CN108270553A - Credible repeater, the key encryption method of quantum communication network, device, system - Google Patents

Credible repeater, the key encryption method of quantum communication network, device, system Download PDF

Info

Publication number
CN108270553A
CN108270553A CN201611255339.1A CN201611255339A CN108270553A CN 108270553 A CN108270553 A CN 108270553A CN 201611255339 A CN201611255339 A CN 201611255339A CN 108270553 A CN108270553 A CN 108270553A
Authority
CN
China
Prior art keywords
key
relaying
encrypted
encryption
quantum
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201611255339.1A
Other languages
Chinese (zh)
Other versions
CN108270553B (en
Inventor
王学富
武宏宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SHANDONG INSTITUTE OF QUANTUM SCIENCE AND TECHNOLOGY Co Ltd
Anhui Quantum Communication Technology Co Ltd
Original Assignee
SHANDONG INSTITUTE OF QUANTUM SCIENCE AND TECHNOLOGY Co Ltd
Anhui Quantum Communication Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHANDONG INSTITUTE OF QUANTUM SCIENCE AND TECHNOLOGY Co Ltd, Anhui Quantum Communication Technology Co Ltd filed Critical SHANDONG INSTITUTE OF QUANTUM SCIENCE AND TECHNOLOGY Co Ltd
Priority to CN201611255339.1A priority Critical patent/CN108270553B/en
Publication of CN108270553A publication Critical patent/CN108270553A/en
Application granted granted Critical
Publication of CN108270553B publication Critical patent/CN108270553B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • H04L9/0855Quantum cryptography involving additional nodes, e.g. quantum relays, repeaters, intermediate nodes or remote nodes

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention discloses a kind of credible repeater, the key encryption method of quantum communication network, device, system, wherein the key encryption method of credible repeater includes:After credible repeater receives the first relaying key of node transmission, the described first relaying key is decrypted to obtain encrypted relaying key by encrypted relaying decruption key;Wherein described encrypted relaying decruption key is generated after relaying decruption key is encrypted using preset key-encrypting key;Credible repeater reuses encrypted relaying encryption key and the encrypted relaying key is encrypted to obtain the second relaying key when sending the encrypted relaying key to next node;Wherein described encrypted relaying encryption key is generated after relaying encryption key is encrypted using preset key-encrypting key.The present invention is applied widely, smaller on the scope of application influence of credible repeater, in the autgmentability that ensure that legacy network, enhances its safety.

Description

Credible repeater, the key encryption method of quantum communication network, device, system
Technical field
The present invention relates to Technique on Quantum Communication field, the more particularly to a kind of key encryption method and dress of credible repeater It puts, the key encryption method of quantum communication network and system.
Background technology
In quantum communication network, due to the limitation of channel lower deployment cost and distance, arbitrary node in network can not be realized Between quantum channel build and direct quantum key distribution(QKD).It therefore, can between arbitrary node in network in order to realize Shared quantum key between it directly can not carry out two nodes of quantum key distribution, is needed in a manner that key relays come real Existing key distribution.
Key trunking scheme is proposed that basic thought is to utilize the amount shared between adjacent node by the Elliott of BBN earliest Sub-key carries out encryption and decryption to relaying key, realizes encryption transfer of the relaying key between one or more relay nodes, most Achieve the goal user eventually.
It is worth noting that, because relaying key exists in relay node in the form of plaintext, any participation key The node of relaying both knows about the content of current secret communication(Relay key), that is to say, that its safety is opposite, premise It is that must trust all relay nodes.Therefore this node is called credible relaying(Trusted Relay)Node.In a key On repeated link, the node of both link ends is known as quantum terminal node(Or abbreviation quantum terminal), i.e., key relaying purpose use Node where family;Node among link is known as credible relay node(Or credible repeater), relative quantum terminal node For.On a key repeated link, including two quantum terminal nodes and at least one credible relay node, each node Place is deployed with QKD equipment;Quantum channel has been built between adjacent node, can directly carry out quantum key distribution, so as to shared Quantum key.Credible repeater be it is a kind of be very natural with technology easy to implement, by credible repeater, we can hold very much Easy extension quantum key distribution network, either distance or number of users can be accomplished infinite.Moreover, based on credible relaying The QKD networks of device can be good at being compatible with various QKD technologies, either fiber optic quantum key distribution system or free space amount Quantum key distribution system, phase code system or polarization encoder system can be integrated into easily, therefore be groups at this stage The preferred option of establishing network.But shortcoming is the increase in the cost of safety management, because must assure that the safety of credible repeater.
At present, the flow of above-mentioned quantum key relaying is assumed quantum terminal A and is connect in the present example as shown in Fig. 1 Only it can pass through a credible repeater B when communicating between receipts quantum terminal C;Lead between quantum terminal A and credible repeater B Crossing QKD processes and sharing has quantum key, and the quantum key shared is at quantum terminal A as transmission encryption key KAB, As relaying decruption key K at credible repeater BBA;It is total between credible repeater B and reception quantum terminal C by QKD processes Quantum key is enjoyed, the quantum key shared is at credible repeater B as relaying encryption key KBC, receiving quantum terminal Receiving and deciphering key K is used as at CCB.The idiographic flow of key relaying is as follows:
Step 1, quantum terminal A will need the relaying key K sentRUse transmission encryption key KABIt is obtained after being encrypted First relaying key KR⊕KAB, then by the first relaying key KR⊕KABIt is sent to credible repeater B;
Step 2, credible repeater B receive first relaying key KR⊕KABLater, first using relaying decruption key KBAIt carries out Decryption(KR⊕KAB⊕KBA=KR)Relaying key K is obtained afterwardsR
Step 3, credible repeater B reuse relaying encryption key KBCTo the relaying key K obtained in step 2RAfter being encrypted Obtain the second relaying key KR⊕KBC, and relay key K by described secondR⊕KBCIt is sent to and receives quantum terminal C;
Step 4, reception quantum terminal C receive the second relaying key KR⊕KBCAfterwards, using receiving and deciphering key KCBIt is decrypted (KR⊕KBC⊕KCB=KR), obtain relaying key KR
Wherein, which can be equipped with cipher key cache module, can be stored in cipher key cache module multiple Relay decruption key such as KBAWith multiple relaying encryption key such as KBC.Quantum terminal A can also be equipped with cipher key cache module, Multiple transmission encryption key such as K can be stored in the cipher key cache moduleAB.Receiving quantum terminal C can also delay equipped with key Storing module can be stored with multiple receiving and deciphering key such as K in the cipher key cache moduleCB
Only there are one credible repeater on key repeated link in this example, those skilled in that art are appreciated that having There is n(N is positive integer, n >=1)During a credible repeater, each credible repeater is required for performing above-mentioned similar flow, i.e., sharp The encryption transfer to relaying key is realized with the quantum key shared between adjacent quantum terminal or adjacent credible repeater.
But there is following security flaws for the above method:
In step 2, credible repeater B receives the first relaying key KR⊕KABAfterwards, first using relaying decruption key KBADecryption To obtain relaying key KR;And in step 3 to relaying key KRBefore carrying out secondary encryption, key K is relayedRIt is the shape with plaintext Formula is saved, and credible repeater is resulted in there is leakage relaying key K in this wayRSecurity risk.
In addition, above-mentioned example only describes the key relay processes of key management layer, it can be understood as lateral key relaying Process, and the key management at each node can be understood as longitudinal key relay processes.As shown in Fig. 2, it will can entirely measure Sub- communication network is divided into key generation layer, key management layer, application layer.The QKD that key generation layer passes through deployment at each node Equipment carries out quantum key distribution, and the quantum key of generation is sent to key management layer;Each node of key management layer The quantum key that key generation layer is sent is received, the encryption transfer of relaying key is realized using quantum key, realizes relaying key Application layer is sent in the shared of quantum terminal room, and by relaying key;It is whole that application apparatus in application layer receives corresponding quantum The relaying key sent is held, high safety secret communication is carried out using relaying key.Wherein, relaying key can be quantum key, It can also be generated by real random number generator.Due to the characteristic of quantum key distribution system, the quantum terminal in key management layer With need to store a large amount of quantum key in credible repeater, this part of key how to ensure safety and relaying key deposits Storage and the safety longitudinally transmitted all are major issues urgently to be resolved hurrily in the art.
Invention content
The present invention is for the underway peace existing when key forwarding of credible repeater in above-mentioned quantum communication network Full property defect, proposes a kind of credible repeater, the key encryption method of quantum communication network, device, system, can eliminate can Believe the safety defect of the relaying key plain landing at repeater.
In order to achieve the above-mentioned object of the invention, the present invention provides a kind of key encryption method of credible repeater, including:
After step 101, credible repeater receive the first relaying key of node transmission, decrypted by encrypted relaying The first relaying key is decrypted to obtain encrypted relaying key described in key pair;Wherein described encrypted relaying decruption key It is generated after relaying decruption key is encrypted using preset key-encrypting key, the first relaying key is described A upper node utilizes what transmission encryption key corresponding with the relaying decruption key generated after relaying key is encrypted;
Step 102, credible repeater reuse encrypted relaying and add when sending the encrypted relaying key to next node Encrypted relaying key described in close key pair is encrypted to obtain the second relaying key;Wherein, the encrypted relaying encryption Key is generated after relaying encryption key is encrypted using the preset key-encrypting key, and the relaying encryption is close Key is corresponding with the receiving and deciphering key at the next node.
Preferably, the transmission encryption key and the relaying decruption key are the shared quantum generated by QKD processes Key, the two correspond;The relaying encryption key and the receiving and deciphering key are the shared amounts generated by QKD processes Sub-key, the two correspond.
Preferably, the key-encrypting key be stored in advance in credible repeater for update, encrypt and decrypt operation Hardware chip in, and the key-encrypting key in the chip cannot be exported.
Preferably, the key-encrypting key is regularly updated by quantum key.
Meanwhile the embodiment of the present invention also proposed a kind of cipher key encryption means of credible repeater, including:
Cipher key encryption block for storing preset key-encrypting key, and passes through preset key-encrypting key and relaying is solved Key is encrypted to obtain encrypted relaying decruption key;It is additionally operable to through the preset key-encrypting key to relaying Encryption key is encrypted to obtain encrypted relaying encryption key;
Key relay forwarding module after receiving the first relaying key from a upper node, is solved by the encrypted relaying The first relaying key is decrypted to obtain encrypted relaying key described in close key pair;Wherein described first relaying key is institute It states a node and utilizes what transmission encryption key corresponding with the relaying decruption key generated after relaying key is encrypted; It is additionally operable to when sending the encrypted relaying key to next node, reuses the encrypted relaying encryption key to described Encrypted relaying key is encrypted to obtain the second relaying key;At wherein described relaying encryption key and the next node Receiving and deciphering key it is corresponding;
Cipher key cache module, for storing the encrypted relaying decruption key and encrypted relaying encryption key.
Preferably, the transmission encryption key and the relaying decruption key are the shared quantum generated by QKD processes Key, the two correspond;The relaying encryption key and the receiving and deciphering key are the shared amounts generated by QKD processes Sub-key, the two correspond.
Preferably, the cipher key encryption block is hardware chip, and the key-encrypting key in the chip cannot be led Go out.
Preferably, the cipher key encryption block is additionally operable to receive quantum key, and pass through quantum key and add the key Key is regularly updated.
Meanwhile the embodiment of the present invention also proposed a kind of key encryption method of quantum communication network, including:
Step 701, quantum terminal will need the relaying key that sends to obtain the after encryption key is encrypted using sending Then first relaying key is sent to next node by one relaying key;Wherein described transmission encryption key and next section Relaying decruption key at point is corresponding;
After step 702, credible repeater receive the first relaying key of node transmission, decrypted by encrypted relaying The first relaying key is decrypted to obtain encrypted relaying key described in key pair;Wherein described encrypted relaying decruption key It is generated after relaying decruption key is encrypted using preset key-encrypting key;
Step 703, credible repeater reuse encrypted relaying and add when sending the encrypted relaying key to next node Encrypted relaying key described in close key pair is encrypted to obtain the second relaying key;Wherein described encrypted relaying encryption is close Key is generated after relaying encryption key is encrypted using the preset key-encrypting key, the relaying encryption key It is corresponding with the receiving and deciphering key at the next node;
It is close using the receiving and deciphering after step 704, reception quantum terminal receive the second relaying key of node transmission Key is decrypted, and obtains the relaying key;
The relaying key for needing to send is sent to and receives quantum terminal by quantum terminal in wherein described quantum communication network When can pass through one or more credible repeaters, when by multiple credible repeaters, each credible repeater is carried out step 702 and step 703.
Further, transmission key-encrypting key is preset in quantum terminal to add to sending encryption key It is close, to generate encrypted transmission encryption key;Reception key-encrypting key is preset with to receiving and deciphering receiving quantum terminal Key is encrypted, to generate encrypted receiving and deciphering key;
The method specifically includes:
Step 801, quantum terminal are close to sending encryption key and relaying respectively using preset transmission key-encrypting key Key is encrypted, to generate encrypted transmission encryption key and encrypted relaying key respectively;
Step 802, quantum terminal encrypt the encrypted relaying key for needing to send using encrypted send Key obtains the first relaying key after being encrypted, the first relaying key then is sent to next node;Wherein described transmission Encryption key is corresponding with the relaying decruption key at the next node;
After step 803, credible repeater receive the first relaying key of node transmission, decrypted by encrypted relaying The first relaying key is decrypted to obtain encrypted relaying key described in key pair;Wherein described encrypted relaying decruption key It is generated after relaying decruption key is encrypted using preset key-encrypting key;
Step 804, credible repeater reuse encrypted relaying and add when sending the encrypted relaying key to next node Encrypted relaying key described in close key pair is encrypted to obtain the second relaying key, is then sent to the second relaying key Next node;Wherein described encrypted relaying encryption key is to relaying encryption key using the preset key-encrypting key It is generated after being encrypted, the relaying encryption key is corresponding with the receiving and deciphering key at the next node;
Step 805 after receiving the second relaying key that quantum terminal receives node transmission, uses encrypted receiving and deciphering Key is decrypted, and obtains encrypted relaying key;Wherein described encrypted receiving and deciphering key is to receive quantum terminal to utilize It is preset to receive what is generated after the receiving and deciphering key is encrypted in key-encrypting key.
Preferably, the transmission encryption key and the relaying decruption key are the shared quantum generated by QKD processes Key, the two correspond;The relaying encryption key and the receiving and deciphering key are the shared amounts generated by QKD processes Sub-key, the two correspond.
Preferably, the key-encrypting key is stored in advance in for updating, in the hardware chip of encrypt and decrypt operation, And the key-encrypting key in the chip cannot be exported.
Preferably, the key-encrypting key is regularly updated by quantum key.
Simultaneously the invention also provides a kind of safe Enhancement Method of quantum key management level, to realize key management layer without in plain text The processing of key enhances the safety of entire key management system.Entire quantum communication network can be divided into key generation layer, Key management layer, application layer.
The workflow of quantum terminal is as follows:
Step 1701, quantum terminal key generation device on preset for sending the transmission that is encrypted of encryption key Key-encrypting key, then key generation device the application that the transmission key-encrypting key is synchronized to quantum terminal is set It is standby;
The key generation device of step 1702, the key generation device of quantum terminal and next node carries out quantum key point After the transmission encryption key that quantum terminal occurs into, encrypted hair is obtained after being encrypted using the transmission key-encrypting key Send encryption key;By the encrypted key management apparatus preservation for sending encryption key and being transferred to quantum terminal, so that Quantum terminal to next node equipment send it is encrypted relaying key when, with it is described it is encrypted transmission encryption key come The encrypted relaying key is encrypted, to obtain the first relaying key;
Step 1703, quantum terminal key management apparatus by it is described it is encrypted relaying key be sent to quantum terminal Application apparatus;The application apparatus of quantum terminal is before business cipher key is used, first with the transmission key-encrypting key solution It is close to obtain relaying key, then the relaying key is used as business cipher key;
Wherein, quantum terminal carries out the synchronization and update for sending key-encrypting key by movable storage device.
The workflow for receiving quantum terminal is as follows:
Step 1801 receives the reception preset on the key generation device of quantum terminal for being encrypted to receiving decruption key Key-encrypting key, then key generation device by the reception key-encrypting key be synchronized to receive quantum terminal application set It is standby;
The key generation device of step 1802, the key generation device for receiving quantum terminal and a upper node carries out quantum key and divides After the receiving and deciphering key for receiving quantum terminal occurs into, encrypted connect is obtained after being encrypted using the reception key-encrypting key Receive decruption key;The encrypted receiving and deciphering cipher key delivery is preserved to the key management apparatus for receiving quantum terminal, so that Quantum terminal is received in the second relaying key that a node device in reception is sent, it is close with the encrypted receiving and deciphering Key is decrypted to relay key to described second, to obtain encrypted relaying key;
Step 1803, receive quantum terminal key management apparatus by it is described it is encrypted relaying key be sent to receive quantum terminal Application apparatus;The application apparatus of quantum terminal is received before business cipher key is used, first with the reception key-encrypting key solution It is close to obtain relaying key, then the relaying key is used as business cipher key;
Wherein, it receives quantum terminal and the synchronization and update for receiving key-encrypting key is carried out by movable storage device.
Meanwhile the embodiment of the present invention also proposed a kind of key cryptographic systems of quantum communication network, including at least one transmission Quantum terminal, at least one reception quantum terminal, at least one credible repeater;
Quantum terminal, for the relaying sent key will to be needed to be obtained in first after being encrypted using transmission encryption key After key, the first relaying key is then sent to next node;At wherein described transmission encryption key and the next node Relaying decruption key it is corresponding;
Each credible repeater all includes:
Cipher key encryption block for storing preset key-encrypting key, and passes through preset key-encrypting key and relaying is solved Key is encrypted to obtain encrypted relaying decruption key;It is additionally operable to through the preset key-encrypting key to relaying Encryption key is encrypted to obtain encrypted relaying encryption key;
Key relay forwarding module after receiving the first relaying key from a upper node, is solved by the encrypted relaying The first relaying key is decrypted to obtain encrypted relaying key described in close key pair;It is additionally operable to sending institute to next node State it is encrypted relaying key when, reuse it is described it is encrypted relaying encryption key to it is described it is encrypted relaying key be encrypted with Obtain the second relaying key;Wherein described relaying encryption key is corresponding with the receiving and deciphering key at the next node;
Cipher key cache module, for storing the encrypted relaying decruption key and encrypted relaying encryption key;
Quantum terminal is received, after receiving the second relaying key that a upper node is sent, uses the receiving and deciphering key It is decrypted, obtains the relaying key.
Further, transmission key-encrypting key is preset in quantum terminal to add to sending encryption key It is close, to generate encrypted transmission encryption key;Reception key-encrypting key is preset with to receiving and deciphering receiving quantum terminal Key is encrypted, to generate encrypted receiving and deciphering key;The system specifically includes;
Quantum terminal, for using it is preset transmission key-encrypting key respectively to send encryption key and relaying key into Row encryption, to generate encrypted transmission encryption key and encrypted relaying key respectively;Be additionally operable to will need send described in plus Close relaying key obtains the first relaying key after being encrypted using the encrypted transmission encryption key, then will be in first Next node is sent to after key;Wherein described transmission encryption key is opposite with the relaying decruption key at the next node It should;
Wherein described each credible repeater all includes:
Cipher key encryption block for storing preset key-encrypting key, and passes through preset key-encrypting key and relaying is solved Key is encrypted to obtain encrypted relaying decruption key;It is additionally operable to through the preset key-encrypting key to relaying Encryption key is encrypted to obtain encrypted relaying encryption key;
Key relay forwarding module after receiving the first relaying key from a upper node, is solved by the encrypted relaying The first relaying key is decrypted to obtain encrypted relaying key described in close key pair;It is additionally operable to sending institute to next node State it is encrypted relaying key when, reuse it is described it is encrypted relaying encryption key to it is described it is encrypted relaying key be encrypted with Obtain the second relaying key;Wherein described relaying encryption key is corresponding with the receiving and deciphering key at the next node;
Cipher key cache module, for storing the encrypted relaying decruption key and encrypted relaying encryption key;
Quantum terminal is received, for the receiving and deciphering key to be encrypted using preset reception key-encrypting key, with Generate encrypted receiving and deciphering key;After being additionally operable to the second relaying key for receiving node transmission, the encryption is used Receiving and deciphering key be decrypted, obtain encrypted relaying key.
Preferably, the transmission encryption key and the relaying decruption key are the shared quantum generated by QKD processes Key, the two correspond;The relaying encryption key and the receiving and deciphering key are the shared amounts generated by QKD processes Sub-key, the two correspond.
Preferably, the cipher key encryption block is hardware chip, and the key-encrypting key in the chip cannot be led Go out.
Preferably, the cipher key encryption block is additionally operable to receive quantum key, and pass through quantum key and add the key Key is regularly updated.
The advantageous effect that technical solution provided by the invention is brought is:
A, applied widely, implementation is smaller on the scope of application influence of credible repeater, in the expansion that ensure that legacy network In the case of malleability, its safety is enhanced, is suitble to building for various junction networks;
B, the safety of enhancing relaying key in key relay processes, avoids the landing of relaying key plain, in reducing After the danger of Key Exposure, the safety of key relay processes ensure that;
C, enhance the safety of quantum key, the cipher key cache mould quantum key in the block of key management layer is encrypted close using key Key encryption storage, enhances the safety of quantum key;
D, flow is consistent, and it is convenient to realize, this scheme can be adapted for all nodes, and ensures that the flow of all nodes is consistent, real It is now simple, it is easy to maintain.
Description of the drawings
Fig. 1 is that the key of the prior art relays flow diagram;
Fig. 2 is the structure diagram of the quantum communication network of the prior art;
Fig. 3 is workflow schematic diagram when a credible repeater is used in the embodiment of the present invention;
Fig. 4 is workflow schematic diagram when multiple credible repeaters are used in the embodiment of the present invention;
Fig. 5 is the structure diagram of the credible repeater of the embodiment of the present invention;
Fig. 6 is the workflow schematic diagram of full node security enhancing in the embodiment of the present invention;
Fig. 7 is in credible relay node and sending node in the embodiment of the present invention(Quantum terminal)The workflow enhanced safely Journey schematic diagram;
Fig. 8 is in credible relay node and receiving node in the embodiment of the present invention(Receive quantum terminal)The workflow enhanced safely Journey schematic diagram;
Fig. 9 is that the key for the Star Network that the credible repeater in the embodiment of the present invention enhances safely relays schematic diagram;
Figure 10 is that the key of the Star Network of the full node security enhancing in the embodiment of the present invention relays schematic diagram;
Figure 11 is that the key of the center distribution in the embodiment of the present invention relays schematic diagram;
Figure 12 is that the key of the multinode shared key in the embodiment of the present invention relays schematic diagram;
Figure 13 is the key management layer safety enhancing system schematic diagram in the embodiment of the present invention;
Full text related symbol explanation:
KR:Relay key;
KAB:Send encryption key;
KR⊕KAB:First relaying key;
KBA:Relay decruption key;
KBC:Relay encryption key;
KR⊕KBC:Second relaying key;
KCB:Receiving and deciphering key;
KB:Preset key-encrypting key;
KR⊕KA:Encrypted relaying key;
KR⊕KB:Encrypted relaying key;
KR⊕KC:Encrypted relaying key;
KBA⊕KB:Encrypted relaying decruption key;
KBC⊕KB:Encrypted relaying encryption key;
KA:Preset transmission key-encrypting key;
KAB⊕KA:Encrypted transmission encryption key;
KC:Preset reception key-encrypting key;
KCB⊕KC:Encrypted receiving and deciphering key.
Specific embodiment
The emphasis of technical solution of the present invention is a preset key-encrypting key, for key at credible repeater The encryption of key is stored in cache module so that is stored in cipher key cache module is all encrypted key.In this way can After letter repeater receives encrypted relaying key, it is decrypted and carries out between re-encrypted two flows, relay key It would not be stored in the form of plaintext, improve the safety of quantum communication network.One in the embodiment of the present invention is excellent It selects in scheme, for that can be input to by preset method to the key-encrypting key that is encrypted of relaying key for updating, In the hardware chip of encrypt and decrypt operation, to ensure the safety of key-encrypting key.Meanwhile key-encrypting key can also root According to being regularly updated, freshness and the safety of key are further enhanced.It preferably, can be by quantum key to key Encryption key is regularly updated.
The safe Enhancement Method of the present invention can be additionally used in relaying flow(Or repeated link)On all nodes carry out Safety enhancing, is not limited only to credible repeater, applies also for relaying and initiates node and relaying destination node.The safety of the present invention increases Strong method is used not only for the key relaying of Linear Network structure, additionally it is possible to and the key applied to Star Network structure relays, And using after this safe enhanced scheme, key relaying flow and original flow are basically identical, will not be close to Star Network The realization of key relaying flow impacts, as quantum terminal A to reception quantum terminal C and receives quantum terminal D point respectively Key is sent out, relaying flow is consistent, flow will not be caused to have any different because credible repeater connects multiple quantum terminals, increased Realize difficulty.
The safe Enhancement Method of the present invention can also be used to distribute relaying key to both ends quantum terminal from credible relay node The key relaying flow of node, can be suitble to full node security enhancing network, be equally applicable to only credible repeater and increase safely Strong network.Equally, it is also applied for the key distribution of multinode shared key.
The safe Enhancement Method of the present invention applies also for carrying out safe enhancing to key management layer, realizes key management layer nothing The processing of clear text key enhances the safety of entire key management system.
As illustrative, using exclusive or algorithm as enciphering and deciphering algorithm in the embodiment of the present invention, specially:0⊕0= 0,1 ⊕, 0=1,0 ⊕, 1=1,1 ⊕ 1=0.
Carry out the embodiment that the present invention will be described in detail below in conjunction with attached drawing, how applied technology method is come to the present invention whereby Technical problem is solved, and the realization process for reaching technique effect can fully understand and implement according to this.
Embodiment 1
The embodiment of the present invention proposes a kind of key encryption method of credible repeater.In order to enable whole flow process is more clear, As shown in Figure 3, Figure 4 be the schematic diagram of the credible repeater applications in quantum communication network.Fig. 3, shown in Fig. 4 it is respectively Using said program and in multiple credible repeaters on a credible repeater(In Fig. 4 n be positive integer, n >=2)In upper application State scheme.It can be seen from Fig. 3, Fig. 4 compared with prior art, both increased on each credible repeater one it is preset Key-encrypting key, for being encrypted to the key stored in cipher key cache module.Due to the workflow of each credible repeater All it is identical, therefore is specially with as shown in Figure 3:
Step 101, credible repeater B receive the first relaying key K of node transmissionR⊕KABLater, by encrypted Relay decruption key KBA⊕KBTo the described first relaying key KR⊕KABIt is decrypted to obtain encrypted relaying key KR⊕KB; Wherein described encrypted relaying decruption key KBA⊕KBIt is to utilize preset key-encrypting key KBTo relaying decruption key KBAInto It is generated after row encryption, the first relaying key KR⊕KABIt is that a upper node utilizes and the relaying decruption key KBAIt is right The transmission encryption key K answeredABTo relaying key KRIt is generated after being encrypted, the encrypted relaying key KR⊕KBBy with Lower formula obtains:KR⊕KAB⊕KBA⊕KB=KR⊕KB
Step 102, credible repeater B are sending the encrypted relaying key K to next nodeR⊕KBWhen, reuse encryption Relaying encryption key KBC⊕KBTo the encrypted relaying key KR⊕KBIt is encrypted to obtain the second relaying key KR⊕ KBC;Wherein described encrypted relaying encryption key KBC⊕KBIt is to utilize the preset key-encrypting key KBIt is close to relaying encryption Key KBCIt is generated after being encrypted, the relaying encryption key KBCWith the receiving and deciphering key K at the next nodeCBRelatively Should, the second relaying key KR⊕KBCIt is obtained by the following formula:KR⊕KB⊕KBC⊕KB=KR⊕KBC
Specifically, in step 101 and step 102, it can be first with preset key-encrypting key KBTo credible relaying The cipher key cache mould relaying decruption key K in the block of device BBAWith relaying encryption key KBCIt is encrypted, is obtained above-mentioned in advance respectively Encrypted relaying decruption key K in exampleBA⊕KBWith encrypted relaying encryption key KBC⊕KB.Preferably, described send adds Key KABWith the relaying decruption key KBAIt is the shared quantum key generated by QKD processes, the two corresponds;Institute State relaying encryption key KBCWith the receiving and deciphering key KCBIt is the shared quantum key generated by QKD processes, the two is one by one It is corresponding.Certainly, those skilled in that art are appreciated that, the transmission encryption key K in the embodiment of the present inventionABIt is decrypted with relaying Key KBA, relaying encryption key KBCWith receiving and deciphering key KCBIt can be obtained by any mode, the embodiment of the present invention is not right This is defined.
Preferably, the key-encrypting key KBBe stored in advance in credible repeater B for updating, encrypt and decrypt behaviour In the hardware chip of work, and the key-encrypting key K in the chipBIt cannot be exported, to ensure the key-encrypting key KB Safety.Meanwhile the key-encrypting key KBIt can also be regularly updated as needed, further enhance the fresh of key Degree and safety.It preferably, can be by quantum key to the key-encrypting key KBIt is regularly updated.It is and multiple for having The quantum communication network of credible repeater can be that each credible repeater sets different key-encrypting keys.
Specifically, it is only there are one credible repeater as shown in Figure 3, therefore the upper node in preceding method is necessarily sent out Send relaying key KRQuantum terminal A, and next node necessarily receives relaying key KRReception quantum terminal C.It is and right There are multiple credible repeaters in as shown in Figure 4, then the upper node in preceding method may be to send relaying key KRHair Send quantum terminal A, it is also possible to another is credible repeater;And next node may be to receive relaying key KRReception quantum Terminal C, it is also possible to another credible repeater.
It should be noted that those skilled in that art are appreciated that, the transmission encryption key in the embodiment of the present invention All it is opposite concept with relaying encryption key, relaying decruption key and receiving and deciphering key, is all to participate in relaying key encryption The encryption key and decruption key of transfer, no substantive difference.When a upper node for this credible repeater is quantum terminal, Transmission encryption key at a upper node is corresponding with the relaying decruption key at this credible repeater;When this credible repeater When a upper node is another credible repeater, the relaying encryption key at a upper node and the relaying solution at this credible repeater Key is corresponding.Similarly, when the next node of this credible repeater is receives quantum terminal, at this is credible repeater in It is corresponding with the receiving and deciphering key at next node after encryption key;When the next node of this credible repeater is another credible During repeater, the relaying encryption key originally at credible repeater is corresponding with the relaying decruption key at next node.Certainly, originally Technical staff is also appreciated that in field, and the first relaying key in the embodiment of the present invention is also opposite with the second relaying key Concept, be all according to the encrypted relaying key that is generated of encryption key for participating in relaying key encryption transfer, also without essence Difference.
In this way the first relaying key K is received in credible repeater BR⊕KABAfterwards, encrypted relaying decruption key K is utilizedBA ⊕KBWhen being decrypted, it is directly obtained with encrypted relaying key KR⊕KBRather than the relaying key K of plaintextR.Exist in this way Before subsequently encrypt, credible repeater B would not store the relaying key K of plaintextR, improve the safety of whole system Property.The change simultaneously is all transparent for other all nodes, and there is no need to existing system topology is carried out more Change.
In the above-described embodiment, a credible repeater is as shown in Fig. 3 only passed through in entire transfer process(In i.e. credible After device B)Flow.As shown in Fig. 4 pass through multiple credible repeaters in entire transfer process(In as shown in Figure 4 credible After device B1……Credible repeater Bn)Flow, therefore in method as shown in Figure 4, each credible repeater B is required for performing The method similar with step 101 and step 102.
Embodiment 2
Meanwhile the embodiment of the present invention also proposed a kind of key with the aforementioned corresponding credible repeater of embodiment 1 and encrypt Device, structure are as shown in Figure 5, including cipher key encryption block, key relay forwarding module, cipher key cache module;
Cipher key encryption block, for storing preset key-encrypting key KB, and pass through preset key-encrypting key KBCentering After decruption key KBAIt is encrypted to obtain encrypted relaying decruption key KBA⊕KB;It is additionally operable to add by the preset key Key KBTo relaying encryption key KBCIt is encrypted to obtain encrypted relaying encryption key KBC⊕KB
Key relay forwarding module, for receiving the first relaying key K from a upper nodeR⊕KABLater, by described encrypted Relay decruption key KBA⊕KBTo the described first relaying key KR⊕KABIt is decrypted to obtain encrypted relaying key KR⊕KB; Wherein described first relaying key KR⊕KABIt is that a upper node utilizes and the relaying decruption key KBACorresponding send adds Key KABTo relaying key KRIt is generated after being encrypted, the encrypted relaying key KR⊕KBIt is obtained by the following formula: KR⊕KAB⊕KBA⊕KB=KR⊕KB;It is additionally operable to sending the encrypted relaying key K to next nodeR⊕KBWhen, it reuses The encrypted relaying encryption key KBC⊕KBTo the encrypted relaying key KR⊕KBIt is encrypted close to obtain the second relaying Key KR⊕KBC;Wherein described relaying encryption key KBCWith the receiving and deciphering key K at the next nodeCBIt is corresponding, described Two relaying key KR⊕KBCIt is obtained by the following formula:KR⊕KB⊕KBC⊕KB=KR⊕KBC
Cipher key cache module, for storing the encrypted relaying decruption key KBA⊕KBWith encrypted relaying encryption key KBC ⊕KB
Preferably, the transmission encryption key KABWith the relaying decruption key KBAIt is the shared quantum generated by QKD processes Key, the two correspond;The relaying encryption key KBCWith the receiving and deciphering key KCBIt is generated by QKD processes Shared quantum key, the two correspond.
Preferably, the cipher key encryption block is hardware chip, and the key-encrypting key K in the chipBIt cannot be by Export, to ensure the key-encrypting key KBSafety.Meanwhile the key-encrypting key KBIt can also carry out as needed It regularly updates, further enhances freshness and the safety of key.Preferably, the cipher key encryption block is additionally operable to receive quantum Key, and pass through quantum key to the key-encrypting key KBIt is regularly updated.
Embodiment 3
Meanwhile the embodiment of the present invention also proposed a kind of key encryption method of quantum communication network, as shown in Figure 3 and Figure 4 Including one or more credible repeaters.Compared with prior art, both increased on each credible repeater one it is preset Key-encrypting key, for relaying encryption key and relaying decruption key to be encrypted.Due to the work of each credible repeater It is all identical to make flow, therefore is specially with the method as shown in Figure 3:
Step 701, quantum terminal A will need the relaying key K sentRUse transmission encryption key KABIt is obtained after being encrypted Obtain the first relaying key KR⊕KAB, then by the first relaying key KR⊕KABIt is sent to next node;It is wherein described to send encryption Key KABWith the relaying decruption key K at the next nodeBAIt is corresponding;
Step 702, credible repeater B receive the first relaying key K of node transmissionR⊕KABLater, by encrypted Relay decruption key KBA⊕KBTo the described first relaying key KR⊕KABIt is decrypted to obtain encrypted relaying key KR⊕KB; Wherein described encrypted relaying decruption key KBA⊕KBIt is to utilize preset key-encrypting key KBTo relaying decruption key KBAInto It is generated after row encryption, the encrypted relaying key KR⊕KBIt is obtained by the following formula:KR⊕KAB⊕KBA⊕KB=KR⊕KB
Step 703, credible repeater B are sending the encrypted relaying key K to next nodeR⊕KBWhen, reuse encryption Relaying encryption key KBC⊕KBTo the encrypted relaying key KR⊕KBIt is encrypted to obtain the second relaying key KR⊕ KBC, then by the second relaying key KR⊕KBCIt is sent to next node;Wherein described encrypted relaying encryption key KBC⊕KBIt is Utilize the preset key-encrypting key KBTo relaying encryption key KBCIt is generated after being encrypted, the relaying encryption key KBCWith the receiving and deciphering key K at the next nodeCBIt is corresponding, the second relaying key KR⊕KBCPass through the following formula It obtains:KR⊕KB⊕KBC⊕KB=KR⊕KBC
Step 704 receives the second relaying key K that quantum terminal C receives node transmissionR⊕KBCAfterwards, it is connect using described Receive decruption key KCBIt is decrypted(KR⊕KBC⊕KCB=KR), obtain the relaying key KR
In the above-mentioned methods, if any multiple credible repeaters, then each credible repeater be required for performing with step 702 and The similar method of step 703.Specifically, it is the upper section only there are one credible repeater, therefore in preceding method as shown in Figure 3 Point necessarily sends relaying key KRQuantum terminal A, and next node necessarily receives relaying key KRQuantum terminal C.And for multiple credible repeaters that have as shown in Figure 4, then the upper node in preceding method may be to send relaying key KRQuantum terminal A, it is also possible to another is credible repeater.And next node may be to receive relaying key KRAmount Sub- terminal C, it is also possible to another credible repeater.
Embodiment 4
On the basis of embodiment 3, embodiment 4 that the embodiment of the present invention proposes is as shown in Figure 6, can in quantum terminal A To increase preset transmission key-encrypting key KAWith to sending encryption key KABIt is encrypted, is encrypted with generating encrypted send Key KAB⊕KA.It can also increase preset reception key-encrypting key K receiving quantum terminal CCWith to receiving decruption key KCBIt is encrypted, to generate encrypted receiving and deciphering key KCB⊕KC
Then idiographic flow is as shown in Figure 8, including:
Step 801, quantum terminal A utilize preset transmission key-encrypting key KARespectively to sending encryption key KABWith in After key KRIt is encrypted, to generate encrypted transmission encryption key K respectivelyAB⊕KAWith encrypted relaying key KR⊕KA
Step 802, quantum terminal A will need the encrypted relaying key K sentR⊕KAUse the encrypted hair Send encryption key KAB⊕KAThe first relaying key K is obtained after being encryptedR⊕KAB, then by the first relaying key KR⊕KABIt sends To next node;Wherein described transmission encryption key KABWith the relaying decruption key K at the next nodeBAIt is corresponding;
Step 803, credible repeater B receive the first relaying key K of node transmissionR⊕KABLater, by encrypted Relay decruption key KBA⊕KBTo the described first relaying key KR⊕KABIt is decrypted to obtain encrypted relaying key KR⊕KB; Wherein described encrypted relaying decruption key KBA⊕KBIt is to utilize preset key-encrypting key KBTo relaying decruption key KBAInto It is generated after row encryption, the encrypted relaying key KR⊕KBIt is obtained by the following formula:KR⊕KAB⊕KBA⊕KB=KR⊕KB
Step 804, credible repeater B are sending the encrypted relaying key K to next nodeR⊕KBWhen, reuse encryption Relaying encryption key KBC⊕KBTo the encrypted relaying key KR⊕KBIt is encrypted to obtain the second relaying key KR⊕ KBC, then by the second relaying key KR⊕KBCIt is sent to next node;Wherein described encrypted relaying encryption key KBC⊕KBIt is Utilize the preset key-encrypting key KBTo relaying encryption key KBCIt is generated after being encrypted, the relaying encryption key KBCWith the receiving and deciphering key K at the next nodeCBIt is corresponding, the second relaying key KR⊕KBCPass through the following formula It obtains:KR⊕KB⊕KBC⊕KB=KR⊕KBC
Step 805 receives the second relaying key K that quantum terminal C receives node transmissionR⊕KBCAfterwards, use is encrypted Receiving and deciphering key KCB⊕KCIt is decrypted(KR⊕KBC⊕KCB⊕KC=KR⊕KC), obtain encrypted relaying key KR⊕KC;Its Described in encrypted receiving and deciphering key KCB⊕KCIt is to receive quantum terminal C using preset reception key-encrypting key KCTo institute State receiving and deciphering key KCBIt is generated after being encrypted.
Embodiment 5
Further, on the basis of credible relay node increases key-encrypting key, can also only increase in quantum terminal A Add preset transmission key-encrypting key KAWith to sending encryption key KABIt is encrypted, idiographic flow is as shown in Figure 7;This Outside, on the basis of credible relay node increases key-encrypting key, can also only preset connect be increased in reception quantum terminal C Receive key-encrypting key KCWith to receiving decruption key KCBIt is encrypted, idiographic flow is as shown in Figure 8.
Embodiment 6
Preferably, in embodiment 3-5, the transmission encryption key KABWith the relaying decruption key KBAIt is by QKD processes The shared quantum key generated, the two correspond;The relaying encryption key KBCWith the receiving and deciphering key KCBIt is to pass through The shared quantum key that QKD processes generate, the two correspond.
As being further improved to aforementioned embodiment, the key-encrypting key can be stored in advance in for more Newly, in the hardware chip of encrypt and decrypt operation, and ensure that the key-encrypting key in the chip cannot be exported, to ensure The safety of key-encrypting key.And for quantum communication network, can be that each node sets different key-encrypting keys.Together When each node key-encrypting key can also be regularly updated as needed, further enhance the freshness and safety of key Property.Preferably, the key-encrypting key can be regularly updated by quantum key.
Embodiment 7
Meanwhile the embodiment of the present invention also proposed a kind of key with the aforementioned corresponding quantum communication networks of embodiment 3-6 Encryption system, including at least one quantum terminal A, at least one reception quantum terminal C, at least one credible repeater B;
Quantum terminal A, for the relaying key K sent will to be neededRUse transmission encryption key KABIt is obtained after being encrypted First relaying key KR⊕KAB, then by the first relaying key KR⊕KABIt is sent to next node;Wherein described transmission encryption is close Key KABWith the relaying decruption key K at the next nodeBAIt is corresponding;
Each credible repeater B includes:
Cipher key encryption block, for storing preset key-encrypting key KB, and pass through preset key-encrypting key KBCentering After decruption key KBAIt is encrypted to obtain encrypted relaying decruption key KBA⊕KB;It is additionally operable to add by the preset key Key KBTo relaying encryption key KBCIt is encrypted to obtain encrypted relaying encryption key KBC⊕KB
Key relay forwarding module, for receiving the first relaying key K from a upper nodeR⊕KABLater, by described encrypted Relay decruption key KBA⊕KBTo the described first relaying key KR⊕KABIt is decrypted to obtain encrypted relaying key KR⊕KB; The encrypted relaying key KR⊕KBIt is obtained by the following formula:KR⊕KAB⊕KBA⊕KB=KR⊕KB;It is additionally operable to next Node sends the encrypted relaying key KR⊕KBWhen, reuse the encrypted relaying encryption key KBC⊕KBAdd to described Close relaying key KR⊕KBIt is encrypted to obtain the second relaying key KR⊕KBC;Wherein described relaying encryption key KBCWith institute State the receiving and deciphering key K at next nodeCBIt is corresponding, the second relaying key KR⊕KBCIt is obtained by the following formula:KR ⊕KB⊕KBC⊕KB=KR⊕KBC
Cipher key cache module, for storing the encrypted relaying decruption key KBA⊕KBWith encrypted relaying encryption key KBC ⊕KB
Quantum terminal C is received, for receiving the second relaying key K that a upper node is sentR⊕KBCAfterwards, it is connect using described Receive decruption key KCBIt is decrypted(KR⊕KBC⊕KCB=KR), obtain the relaying key KR
Embodiment 8
On the basis of embodiment 7, preset transmission key-encrypting key K can be increased in quantum terminal AAFor to hair Send encryption key KABIt is encrypted, to generate encrypted transmission encryption key KAB⊕KA;It can also increase receiving quantum terminal C Preset reception key-encrypting key KCFor to receiving decruption key KCBIt is encrypted, to generate encrypted receiving and deciphering key KCB⊕KC.I.e. described system specifically includes:
Quantum terminal A, for utilizing preset transmission key-encrypting key KARespectively to sending encryption key KABAnd relaying Key KRIt is encrypted, to generate encrypted transmission encryption key K respectivelyAB⊕KAWith encrypted relaying key KR⊕KA;It is additionally operable to It will need the encrypted relaying key K sentR⊕KAUse the encrypted transmission encryption key KAB⊕KAAfter being encrypted Obtain the first relaying key KR⊕KAB, then by the first relaying key KR⊕KABIt is sent to next node;Wherein described send adds Key KABWith the relaying decruption key K at the next nodeBAIt is corresponding;
Wherein described each credible repeater B includes:
Cipher key encryption block, for storing preset key-encrypting key KB, and pass through preset key-encrypting key KBCentering After decruption key KBAIt is encrypted to obtain encrypted relaying decruption key KBA⊕KB;It is additionally operable to add by the preset key Key KBTo relaying encryption key KBCIt is encrypted to obtain encrypted relaying encryption key KBC⊕KB
Key relay forwarding module, for receiving the first relaying key K from a upper nodeR⊕KABLater, by described encrypted Relay decruption key KBA⊕KBTo the described first relaying key KR⊕KABIt is decrypted to obtain encrypted relaying key KR⊕KB; The encrypted relaying key KR⊕KBIt is obtained by the following formula:KR⊕KAB⊕KBA⊕KB=KR⊕KB;It is additionally operable to next Node sends the encrypted relaying key KR⊕KBWhen, reuse the encrypted relaying encryption key KBC⊕KBAdd to described Close relaying key KR⊕KBIt is encrypted to obtain the second relaying key KR⊕KBC;Wherein described relaying encryption key KBCWith institute State the receiving and deciphering key K at next nodeCBIt is corresponding, the second relaying key KR⊕KBCIt is obtained by the following formula:KR ⊕KB⊕KBC⊕KB=KR⊕KBC
Cipher key cache module, for storing the encrypted relaying decruption key KBA⊕KBWith encrypted relaying encryption key KBC ⊕KB
Quantum terminal C is received, for utilizing preset reception key-encrypting key KCTo the receiving and deciphering key KCBAdded It is close, to generate encrypted receiving and deciphering key KCB⊕KC;It is additionally operable to receive the second relaying key K of node transmissionR⊕ KBCAfterwards, using the encrypted receiving and deciphering key KCB⊕KCIt is decrypted(KR⊕KBC⊕KCB⊕KC=KR⊕KC), encrypted Relaying key KR⊕KC
Embodiment 9
On the basis of embodiment 7, embodiment 9 that the embodiment of the present invention proposes is as shown in Figure 7, increases in credible relay node On the basis of key-encrypting key, only it can also increase preset transmission key-encrypting key K in quantum terminal AAFor To sending encryption key KABIt is encrypted, to generate encrypted transmission encryption key KAB⊕KA.As shown in Figure 8, in credible On the basis of node increases key-encrypting key, only the preset reception key encryption of quantum terminal C increases can also be being received Key KCFor to receiving decruption key KCBIt is encrypted, to generate encrypted receiving and deciphering key KCB⊕KC
Preferably, in embodiment 7-9, the transmission encryption key KABWith the relaying decruption key KBAIt is by QKD processes The shared quantum key generated, the two correspond;The relaying encryption key KBCWith the receiving and deciphering key KCBIt is to pass through The shared quantum key that QKD processes generate, the two correspond.
As being further improved to aforementioned embodiment, the cipher key encryption block is hardware chip, and the chip In key-encrypting key KBIt cannot be exported, to ensure the key-encrypting key KBSafety.Meanwhile the key adds Key KBIt can also be regularly updated as needed, further enhance freshness and the safety of key.Preferably, it is described close Key encrypting module is additionally operable to receive quantum key, and pass through quantum key to the key-encrypting key KBIt is regularly updated.
Embodiment 10
Previous embodiment is all the explanation carried out by taking one-to-one line style network topology structure as an example.The embodiment of the present invention can be with It applies in the quantum communication network of star network topology.It is the centre of 4 star-like meshed network structures as shown in Figure 9 Point safety enhancing, after this safe enhanced scheme, key relaying flow and original flow are basically identical, not to star-like The realization of netkey relaying flow impacts.As quantum terminal A to reception quantum terminal C and receives quantum end respectively D distribution keys are held, relaying flow is consistent, flow will not be caused to have area because credible repeater connects multiple quantum terminals Not, increase and realize difficulty.The key encryption method of credible repeater B is corresponded with embodiment 1, is only needed to each reception The encrypted relaying key K arrivedR1⊕KABOr KR2⊕KABEncrypted relaying decruption key K is all respectively adoptedBA⊕KBIt is decrypted; Also encrypted relaying encryption key K each encrypted relaying key sent is respectively adoptedBC⊕KBAnd KBD⊕KBIt carries out Encryption.
Embodiment 11
In the quantum communication network of star network topology in previous embodiment 10, it can also utilize as in embodiment 4 Method in quantum terminal A to increasing preset transmission key-encrypting key KAFor to sending encryption key KABAdded It is close, to generate encrypted transmission encryption key KAB⊕KA.It is receiving quantum terminal C and is receiving quantum terminal D and can also increase respectively Add preset reception key-encrypting key KCAnd KDFor respectively to receiving decruption key KCBAnd KDBIt is encrypted, to generate respectively Encrypted receiving and deciphering key KCB⊕KCAnd KDB⊕KD.Specific flow is as shown in Figure 10, and details are not described herein.
Embodiment 12
In the system as shown in Figure 11, Figure 12, relaying key K can be shared by multiple quantum terminalsR.As shown in figure 12, Credible repeater B connects quantum terminal A, quantum terminal C and quantum terminal D simultaneously, and will relaying key KRIt is distributed to these three Quantum terminal.It is as follows:
Step 1601, on quantum terminal A, first using key-encrypting key KATo receiving decruption key KABIt is encrypted and deposits Storage;On credible repeater B, first using preset key-encrypting key KBTo sending encryption key KBA、KBC、KBDAfter encryption simultaneously Storage;On quantum terminal C, first using key-encrypting key KCTo receiving decruption key KCBIt is encrypted and stores;In quantum In terminal D, first using key-encrypting key KDTo receiving decruption key KDBIt is encrypted and stores;
Step 1602 sends relaying key K to quantum terminal A, quantum terminal C and quantum terminal D respectively in credible repeater BR When, credible repeater B is to encrypted relaying key KR⊕KB, respectively using encrypted transmission encryption key KBA⊕KB、KBC⊕KBWith KBD⊕KBQuantum terminal A, quantum terminal C and quantum terminal D are separately sent to after encryption;Specific flow with it is right in aforementioned implementation Flow when single quantum terminal is sent is identical, only repeats to do 3 times, details are not described herein;
Step 1603, quantum terminal A receive encrypted relaying key KR⊕KBA, use encrypted receiving and deciphering key KAB⊕KA After decryption, encrypted relaying key K is obtainedR⊕KA;Quantum terminal C receives encrypted relaying key KR⊕KBC, use is encrypted Receiving and deciphering key KCB⊕KCAfter decryption, encrypted relaying key K is obtainedR⊕KC;It is close that quantum terminal D receives encrypted relaying Key KR⊕KBD, use encrypted receiving and deciphering key KDB⊕KDAfter decryption, encrypted relaying key K is obtainedR⊕KD
Embodiment 13
The embodiment of the present invention also proposed a kind of safe Enhancement Method of quantum key management level, to realize key management layer without bright The processing of literary key enhances the safety of entire key management system.It is specific as shown in figure 13, it can be by entire quantum communications net Network is divided into key generation layer, key management layer, application layer.Wherein application layer can include application apparatus A and application apparatus C, close Key management level include key management apparatus A, at least one key management apparatus Bn(N is positive integer, n >=1), key management apparatus C.Wherein, if for as shown in Figure 3, key management apparatus A, key management apparatus C are respectively used to management traffic volume Sub- terminal A and the key for receiving quantum terminal C, and key management apparatus B1It can be used for managing the relaying solution of credible repeater B Key and relaying encryption key.
Its workflow is as follows:
It is preset in step 1701, key generation device A1 for sending encryption key KABThe transmission key encryption being encrypted Key KA, then key generation device A1 is by transmission key-encrypting key KAIt is synchronized to application apparatus A;Such as movement can be passed through Memory realizes KASynchronization and update;
Step 1702, key generation device A1 and key generation device B1 carry out quantum key distribution(QKD)Generation sends encryption Key KABAfterwards, using transmission key-encrypting key KAEncrypted transmission encryption key K is obtained after encryptionAB⊕KA;By encrypted hair Send encryption key KAB⊕KAKey management apparatus A preservations are transferred to, using as in the transmission of the equipment of next node is encrypted After key KR⊕KAWhen, with encrypted transmission encryption key KAB⊕KACome to encrypted relaying key KR⊕KAIt is encrypted, with To encrypted relaying key KR⊕KAB
The key that step 1703, key management apparatus A are sent to application apparatus A is encrypted relaying key KR⊕KA;Using Device A is before business cipher key is used, first with transmission key-encrypting key KADecryption obtains relaying key KR, then relaying key KRIt is used as business cipher key.
The workflow of C nodes is consistent with above-mentioned A nodes, can refer to step 1701-1703.
In the above manner to the transformation of key storage and key relay processes, the system of key management layer can protect Card:
A, the key stored on key management apparatus is all encrypted key, the key whether generated or relaying it is close Key is not the key of plaintext;
B, it does not need to preserve key-encrypting key in key management apparatus, it is close in plain text not need to encrypted key recovery Key enhances key safety;
C, in key relay processes, the key relayed does not need to clear text key from starting to terminating all in encrypted state Relay processes are participated in, detailed process is shown in Fig. 6.The key completed is relayed, is all existed in an encrypted form, such as:Key management is set Standby A and B1On obtained last relaying key be respectively KR⊕KA、KR⊕KB1
D, when key management layer and the equipment room of key generation layer, application layer carry out cipher key delivery, key is all already encrypted, is protected The safe transmission of key is demonstrate,proved.
The foregoing is merely presently preferred embodiments of the present invention, is not intended to limit the invention, all in the spirit and principles in the present invention Within, any modification, equivalent replacement, improvement and so on should all be included in the protection scope of the present invention.

Claims (20)

1. a kind of key encryption method of credible repeater, which is characterized in that including:
After step 101, credible repeater receive the first relaying key of node transmission, decrypted by encrypted relaying The first relaying key is decrypted to obtain encrypted relaying key described in key pair;Wherein described encrypted relaying decruption key It is generated after relaying decruption key is encrypted using preset key-encrypting key, the first relaying key is described A upper node utilizes what transmission encryption key corresponding with the relaying decruption key generated after relaying key is encrypted;
Step 102, credible repeater reuse encrypted relaying and add when sending the encrypted relaying key to next node Encrypted relaying key described in close key pair is encrypted to obtain the second relaying key;Wherein described encrypted relaying encryption is close Key is generated after relaying encryption key is encrypted using the preset key-encrypting key, the relaying encryption key It is corresponding with the receiving and deciphering key at the next node.
2. the key encryption method of credible repeater according to claim 1, which is characterized in that the transmission encryption key It is the shared quantum key that is generated by QKD processes with the relaying decruption key, the two corresponds;The relaying encryption is close Key is the shared quantum key generated by QKD processes with the receiving and deciphering key, and the two corresponds.
3. the key encryption method of credible repeater according to claim 1, which is characterized in that the key-encrypting key Be stored in advance in credible repeater for updating, in the hardware chip of encrypt and decrypt operation, and the key in the chip Encryption key cannot be exported.
4. the key encryption method of credible repeater according to any one of claim 1 to 3, which is characterized in that pass through Quantum key regularly updates the key-encrypting key.
5. a kind of cipher key encryption means of credible repeater, which is characterized in that including:
Cipher key encryption block for storing preset key-encrypting key, and passes through preset key-encrypting key and relaying is solved Key is encrypted to obtain encrypted relaying decruption key;It is additionally operable to through the preset key-encrypting key to relaying Encryption key is encrypted to obtain encrypted relaying encryption key;
Key relay forwarding module after receiving the first relaying key from a upper node, is solved by the encrypted relaying The first relaying key is decrypted to obtain encrypted relaying key described in close key pair;Wherein described first relaying key is institute It states a node and utilizes what transmission encryption key corresponding with the relaying decruption key generated after relaying key is encrypted; It is additionally operable to when sending the encrypted relaying key to next node, reuses the encrypted relaying encryption key to described Encrypted relaying key is encrypted to obtain the second relaying key;At wherein described relaying encryption key and the next node Receiving and deciphering key it is corresponding;
Cipher key cache module, for storing the encrypted relaying decruption key and encrypted relaying encryption key.
6. the cipher key encryption means of credible repeater according to claim 5, which is characterized in that the transmission encryption key It is the shared quantum key that is generated by QKD processes with the relaying decruption key, the two corresponds;The relaying encryption is close Key is the shared quantum key generated by QKD processes with the receiving and deciphering key, and the two corresponds.
7. the cipher key encryption means of credible repeater according to claim 5, which is characterized in that the cipher key encryption block For hardware chip, and the key-encrypting key in the chip cannot be exported.
8. the cipher key encryption means of credible repeater according to any one of claims 5 to 7, which is characterized in that described Cipher key encryption block is additionally operable to receive quantum key, and pass through quantum key and regularly update the key-encrypting key.
9. a kind of key encryption method of quantum communication network, including:
Step 701, quantum terminal will need the relaying key that sends to obtain the after encryption key is encrypted using sending Then first relaying key is sent to next node by one relaying key;Wherein described transmission encryption key and next section Relaying decruption key at point is corresponding;
After step 702, credible repeater receive the first relaying key of node transmission, decrypted by encrypted relaying The first relaying key is decrypted to obtain encrypted relaying key described in key pair;Wherein described encrypted relaying decruption key It is generated after relaying decruption key is encrypted using preset key-encrypting key;
Step 703, credible repeater reuse encrypted relaying and add when sending the encrypted relaying key to next node Encrypted relaying key described in close key pair is encrypted to obtain the second relaying key;Wherein described encrypted relaying encryption is close Key is generated after relaying encryption key is encrypted using the preset key-encrypting key, the relaying encryption key It is corresponding with the receiving and deciphering key at the next node;
It is close using the receiving and deciphering after step 704, reception quantum terminal receive the second relaying key of node transmission Key is decrypted, and obtains the relaying key;
The relaying key for needing to send is sent to and receives quantum terminal by quantum terminal in wherein described quantum communication network When can pass through one or more credible repeaters, when by multiple credible repeaters, each credible repeater is carried out step 702 and step 703.
10. the key encryption method of quantum communication network according to claim 9, which is characterized in that at quantum end End, which is preset with, sends key-encrypting key to be encrypted to sending encryption key, to generate encrypted transmission encryption key; It receives quantum terminal and is preset with reception key-encrypting key to be encrypted to receiving decruption key, solved with generating encrypted receive Key;
The method specifically includes:
Step 801, quantum terminal are close to sending encryption key and relaying respectively using preset transmission key-encrypting key Key is encrypted, to generate encrypted transmission encryption key and encrypted relaying key respectively;
Step 802, quantum terminal encrypt the encrypted relaying key for needing to send using encrypted send Key obtains the first relaying key after being encrypted, the first relaying key then is sent to next node;Wherein described transmission Encryption key is corresponding with the relaying decruption key at the next node;
After step 803, credible repeater receive the first relaying key of node transmission, decrypted by encrypted relaying The first relaying key is decrypted to obtain encrypted relaying key described in key pair;Wherein described encrypted relaying decruption key It is generated after relaying decruption key is encrypted using preset key-encrypting key;
Step 804, credible repeater reuse encrypted relaying and add when sending the encrypted relaying key to next node Encrypted relaying key described in close key pair is encrypted to obtain the second relaying key, is then sent to the second relaying key Next node;Wherein described encrypted relaying encryption key is to relaying encryption key using the preset key-encrypting key It is generated after being encrypted, the relaying encryption key is corresponding with the receiving and deciphering key at the next node;
Step 805 after receiving the second relaying key that quantum terminal receives node transmission, uses encrypted receiving and deciphering Key is decrypted, and obtains encrypted relaying key;Wherein described encrypted receiving and deciphering key is to receive quantum terminal to utilize It is preset to receive what is generated after the receiving and deciphering key is encrypted in key-encrypting key.
11. the key encryption method of quantum communication network according to claim 9 or 10, which is characterized in that the transmission Encryption key is the shared quantum key generated by QKD processes with the relaying decruption key, and the two corresponds;In described It is the shared quantum key generated by QKD processes after encryption key and the receiving and deciphering key, the two corresponds.
12. the key encryption method of quantum communication network according to claim 9, which is characterized in that the key encryption Key is stored in advance in for updating, in the hardware chip of encrypt and decrypt operation, and the key-encrypting key in the chip It cannot be exported.
13. the key encryption method of quantum communication network according to claim 9, which is characterized in that pass through quantum key The key-encrypting key is regularly updated.
14. the key encryption method of quantum communication network according to claim 9 or 10, which is characterized in that the method It further includes:
Step 1701, quantum terminal key generation device on preset for sending the transmission that is encrypted of encryption key Key-encrypting key, then key generation device the application that the transmission key-encrypting key is synchronized to quantum terminal is set It is standby;
The key generation device of step 1702, the key generation device of quantum terminal and next node carries out quantum key point After the transmission encryption key that quantum terminal occurs into, encrypted hair is obtained after being encrypted using the transmission key-encrypting key Send encryption key;By the encrypted key management apparatus preservation for sending encryption key and being transferred to quantum terminal, so that Quantum terminal to next node equipment send it is encrypted relaying key when, with it is described it is encrypted transmission encryption key come The encrypted relaying key is encrypted, to obtain the first relaying key;
Step 1703, quantum terminal key management apparatus by it is described it is encrypted relaying key be sent to quantum terminal Application apparatus;The application apparatus of quantum terminal is before business cipher key is used, first with the transmission key-encrypting key solution It is close to obtain relaying key, then the relaying key is used as business cipher key;
Wherein, quantum terminal carries out the synchronization and update for sending key-encrypting key by movable storage device.
15. the key encryption method of quantum communication network according to claim 9 or 10, which is characterized in that the method It further includes:
Step 1801 receives the reception preset on the key generation device of quantum terminal for being encrypted to receiving decruption key Key-encrypting key, then key generation device by the reception key-encrypting key be synchronized to receive quantum terminal application set It is standby;
The key generation device of step 1802, the key generation device for receiving quantum terminal and a upper node carries out quantum key and divides After the receiving and deciphering key for receiving quantum terminal occurs into, encrypted connect is obtained after being encrypted using the reception key-encrypting key Receive decruption key;The encrypted receiving and deciphering cipher key delivery is preserved to the key management apparatus for receiving quantum terminal, so that Quantum terminal is received in the second relaying key that a node device in reception is sent, it is close with the encrypted receiving and deciphering Key is decrypted to relay key to described second, to obtain encrypted relaying key;
Step 1803, receive quantum terminal key management apparatus by it is described it is encrypted relaying key be sent to receive quantum terminal Application apparatus;The application apparatus of quantum terminal is received before business cipher key is used, first with the reception key-encrypting key solution It is close to obtain relaying key, then the relaying key is used as business cipher key;
Wherein, it receives quantum terminal and the synchronization and update for receiving key-encrypting key is carried out by movable storage device.
16. a kind of key cryptographic systems of quantum communication network, including at least one quantum terminal, at least one reception amount Sub- terminal, at least one credible repeater;
Quantum terminal, for the relaying sent key will to be needed to be obtained in first after being encrypted using transmission encryption key After key, the first relaying key is then sent to next node;At wherein described transmission encryption key and the next node Relaying decruption key it is corresponding;
Each credible repeater all includes:
Cipher key encryption block for storing preset key-encrypting key, and passes through preset key-encrypting key and relaying is solved Key is encrypted to obtain encrypted relaying decruption key;It is additionally operable to through the preset key-encrypting key to relaying Encryption key is encrypted to obtain encrypted relaying encryption key;
Key relay forwarding module after receiving the first relaying key from a upper node, is solved by the encrypted relaying The first relaying key is decrypted to obtain encrypted relaying key described in close key pair;It is additionally operable to sending institute to next node State it is encrypted relaying key when, reuse it is described it is encrypted relaying encryption key to it is described it is encrypted relaying key be encrypted with Obtain the second relaying key;Wherein described relaying encryption key is corresponding with the receiving and deciphering key at the next node;
Cipher key cache module, for storing the encrypted relaying decruption key and encrypted relaying encryption key;
Quantum terminal is received, after receiving the second relaying key that a upper node is sent, uses the receiving and deciphering key It is decrypted, obtains the relaying key.
17. the key cryptographic systems of quantum communication network according to claim 16, which is characterized in that the system is specific Including;
Quantum terminal, for using it is preset transmission key-encrypting key respectively to send encryption key and relaying key into Row encryption, to generate encrypted transmission encryption key and encrypted relaying key respectively;Be additionally operable to will need send described in plus Close relaying key obtains the first relaying key after being encrypted using the encrypted transmission encryption key, then will be in first Next node is sent to after key;Wherein described transmission encryption key is opposite with the relaying decruption key at the next node It should;
Wherein described each credible repeater all includes:
Cipher key encryption block for storing preset key-encrypting key, and passes through preset key-encrypting key and relaying is solved Key is encrypted to obtain encrypted relaying decruption key;It is additionally operable to through the preset key-encrypting key to relaying Encryption key is encrypted to obtain encrypted relaying encryption key;
Key relay forwarding module after receiving the first relaying key from a upper node, is solved by the encrypted relaying The first relaying key is decrypted to obtain encrypted relaying key described in close key pair;It is additionally operable to sending institute to next node State it is encrypted relaying key when, reuse it is described it is encrypted relaying encryption key to it is described it is encrypted relaying key be encrypted with Obtain the second relaying key;Wherein described relaying encryption key is corresponding with the receiving and deciphering key at the next node;
Cipher key cache module, for storing the encrypted relaying decruption key and encrypted relaying encryption key;
Quantum terminal is received, for the receiving and deciphering key to be encrypted using preset reception key-encrypting key, with Generate encrypted receiving and deciphering key;After being additionally operable to the second relaying key for receiving node transmission, the encryption is used Receiving and deciphering key be decrypted, obtain encrypted relaying key.
18. the key cryptographic systems of quantum communication network according to claim 16 or 17, which is characterized in that the transmission Encryption key is the shared quantum key generated by QKD processes with the relaying decruption key, and the two corresponds;In described It is the shared quantum key generated by QKD processes after encryption key and the receiving and deciphering key, the two corresponds.
19. the key cryptographic systems of quantum communication network according to claim 16 or 17, which is characterized in that the key Encrypting module is hardware chip, and the key-encrypting key in the chip cannot be exported.
20. the key cryptographic systems of quantum communication network according to claim 16 or 17, which is characterized in that the key Encrypting module is additionally operable to receive quantum key, and pass through quantum key and regularly update the key-encrypting key.
CN201611255339.1A 2016-12-30 2016-12-30 Trusted repeater, and secret key encryption method, device and system of quantum communication network Active CN108270553B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611255339.1A CN108270553B (en) 2016-12-30 2016-12-30 Trusted repeater, and secret key encryption method, device and system of quantum communication network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611255339.1A CN108270553B (en) 2016-12-30 2016-12-30 Trusted repeater, and secret key encryption method, device and system of quantum communication network

Publications (2)

Publication Number Publication Date
CN108270553A true CN108270553A (en) 2018-07-10
CN108270553B CN108270553B (en) 2020-12-22

Family

ID=62754592

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611255339.1A Active CN108270553B (en) 2016-12-30 2016-12-30 Trusted repeater, and secret key encryption method, device and system of quantum communication network

Country Status (1)

Country Link
CN (1) CN108270553B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110266473A (en) * 2019-04-22 2019-09-20 北京邮电大学 Method, relay node and the distribution method of relay node distribution quantum key
WO2020221085A1 (en) * 2019-04-29 2020-11-05 科大国盾量子技术股份有限公司 Relay method for quantum key, device, system, apparatus, and storage medium
EP3944555A1 (en) * 2020-07-22 2022-01-26 Kabushiki Kaisha Toshiba Communication system, key management server device, router, and computer-readable medium
CN115242389A (en) * 2022-09-23 2022-10-25 安徽华云安科技有限公司 Data confusion transmission method and system based on multi-level node network

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104113409A (en) * 2014-07-23 2014-10-22 中国科学院信息工程研究所 Secret key managing method and system of SIP (session initiation protocol) video monitoring networking system
CN105471576A (en) * 2015-12-28 2016-04-06 科大国盾量子技术股份有限公司 Quantum key relaying method, quantum terminal nodes and quantum key relaying system
EP3007478A1 (en) * 2013-06-08 2016-04-13 Quantumctek Co., Ltd. Mobile secret communications method based on quantum key distribution network
CN105915337A (en) * 2016-05-27 2016-08-31 安徽问天量子科技股份有限公司 Quantum encryption microwave relay communication system and quantum encryption microwave relay communication method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3007478A1 (en) * 2013-06-08 2016-04-13 Quantumctek Co., Ltd. Mobile secret communications method based on quantum key distribution network
CN104113409A (en) * 2014-07-23 2014-10-22 中国科学院信息工程研究所 Secret key managing method and system of SIP (session initiation protocol) video monitoring networking system
CN105471576A (en) * 2015-12-28 2016-04-06 科大国盾量子技术股份有限公司 Quantum key relaying method, quantum terminal nodes and quantum key relaying system
CN105915337A (en) * 2016-05-27 2016-08-31 安徽问天量子科技股份有限公司 Quantum encryption microwave relay communication system and quantum encryption microwave relay communication method

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110266473A (en) * 2019-04-22 2019-09-20 北京邮电大学 Method, relay node and the distribution method of relay node distribution quantum key
WO2020221085A1 (en) * 2019-04-29 2020-11-05 科大国盾量子技术股份有限公司 Relay method for quantum key, device, system, apparatus, and storage medium
EP3944555A1 (en) * 2020-07-22 2022-01-26 Kabushiki Kaisha Toshiba Communication system, key management server device, router, and computer-readable medium
CN115242389A (en) * 2022-09-23 2022-10-25 安徽华云安科技有限公司 Data confusion transmission method and system based on multi-level node network
CN115242389B (en) * 2022-09-23 2022-12-23 安徽华云安科技有限公司 Data confusion transmission method and system based on multi-level node network

Also Published As

Publication number Publication date
CN108270553B (en) 2020-12-22

Similar Documents

Publication Publication Date Title
CN105471576B (en) A kind of method of quantum key relaying, quantum terminal node and system
CN106330434B (en) First quantum node, second quantum node, secure communication architecture system and method
CN109412794B (en) Quantum key automatic charging method and system suitable for power business
CN107094076B (en) Secret communication method based on quantum true random number and communication system
CN107437995A (en) Satellite-based wide area quantum communication network system and communication means
CN110808837B (en) Quantum key distribution method and system based on tree-shaped QKD network
WO2023082600A1 (en) Quantum key-based blockchain network and data secure transmission method
CN108270553A (en) Credible repeater, the key encryption method of quantum communication network, device, system
WO2023082599A1 (en) Blockchain network security communication method based on quantum key
Tajima et al. Quantum key distribution network for multiple applications
CN109462471A (en) The method of information transmission encryption based on national secret algorithm in conjunction with Technique on Quantum Communication
CN103297230B (en) Information encipher-decipher method, Apparatus and system
JP6544519B2 (en) Mobile control system
CN108964888A (en) A kind of modified AKA identity authorization system and method based on pool of symmetric keys and relayed communications
CN104753682A (en) Generating system and method of session keys
CN111385090A (en) Key distribution method and system based on multi-key combination quantum key relay
Kong Challenges of Routing in Quantum Key Distribution Networks with Trusted Nodes for Key Relaying
CN114401085B (en) Network architecture and key storage method of quantum secret communication network
Kurmi et al. An approach for data aggregation strategy in wireless sensor network using MAC authentication
CN104243409A (en) Terminal-to-terminal data transmission method
EP3883178A1 (en) Encryption system and method employing permutation group-based encryption technology
Lin et al. Quantum key distribution in partially-trusted QKD ring networks
Schartner et al. How to overcome the'Trusted Node Model'in Quantum Cryptography
Schartner et al. Quantum key management
EP4123957A1 (en) A method and system for performing a secure key relay of an encryption key

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant