CN109194477A - The access node device of quantum secret communication network system and communications network system including the device - Google Patents
The access node device of quantum secret communication network system and communications network system including the device Download PDFInfo
- Publication number
- CN109194477A CN109194477A CN201811341955.8A CN201811341955A CN109194477A CN 109194477 A CN109194477 A CN 109194477A CN 201811341955 A CN201811341955 A CN 201811341955A CN 109194477 A CN109194477 A CN 109194477A
- Authority
- CN
- China
- Prior art keywords
- quantum
- key
- access node
- access
- node device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004891 communication Methods 0.000 title claims abstract description 116
- 230000005540 biological transmission Effects 0.000 claims description 28
- 238000000034 method Methods 0.000 claims description 23
- 238000012545 processing Methods 0.000 claims description 20
- 230000004224 protection Effects 0.000 claims description 17
- 238000003860 storage Methods 0.000 claims description 10
- 230000002457 bidirectional effect Effects 0.000 claims description 8
- 230000007246 mechanism Effects 0.000 claims description 7
- 238000003032 molecular docking Methods 0.000 claims description 5
- 238000002955 isolation Methods 0.000 abstract description 4
- 230000008569 process Effects 0.000 description 7
- 238000010586 diagram Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 4
- 230000008676 import Effects 0.000 description 4
- 230000009466 transformation Effects 0.000 description 4
- 230000006872 improvement Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000006855 networking Effects 0.000 description 3
- 238000011161 development Methods 0.000 description 2
- 230000002452 interceptive effect Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000010287 polarization Effects 0.000 description 2
- 241001269238 Data Species 0.000 description 1
- 230000006978 adaptation Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000004069 differentiation Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 230000014759 maintenance of location Effects 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Optical Communication System (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention provides a kind of access node device of quantum secret communication network system and the communications network system including the device, the access node device makes the access node of the quantum secret communication network system all be connected respectively using classical channel and quantum channel with switching node, relay node, and the classical channel of quantum key distribution is communicated using no IP mode between each node.The present invention realize quantum secret communication network and the security isolation of user network, quantum secret communication network and different vendor's encryption device or system dock and business datum access authority is controlled and is separated with the function of quantum secret communication network.
Description
Technical field
The invention belongs to Technique on Quantum Communication fields, and in particular to the access node device of quantum secret communication network system
And the quantum secret communication network system including the device.
Background technique
1. quantum key distribution
The unclonable principle and the indivisible fundamental characteristics of quantum of quantum is utilized in quantum key distribution, using monochromatic light
Son carries out the transmitting of random number.According to BB84 agreement, the basic vector of each photon random selection modulation, receiving end is also used at random
Basic vector be monitored.When send and receive the basic vector for holding selection it is consistent when, receive the signal being subject to be considered as it is effective and
It is recorded record;If the basic vector of selection is inconsistent, data are dropped.Ensure that the side of sending and receiving obtains in this way
Consistent random number sequence (i.e. quantum key).Quantum key distribution system needs quantum channel and the independent letter of classical channel two
Road, ground backbone communications are with bearing optical fiber.
2. quantum secret communication
Saying for quantum communications broad sense is exactly by quantum state from a localized transmissions to another place, is passed comprising Quantum Teleportation
State, quantum entanglement exchange and quantum key distribution.Commercial quantum secret communication is referred mainly to based on quantum key distribution at present
The secret communication of (Quantum Key Distribution, QKD).
It has developed into ripe point-to-point quantum key distribution system and is unable to satisfy practical application, and user demand is
Gradually expand.In order to meet the needs of multi-user's secure communication, matched quantum key distribution network is just progressively towards more
The direction of user, long range and networking are developed.From the point of view of the development trend of fiber optic quantum key distribution, based on the intercity of optical fiber
Technique on Quantum Communication is moving towards practical and industrialized development.
3. method of service
Current method of service is mainly realized two nodes on network by quantum key distribution technology and relaying technique
Shared random number as key export to encryption device carry out using.However, the whole of random number and non-key, so can not
Directly apply to extreme portions encryption device.
In addition, encryption device and quantum secret communication network that current ways of services supplied requires consumption key are with IP network
Network is connected.This itself exists with current Password Management mode to conflict.
Summary of the invention
Problem to be solved by this invention:
1. the compatibling problem with existing key management system
Quantum secret communication network needs largely to use encryption device or the unit mechanism of Password Management is needed to provide
The safe transmission guarantee of business datum (i.e. user key) is necessarily required to encryption device and key point in face of more producer's polytypics
Hair system, therefore these system or equipments such as how lower coupling and the mode and quantum secret communication that do not influence existing management system
It is the compatibility issue that don't fail to be solved that network, which is attached,.
2. producing network and user network isolating problem
The encryption device or key distribution system of user is normally at user network or isolation with particular safety grade
Network, so the application of quantum secret communication network cannot necessarily influence its security level.
In addition, the network of different user may have different security levels, it between each other can not be because of quantum secure
Communication network application and be attached.
This requires must be isolated between quantum secret communication network and user network.
In order to overcome the above problem, the present invention provides a kind of access node device of quantum secret communication network system, institute
Stating access node device distinguishes the access node of the quantum secret communication network system with switching node and relay node
All it is connected using classical channel and quantum channel, the classical channel of quantum key distribution is carried out using no IP mode between each node
Communication;The access node device is preferably integrated.
In one embodiment, the access node device is docked and is provided by IP network with user end apparatus
Service.
In one embodiment, the access node device includes that quantum key service unit and quantum communications access are single
Member is connected between the quantum key service unit and the quantum communications access unit using communication bus, and using privately owned
The ferry-boat of protocol realization data;The communication bus is preferably spi bus.
In one embodiment, the quantum key service unit is realized for docking user end apparatus to number of users
According to the control of transmitting rights.
In one embodiment, the quantum communications access unit includes that access data processing module and quantum key are raw
At module;The quantum key generation module generates quantum key by internal QKD transmitting terminal and adjacent node, and exports and give
Access data processing module;Communication key, dispatch communication key and transmission services number are generated with the access data processing module
According to.
In one embodiment, the access data processing module is prefixed the key pipe by quantum secret communication network
The storage key that reason center is allotted, described storage key a part realize the encryption to storing data for symmetric encipherment algorithm,
The symmetric encipherment algorithm is preferably SM4;Another part is calculated for message authentication code, is realized and is protected to the integrality of storing data
Shield, the message authentication code calculate the hmac algorithm for being preferably based on SM3.
In one embodiment, between the user end apparatus and quantum key service unit, quantum key service is single
Bidirectional identity authentication mechanism is respectively equipped between member and quantum communications access unit, between this access node and adjacent node;Institute
Bidirectional identity authentication mechanism is stated preferably to realize using preset symmetric key and random number challenge mode.
In one embodiment, between the user end apparatus and quantum key service unit, quantum key service is single
The communication that interim conversation key is based respectively between member and quantum communications access unit, between this access node and adjacent node is pacified
All risk insurance protection mechanism, for protecting confidentiality and integrity of the business datum in transmission process.
In one embodiment, described interim conversation key a part is realized for symmetric encipherment algorithm to transmission data
Encryption, symmetric encipherment algorithm is preferably SM4;Another part calculates the integrality realized to transmission data for message authentication code
Protection, the message authentication code calculate the hmac algorithm for being preferably based on SM3.
In one embodiment, the present invention provides a kind of quantum secret communication network system based on quantum key distribution
System, the quantum secret communication network system includes any above-mentioned access node device.
The access node device of quantum secret communication network system provided by the invention realizes following technical effect:
1) security isolation of quantum secret communication network and user network is realized
By security isolation measure, efficiently solve the problems, such as that the how legal conjunction rule of user use quantum secret communication network.
On the one hand it not will cause the reduction of user network security level with docking for quantum secret communication network, on the other hand effectively prevent
The potential security risk of user network has an impact the operation of quantum secret communication network.
2) docking for quantum secret communication network and different vendor's encryption device or system is effectively realized
User group's diversity that quantum secret communication network is serviced brings the encryption device or system type of access
The differentiation realized with interface effectively solves quantum secret communication network and sets with password by integrating quantum key service unit
Standby or system adaptation issues.
3) realize that the control of business datum access authority is separated with the function of quantum secret communication network
The control that business datum access authority is realized by integrated quantum key service unit, it is led to from quantum secure
Communication network is removed, and quantum secret communication network function is simplified, and improves operation robustness.
Detailed description of the invention
It in order to more clearly explain the technical solutions in the embodiments of the present application, below will be to needed in the embodiment
Attached drawing is briefly described, it should be apparent that, the accompanying drawings in the following description is only some embodiments as described in this application, right
For those of ordinary skill in the art, without creative efforts, it can also be obtained according to these attached drawings
Its attached drawing.
Fig. 1 is that the present invention is based on the quantum secret communication network system group network topology schematic diagrames of quantum key distribution;
Fig. 2 is integrated access node apparatus structure and its external interactive relation schematic diagram of the invention;
Fig. 3 is that the quantum key of the integrated access node device of the present invention generates and Stored Procedure schematic diagram;
Fig. 4 is that the communication key of the integrated access node device of the present invention generates and Stored Procedure schematic diagram;
Fig. 5 is that the business datum of the integrated access node device of the present invention pacifies transmission flow schematic diagram;With
Fig. 6 is that the business datum of the integrated access node device of the present invention receives flow diagram.
Specific embodiment
In order to make art technology field personnel more fully understand the technical solution in the application, below in conjunction with embodiment
The invention will be further described, it is clear that and described embodiments are only a part of embodiments of the present application, rather than whole
Embodiment.Based on the embodiment in the application, those of ordinary skill in the art are obtained without making creative work
The all other embodiment obtained, shall fall within the protection scope of the present application.The present invention is made with reference to the accompanying drawings and embodiments
It further describes.
Embodiment one: quantum secret communication network system of the invention
As shown in Figure 1, in one embodiment, the quantum secret communication network of the invention based on quantum key distribution
System includes access node, switching node and relay node, uses classical channel and quantum channel phase respectively between each node
Even, the classical channel of interior joint area of a room quantum key distribution is communicated using no IP mode.
Quantum channel refers to the physical channel of transmission of quantum signal;Quantum signal refers to Micro quantum attitude carrying information
Physical signal, such as: the single photon after being modulated to polarization, time, orbital angular momentum.
Classical channel is the physical channel for transmitting classical signals;Classical signals refer in modern communication technology with Macroscopic physical
The signal for measuring load information, such as high level, low level, light pulse, half-light pulse, the bright optical pulses of different polarization state,
The bright optical pulses of out of phase difference.
In quantum key distribution agreement, quantum channel is used for transmission quantum signal, and classical channel is used for transmission negotiation
Data, such as the measurement base of receiving end select information.In addition to this, classical channel is also used to Networking protocol, management number between node
According to the transmission of, business datum.
Access node: realizing the network insertion of user terminal system, completes the online of user data and off line, and pass through limitation
The mode at communication objective end controls the permission of user data online.
Switching node: the switching node being connected with same logical links/access node realizes shared communication key, passes through
Information exchange between connected access node/switching node establishes routing table, and realizes the Path selection of user data transmission.
Relay node: realizing the generation of quantum key with adjacent node, realizes that the data of hop-by-hop mode relay transmitting.
In some embodiments, quantum secret communication network system of the invention further includes user end apparatus, the user
End device may include importing and exporting special-purpose terminal, user key Distribution Center (KDC) and encryption device offline.
Special-purpose terminal is imported and exported offline and refers to terminal dedicated for interacting with quantum key service unit, and is permitted
Perhaps user key is received by offline mode (such as password stick) to import.
User key Distribution Center refers to the self-built or built key distribution system of user, provide user key importing and
Export function.
Encryption device refers to the specialized security device that with cryptographic algorithms' implementation, need to use user key, such as vpn gateway
Deng.
For quantum secret communication net, user key is considered as business datum and carries out Network Transmitting.
In some embodiments, quantum secret communication network system of the invention further includes administrative center.
Administrative center realizes the management to the equipment of quantum secret communication network, key, strategy, O&M, operation aspect.Tool
On body is realized, it can be split according to the difference of management object.Equipment management center realizes the access management to networking equipment;
Key Management Center is realized to key management needed for cryptographic algorithm in the network operation;It realizes to traditional network at tactical management center
The management of the methods of operation such as equipment, safety equipment, quantum devices;Realize the pipe to whole network equipment operating status in operation management center
Reason;Operation management center is transmitted according to business carries out the statistics such as charging, service quality.
In some embodiments, administrative center is connected with switching node.In some embodiments, user end apparatus
(importing and exporting special-purpose terminal, user key Distribution Center and encryption device etc. offline) is connected by IP network with access node.
Embodiment two: the integrated access node device of access node of the present invention
1. the structure of the integrated access node device of access node of the present invention
The structure of access node device of the invention and its as shown in Figure 2 with external interactive relation.Of the invention is integrated
Access node device includes following two parts:
1.1 quantum key service units: for docking user end apparatus, all types of user Key Distribution Center, password are solved
Equipment etc. docks compatibling problem, realizes the control to user data transmission permission.
1.2 quantum communications access units: it includes access data processing module and quantum key generation module.Quantum key
Generation module generates quantum key by internal QKD-A (QKD transmitting terminal) and adjacent node, and exports and give access data processing
Module.
Accessing data processing module, it generates communication key, dispatch communication key and transmission services data.It accesses at data
Manage module and generate communication key K, and by the relaying (as needed) of the protection of quantum key and relay node realize its be connected
The safety of communication key is shared between switching node.
It is connected between quantum key service unit and quantum communications access unit using communication bus (such as spi bus), and
It is realized and is isolated using proprietary protocol.
2. the method for service of access node of the present invention
User end apparatus is docked by IP network with integrated access node device, i.e., online access.User terminal dress
Set mainly include user key Distribution Center, encryption device, import and export special-purpose terminal offline, method of service is as follows:
2.1 user key Distribution Center are the encryption device generation distribution key of user, and by logical by quantum secure
Communication network realizes the long range distribution for simplifying (user) key.
2.2 encryption devices (such as vpn gateway) are used directly to carry out crypto-operation or secure communication, and be used to maintain secrecy is close
Key is sent and received by quantum secure communication network.
2.3. special-purpose terminal is imported and exported offline, has the function of three aspects.First, user is situated between by the safety such as password stick
User key is directed into offline and imports and exports special-purpose terminal offline, and submits data by importing and exporting special-purpose terminal offline by matter
Transmission request;Second, user passes through imports and exports the user that special-purpose terminal reception distal end is transmitted through quantum secret communication net offline
Key, and the security mediums such as password stick are exported to, applied to local user terminal system/equipment;Third, user by leading offline
Enter to export special-purpose terminal and submit parametrization request to quantum secure communication network, and obtains user key, while locally obtaining,
The key can pass in time specified far end system by chain secure communication network.
3. the workflow of access node of the present invention
3.1. quantum key is generated and is stored
Quantum key generates and Stored Procedure is as shown in figure 3, its process is described as follows.
1) (switching node or relaying save for the QKD transmitting terminal (QKD-A submodule) of quantum key generation module and adjacent node
Point) the raw quantum key q of operation quantum key distribution agreement (such as BB84)A;
2) quantum key generation module is by quantum key qAIt is output to access data processing module;
3) access data processing module uses the quantum secret communication network Key Management Center by administrative center in network
The storage key encryption quantum key distributed obtains close state quantum key and digest value carries out quantum key storage, it is ensured that it is stored
Confidentiality and integrity;Digest value calculates a value, and be unable to retrospectively calculate by hash algorithm/digest algorithm
Its input out, common hash algorithm have SHA-256, SM3 etc..
3.2. communication key is generated and is stored
The communication key that access node generates is used for the secret communication between its switching node that is connected with same logical links,
Distribution procedure is as shown in figure 4, its process is described as follows.
1) access data processing module generates communication key K using random number source, and the random number source is either in independence
The random number generator set can also be multiplexed the random number generator in QKD-A submodule;
2) using the quantum key q of storageACommunication key is protected, communication key ciphertext K is obtainedA;
3) communication key ciphertext K is sentAIt is relay node to adjacent node, such as adjacent node, then needing using next
It jumps quantum key and carries out safe relaying, be finally transmitted to switching node and be decrypted;
4) after determining that opposite end receives communication key K, access data processing module use is close by quantum secret communication network
The storage key encrypted communication key K that key administrative center distributes obtains the communication key and digest value of close state, and is stored.
3.3. data safety transmitting and reception
3.3.1 business datum transmission flow
Originating mobile subscriber device needs safe transmission business datum (such as user key) to destination user apparatus.To use offline
For the key management Distribution Center of family, process is as shown in figure 5, process description is as follows:
1) business datum is imported into offline importing with offline mode through password stick by originating mobile subscriber key management Distribution Center
Export special-purpose terminal;
2) importing and exporting special-purpose terminal is committed to quantum key service for business datum by task by network mode offline
Unit;
3) quantum key service unit checks task right, is packaged business datum if any authorization, forms transmission and appoint
Business is single, and is ferried with proprietary protocol communication bus and give quantum communications access unit;Refuse if with no authorized;
4) the access data processing module of quantum communications access unit is packaged business datum according to transformation task list
And the safeguard protection based on communication key, form business datum ciphertext;
5) the access data processing module of quantum communications access unit is passed to business datum ciphertext by classical channel
Subsequent node.
3.3.2 business datum receives process
Destination user apparatus needs safety to receive the business datum (such as user key) from originating mobile subscriber device.With from
For line user key Distribution Center, process is as shown in fig. 6, process description is as follows:
1) the access data processing module of quantum communications access unit receives the industry from same logical links connected node
Business data ciphertext;
2) acquisition is decrypted in plain text (i.e. transformation task list) using communication key, and checks the integrality of plaintext, it is such as complete
Whole property is destroyed, then abandons transformation task forms data;
3) the transformation task single pendulum comprising business datum is crossed to quantum key service by communication bus with proprietary protocol
Unit;
4) business datum is pushed to corresponding destination user apparatus by quantum key service unit;
5) business datum is led user key Distribution Center by password stick offline mode by user.
4. safe design
4.1 bidirectional identity authentications based on symmetric cryptographic technique
Access node many places need to carry out bidirectional identity authentication, including ustomer premises access equipment and quantum key service unit it
Between, between quantum key service unit and quantum communications access unit, between this access node and adjacent node.Bidirectional identification is recognized
Card is realized using preset symmetric key and random number challenge mode.
The 4.2 communication security protections based on interim conversation key
Either outside node or intra-node, it is required to confidentiality of the protection business datum in transmission process and complete
Whole property.After establishing bidirectional identity authentication, interim conversation key is further negotiated.The interim conversation key a part is used for
Symmetric encipherment algorithm such as SM4 realizes the encryption to transmission data;Another part is calculated for message authentication code, as based on SM3
HMAC realizes the integrity protection to transmission data.When carrying out above-mentioned safeguard protection, message authentication code need to be first calculated, then will
Transmission data and its message authentication code are encrypted together.
4.3 local secure storages based on symmetric cryptographic technique
Access data processing module needs to store quantum key and communication key, and these two types of key datas are to closing weight
It wants, therefore needs first to carry out safeguard protection to it before storing.Access data processing module is prefixed by quantum secret communication network
The storage key allotted of Key Management Center, which is divided into two parts: a part is real for symmetric encipherment algorithm such as SM4
Now to the encryption of storing data;Another part is calculated for message authentication code, such as based on the HMAC of SM3, is realized to storing data
Integrity protection.When carrying out above-mentioned safeguard protection, message authentication code need to be first calculated, then will transmission data and its message authentication
Code is encrypted together, is finally stored to obtained ciphertext.
Those skilled in the art will readily recognize that above-mentioned each advantageous manner can be free under the premise of not conflicting
Ground combination, superposition.The above is merely preferred embodiments of the present invention, it is not intended to limit the invention, it is all in essence of the invention
Made any modifications, equivalent replacements, and improvements etc., should all be included in the protection scope of the present invention within mind and principle.With
On be only the preferred embodiment of the present invention, it is noted that for those skilled in the art, do not departing from
Under the premise of the technology of the present invention principle, several improvements and modifications can also be made, these improvements and modifications also should be regarded as the present invention
Protection scope.
Claims (10)
1. the access node device of quantum secret communication network system, which is characterized in that the access node device makes described
The access node and switching node of quantum secret communication network system, relay node all use classical channel and quantum channel respectively
It is connected, the classical channel of quantum key distribution is communicated using no IP mode between each node;The access node device is excellent
Choosing is integrated.
2. access node device according to claim 1, which is characterized in that the access node device and user end apparatus
It is docked by IP network and service is provided.
3. access node device according to claim 2, which is characterized in that the access node device includes quantum key
Service unit and quantum communications access unit use between the quantum key service unit and the quantum communications access unit
Communication bus is connected, and realizes data ferry-boat using proprietary protocol;The communication bus is preferably spi bus.
4. access node device according to claim 3, which is characterized in that the quantum key service unit is for docking
User end apparatus realizes the control to user data transmission permission.
5. access node device according to claim 3, which is characterized in that the quantum communications access unit includes access
Data processing module and quantum key generation module;The quantum key generation module by internal QKD transmitting terminal with it is adjacent
Node generates quantum key, and exports and give access data processing module;The access data processing module generates communication key, divides
Send out communication key and transmission services data.
6. access node device according to claim 5, which is characterized in that the access data processing module be prefixed by
The storage key that the Key Management Center of quantum secret communication network is allotted, described storage key a part are calculated for symmetric cryptography
Method realizes the encryption to storing data, and the symmetric encipherment algorithm is preferably SM4;Another part is calculated for message authentication code,
Realize that the integrity protection to storing data, the message authentication code calculate the hmac algorithm for being preferably based on SM3.
7. access node device according to claim 3, which is characterized in that the user end apparatus and quantum key service
Distinguish between unit, between quantum key service unit and quantum communications access unit, between this access node and adjacent node
Equipped with bidirectional identity authentication mechanism;The bidirectional identity authentication mechanism preferably uses preset symmetric key and random number challenge
Mode is realized.
8. access node device according to claim 7, which is characterized in that the user end apparatus and quantum key service
Distinguish between unit, between quantum key service unit and quantum communications access unit, between this access node and adjacent node
Equipped with the communication security protection mechanism based on interim conversation key, for protect confidentiality of the business datum in transmission process and
Integrality.
9. access node device according to claim 8, which is characterized in that described interim conversation key a part for pair
Encryption Algorithm is claimed to realize that symmetric encipherment algorithm is preferably SM4 to the encryption of transmission data;Another part is based on message authentication code
The integrity protection realized to transmission data is calculated, the message authentication code calculates the hmac algorithm for being preferably based on SM3.
10. a kind of quantum secret communication network system based on quantum key distribution, which is characterized in that the quantum secret communication
Network system includes any access node device of claim 1-9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811341955.8A CN109194477B (en) | 2018-11-12 | 2018-11-12 | Access node device for quantum secret communication network system and communication network system comprising the same |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811341955.8A CN109194477B (en) | 2018-11-12 | 2018-11-12 | Access node device for quantum secret communication network system and communication network system comprising the same |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109194477A true CN109194477A (en) | 2019-01-11 |
| CN109194477B CN109194477B (en) | 2024-04-02 |
Family
ID=64939211
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811341955.8A Active CN109194477B (en) | 2018-11-12 | 2018-11-12 | Access node device for quantum secret communication network system and communication network system comprising the same |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109194477B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110138550A (en) * | 2019-05-06 | 2019-08-16 | 国网甘肃省电力公司信息通信公司 | QKD network system model, distributed multi-user QKD network model and its distribution method |
| CN111865566A (en) * | 2019-04-26 | 2020-10-30 | 上海铁路通信有限公司 | Quantum security data network system for railway signal system |
| CN113037478A (en) * | 2021-03-22 | 2021-06-25 | 阿米华晟数据科技(江苏)有限公司 | Quantum key distribution system and method |
| CN113489586A (en) * | 2021-07-26 | 2021-10-08 | 河南国科量子通信网络有限公司 | VPN network system compatible with quantum key negotiation |
| CN113824718A (en) * | 2021-09-18 | 2021-12-21 | 国科量子通信网络有限公司 | Quantum network access security middleware platform and construction method thereof |
| CN114221765A (en) * | 2022-02-17 | 2022-03-22 | 浙江九州量子信息技术股份有限公司 | Quantum key distribution method for fusion of QKD network and classical cryptographic algorithm |
| CN114336738A (en) * | 2021-11-30 | 2022-04-12 | 国网浙江省电力有限公司绍兴供电公司 | Distributed power supply coordination control method and system based on quantum encryption communication |
| CN115001686A (en) * | 2022-08-02 | 2022-09-02 | 矩阵时光数字科技有限公司 | Global quantum security device and system |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100299526A1 (en) * | 2008-01-25 | 2010-11-25 | Qinetiq Limited | Network having quantum key distribution |
| JP2013201654A (en) * | 2012-03-26 | 2013-10-03 | Nippon Telegr & Teleph Corp <Ntt> | Multicast quantum network coding method on butterfly network |
| CN103763099A (en) * | 2014-02-13 | 2014-04-30 | 国家电网公司 | Electric power security communication network based on quantum key distribution technology |
| CN203851153U (en) * | 2014-02-13 | 2014-09-24 | 国家电网公司 | Electric power security communication network based on quantum key distribution technology |
| CN106330434A (en) * | 2015-06-23 | 2017-01-11 | 中兴通讯股份有限公司 | First quantum node, second quantum node, secure communication architecture system and methods |
| CN107437995A (en) * | 2016-05-27 | 2017-12-05 | 西安电子科技大学 | Satellite-based wide area quantum communication network system and communication means |
| CN108566273A (en) * | 2018-03-01 | 2018-09-21 | 如般量子科技有限公司 | Identity authorization system based on quantum network |
| CN108737076A (en) * | 2017-04-13 | 2018-11-02 | 山东量子科学技术研究院有限公司 | A kind of identity authorization system and identity identifying method |
| CN208986951U (en) * | 2018-11-12 | 2019-06-14 | 中共中央办公厅电子科技学院 | The access node device of quantum secret communication network system and communications network system including the device |
-
2018
- 2018-11-12 CN CN201811341955.8A patent/CN109194477B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100299526A1 (en) * | 2008-01-25 | 2010-11-25 | Qinetiq Limited | Network having quantum key distribution |
| JP2013201654A (en) * | 2012-03-26 | 2013-10-03 | Nippon Telegr & Teleph Corp <Ntt> | Multicast quantum network coding method on butterfly network |
| CN103763099A (en) * | 2014-02-13 | 2014-04-30 | 国家电网公司 | Electric power security communication network based on quantum key distribution technology |
| CN203851153U (en) * | 2014-02-13 | 2014-09-24 | 国家电网公司 | Electric power security communication network based on quantum key distribution technology |
| CN106330434A (en) * | 2015-06-23 | 2017-01-11 | 中兴通讯股份有限公司 | First quantum node, second quantum node, secure communication architecture system and methods |
| CN107437995A (en) * | 2016-05-27 | 2017-12-05 | 西安电子科技大学 | Satellite-based wide area quantum communication network system and communication means |
| CN108737076A (en) * | 2017-04-13 | 2018-11-02 | 山东量子科学技术研究院有限公司 | A kind of identity authorization system and identity identifying method |
| CN108566273A (en) * | 2018-03-01 | 2018-09-21 | 如般量子科技有限公司 | Identity authorization system based on quantum network |
| CN208986951U (en) * | 2018-11-12 | 2019-06-14 | 中共中央办公厅电子科技学院 | The access node device of quantum secret communication network system and communications network system including the device |
Non-Patent Citations (1)
| Title |
|---|
| 杨超;张红旗;苏锦海;王凯;姜皇勤;曾光;: "基于可信中继的广域量子密钥网络模型研究", 工程科学与技术, no. 02 * |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111865566A (en) * | 2019-04-26 | 2020-10-30 | 上海铁路通信有限公司 | Quantum security data network system for railway signal system |
| CN110138550A (en) * | 2019-05-06 | 2019-08-16 | 国网甘肃省电力公司信息通信公司 | QKD network system model, distributed multi-user QKD network model and its distribution method |
| CN113037478A (en) * | 2021-03-22 | 2021-06-25 | 阿米华晟数据科技(江苏)有限公司 | Quantum key distribution system and method |
| CN113489586A (en) * | 2021-07-26 | 2021-10-08 | 河南国科量子通信网络有限公司 | VPN network system compatible with quantum key negotiation |
| CN113489586B (en) * | 2021-07-26 | 2023-01-31 | 河南国科量子通信网络有限公司 | VPN network system compatible with quantum key negotiation |
| CN113824718A (en) * | 2021-09-18 | 2021-12-21 | 国科量子通信网络有限公司 | Quantum network access security middleware platform and construction method thereof |
| CN114336738A (en) * | 2021-11-30 | 2022-04-12 | 国网浙江省电力有限公司绍兴供电公司 | Distributed power supply coordination control method and system based on quantum encryption communication |
| CN114221765A (en) * | 2022-02-17 | 2022-03-22 | 浙江九州量子信息技术股份有限公司 | Quantum key distribution method for fusion of QKD network and classical cryptographic algorithm |
| CN115001686A (en) * | 2022-08-02 | 2022-09-02 | 矩阵时光数字科技有限公司 | Global quantum security device and system |
| CN115001686B (en) * | 2022-08-02 | 2022-11-04 | 矩阵时光数字科技有限公司 | Global quantum security device and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109194477B (en) | 2024-04-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109194477A (en) | The access node device of quantum secret communication network system and communications network system including the device | |
| JP5288087B2 (en) | Encryption key management method and apparatus in a secret communication network | |
| CN107453868B (en) | A kind of safe and efficient quantum key method of servicing | |
| CN109302288B (en) | Quantum secret communication network system based on quantum key distribution technology and application thereof | |
| US7747023B2 (en) | Multi-user quantum cryptography method and system using wavelength division multiplexing | |
| EP2281360B1 (en) | Quantum key device | |
| CN103763099B (en) | Electric power security communication network based on quantum key distribution technology | |
| US8638942B2 (en) | Method and system for managing shared random numbers in secret communication network | |
| US8170211B2 (en) | Hub device for a network comprising quantum cryptographic connections and node module for said hub device | |
| CN100596060C (en) | A method, system and device for preventing optical network unit in passive optical network from being counterfeiting | |
| US20050259825A1 (en) | Key bank systems and methods for QKD | |
| CN110224821B (en) | Communication encryption method for unmanned mobile platform | |
| Yu et al. | Secret-key provisioning with collaborative routing in partially-trusted-relay-based quantum-key-distribution-secured optical networks | |
| CN108880800A (en) | Adapted electrical communication system and method based on quantum secret communication | |
| CN208986950U (en) | A kind of quantum secret communication network system based on quantum key distribution technology | |
| CN203851153U (en) | Electric power security communication network based on quantum key distribution technology | |
| US20220294618A1 (en) | Improvements to qkd methods | |
| CN108768644A (en) | High speed key secure distribution system and method based on no periodic Chaotic Synchronous | |
| CN208986952U (en) | The relay of quantum secret communication network system and communications network system including the device | |
| CN208986951U (en) | The access node device of quantum secret communication network system and communications network system including the device | |
| CN109245887B (en) | Relay device for quantum secret communication network system and communication network system comprising the same | |
| CN109257274B (en) | Switching node device for quantum secret communication network system and communication network system comprising the same | |
| CN101326756A (en) | Method and device for controlling security channel in EPON | |
| CN114401085B (en) | Network architecture and key storage method of quantum secret communication network | |
| WO2023078639A1 (en) | Quantum-secured communication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |