CN106656490B - Quantum whiteboard data storage method - Google Patents

Quantum whiteboard data storage method Download PDF

Info

Publication number
CN106656490B
CN106656490B CN201611215389.7A CN201611215389A CN106656490B CN 106656490 B CN106656490 B CN 106656490B CN 201611215389 A CN201611215389 A CN 201611215389A CN 106656490 B CN106656490 B CN 106656490B
Authority
CN
China
Prior art keywords
quantum
key
blank
communication network
file
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201611215389.7A
Other languages
Chinese (zh)
Other versions
CN106656490A (en
Inventor
富尧
蔡晓宇
钟一民
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Divine Land Zhejiang Quantum Network Science And Technology Ltd
Original Assignee
Divine Land Zhejiang Quantum Network Science And Technology Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Divine Land Zhejiang Quantum Network Science And Technology Ltd filed Critical Divine Land Zhejiang Quantum Network Science And Technology Ltd
Priority to CN201611215389.7A priority Critical patent/CN106656490B/en
Publication of CN106656490A publication Critical patent/CN106656490A/en
Application granted granted Critical
Publication of CN106656490B publication Critical patent/CN106656490B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/16Arrangements for providing special services to substations
    • H04L12/18Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/40Support for services or applications
    • H04L65/401Support for services or applications wherein the services involve a main real-time session and one or more additional parallel real-time or time sensitive sessions, e.g. white board sharing or spawning of a subconference
    • H04L65/4015Support for services or applications wherein the services involve a main real-time session and one or more additional parallel real-time or time sensitive sessions, e.g. white board sharing or spawning of a subconference where at least one of the additional parallel sessions is real time or time sensitive, e.g. white board sharing, collaboration or spawning of a subconference
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography

Abstract

The present invention provides a kind of quantum whiteboard data storage methods, and the present invention also provides quantum whiteboard system, quantum communication network service station, quantum white board server, the quantum blank user terminals of supporting this method.The present invention passes through the management of quantum white board server, by key card encryption, realizes the quantum random number key encryption of whiteboard data storage, which is true random number, greatly ensure that the safety of whiteboard data.Key used in the present invention is the quantum random number key that encryption and decryption both sides are shared by key card or the quantum key shared by quantum key distribution, and symmetric encipherment algorithm is only used to whiteboard data and is transmitted, abandon the mode for carrying out encrypted transmission to the key of symmetric encipherment algorithm using rivest, shamir, adelman.The storage location of blank file of the present invention is different from the position for encrypting used quantum random number key storage, further ensures that the safety of storage file and decryption.

Description

Quantum whiteboard data storage method
Technical field
The present invention relates to Technique on Quantum Communication fields, particularly provide a kind of quantum whiteboard data storage method, specifically One kind being based on quantum communication network and quantum key, completes the side stored to the data in highly safe whiteboard session Method.
Background technique
In recent years, interactive electric whiteboard is widely used in network office, Remote Video Conference and long-distance video teaching Equal fields.During user carries out network communication using interactive electric whiteboard, it can according to need electronic whiteboard screen The content established or modified on curtain is saved.Electronic whiteboard product currently on the market, the preservation to whiteboard data are often It is completed by the computer built in the computer or electronic whiteboard integrated machine that are connected with electronic whiteboard.For security requirement Lower blank content, user are directly saved blank content computer in the form of plaintext.Safety is wanted Higher blank file is sought, user will save often through the Encryption Tool in computer after blank file encryption, and protect The mode deposited, which can be local save, to allow white board server to be saved.But there is sizable security risks.
If local save, since the computer carries networking and other function during electronic whiteboard is run Can, in computer-internal, there may be Malwares, so there are many security risks during saving whiteboard data.
If white board server is allowed to save, when user uses this document, need through classic network to whiteboard service Device downloads this document, this process is along with login, certification and cipher key delivery etc..
The dynamic verification code that key used in existing electronic whiteboard encryption data and login process may use all is base The pseudo random number of software programming generation is carried out in mathematical algorithm, with the development of quantum computer, the operational speed of a computer is to refer to Several times increase, and this pseudo random number based on mathematical algorithm is easy to be cracked.
Existing electric whiteboard system is communicated in classical communication network, and the encrypted body of classical communication network is utilized System guarantees safety.Symmetric cryptographic algorithm is used for encrypted transmission data in classical communication network, and asymmetric arithmetic is for adding Close shared key.It can be seen that the safety of entire classical communication system of the safety effects of rivest, shamir, adelman.Rather than The safety of symmetric encipherment algorithm is based on some specific complex mathematical operations, with the development of quantum computer, computer Arithmetic speed increased again with index, this makes classical rivest, shamir, adelman equally will also be faced with the risk being cracked.
The encryption and decryption of data are completed by the processing unit in electric whiteboard system in existing electronic whiteboard, Be likely to be the computer or the all-in-one machine for having computer capacity that one connect with whiteboard screen, these computers and all-in-one machine with Network is connected, and the cleartext information after collected clear data or decryption is easy to be stolen by criminal by network.
Existing electric whiteboard system is white often by the computer or electronics being connected with electronic whiteboard to the decryption of data Computer built in plate all-in-one machine is completed.In this way, computer need to save key could to encrypted blank file into Row decryption.This is unfavorable for the management of key, but also the safety of key reduces.
Summary of the invention
Technical problem to be solved by the invention is to provide a kind of quantum whiteboard data storage methods, guarantee whiteboard data Safety.For this purpose, the invention adopts the following technical scheme:
A kind of quantum whiteboard data storage method, it is characterised in that:
It passes through quantum white board server or the required data stored of quantum blank user terminal storage;
Quantum white board server is connected to quantum communication network, and quantum blank user terminal is transmitted by quantum communication network Data pass through quantum white board server, and quantum white board server is configured with key card;
The date storage method the following steps are included:
(1) quantum white board server transmits and comes the encryption storage letter of ciphertext form received from quantum communication network service station The encryption storage information of breath, the ciphertext form is encrypted by quantum random number key;
Quantum white board server is decrypted with quantum random number key corresponding in its key card;Obtain plaintext version Encryption store information, user key card contained in the encryption storage information of quantum white board server audit plaintext version The qualification whether ID has encryption to store;
If audit passes through, encryption storage information is encrypted as ciphertext again with quantum random number key in its key card, to Quantum communication network service station is sent;
Alternatively, directly generating encryption storage information by quantum white board server, and with the quantum random number in its key card Key is encrypted as ciphertext, sends to quantum communications network service station;
(2) when the quantum white board server or quantum blank user terminal receive the blank from quantum communications service station After file ID, whiteboard data corresponding with the encryption storage information will be received the quantum white board server of blank file ID Or the encryption of quantum blank user terminal generates corresponding blank file and saves.
Further, blank file ID is encrypted when sending the quantum white board server or quantum blank user terminal to For ciphertext form, the quantum white board server or quantum blank user terminal for receiving ciphertext form blank file ID pass through its key Corresponding quantum random number key is decrypted in card, obtains the blank file ID of plaintext version.
Further, user key card ID by quantum white board server audit passed through, and user key card ID also by After the approval, the quantum communication network service station generates corresponding blank file ID in quantum communication network service station.
Further, the quantum in the quantum random number key in user key card and quantum white board server key card with Machine number key is also stored in quantum communication network service station, stores quantum random number key and amount of storage in user key card The quantum communication network service station of quantum random number key is that different quantum communication networks takes in sub- white board server key card Business station or the same quantum communication network service station.
Further, the quantum white board server is after the approval, and encryption storage information is by quantum white board server It is encrypted as ciphertext form again by quantum random number key in its key card, is then forwarded to the amount of quantum white board server access Sub- communications network service station, by being stored with quantum random number key in quantum white board server key card on quantum communication network Quantum communication network service station the encryption of ciphertext form storage information is decrypted into plain text with corresponding quantum random number key Form, then user key card ID in the encryption storage information of plaintext version is audited in quantum communication network service station.
When the white notebook data of storage needs to decrypt, the holder of the blank file comprising the white notebook data ciphertext issues solution Close request.Blank file holder can be user, send decoding request ciphertext by blank file user end, identity is to connect It is connected to blank file user end or is built in the user key card ID at blank file user end;Blank file holder is also possible to Quantum white board server, identity are blank file server key card ID, and it is close to send decoding request by quantum white board server Text.
Further, when the blank ciphertext data in blank file need to decrypt, by holding and the blank file ID pair The quantum communication network service station for the key file answered has been made whether decryption power to the user key card ID for holding blank file The audit of limit, if audit passes through, with the quantum random number key in key file by blank ciphertext data deciphering, the quantum communications File containing blank in the decoding request that network service station receives.
Further, the quantum communication network service station of blank file holder access is received from blank file holder Decoding request be by blank file holder's key card quantum random number key encryption;When decoding request is in quantum communications When transmitting between network service station, decoding request is encrypted with the shared quantum key between quantum communications network service station; It is by quantum communication network when whiteboard data after decryption is sent to blank file holder from quantum communication network service station Service station is encrypted as ciphertext form with quantum random number key, is encrypted quantum random number key used and is stored in blank Quantum random number key in file holder's key card;Whiteboard data after decryption passes between quantum communication network service station It when passing, is encrypted with the shared quantum key between quantum communications network service station.
Further, when the quantum communication network service station of blank file holder access is held and the blank file ID pair The key file answered and when there is quantum random number key in key card, by whiteboard data is sent back to blank after its decryption File holder;Otherwise, decoding request is passed to by quantum communication network holds key corresponding with the blank file ID The quantum communication network service station of file, after decryption, the path that whiteboard data can be transmitted according to decoding request, which returns, to be passed It is defeated by the quantum communication network service station of blank file holder access, then sends blank file holder to, alternatively, passing through it Its quantum communication network service station is transferred to blank file holder.
Further, hold whiteboard data that the user of blank file obtains after successful decryption after its primary output i.e. In vain, decryption next time is still with original blank file.
Further, when needing to delete stored blank file, have corresponding to the blank file by deleting Key file is realized;
If removal request is sent out by quantum white board server, then the quantum communication network service station of its access carries out body to it Part certification;Success is such as audited, by having the quantum communication network service station of the key file to from quantum white board server The cipher-text information of removal request is decrypted, and then according to blank file ID therein, deletes corresponding key file;
If removal request is sent out by quantum blank user terminal, the removal request of ciphertext form is sent to the quantum of its access Communications network service station is decrypted the removal request being re-encrypted again and is sent to the audit of quantum white board server, and quantum is white Quantum random number key used by the removal request ciphertext that plate server receives is that there is also quantum white board server key cards In quantum random number key;
Quantum white board server decrypts removal request ciphertext, carries out deletion qualification to user key card ID therein and examines Core then uses removal request quantum random number key encryption in quantum white board server key card to send again if audit passes through To quantum communication network, by having the quantum communication network service station of the key file to the deletion from quantum white board server The cipher-text information of request is decrypted, and then according to blank file ID therein, deletes corresponding key file.
Further, when the blank file that quantum blank user terminal and quantum white board server need to save oneself is repaired When changing its operating right,
It modifies request such as operating right to be sent out by quantum white board server, then quantum communication network service station pair of its access It carries out authentication;Success is such as authenticated, if the quantum communication network service station of quantum white board server access and preservation are close The quantum communication network service station of key file be it is same, then the quantum communication network service station to come from quantum white board server Operating right modification request cipher-text information be decrypted, then according to blank file ID therein, find the blank file Corresponding key file, and the relevant user right list in the key file is carried out accordingly according to permission modification information Modification;If the quantum communication network service station of quantum white board server access and the quantum communication network for saving key file take It is not same for being engaged in standing, and the operating right modification request of ciphertext form is sent to through quantum communication network is stored with key file Quantum communication network service station, modified accordingly by the quantum communication network service station;
If operating right modification request is sent out by quantum blank user terminal, the operating right modification request of ciphertext form is through measuring Sub- communication network is sent to the audit of quantum white board server, and quantum white board server modifies request ciphertext solution to operating right It is close, operating right modification request audit is carried out to user key card ID therein and then asks operating right modification if audit passes through It asks and is sent to the quantum communication network service station that quantum white board server accesses with the encryption of quantum random number key again, if amount The quantum communication network service station of sub- white board server access is same with the quantum communication network service station for saving key file A, then the quantum communication network service station carries out the cipher-text information of the operating right modification request from quantum white board server Decryption, then according to blank file ID therein, finds the corresponding key file of blank file, and according to permission modification information Relevant user right list in the key file is modified accordingly;If the quantum of quantum white board server access Communications network service station and the quantum communication network service station for saving key file are not same, the operating rights of ciphertext form Modification request is sent to the quantum communication network service station for being stored with key file through quantum communication network, by the quantum communications Network service station is modified accordingly.
Quantum whiteboard data storage method above-mentioned can be used in quantum whiteboard system below.
The quantum whiteboard system includes:
Several quantum communication network service stations, each quantum communication network service station directly or indirectly with other quantum The connection of communications network service station to form quantum communication network to construct;Distribute quantum random number in the quantum communication network service station Key carries out authentication to key card, stores key file;It is described to be directly connected to refer to two quantum communication network service stations not It needs to carry out information transmitting by third quantum communication network service station, is indirectly connected with and refers to two quantum communication network service stations Between need at least one quantum communication network service station carry out message transmission;
Quantum blank user terminal is connected to quantum communication network service station, the quantum blank user terminal built in user Key card or access interface with user key card are stored with quantum random number key in user key card;
Quantum white board server, is connected to quantum communication network service station, quantum white board server built-in key card or Access interface with key card is stored with quantum random number key in quantum white board server key card.
Quantum white board server monitors the network connecting request of quantum blank user terminal and establishes connection therewith, is responsible for quantum The login of blank user terminal and exit management, empowerment management, whiteboard data save etc., the whiteboard data of quantum blank user terminal hair It is sent to quantum white board server, all quantum blanks that blank communication connection has been established is re-send to through quantum white board server and uses Family end.
Above-mentioned quantum communication network service station can use following scheme:
The quantum communication network service station setting key file storage server, certificate server, quantum random number hair Raw device, quantum random number crypto key memory, quantum key distribution server and quantum key management server;
The quantum random number generator is for generating quantum random number, in the user key card of user and quantum communications Shared quantum random number key is formed between network service station;
The quantum random number crypto key memory is used to store the quantum random number generated by quantum random number generator;
The certificate server is used to complete authentication and the signal auditing of key card;
The quantum key distribution server is used to carry out the quantum key distribution between quantum communication network service station;
The quantum key management server, the quantum key for being responsible for distributing quantum key distribution server are deposited Storage, management;
The key file storage server, for storing key file corresponding with blank file.
Quantum key distribution server has external communication connection interface, and certificate server has external communication connection Interface;Quantum key distribution server is connected with quantum key management server, quantum key management server and authentication service Device is connected;Quantum random number generator is connected with quantum random number crypto key memory, quantum random number crypto key memory and certification Server is connected.Key file storage server is connected with certificate server.The quantum random number crypto key memory is provided with The port of key card.
Above-mentioned quantum white board server can use following scheme:
Quantum white board server, it is characterised in that: the quantum white board server built-in key card or with key card Access interface is stored with quantum random number key in quantum white board server key card;The quantum white board server further include:
For being responsible for the login of quantum blank user terminal and exiting management, empowerment management, reception drawing, text and figure Shared policy module;
For monitoring the network connecting request of quantum blank user terminal particular port and establishing the transceiver module of connection therewith, The whiteboard data of quantum blank user terminal is set to be sent to quantum white board server and processed;
For saving the memory module of data.
Above-mentioned quantum blank user terminal can use following scheme:
The quantum blank user terminal is equipped with quantum blank input unit or equipped with quantum blank display device or sets There are quantum blank input unit and quantum blank display device or be equipped with quantum blank input and display device, the quantum is white Plate user terminal is additionally provided with quantum blank processing unit;
When being provided with quantum blank display device, quantum blank processing unit is connected with quantum blank display device, when When being provided with quantum blank input unit, quantum blank processing unit is connected with quantum blank input unit, when being provided with quantum When blank input and display device, quantum blank processing unit is connected with quantum blank input and display device;It is arranged when simultaneously When having quantum blank display device and quantum blank input unit, quantum blank processing unit respectively with quantum blank display device And quantum blank input unit connection.
Quantum blank input unit, quantum blank display device and the equal built in user of quantum blank input and display device are close Key card or access interface with user key card.
The quantum blank processing unit is the equipment that quantum blank user terminal and quantum communication network carry out network communication, When connecting with quantum blank display device, it is responsible for being encrypted what is received from quantum communication network with quantum random number key Data be sent to quantum blank display device;When connecting with quantum blank input unit, it is responsible for input from quantum blank Device, which is received, is sent to quantum communication network with the data that quantum random number key encrypts;The quantum blank input unit is used In the data of acquisition blank input, and the sub- random number key of collected data usage is encrypted to by ciphertext by user key card Form is sent to quantum blank processing unit;The quantum blank display device is used to receive dosage from quantum blank processing unit The data of sub- random number key encryption are simultaneously shown after being decrypted by user key card.
Quantum blank processing unit is the equipment that quantum blank user terminal and quantum communication network carry out network communication, including Fixed communication apparatus and mobile communication equipment, preferably, computer, tablet computer, mobile phone etc..
How quantum blank input unit, quantum blank display device and quantum blank input and display device show, are defeated Enter etc. can refer to traditional electric whiteboard system.
Quantum blank user terminal can be there are four types of model, the first model is that only quantum blank input unit and quantum are white Plate processing unit, quantum blank input unit built-in key card (plug-in can also be used), the model only have input function. Second model is only quantum blank display device and quantum blank processing unit, quantum blank display device built-in key Block (plug-in can also be used), which only has display function.The third model be include quantum blank input and display dress Set with quantum blank processing unit, quantum blank input and display device be quantum blank input unit and quantum blank display dress The device integrated is set, sharing a key card or the access interface with a user key card, the model both had Input function has display function again.4th kind of model be include quantum blank input unit, quantum blank display device and amount (plug can also be used in sub- blank processing unit, quantum blank input unit and the equal built-in key card of quantum blank display device Formula).The model had not only had input function but also had had display function, was the main model of quantum blank user terminal.
User key card is the network access license of quantum communication network, and each user key card, which has, uniquely to be led to by quantum Communication network approves the ID of its legitimacy;Its internal structure includes CPU, memory, memory, and the key card has operation system System, the key card can store key card ID, quantum random number key, extract abstract strategy and encryption policy.Extract abstract Used algorithm can be classical hash function such as SHA-3, be also possible to common hash function, if used is general Hash function, then key used in common hash function is provided by key card, and preferably Toeplitz matrix is as general Kazakhstan Uncommon function.In addition to this, any algorithm for the purpose of being made a summary and strategy belong to the model that the present invention extracts abstract strategy Within farmland.User key card is that the important device that user is used to carry out data encryption and decryption is used when subscriber computer is PC The preferred form of expression of family key card is USB KEY or PC motherboard card;When subscriber computer is mobile terminal, Yong Humi The preferred form of expression of key card is SD KEY or Mobile terminal main board chip.
With the propulsion of quantum communications functionization, prospect of the quantum communications in terms of networked instruments is more wide.Quantum Communication equipment completes the distribution of strange land key using BB84 agreement, which is the quantum for guaranteeing its truly random property by Quantum Properties Key encrypts the data transmitted in network using quantum key, can guarantee that information is pacified in the height of transmission over networks Entirely.
The present invention realizes the quantum random number key encryption of whiteboard data storage, which is truly random Number, greatly ensure that the safety of whiteboard data.
Whiteboard data in the present invention is to carry out network transmission after quantum random number key safely encryption, and used Key be amount that encryption and decryption both sides pass through the shared quantum random number key of key card or shared by quantum key distribution Sub-key, and symmetric encipherment algorithm is only used to whiteboard data and is transmitted, it has abandoned using rivest, shamir, adelman to symmetrical The key of Encryption Algorithm carries out the mode of encrypted transmission.
Quantum blank display device and quantum blank input unit are separated with quantum blank processing unit in the present invention, only There are quantum blank processing unit and network connection, quantum blank display device and quantum blank input unit do not allow to access net Network.Key card has its processor, and it is white that data of the whiteboard data either in quantum blank input unit still come from quantum Data in plate display device are all to complete processing, the cryptograph files such as encryption inside its device to be transferred at quantum blank It is only saved in reason device, does not need to do other processing.It effectively prevent clear data or encryption information to be led to by criminal Network is crossed to steal.
Storage, and blank text are encrypted using the quantum random number key of safety to the storage of whiteboard data in the present invention The storage location of part is different from the position for encrypting used quantum random number key storage.The quantum random number key is stored in In quantum communication network service station, blank file, which needs to be sent to quantum communication network service station, can be just decrypted.The process Strengthen the safety of encryption key.
Detailed description of the invention
Fig. 1: quantum whiteboard system secure storage networking diagram in the present invention.
Fig. 2: quantum blank user terminal local cipher stores whiteboard data flow chart.
Fig. 3: quantum white board server encryption storage whiteboard data flow chart.
Fig. 4: hold the flow chart that blank file is decrypted in the user of blank file.
Specific embodiment
Quantum whiteboard system of the present invention is that the data throughput sub-key in interactive electric whiteboard is carried out encryption storage, And all encryption whiteboard datas are decrypted by quantum communication network and safe transmission, are formed and guarantee safety by quantum key Whiteboard system.The whiteboard system is also referred to as quantum blank in the present invention.Therefore, how user terminal shown, inputted Aspect can refer to traditional electric whiteboard system, and details are not described herein.
The features of the present invention is described in further detail below in conjunction with attached drawing.
1. quantum whiteboard system, quantum communication network, quantum white board server, quantum blank user terminal.
As shown in Figure 1, quantum whiteboard system of the present invention is by several quantum blank user terminals, quantum white board server and amount Sub- communication network composition.Quantum communication network is made of several quantum communication network service station direct or indirect connections.Each It include key file storage server, quantum key distribution server, quantum key management inside quantum communication network service station Server, quantum random number crypto key memory, quantum random number generator and certificate server;Packet inside quantum blank user terminal Include quantum blank input unit, quantum blank processing unit and quantum blank display device;Quantum blank user terminal passes through quantum Blank processing unit is linked into quantum communication network service station;Quantum blank input unit and quantum blank display device are built-in User key card realizes the secure communication between quantum blank user terminal and quantum communication network service station;Quantum whiteboard service Contain transceiver module, policy module and memory module inside device, quantum white board server built-in key card realizes quantum blank clothes The secure communication being engaged between device and quantum communication network service station.
Shared quantum is generated between the quantum communication network service station being connected directly by quantum key distribution server Key, the quantum key are transferred to quantum key management server and carry out storage and management, which includes quantum key How storage rule and certificate server call quantum key.Certificate server is connected with quantum key management server, leads to It crosses and calls quantum key that data are carried out with the secure communication between encrypted transmission completion strange land to quantum key management server.If Dry quantum communication network service station, which is directly or indirectly connected, forms quantum communication network with building, any quantum service station it Between can carry out secure quantum communication.
Quantum random number generator generates, and there is the quantum random number of truly random property to be stored in as quantum random number key In quantum random number crypto key memory.On the one hand quantum random number crypto key memory is used to issue quantum random number to user terminal close Key, on the other hand by being connected with certificate server for certification server calls quantum random number key to complete user and quantum Secure communication between communications network service station.
Key file storage server is connected with certificate server, completes storage service for authentication storage server and is given birth to At key file.
Certificate server can also to the ciphertext data deciphering received at clear data, and according to authentication protocol in plain text Data are handled, which includes the operation such as authentication, signal auditing.Any user wants access quantum communication network, It is required to access by some quantum communication network service station, each quantum blank user terminal and quantum white board server will be with At least one quantum communication network service station is connected, and could establish secure communication with quantum communication network.
The foundation of quantum blank communication service includes quantum white board server and several quantum blank user terminals, and quantum is white The data respectively inputted are passed through the quantum communications network security amount of being sent to after by the encryption of quantum random number key by plate user terminal In sub- white board server, after quantum white board server handles data, then is encrypted with quantum random number key and pass through quantum Communications network security is sent to all quantum blank user terminals that blank communication connection has been established.
The quantum that narration default quantum blank user terminal and quantum white board server are accessed with it for convenience in the present invention There is shared quantum random number key between communications network service station.If the quantum communication network service station of access is not total The quantum random number key enjoyed, then the quantum communication network service station accessed need to be added what is received with quantum random number key The sub- communication network of close data throughput is forwarded to the quantum communication network service station with shared quantum random number key;Or Apply for that this is shared to the quantum communication network service station of shared quantum random number key in the quantum communication network service station of access Quantum random number key, and the shared quantum random number key is guaranteed the safety of its transmission by quantum communication network.
2. the encryption storing process of whiteboard data
Quantum white board server or quantum blank user terminal can the whiteboard data in dialogue board communications stored, Whiteboard data to be stored can be data collected in quantum blank input unit and be also possible to quantum blank display device In the data that show.It locally saves and is then needed before preservation to quantum white board server Shen if it is quantum blank user terminal Please, it only obtains just can be carried out preservation after quantum white board server is agreed to.The creation for saving operation is to be handled to fill by quantum blank It sets or quantum white board server issues.
The process of whiteboard data is locally stored in 2.1 quantum blank user terminals, referring to Fig. 2.
When quantum blank input unit or quantum blank display device receive what quantum blank processing unit was sent When saving the creation message of operation, the information that quantum blank input unit or quantum blank display device can save as needed is raw Information is stored at encryption, and using user key card encryption at being sent to quantum blank processing unit after ciphertext, at quantum blank The ciphertext received is sent to the quantum communication network service station of quantum blank user terminal access, the quantum blank by reason device The quantum communication network service station of user terminal access leads to by re-encrypted after the ciphertext received decryption at ciphertext and by quantum Communication network is sent to quantum white board server, and quantum random number key used in re-encrypted is close with quantum white board server The quantum random number key shared in key card.Encryption storage information includes user key card ID, as needed also may include following Information any one, it is several or whole: the identification information of encrypted content, user right list (rewrite permission including having User ID list and the User ID list with decrypted rights etc.), encrypt used in quantum random number key identification information, The identification information etc. of quantum random number key used in making a summary is extracted, abstract is anti-tamper mark information.
The encryption that the ciphertext received decrypts to obtain plaintext version is stored information by quantum white board server, and is deposited to encryption The content auditing in information is stored up, judges the qualification whether user key card ID there is encryption to store.If audit does not pass through, The message of refusal encryption storage is returned to the quantum blank user terminal.If audited successfully, encryption is stored into information quantum Random number key is encrypted to the quantum communication network service station that ciphertext is sent to its access.
The encryption that the ciphertext received decrypts to obtain plaintext version is stored information by the quantum communication network service station, and is examined Whether core user key card ID can encrypt storage, for example whether the user key card has enough quantum random number keys to use To encrypt or whether the quantum communication network service station is since cause specific cannot provide storage service etc..If audited obstructed It crosses, then returns to the message that cannot encrypt storage to the quantum blank user terminal.If audited successfully, quantum blank user is given One blank file ID of end distribution, which is encrypted to after ciphertext and is sent to the quantum blank user terminal, the encryption Used quantum random number key is the quantum random number key shared with the user key card of quantum blank user terminal.
Then, the quantum communication network service station cache key file, key file contains blank file ID, encryption is deposited Store up quantum random number key corresponding to each key ID information in information and encryption storage information.
Quantum blank user terminal receives the blank file ID of the ciphertext form sent by quantum communication network service station And it is decrypted.After quantum blank user terminal receives blank file ID, show that it is able to carry out data storage.Firstly, quantum Whiteboard data is encrypted using user key card for blank input unit or quantum blank display device, obtains blank Data ciphertext.It makes a summary secondly, being extracted using common hash function to whiteboard data ciphertext, obtains blank ciphertext abstract.In addition, white Data during board communications can be used as anti-tamper mark information as desired by extracting to make a summary.Here to whiteboard data The operation for extracting abstract is not unique, such as can extract and make a summary or to blank plaintext number to encrypted blank ciphertext data The algorithm made a summary according to extracting, and extract abstract, which can be, needs the algorithm of key to be also possible to not need the algorithm of key, but nothing Made a summary by using any mode, purpose contribute to guarantee various forms of whiteboard datas or blank file not by It distorts.Then, blank file ID, blank ciphertext abstract and blank ciphertext data are formed together blank file to be sent to quantum white Plate processing unit.Finally, the blank file is stored under specified path by quantum blank processing unit.After saving successfully, quantum The quantum communication network service station that blank user terminal is accessed to it, which returns, saves successful message.The quantum communication network service station It receives after saving successful message, corresponding key file is saved.After saving successfully, the quantum communication network service It stands to return to the quantum blank user terminal and saves successful message.
So far quantum blank user terminal stores the encryption of whiteboard data and completes.Quantum blank user terminal has blank text Part.Meanwhile there is key file in quantum communication network service station.The blank file is established with key file by blank file ID One-to-one relationship.
Encryption storing process of the 2.2 quantum white board servers to whiteboard data, reference Fig. 3.
Whiteboard data in blank communication can also be stored encrypted in quantum white board server.Encryption storage request can be with It can also be issued by quantum white board server by the sending of quantum blank user terminal.
2.2.1 the process of quantum blank user terminal request quantum white board server encryption storage whiteboard data
Quantum blank user terminal can request quantum white board server to carry out whiteboard data during blank communicates Encrypting storing, process are as follows:
After the encryption that quantum white board server receives ciphertext form stores information, quantum white board server will be received Ciphertext decrypt to obtain the encryption storage information of plaintext version, and to the content auditing in encryption storage information, judge the user The qualification whether key card ID there is encryption to store.If audit does not pass through, refusal is returned to the quantum blank user terminal and is added The message of close storage.If audited successfully, encryption storage information is encrypted to the ciphertext amount of being sent to quantum random number key Sub- communications network service station.
The quantum communication network service station will receive ciphertext and decrypt to obtain encryption storage information, and whether audit can add Close storage returns to the message that cannot encrypt storage, quantum blank clothes to the quantum white board server if audit does not pass through The message is returned to the quantum blank user terminal for requesting encryption storage after receiving the message that cannot encrypt storage by business device.If examined Core success, then distribute a blank file ID to the quantum white board server, send after which is encrypted to ciphertext The quantum white board server is given, quantum random number key used in the encryption is shared with the key card of quantum white board server Quantum random number key.
Then, the quantum communication network service station cache key file, key file contains blank file ID, encryption is deposited Store up quantum random number key corresponding to each key ID information in information and encryption storage information.
Quantum white board server receives the blank file ID of the ciphertext form sent by quantum communication network service station And it is decrypted.After quantum white board server receives blank file ID, show that it is able to carry out data storage.Firstly, quantum Whiteboard data is encrypted using key card for white board server, obtains whiteboard data ciphertext.Secondly, using uri hash Function extracts whiteboard data ciphertext and makes a summary, and obtains blank ciphertext abstract.Then, by blank file ID, blank ciphertext abstract and Blank ciphertext data are formed together blank file and are stored under specified path.After blank file saves successfully, quantum whiteboard service The quantum communication network service station that device is accessed to it, which returns, saves successful message.The quantum communication network service station receives guarantor After depositing successful message, corresponding key file is saved.After key file saves successfully, the quantum communication network service It stands to return to the quantum white board server for saving blank file and saves successful message.The quantum white board server receives preservation Whiteboard data, which is returned, to the quantum blank user terminal for issuing preservation request after successful message saves successful message.
So far quantum blank user terminal request quantum white board server carries out encryption storage completion to whiteboard data.Quantum is white Plate server has blank file, meanwhile, there is key file in quantum communication network service station.The blank file and key file One-to-one relationship is established by blank file ID.
2.2.2 the process of quantum white board server request encryption storage whiteboard data
During blank communication, quantum white board server also can according to need autonomous request encryption storage blank number According to process is as follows:
When the policy module of quantum white board server receives encryption storage request, the information that can save as needed Encryption storage information is generated, and the quantum communication network of its access will be sent to after encryption storage information encryption using key card. Quantum random number key used in the encryption is that the quantum random number that the quantum communication network service station accessed with it is shared is close Key.
The quantum communication network service station receives the encryption storage information of ciphertext form, uses shared quantum random number Key is decrypted to obtain the encryption storage information of plaintext version, and audits whether key card ID can encrypt storage, if audit Do not pass through, then returns to the message that cannot encrypt storage to the quantum white board server.If audited successfully, the quantum blank is given Server distributes a blank file ID, which is encrypted to after ciphertext and is sent to the quantum white board server, should Quantum random number key used in encrypting is the quantum random number key shared with the key card of quantum white board server.It connects , the quantum communication network service station cache key file, key file contain blank file ID, encryption storage information and Quantum random number key corresponding to each key ID information in encryption storage information.
Quantum white board server receives the blank file ID of ciphertext form, is decrypted using shared quantum random number key The blank file ID of plaintext version is obtained, shows that it is able to carry out data storage.Firstly, quantum white board server uses key card Whiteboard data is encrypted, whiteboard data ciphertext is obtained.Secondly, being mentioned using common hash function to whiteboard data ciphertext It picks and wants, obtain blank ciphertext abstract.Then, blank file ID, blank ciphertext abstract and blank ciphertext data are formed together Blank file is stored under specified path.After blank file saves successfully, quantum communications of the quantum white board server to its access Network service station, which returns, saves successful message.It, will be right after the quantum communication network service station receives the successful message of preservation The key file answered saves.After key file saves successfully, the quantum communication network service station is to saving blank file Quantum white board server, which returns, saves successful message.
So far quantum white board server request carries out encryption storage to whiteboard data and completes.Quantum white board server has white Plate file, meanwhile, there is key file in quantum communication network service station.The blank file and key file pass through blank file ID Establish one-to-one relationship.
The policy module of quantum white board server be responsible for quantum blank user terminal login and exit management, empowerment management, Receive drawing, text and graphic decomposed;Encryption storage information is carried out by what quantum white board server was responsible in above procedure Audit or the work for generating encryption storage are executed by the module.
The transceiver module of quantum white board server is used to monitor the network connecting request of quantum blank user terminal particular port And connection is established therewith, so that the data of quantum blank user terminal is sent to quantum white board server and processed;The above mistake The data transmit-receive of Cheng Zhongyu quantum communication network and data encrypting and deciphering is executed by the module.
The memory module of quantum white board server, which is used to execute, saves blank file.
3. the process that pair blank file is decrypted, referring to Fig. 4.
Under normal circumstances, blank file can be shared with any legal user by quantum communication network, which can be with It is quantum blank user terminal or quantum white board server, but is also not excluded for illegal user and blank text is obtained by special pathway Part.Therefore it when a certain user for holding blank file namely decoding request side want that output is decrypted to blank file, needs Obtain the certification and audit in quantum communication network service station.The verification process is divided into two links, and the first link is to holding The key card ID of the user of blank file carries out authentication, judges whether it is legal quantum communication network user, the ring The authentication of section can also the user for holding blank file log in when to be decrypted operation before with regard to having carried out, The quantum communication network service station that link is accessed by the user authenticates.Second link is to the user for holding blank file Whether key card ID has the audit of decrypted rights and audits to the validity of the blank file, this link is in the first ring What section carried out after authenticating successfully, whether the user that blank file is held in judgement has decrypted rights to the blank file of this secondary decryption And the blank file is either with or without being tampered, this link is by holding the quantum communication network of key file corresponding with blank file It is audited in service station.Detailed process is as follows:
Hold the user of blank file, identity is the ID of key card, which can be the quantum with the key card Blank user terminal or quantum white board server.Hold the user of blank file for blank file encryption and is sent to its access Quantum communication network service station.The user that it is accessed in the quantum communication network service station carries out authentication, if certification is lost It loses, then proves that the user is illegal quantum communication network user.Successfully show that the user is legal quantum if authenticated Communication network users refuse the user and carry out this decryption oprerations.The ciphertext solution that the quantum communication network service station will receive It is close to obtain blank file, if the user is legal quantum communication network user, the quantum communication network service of access It stands for encrypted blank file to be again sent to by quantum communication network and holds key file corresponding to the blank file Quantum communication network service station.
Be stored with key file quantum communication network service station will the ciphertext that received decryption after obtain blank file ID+ Blank ciphertext abstract+blank ciphertext data, and corresponding key file (blank file ID+encryption is found according to blank file ID Store information+quantum random number key), it is random that quantum used in abstract is found according to the encryption storage information in key file Number key, and new abstract is extracted to blank ciphertext data using the key and common hash function, by new abstract and blank Blank ciphertext abstract in file compares, if the different explanation blank files of two abstracts are tampered with, to blank File decryption operation terminates, and returns to decryption failure news to the user for holding blank file by quantum communication network.Such as The identical explanation blank file of fruit two abstracts was not tampered with, and was effective blank file.Next, being stored with key file Quantum communication network service station according to the User ID list with decrypted rights in key file, audit whether the user has There are decrypted rights, if the user does not have decrypted rights, blank file decryption is operated and is terminated, and passes through quantum communication network Returning to the user does not have the message of decrypted rights to the user for holding blank file.If the user has decrypted rights, deposit Contain the quantum communication network service station of key file according to the encryption storage information in key file find corresponding quantum with Blank ciphertext data in blank file are decrypted using the quantum random number key, obtain cleartext information by machine number key. Finally it will be sent to what user accessed by quantum communication network after the blank file re-encrypted of whiteboard data containing having decrypted Quantum communication network service station.
User access quantum communication network service station by the ciphertext received decryption after re-encrypted, be sent to hold it is white The user of plate file, it is close with quantum random number shared in the user key card for encrypting quantum random number key used at this time Key.Hold blank file user the ciphertext received is decrypted with key card after obtain cleartext information.It should be noted that holding The cleartext information for having the user of blank file to obtain after successful decryption is i.e. invalid after its primary output, therefore decryption next time is also It is with original blank file.
A kind of special circumstances are the quantum communication network service station of user's access and the quantum communications for being stored with cryptograph files Network service station is the same quantum communication network service station.The quantum communication network service station and be stored in close that then user accesses The all working in the quantum communication network service station of key file is all completed by this quantum communication network service station.It is i.e. decrypted Journey is constant, the process of the sub- communication network transmitting of the data throughput being omitted between two quantum communication network service stations.
4. the process that pair blank file is deleted
Quantum blank user terminal and quantum white board server can delete a certain blank file.To blank file Deletion be mainly shown as that the key file to the blank file is deleted.Because once key file is deleted, the blank File can not be decrypted, that is, cancel.Quantum blank user terminal needs to obtain quantum white board server to the delete operation of blank file Approval.Its process is as follows:
1) deletion request message (including blank file ID) is encrypted to ciphertext and is sent to its access by quantum blank user terminal Quantum communication network service station.
2) the quantum communication network service station carries out authentication to the user key card ID of the quantum blank user terminal, Judge whether user key card ID is legal quantum communication network user, it is close by what is received if authenticated successfully Re-encrypted and quantum white board server is sent to by quantum communication network after text decryption.
3) quantum white board server decrypts the ciphertext received to obtain deletion request message, to quantum blank user Whether end has the qualification of deletion to be audited, and will pass through quantum communications after the deletion request message received encryption after auditing successfully Network is sent to the quantum communication network service station for being stored with key file.
4) after the quantum communication network service station that is stored with key file receives deletion request message, according to blank text Part ID finds the corresponding key file of blank file, which is deleted.
5) deletes successful message finally, quantum blank user terminal receives.
The deletion request message of quantum white board server does not need the verifying by itself, but needs to be led to by the quantum accessed Communication network service station carries out authentication to it, and after authentication passes through, the quantum communication network service station of access can will be deleted The quantum communication network service station for holding solution confidential information is sent to by quantum communication network after request message encryption.Hold decryption The quantum communication network service station of information is same as mentioned above to the treatment process of deletion.
5. the modification that the blank file after pair encryption storage carries out operating right
Quantum blank user terminal and quantum white board server can be to its operations of the blank file modification that oneself was saved Permission, the operating right include decrypted rights, permission of rewriting etc..But quantum blank user terminal needs the modification of operating right To be applied to quantum white board server.Its process is as follows:
1) quantum blank user terminal is sent out after encrypting blank file ID and its content of modification etc. as permission modification information Give the quantum communication network service station of its access.
2) the quantum communication network service station carries out authentication to the user key card ID of the quantum blank user terminal, Judge whether user key card ID is legal quantum communication network user, it is close by what is received if audited successfully Re-encrypted and quantum white board server is sent to by quantum communication network after text decryption.
3) quantum white board server will obtain permission modification information after the ciphertext received decryption, and to the user key Whether card ID has the qualification of modification authority to be audited, and will lead to after the permission modification information re-encrypted received after auditing successfully It crosses quantum communication network and is sent to the quantum communication network service station for being stored with key file corresponding with the blank file.
4) after the quantum communication network service station that is stored with the key file receives permission modification information, according to wherein Blank file ID find the corresponding key file of blank file, and according to permission modification information to the phase in the key file The user right list of pass is modified accordingly.
5) after is successfully modified, quantum blank user terminal receives successfully modified message.
Quantum white board server does not need the verifying by itself to the modification of permission, but needs the quantum communications by accessing Network service station carries out authentication to it, and after authentication passes through, the quantum communication network service station of access can repair permission Change the sub- communication network of throughput and submits to the quantum communication network service station for holding key file.Hold the amount of key file Sub- communications network service station is same as mentioned above to the treatment process of information.
6. the blank file after pair decryption is rewritten and is saved
Quantum blank display device in quantum blank user terminal shows the blank file after decryption.When quantum is white When plate user terminal is modified and is saved again to the information shown, mistake that its modified whiteboard data is saved Journey is identical as the process in 2.1.The difference is that generated encryption storage during separately depositing of modified whiteboard data Information should include the relevant information of blank file before modifying.According to encryption storage Information Authentication, it is quantum white board server needs It is no to have the qualification saved as.
Above is only a specific embodiment of the present invention, the scope of protection of the present invention is not limited to this, any this field Technical staff made equivalents, modification under present invention enlightenment are all located within the protection scope of the present invention.

Claims (10)

1. a kind of quantum whiteboard data storage method, it is characterised in that:
It passes through quantum white board server or the required data stored of quantum blank user terminal storage;
Quantum white board server is connected to quantum communication network, the data that quantum blank user terminal is transmitted by quantum communication network Pass through quantum white board server, quantum white board server is configured with key card;
The date storage method the following steps are included:
(1) encryption that quantum white board server transmits received from quantum communication network service station and carrys out ciphertext form stores information, The encryption storage information of the ciphertext form is encrypted by quantum random number key;
Quantum white board server is decrypted with quantum random number key corresponding in its key card;Obtain adding for plaintext version Close storage information, the encryption of the quantum white board server audit plaintext version, which stores user key card ID contained in information, is The no qualification for thering is encryption to store;
If audit passes through, encryption storage information is encrypted as ciphertext again with quantum random number key in its key card, to quantum Communications network service station is sent;
Alternatively, directly generating encryption storage information by quantum white board server, and with the quantum random number key in its key card It is encrypted as ciphertext, is sent to quantum communications network service station;
Passed through by the audit of quantum white board server in user key card ID, and user key card ID is also taken by quantum communication network After the approval, the quantum communication network service station generates corresponding blank file ID at business station;
(2) when the quantum white board server or quantum blank user terminal receive the blank file from quantum communications service station After ID, whiteboard data corresponding with the encryption storage information will be received the quantum white board server or amount of blank file ID Sub- blank user terminal encryption generates corresponding blank file and saves.
2. a kind of quantum whiteboard data storage method as described in claim 1, it is characterised in that: blank file ID is being sent to It is encrypted as ciphertext form when the quantum white board server or quantum blank user terminal, receives ciphertext form blank file ID Quantum white board server or quantum blank user terminal be decrypted by quantum random number key corresponding in its key card, obtain To the blank file ID of plaintext version.
3. a kind of quantum whiteboard data storage method as described in claim 1, it is characterised in that:
The quantum random number key in quantum random number key and quantum white board server key card in user key card also by It is stored in quantum communication network service station, stores quantum random number key and storage quantum white board server in user key card The quantum communication network service station of quantum random number key is different quantum communication network service station or same in key card Quantum communication network service station.
4. a kind of quantum whiteboard data storage method as described in claim 1, it is characterised in that: the blank file ID is by institute The generation of quantum communication network service station is stated, the quantum communication network service station also generates and saves and the blank file ID pair The key file answered.
5. a kind of quantum whiteboard data storage method as described in claim 1 or 4, it is characterised in that: the quantum blank clothes Device be engaged in after the approval, encryption storage information by quantum white board server by quantum random number key in its key card again It is encrypted as ciphertext form, the quantum communication network service station of quantum white board server access is then forwarded to, by quantum communication network On the corresponding amount in the quantum communication network service station for being stored with quantum random number key in quantum white board server key card The encryption storage information of ciphertext form is decrypted into plaintext version by sub- random number key, and then quantum communication network service station is to bright User key card ID is audited in the encryption storage information of literary form.
6. a kind of quantum whiteboard data storage method as described in claim 1, it is characterised in that: the blank in blank file When ciphertext data need to decrypt, by holding the quantum communication network service station of key file corresponding with the blank file ID to holding There is the user key card ID of blank file to be made whether the audit of decrypted rights, if audit passes through, with the amount in key file Containing blank text in the decoding request that sub- random number key receives blank ciphertext data deciphering, the quantum communication network service station Part.
7. a kind of quantum whiteboard data storage method as claimed in claim 6, it is characterised in that: blank file holder access Quantum communication network service station from the decoding request that blank file holder receives be by blank file holder's key card In quantum random number key encryption;When decoding request is transmitted between quantum communication network service station, decoding request is dosage Shared quantum key between sub- communications network service station is encrypted;Whiteboard data after decryption is from quantum communication network It is to be encrypted as by quantum communication network service station with quantum random number key when service station is sent to blank file holder It is close to encrypt the quantum random number that quantum random number key used is stored in blank file holder's key card for ciphertext form Key;When the whiteboard data after decryption transmits between quantum communication network service station, be with quantum communications network service station it Between shared quantum key encrypted.
8. a kind of quantum whiteboard data storage method as claimed in claim 6, it is characterised in that: hold the user of blank file The whiteboard data obtained after successful decryption is i.e. invalid after its once output, and decryption next time is still with original blank text Part.
9. a kind of quantum whiteboard data storage method as described in claim 1, it is characterised in that: stored when needing to delete When blank file, there is key file corresponding to the blank file by deletion to realize;
If removal request is sent out by quantum white board server, then quantum communication network service station of its access carries out identity to it and recognizes Card;Success is such as authenticated, by having the quantum communication network service station of the key file to the deletion from quantum white board server The cipher-text information of request is decrypted, and then according to blank file ID therein, deletes corresponding key file;
If removal request is sent out by quantum blank user terminal, the removal request of ciphertext form is sent to the quantum communications of its access Network service station is decrypted the removal request being re-encrypted again and is sent to the audit of quantum white board server, quantum blank clothes Quantum random number key used by the removal request ciphertext that business device receives is that there is also in quantum white board server key card Quantum random number key;
Quantum white board server decrypts removal request ciphertext, carries out deletion qualification examination to user key card ID therein, such as Audit passes through, then removal request is sent to quantum with quantum random number key encryption in quantum white board server key card again Communication network, by having the quantum communication network service station of the key file to the removal request from quantum white board server Cipher-text information is decrypted, and then according to blank file ID therein, deletes corresponding key file.
10. a kind of quantum whiteboard data storage method as described in claim 1, it is characterised in that: when quantum blank user terminal When its operating right of blank file modification for needing to save oneself with quantum white board server,
If operating right modification request is sent out by quantum white board server, then its quantum communication network service station accessed to its into Row authentication;Success is such as authenticated, if the quantum communication network service station of quantum white board server access and preservation key text The quantum communication network service station of part be it is same, then the quantum communication network service station is to the behaviour from quantum white board server The cipher-text information for making permission modification request is decrypted, and then according to blank file ID therein, it is corresponding to find the blank file Key file, and the relevant user right list in the key file is repaired accordingly according to permission modification information Change;If the quantum communication network service station of quantum white board server access and the quantum communication network service for saving key file It is not same for standing, and the operating right modification request of ciphertext form is sent to through quantum communication network is stored with key file Quantum communication network service station is modified accordingly by the quantum communication network service station;
If operating right modification request is sent out by quantum blank user terminal, the operating right modification request of ciphertext form is logical through quantum Communication network is sent to the audit of quantum white board server, and quantum white board server modifies request ciphertext decryption to operating right, right User key card ID therein carries out operating right modification request audit, if audit passes through, then again by operating right modification request It is secondary that the quantum communication network service station that quantum white board server accesses is sent to the encryption of quantum random number key, if quantum is white Plate server access quantum communication network service station with preservation key file quantum communication network service station be it is same, then The cipher-text information of the operating right modification request from quantum white board server is decrypted in the quantum communication network service station, Then according to blank file ID therein, the corresponding key file of blank file is found, and according to permission modification information to this Relevant user right list in key file is modified accordingly;If the quantum communications of quantum white board server access Network service station is not same, the operating right modification of ciphertext form with the quantum communication network service station for saving key file Request is sent to the quantum communication network service station for being stored with key file through quantum communication network, by the quantum communication network It is modified accordingly in service station.
CN201611215389.7A 2016-12-26 2016-12-26 Quantum whiteboard data storage method Active CN106656490B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611215389.7A CN106656490B (en) 2016-12-26 2016-12-26 Quantum whiteboard data storage method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611215389.7A CN106656490B (en) 2016-12-26 2016-12-26 Quantum whiteboard data storage method

Publications (2)

Publication Number Publication Date
CN106656490A CN106656490A (en) 2017-05-10
CN106656490B true CN106656490B (en) 2019-11-29

Family

ID=58827199

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611215389.7A Active CN106656490B (en) 2016-12-26 2016-12-26 Quantum whiteboard data storage method

Country Status (1)

Country Link
CN (1) CN106656490B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107562384A (en) * 2017-09-07 2018-01-09 中国电子科技集团公司第三十研究所 A kind of data method for deleting based on quantum random number
CN109104276B (en) * 2018-07-31 2021-10-22 如般量子科技有限公司 Cloud storage security control method and system based on key pool
CN109299618B (en) * 2018-09-20 2020-06-16 如般量子科技有限公司 Quantum-resistant computing cloud storage method and system based on quantum key card
CN111065095A (en) * 2020-01-08 2020-04-24 方楚持 Wireless quantum communication information transfer method
CN111475822B (en) * 2020-03-04 2023-07-07 科大国盾量子技术股份有限公司 Quantum key management method and device based on database
CN113326530B (en) * 2021-06-29 2024-02-02 北京计算机技术及应用研究所 Key negotiation method suitable for key sharing of two communication parties

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101989984A (en) * 2010-08-24 2011-03-23 北京易恒信认证科技有限公司 Electronic document safe sharing system and method thereof
CN102075544A (en) * 2011-02-18 2011-05-25 博视联(苏州)信息科技有限公司 Encryption system, encryption method and decryption method for local area network shared file
CN103186990A (en) * 2011-12-29 2013-07-03 比亚迪股份有限公司 Auxiliary teaching system and hand-held terminal for same
CN103840936A (en) * 2014-02-28 2014-06-04 山东量子科学技术研究院有限公司 Reliable encryption transmission system and method of quantum cryptography network

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103974075B (en) * 2014-05-21 2017-04-19 三星半导体(中国)研究开发有限公司 Encoding and decoding method and device for mobile device based on JPEG file format

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101989984A (en) * 2010-08-24 2011-03-23 北京易恒信认证科技有限公司 Electronic document safe sharing system and method thereof
CN102075544A (en) * 2011-02-18 2011-05-25 博视联(苏州)信息科技有限公司 Encryption system, encryption method and decryption method for local area network shared file
CN103186990A (en) * 2011-12-29 2013-07-03 比亚迪股份有限公司 Auxiliary teaching system and hand-held terminal for same
CN103840936A (en) * 2014-02-28 2014-06-04 山东量子科学技术研究院有限公司 Reliable encryption transmission system and method of quantum cryptography network

Also Published As

Publication number Publication date
CN106656490A (en) 2017-05-10

Similar Documents

Publication Publication Date Title
CN106656490B (en) Quantum whiteboard data storage method
CN103763319B (en) Method for safely sharing mobile cloud storage light-level data
US7975312B2 (en) Token passing technique for media playback devices
CN103327002B (en) Based on the cloud memory access control system of attribute
CN104917741B (en) A kind of plain text document public network secure transmission system based on USBKEY
US11233653B2 (en) Dongle for ciphering data
CN102082790B (en) Method and device for encryption/decryption of digital signature
US20060072745A1 (en) Encryption system using device authentication keys
US20060280297A1 (en) Cipher communication system using device authentication keys
CN108809633B (en) Identity authentication method, device and system
CN106789029A (en) A kind of auditing system and auditing method and quantum fort machine system based on quantum fort machine
US20090254749A1 (en) Cooperation method and system of hardware secure units, and application device
CN109257347A (en) Communication means and relevant apparatus, storage medium suitable for data interaction between bank
CN104219044A (en) Key secret method for encrypting storing device
US20100005519A1 (en) System and method for authenticating one-time virtual secret information
CN110505055A (en) Based on unsymmetrical key pond to and key card outer net access identity authentication method and system
CN102999710B (en) A kind of safety shares the method for digital content, equipment and system
CN107124409A (en) A kind of access authentication method and device
CN106209916A (en) Industrial automation produces business data transmission encryption and decryption method and system
CN106712938A (en) Quantum whiteboard communication method and system
WO2015120769A1 (en) Password management method and system
CN202206419U (en) Network security terminal and interactive system based on terminal
CN206442384U (en) Quantum whiteboard system, quantum communication network service station, quantum white board server and quantum blank user terminal
CN111698203A (en) Cloud data encryption method
CN106972928B (en) Bastion machine private key management method, device and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant