error correction afterwards, does not provide corresponding error correction method yet, and reliability is not high.Further, existing error correction method is only applicable to two sides
Error correction is not directly applicable multi-party error correction.
Winnow error correction algorithm is one of big error correction algorithm of QKD system three, but is confined to two side's error correction at present.Doctor
Paper " quantum key distribution Study on Real-time Process " describes Winnow error correction algorithm, specific as follows:
1, key string is divided into length N_h=2 by Alice and Bobm- 1 cipher key sections, wherein m is Hamming syndrome
Length, it determines the length N_h of Hamming code.
2, Alice calculates the parity values of each cipher key sections, sends them to Bob, and Bob calculates corresponding secret key section
Parity values and Alice's makes comparisons, and takes out the different section of even-odd check result.
3, Alice and Bob is respectively denoted as them set A and B, and Alice calculates the Hamming companion of each cipher key sections in A
With formula S_ (a, i) (i ∈ A), Bob is sent it to, Bob calculates S_ (b, i) (i ∈ B), calculates S_ afterwards acquiring S_ (a, i)
(d, i)=S_ (a, i) ⊕ S_ (b, i).
4, according to the characteristic of Hamming code, S_ (d, i) indicates the position of error bit in i-th of subsegment of Alice and Bob,
The key bit of Bob overturning position S_ (d, i), i.e., 0 → 1,1 → 0.
5, Alice and Bob upsets key string according to same way.
6, terminate after repeating above-mentioned error correction procedure n times.
Traditional winnow error correction algorithm that doctoral thesis " correlative study of remote quantum key distribution system " refers to,
In subsequent iterative process, current segment length is selected as 2 times of last iteration segment length.Segment length's selection of this method is too simple,
Segment length is not optimal value, inefficient.
In view of the above-mentioned problems, Chinese invention patent application file " a kind of quantum key point that notification number is 106027230A
The method that Hamming error correction is carried out to error code in hair post-processing ", it is long by changing key block block, improve entangling for Hamming error-correction protocol
Wrong efficiency.However the method is only applicable to two side's error correction, is not directly applicable multi-party error correction.And the error correction method is not chosen
Optimal segment length need to be continuously circulated until both sides' key agreement, more redundant and complicated.
In summary, since what is carried out during the privacy sharing method of the prior art is that annular quantum secret sharing is logical
Letter, the photon sequence of Alice preparation are successively returned again to after Bob and Charlie processing to Alice, in complicated photon sequence
Biographies are defeated, treatment process the problems such as there are light loss, error code, also influence whether the reliability of the sharing method.Since information is pressed
It is transmitted according to ring structure, needs the time longer.
Key is related merely to during the privacy sharing shares distribution problem, the error correction after not being related to distribution,
Corresponding error correction method is not provided, and reliability is not high yet.
Or two side's error correction are suitable only for, it is not directly applicable multi-party error correction.
In existing Winnow error correction method, error correction method does not choose optimal segment length, need to be continuously circulated until both sides
Key agreement, more redundant and complicated, and two side's error correction are only applicable to, it is not directly applicable multi-party error correction.
Summary of the invention
It is an object of the invention to propose a kind of high reliablity, error correction to avoid above-mentioned deficiency of the prior art
It is high-efficient, it is applicable to the error correction method of multi-party quantum secret sharing system, to solve in complicated photon sequence transmission, processing
There is light loss, error code and can not achieve error correction in process.
The present invention provides be applied to the multi-party quantum secret sharing platform including transmitting terminal and at least two receiving ends, packet
Include following steps:
S1: the error code rate pe X of computing system;
S2: segment length's arrangement set is calculated;The transmitting terminal is found most in segment length's arrangement set according to error rate of system PeX
Excellent segment length's sequence seg is denoted as seg={ seg (1) ..., seg (i) ..., seg (n) }, and i ∈ [1, n], n are time of greatest iteration
Number, seg (i) are the segment length of i-th iteration;
S3: loop iteration executes following steps:
S3.1: the initial value for enabling i is 1, and sharing for sender's primary key of the transmitting terminal and each receiving end is close
Key upsets key string in the same way to carry out data rearrangement;
S3.2: being segmented sender's primary key and shared key according to segment length seg (i), and it is close to obtain several segmentations
Key;The parity check sum for calculating separately the segment key of transmitting terminal and receiving end carries out operation to each receiving end parity check sum,
Transmitting terminal and each receiving end operation result are compared, obtains different segment keys;
S3.3: the length r of Hamming syndrome is calculated according to seg (i), Hamming matrix H is obtained, passes through Winnow error correction algorithm
In the different segment key of the operation result that the step S3.2 is obtained, errant bit locations are found out;
S3.4: negating according to 0 or 1 value of the errant bit locations to corresponding position in sender's primary key, and update i is i+
1, return step S3.1;Until i=n+1, stops circulation;
S4: verification error correction result;If error correction success, terminates operation;If error correction is unsuccessful, corresponding secret key is abandoned.
Preferably, the method for calculating segment length's arrangement set includes the following steps:
False edges eps is arranged in SA;Initial Hamming syndrome length r0 is set, and limits the value range r0 ∈ of r0
[rmin, rmax];Segment length's increment d is set, and limits the value range d ∈ [dmin, dmax] of d;At the beginning of limiting the bit error rate
The value range Pe0 ∈ [Pe0min, Pe0max] of initial value Pe0, bit error rate initial value Pe0 are minimized Pe0min;
Error code rate pe is assigned bit error rate initial value Pe0, initial Hamming syndrome length r0 assignment rmin, initialization one by SB
Segment length's sequence of a sky, and will be in the empty segment length's sequence of r0 write-in;
SC takes d=dmin, r=r0;Analog error correction, the bit error rate P-next after calculating the corresponding error correction of bit error rate pe, and
Pe is assigned a value of P-next;
SD carries out constantly incremental operation as increment using d to Hamming syndrome length r and is continuously available new r value, every to update one
A r value then calculates new P-next, and is assigned to Pe and forms updated Pe;Until when meeting Pe < eps, this operation
Terminate;The value of r in circulation every time is successively recorded, composition sequence is written in segment length's sequence;
SE, ascending traversal segment length increment d, often taking a d value, then return step SD carries out loop iteration operation, until
When d > dmax, this circulation terminates;
SF, the ascending initial Hamming syndrome length r0 of traversal, often takes a r0 value, recycles to step SC-SE
Operation, until this circulation terminates when r0 > rmax;
SG combines segment length's sequence in the step SD, obtains the corresponding segment length's arrangement set of Pe0.Preferably, by
The small bit error rate initial value Pe0 described to big traversal;A Pe0 value is often taken, returns and executes the step SB~SG, and in institute
Next Pe0 value is chosen in the value range of the bit error rate initial value Pe0 stated;Until terminating operation when Pe0 > Pe0max.
Preferably, finding optimal segment length's sequence in the step S2 and including the following steps: mould in the step SC
When quasi- error correction, the corresponding exposed information percentage of each segment length's sequence is calculated;Corresponding segment length's sequence is obtained according to error rate of system PeX
Column set, defines the value range of optimal segment length's sequence, takes the smallest class value of percentage w for wherein exposing information, obtains most
Excellent segment length's sequence.
In the step SC, the bit error rate after calculating error correction includes the following steps: to remember that key bit number is m0;According to
K=Pe × m0Number of error bits k is calculated, calculates the probability containing number of error bits k according to the following formula:
P is calculated according to (formula one)2kAnd P2k+1,
The bit error rate after this error correction is then calculated by following formula:
Preferably, the bit error rate of each receiving end relative to transmitting terminal, is maximized note respectively in the step S1
For the error code rate pe X of system.
Preferably, in the step S3.1, by random number string identical with the length of primary key, shared key point
Dispensing transmitting terminal and each receiving end;Set primary key, shared key length as D, then each data in random number string
Value range is [1, D] and does not repeat mutually;By the data in key, number corresponding with random number string is signified by first
The data of position are sequentially successively replaced.
Preferably, in the step S3.2, the step of calculating transmitting terminal or each receiving end parity check sum, includes:
S3.2.1: transmitting terminal or receiving end are segmented according to the corresponding segment length seg (i) of the number of iterations i, obtain several points
Section key;
S3.2.2: the parity check sum of each segment key is calculated, and will be corresponding from the segment key of same primary key
Parity check sum group be combined into corresponding parity check sum sequence;
S3.2.3: the parity check sum sequence of each receiving end is sent to by transmitting terminal by classical channel, is mutually patrolled
Operation is collected, logic operation result is recorded;Again by the odd even of the logic operation result of the parity check sum of each receiving end and transmitting terminal
Verification and sequence carry out operation, obtain operation result;
S3.2.4: the operation result generated in S3.2.3 is sent to by each receiving end by classical channel.
Preferably, in the step S4, verification error correction result step include: calculate separately sender's primary key with
Cipher key digest is sent to transmitting terminal by each receiving end of classical channel, and done by the cipher key digest of the shared key of each receiving end
Logical operation records logic operation result;Judge each receiving end logic operation result and transmitting terminal cipher key digest whether one
It causes;If consistent, error correction success;If inconsistent, error correction is unsuccessful.
Preferably, verification error correction result uses CRC algorithm or MD5 algorithm in the step S4.
Preferably, the logical operation is XOR operation.
The present invention provides a kind of error correction method of multi-party quantum secret sharing system, the secret for solving the prior art is total
It enjoys and existing following problem is communicated using annular quantum secret sharing:
1, the prior art influences whether that this is shared in complicated photon sequence transmission, treatment process there are light loss, error code
The reliability of method;For information according to annular delivery, elapsed time is long.Transmitting terminal and receiving end direct communication of the invention, is not necessarily to
Ring structure is constituted, solves the above problem.
2, the prior art is not directed to error correction, and reliability is not high.Present invention employs improved class winnow algorithms to be entangled
Mistake, high reliablity.
3, existing error correction method is only applicable to two side's error correction, is not directly applicable multi-party error correction, the present invention is by changing
Into the interactive process of error correction, multi-party error correction is realized.
4, existing winnow error correction algorithm, error correction method do not choose optimal segment length, need to be continuously circulated until both sides are close
Key is consistent, more redundant and complicated.Each initial error rate is first calculated before improved class winnow algorithm error correction of the invention
Under optimal segment length's sequence, optimal segment length's sequence is then selected according to current initial error rate, improves error correction efficiency.
5, exposure information of the invention is few, and system stability is high.
Detailed description of the invention
The present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments.
Fig. 1 is a kind of flow diagram for the method for calculating optimal segment length's arrangement set of the present invention.
Fig. 2 is the curve graph that the information scales of present invention exposure change with the bit error rate.
Fig. 3 is the curve graph that the F factor of present system changes with the bit error rate.
Specific embodiment
Below in conjunction with attached drawing, technical scheme of the present invention will be further described, but the present invention is not limited to these realities
Apply example.
The present invention is applied to the multi-party quantum secret sharing platform including transmitting terminal and at least two receiving ends, including as follows
Step:
Triggering transmitting terminal makes it generate the primary key of each receiving end respectively, and according to each original of transmitting terminal generation
Key carries out logical operation to obtain initial key;
The primary key that transmitting terminal generates is sent respectively to corresponding receiving end;
The primary key from transmitting terminal is received in receiving end, and using reception result as corresponding shared key;
The shared key of initial key and each receiving end to transmitting terminal carry out error correction make transmitting terminal initial key and
The shared key of each receiving end meets the logical operation relationship.
Embodiment 1
Transmitting terminal is the end Alice in the present embodiment, and there are two receiving ends, the respectively end Bob and the end Charlie for tool.
The end Alice is used to form primary key KAB and KAC, and carries out logic fortune to the primary key KAB and KAC of formation
KA=KAB ⊕ KAC is calculated, is obtained as initial key KA.
The end Alice is sent respectively to primary key KAB and KAC to the end Bob and the end Charlie, and is received accordingly
As a result KB and KC are as shared key;
Error correction unit, for the KB and KC according to the end Bob and the primary key received at the end Charlie, Yi Jifa
The primary key KA of sending end carries out tripartite's error correction, the KA=KB ⊕ KC after making error correction.
Error correction unit can pass through hardware or the software realization being installed on hardware in the present embodiment.
The scheme of the application is specifically unfolded below, so as to the technical side of more clearly illustration and description the application
Case does not constitute the limitation to the application protection scope.
(1) segment length's arrangement set is calculated.
Calculating segment length's arrangement set is that transmitting terminal is walked according to the preamble that error rate of system PeX finds optimal segment length's sequence seg
Suddenly, as shown in Figure 1, including the following steps:
False edges eps is arranged in SA;Initial Hamming syndrome length r0 is set, and limits the value range r0 ∈ of r0
[rmin, rmax];Segment length's increment d is set, and limits the value range d ∈ [dmin, dmax] of d;At the beginning of limiting the bit error rate
The value range Pe0 ∈ [Pe0min, Pe0max] of initial value Pe0, bit error rate initial value Pe0 are minimized Pe0min;
Error code rate pe is assigned initial value Pe0, initial Hamming syndrome length r0 assignment rmin by SB, and initialization one is empty
Segment length's sequence, and will be in the empty segment length's sequence of r0 write-in;
SC takes d=dmin, r=r0;Analog error correction, the bit error rate P-next after calculating the corresponding error correction of bit error rate pe is (i.e.
Next (Pe) in Fig. 1), and Pe is assigned a value of P-next;
SD carries out constantly incremental operation as increment using d to Hamming syndrome length r and is continuously available new r value, every to update one
A r value then calculates new P-next, and is assigned to Pe and forms updated Pe;Until when meeting Pe < eps, this operation
Terminate;The value of r in circulation every time is successively recorded, composition sequence is written in segment length's sequence;
SE, ascending traversal segment length increment d, often taking a d value, then return step SD carries out loop iteration operation, until
When d > dmax, this circulation terminates;
SF, the ascending initial Hamming syndrome length r0 of traversal, often takes a r0 value, recycles to step SC-SE
Operation, until this circulation terminates when r0 > rmax;
SG combines segment length's sequence in the step SD, obtains the corresponding segment length's arrangement set of Pe0.
Bit error rate initial value Pe0 described in ascending traversal;A Pe0 value is often taken, returns and executes the step SB
~SG, and next Pe0 value is chosen in the value range of the bit error rate initial value Pe0;Until when Pe0 > Pe0max,
Terminate operation.
In the step SC, the bit error rate after calculating error correction includes the following steps: to remember that key bit number is m0;According to
K=Pe × m0Number of error bits k is calculated, calculates the probability containing number of error bits k according to the following formula:
P is calculated according to (formula one)2kAnd P2k+1,
The bit error rate after this error correction is then calculated by following formula:
In practice, step A is carried out when initial, and depth of recursion maximum value recDeepMax is set simultaneously.Using recDeep
As recursion counter." Y " shown in Fig. 1 indicates that condition is set up, and " N " indicates that condition is invalid.
(2) a kind of error correction method of multi-party quantum secret sharing system.Include the following steps:
S1: the error code rate pe X of computing system;
S2: segment length's arrangement set is calculated;The transmitting terminal is found most in segment length's arrangement set according to error rate of system PeX
Excellent segment length's sequence seg is denoted as seg={ seg (1) ..., seg (i) ..., seg (n) }, and i ∈ [1, n], n are time of greatest iteration
Number, seg (i) are the segment length of i-th iteration;
S3: loop iteration executes following steps:
S3.1: the initial value for enabling i is 1, and the shared key of the primary key of the transmitting terminal and each receiving end is pressed phase
Upset key string with mode to carry out data rearrangement;
S3.2: being segmented sender's primary key and shared key according to segment length seg (i), and it is close to obtain several segmentations
Key;The parity check sum for calculating separately the segment key of transmitting terminal and receiving end carries out operation to each receiving end parity check sum,
Transmitting terminal and each receiving end operation result are compared, obtains different segment keys;
S3.3: the length r of Hamming syndrome is calculated according to seg (i), Hamming matrix H is obtained, passes through Winnow error correction algorithm
In the different segment key of the operation result that the step S3.2 is obtained, errant bit locations are found out;
S3.4: negating according to 0 or 1 value of the errant bit locations to corresponding position in sender's primary key, and update i is i+
1, return step S3.1;Until i=n+1, stops circulation;
S4: verification error correction result;If error correction success, terminates operation;If error correction is unsuccessful, corresponding secret key is abandoned.
When below for specific method, with transmitting terminal for the end Alice, receiving end is respectively the three of the end Bob and the end Charlie
Above-mentioned steps are illustrated for side is shared.
In step S1, in the present invention, each receiving end the error code rate pe X of computing system: is calculated separately relative to transmitting terminal
The bit error rate, be maximized the error code rate pe X for the system of being denoted as.By taking tripartite is shared as an example, calculate separately the end Alice and the end Bob it
Between the end error code rate pe B and Alice and the end Charlie between error code rate pe C, and using maximum as the privacy sharing
The error code rate pe X of system, the specific method is as follows:
S1-1, be sent to by quantum channel the end Bob obtain KB, Bob by the part of key KB' to have made an appointment pass through through
Allusion quotation channel is sent to the end Alice, and KB ' is compared by the end Alice with KAB corresponding portion KAB', i.e., by several positions in KAB
The value set is compared with the value on corresponding position in KB, is accounted for the sum of the different position of comparison result and participates in the total of comparison
The ratio of positional number is as error code rate pe B.
S1-2, it is same as above, the error code rate pe C between the end Alice and the end Charlie can be obtained.
In step S2, segment length's arrangement set is calculated according to the above method, and according to error rate of system PeX in segment length's sequence sets
It closes and chooses optimal segment length's sequence seg.When finding optimal segment length's sequence and including the following steps: analog error correction in the step SC,
Calculate the corresponding exposed information percentage of each segment length's sequence;Corresponding segment length's arrangement set is obtained according to error rate of system PeX, it is fixed
The value range of the optimal segment length's sequence of justice takes the smallest class value of percentage w for wherein exposing information, obtains optimal segment length's sequence
Column.For more specifically, which is less than 10.
Data rearrangement in step S3.1: identical random number seed is distributed to transmitting terminal and each receiving end, reuses phase
Same pseudo-random number generator generates identical random number string, and transmitting terminal and each receiving end generate and primary key, shared key
The identical random number string of length;Set primary key, shared key length as D, then each data in random number string
Value range is [1, D] and does not repeat mutually;By the data in key, number corresponding with random number string is signified by first
The data of position are sequentially successively replaced.
Alice, Bob, Charlie distribute identical random number seed, reuse identical pseudo-random number generator and generate
Identical random number string, the length of the random number string are equal to the length n of key, and the random number of random number string does not repeat and value model
Enclosing is 1~n;Assuming that the length of key is 5, the random number string of generation is { 2,4,3,5,1 }, then according to random number string successively into
5 replacement operators of row, i.e., first exchanges with the 2nd, and second is exchanged with the 4th, and third position is exchanged with the 3rd, and the 4th
Exchanged with the 5th, the 5th exchanges with the 1st, so far just complete length be 5 key data reset, other length it is close
Key also can be performed similar operations and carry out data rearrangement.
In step S3.2, calculates transmitting terminal or the step of each receiving end parity check sum includes:
S3.2.1: transmitting terminal or receiving end are segmented according to the corresponding segment length seg (i) of the number of iterations i, obtain several points
Section key;
S3.2.2: the parity check sum of each segment key is calculated, and will be corresponding from the segment key of same primary key
Parity check sum group be combined into corresponding parity check sum sequence;
S3.2.3: the parity check sum sequence of each receiving end is sent to by transmitting terminal by classical channel, is mutually patrolled
Operation is collected, logic operation result is recorded;Again by the odd even of the logic operation result of the parity check sum of each receiving end and transmitting terminal
Verification and sequence carry out logical operation, obtain logic operation result;
S3.2.4: the operation result generated in S3.2.3 is sent to by each receiving end by classical channel.
Alice selects iteration segment length sequence seg according to initial error code rate pe X, according to seg it can be concluded that the number of iteration,
And the segment length of each iteration.Segment length's sequence index information is sent to Bob, Charlie by classical channel Alice.
It should be added that carrying out the operation of parity check sum can compare or logical operation to be simple, herein
Logical operation can be XOR operation.
By taking tripartite is shared as an example, calculates transmitting terminal or each receiving end parity check sum includes the following steps:
The end S3.2-1, Alice, the end Bob, the end Charlie respectively carry out key according to the segment length seg (i) of i-th iteration
Segmentation, obtains several segment keys.If the length of final stage adds 0 if it is less than segment length, at end, its length is made to be equal to section
It is long.Calculate the parity check sum of each segment key, and by the corresponding even-odd check of segment key from same primary key
Corresponding parity check sum sequence is combined into group.The end Alice, the end Bob, the end Charlie calculate separately to obtain surprise in the present embodiment
Even parity check and sequence ParityA, parity check sum sequence ParityB, parity check sum sequence ParityC.Seg (i) is selected
The value of i-th of element in the optimal segment length's sequence seg selected, the value of i are the number of iteration.
S3.2-2, ParityB, ParityC are sent to respectively by the end Alice by classical channel Bob, Charlie.
S3.2-3, by the parity check sum sequence of the parity check sum sequence ParityB at the end Bob and the end Charlie
ParityC carries out operation and obtains ParityBC, then calculates the end Alice parity check sum sequence ParityA and ParityBC and carry out
Operation obtains even-odd check result ParityABC.Calculation formula may be expressed as: ParityBC=ParityB ⊕ ParityC,
ParityABC=ParityA ⊕ ParityBC.0 in ParityABC indicates the correspondent section even-odd check phase of KA and target cipher key
Together, 1 indicate that KA is different from the correspondent section even-odd check of target cipher key.
S3.2-4, ParityABC is sent respectively to by Bob, Charlie by classical channel Alice.
In step S3.3, the transmitting terminal section different from each receiving end logic operation result is arranged into Cheng Jihe respectively, is denoted as X,
The Hamming syndrome of each cipher key sections in set of computations X,
Formula are as follows: Sx,i(i ∈ X)=H × Xi;
Each receiving end Hamming syndrome is sent to transmitting terminal by classical channel, and does logical operation, records operation knot
Fruit;The Hamming syndrome of the logic operation result of each receiving end and transmitting terminal is subjected to logical operation again, finds out error bit position
It sets.
Specifically, the Hamming matrix H of r × seg (i) is calculated, and meets seg (i)=(2r- 1): Hamming matrix is error correction
The element of check matrix in the process, matrix can be expressed asM indicates Hamming matrix H
M row, n indicate the n-th column of Hamming matrix H, this expression formula can easily be realized in FPGA by shifting function, so
Hamming matrix can save the memory space of Hamming matrix using the scheme generated in real time.
By taking tripartite is shared as an example, calculates Hamming syndrome and finds out errant bit locations:
S3.3-1, the end the Alice section different from even-odd check between the end Bob, the end Charlie is taken out by ParityABC,
It is denoted as set A, B and C respectively, Alice calculates the Hamming syndrome S of each cipher key sections in Aa,i(i ∈ A)=H × Ai, Bob meter
Calculate the Hamming syndrome S of each cipher key sections in Bb,i(i ∈ B)=H × Bi, Charlie calculate the Hamming companion of each cipher key sections in C
With formula Sc,i(i ∈ C)=H × Ci.
S3.3-2, pass through classics channel Bob, Charlie respectively by Sb,i、Sc,iSend Alice.Alice is obtained
Step S3.4 carries out error correction, according to the resulting errors present of step S3.3, overturns the key bit of the corresponding position KA,
It is negated according to 0 or 1 value of errant bit locations primary key corresponding position, i.e., 0 overturning is that 1,1 overturning is 0.
Data rearrangement is carried out using method described in step S3.1, the execution of step 4 loop iteration is then return to, until reaching
To largest loop the number of iterations, jumps out circulation and execute step S4 downwards.
In the step S4, verification error correction result step includes: to calculate separately sender's primary key and each receiving end
Shared key cipher key digest, cipher key digest is sent to by transmitting terminal by each receiving end of classical channel, and do logical operation,
Record logic operation result;Judge the cipher key digest of each receiving end logic operation result and transmitting terminal cipher key digest whether one
It causes;If consistent, error correction success;If inconsistent, error correction is unsuccessful.
In the step S4, verification error correction result uses CRC algorithm or MD5 algorithm.
By taking CRC algorithm as an example, the end Alice, the end Bob, the end Charlie calculate separately cipher key digest and obtain KA_CRC, KB_
CRC, KC_CRC respectively send cipher key digest KB_CRC, KC_CRC to Alice by the end classical channel Bob, the end Charlie, and
KBC_CRC is calculated,If KA_CRC is equal to KBC_CRC, error correction is successful, otherwise
Error correction failure, abandons corresponding secret key.MD5 algorithm or algorithm can similarly be used.
Embodiment 2
The present embodiment provides a kind of error correction methods shared for multi-party quantum key.
Compared with Example 1, which is applied to the more of a transmitting terminal and multiple receiving ends
Square quantum key distribution platform, working principle is same as Example 1, and explanation is not repeated herein.
The error correction method is used to carry out error correction to the primary key of transmitting terminal and the shared key of multiple receiving ends to make to send
The primary key at end is identical with the shared key of multiple receiving ends.Compared with Example 1, the error correction method application in the present embodiment
In the multi-party quantum key distribution platform of a transmitting terminal and multiple receiving ends, but it can be pushed away in actual algorithm by embodiment 1
Explanation is not repeated herein in Li Ke get.
Moreover, it is desirable to illustrate, the corresponding exposed information hundred of each segment length's sequence of calculating referred in the application
Point ratio, is to consider to carry out in calculating process by the information that leaks of classics channel.Exposure information percentage is classical letter
Length (i.e. the information content of the transmission of quantum channel) of the total amount of data of road transmission than key.It is such as Fig. 2 as can be seen that of the invention
Exposure information is few.
The F factor, that is, error correction efficiency shown in Fig. 3, the performance standard as Error Correction of Coding.The F factor is defined as a certain mistake
Accidentally rate, the information content of actual error correction interaction consumption and the information content (i.e. comentropy or shannon limit) ideally consumed
Ratio.As seen from the figure, the F factor of the invention is small, and system is more stable.
Only highly preferred embodiment of the present invention is described above, but is not to be construed as limiting the scope of the invention.This
Invention is not limited only to above embodiments, and various changes made within the protection scope of the independent claims of the invention are at this
In the protection scope of invention.
Claims (11)
1. a kind of error correction method of quantum secret sharing system, applied to the multi-party amount including transmitting terminal and at least two receiving ends
Sub-secret shared platform, which comprises the steps of:
S1: the error code rate pe X of computing system;
S2: segment length's arrangement set is calculated;The transmitting terminal chooses optimal section according to error rate of system PeX in segment length's arrangement set
Long sequence seg is denoted as seg={ seg (1) ..., seg (i) ..., seg (n) }, and i ∈ [1, n], n are the number of greatest iteration,
Seg (i) is the segment length of i-th iteration;
S3: loop iteration executes following steps:
S3.1: the initial value for enabling i is 1, and the shared key of the primary key of the transmitting terminal and each receiving end is pressed phase Tongfang
Formula upsets key string to carry out data rearrangement;
S3.2: sender's primary key and shared key are segmented according to segment length seg (i), obtain several segment keys;Point
Not Ji Suan transmitting terminal and receiving end segment key parity check sum, logical operation is carried out to each receiving end parity check sum,
The logic operation result of the parity check sum of transmitting terminal and each receiving end parity check sum is subjected to operation, obtains different segmentations
Key;
S3.3: the length r of Hamming syndrome is calculated according to seg (i), Hamming matrix H is obtained, by Winnow error correction algorithm in institute
In the different segment key of the operation result that the step S3.2 stated is obtained, errant bit locations are found out;
S3.4: negating according to 0 or 1 value of the errant bit locations to corresponding position in sender's primary key, and update i is i+1, returns
Return step S3.1;Until i=n+1, stops circulation;
S4: verification error correction result;If all error correction successes of each receiving end, terminate operation;If error correction is unsuccessful, abandon corresponding close
Key.
2. the error correction method of quantum secret sharing system according to claim 1, which is characterized in that the step S2
In, the method for calculating segment length's arrangement set includes the following steps:
False edges eps is arranged in SA;Set initial Hamming syndrome length r0, and limit r0 value range r0 ∈ [rmin,
rmax];Segment length's increment d is set, and limits the value range d ∈ [dmin, dmax] of d;Limit the bit error rate initial value Pe0
Value range Pe0 ∈ [Pe0min, Pe0max], bit error rate initial value Pe0 is minimized Pe0min;
Error code rate pe is assigned bit error rate initial value Pe0 by SB, and initial Hamming syndrome length r0 assignment rmin initializes a sky
Segment length's sequence, and will be in the empty segment length's sequence of r0 write-in;
SC takes d=dmin, r=r0;Analog error correction, the bit error rate P-next after calculating the corresponding error correction of error code rate pe, and by Pe
It is assigned a value of P-next;
SD carries out constantly incremental operation as increment using d to Hamming syndrome length r and is continuously available new r value, one r of every update
Value then calculates new P-next, and is assigned to Pe and forms updated Pe;Until when meeting Pe < eps, this operation knot
Beam;The value of r in circulation every time is successively recorded, composition sequence is written in segment length's sequence;
SE, ascending traversal segment length increment d, often taking a d value, then return step SD carries out loop iteration operation, until d >
When dmax, this circulation terminates;
SF, the ascending initial Hamming syndrome length r0 of traversal, often takes a r0 value, carries out loop computation to step SC-SE,
Until this circulation terminates when r0 > rmax;
SG combines segment length's sequence in the step SD, obtains the corresponding segment length's arrangement set of Pe0.
3. the error correction method of quantum secret sharing system according to claim 2, which is characterized in that ascending traversal institute
The bit error rate initial value Pe0 stated;A Pe0 value is often taken, returns and executes the step SB~SG, and at the beginning of the bit error rate
Next Pe0 value is chosen in the value range of initial value Pe0;Until terminating operation when Pe0 > Pe0max.
4. the error correction method of quantum secret sharing system according to claim 2, which is characterized in that the step S2
In, when finding optimal segment length's sequence and including the following steps: analog error correction in the step SC, it is corresponding to calculate each segment length's sequence
Exposure information percentage;Corresponding segment length's arrangement set is obtained according to error rate of system PeX, defines the value of optimal segment length's sequence
Range takes the smallest class value of percentage w for wherein exposing information, obtains optimal segment length's sequence.
5. the error correction method of quantum secret sharing system according to claim 2, which is characterized in that the step SC
In, the bit error rate after calculating error correction includes the following steps: to remember that key bit number is m0;According to k=Pe × m0Calculate error bit
Number k, calculates the probability containing number of error bits k according to the following formula:
P is calculated according to (formula one)2kAnd P2k+1,
The bit error rate after this error correction is then calculated by following formula:
6. the error correction method of quantum secret sharing system according to claim 1, which is characterized in that the step S1
In, the bit error rate of each receiving end relative to transmitting terminal is calculated separately, the error code rate pe X for the system of being denoted as is maximized.
7. the error correction method of quantum secret sharing system according to claim 1, which is characterized in that the step S3.1
In, random number string identical with the length of primary key, shared key is distributed into transmitting terminal and each receiving end;It sets original close
Key, shared key length be D, then each data value range in random number string is [1, D] and not repeat mutually;By key
In data by first it is corresponding with random number string number pointed location data sequentially successively replaced, wherein right
Answering digital pointed location is the position in key.
8. the error correction method of quantum secret sharing system according to claim 1, which is characterized in that the step S3.2
In, it calculates transmitting terminal or the step of each receiving end parity check sum includes:
S3.2.1: transmitting terminal or receiving end are segmented according to the corresponding segment length seg (i) of the number of iterations i, and it is close to obtain several segmentations
Key;
S3.2.2: calculating the parity check sum of each segment key, and by the corresponding surprise of segment key from same primary key
Even parity check and group are combined into corresponding parity check sum sequence;
S3.2.3: being sent to transmitting terminal for the parity check sum sequence of each receiving end by classical channel, mutually carries out logic fortune
It calculates, records logic operation result;Again by the even-odd check of the logic operation result of the parity check sum of each receiving end and transmitting terminal
With progress operation, operation result is obtained;
S3.2.4: the operation result generated in S3.2.3 is sent to by each receiving end by classical channel.
9. the error correction method of quantum secret sharing system according to claim 1, which is characterized in that the step S4
In, verification error correction result step includes: to calculate separately the cipher key digest of the shared key of sender's primary key and each receiving end,
Cipher key digest is sent to transmitting terminal by each receiving end of classical channel, and does logical operation, records logic operation result;Judgement
Whether the logic operation result of each receiving end and the cipher key digest of transmitting terminal are consistent;If consistent, error correction success;If inconsistent,
Then error correction is unsuccessful.
10. the error correction method of quantum secret sharing system according to claim 9, which is characterized in that the step S4
In, verification error correction result uses CRC algorithm or MD5 algorithm.
11. the error correction method of quantum secret sharing system according to claim 8 or claim 9, which is characterized in that the logic
Operation is XOR operation.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611028419.3A CN106452761B (en) | 2016-11-18 | 2016-11-18 | A kind of error correction method of multi-party quantum secret sharing system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611028419.3A CN106452761B (en) | 2016-11-18 | 2016-11-18 | A kind of error correction method of multi-party quantum secret sharing system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106452761A CN106452761A (en) | 2017-02-22 |
CN106452761B true CN106452761B (en) | 2019-09-06 |
Family
ID=58221304
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611028419.3A Active CN106452761B (en) | 2016-11-18 | 2016-11-18 | A kind of error correction method of multi-party quantum secret sharing system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106452761B (en) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106850221B (en) * | 2017-04-10 | 2019-11-08 | 四川阵风科技有限公司 | Information encryption and decryption method and device |
CN108111302B (en) * | 2017-12-13 | 2020-10-23 | 安徽大学 | Quantum method for safely calculating Hamming distance based on Bell state |
CN108599943B (en) * | 2018-05-03 | 2020-10-09 | 浙江工商大学 | Multi-party quantum privacy comparison method suitable for strangers based on d-level single photons |
CN110113098B (en) * | 2019-05-10 | 2020-10-02 | 哈尔滨工业大学(深圳) | Error code estimation method and device for quantum key distribution system |
CN110971399A (en) * | 2019-10-31 | 2020-04-07 | 北京邮电大学 | Post-processing method and device for optical network physical layer key distribution |
CN111510158B (en) * | 2020-04-15 | 2021-10-15 | 腾讯科技(深圳)有限公司 | Fault-tolerant error-correcting decoding method, device and chip of quantum circuit |
CN113259101B (en) * | 2021-06-08 | 2021-10-26 | 北京中创为南京量子通信技术有限公司 | Error correction method and device for quantum key distribution system |
CN113297633B (en) * | 2021-07-26 | 2021-11-02 | 南京大学 | Quantum digital signature method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6128764A (en) * | 1997-02-06 | 2000-10-03 | California Institute Of Technology | Quantum error-correcting codes and devices |
CN101540760A (en) * | 2009-04-23 | 2009-09-23 | 上海交通大学 | Quantum key agreement method |
CN106027230A (en) * | 2015-03-28 | 2016-10-12 | 北京大学 | Method for carrying out Hamming error correction for error code in quantum secret key distribution postprocessing |
CN106411511A (en) * | 2016-11-18 | 2017-02-15 | 浙江神州量子网络科技有限公司 | Multiparty quantum key distribution system error correction method |
-
2016
- 2016-11-18 CN CN201611028419.3A patent/CN106452761B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6128764A (en) * | 1997-02-06 | 2000-10-03 | California Institute Of Technology | Quantum error-correcting codes and devices |
CN101540760A (en) * | 2009-04-23 | 2009-09-23 | 上海交通大学 | Quantum key agreement method |
CN106027230A (en) * | 2015-03-28 | 2016-10-12 | 北京大学 | Method for carrying out Hamming error correction for error code in quantum secret key distribution postprocessing |
CN106411511A (en) * | 2016-11-18 | 2017-02-15 | 浙江神州量子网络科技有限公司 | Multiparty quantum key distribution system error correction method |
Non-Patent Citations (2)
Title |
---|
An Adaptive Improved Winnow Algorithm;Qiong Li;Shuming Wang;Haokun Mao;Qi Han;Xiamu Niu;《2015 IEEE 39th Annual Computer Software and Applications Conference》;20150924;全文 |
Efficiency of Winnow Protocol in Secret Key Reconciliation;Hao Yan;Xiang Peng;Xiaxia Lin;Wei Jiang;Tian Liu;Hong Guo;《2009 WRI World Congress on Computer Science and Information Engineering》;20090724;全文 |
Also Published As
Publication number | Publication date |
---|---|
CN106452761A (en) | 2017-02-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106452761B (en) | A kind of error correction method of multi-party quantum secret sharing system | |
CN106411511B (en) | A kind of error correction method of multi-party quantum key distribution system | |
Pant et al. | Rate-distance tradeoff and resource costs for all-optical quantum repeaters | |
CN101540760B (en) | Quantum key agreement method | |
CN105024801B (en) | Quantum encryption communication method | |
Gelles et al. | Efficient coding for interactive communication | |
CN113591146B (en) | Efficient and safe two-party computing system and computing method based on cooperation | |
CN110380824A (en) | Quantum Error Correcting Codes preparation method towards fault-tolerant blind quantum calculation | |
CN110138550B (en) | QKD network system model construction method | |
CN106789021A (en) | Quantum packet multi-user's secret comparative approach based on five particle Brown states | |
CN106452757B (en) | quantum secret sharing system and sharing method and error correction method thereof | |
CN110445609A (en) | A kind of quantum secret sharing method and shared system based on quantum walking | |
CN106027231A (en) | Method for carrying out cascading error correction for error code in quantum secret key distribution postprocessing | |
CN108365954B (en) | Control code multiplexing method | |
Huang et al. | On secrecy capacity of minimum storage regenerating codes | |
Yang et al. | Capacity analysis of linear operator channels over finite fields | |
Bykovsky | A multiple-valued logic for implementing a random oracle and the position-based cryptography | |
Sharma et al. | A new secure model for quantum key distribution protocol | |
CN111277406A (en) | Block chain-based safe two-direction quantity advantage comparison method | |
CN110166247A (en) | It can the anti-pollution network code endorsement method attacked and position intermediate node conspiracy attack | |
Yang et al. | Storage and communication tradeoff for wireless coded blockchains | |
CN110545181B (en) | Method for creating and using multilevel matrix password | |
Lin et al. | Authenticated multi-user quantum key distribution with single particles | |
Mitra et al. | Polar Coded Merkle Tree: Mitigating data availability attacks in blockchain systems using informed polar code design | |
Zhao et al. | An efficient outsourced oblivious transfer extension protocol and its applications |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |