CN106452761B - A kind of error correction method of multi-party quantum secret sharing system - Google Patents

A kind of error correction method of multi-party quantum secret sharing system Download PDF

Info

Publication number
CN106452761B
CN106452761B CN201611028419.3A CN201611028419A CN106452761B CN 106452761 B CN106452761 B CN 106452761B CN 201611028419 A CN201611028419 A CN 201611028419A CN 106452761 B CN106452761 B CN 106452761B
Authority
CN
China
Prior art keywords
error correction
key
segment length
receiving end
transmitting terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201611028419.3A
Other languages
Chinese (zh)
Other versions
CN106452761A (en
Inventor
富尧
任鹏飞
卢阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Divine Land Zhejiang Quantum Network Science And Technology Ltd
Original Assignee
Divine Land Zhejiang Quantum Network Science And Technology Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Divine Land Zhejiang Quantum Network Science And Technology Ltd filed Critical Divine Land Zhejiang Quantum Network Science And Technology Ltd
Priority to CN201611028419.3A priority Critical patent/CN106452761B/en
Publication of CN106452761A publication Critical patent/CN106452761A/en
Application granted granted Critical
Publication of CN106452761B publication Critical patent/CN106452761B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B10/00Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
    • H04B10/70Photonic quantum communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • H04L9/0858Details about key distillation or coding, e.g. reconciliation, error correction, privacy amplification, polarisation coding or phase coding

Abstract

The present invention relates to a kind of error correction methods of multi-party quantum secret sharing system, comprising the following steps: S1: the computing system bit error rate;S2: optimal segment length's sequence is found according to error rate of system;S3: loop iteration executes following steps: S3.1: data rearrangement;S3.2: sender's primary key and shared key are segmented according to optimal segment length;The parity check sum of the segment key of transmitting terminal and receiving end is calculated separately, transmitting terminal and each receiving end operation result is compared, obtains the different segment key of operation result;S3.3: errant bit locations are found out by Winnow error correction algorithm;S3.4: negating according to 0 or 1 value of the errant bit locations to corresponding position in sender's primary key, until reaching maximum number of iterations stops circulation;S4: verification error correction result;If error correction success, terminates operation;If error correction is unsuccessful, corresponding secret key is abandoned.The present invention proposes a kind of high reliablity, and error correction efficiency is high, is applicable to the error correction method of multi-party quantum secret sharing system.

Description

A kind of error correction method of multi-party quantum secret sharing system
Technical field
The present invention relates to Technique on Quantum Communication fields, and in particular to quantum key distribution technical field, more particularly to it is a kind of The error correction method of multi-party quantum secret sharing system.
Background technique
In certain occasions, in order to allow more people to undertake the risk of protection classified information, or reinforce to some secret information Encryption strength needs multiple participants to participate in protection secret information jointly.For example, the control of guided missile and transmitting, important place It is current, testament come into force etc. all to be simultaneously participated in by two or more people can just come into force, that is, need to give secret into more people Common management.Such case can be by side that secret information is split into several parts and managed jointly by several participants Formula realizes that the mode of this protection information is known as privacy sharing.
Classical secret sharing scheme is realized multi-party (at least tripartite), wherein a side needs handle as leading side Encryption key distribution gives other receiving ends, since there may be a mistrustful sides, so recipient needs to join together to carry out Operation could obtain encryption key.
Recently as the development of Technique on Quantum Communication, the privacy sharing based on quantum key gradually causes information security The concern in field.The Chinese patent application of Publication No. 104821875A discloses a kind of quantum secret sharing method, specifically such as Under:
Two unitary trallsformations are constructed, two groups of complete intrinsic quantum states are provided;Annular quantum secret sharing communication is carried out, Based on intrinsic quantum state space, transmitting terminal Alice prepares photon sequence at random and issues receiving end Bob;Bob from photon sequence with Machine chooses verification photon and carries out or measure, and is encoded according to key word string to remaining photon, photon issues reception after coding Hold Charlie;Charlie carries out verification photon survey to received photon sequence, is carried out according to key word string to remaining photon It encodes, photon issues Alice after coding;Alice judges whether communication channel is safe, reads Bob and Charlie joint and is carried out Encoding operation.
On the one hand, what is carried out during the privacy sharing method is annular quantum secret sharing communication, the light of Alice preparation Subsequence is successively returned again to after Bob and Charlie processing to Alice, is deposited in complicated photon sequence transmission, treatment process The light loss, error code the problems such as, the reliability of the sharing method is also influenced whether.
On the other hand, key is related merely to during the privacy sharing and share distribution problem, be not related to distributing Error correction afterwards, does not provide corresponding error correction method yet, and reliability is not high.Further, existing error correction method is only applicable to two sides Error correction is not directly applicable multi-party error correction.
Winnow error correction algorithm is one of big error correction algorithm of QKD system three, but is confined to two side's error correction at present.Doctor Paper " quantum key distribution Study on Real-time Process " describes Winnow error correction algorithm, specific as follows:
1, key string is divided into length N_h=2 by Alice and Bobm- 1 cipher key sections, wherein m is Hamming syndrome Length, it determines the length N_h of Hamming code.
2, Alice calculates the parity values of each cipher key sections, sends them to Bob, and Bob calculates corresponding secret key section Parity values and Alice's makes comparisons, and takes out the different section of even-odd check result.
3, Alice and Bob is respectively denoted as them set A and B, and Alice calculates the Hamming companion of each cipher key sections in A With formula S_ (a, i) (i ∈ A), Bob is sent it to, Bob calculates S_ (b, i) (i ∈ B), calculates S_ afterwards acquiring S_ (a, i) (d, i)=S_ (a, i) ⊕ S_ (b, i).
4, according to the characteristic of Hamming code, S_ (d, i) indicates the position of error bit in i-th of subsegment of Alice and Bob, The key bit of Bob overturning position S_ (d, i), i.e., 0 → 1,1 → 0.
5, Alice and Bob upsets key string according to same way.
6, terminate after repeating above-mentioned error correction procedure n times.
Traditional winnow error correction algorithm that doctoral thesis " correlative study of remote quantum key distribution system " refers to, In subsequent iterative process, current segment length is selected as 2 times of last iteration segment length.Segment length's selection of this method is too simple, Segment length is not optimal value, inefficient.
In view of the above-mentioned problems, Chinese invention patent application file " a kind of quantum key point that notification number is 106027230A The method that Hamming error correction is carried out to error code in hair post-processing ", it is long by changing key block block, improve entangling for Hamming error-correction protocol Wrong efficiency.However the method is only applicable to two side's error correction, is not directly applicable multi-party error correction.And the error correction method is not chosen Optimal segment length need to be continuously circulated until both sides' key agreement, more redundant and complicated.
In summary, since what is carried out during the privacy sharing method of the prior art is that annular quantum secret sharing is logical Letter, the photon sequence of Alice preparation are successively returned again to after Bob and Charlie processing to Alice, in complicated photon sequence Biographies are defeated, treatment process the problems such as there are light loss, error code, also influence whether the reliability of the sharing method.Since information is pressed It is transmitted according to ring structure, needs the time longer.
Key is related merely to during the privacy sharing shares distribution problem, the error correction after not being related to distribution, Corresponding error correction method is not provided, and reliability is not high yet.
Or two side's error correction are suitable only for, it is not directly applicable multi-party error correction.
In existing Winnow error correction method, error correction method does not choose optimal segment length, need to be continuously circulated until both sides Key agreement, more redundant and complicated, and two side's error correction are only applicable to, it is not directly applicable multi-party error correction.
Summary of the invention
It is an object of the invention to propose a kind of high reliablity, error correction to avoid above-mentioned deficiency of the prior art It is high-efficient, it is applicable to the error correction method of multi-party quantum secret sharing system, to solve in complicated photon sequence transmission, processing There is light loss, error code and can not achieve error correction in process.
The present invention provides be applied to the multi-party quantum secret sharing platform including transmitting terminal and at least two receiving ends, packet Include following steps:
S1: the error code rate pe X of computing system;
S2: segment length's arrangement set is calculated;The transmitting terminal is found most in segment length's arrangement set according to error rate of system PeX Excellent segment length's sequence seg is denoted as seg={ seg (1) ..., seg (i) ..., seg (n) }, and i ∈ [1, n], n are time of greatest iteration Number, seg (i) are the segment length of i-th iteration;
S3: loop iteration executes following steps:
S3.1: the initial value for enabling i is 1, and sharing for sender's primary key of the transmitting terminal and each receiving end is close Key upsets key string in the same way to carry out data rearrangement;
S3.2: being segmented sender's primary key and shared key according to segment length seg (i), and it is close to obtain several segmentations Key;The parity check sum for calculating separately the segment key of transmitting terminal and receiving end carries out operation to each receiving end parity check sum, Transmitting terminal and each receiving end operation result are compared, obtains different segment keys;
S3.3: the length r of Hamming syndrome is calculated according to seg (i), Hamming matrix H is obtained, passes through Winnow error correction algorithm In the different segment key of the operation result that the step S3.2 is obtained, errant bit locations are found out;
S3.4: negating according to 0 or 1 value of the errant bit locations to corresponding position in sender's primary key, and update i is i+ 1, return step S3.1;Until i=n+1, stops circulation;
S4: verification error correction result;If error correction success, terminates operation;If error correction is unsuccessful, corresponding secret key is abandoned.
Preferably, the method for calculating segment length's arrangement set includes the following steps:
False edges eps is arranged in SA;Initial Hamming syndrome length r0 is set, and limits the value range r0 ∈ of r0 [rmin, rmax];Segment length's increment d is set, and limits the value range d ∈ [dmin, dmax] of d;At the beginning of limiting the bit error rate The value range Pe0 ∈ [Pe0min, Pe0max] of initial value Pe0, bit error rate initial value Pe0 are minimized Pe0min;
Error code rate pe is assigned bit error rate initial value Pe0, initial Hamming syndrome length r0 assignment rmin, initialization one by SB Segment length's sequence of a sky, and will be in the empty segment length's sequence of r0 write-in;
SC takes d=dmin, r=r0;Analog error correction, the bit error rate P-next after calculating the corresponding error correction of bit error rate pe, and Pe is assigned a value of P-next;
SD carries out constantly incremental operation as increment using d to Hamming syndrome length r and is continuously available new r value, every to update one A r value then calculates new P-next, and is assigned to Pe and forms updated Pe;Until when meeting Pe < eps, this operation Terminate;The value of r in circulation every time is successively recorded, composition sequence is written in segment length's sequence;
SE, ascending traversal segment length increment d, often taking a d value, then return step SD carries out loop iteration operation, until When d > dmax, this circulation terminates;
SF, the ascending initial Hamming syndrome length r0 of traversal, often takes a r0 value, recycles to step SC-SE Operation, until this circulation terminates when r0 > rmax;
SG combines segment length's sequence in the step SD, obtains the corresponding segment length's arrangement set of Pe0.Preferably, by The small bit error rate initial value Pe0 described to big traversal;A Pe0 value is often taken, returns and executes the step SB~SG, and in institute Next Pe0 value is chosen in the value range of the bit error rate initial value Pe0 stated;Until terminating operation when Pe0 > Pe0max.
Preferably, finding optimal segment length's sequence in the step S2 and including the following steps: mould in the step SC When quasi- error correction, the corresponding exposed information percentage of each segment length's sequence is calculated;Corresponding segment length's sequence is obtained according to error rate of system PeX Column set, defines the value range of optimal segment length's sequence, takes the smallest class value of percentage w for wherein exposing information, obtains most Excellent segment length's sequence.
In the step SC, the bit error rate after calculating error correction includes the following steps: to remember that key bit number is m0;According to K=Pe × m0Number of error bits k is calculated, calculates the probability containing number of error bits k according to the following formula:
P is calculated according to (formula one)2kAnd P2k+1,
The bit error rate after this error correction is then calculated by following formula:
Preferably, the bit error rate of each receiving end relative to transmitting terminal, is maximized note respectively in the step S1 For the error code rate pe X of system.
Preferably, in the step S3.1, by random number string identical with the length of primary key, shared key point Dispensing transmitting terminal and each receiving end;Set primary key, shared key length as D, then each data in random number string Value range is [1, D] and does not repeat mutually;By the data in key, number corresponding with random number string is signified by first The data of position are sequentially successively replaced.
Preferably, in the step S3.2, the step of calculating transmitting terminal or each receiving end parity check sum, includes:
S3.2.1: transmitting terminal or receiving end are segmented according to the corresponding segment length seg (i) of the number of iterations i, obtain several points Section key;
S3.2.2: the parity check sum of each segment key is calculated, and will be corresponding from the segment key of same primary key Parity check sum group be combined into corresponding parity check sum sequence;
S3.2.3: the parity check sum sequence of each receiving end is sent to by transmitting terminal by classical channel, is mutually patrolled Operation is collected, logic operation result is recorded;Again by the odd even of the logic operation result of the parity check sum of each receiving end and transmitting terminal Verification and sequence carry out operation, obtain operation result;
S3.2.4: the operation result generated in S3.2.3 is sent to by each receiving end by classical channel.
Preferably, in the step S4, verification error correction result step include: calculate separately sender's primary key with Cipher key digest is sent to transmitting terminal by each receiving end of classical channel, and done by the cipher key digest of the shared key of each receiving end Logical operation records logic operation result;Judge each receiving end logic operation result and transmitting terminal cipher key digest whether one It causes;If consistent, error correction success;If inconsistent, error correction is unsuccessful.
Preferably, verification error correction result uses CRC algorithm or MD5 algorithm in the step S4.
Preferably, the logical operation is XOR operation.
The present invention provides a kind of error correction method of multi-party quantum secret sharing system, the secret for solving the prior art is total It enjoys and existing following problem is communicated using annular quantum secret sharing:
1, the prior art influences whether that this is shared in complicated photon sequence transmission, treatment process there are light loss, error code The reliability of method;For information according to annular delivery, elapsed time is long.Transmitting terminal and receiving end direct communication of the invention, is not necessarily to Ring structure is constituted, solves the above problem.
2, the prior art is not directed to error correction, and reliability is not high.Present invention employs improved class winnow algorithms to be entangled Mistake, high reliablity.
3, existing error correction method is only applicable to two side's error correction, is not directly applicable multi-party error correction, the present invention is by changing Into the interactive process of error correction, multi-party error correction is realized.
4, existing winnow error correction algorithm, error correction method do not choose optimal segment length, need to be continuously circulated until both sides are close Key is consistent, more redundant and complicated.Each initial error rate is first calculated before improved class winnow algorithm error correction of the invention Under optimal segment length's sequence, optimal segment length's sequence is then selected according to current initial error rate, improves error correction efficiency.
5, exposure information of the invention is few, and system stability is high.
Detailed description of the invention
The present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments.
Fig. 1 is a kind of flow diagram for the method for calculating optimal segment length's arrangement set of the present invention.
Fig. 2 is the curve graph that the information scales of present invention exposure change with the bit error rate.
Fig. 3 is the curve graph that the F factor of present system changes with the bit error rate.
Specific embodiment
Below in conjunction with attached drawing, technical scheme of the present invention will be further described, but the present invention is not limited to these realities Apply example.
The present invention is applied to the multi-party quantum secret sharing platform including transmitting terminal and at least two receiving ends, including as follows Step:
Triggering transmitting terminal makes it generate the primary key of each receiving end respectively, and according to each original of transmitting terminal generation Key carries out logical operation to obtain initial key;
The primary key that transmitting terminal generates is sent respectively to corresponding receiving end;
The primary key from transmitting terminal is received in receiving end, and using reception result as corresponding shared key;
The shared key of initial key and each receiving end to transmitting terminal carry out error correction make transmitting terminal initial key and The shared key of each receiving end meets the logical operation relationship.
Embodiment 1
Transmitting terminal is the end Alice in the present embodiment, and there are two receiving ends, the respectively end Bob and the end Charlie for tool.
The end Alice is used to form primary key KAB and KAC, and carries out logic fortune to the primary key KAB and KAC of formation KA=KAB ⊕ KAC is calculated, is obtained as initial key KA.
The end Alice is sent respectively to primary key KAB and KAC to the end Bob and the end Charlie, and is received accordingly As a result KB and KC are as shared key;
Error correction unit, for the KB and KC according to the end Bob and the primary key received at the end Charlie, Yi Jifa The primary key KA of sending end carries out tripartite's error correction, the KA=KB ⊕ KC after making error correction.
Error correction unit can pass through hardware or the software realization being installed on hardware in the present embodiment.
The scheme of the application is specifically unfolded below, so as to the technical side of more clearly illustration and description the application Case does not constitute the limitation to the application protection scope.
(1) segment length's arrangement set is calculated.
Calculating segment length's arrangement set is that transmitting terminal is walked according to the preamble that error rate of system PeX finds optimal segment length's sequence seg Suddenly, as shown in Figure 1, including the following steps:
False edges eps is arranged in SA;Initial Hamming syndrome length r0 is set, and limits the value range r0 ∈ of r0 [rmin, rmax];Segment length's increment d is set, and limits the value range d ∈ [dmin, dmax] of d;At the beginning of limiting the bit error rate The value range Pe0 ∈ [Pe0min, Pe0max] of initial value Pe0, bit error rate initial value Pe0 are minimized Pe0min;
Error code rate pe is assigned initial value Pe0, initial Hamming syndrome length r0 assignment rmin by SB, and initialization one is empty Segment length's sequence, and will be in the empty segment length's sequence of r0 write-in;
SC takes d=dmin, r=r0;Analog error correction, the bit error rate P-next after calculating the corresponding error correction of bit error rate pe is (i.e. Next (Pe) in Fig. 1), and Pe is assigned a value of P-next;
SD carries out constantly incremental operation as increment using d to Hamming syndrome length r and is continuously available new r value, every to update one A r value then calculates new P-next, and is assigned to Pe and forms updated Pe;Until when meeting Pe < eps, this operation Terminate;The value of r in circulation every time is successively recorded, composition sequence is written in segment length's sequence;
SE, ascending traversal segment length increment d, often taking a d value, then return step SD carries out loop iteration operation, until When d > dmax, this circulation terminates;
SF, the ascending initial Hamming syndrome length r0 of traversal, often takes a r0 value, recycles to step SC-SE Operation, until this circulation terminates when r0 > rmax;
SG combines segment length's sequence in the step SD, obtains the corresponding segment length's arrangement set of Pe0.
Bit error rate initial value Pe0 described in ascending traversal;A Pe0 value is often taken, returns and executes the step SB ~SG, and next Pe0 value is chosen in the value range of the bit error rate initial value Pe0;Until when Pe0 > Pe0max, Terminate operation.
In the step SC, the bit error rate after calculating error correction includes the following steps: to remember that key bit number is m0;According to K=Pe × m0Number of error bits k is calculated, calculates the probability containing number of error bits k according to the following formula:
P is calculated according to (formula one)2kAnd P2k+1,
The bit error rate after this error correction is then calculated by following formula:
In practice, step A is carried out when initial, and depth of recursion maximum value recDeepMax is set simultaneously.Using recDeep As recursion counter." Y " shown in Fig. 1 indicates that condition is set up, and " N " indicates that condition is invalid.
(2) a kind of error correction method of multi-party quantum secret sharing system.Include the following steps:
S1: the error code rate pe X of computing system;
S2: segment length's arrangement set is calculated;The transmitting terminal is found most in segment length's arrangement set according to error rate of system PeX Excellent segment length's sequence seg is denoted as seg={ seg (1) ..., seg (i) ..., seg (n) }, and i ∈ [1, n], n are time of greatest iteration Number, seg (i) are the segment length of i-th iteration;
S3: loop iteration executes following steps:
S3.1: the initial value for enabling i is 1, and the shared key of the primary key of the transmitting terminal and each receiving end is pressed phase Upset key string with mode to carry out data rearrangement;
S3.2: being segmented sender's primary key and shared key according to segment length seg (i), and it is close to obtain several segmentations Key;The parity check sum for calculating separately the segment key of transmitting terminal and receiving end carries out operation to each receiving end parity check sum, Transmitting terminal and each receiving end operation result are compared, obtains different segment keys;
S3.3: the length r of Hamming syndrome is calculated according to seg (i), Hamming matrix H is obtained, passes through Winnow error correction algorithm In the different segment key of the operation result that the step S3.2 is obtained, errant bit locations are found out;
S3.4: negating according to 0 or 1 value of the errant bit locations to corresponding position in sender's primary key, and update i is i+ 1, return step S3.1;Until i=n+1, stops circulation;
S4: verification error correction result;If error correction success, terminates operation;If error correction is unsuccessful, corresponding secret key is abandoned.
When below for specific method, with transmitting terminal for the end Alice, receiving end is respectively the three of the end Bob and the end Charlie Above-mentioned steps are illustrated for side is shared.
In step S1, in the present invention, each receiving end the error code rate pe X of computing system: is calculated separately relative to transmitting terminal The bit error rate, be maximized the error code rate pe X for the system of being denoted as.By taking tripartite is shared as an example, calculate separately the end Alice and the end Bob it Between the end error code rate pe B and Alice and the end Charlie between error code rate pe C, and using maximum as the privacy sharing The error code rate pe X of system, the specific method is as follows:
S1-1, be sent to by quantum channel the end Bob obtain KB, Bob by the part of key KB' to have made an appointment pass through through Allusion quotation channel is sent to the end Alice, and KB ' is compared by the end Alice with KAB corresponding portion KAB', i.e., by several positions in KAB The value set is compared with the value on corresponding position in KB, is accounted for the sum of the different position of comparison result and participates in the total of comparison The ratio of positional number is as error code rate pe B.
S1-2, it is same as above, the error code rate pe C between the end Alice and the end Charlie can be obtained.
In step S2, segment length's arrangement set is calculated according to the above method, and according to error rate of system PeX in segment length's sequence sets It closes and chooses optimal segment length's sequence seg.When finding optimal segment length's sequence and including the following steps: analog error correction in the step SC, Calculate the corresponding exposed information percentage of each segment length's sequence;Corresponding segment length's arrangement set is obtained according to error rate of system PeX, it is fixed The value range of the optimal segment length's sequence of justice takes the smallest class value of percentage w for wherein exposing information, obtains optimal segment length's sequence Column.For more specifically, which is less than 10.
Data rearrangement in step S3.1: identical random number seed is distributed to transmitting terminal and each receiving end, reuses phase Same pseudo-random number generator generates identical random number string, and transmitting terminal and each receiving end generate and primary key, shared key The identical random number string of length;Set primary key, shared key length as D, then each data in random number string Value range is [1, D] and does not repeat mutually;By the data in key, number corresponding with random number string is signified by first The data of position are sequentially successively replaced.
Alice, Bob, Charlie distribute identical random number seed, reuse identical pseudo-random number generator and generate Identical random number string, the length of the random number string are equal to the length n of key, and the random number of random number string does not repeat and value model Enclosing is 1~n;Assuming that the length of key is 5, the random number string of generation is { 2,4,3,5,1 }, then according to random number string successively into 5 replacement operators of row, i.e., first exchanges with the 2nd, and second is exchanged with the 4th, and third position is exchanged with the 3rd, and the 4th Exchanged with the 5th, the 5th exchanges with the 1st, so far just complete length be 5 key data reset, other length it is close Key also can be performed similar operations and carry out data rearrangement.
In step S3.2, calculates transmitting terminal or the step of each receiving end parity check sum includes:
S3.2.1: transmitting terminal or receiving end are segmented according to the corresponding segment length seg (i) of the number of iterations i, obtain several points Section key;
S3.2.2: the parity check sum of each segment key is calculated, and will be corresponding from the segment key of same primary key Parity check sum group be combined into corresponding parity check sum sequence;
S3.2.3: the parity check sum sequence of each receiving end is sent to by transmitting terminal by classical channel, is mutually patrolled Operation is collected, logic operation result is recorded;Again by the odd even of the logic operation result of the parity check sum of each receiving end and transmitting terminal Verification and sequence carry out logical operation, obtain logic operation result;
S3.2.4: the operation result generated in S3.2.3 is sent to by each receiving end by classical channel.
Alice selects iteration segment length sequence seg according to initial error code rate pe X, according to seg it can be concluded that the number of iteration, And the segment length of each iteration.Segment length's sequence index information is sent to Bob, Charlie by classical channel Alice.
It should be added that carrying out the operation of parity check sum can compare or logical operation to be simple, herein Logical operation can be XOR operation.
By taking tripartite is shared as an example, calculates transmitting terminal or each receiving end parity check sum includes the following steps:
The end S3.2-1, Alice, the end Bob, the end Charlie respectively carry out key according to the segment length seg (i) of i-th iteration Segmentation, obtains several segment keys.If the length of final stage adds 0 if it is less than segment length, at end, its length is made to be equal to section It is long.Calculate the parity check sum of each segment key, and by the corresponding even-odd check of segment key from same primary key Corresponding parity check sum sequence is combined into group.The end Alice, the end Bob, the end Charlie calculate separately to obtain surprise in the present embodiment Even parity check and sequence ParityA, parity check sum sequence ParityB, parity check sum sequence ParityC.Seg (i) is selected The value of i-th of element in the optimal segment length's sequence seg selected, the value of i are the number of iteration.
S3.2-2, ParityB, ParityC are sent to respectively by the end Alice by classical channel Bob, Charlie.
S3.2-3, by the parity check sum sequence of the parity check sum sequence ParityB at the end Bob and the end Charlie ParityC carries out operation and obtains ParityBC, then calculates the end Alice parity check sum sequence ParityA and ParityBC and carry out Operation obtains even-odd check result ParityABC.Calculation formula may be expressed as: ParityBC=ParityB ⊕ ParityC, ParityABC=ParityA ⊕ ParityBC.0 in ParityABC indicates the correspondent section even-odd check phase of KA and target cipher key Together, 1 indicate that KA is different from the correspondent section even-odd check of target cipher key.
S3.2-4, ParityABC is sent respectively to by Bob, Charlie by classical channel Alice.
In step S3.3, the transmitting terminal section different from each receiving end logic operation result is arranged into Cheng Jihe respectively, is denoted as X, The Hamming syndrome of each cipher key sections in set of computations X,
Formula are as follows: Sx,i(i ∈ X)=H × Xi;
Each receiving end Hamming syndrome is sent to transmitting terminal by classical channel, and does logical operation, records operation knot Fruit;The Hamming syndrome of the logic operation result of each receiving end and transmitting terminal is subjected to logical operation again, finds out error bit position It sets.
Specifically, the Hamming matrix H of r × seg (i) is calculated, and meets seg (i)=(2r- 1): Hamming matrix is error correction The element of check matrix in the process, matrix can be expressed asM indicates Hamming matrix H M row, n indicate the n-th column of Hamming matrix H, this expression formula can easily be realized in FPGA by shifting function, so Hamming matrix can save the memory space of Hamming matrix using the scheme generated in real time.
By taking tripartite is shared as an example, calculates Hamming syndrome and finds out errant bit locations:
S3.3-1, the end the Alice section different from even-odd check between the end Bob, the end Charlie is taken out by ParityABC, It is denoted as set A, B and C respectively, Alice calculates the Hamming syndrome S of each cipher key sections in Aa,i(i ∈ A)=H × Ai, Bob meter Calculate the Hamming syndrome S of each cipher key sections in Bb,i(i ∈ B)=H × Bi, Charlie calculate the Hamming companion of each cipher key sections in C With formula Sc,i(i ∈ C)=H × Ci.
S3.3-2, pass through classics channel Bob, Charlie respectively by Sb,i、Sc,iSend Alice.Alice is obtained
Step S3.4 carries out error correction, according to the resulting errors present of step S3.3, overturns the key bit of the corresponding position KA, It is negated according to 0 or 1 value of errant bit locations primary key corresponding position, i.e., 0 overturning is that 1,1 overturning is 0.
Data rearrangement is carried out using method described in step S3.1, the execution of step 4 loop iteration is then return to, until reaching To largest loop the number of iterations, jumps out circulation and execute step S4 downwards.
In the step S4, verification error correction result step includes: to calculate separately sender's primary key and each receiving end Shared key cipher key digest, cipher key digest is sent to by transmitting terminal by each receiving end of classical channel, and do logical operation, Record logic operation result;Judge the cipher key digest of each receiving end logic operation result and transmitting terminal cipher key digest whether one It causes;If consistent, error correction success;If inconsistent, error correction is unsuccessful.
In the step S4, verification error correction result uses CRC algorithm or MD5 algorithm.
By taking CRC algorithm as an example, the end Alice, the end Bob, the end Charlie calculate separately cipher key digest and obtain KA_CRC, KB_ CRC, KC_CRC respectively send cipher key digest KB_CRC, KC_CRC to Alice by the end classical channel Bob, the end Charlie, and KBC_CRC is calculated,If KA_CRC is equal to KBC_CRC, error correction is successful, otherwise Error correction failure, abandons corresponding secret key.MD5 algorithm or algorithm can similarly be used.
Embodiment 2
The present embodiment provides a kind of error correction methods shared for multi-party quantum key.
Compared with Example 1, which is applied to the more of a transmitting terminal and multiple receiving ends Square quantum key distribution platform, working principle is same as Example 1, and explanation is not repeated herein.
The error correction method is used to carry out error correction to the primary key of transmitting terminal and the shared key of multiple receiving ends to make to send The primary key at end is identical with the shared key of multiple receiving ends.Compared with Example 1, the error correction method application in the present embodiment In the multi-party quantum key distribution platform of a transmitting terminal and multiple receiving ends, but it can be pushed away in actual algorithm by embodiment 1 Explanation is not repeated herein in Li Ke get.
Moreover, it is desirable to illustrate, the corresponding exposed information hundred of each segment length's sequence of calculating referred in the application Point ratio, is to consider to carry out in calculating process by the information that leaks of classics channel.Exposure information percentage is classical letter Length (i.e. the information content of the transmission of quantum channel) of the total amount of data of road transmission than key.It is such as Fig. 2 as can be seen that of the invention Exposure information is few.
The F factor, that is, error correction efficiency shown in Fig. 3, the performance standard as Error Correction of Coding.The F factor is defined as a certain mistake Accidentally rate, the information content of actual error correction interaction consumption and the information content (i.e. comentropy or shannon limit) ideally consumed Ratio.As seen from the figure, the F factor of the invention is small, and system is more stable.
Only highly preferred embodiment of the present invention is described above, but is not to be construed as limiting the scope of the invention.This Invention is not limited only to above embodiments, and various changes made within the protection scope of the independent claims of the invention are at this In the protection scope of invention.

Claims (11)

1. a kind of error correction method of quantum secret sharing system, applied to the multi-party amount including transmitting terminal and at least two receiving ends Sub-secret shared platform, which comprises the steps of:
S1: the error code rate pe X of computing system;
S2: segment length's arrangement set is calculated;The transmitting terminal chooses optimal section according to error rate of system PeX in segment length's arrangement set Long sequence seg is denoted as seg={ seg (1) ..., seg (i) ..., seg (n) }, and i ∈ [1, n], n are the number of greatest iteration, Seg (i) is the segment length of i-th iteration;
S3: loop iteration executes following steps:
S3.1: the initial value for enabling i is 1, and the shared key of the primary key of the transmitting terminal and each receiving end is pressed phase Tongfang Formula upsets key string to carry out data rearrangement;
S3.2: sender's primary key and shared key are segmented according to segment length seg (i), obtain several segment keys;Point Not Ji Suan transmitting terminal and receiving end segment key parity check sum, logical operation is carried out to each receiving end parity check sum, The logic operation result of the parity check sum of transmitting terminal and each receiving end parity check sum is subjected to operation, obtains different segmentations Key;
S3.3: the length r of Hamming syndrome is calculated according to seg (i), Hamming matrix H is obtained, by Winnow error correction algorithm in institute In the different segment key of the operation result that the step S3.2 stated is obtained, errant bit locations are found out;
S3.4: negating according to 0 or 1 value of the errant bit locations to corresponding position in sender's primary key, and update i is i+1, returns Return step S3.1;Until i=n+1, stops circulation;
S4: verification error correction result;If all error correction successes of each receiving end, terminate operation;If error correction is unsuccessful, abandon corresponding close Key.
2. the error correction method of quantum secret sharing system according to claim 1, which is characterized in that the step S2 In, the method for calculating segment length's arrangement set includes the following steps:
False edges eps is arranged in SA;Set initial Hamming syndrome length r0, and limit r0 value range r0 ∈ [rmin, rmax];Segment length's increment d is set, and limits the value range d ∈ [dmin, dmax] of d;Limit the bit error rate initial value Pe0 Value range Pe0 ∈ [Pe0min, Pe0max], bit error rate initial value Pe0 is minimized Pe0min;
Error code rate pe is assigned bit error rate initial value Pe0 by SB, and initial Hamming syndrome length r0 assignment rmin initializes a sky Segment length's sequence, and will be in the empty segment length's sequence of r0 write-in;
SC takes d=dmin, r=r0;Analog error correction, the bit error rate P-next after calculating the corresponding error correction of error code rate pe, and by Pe It is assigned a value of P-next;
SD carries out constantly incremental operation as increment using d to Hamming syndrome length r and is continuously available new r value, one r of every update Value then calculates new P-next, and is assigned to Pe and forms updated Pe;Until when meeting Pe < eps, this operation knot Beam;The value of r in circulation every time is successively recorded, composition sequence is written in segment length's sequence;
SE, ascending traversal segment length increment d, often taking a d value, then return step SD carries out loop iteration operation, until d > When dmax, this circulation terminates;
SF, the ascending initial Hamming syndrome length r0 of traversal, often takes a r0 value, carries out loop computation to step SC-SE, Until this circulation terminates when r0 > rmax;
SG combines segment length's sequence in the step SD, obtains the corresponding segment length's arrangement set of Pe0.
3. the error correction method of quantum secret sharing system according to claim 2, which is characterized in that ascending traversal institute The bit error rate initial value Pe0 stated;A Pe0 value is often taken, returns and executes the step SB~SG, and at the beginning of the bit error rate Next Pe0 value is chosen in the value range of initial value Pe0;Until terminating operation when Pe0 > Pe0max.
4. the error correction method of quantum secret sharing system according to claim 2, which is characterized in that the step S2 In, when finding optimal segment length's sequence and including the following steps: analog error correction in the step SC, it is corresponding to calculate each segment length's sequence Exposure information percentage;Corresponding segment length's arrangement set is obtained according to error rate of system PeX, defines the value of optimal segment length's sequence Range takes the smallest class value of percentage w for wherein exposing information, obtains optimal segment length's sequence.
5. the error correction method of quantum secret sharing system according to claim 2, which is characterized in that the step SC In, the bit error rate after calculating error correction includes the following steps: to remember that key bit number is m0;According to k=Pe × m0Calculate error bit Number k, calculates the probability containing number of error bits k according to the following formula:
P is calculated according to (formula one)2kAnd P2k+1,
The bit error rate after this error correction is then calculated by following formula:
6. the error correction method of quantum secret sharing system according to claim 1, which is characterized in that the step S1 In, the bit error rate of each receiving end relative to transmitting terminal is calculated separately, the error code rate pe X for the system of being denoted as is maximized.
7. the error correction method of quantum secret sharing system according to claim 1, which is characterized in that the step S3.1 In, random number string identical with the length of primary key, shared key is distributed into transmitting terminal and each receiving end;It sets original close Key, shared key length be D, then each data value range in random number string is [1, D] and not repeat mutually;By key In data by first it is corresponding with random number string number pointed location data sequentially successively replaced, wherein right Answering digital pointed location is the position in key.
8. the error correction method of quantum secret sharing system according to claim 1, which is characterized in that the step S3.2 In, it calculates transmitting terminal or the step of each receiving end parity check sum includes:
S3.2.1: transmitting terminal or receiving end are segmented according to the corresponding segment length seg (i) of the number of iterations i, and it is close to obtain several segmentations Key;
S3.2.2: calculating the parity check sum of each segment key, and by the corresponding surprise of segment key from same primary key Even parity check and group are combined into corresponding parity check sum sequence;
S3.2.3: being sent to transmitting terminal for the parity check sum sequence of each receiving end by classical channel, mutually carries out logic fortune It calculates, records logic operation result;Again by the even-odd check of the logic operation result of the parity check sum of each receiving end and transmitting terminal With progress operation, operation result is obtained;
S3.2.4: the operation result generated in S3.2.3 is sent to by each receiving end by classical channel.
9. the error correction method of quantum secret sharing system according to claim 1, which is characterized in that the step S4 In, verification error correction result step includes: to calculate separately the cipher key digest of the shared key of sender's primary key and each receiving end, Cipher key digest is sent to transmitting terminal by each receiving end of classical channel, and does logical operation, records logic operation result;Judgement Whether the logic operation result of each receiving end and the cipher key digest of transmitting terminal are consistent;If consistent, error correction success;If inconsistent, Then error correction is unsuccessful.
10. the error correction method of quantum secret sharing system according to claim 9, which is characterized in that the step S4 In, verification error correction result uses CRC algorithm or MD5 algorithm.
11. the error correction method of quantum secret sharing system according to claim 8 or claim 9, which is characterized in that the logic Operation is XOR operation.
CN201611028419.3A 2016-11-18 2016-11-18 A kind of error correction method of multi-party quantum secret sharing system Active CN106452761B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611028419.3A CN106452761B (en) 2016-11-18 2016-11-18 A kind of error correction method of multi-party quantum secret sharing system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611028419.3A CN106452761B (en) 2016-11-18 2016-11-18 A kind of error correction method of multi-party quantum secret sharing system

Publications (2)

Publication Number Publication Date
CN106452761A CN106452761A (en) 2017-02-22
CN106452761B true CN106452761B (en) 2019-09-06

Family

ID=58221304

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611028419.3A Active CN106452761B (en) 2016-11-18 2016-11-18 A kind of error correction method of multi-party quantum secret sharing system

Country Status (1)

Country Link
CN (1) CN106452761B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106850221B (en) * 2017-04-10 2019-11-08 四川阵风科技有限公司 Information encryption and decryption method and device
CN108111302B (en) * 2017-12-13 2020-10-23 安徽大学 Quantum method for safely calculating Hamming distance based on Bell state
CN108599943B (en) * 2018-05-03 2020-10-09 浙江工商大学 Multi-party quantum privacy comparison method suitable for strangers based on d-level single photons
CN110113098B (en) * 2019-05-10 2020-10-02 哈尔滨工业大学(深圳) Error code estimation method and device for quantum key distribution system
CN110971399A (en) * 2019-10-31 2020-04-07 北京邮电大学 Post-processing method and device for optical network physical layer key distribution
CN111510158B (en) * 2020-04-15 2021-10-15 腾讯科技(深圳)有限公司 Fault-tolerant error-correcting decoding method, device and chip of quantum circuit
CN113259101B (en) * 2021-06-08 2021-10-26 北京中创为南京量子通信技术有限公司 Error correction method and device for quantum key distribution system
CN113297633B (en) * 2021-07-26 2021-11-02 南京大学 Quantum digital signature method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6128764A (en) * 1997-02-06 2000-10-03 California Institute Of Technology Quantum error-correcting codes and devices
CN101540760A (en) * 2009-04-23 2009-09-23 上海交通大学 Quantum key agreement method
CN106027230A (en) * 2015-03-28 2016-10-12 北京大学 Method for carrying out Hamming error correction for error code in quantum secret key distribution postprocessing
CN106411511A (en) * 2016-11-18 2017-02-15 浙江神州量子网络科技有限公司 Multiparty quantum key distribution system error correction method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6128764A (en) * 1997-02-06 2000-10-03 California Institute Of Technology Quantum error-correcting codes and devices
CN101540760A (en) * 2009-04-23 2009-09-23 上海交通大学 Quantum key agreement method
CN106027230A (en) * 2015-03-28 2016-10-12 北京大学 Method for carrying out Hamming error correction for error code in quantum secret key distribution postprocessing
CN106411511A (en) * 2016-11-18 2017-02-15 浙江神州量子网络科技有限公司 Multiparty quantum key distribution system error correction method

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
An Adaptive Improved Winnow Algorithm;Qiong Li;Shuming Wang;Haokun Mao;Qi Han;Xiamu Niu;《2015 IEEE 39th Annual Computer Software and Applications Conference》;20150924;全文
Efficiency of Winnow Protocol in Secret Key Reconciliation;Hao Yan;Xiang Peng;Xiaxia Lin;Wei Jiang;Tian Liu;Hong Guo;《2009 WRI World Congress on Computer Science and Information Engineering》;20090724;全文

Also Published As

Publication number Publication date
CN106452761A (en) 2017-02-22

Similar Documents

Publication Publication Date Title
CN106452761B (en) A kind of error correction method of multi-party quantum secret sharing system
CN106411511B (en) A kind of error correction method of multi-party quantum key distribution system
Pant et al. Rate-distance tradeoff and resource costs for all-optical quantum repeaters
CN101540760B (en) Quantum key agreement method
CN105024801B (en) Quantum encryption communication method
Gelles et al. Efficient coding for interactive communication
CN113591146B (en) Efficient and safe two-party computing system and computing method based on cooperation
CN110380824A (en) Quantum Error Correcting Codes preparation method towards fault-tolerant blind quantum calculation
CN110138550B (en) QKD network system model construction method
CN106789021A (en) Quantum packet multi-user&#39;s secret comparative approach based on five particle Brown states
CN106452757B (en) quantum secret sharing system and sharing method and error correction method thereof
CN110445609A (en) A kind of quantum secret sharing method and shared system based on quantum walking
CN106027231A (en) Method for carrying out cascading error correction for error code in quantum secret key distribution postprocessing
CN108365954B (en) Control code multiplexing method
Huang et al. On secrecy capacity of minimum storage regenerating codes
Yang et al. Capacity analysis of linear operator channels over finite fields
Bykovsky A multiple-valued logic for implementing a random oracle and the position-based cryptography
Sharma et al. A new secure model for quantum key distribution protocol
CN111277406A (en) Block chain-based safe two-direction quantity advantage comparison method
CN110166247A (en) It can the anti-pollution network code endorsement method attacked and position intermediate node conspiracy attack
Yang et al. Storage and communication tradeoff for wireless coded blockchains
CN110545181B (en) Method for creating and using multilevel matrix password
Lin et al. Authenticated multi-user quantum key distribution with single particles
Mitra et al. Polar Coded Merkle Tree: Mitigating data availability attacks in blockchain systems using informed polar code design
Zhao et al. An efficient outsourced oblivious transfer extension protocol and its applications

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant