CN106685654B - Quantum key distribution method with bidirectional identity authentication - Google Patents

Quantum key distribution method with bidirectional identity authentication Download PDF

Info

Publication number
CN106685654B
CN106685654B CN201710021254.5A CN201710021254A CN106685654B CN 106685654 B CN106685654 B CN 106685654B CN 201710021254 A CN201710021254 A CN 201710021254A CN 106685654 B CN106685654 B CN 106685654B
Authority
CN
China
Prior art keywords
key distribution
identity authentication
sequence
quantum
particles
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710021254.5A
Other languages
Chinese (zh)
Other versions
CN106685654A (en
Inventor
张仕斌
江英华
昌燕
杨帆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu University of Information Technology
Original Assignee
Chengdu University of Information Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu University of Information Technology filed Critical Chengdu University of Information Technology
Priority to CN201710021254.5A priority Critical patent/CN106685654B/en
Publication of CN106685654A publication Critical patent/CN106685654A/en
Application granted granted Critical
Publication of CN106685654B publication Critical patent/CN106685654B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography

Abstract

The invention discloses a quantum key distribution method with bidirectional identity authentication, which is characterized in that eavesdropping detection, identity authentication and key distribution are carried out based on Bell-state entanglement characteristics, and then identity authentication and key distribution are completed through one-time quantum sequence transmission; firstly, channel security is detected, then identity authentication is carried out, and finally key distribution is carried out. The invention firstly carries out eavesdropping detection, identity authentication and key distribution based on Bell state entanglement characteristics, and then completes identity authentication and key distribution through one-time quantum sequence transmission, thereby improving the use efficiency and communication efficiency of particles and simultaneously leading the protocol to be more concise; the protocol has the characteristic of zero knowledge during identity authentication, and even if the user is impersonated, the impersonator cannot obtain any valuable information in communication, so that the information security of the user is further ensured; when both sides need to distribute the key, the protocol firstly detects the channel security, then carries out the identity authentication and finally distributes the key.

Description

Quantum key distribution method with bidirectional identity authentication
Technical Field
The invention belongs to the technical field of quantum communication, and particularly relates to a quantum key distribution method with bidirectional identity authentication.
Background
Compared with classical Key distribution, quantum Key distribution (qkd) is a secret Key for both communication parties to distribute secret communication by using a quantum state as a carrier of information, then transmitting the information through a quantum channel, and using a classical channel as an auxiliary tool. The safety of the QKD is ensured by physical characteristics such as a Heisenberg inaccuracy principle, a quantum unclonable theorem, the relevance and the non-localization of entangled particles and the like in quantum mechanics. As early as 1984, Bennett in the united states and Brassard in canada co-developed the world's first QKD (BB84 protocol) using the polarization states of single photons; in 1992, Bennett in turn proposed QKD (B92 protocol) implemented using non-orthogonal single-photon bits; in 1991, Ekert at oxford university in england first proposed QKD using the Bell-state entanglement property; in 1992 Bennett, Brassard and Mermim improved the Ekert's solution to make it more compact, i.e., not using the Bell state to achieve QKD. With the rapid development of quantum technology, Quantum Identity Authentication (QIA) has also been gradually developed. In 2005, great vinger et al proposed a trans-central QIA based on invisible propagation states; in 2008, yangyu light and the like propose QIA for simultaneous identity authentication of multiple parties by using secret sharing; in 2010, Liouhua et al proposed a W-state based trans-central QIA. Meanwhile, quantum Secret sharing qss (quantum Secret sharing) and quantum privacy comparison qpc (quantum privatecomparison) are also rapidly developing. QKD, the most mature of quantum technologies, has important practical value in secure communications at present. When the traditional QKD protocol needs identity authentication, the identity authentication is carried out by transmitting a quantum sequence twice, and then key distribution is carried out, so that the structure of the protocol is not compact enough. After research, the QKD protocol and the QIA protocol can be fused into one protocol, namely, the quantum key distribution protocol with the identity authentication function can make the protocol simpler and improve the execution efficiency of the protocol.
In summary, the conventional QKD transmission with twice quantum sequences, i.e., authentication and key distribution, has the problem of low particle efficiency and efficiency.
Disclosure of Invention
The invention aims to provide a quantum key distribution method with bidirectional identity authentication, and aims to solve the problems of low particle efficiency and low efficiency in the traditional method of carrying out identity authentication on a quantum sequence transmitted twice by QKD and then carrying out key distribution.
The invention is realized in this way, a quantum key distribution method with two-way identity authentication, the quantum key distribution method with two-way identity authentication carries out eavesdropping detection, identity authentication and key distribution based on Bell state entanglement characteristic, and then completes identity authentication and key distribution through one-time quantum sequence transmission; firstly, channel security is detected, then identity authentication is carried out, and finally key distribution is carried out.
Further, the quantum key distribution method with bidirectional identity authentication comprises the following steps:
(1) TP is sufficiently prepared to be in
Figure BDA0001208306490000021
Bell quantum entangled state of (A) for identityAuthentication and key distribution, number n1(ii) a And randomly preparing a certain number of Bell entangled states for eavesdropping detection, wherein the number of Bell entangled states is n2;n2The entangled particle pairs in (a) are randomly in the four entangled states of table 1;
(2) TP handle n1All 1 particles in (A) are sequenced into a sequence S1N is a handle1All 2 particles in (A) are sequentially ordered into a sequence S2(ii) a TP will n2All the entangled particle pairs in (1) are randomly inserted into (S)2In the sequence, and recording the position and the state; TP reservation S1Sequence and process S2Sequence is sent to U through quantum channel1
(3) When U is turned1Receive S2Then notifying TP, TP publishes S2Sequence inner n2The position and state of the entangled particle pair in (a); u shape1Extracting n according to TP published position2Then using Bell joint measurement to measure n2The state of the entangled particles in (a); if the measurement result is lower than the threshold value, informing the TP that the quantum channel is safe; otherwise, the communication is unsafe, and the communication is abandoned;
(4) TP to U1After notification of (2), S is measured randomly using the Z and X bases1Sequence, then S1The particles in the sequence are in four states |0>,|1>,|+>,|->To (1); according to the entanglement characteristics S2Will collapse into S1The same sequence;
(5) TP is based on binary character string k, k ═ k1k2...ki...kn,kiThe value of 0 or 1 operates following a rule; until all binary character strings k are found, a position sequence L is formed, and L is equal to L1L2...Ln
(6) TP publishes the location sequence L, but does not publish the bases employed and their measurements;
(7) user U1According to the value of the binary string k, 0 selects a Z base, and 1 selects an X base; and TP published location sequence L, to S2Measuring the position corresponding to L in the sequence; the measurement result is according to | +>The code is 1, |0>Encoding to 0 generating binary characterString k2(ii) a If k is2If k, the identity authentication of the TP is successful; otherwise, the protocol is terminated when the authentication fails;
(8) after TP authentication is successful, the user U1Repeating the steps from (1) to (7) for the TP in reverse, and carrying out secondary eavesdropping detection and authenticating the identity of the TP;
(9) after the authentication of both parties is completed, TP and user U1Respectively remove S in hands1And S2The middle L position is used for the particle of identity authentication, and the rest particles are used as the particles of key distribution and follow |0>And | +>Coded as 0, |1>And | ->Encoding to 1, and completing key distribution;
(10) TP is respectively associated with n users, U1,U2,U3...UnAnd performing the steps to realize the key distribution with the n users.
Further, the compliance rules are as follows:
if k1When the value is equal to 0, then S is1In looking for the first |0>And record the position L1(ii) a If k is11, then in S1Find the first | +>And record the position L1
If k2When equal to 0, then from L1Then look for the first |0>And record the position L2(ii) a If k is11, then in L1Find the first | +>And record the position L2
Further, the
Figure BDA0001208306490000031
Figure BDA0001208306490000032
Φ+When in the Z radical, is represented by
Figure BDA0001208306490000033
Φ+When in the X group is represented by
Figure BDA0001208306490000034
Furthermore, if the particle 1 is measured using a Z or X basis, the measurement will be |0>Or |1>(|+>Or | ->) (ii) a From the entanglement characteristics of the Bell particles, then the 2 particles collapse to the same state as the 1 particles.
Another object of the present invention is to provide a quantum communication system using the quantum key distribution method with bidirectional authentication.
According to the quantum key distribution method with bidirectional identity authentication, eavesdropping detection, identity authentication and key distribution are firstly carried out based on Bell state entanglement characteristics, and then identity authentication and key distribution are completed through one-time quantum sequence transmission, so that the use efficiency and the communication efficiency of particles are improved, and meanwhile, a protocol is simpler; the protocol has the characteristic of zero knowledge during identity authentication, and even if the user is impersonated, the impersonator cannot obtain any valuable information in communication, so that the information security of the user is further ensured; when both sides need to distribute the key, the protocol firstly detects the channel security, then carries out the identity authentication and finally distributes the key.
Based on the entanglement characteristic of Bell state, the invention provides a quantum key distribution protocol capable of performing bidirectional identity authentication; compared with the traditional quantum key distribution protocol, the protocol has zero knowledge and can perform bidirectional identity authentication, and only one-time quantum sequence transmission is performed, so that the identity authentication and the key distribution can be completed simultaneously; analysis shows that the quantum key distribution protocol provided by the invention can resist a series of attacks such as replay attack, man-in-the-middle attack and the like. The protocol of the invention has simple structure and easy operation, can simultaneously complete identity authentication and key distribution only by two times of quantum sequence transmission, is more compact compared with the common identity authentication QKD which firstly carries out identity authentication and then carries out key distribution, and simultaneously completes two functions in the same protocol more efficiently. Meanwhile, the protocol has zero-knowledge bidirectional identity authentication, and since the impostor does not know k, the impostor cannot obtain any useful information through operation. Since the protocol uses quanta as a carrier, it is resistant to interception/retransmission attacks, man-in-the-middle attacks. When an imposter exists between the TP and the user, the imposter can be identified through operation. If someone scrambles the information, both parties can discover the presence of the scrambling and terminate the protocol.
Drawings
Fig. 1 is a flowchart of a quantum key distribution method with bidirectional identity authentication according to an embodiment of the present invention.
Fig. 2 is a diagram of TP and membership provided by the embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The following detailed description of the principles of the invention is provided in connection with the accompanying drawings.
As shown in fig. 1, the quantum key distribution method with bidirectional identity authentication provided in the embodiment of the present invention includes the following steps:
s101: firstly, performing eavesdropping detection, identity authentication and key distribution based on Bell state entanglement characteristics, and then completing identity authentication and key distribution through one-time quantum sequence transmission;
s102: the protocol has the characteristic of zero knowledge during identity authentication, and even if a user is impersonated, an impersonator cannot obtain any valuable information in communication; when both sides need to distribute the key, firstly, the channel security is detected, then the identity authentication is carried out, and finally the key distribution is carried out.
The application of the principles of the present invention will now be described in further detail with reference to specific embodiments.
1 problem associated with
According to the previous thought, the protocol authentication and key distribution part will apply to two measurement bases (Z base and X base), wherein { |0>, |1> } is a set of standard orthogonal bases called Z base, and { | + >, | - >) is a set of standard orthogonal bases called X base. The Z group is a non-orthogonal group to the X group and has the following relationship:
Figure BDA0001208306490000051
as can be seen from equation (1), if the particle is in the form of |0> (or |1>), then the selection of the Z-basis measurement must result in the measurement of |0> (or |1>), and if the X-basis measurement is selected, then the measurement results in the 50% probability of | + >, and the 50% probability of | - > (or the 50% probability of | + >, and the 50% probability of | - >).
If the particle is at | + > (or | - >), then the choice of X-base measurement must be made to be | + > (or | - >), and if the Z-base measurement is chosen, then the measurement is at 50% probability at |0>, at 50% probability at |1> (or at 50% probability at |0>, at 50% probability at |1 >).
There are four states of Bell entanglement, as shown in Table 1.
TABLE 1 four states of Bell states
Figure BDA0001208306490000061
The protocol uses Bell entanglement state for detection during eavesdropping inspection, and selects one state during identity authentication, namely
Figure BDA0001208306490000062
Figure BDA0001208306490000063
From the above derivation,. phi+When in the Z radical, is represented by
Figure BDA0001208306490000064
Φ+When in the X group is represented by
Figure BDA0001208306490000065
Furthermore, if the Z group (X group) is selected for measurement on 1 particle, the measurement result will be |0>Or |1>(|+>Or | ->). Root of herbaceous plantAccording to the entanglement characteristics of the Bell-state particles, the 2 particles collapse to the same state as the 1 particles.
2 application scenario of this protocol (assumption)
It is assumed that there is an organization consisting of an upper level TP (trusted part) and n lower level users (U)1,U2,U3...Un) And (4) forming. TP and user both share a secret n-bit binary string k (k ═ k)1k2...ki...kn,ki0 or 1), the user who owns k is considered a legitimate member of the organization. The organization adopts a center-user structure, wherein TP is used as a center node, that is, TP can communicate with any user, but any user can only communicate with TP, and subordinate users do not know information of other users and cannot communicate with each other, as shown in fig. 2.
Suppose TP is to interact with user U1Key distribution is performed, and they perform the following three steps: (1) TP first and U1Carrying out eavesdropping detection, and after detecting the security, carrying out U detection1Performing identity authentication; (2) after the authentication is successful, U1Carrying out eavesdropping detection for the second time with the TP, and carrying out identity authentication on the TP; (3) after the identity authentication of the two parties is successful, TP and U1The particles for eavesdropping detection and identity authentication are removed from the transmitted quantum sequence, and the remaining particles are used as the particles for key distribution.
3 description of the protocol
Now with TP and user U1For example, the TP communicates with other users similarly.
Step 1: TP is sufficiently prepared to be in
Figure BDA0001208306490000071
The Bell quantum entanglement state is used for identity authentication and key distribution, and the number is n1. And randomly preparing a certain number of Bell entangled states for eavesdropping detection, wherein the number of Bell entangled states is n2。n2The entangled particle pairs in (1) are randomly in the four entangled states of table 1.
Step 2: TP handle n1All 1 particles in (A) are sequenced into a sequence S1N is a handle1All 2 particles in (A) are sequentially ordered into a sequence S2. TP will n2All the entangled particle pairs in (1) are randomly inserted into (S)2In the sequence, and the position and status are recorded. TP reservation S1Sequence and process S2Sequence is sent to U through quantum channel1
Step 3: when U is turned1Receive S2Then notifying TP, TP publishes S2Sequence inner n2The position and state of the entangled particle pair in (a). U shape1Extracting n according to TP published position2Then using Bell joint measurement to measure n2The state of the entangled particles in (1). If the measurement result is lower than the threshold value, informing the TP that the quantum channel is safe; otherwise, the communication is not safe, and the communication is abandoned.
Step 4: TP to U1After notification of (2), S is measured randomly using the Z and X bases1Sequence, then S1The particles in the sequence are in four states (| 0)>,|1>,|+>,|->) Among them. According to the entanglement characteristics S2Will collapse into S1The same sequence.
Step 5: TP according to a binary string K (K ═ K)1k2...ki...kn,kiThe value of 0 or 1) operates following the following rule:
if k1When the value is equal to 0, then S is1In looking for the first |0>And record the position L1(ii) a If k is11, then in S1Find the first | +>And record the position L1
If k2When equal to 0, then from L1Then look for the first |0>And record the position L2(ii) a If k is11, then in L1Find the first | +>And record the position L2
And so on until all binary character strings K are found (K ═ K)1k2...ki...kn,ki0 or 1), thereby forming a position sequence L (L ═ L)1L2...Ln)。
Step 6: TP publishes the location sequence L, but does not publish the bases employed and their measurements.
Step 7: user U1According to the value of binary string k (0 selects Z base, 1 selects X base) and TP published position sequence L, pair S2The position corresponding to L in the sequence is measured. The measurement result is according to | +>The code is 1, |0>Encoding to 0 to generate binary string k2. If k is2If k, the identity authentication of the TP is successful; otherwise, the protocol is terminated when the authentication fails.
Step 8: after TP authentication is successful, the user U1The steps from Step1 to Step7 are repeated for the TP in reverse, a second eavesdropping detection is performed and the identity of the TP is authenticated.
Step 9: after the authentication of both parties is completed, TP and user U1Respectively remove S in hands1And S2The middle L position is used for the particle of identity authentication, and the rest particles are used as the particles of key distribution and follow |0>And | +>Coded as 0, |1>And | ->Encoding to 1, the key distribution is completed.
Step 10: TP is respectively corresponding to n users (U)1,U2,U3...Un) By performing the above steps, key distribution with n users can be realized.
4 protocol analysis
4.1 correctness analysis of protocol
Now first TP is sent to user U1Authentication to briefly explain the correctness of the protocol. Assuming that the binary string k is 101, TP proceeds to Step1 to Step3, and finds no eavesdropping, the user U is notified of the eavesdropping1And performing identity authentication.
Assuming that the identity of the TP is legitimate, the TP knows the value of k and the protocol process is as shown in table 2.
TABLE 2 legal TP authentication procedure Table
Figure BDA0001208306490000081
From the above table, if U is1Identity is also legitimate, then U1Must choose the rightAnd the result (| +) is measured>|0>|+>) And converting the result into k 101, and realizing the identity authentication of the TP. User U1And the TP removes the particles used for identity authentication, and the remaining particles are left to be used as key distribution particles. If U is present1Illegal identity, U1K is unknown, U is the number of 3 bits1The probability of k was guessed to be 50% by 50% to 12.5%.
Assuming the TP identity is illegal, the TP does not know k, U1If the identity of (2) is legal, the protocol process is as shown in table 3.
TABLE 3 illegal TP authentication procedure Table
1 2 3 4 5 6 7 8 9 10
S1 |1> |+> |1> |+> |-> |0> |0> |1> |+> |1>
L 2 4 6
S2 |1> |+> |1> |+> |-> |0> |0> |1> |+> |1>
k2 1 1 0
As shown in the above table, when TP does not know k, he can only randomly guess the value of k and publish the corresponding location sequence L, but U1Knowing k, U1Appears when the basis is selected according to the rule for measurement | +>|+>|0>Is converted into k2110 ≠ k, when TP authentication fails.
From the above example, if TP and user both know the binary string k, and they do it strictly according to the protocol steps, they can choose the right basis to measure the authenticated particles, so they can verify success each time, and can distribute the key each time, and the distributed key can be used to encrypt the classical information, performing the one-time pad function.
4.2 feasibility analysis of the protocol
The present protocol requires the presence of both quantum and classical channels between the TP and the user. TP and users can prepare Bell entangled state, and both sides can measure Z base and X base and jointly measure Bell state, and key distribution can be realized by strictly following the steps. When the TP authenticates a user, only a quantum channel is used for transmitting a quantum sequence to the user once, and the sequence completes identity authentication and key distribution. By doing so, not only is the utilization rate of the particles increased, but also the communication efficiency is improved.
4.3 Security analysis of protocols
4.3.1 interception/retransmission attacks and man-in-the-middle attacks
In quantum channel, if there are interception/retransmission attacks and man-in-the-middle attacks, then at Step2, TP gives user U1Transmitted quantum sequence S2In (1) contains n2And n is2The detection particles are contained in a Bell entangled state. If the channel is not secure, the eavesdropper must be present at user U1The particles are measured before being received. At this time, the TP does not publish the position and state of the detected particle, so that the eavesdropper does not know the position and state of the detected particle, and cannot select the correct basis for measuring the detected particle. According to the quantum unmeasurable theorem, the state of the particle after being measured changes. User U1And extracting the detection particles according to the positions of the detection particles published by the TP, and finding that the measurement result is different from the state published by the TP after Bell combined measurement is carried out on the particles. An eavesdropper will then be found, TP and user U1The communication is abandoned. When the user U1When authenticating to the TP, they perform a second channel check. Therefore, the transmission of the quantum sequence twice is subjected to the security detection of the quantum channel, the channel security of the quantum communication is ensured, and the security of the quantum sequence is ensured.
4.3.2 impersonation
If TP is spoofed, the user is legitimate and the spoofer does not know the binary string k. In the protocol he can only guess k to publish the correct position sequence L, and he has a 50% probability of guessing the value of the one-bit binary sequence k. When the bit number of the binary sequence k is 8 bits, the probability of guessing k by the impostor is P1The probability of guessing wrong k is P2
P1=(50%)8=0.39%;
P2=1-P1=99.61%;
It can be seen that when the number of bits of k is greater than or equal to 8, the protocol is considered to be safe. As can be seen from Table 3, when the imposter guessed the value of k incorrectly, the user measured the authentication particles according to the value of k (1 selected from X base, 0 selected from Z base) to obtain k2. When k is2When not equal to k, the user can find that the TP is spoofed, and then terminate the communication.
If the TP is legitimate, the user is impersonated. After TP publishes the sequence L, the imposter needs to choose the correct base measure from the value of k to know the value of the binary sequence k. When the length of k exceeds 8 digits, the probability of k guessed by the impostor is approximately equal to 0, and the impostor can be identified when authenticating the identity of the impostor to TP.
4.3.3 disruption
If a person breaks the transmitted particles in the quantum transmission process, the information transmission is disturbed. The authentication of the two communication parties is not successful, and the protocol is terminated, so that the two communication parties can re-perform the protocol after a period of time.
The protocol of the invention has simple structure and easy operation, can simultaneously complete identity authentication and key distribution only by two times of quantum sequence transmission, and improves the utilization rate and efficiency of particles by two steps compared with the common identity authentication QKD. Meanwhile, the protocol has zero-knowledge bidirectional identity authentication, and since the impostor does not know k, the impostor cannot obtain any useful information through operation. Since the protocol uses quanta as a carrier, it is resistant to interception/retransmission attacks, man-in-the-middle attacks. When an imposter exists between the TP and the user, the imposter can be identified through operation. If someone scrambles the information, both parties can discover the presence of the scrambling and terminate the protocol.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (4)

1. A quantum key distribution method with bidirectional identity authentication is characterized in that the quantum key distribution method with bidirectional identity authentication is used for carrying out eavesdropping detection, identity authentication and key distribution based on Bell state entanglement characteristics, and then the identity authentication and the key distribution are completed through one-time quantum sequence transmission; firstly, detecting channel safety, then performing identity authentication, and finally performing key distribution;
the quantum key distribution method with bidirectional identity authentication comprises the following steps:
(1) TP is sufficiently prepared to be in
Figure FDA0002478652010000011
The Bell quantum entanglement state is used for identity authentication and key distribution, and the number is n1(ii) a And randomly preparing a certain number of Bell entangled states for eavesdropping detection, wherein the number of Bell entangled states is n2;n2The entangled particle pairs in (a) are randomly in four entangled states;
(2) TP handle n1All 1 particles in (A) are sequenced into a sequence S1N is a handle1All 2 particles in (A) are sequentially ordered into a sequence S2(ii) a TP will n2All the entangled particle pairs in (1) are randomly inserted into (S)2In the sequence, and recording the position and the state; TP reservation S1Sequence and process S2Sequence is sent to U through quantum channel1
(3) When U is turned1Receive S2Then notifying TP, TP publishes S2Sequence inner n2The position and state of the entangled particle pair in (a); u shape1Extracting n according to TP published position2Then using Bell joint measurement to measure n2The state of the entangled particles in (a); if the measurement result is lower than the threshold value, informing the TP that the quantum channel is safe; otherwise, the communication is unsafe, and the communication is abandoned;
(4) TP to U1After notification of (2), S is measured randomly using the Z and X bases1Sequence, then S1The particles in the sequence are in four states |0>,|1>,|+>,|->To (1); according to the entanglement characteristics S2Will collapse into S1The same sequence;
(5) TP is based on binary character string k, k ═ k1k2...ki...kn,kiThe value of 0 or 1 operates following a rule; until all binary character strings k are found, a position sequence L is formed, and L is equal to L1L2...Ln
(6) TP publishes the location sequence L, but does not publish the bases employed and their measurements;
(7) user U1According to the value of the binary string k, 0 selects a Z base, and 1 selects an X base; and TP published location sequence L, to S2Measuring the position corresponding to L in the sequence; the measurement result is according to | +>The code is 1, |0>Encoding to 0 to generate binary string k2(ii) a If k is2If k, the identity authentication of the TP is successful; otherwise, the protocol is terminated when the authentication fails;
(8) after TP authentication is successful, the user U1Repeating the steps from (1) to (7) for the TP in reverse, and carrying out secondary eavesdropping detection and authenticating the identity of the TP;
(9) after the authentication of both parties is completed, TP and user U1Respectively remove S in hands1And S2The middle L position is used for the particle of identity authentication, and the rest particles are used as the particles of key distribution and follow |0>And | +>Coded as 0, |1>And | ->Encoding to 1, and completing key distribution;
(10) TP is respectively associated with n users, U1,U2,U3...UnAnd performing the steps to realize the key distribution with the n users.
2. The quantum key distribution method with bidirectional identity authentication of claim 1, wherein the compliance rule is as follows:
if k1When the value is equal to 0, then S is1In looking for the first |0>And record the position L1(ii) a If k is11, then in S1Find the first | +>And record the position L1
If k2When equal to 0, then from L1Then look for the first |0>And record the position L2(ii) a If k is11, then in L1Find the first | +>And record the position L2
3. The quantum key distribution method with bidirectional authentication as recited in claim 1,
Figure FDA0002478652010000021
Φ+when in the Z radical, is represented by
Figure FDA0002478652010000022
Φ+When in the X group is represented by
Figure FDA0002478652010000023
If the particle 1 is measured with the Z or X basis, the measurement result will be |0>Or |1>(|+>Or | ->) (ii) a From the entanglement characteristics of the Bell particles, then the 2 particles collapse to the same state as the 1 particles.
4. A quantum communication system using the quantum key distribution method with bidirectional identity authentication of any one of claims 1 to 3.
CN201710021254.5A 2017-01-12 2017-01-12 Quantum key distribution method with bidirectional identity authentication Active CN106685654B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710021254.5A CN106685654B (en) 2017-01-12 2017-01-12 Quantum key distribution method with bidirectional identity authentication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710021254.5A CN106685654B (en) 2017-01-12 2017-01-12 Quantum key distribution method with bidirectional identity authentication

Publications (2)

Publication Number Publication Date
CN106685654A CN106685654A (en) 2017-05-17
CN106685654B true CN106685654B (en) 2020-10-27

Family

ID=58849594

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710021254.5A Active CN106685654B (en) 2017-01-12 2017-01-12 Quantum key distribution method with bidirectional identity authentication

Country Status (1)

Country Link
CN (1) CN106685654B (en)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107395351A (en) * 2017-08-25 2017-11-24 浙江神州量子通信技术有限公司 A kind of warning system based on quantum communications
CN108092770A (en) * 2018-02-11 2018-05-29 成都信息工程大学 Quanta identity authentication method, computer, computer program, readable storage medium storing program for executing
CN108600152B (en) * 2018-03-01 2020-08-11 如般量子科技有限公司 Improved Kerberos identity authentication system and method based on quantum communication network
CN108923914B (en) * 2018-06-21 2020-05-08 西北大学 Quantum key distribution method based on 4-particle cluster state
CN109327308B (en) * 2018-10-30 2020-08-04 成都信息工程大学 Quantum key distribution method and system with bidirectional identity authentication function
CN109167663B (en) * 2018-10-30 2020-10-27 成都信息工程大学 Multi-user quantum key distribution method and system based on dense coding
CN109714158B (en) * 2018-12-21 2020-09-22 成都信息工程大学 Bell state-based semi-quantum privacy comparison method and system
CN109586909B (en) * 2019-01-21 2020-08-04 成都信息工程大学 Bell state quantum database access control and bidirectional identity authentication method
CN110830255B (en) * 2020-01-10 2020-04-14 成都信息工程大学 Bidirectional user authentication and secret information quantum communication transfer method
CN110929294B (en) * 2020-02-03 2020-05-26 成都信息工程大学 One-way transmission quantum database privacy query method
CN111464314B (en) * 2020-04-02 2022-10-28 北京工业大学 Quantum synchronization bidirectional identity authentication method based on single photon
DE102020209508A1 (en) * 2020-07-28 2022-02-03 Sivantos Pte. Ltd. Method for setting up a short-range radio link and hearing aid
CN115225376B (en) * 2022-07-06 2023-12-29 北京邮电大学 Identity authentication method in two-way time transfer system

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160359626A1 (en) * 2015-06-08 2016-12-08 Alibaba Group Holding Limited System, method, and apparatus for quantum key output, storage, and consistency verification

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103281176B (en) * 2013-06-03 2016-01-20 浙江工商大学 Based on utilize entanglement transfer measure correlation and reduce efficiency of transmission without information leakage controlled variable subdialogue method
CN103338448A (en) * 2013-06-07 2013-10-02 国家电网公司 Wireless local area network security communication method based on quantum key distribution
CN105227301B (en) * 2015-10-21 2018-06-12 西安邮电大学 Quantum key agreement protocol based on GHZ states
CN105245331B (en) * 2015-10-21 2018-04-03 西安邮电大学 Two side's quantum key agreement protocols based on four particle GHZ states

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160359626A1 (en) * 2015-06-08 2016-12-08 Alibaba Group Holding Limited System, method, and apparatus for quantum key output, storage, and consistency verification

Also Published As

Publication number Publication date
CN106685654A (en) 2017-05-17

Similar Documents

Publication Publication Date Title
CN106685654B (en) Quantum key distribution method with bidirectional identity authentication
Kumar et al. An improved quantum key distribution protocol for verification
CN109327308B (en) Quantum key distribution method and system with bidirectional identity authentication function
CN107666356B (en) Requirement classical communication person based on single photon has half quantum dialogue method of measurement capability
CN107517101A (en) Do not require that classical communication person possesses half quantum dialogue method of measurement capability based on single photon
CN110830255B (en) Bidirectional user authentication and secret information quantum communication transfer method
Cai et al. Multi-party quantum key agreement with five-qubit brown states
CN111082937B (en) Bidirectional identity authentication method based on single photon
CN108092770A (en) Quanta identity authentication method, computer, computer program, readable storage medium storing program for executing
CN106685659B (en) Quantum secret sharing method capable of resisting interception of retransmission, man-in-the-middle and entanglement attacks
CN111865588B (en) Efficient quantum secret information interchange method, system and storage medium
CN109995528A (en) Bidirectional identity authentication and half quantum safety direct communication method for resisting channel noise
WO2021213631A1 (en) Improved cryptographic method and system
Yan et al. Mutual semi-quantum key agreement protocol using Bell states
Song et al. Quantum key distribution based on random grouping bell state measurement
Thangavel et al. Performance of integrated quantum and classical cryptographic model for password authentication
CN107070643B (en) Quantum key distribution device and method
CN110635907B (en) Controlled quantum conversation method with identity authentication function based on GHZ-like state
CN111901112A (en) Quantum secret information equal exchange method, system and application based on dense coding
CN109495262B (en) Quantum key distribution method with dense coding characteristic in quantum communication network
Li et al. Quantum key agreement via non-maximally entangled cluster states
Li et al. Deterministic quantum secure direct communication protocol based on hyper-entangled state
Abushgra et al. Initiated decoy states in quantum key distribution protocol by 3 ways channel
Gan Quantum key distribution scheme with high efficiency
He et al. Two-party quantum key agreement protocol with four-particle entangled states

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant