CN108270553A - Credible repeater, the key encryption method of quantum communication network, device, system - Google Patents
Credible repeater, the key encryption method of quantum communication network, device, system Download PDFInfo
- Publication number
- CN108270553A CN108270553A CN201611255339.1A CN201611255339A CN108270553A CN 108270553 A CN108270553 A CN 108270553A CN 201611255339 A CN201611255339 A CN 201611255339A CN 108270553 A CN108270553 A CN 108270553A
- Authority
- CN
- China
- Prior art keywords
- key
- relaying
- encrypted
- encryption
- quantum
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
- H04L9/0855—Quantum cryptography involving additional nodes, e.g. quantum relays, repeaters, intermediate nodes or remote nodes
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a kind of credible repeater, the key encryption method of quantum communication network, device, system, wherein the key encryption method of credible repeater includes:After credible repeater receives the first relaying key of node transmission, the described first relaying key is decrypted to obtain encrypted relaying key by encrypted relaying decruption key;Wherein described encrypted relaying decruption key is generated after relaying decruption key is encrypted using preset key-encrypting key;Credible repeater reuses encrypted relaying encryption key and the encrypted relaying key is encrypted to obtain the second relaying key when sending the encrypted relaying key to next node;Wherein described encrypted relaying encryption key is generated after relaying encryption key is encrypted using preset key-encrypting key.The present invention is applied widely, smaller on the scope of application influence of credible repeater, in the autgmentability that ensure that legacy network, enhances its safety.
Description
Technical field
The present invention relates to Technique on Quantum Communication field, the more particularly to a kind of key encryption method and dress of credible repeater
It puts, the key encryption method of quantum communication network and system.
Background technology
In quantum communication network, due to the limitation of channel lower deployment cost and distance, arbitrary node in network can not be realized
Between quantum channel build and direct quantum key distribution(QKD).It therefore, can between arbitrary node in network in order to realize
Shared quantum key between it directly can not carry out two nodes of quantum key distribution, is needed in a manner that key relays come real
Existing key distribution.
Key trunking scheme is proposed that basic thought is to utilize the amount shared between adjacent node by the Elliott of BBN earliest
Sub-key carries out encryption and decryption to relaying key, realizes encryption transfer of the relaying key between one or more relay nodes, most
Achieve the goal user eventually.
It is worth noting that, because relaying key exists in relay node in the form of plaintext, any participation key
The node of relaying both knows about the content of current secret communication(Relay key), that is to say, that its safety is opposite, premise
It is that must trust all relay nodes.Therefore this node is called credible relaying(Trusted Relay)Node.In a key
On repeated link, the node of both link ends is known as quantum terminal node(Or abbreviation quantum terminal), i.e., key relaying purpose use
Node where family;Node among link is known as credible relay node(Or credible repeater), relative quantum terminal node
For.On a key repeated link, including two quantum terminal nodes and at least one credible relay node, each node
Place is deployed with QKD equipment;Quantum channel has been built between adjacent node, can directly carry out quantum key distribution, so as to shared
Quantum key.Credible repeater be it is a kind of be very natural with technology easy to implement, by credible repeater, we can hold very much
Easy extension quantum key distribution network, either distance or number of users can be accomplished infinite.Moreover, based on credible relaying
The QKD networks of device can be good at being compatible with various QKD technologies, either fiber optic quantum key distribution system or free space amount
Quantum key distribution system, phase code system or polarization encoder system can be integrated into easily, therefore be groups at this stage
The preferred option of establishing network.But shortcoming is the increase in the cost of safety management, because must assure that the safety of credible repeater.
At present, the flow of above-mentioned quantum key relaying is assumed quantum terminal A and is connect in the present example as shown in Fig. 1
Only it can pass through a credible repeater B when communicating between receipts quantum terminal C;Lead between quantum terminal A and credible repeater B
Crossing QKD processes and sharing has quantum key, and the quantum key shared is at quantum terminal A as transmission encryption key KAB,
As relaying decruption key K at credible repeater BBA;It is total between credible repeater B and reception quantum terminal C by QKD processes
Quantum key is enjoyed, the quantum key shared is at credible repeater B as relaying encryption key KBC, receiving quantum terminal
Receiving and deciphering key K is used as at CCB.The idiographic flow of key relaying is as follows:
Step 1, quantum terminal A will need the relaying key K sentRUse transmission encryption key KABIt is obtained after being encrypted
First relaying key KR⊕KAB, then by the first relaying key KR⊕KABIt is sent to credible repeater B;
Step 2, credible repeater B receive first relaying key KR⊕KABLater, first using relaying decruption key KBAIt carries out
Decryption(KR⊕KAB⊕KBA=KR)Relaying key K is obtained afterwardsR;
Step 3, credible repeater B reuse relaying encryption key KBCTo the relaying key K obtained in step 2RAfter being encrypted
Obtain the second relaying key KR⊕KBC, and relay key K by described secondR⊕KBCIt is sent to and receives quantum terminal C;
Step 4, reception quantum terminal C receive the second relaying key KR⊕KBCAfterwards, using receiving and deciphering key KCBIt is decrypted
(KR⊕KBC⊕KCB=KR), obtain relaying key KR。
Wherein, which can be equipped with cipher key cache module, can be stored in cipher key cache module multiple
Relay decruption key such as KBAWith multiple relaying encryption key such as KBC.Quantum terminal A can also be equipped with cipher key cache module,
Multiple transmission encryption key such as K can be stored in the cipher key cache moduleAB.Receiving quantum terminal C can also delay equipped with key
Storing module can be stored with multiple receiving and deciphering key such as K in the cipher key cache moduleCB。
Only there are one credible repeater on key repeated link in this example, those skilled in that art are appreciated that having
There is n(N is positive integer, n >=1)During a credible repeater, each credible repeater is required for performing above-mentioned similar flow, i.e., sharp
The encryption transfer to relaying key is realized with the quantum key shared between adjacent quantum terminal or adjacent credible repeater.
But there is following security flaws for the above method:
In step 2, credible repeater B receives the first relaying key KR⊕KABAfterwards, first using relaying decruption key KBADecryption
To obtain relaying key KR;And in step 3 to relaying key KRBefore carrying out secondary encryption, key K is relayedRIt is the shape with plaintext
Formula is saved, and credible repeater is resulted in there is leakage relaying key K in this wayRSecurity risk.
In addition, above-mentioned example only describes the key relay processes of key management layer, it can be understood as lateral key relaying
Process, and the key management at each node can be understood as longitudinal key relay processes.As shown in Fig. 2, it will can entirely measure
Sub- communication network is divided into key generation layer, key management layer, application layer.The QKD that key generation layer passes through deployment at each node
Equipment carries out quantum key distribution, and the quantum key of generation is sent to key management layer;Each node of key management layer
The quantum key that key generation layer is sent is received, the encryption transfer of relaying key is realized using quantum key, realizes relaying key
Application layer is sent in the shared of quantum terminal room, and by relaying key;It is whole that application apparatus in application layer receives corresponding quantum
The relaying key sent is held, high safety secret communication is carried out using relaying key.Wherein, relaying key can be quantum key,
It can also be generated by real random number generator.Due to the characteristic of quantum key distribution system, the quantum terminal in key management layer
With need to store a large amount of quantum key in credible repeater, this part of key how to ensure safety and relaying key deposits
Storage and the safety longitudinally transmitted all are major issues urgently to be resolved hurrily in the art.
Invention content
The present invention is for the underway peace existing when key forwarding of credible repeater in above-mentioned quantum communication network
Full property defect, proposes a kind of credible repeater, the key encryption method of quantum communication network, device, system, can eliminate can
Believe the safety defect of the relaying key plain landing at repeater.
In order to achieve the above-mentioned object of the invention, the present invention provides a kind of key encryption method of credible repeater, including:
After step 101, credible repeater receive the first relaying key of node transmission, decrypted by encrypted relaying
The first relaying key is decrypted to obtain encrypted relaying key described in key pair;Wherein described encrypted relaying decruption key
It is generated after relaying decruption key is encrypted using preset key-encrypting key, the first relaying key is described
A upper node utilizes what transmission encryption key corresponding with the relaying decruption key generated after relaying key is encrypted;
Step 102, credible repeater reuse encrypted relaying and add when sending the encrypted relaying key to next node
Encrypted relaying key described in close key pair is encrypted to obtain the second relaying key;Wherein, the encrypted relaying encryption
Key is generated after relaying encryption key is encrypted using the preset key-encrypting key, and the relaying encryption is close
Key is corresponding with the receiving and deciphering key at the next node.
Preferably, the transmission encryption key and the relaying decruption key are the shared quantum generated by QKD processes
Key, the two correspond;The relaying encryption key and the receiving and deciphering key are the shared amounts generated by QKD processes
Sub-key, the two correspond.
Preferably, the key-encrypting key be stored in advance in credible repeater for update, encrypt and decrypt operation
Hardware chip in, and the key-encrypting key in the chip cannot be exported.
Preferably, the key-encrypting key is regularly updated by quantum key.
Meanwhile the embodiment of the present invention also proposed a kind of cipher key encryption means of credible repeater, including:
Cipher key encryption block for storing preset key-encrypting key, and passes through preset key-encrypting key and relaying is solved
Key is encrypted to obtain encrypted relaying decruption key;It is additionally operable to through the preset key-encrypting key to relaying
Encryption key is encrypted to obtain encrypted relaying encryption key;
Key relay forwarding module after receiving the first relaying key from a upper node, is solved by the encrypted relaying
The first relaying key is decrypted to obtain encrypted relaying key described in close key pair;Wherein described first relaying key is institute
It states a node and utilizes what transmission encryption key corresponding with the relaying decruption key generated after relaying key is encrypted;
It is additionally operable to when sending the encrypted relaying key to next node, reuses the encrypted relaying encryption key to described
Encrypted relaying key is encrypted to obtain the second relaying key;At wherein described relaying encryption key and the next node
Receiving and deciphering key it is corresponding;
Cipher key cache module, for storing the encrypted relaying decruption key and encrypted relaying encryption key.
Preferably, the transmission encryption key and the relaying decruption key are the shared quantum generated by QKD processes
Key, the two correspond;The relaying encryption key and the receiving and deciphering key are the shared amounts generated by QKD processes
Sub-key, the two correspond.
Preferably, the cipher key encryption block is hardware chip, and the key-encrypting key in the chip cannot be led
Go out.
Preferably, the cipher key encryption block is additionally operable to receive quantum key, and pass through quantum key and add the key
Key is regularly updated.
Meanwhile the embodiment of the present invention also proposed a kind of key encryption method of quantum communication network, including:
Step 701, quantum terminal will need the relaying key that sends to obtain the after encryption key is encrypted using sending
Then first relaying key is sent to next node by one relaying key;Wherein described transmission encryption key and next section
Relaying decruption key at point is corresponding;
After step 702, credible repeater receive the first relaying key of node transmission, decrypted by encrypted relaying
The first relaying key is decrypted to obtain encrypted relaying key described in key pair;Wherein described encrypted relaying decruption key
It is generated after relaying decruption key is encrypted using preset key-encrypting key;
Step 703, credible repeater reuse encrypted relaying and add when sending the encrypted relaying key to next node
Encrypted relaying key described in close key pair is encrypted to obtain the second relaying key;Wherein described encrypted relaying encryption is close
Key is generated after relaying encryption key is encrypted using the preset key-encrypting key, the relaying encryption key
It is corresponding with the receiving and deciphering key at the next node;
It is close using the receiving and deciphering after step 704, reception quantum terminal receive the second relaying key of node transmission
Key is decrypted, and obtains the relaying key;
The relaying key for needing to send is sent to and receives quantum terminal by quantum terminal in wherein described quantum communication network
When can pass through one or more credible repeaters, when by multiple credible repeaters, each credible repeater is carried out step
702 and step 703.
Further, transmission key-encrypting key is preset in quantum terminal to add to sending encryption key
It is close, to generate encrypted transmission encryption key;Reception key-encrypting key is preset with to receiving and deciphering receiving quantum terminal
Key is encrypted, to generate encrypted receiving and deciphering key;
The method specifically includes:
Step 801, quantum terminal are close to sending encryption key and relaying respectively using preset transmission key-encrypting key
Key is encrypted, to generate encrypted transmission encryption key and encrypted relaying key respectively;
Step 802, quantum terminal encrypt the encrypted relaying key for needing to send using encrypted send
Key obtains the first relaying key after being encrypted, the first relaying key then is sent to next node;Wherein described transmission
Encryption key is corresponding with the relaying decruption key at the next node;
After step 803, credible repeater receive the first relaying key of node transmission, decrypted by encrypted relaying
The first relaying key is decrypted to obtain encrypted relaying key described in key pair;Wherein described encrypted relaying decruption key
It is generated after relaying decruption key is encrypted using preset key-encrypting key;
Step 804, credible repeater reuse encrypted relaying and add when sending the encrypted relaying key to next node
Encrypted relaying key described in close key pair is encrypted to obtain the second relaying key, is then sent to the second relaying key
Next node;Wherein described encrypted relaying encryption key is to relaying encryption key using the preset key-encrypting key
It is generated after being encrypted, the relaying encryption key is corresponding with the receiving and deciphering key at the next node;
Step 805 after receiving the second relaying key that quantum terminal receives node transmission, uses encrypted receiving and deciphering
Key is decrypted, and obtains encrypted relaying key;Wherein described encrypted receiving and deciphering key is to receive quantum terminal to utilize
It is preset to receive what is generated after the receiving and deciphering key is encrypted in key-encrypting key.
Preferably, the transmission encryption key and the relaying decruption key are the shared quantum generated by QKD processes
Key, the two correspond;The relaying encryption key and the receiving and deciphering key are the shared amounts generated by QKD processes
Sub-key, the two correspond.
Preferably, the key-encrypting key is stored in advance in for updating, in the hardware chip of encrypt and decrypt operation,
And the key-encrypting key in the chip cannot be exported.
Preferably, the key-encrypting key is regularly updated by quantum key.
Simultaneously the invention also provides a kind of safe Enhancement Method of quantum key management level, to realize key management layer without in plain text
The processing of key enhances the safety of entire key management system.Entire quantum communication network can be divided into key generation layer,
Key management layer, application layer.
The workflow of quantum terminal is as follows:
Step 1701, quantum terminal key generation device on preset for sending the transmission that is encrypted of encryption key
Key-encrypting key, then key generation device the application that the transmission key-encrypting key is synchronized to quantum terminal is set
It is standby;
The key generation device of step 1702, the key generation device of quantum terminal and next node carries out quantum key point
After the transmission encryption key that quantum terminal occurs into, encrypted hair is obtained after being encrypted using the transmission key-encrypting key
Send encryption key;By the encrypted key management apparatus preservation for sending encryption key and being transferred to quantum terminal, so that
Quantum terminal to next node equipment send it is encrypted relaying key when, with it is described it is encrypted transmission encryption key come
The encrypted relaying key is encrypted, to obtain the first relaying key;
Step 1703, quantum terminal key management apparatus by it is described it is encrypted relaying key be sent to quantum terminal
Application apparatus;The application apparatus of quantum terminal is before business cipher key is used, first with the transmission key-encrypting key solution
It is close to obtain relaying key, then the relaying key is used as business cipher key;
Wherein, quantum terminal carries out the synchronization and update for sending key-encrypting key by movable storage device.
The workflow for receiving quantum terminal is as follows:
Step 1801 receives the reception preset on the key generation device of quantum terminal for being encrypted to receiving decruption key
Key-encrypting key, then key generation device by the reception key-encrypting key be synchronized to receive quantum terminal application set
It is standby;
The key generation device of step 1802, the key generation device for receiving quantum terminal and a upper node carries out quantum key and divides
After the receiving and deciphering key for receiving quantum terminal occurs into, encrypted connect is obtained after being encrypted using the reception key-encrypting key
Receive decruption key;The encrypted receiving and deciphering cipher key delivery is preserved to the key management apparatus for receiving quantum terminal, so that
Quantum terminal is received in the second relaying key that a node device in reception is sent, it is close with the encrypted receiving and deciphering
Key is decrypted to relay key to described second, to obtain encrypted relaying key;
Step 1803, receive quantum terminal key management apparatus by it is described it is encrypted relaying key be sent to receive quantum terminal
Application apparatus;The application apparatus of quantum terminal is received before business cipher key is used, first with the reception key-encrypting key solution
It is close to obtain relaying key, then the relaying key is used as business cipher key;
Wherein, it receives quantum terminal and the synchronization and update for receiving key-encrypting key is carried out by movable storage device.
Meanwhile the embodiment of the present invention also proposed a kind of key cryptographic systems of quantum communication network, including at least one transmission
Quantum terminal, at least one reception quantum terminal, at least one credible repeater;
Quantum terminal, for the relaying sent key will to be needed to be obtained in first after being encrypted using transmission encryption key
After key, the first relaying key is then sent to next node;At wherein described transmission encryption key and the next node
Relaying decruption key it is corresponding;
Each credible repeater all includes:
Cipher key encryption block for storing preset key-encrypting key, and passes through preset key-encrypting key and relaying is solved
Key is encrypted to obtain encrypted relaying decruption key;It is additionally operable to through the preset key-encrypting key to relaying
Encryption key is encrypted to obtain encrypted relaying encryption key;
Key relay forwarding module after receiving the first relaying key from a upper node, is solved by the encrypted relaying
The first relaying key is decrypted to obtain encrypted relaying key described in close key pair;It is additionally operable to sending institute to next node
State it is encrypted relaying key when, reuse it is described it is encrypted relaying encryption key to it is described it is encrypted relaying key be encrypted with
Obtain the second relaying key;Wherein described relaying encryption key is corresponding with the receiving and deciphering key at the next node;
Cipher key cache module, for storing the encrypted relaying decruption key and encrypted relaying encryption key;
Quantum terminal is received, after receiving the second relaying key that a upper node is sent, uses the receiving and deciphering key
It is decrypted, obtains the relaying key.
Further, transmission key-encrypting key is preset in quantum terminal to add to sending encryption key
It is close, to generate encrypted transmission encryption key;Reception key-encrypting key is preset with to receiving and deciphering receiving quantum terminal
Key is encrypted, to generate encrypted receiving and deciphering key;The system specifically includes;
Quantum terminal, for using it is preset transmission key-encrypting key respectively to send encryption key and relaying key into
Row encryption, to generate encrypted transmission encryption key and encrypted relaying key respectively;Be additionally operable to will need send described in plus
Close relaying key obtains the first relaying key after being encrypted using the encrypted transmission encryption key, then will be in first
Next node is sent to after key;Wherein described transmission encryption key is opposite with the relaying decruption key at the next node
It should;
Wherein described each credible repeater all includes:
Cipher key encryption block for storing preset key-encrypting key, and passes through preset key-encrypting key and relaying is solved
Key is encrypted to obtain encrypted relaying decruption key;It is additionally operable to through the preset key-encrypting key to relaying
Encryption key is encrypted to obtain encrypted relaying encryption key;
Key relay forwarding module after receiving the first relaying key from a upper node, is solved by the encrypted relaying
The first relaying key is decrypted to obtain encrypted relaying key described in close key pair;It is additionally operable to sending institute to next node
State it is encrypted relaying key when, reuse it is described it is encrypted relaying encryption key to it is described it is encrypted relaying key be encrypted with
Obtain the second relaying key;Wherein described relaying encryption key is corresponding with the receiving and deciphering key at the next node;
Cipher key cache module, for storing the encrypted relaying decruption key and encrypted relaying encryption key;
Quantum terminal is received, for the receiving and deciphering key to be encrypted using preset reception key-encrypting key, with
Generate encrypted receiving and deciphering key;After being additionally operable to the second relaying key for receiving node transmission, the encryption is used
Receiving and deciphering key be decrypted, obtain encrypted relaying key.
Preferably, the transmission encryption key and the relaying decruption key are the shared quantum generated by QKD processes
Key, the two correspond;The relaying encryption key and the receiving and deciphering key are the shared amounts generated by QKD processes
Sub-key, the two correspond.
Preferably, the cipher key encryption block is hardware chip, and the key-encrypting key in the chip cannot be led
Go out.
Preferably, the cipher key encryption block is additionally operable to receive quantum key, and pass through quantum key and add the key
Key is regularly updated.
The advantageous effect that technical solution provided by the invention is brought is:
A, applied widely, implementation is smaller on the scope of application influence of credible repeater, in the expansion that ensure that legacy network
In the case of malleability, its safety is enhanced, is suitble to building for various junction networks;
B, the safety of enhancing relaying key in key relay processes, avoids the landing of relaying key plain, in reducing
After the danger of Key Exposure, the safety of key relay processes ensure that;
C, enhance the safety of quantum key, the cipher key cache mould quantum key in the block of key management layer is encrypted close using key
Key encryption storage, enhances the safety of quantum key;
D, flow is consistent, and it is convenient to realize, this scheme can be adapted for all nodes, and ensures that the flow of all nodes is consistent, real
It is now simple, it is easy to maintain.
Description of the drawings
Fig. 1 is that the key of the prior art relays flow diagram;
Fig. 2 is the structure diagram of the quantum communication network of the prior art;
Fig. 3 is workflow schematic diagram when a credible repeater is used in the embodiment of the present invention;
Fig. 4 is workflow schematic diagram when multiple credible repeaters are used in the embodiment of the present invention;
Fig. 5 is the structure diagram of the credible repeater of the embodiment of the present invention;
Fig. 6 is the workflow schematic diagram of full node security enhancing in the embodiment of the present invention;
Fig. 7 is in credible relay node and sending node in the embodiment of the present invention(Quantum terminal)The workflow enhanced safely
Journey schematic diagram;
Fig. 8 is in credible relay node and receiving node in the embodiment of the present invention(Receive quantum terminal)The workflow enhanced safely
Journey schematic diagram;
Fig. 9 is that the key for the Star Network that the credible repeater in the embodiment of the present invention enhances safely relays schematic diagram;
Figure 10 is that the key of the Star Network of the full node security enhancing in the embodiment of the present invention relays schematic diagram;
Figure 11 is that the key of the center distribution in the embodiment of the present invention relays schematic diagram;
Figure 12 is that the key of the multinode shared key in the embodiment of the present invention relays schematic diagram;
Figure 13 is the key management layer safety enhancing system schematic diagram in the embodiment of the present invention;
Full text related symbol explanation:
KR:Relay key;
KAB:Send encryption key;
KR⊕KAB:First relaying key;
KBA:Relay decruption key;
KBC:Relay encryption key;
KR⊕KBC:Second relaying key;
KCB:Receiving and deciphering key;
KB:Preset key-encrypting key;
KR⊕KA:Encrypted relaying key;
KR⊕KB:Encrypted relaying key;
KR⊕KC:Encrypted relaying key;
KBA⊕KB:Encrypted relaying decruption key;
KBC⊕KB:Encrypted relaying encryption key;
KA:Preset transmission key-encrypting key;
KAB⊕KA:Encrypted transmission encryption key;
KC:Preset reception key-encrypting key;
KCB⊕KC:Encrypted receiving and deciphering key.
Specific embodiment
The emphasis of technical solution of the present invention is a preset key-encrypting key, for key at credible repeater
The encryption of key is stored in cache module so that is stored in cipher key cache module is all encrypted key.In this way can
After letter repeater receives encrypted relaying key, it is decrypted and carries out between re-encrypted two flows, relay key
It would not be stored in the form of plaintext, improve the safety of quantum communication network.One in the embodiment of the present invention is excellent
It selects in scheme, for that can be input to by preset method to the key-encrypting key that is encrypted of relaying key for updating,
In the hardware chip of encrypt and decrypt operation, to ensure the safety of key-encrypting key.Meanwhile key-encrypting key can also root
According to being regularly updated, freshness and the safety of key are further enhanced.It preferably, can be by quantum key to key
Encryption key is regularly updated.
The safe Enhancement Method of the present invention can be additionally used in relaying flow(Or repeated link)On all nodes carry out
Safety enhancing, is not limited only to credible repeater, applies also for relaying and initiates node and relaying destination node.The safety of the present invention increases
Strong method is used not only for the key relaying of Linear Network structure, additionally it is possible to and the key applied to Star Network structure relays,
And using after this safe enhanced scheme, key relaying flow and original flow are basically identical, will not be close to Star Network
The realization of key relaying flow impacts, as quantum terminal A to reception quantum terminal C and receives quantum terminal D point respectively
Key is sent out, relaying flow is consistent, flow will not be caused to have any different because credible repeater connects multiple quantum terminals, increased
Realize difficulty.
The safe Enhancement Method of the present invention can also be used to distribute relaying key to both ends quantum terminal from credible relay node
The key relaying flow of node, can be suitble to full node security enhancing network, be equally applicable to only credible repeater and increase safely
Strong network.Equally, it is also applied for the key distribution of multinode shared key.
The safe Enhancement Method of the present invention applies also for carrying out safe enhancing to key management layer, realizes key management layer nothing
The processing of clear text key enhances the safety of entire key management system.
As illustrative, using exclusive or algorithm as enciphering and deciphering algorithm in the embodiment of the present invention, specially:0⊕0=
0,1 ⊕, 0=1,0 ⊕, 1=1,1 ⊕ 1=0.
Carry out the embodiment that the present invention will be described in detail below in conjunction with attached drawing, how applied technology method is come to the present invention whereby
Technical problem is solved, and the realization process for reaching technique effect can fully understand and implement according to this.
Embodiment 1
The embodiment of the present invention proposes a kind of key encryption method of credible repeater.In order to enable whole flow process is more clear,
As shown in Figure 3, Figure 4 be the schematic diagram of the credible repeater applications in quantum communication network.Fig. 3, shown in Fig. 4 it is respectively
Using said program and in multiple credible repeaters on a credible repeater(In Fig. 4 n be positive integer, n >=2)In upper application
State scheme.It can be seen from Fig. 3, Fig. 4 compared with prior art, both increased on each credible repeater one it is preset
Key-encrypting key, for being encrypted to the key stored in cipher key cache module.Due to the workflow of each credible repeater
All it is identical, therefore is specially with as shown in Figure 3:
Step 101, credible repeater B receive the first relaying key K of node transmissionR⊕KABLater, by encrypted
Relay decruption key KBA⊕KBTo the described first relaying key KR⊕KABIt is decrypted to obtain encrypted relaying key KR⊕KB;
Wherein described encrypted relaying decruption key KBA⊕KBIt is to utilize preset key-encrypting key KBTo relaying decruption key KBAInto
It is generated after row encryption, the first relaying key KR⊕KABIt is that a upper node utilizes and the relaying decruption key KBAIt is right
The transmission encryption key K answeredABTo relaying key KRIt is generated after being encrypted, the encrypted relaying key KR⊕KBBy with
Lower formula obtains:KR⊕KAB⊕KBA⊕KB=KR⊕KB;
Step 102, credible repeater B are sending the encrypted relaying key K to next nodeR⊕KBWhen, reuse encryption
Relaying encryption key KBC⊕KBTo the encrypted relaying key KR⊕KBIt is encrypted to obtain the second relaying key KR⊕
KBC;Wherein described encrypted relaying encryption key KBC⊕KBIt is to utilize the preset key-encrypting key KBIt is close to relaying encryption
Key KBCIt is generated after being encrypted, the relaying encryption key KBCWith the receiving and deciphering key K at the next nodeCBRelatively
Should, the second relaying key KR⊕KBCIt is obtained by the following formula:KR⊕KB⊕KBC⊕KB=KR⊕KBC。
Specifically, in step 101 and step 102, it can be first with preset key-encrypting key KBTo credible relaying
The cipher key cache mould relaying decruption key K in the block of device BBAWith relaying encryption key KBCIt is encrypted, is obtained above-mentioned in advance respectively
Encrypted relaying decruption key K in exampleBA⊕KBWith encrypted relaying encryption key KBC⊕KB.Preferably, described send adds
Key KABWith the relaying decruption key KBAIt is the shared quantum key generated by QKD processes, the two corresponds;Institute
State relaying encryption key KBCWith the receiving and deciphering key KCBIt is the shared quantum key generated by QKD processes, the two is one by one
It is corresponding.Certainly, those skilled in that art are appreciated that, the transmission encryption key K in the embodiment of the present inventionABIt is decrypted with relaying
Key KBA, relaying encryption key KBCWith receiving and deciphering key KCBIt can be obtained by any mode, the embodiment of the present invention is not right
This is defined.
Preferably, the key-encrypting key KBBe stored in advance in credible repeater B for updating, encrypt and decrypt behaviour
In the hardware chip of work, and the key-encrypting key K in the chipBIt cannot be exported, to ensure the key-encrypting key KB
Safety.Meanwhile the key-encrypting key KBIt can also be regularly updated as needed, further enhance the fresh of key
Degree and safety.It preferably, can be by quantum key to the key-encrypting key KBIt is regularly updated.It is and multiple for having
The quantum communication network of credible repeater can be that each credible repeater sets different key-encrypting keys.
Specifically, it is only there are one credible repeater as shown in Figure 3, therefore the upper node in preceding method is necessarily sent out
Send relaying key KRQuantum terminal A, and next node necessarily receives relaying key KRReception quantum terminal C.It is and right
There are multiple credible repeaters in as shown in Figure 4, then the upper node in preceding method may be to send relaying key KRHair
Send quantum terminal A, it is also possible to another is credible repeater;And next node may be to receive relaying key KRReception quantum
Terminal C, it is also possible to another credible repeater.
It should be noted that those skilled in that art are appreciated that, the transmission encryption key in the embodiment of the present invention
All it is opposite concept with relaying encryption key, relaying decruption key and receiving and deciphering key, is all to participate in relaying key encryption
The encryption key and decruption key of transfer, no substantive difference.When a upper node for this credible repeater is quantum terminal,
Transmission encryption key at a upper node is corresponding with the relaying decruption key at this credible repeater;When this credible repeater
When a upper node is another credible repeater, the relaying encryption key at a upper node and the relaying solution at this credible repeater
Key is corresponding.Similarly, when the next node of this credible repeater is receives quantum terminal, at this is credible repeater in
It is corresponding with the receiving and deciphering key at next node after encryption key;When the next node of this credible repeater is another credible
During repeater, the relaying encryption key originally at credible repeater is corresponding with the relaying decruption key at next node.Certainly, originally
Technical staff is also appreciated that in field, and the first relaying key in the embodiment of the present invention is also opposite with the second relaying key
Concept, be all according to the encrypted relaying key that is generated of encryption key for participating in relaying key encryption transfer, also without essence
Difference.
In this way the first relaying key K is received in credible repeater BR⊕KABAfterwards, encrypted relaying decruption key K is utilizedBA
⊕KBWhen being decrypted, it is directly obtained with encrypted relaying key KR⊕KBRather than the relaying key K of plaintextR.Exist in this way
Before subsequently encrypt, credible repeater B would not store the relaying key K of plaintextR, improve the safety of whole system
Property.The change simultaneously is all transparent for other all nodes, and there is no need to existing system topology is carried out more
Change.
In the above-described embodiment, a credible repeater is as shown in Fig. 3 only passed through in entire transfer process(In i.e. credible
After device B)Flow.As shown in Fig. 4 pass through multiple credible repeaters in entire transfer process(In as shown in Figure 4 credible
After device B1……Credible repeater Bn)Flow, therefore in method as shown in Figure 4, each credible repeater B is required for performing
The method similar with step 101 and step 102.
Embodiment 2
Meanwhile the embodiment of the present invention also proposed a kind of key with the aforementioned corresponding credible repeater of embodiment 1 and encrypt
Device, structure are as shown in Figure 5, including cipher key encryption block, key relay forwarding module, cipher key cache module;
Cipher key encryption block, for storing preset key-encrypting key KB, and pass through preset key-encrypting key KBCentering
After decruption key KBAIt is encrypted to obtain encrypted relaying decruption key KBA⊕KB;It is additionally operable to add by the preset key
Key KBTo relaying encryption key KBCIt is encrypted to obtain encrypted relaying encryption key KBC⊕KB;
Key relay forwarding module, for receiving the first relaying key K from a upper nodeR⊕KABLater, by described encrypted
Relay decruption key KBA⊕KBTo the described first relaying key KR⊕KABIt is decrypted to obtain encrypted relaying key KR⊕KB;
Wherein described first relaying key KR⊕KABIt is that a upper node utilizes and the relaying decruption key KBACorresponding send adds
Key KABTo relaying key KRIt is generated after being encrypted, the encrypted relaying key KR⊕KBIt is obtained by the following formula:
KR⊕KAB⊕KBA⊕KB=KR⊕KB;It is additionally operable to sending the encrypted relaying key K to next nodeR⊕KBWhen, it reuses
The encrypted relaying encryption key KBC⊕KBTo the encrypted relaying key KR⊕KBIt is encrypted close to obtain the second relaying
Key KR⊕KBC;Wherein described relaying encryption key KBCWith the receiving and deciphering key K at the next nodeCBIt is corresponding, described
Two relaying key KR⊕KBCIt is obtained by the following formula:KR⊕KB⊕KBC⊕KB=KR⊕KBC;
Cipher key cache module, for storing the encrypted relaying decruption key KBA⊕KBWith encrypted relaying encryption key KBC
⊕KB。
Preferably, the transmission encryption key KABWith the relaying decruption key KBAIt is the shared quantum generated by QKD processes
Key, the two correspond;The relaying encryption key KBCWith the receiving and deciphering key KCBIt is generated by QKD processes
Shared quantum key, the two correspond.
Preferably, the cipher key encryption block is hardware chip, and the key-encrypting key K in the chipBIt cannot be by
Export, to ensure the key-encrypting key KBSafety.Meanwhile the key-encrypting key KBIt can also carry out as needed
It regularly updates, further enhances freshness and the safety of key.Preferably, the cipher key encryption block is additionally operable to receive quantum
Key, and pass through quantum key to the key-encrypting key KBIt is regularly updated.
Embodiment 3
Meanwhile the embodiment of the present invention also proposed a kind of key encryption method of quantum communication network, as shown in Figure 3 and Figure 4
Including one or more credible repeaters.Compared with prior art, both increased on each credible repeater one it is preset
Key-encrypting key, for relaying encryption key and relaying decruption key to be encrypted.Due to the work of each credible repeater
It is all identical to make flow, therefore is specially with the method as shown in Figure 3:
Step 701, quantum terminal A will need the relaying key K sentRUse transmission encryption key KABIt is obtained after being encrypted
Obtain the first relaying key KR⊕KAB, then by the first relaying key KR⊕KABIt is sent to next node;It is wherein described to send encryption
Key KABWith the relaying decruption key K at the next nodeBAIt is corresponding;
Step 702, credible repeater B receive the first relaying key K of node transmissionR⊕KABLater, by encrypted
Relay decruption key KBA⊕KBTo the described first relaying key KR⊕KABIt is decrypted to obtain encrypted relaying key KR⊕KB;
Wherein described encrypted relaying decruption key KBA⊕KBIt is to utilize preset key-encrypting key KBTo relaying decruption key KBAInto
It is generated after row encryption, the encrypted relaying key KR⊕KBIt is obtained by the following formula:KR⊕KAB⊕KBA⊕KB=KR⊕KB;
Step 703, credible repeater B are sending the encrypted relaying key K to next nodeR⊕KBWhen, reuse encryption
Relaying encryption key KBC⊕KBTo the encrypted relaying key KR⊕KBIt is encrypted to obtain the second relaying key KR⊕
KBC, then by the second relaying key KR⊕KBCIt is sent to next node;Wherein described encrypted relaying encryption key KBC⊕KBIt is
Utilize the preset key-encrypting key KBTo relaying encryption key KBCIt is generated after being encrypted, the relaying encryption key
KBCWith the receiving and deciphering key K at the next nodeCBIt is corresponding, the second relaying key KR⊕KBCPass through the following formula
It obtains:KR⊕KB⊕KBC⊕KB=KR⊕KBC;
Step 704 receives the second relaying key K that quantum terminal C receives node transmissionR⊕KBCAfterwards, it is connect using described
Receive decruption key KCBIt is decrypted(KR⊕KBC⊕KCB=KR), obtain the relaying key KR。
In the above-mentioned methods, if any multiple credible repeaters, then each credible repeater be required for performing with step 702 and
The similar method of step 703.Specifically, it is the upper section only there are one credible repeater, therefore in preceding method as shown in Figure 3
Point necessarily sends relaying key KRQuantum terminal A, and next node necessarily receives relaying key KRQuantum terminal
C.And for multiple credible repeaters that have as shown in Figure 4, then the upper node in preceding method may be to send relaying key
KRQuantum terminal A, it is also possible to another is credible repeater.And next node may be to receive relaying key KRAmount
Sub- terminal C, it is also possible to another credible repeater.
Embodiment 4
On the basis of embodiment 3, embodiment 4 that the embodiment of the present invention proposes is as shown in Figure 6, can in quantum terminal A
To increase preset transmission key-encrypting key KAWith to sending encryption key KABIt is encrypted, is encrypted with generating encrypted send
Key KAB⊕KA.It can also increase preset reception key-encrypting key K receiving quantum terminal CCWith to receiving decruption key
KCBIt is encrypted, to generate encrypted receiving and deciphering key KCB⊕KC。
Then idiographic flow is as shown in Figure 8, including:
Step 801, quantum terminal A utilize preset transmission key-encrypting key KARespectively to sending encryption key KABWith in
After key KRIt is encrypted, to generate encrypted transmission encryption key K respectivelyAB⊕KAWith encrypted relaying key KR⊕KA;
Step 802, quantum terminal A will need the encrypted relaying key K sentR⊕KAUse the encrypted hair
Send encryption key KAB⊕KAThe first relaying key K is obtained after being encryptedR⊕KAB, then by the first relaying key KR⊕KABIt sends
To next node;Wherein described transmission encryption key KABWith the relaying decruption key K at the next nodeBAIt is corresponding;
Step 803, credible repeater B receive the first relaying key K of node transmissionR⊕KABLater, by encrypted
Relay decruption key KBA⊕KBTo the described first relaying key KR⊕KABIt is decrypted to obtain encrypted relaying key KR⊕KB;
Wherein described encrypted relaying decruption key KBA⊕KBIt is to utilize preset key-encrypting key KBTo relaying decruption key KBAInto
It is generated after row encryption, the encrypted relaying key KR⊕KBIt is obtained by the following formula:KR⊕KAB⊕KBA⊕KB=KR⊕KB;
Step 804, credible repeater B are sending the encrypted relaying key K to next nodeR⊕KBWhen, reuse encryption
Relaying encryption key KBC⊕KBTo the encrypted relaying key KR⊕KBIt is encrypted to obtain the second relaying key KR⊕
KBC, then by the second relaying key KR⊕KBCIt is sent to next node;Wherein described encrypted relaying encryption key KBC⊕KBIt is
Utilize the preset key-encrypting key KBTo relaying encryption key KBCIt is generated after being encrypted, the relaying encryption key
KBCWith the receiving and deciphering key K at the next nodeCBIt is corresponding, the second relaying key KR⊕KBCPass through the following formula
It obtains:KR⊕KB⊕KBC⊕KB=KR⊕KBC;
Step 805 receives the second relaying key K that quantum terminal C receives node transmissionR⊕KBCAfterwards, use is encrypted
Receiving and deciphering key KCB⊕KCIt is decrypted(KR⊕KBC⊕KCB⊕KC=KR⊕KC), obtain encrypted relaying key KR⊕KC;Its
Described in encrypted receiving and deciphering key KCB⊕KCIt is to receive quantum terminal C using preset reception key-encrypting key KCTo institute
State receiving and deciphering key KCBIt is generated after being encrypted.
Embodiment 5
Further, on the basis of credible relay node increases key-encrypting key, can also only increase in quantum terminal A
Add preset transmission key-encrypting key KAWith to sending encryption key KABIt is encrypted, idiographic flow is as shown in Figure 7;This
Outside, on the basis of credible relay node increases key-encrypting key, can also only preset connect be increased in reception quantum terminal C
Receive key-encrypting key KCWith to receiving decruption key KCBIt is encrypted, idiographic flow is as shown in Figure 8.
Embodiment 6
Preferably, in embodiment 3-5, the transmission encryption key KABWith the relaying decruption key KBAIt is by QKD processes
The shared quantum key generated, the two correspond;The relaying encryption key KBCWith the receiving and deciphering key KCBIt is to pass through
The shared quantum key that QKD processes generate, the two correspond.
As being further improved to aforementioned embodiment, the key-encrypting key can be stored in advance in for more
Newly, in the hardware chip of encrypt and decrypt operation, and ensure that the key-encrypting key in the chip cannot be exported, to ensure
The safety of key-encrypting key.And for quantum communication network, can be that each node sets different key-encrypting keys.Together
When each node key-encrypting key can also be regularly updated as needed, further enhance the freshness and safety of key
Property.Preferably, the key-encrypting key can be regularly updated by quantum key.
Embodiment 7
Meanwhile the embodiment of the present invention also proposed a kind of key with the aforementioned corresponding quantum communication networks of embodiment 3-6
Encryption system, including at least one quantum terminal A, at least one reception quantum terminal C, at least one credible repeater B;
Quantum terminal A, for the relaying key K sent will to be neededRUse transmission encryption key KABIt is obtained after being encrypted
First relaying key KR⊕KAB, then by the first relaying key KR⊕KABIt is sent to next node;Wherein described transmission encryption is close
Key KABWith the relaying decruption key K at the next nodeBAIt is corresponding;
Each credible repeater B includes:
Cipher key encryption block, for storing preset key-encrypting key KB, and pass through preset key-encrypting key KBCentering
After decruption key KBAIt is encrypted to obtain encrypted relaying decruption key KBA⊕KB;It is additionally operable to add by the preset key
Key KBTo relaying encryption key KBCIt is encrypted to obtain encrypted relaying encryption key KBC⊕KB;
Key relay forwarding module, for receiving the first relaying key K from a upper nodeR⊕KABLater, by described encrypted
Relay decruption key KBA⊕KBTo the described first relaying key KR⊕KABIt is decrypted to obtain encrypted relaying key KR⊕KB;
The encrypted relaying key KR⊕KBIt is obtained by the following formula:KR⊕KAB⊕KBA⊕KB=KR⊕KB;It is additionally operable to next
Node sends the encrypted relaying key KR⊕KBWhen, reuse the encrypted relaying encryption key KBC⊕KBAdd to described
Close relaying key KR⊕KBIt is encrypted to obtain the second relaying key KR⊕KBC;Wherein described relaying encryption key KBCWith institute
State the receiving and deciphering key K at next nodeCBIt is corresponding, the second relaying key KR⊕KBCIt is obtained by the following formula:KR
⊕KB⊕KBC⊕KB=KR⊕KBC;
Cipher key cache module, for storing the encrypted relaying decruption key KBA⊕KBWith encrypted relaying encryption key KBC
⊕KB。
Quantum terminal C is received, for receiving the second relaying key K that a upper node is sentR⊕KBCAfterwards, it is connect using described
Receive decruption key KCBIt is decrypted(KR⊕KBC⊕KCB=KR), obtain the relaying key KR。
Embodiment 8
On the basis of embodiment 7, preset transmission key-encrypting key K can be increased in quantum terminal AAFor to hair
Send encryption key KABIt is encrypted, to generate encrypted transmission encryption key KAB⊕KA;It can also increase receiving quantum terminal C
Preset reception key-encrypting key KCFor to receiving decruption key KCBIt is encrypted, to generate encrypted receiving and deciphering key
KCB⊕KC.I.e. described system specifically includes:
Quantum terminal A, for utilizing preset transmission key-encrypting key KARespectively to sending encryption key KABAnd relaying
Key KRIt is encrypted, to generate encrypted transmission encryption key K respectivelyAB⊕KAWith encrypted relaying key KR⊕KA;It is additionally operable to
It will need the encrypted relaying key K sentR⊕KAUse the encrypted transmission encryption key KAB⊕KAAfter being encrypted
Obtain the first relaying key KR⊕KAB, then by the first relaying key KR⊕KABIt is sent to next node;Wherein described send adds
Key KABWith the relaying decruption key K at the next nodeBAIt is corresponding;
Wherein described each credible repeater B includes:
Cipher key encryption block, for storing preset key-encrypting key KB, and pass through preset key-encrypting key KBCentering
After decruption key KBAIt is encrypted to obtain encrypted relaying decruption key KBA⊕KB;It is additionally operable to add by the preset key
Key KBTo relaying encryption key KBCIt is encrypted to obtain encrypted relaying encryption key KBC⊕KB;
Key relay forwarding module, for receiving the first relaying key K from a upper nodeR⊕KABLater, by described encrypted
Relay decruption key KBA⊕KBTo the described first relaying key KR⊕KABIt is decrypted to obtain encrypted relaying key KR⊕KB;
The encrypted relaying key KR⊕KBIt is obtained by the following formula:KR⊕KAB⊕KBA⊕KB=KR⊕KB;It is additionally operable to next
Node sends the encrypted relaying key KR⊕KBWhen, reuse the encrypted relaying encryption key KBC⊕KBAdd to described
Close relaying key KR⊕KBIt is encrypted to obtain the second relaying key KR⊕KBC;Wherein described relaying encryption key KBCWith institute
State the receiving and deciphering key K at next nodeCBIt is corresponding, the second relaying key KR⊕KBCIt is obtained by the following formula:KR
⊕KB⊕KBC⊕KB=KR⊕KBC;
Cipher key cache module, for storing the encrypted relaying decruption key KBA⊕KBWith encrypted relaying encryption key KBC
⊕KB;
Quantum terminal C is received, for utilizing preset reception key-encrypting key KCTo the receiving and deciphering key KCBAdded
It is close, to generate encrypted receiving and deciphering key KCB⊕KC;It is additionally operable to receive the second relaying key K of node transmissionR⊕
KBCAfterwards, using the encrypted receiving and deciphering key KCB⊕KCIt is decrypted(KR⊕KBC⊕KCB⊕KC=KR⊕KC), encrypted
Relaying key KR⊕KC。
Embodiment 9
On the basis of embodiment 7, embodiment 9 that the embodiment of the present invention proposes is as shown in Figure 7, increases in credible relay node
On the basis of key-encrypting key, only it can also increase preset transmission key-encrypting key K in quantum terminal AAFor
To sending encryption key KABIt is encrypted, to generate encrypted transmission encryption key KAB⊕KA.As shown in Figure 8, in credible
On the basis of node increases key-encrypting key, only the preset reception key encryption of quantum terminal C increases can also be being received
Key KCFor to receiving decruption key KCBIt is encrypted, to generate encrypted receiving and deciphering key KCB⊕KC。
Preferably, in embodiment 7-9, the transmission encryption key KABWith the relaying decruption key KBAIt is by QKD processes
The shared quantum key generated, the two correspond;The relaying encryption key KBCWith the receiving and deciphering key KCBIt is to pass through
The shared quantum key that QKD processes generate, the two correspond.
As being further improved to aforementioned embodiment, the cipher key encryption block is hardware chip, and the chip
In key-encrypting key KBIt cannot be exported, to ensure the key-encrypting key KBSafety.Meanwhile the key adds
Key KBIt can also be regularly updated as needed, further enhance freshness and the safety of key.Preferably, it is described close
Key encrypting module is additionally operable to receive quantum key, and pass through quantum key to the key-encrypting key KBIt is regularly updated.
Embodiment 10
Previous embodiment is all the explanation carried out by taking one-to-one line style network topology structure as an example.The embodiment of the present invention can be with
It applies in the quantum communication network of star network topology.It is the centre of 4 star-like meshed network structures as shown in Figure 9
Point safety enhancing, after this safe enhanced scheme, key relaying flow and original flow are basically identical, not to star-like
The realization of netkey relaying flow impacts.As quantum terminal A to reception quantum terminal C and receives quantum end respectively
D distribution keys are held, relaying flow is consistent, flow will not be caused to have area because credible repeater connects multiple quantum terminals
Not, increase and realize difficulty.The key encryption method of credible repeater B is corresponded with embodiment 1, is only needed to each reception
The encrypted relaying key K arrivedR1⊕KABOr KR2⊕KABEncrypted relaying decruption key K is all respectively adoptedBA⊕KBIt is decrypted;
Also encrypted relaying encryption key K each encrypted relaying key sent is respectively adoptedBC⊕KBAnd KBD⊕KBIt carries out
Encryption.
Embodiment 11
In the quantum communication network of star network topology in previous embodiment 10, it can also utilize as in embodiment 4
Method in quantum terminal A to increasing preset transmission key-encrypting key KAFor to sending encryption key KABAdded
It is close, to generate encrypted transmission encryption key KAB⊕KA.It is receiving quantum terminal C and is receiving quantum terminal D and can also increase respectively
Add preset reception key-encrypting key KCAnd KDFor respectively to receiving decruption key KCBAnd KDBIt is encrypted, to generate respectively
Encrypted receiving and deciphering key KCB⊕KCAnd KDB⊕KD.Specific flow is as shown in Figure 10, and details are not described herein.
Embodiment 12
In the system as shown in Figure 11, Figure 12, relaying key K can be shared by multiple quantum terminalsR.As shown in figure 12,
Credible repeater B connects quantum terminal A, quantum terminal C and quantum terminal D simultaneously, and will relaying key KRIt is distributed to these three
Quantum terminal.It is as follows:
Step 1601, on quantum terminal A, first using key-encrypting key KATo receiving decruption key KABIt is encrypted and deposits
Storage;On credible repeater B, first using preset key-encrypting key KBTo sending encryption key KBA、KBC、KBDAfter encryption simultaneously
Storage;On quantum terminal C, first using key-encrypting key KCTo receiving decruption key KCBIt is encrypted and stores;In quantum
In terminal D, first using key-encrypting key KDTo receiving decruption key KDBIt is encrypted and stores;
Step 1602 sends relaying key K to quantum terminal A, quantum terminal C and quantum terminal D respectively in credible repeater BR
When, credible repeater B is to encrypted relaying key KR⊕KB, respectively using encrypted transmission encryption key KBA⊕KB、KBC⊕KBWith
KBD⊕KBQuantum terminal A, quantum terminal C and quantum terminal D are separately sent to after encryption;Specific flow with it is right in aforementioned implementation
Flow when single quantum terminal is sent is identical, only repeats to do 3 times, details are not described herein;
Step 1603, quantum terminal A receive encrypted relaying key KR⊕KBA, use encrypted receiving and deciphering key KAB⊕KA
After decryption, encrypted relaying key K is obtainedR⊕KA;Quantum terminal C receives encrypted relaying key KR⊕KBC, use is encrypted
Receiving and deciphering key KCB⊕KCAfter decryption, encrypted relaying key K is obtainedR⊕KC;It is close that quantum terminal D receives encrypted relaying
Key KR⊕KBD, use encrypted receiving and deciphering key KDB⊕KDAfter decryption, encrypted relaying key K is obtainedR⊕KD。
Embodiment 13
The embodiment of the present invention also proposed a kind of safe Enhancement Method of quantum key management level, to realize key management layer without bright
The processing of literary key enhances the safety of entire key management system.It is specific as shown in figure 13, it can be by entire quantum communications net
Network is divided into key generation layer, key management layer, application layer.Wherein application layer can include application apparatus A and application apparatus C, close
Key management level include key management apparatus A, at least one key management apparatus Bn(N is positive integer, n >=1), key management apparatus
C.Wherein, if for as shown in Figure 3, key management apparatus A, key management apparatus C are respectively used to management traffic volume
Sub- terminal A and the key for receiving quantum terminal C, and key management apparatus B1It can be used for managing the relaying solution of credible repeater B
Key and relaying encryption key.
Its workflow is as follows:
It is preset in step 1701, key generation device A1 for sending encryption key KABThe transmission key encryption being encrypted
Key KA, then key generation device A1 is by transmission key-encrypting key KAIt is synchronized to application apparatus A;Such as movement can be passed through
Memory realizes KASynchronization and update;
Step 1702, key generation device A1 and key generation device B1 carry out quantum key distribution(QKD)Generation sends encryption
Key KABAfterwards, using transmission key-encrypting key KAEncrypted transmission encryption key K is obtained after encryptionAB⊕KA;By encrypted hair
Send encryption key KAB⊕KAKey management apparatus A preservations are transferred to, using as in the transmission of the equipment of next node is encrypted
After key KR⊕KAWhen, with encrypted transmission encryption key KAB⊕KACome to encrypted relaying key KR⊕KAIt is encrypted, with
To encrypted relaying key KR⊕KAB。
The key that step 1703, key management apparatus A are sent to application apparatus A is encrypted relaying key KR⊕KA;Using
Device A is before business cipher key is used, first with transmission key-encrypting key KADecryption obtains relaying key KR, then relaying key
KRIt is used as business cipher key.
The workflow of C nodes is consistent with above-mentioned A nodes, can refer to step 1701-1703.
In the above manner to the transformation of key storage and key relay processes, the system of key management layer can protect
Card:
A, the key stored on key management apparatus is all encrypted key, the key whether generated or relaying it is close
Key is not the key of plaintext;
B, it does not need to preserve key-encrypting key in key management apparatus, it is close in plain text not need to encrypted key recovery
Key enhances key safety;
C, in key relay processes, the key relayed does not need to clear text key from starting to terminating all in encrypted state
Relay processes are participated in, detailed process is shown in Fig. 6.The key completed is relayed, is all existed in an encrypted form, such as:Key management is set
Standby A and B1On obtained last relaying key be respectively KR⊕KA、KR⊕KB1;
D, when key management layer and the equipment room of key generation layer, application layer carry out cipher key delivery, key is all already encrypted, is protected
The safe transmission of key is demonstrate,proved.
The foregoing is merely presently preferred embodiments of the present invention, is not intended to limit the invention, all in the spirit and principles in the present invention
Within, any modification, equivalent replacement, improvement and so on should all be included in the protection scope of the present invention.
Claims (20)
1. a kind of key encryption method of credible repeater, which is characterized in that including:
After step 101, credible repeater receive the first relaying key of node transmission, decrypted by encrypted relaying
The first relaying key is decrypted to obtain encrypted relaying key described in key pair;Wherein described encrypted relaying decruption key
It is generated after relaying decruption key is encrypted using preset key-encrypting key, the first relaying key is described
A upper node utilizes what transmission encryption key corresponding with the relaying decruption key generated after relaying key is encrypted;
Step 102, credible repeater reuse encrypted relaying and add when sending the encrypted relaying key to next node
Encrypted relaying key described in close key pair is encrypted to obtain the second relaying key;Wherein described encrypted relaying encryption is close
Key is generated after relaying encryption key is encrypted using the preset key-encrypting key, the relaying encryption key
It is corresponding with the receiving and deciphering key at the next node.
2. the key encryption method of credible repeater according to claim 1, which is characterized in that the transmission encryption key
It is the shared quantum key that is generated by QKD processes with the relaying decruption key, the two corresponds;The relaying encryption is close
Key is the shared quantum key generated by QKD processes with the receiving and deciphering key, and the two corresponds.
3. the key encryption method of credible repeater according to claim 1, which is characterized in that the key-encrypting key
Be stored in advance in credible repeater for updating, in the hardware chip of encrypt and decrypt operation, and the key in the chip
Encryption key cannot be exported.
4. the key encryption method of credible repeater according to any one of claim 1 to 3, which is characterized in that pass through
Quantum key regularly updates the key-encrypting key.
5. a kind of cipher key encryption means of credible repeater, which is characterized in that including:
Cipher key encryption block for storing preset key-encrypting key, and passes through preset key-encrypting key and relaying is solved
Key is encrypted to obtain encrypted relaying decruption key;It is additionally operable to through the preset key-encrypting key to relaying
Encryption key is encrypted to obtain encrypted relaying encryption key;
Key relay forwarding module after receiving the first relaying key from a upper node, is solved by the encrypted relaying
The first relaying key is decrypted to obtain encrypted relaying key described in close key pair;Wherein described first relaying key is institute
It states a node and utilizes what transmission encryption key corresponding with the relaying decruption key generated after relaying key is encrypted;
It is additionally operable to when sending the encrypted relaying key to next node, reuses the encrypted relaying encryption key to described
Encrypted relaying key is encrypted to obtain the second relaying key;At wherein described relaying encryption key and the next node
Receiving and deciphering key it is corresponding;
Cipher key cache module, for storing the encrypted relaying decruption key and encrypted relaying encryption key.
6. the cipher key encryption means of credible repeater according to claim 5, which is characterized in that the transmission encryption key
It is the shared quantum key that is generated by QKD processes with the relaying decruption key, the two corresponds;The relaying encryption is close
Key is the shared quantum key generated by QKD processes with the receiving and deciphering key, and the two corresponds.
7. the cipher key encryption means of credible repeater according to claim 5, which is characterized in that the cipher key encryption block
For hardware chip, and the key-encrypting key in the chip cannot be exported.
8. the cipher key encryption means of credible repeater according to any one of claims 5 to 7, which is characterized in that described
Cipher key encryption block is additionally operable to receive quantum key, and pass through quantum key and regularly update the key-encrypting key.
9. a kind of key encryption method of quantum communication network, including:
Step 701, quantum terminal will need the relaying key that sends to obtain the after encryption key is encrypted using sending
Then first relaying key is sent to next node by one relaying key;Wherein described transmission encryption key and next section
Relaying decruption key at point is corresponding;
After step 702, credible repeater receive the first relaying key of node transmission, decrypted by encrypted relaying
The first relaying key is decrypted to obtain encrypted relaying key described in key pair;Wherein described encrypted relaying decruption key
It is generated after relaying decruption key is encrypted using preset key-encrypting key;
Step 703, credible repeater reuse encrypted relaying and add when sending the encrypted relaying key to next node
Encrypted relaying key described in close key pair is encrypted to obtain the second relaying key;Wherein described encrypted relaying encryption is close
Key is generated after relaying encryption key is encrypted using the preset key-encrypting key, the relaying encryption key
It is corresponding with the receiving and deciphering key at the next node;
It is close using the receiving and deciphering after step 704, reception quantum terminal receive the second relaying key of node transmission
Key is decrypted, and obtains the relaying key;
The relaying key for needing to send is sent to and receives quantum terminal by quantum terminal in wherein described quantum communication network
When can pass through one or more credible repeaters, when by multiple credible repeaters, each credible repeater is carried out step
702 and step 703.
10. the key encryption method of quantum communication network according to claim 9, which is characterized in that at quantum end
End, which is preset with, sends key-encrypting key to be encrypted to sending encryption key, to generate encrypted transmission encryption key;
It receives quantum terminal and is preset with reception key-encrypting key to be encrypted to receiving decruption key, solved with generating encrypted receive
Key;
The method specifically includes:
Step 801, quantum terminal are close to sending encryption key and relaying respectively using preset transmission key-encrypting key
Key is encrypted, to generate encrypted transmission encryption key and encrypted relaying key respectively;
Step 802, quantum terminal encrypt the encrypted relaying key for needing to send using encrypted send
Key obtains the first relaying key after being encrypted, the first relaying key then is sent to next node;Wherein described transmission
Encryption key is corresponding with the relaying decruption key at the next node;
After step 803, credible repeater receive the first relaying key of node transmission, decrypted by encrypted relaying
The first relaying key is decrypted to obtain encrypted relaying key described in key pair;Wherein described encrypted relaying decruption key
It is generated after relaying decruption key is encrypted using preset key-encrypting key;
Step 804, credible repeater reuse encrypted relaying and add when sending the encrypted relaying key to next node
Encrypted relaying key described in close key pair is encrypted to obtain the second relaying key, is then sent to the second relaying key
Next node;Wherein described encrypted relaying encryption key is to relaying encryption key using the preset key-encrypting key
It is generated after being encrypted, the relaying encryption key is corresponding with the receiving and deciphering key at the next node;
Step 805 after receiving the second relaying key that quantum terminal receives node transmission, uses encrypted receiving and deciphering
Key is decrypted, and obtains encrypted relaying key;Wherein described encrypted receiving and deciphering key is to receive quantum terminal to utilize
It is preset to receive what is generated after the receiving and deciphering key is encrypted in key-encrypting key.
11. the key encryption method of quantum communication network according to claim 9 or 10, which is characterized in that the transmission
Encryption key is the shared quantum key generated by QKD processes with the relaying decruption key, and the two corresponds;In described
It is the shared quantum key generated by QKD processes after encryption key and the receiving and deciphering key, the two corresponds.
12. the key encryption method of quantum communication network according to claim 9, which is characterized in that the key encryption
Key is stored in advance in for updating, in the hardware chip of encrypt and decrypt operation, and the key-encrypting key in the chip
It cannot be exported.
13. the key encryption method of quantum communication network according to claim 9, which is characterized in that pass through quantum key
The key-encrypting key is regularly updated.
14. the key encryption method of quantum communication network according to claim 9 or 10, which is characterized in that the method
It further includes:
Step 1701, quantum terminal key generation device on preset for sending the transmission that is encrypted of encryption key
Key-encrypting key, then key generation device the application that the transmission key-encrypting key is synchronized to quantum terminal is set
It is standby;
The key generation device of step 1702, the key generation device of quantum terminal and next node carries out quantum key point
After the transmission encryption key that quantum terminal occurs into, encrypted hair is obtained after being encrypted using the transmission key-encrypting key
Send encryption key;By the encrypted key management apparatus preservation for sending encryption key and being transferred to quantum terminal, so that
Quantum terminal to next node equipment send it is encrypted relaying key when, with it is described it is encrypted transmission encryption key come
The encrypted relaying key is encrypted, to obtain the first relaying key;
Step 1703, quantum terminal key management apparatus by it is described it is encrypted relaying key be sent to quantum terminal
Application apparatus;The application apparatus of quantum terminal is before business cipher key is used, first with the transmission key-encrypting key solution
It is close to obtain relaying key, then the relaying key is used as business cipher key;
Wherein, quantum terminal carries out the synchronization and update for sending key-encrypting key by movable storage device.
15. the key encryption method of quantum communication network according to claim 9 or 10, which is characterized in that the method
It further includes:
Step 1801 receives the reception preset on the key generation device of quantum terminal for being encrypted to receiving decruption key
Key-encrypting key, then key generation device by the reception key-encrypting key be synchronized to receive quantum terminal application set
It is standby;
The key generation device of step 1802, the key generation device for receiving quantum terminal and a upper node carries out quantum key and divides
After the receiving and deciphering key for receiving quantum terminal occurs into, encrypted connect is obtained after being encrypted using the reception key-encrypting key
Receive decruption key;The encrypted receiving and deciphering cipher key delivery is preserved to the key management apparatus for receiving quantum terminal, so that
Quantum terminal is received in the second relaying key that a node device in reception is sent, it is close with the encrypted receiving and deciphering
Key is decrypted to relay key to described second, to obtain encrypted relaying key;
Step 1803, receive quantum terminal key management apparatus by it is described it is encrypted relaying key be sent to receive quantum terminal
Application apparatus;The application apparatus of quantum terminal is received before business cipher key is used, first with the reception key-encrypting key solution
It is close to obtain relaying key, then the relaying key is used as business cipher key;
Wherein, it receives quantum terminal and the synchronization and update for receiving key-encrypting key is carried out by movable storage device.
16. a kind of key cryptographic systems of quantum communication network, including at least one quantum terminal, at least one reception amount
Sub- terminal, at least one credible repeater;
Quantum terminal, for the relaying sent key will to be needed to be obtained in first after being encrypted using transmission encryption key
After key, the first relaying key is then sent to next node;At wherein described transmission encryption key and the next node
Relaying decruption key it is corresponding;
Each credible repeater all includes:
Cipher key encryption block for storing preset key-encrypting key, and passes through preset key-encrypting key and relaying is solved
Key is encrypted to obtain encrypted relaying decruption key;It is additionally operable to through the preset key-encrypting key to relaying
Encryption key is encrypted to obtain encrypted relaying encryption key;
Key relay forwarding module after receiving the first relaying key from a upper node, is solved by the encrypted relaying
The first relaying key is decrypted to obtain encrypted relaying key described in close key pair;It is additionally operable to sending institute to next node
State it is encrypted relaying key when, reuse it is described it is encrypted relaying encryption key to it is described it is encrypted relaying key be encrypted with
Obtain the second relaying key;Wherein described relaying encryption key is corresponding with the receiving and deciphering key at the next node;
Cipher key cache module, for storing the encrypted relaying decruption key and encrypted relaying encryption key;
Quantum terminal is received, after receiving the second relaying key that a upper node is sent, uses the receiving and deciphering key
It is decrypted, obtains the relaying key.
17. the key cryptographic systems of quantum communication network according to claim 16, which is characterized in that the system is specific
Including;
Quantum terminal, for using it is preset transmission key-encrypting key respectively to send encryption key and relaying key into
Row encryption, to generate encrypted transmission encryption key and encrypted relaying key respectively;Be additionally operable to will need send described in plus
Close relaying key obtains the first relaying key after being encrypted using the encrypted transmission encryption key, then will be in first
Next node is sent to after key;Wherein described transmission encryption key is opposite with the relaying decruption key at the next node
It should;
Wherein described each credible repeater all includes:
Cipher key encryption block for storing preset key-encrypting key, and passes through preset key-encrypting key and relaying is solved
Key is encrypted to obtain encrypted relaying decruption key;It is additionally operable to through the preset key-encrypting key to relaying
Encryption key is encrypted to obtain encrypted relaying encryption key;
Key relay forwarding module after receiving the first relaying key from a upper node, is solved by the encrypted relaying
The first relaying key is decrypted to obtain encrypted relaying key described in close key pair;It is additionally operable to sending institute to next node
State it is encrypted relaying key when, reuse it is described it is encrypted relaying encryption key to it is described it is encrypted relaying key be encrypted with
Obtain the second relaying key;Wherein described relaying encryption key is corresponding with the receiving and deciphering key at the next node;
Cipher key cache module, for storing the encrypted relaying decruption key and encrypted relaying encryption key;
Quantum terminal is received, for the receiving and deciphering key to be encrypted using preset reception key-encrypting key, with
Generate encrypted receiving and deciphering key;After being additionally operable to the second relaying key for receiving node transmission, the encryption is used
Receiving and deciphering key be decrypted, obtain encrypted relaying key.
18. the key cryptographic systems of quantum communication network according to claim 16 or 17, which is characterized in that the transmission
Encryption key is the shared quantum key generated by QKD processes with the relaying decruption key, and the two corresponds;In described
It is the shared quantum key generated by QKD processes after encryption key and the receiving and deciphering key, the two corresponds.
19. the key cryptographic systems of quantum communication network according to claim 16 or 17, which is characterized in that the key
Encrypting module is hardware chip, and the key-encrypting key in the chip cannot be exported.
20. the key cryptographic systems of quantum communication network according to claim 16 or 17, which is characterized in that the key
Encrypting module is additionally operable to receive quantum key, and pass through quantum key and regularly update the key-encrypting key.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611255339.1A CN108270553B (en) | 2016-12-30 | 2016-12-30 | Trusted repeater, and secret key encryption method, device and system of quantum communication network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611255339.1A CN108270553B (en) | 2016-12-30 | 2016-12-30 | Trusted repeater, and secret key encryption method, device and system of quantum communication network |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108270553A true CN108270553A (en) | 2018-07-10 |
CN108270553B CN108270553B (en) | 2020-12-22 |
Family
ID=62754592
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611255339.1A Active CN108270553B (en) | 2016-12-30 | 2016-12-30 | Trusted repeater, and secret key encryption method, device and system of quantum communication network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108270553B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110266473A (en) * | 2019-04-22 | 2019-09-20 | 北京邮电大学 | Method, relay node and the distribution method of relay node distribution quantum key |
WO2020221085A1 (en) * | 2019-04-29 | 2020-11-05 | 科大国盾量子技术股份有限公司 | Relay method for quantum key, device, system, apparatus, and storage medium |
EP3944555A1 (en) * | 2020-07-22 | 2022-01-26 | Kabushiki Kaisha Toshiba | Communication system, key management server device, router, and computer-readable medium |
CN115242389A (en) * | 2022-09-23 | 2022-10-25 | 安徽华云安科技有限公司 | Data confusion transmission method and system based on multi-level node network |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104113409A (en) * | 2014-07-23 | 2014-10-22 | 中国科学院信息工程研究所 | Secret key managing method and system of SIP (session initiation protocol) video monitoring networking system |
CN105471576A (en) * | 2015-12-28 | 2016-04-06 | 科大国盾量子技术股份有限公司 | Quantum key relaying method, quantum terminal nodes and quantum key relaying system |
EP3007478A1 (en) * | 2013-06-08 | 2016-04-13 | Quantumctek Co., Ltd. | Mobile secret communications method based on quantum key distribution network |
CN105915337A (en) * | 2016-05-27 | 2016-08-31 | 安徽问天量子科技股份有限公司 | Quantum encryption microwave relay communication system and quantum encryption microwave relay communication method |
-
2016
- 2016-12-30 CN CN201611255339.1A patent/CN108270553B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3007478A1 (en) * | 2013-06-08 | 2016-04-13 | Quantumctek Co., Ltd. | Mobile secret communications method based on quantum key distribution network |
CN104113409A (en) * | 2014-07-23 | 2014-10-22 | 中国科学院信息工程研究所 | Secret key managing method and system of SIP (session initiation protocol) video monitoring networking system |
CN105471576A (en) * | 2015-12-28 | 2016-04-06 | 科大国盾量子技术股份有限公司 | Quantum key relaying method, quantum terminal nodes and quantum key relaying system |
CN105915337A (en) * | 2016-05-27 | 2016-08-31 | 安徽问天量子科技股份有限公司 | Quantum encryption microwave relay communication system and quantum encryption microwave relay communication method |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110266473A (en) * | 2019-04-22 | 2019-09-20 | 北京邮电大学 | Method, relay node and the distribution method of relay node distribution quantum key |
WO2020221085A1 (en) * | 2019-04-29 | 2020-11-05 | 科大国盾量子技术股份有限公司 | Relay method for quantum key, device, system, apparatus, and storage medium |
EP3944555A1 (en) * | 2020-07-22 | 2022-01-26 | Kabushiki Kaisha Toshiba | Communication system, key management server device, router, and computer-readable medium |
CN115242389A (en) * | 2022-09-23 | 2022-10-25 | 安徽华云安科技有限公司 | Data confusion transmission method and system based on multi-level node network |
CN115242389B (en) * | 2022-09-23 | 2022-12-23 | 安徽华云安科技有限公司 | Data confusion transmission method and system based on multi-level node network |
Also Published As
Publication number | Publication date |
---|---|
CN108270553B (en) | 2020-12-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105471576B (en) | A kind of method of quantum key relaying, quantum terminal node and system | |
CN106330434B (en) | First quantum node, second quantum node, secure communication architecture system and method | |
CN109412794B (en) | Quantum key automatic charging method and system suitable for power business | |
CN107094076B (en) | Secret communication method based on quantum true random number and communication system | |
CN107437995A (en) | Satellite-based wide area quantum communication network system and communication means | |
CN110808837B (en) | Quantum key distribution method and system based on tree-shaped QKD network | |
WO2023082600A1 (en) | Quantum key-based blockchain network and data secure transmission method | |
CN108270553A (en) | Credible repeater, the key encryption method of quantum communication network, device, system | |
WO2023082599A1 (en) | Blockchain network security communication method based on quantum key | |
Tajima et al. | Quantum key distribution network for multiple applications | |
CN109462471A (en) | The method of information transmission encryption based on national secret algorithm in conjunction with Technique on Quantum Communication | |
CN103297230B (en) | Information encipher-decipher method, Apparatus and system | |
JP6544519B2 (en) | Mobile control system | |
CN108964888A (en) | A kind of modified AKA identity authorization system and method based on pool of symmetric keys and relayed communications | |
CN104753682A (en) | Generating system and method of session keys | |
CN111385090A (en) | Key distribution method and system based on multi-key combination quantum key relay | |
Kong | Challenges of Routing in Quantum Key Distribution Networks with Trusted Nodes for Key Relaying | |
CN114401085B (en) | Network architecture and key storage method of quantum secret communication network | |
Kurmi et al. | An approach for data aggregation strategy in wireless sensor network using MAC authentication | |
CN104243409A (en) | Terminal-to-terminal data transmission method | |
EP3883178A1 (en) | Encryption system and method employing permutation group-based encryption technology | |
Lin et al. | Quantum key distribution in partially-trusted QKD ring networks | |
Schartner et al. | How to overcome the'Trusted Node Model'in Quantum Cryptography | |
Schartner et al. | Quantum key management | |
EP4123957A1 (en) | A method and system for performing a secure key relay of an encryption key |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |