CN109245887B - Relay device for quantum secret communication network system and communication network system comprising the same - Google Patents
Relay device for quantum secret communication network system and communication network system comprising the same Download PDFInfo
- Publication number
- CN109245887B CN109245887B CN201811341189.5A CN201811341189A CN109245887B CN 109245887 B CN109245887 B CN 109245887B CN 201811341189 A CN201811341189 A CN 201811341189A CN 109245887 B CN109245887 B CN 109245887B
- Authority
- CN
- China
- Prior art keywords
- quantum
- key
- module
- relay device
- relay
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004891 communication Methods 0.000 title claims abstract description 77
- 230000005540 biological transmission Effects 0.000 claims abstract description 18
- 238000012545 processing Methods 0.000 claims description 35
- 238000000034 method Methods 0.000 claims description 8
- 238000013461 design Methods 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 6
- 230000006855 networking Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 4
- 239000013307 optical fiber Substances 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 230000010287 polarization Effects 0.000 description 2
- 238000012790 confirmation Methods 0.000 description 1
- 239000000470 constituent Substances 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 238000009795 derivation Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B7/00—Radio transmission systems, i.e. using radiation field
- H04B7/14—Relay systems
- H04B7/15—Active relay systems
- H04B7/155—Ground-based stations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
- H04L9/0858—Details about key distillation or coding, e.g. reconciliation, error correction, privacy amplification, polarisation coding or phase coding
Abstract
The invention provides a relay device of a quantum secret communication network system and a communication network system comprising the same. The relay device is integrated, and is used for generating a quantum key with an adjacent node and realizing data relay transmission in a hop-by-hop mode; classical channels of quantum key distribution among all nodes are communicated in an IP-free mode. The relay device disclosed by the invention ensures that the generation and the use of the quantum key are all in the device through the integrated design, and reduces various data leakage risks.
Description
Technical Field
The invention belongs to the technical field of quantum communication, and particularly relates to a relay device of a quantum secret communication network system and the quantum secret communication network system comprising the relay device.
Background
1. Quantum key distribution
The quantum key distribution utilizes the quantum unclonable principle and quantum inseparable basic characteristics, and adopts single photon to transfer random numbers. According to BB84 protocol, each photon randomly selects a modulated base vector, and the receiving end also adopts the random base vector for monitoring. When the transmission coincides with the selected basis vector at the receiving end, the received signal is regarded as valid and recorded, and if the selected basis vector does not coincide, the data is discarded. This ensures that the transmitting and receiving party obtain a consistent sequence of random numbers (i.e. quantum keys). The quantum key distribution system requires two independent channels, namely a quantum channel and a classical channel, and a ground communication network is carried by optical fibers.
2. Quantum secret communication
Quantum communication is broadly defined as the transmission of quantum states from one place to another, including quantum stealth transmission, quantum entanglement exchange, and quantum key distribution. Currently commercially available quantum secret communications mainly refer to secret communications based on quantum key distribution (Quantum Key Distribution, QKD).
The well-developed point-to-point quantum key distribution system cannot meet the practical application, and the user demand is expanding gradually. In order to meet the requirement of multi-user secure communication, the quantum key distribution network matched with the multi-user secure communication is gradually developed towards multi-user, long-distance and networking. From the development trend of optical fiber quantum key distribution, the inter-city quantum communication technology based on optical fibers is developing to be practical and industrialized.
3. Transmission relay
Because of the attenuation effect, it is difficult for point-to-point optical fiber quantum key distribution systems to achieve remote key distribution. In order to construct a backbone network and a metropolitan area network for quantum secret communication, a plurality of relay nodes are required to be set up to realize remote quantum secret communication. And the adjacent nodes use the quantum key generated by QKD to protect transmission content, and the relay nodes realize relay forwarding between the front node and the back node through decryption, encryption and other processes.
Disclosure of Invention
The following problems exist in the existing relay node scheme:
1. problem of quantum key explicit output
In the current scheme, the internal constituent systems of the relay nodes are connected through an IP network, and after QKD-A (namely a QKD transmitting end) and QKD-B (namely a QKD receiving end) respectively interact with opposite ends to generate quantum keys, the quantum keys are output to a relay data processing system in a plaintext mode. In this process, there is a risk of quantum key leakage.
2. Strong coupling problem between nodes
In the current scheme, the relay data processing system often stores the quantum keys at two ends after bitwise exclusive or so as to improve the security. However, when a certain relay node fails, all the quantum keys in the relay node are lost, so that the generated quantum keys in all the relay nodes and the connected switching nodes or access nodes on the whole line are discarded, and the line communication performance is seriously affected.
3. Rate mismatch problem of quantum key generation at two ends in relay node
Since the quantum key distribution system bit rate is affected by a number of factors, there is a difference in the rates at which the QKD-a and QKD-B within the relay node generate keys, respectively. In the current scheme, the end with high speed must be slowed down to adapt to the end with low speed, which affects the overall performance.
4. The quantum key distribution layer is vulnerable to attack against IP networks
Classical channels of quantum key distribution among nodes adopt an IP technology to carry out transmission of negotiation data, so that a quantum key distribution layer is also vulnerable to common network attack modes to stop operation.
5. Classical channel data transmission security problem
Data transmitted between nodes, such as classical channel part data of a quantum key distribution protocol, lacks protection of cryptographic techniques.
In order to overcome the problems, the invention provides a relay device of a quantum secret communication network system, wherein the relay device is used for generating a quantum key with an adjacent node and realizing data relay transmission in a hop-by-hop mode; the relay device enables the relay node, the switching node and the access node of the quantum secret communication network system to be connected by using classical channels and quantum channels respectively, and classical channels for quantum key distribution among the nodes are communicated in an IP-free mode.
In one embodiment, the relay device is an integrated device, and includes a data relay forwarding module, a communication key processing module, and a quantum key generation module. The relay device is integrated equipment, which means that all modules and the external environment have clear safety boundaries, and the relay device can be integrated on a high-safety designed board card or arranged in an unattended electromagnetic shielding cabinet.
In one embodiment, the quantum key generation module comprises two QKD receive terminal modules and a random key generation sub-module, or two QKD transmit terminal modules and a random key generation sub-module; the two QKD receiving terminal modules or the two QKD transmitting terminal modules respectively generate quantum keys together with corresponding QKD modules of the preamble adjacent nodes and the subsequent adjacent nodes, and output the quantum keys to the communication key processing module for storage under the protection of the random keys generated by the random key generating sub-module.
In one embodiment, the quantum key generation module includes a QKD receive terminal module, a QKD transmit terminal module, and a random key generation sub-module, where the QKD receive terminal module and the QKD transmit terminal module respectively generate quantum keys with corresponding QKD modules of a preceding neighboring node and a following neighboring node, and output to the communication key processing module for storage under protection of the random keys generated by the random key generation sub-module, respectively.
In one embodiment, the communication key processing module is connected to the QKD receive terminal module and the QKD transmit terminal module of the quantum key generation module by IP-less means.
In one embodiment, the QKD receive terminal module and the QKD transmit terminal module operate a quantum key distribution protocol with respective QKD transmit terminal modules and QKD receive terminal modules of a preamble node and a successor node, respectively, to generate an explicit quantum key q A And q B The bright state quantum key is destroyed after power failure.
In one embodiment, the random key generation submodule generates a random key T and compares it with the explicit quantum key q, respectively A And q B Performing bitwise exclusive OR encryption to form a secret state quantum key T A And T B And then output to the communication key processing module.
In one embodiment, the communication key processing module stores the secret quantum key T A And T B The method comprises the steps of carrying out a first treatment on the surface of the And the communication key is also subjected to encryption, decryption and forwarding processing operations, so that the safe distribution of the communication key is realized.
In one embodiment, the data relay processing module performs processing of network management data associated therewith.
In one embodiment, the data relay processing module further implements relay forwarding of user traffic data and network management data.
In one embodiment, the mutual authentication and transmission protection between the nodes are realized by presetting a symmetric key or issuing a device certificate in the quantum key generation module, the communication key processing module and the data relay forwarding module.
In one embodiment, the present invention provides a quantum secret communication network system based on quantum key distribution, the quantum secret communication network system comprising a relay device as described in any one of the above.
According to the integrated relay device of the relay node, through the design of the integrated device, the generation and the use of the quantum key are guaranteed to be in the device, and the leakage risk is reduced.
According to the integrated relay device of the relay node, the random key is introduced, so that the strong association relationship among the decoupling nodes is solved when the quantum key is protected, and the situation that the existing quantum key is discarded by a full link due to the fault of the relay node is solved. The integrated relay device of the relay node realizes decoupling while being high in safety.
The integrated relay device of the relay node ensures that classical channels do not need networking, reduces the possibility of being attacked by a network, and greatly improves the safety of the relay node.
The integrated relay device of the relay node uses the cryptographic technology to realize the mutual authentication between the nodes and the communication data encryption protection.
The integrated relay device of the relay node introduces a random key generation submodule into a quantum key generation module, so that the quantum key achieved by the adjacent node is covered and transformed into a secret state by the random key, thereby realizing the secret state storage, the secret state derivation and the secret state use of the quantum relay key, and being one-time secret. The quantum key and the random key in the bright state only appear in the chip memory of the device, and the device is destroyed when power is lost, so that the safety is ensured. The integrated relay device of the relay node requires the quantum key generation module to be realized in one chip in physical realization, so that the device is high in safety.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments described in the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic structural diagram of a conventional relay device;
FIG. 2 is a schematic diagram of a quantum secret communication network system networking topology based on quantum key distribution according to the present invention;
FIG. 3 is a schematic diagram of an integrated relay device according to the present invention;
fig. 4 is a schematic diagram of an output flow of a secret quantum key in the integrated relay device of the present invention;
fig. 5 is a schematic diagram of a communication key relay forwarding flow in the integrated relay device according to the present invention;
fig. 6 is a schematic diagram of a management data relay forwarding flow in the integrated relay device according to the present invention.
Detailed Description
In order that those skilled in the art will better understand the technical solutions of the present application, the present invention will be further described with reference to examples, and it is apparent that the described examples are only some of the examples of the present application, not all the examples. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without making any inventive effort, shall fall within the scope of the present application. The invention is further described below with reference to the drawings and examples.
Embodiment one: current relay device
In the existing solution, a QKD transmitting end (QKD-a), a QKD receiving end (QKD-B) and a relay data processing system are required to be deployed in each relay node room, and the three parts are physically independent from each other and are connected through an internal IP network, as shown in fig. 1. The working principle is as follows.
QKD-B is connected with QKD transmitting end of preamble node through quantum channel and classical channel, negotiates to generate quantum key q B And output; meanwhile, QKD-A is connected with the QKD receiving end of the subsequent node through a quantum channel and a classical channel and negotiates to generate a quantum key q A And output.
2. The relay data processing system is externally connected with the relay data processing system of the preamble node and the following node respectively through classical channels, and the relay data processing system is internally connected with the QKD-A and the QKD-B through an IP network to receive the quantum key q B And q A And stores the quantum key pair q B And q A Relay key Q formed by mutually bitwise exclusive OR AB 。
3. When receiving data K sent by the preamble node B Relay data processing systemUsing relay key Q AB Performing bitwise exclusive OR processing to obtain data K A And sent to the subsequent node.
Embodiment two: quantum secret communication network system of the invention
As shown in fig. 2, in one embodiment, the quantum secret communication network system based on quantum key distribution of the present invention includes an access node, a switching node and a relay node, where each node is connected by using a classical channel and a quantum channel, and the classical channel of quantum key distribution of the node uses an IP-free manner to communicate.
The quantum channel refers to a physical channel for transmitting quantum signals; quantum signals refer to physical signals that carry information in microscopic quantum states, such as: single photons modulated for polarization, time, orbital angular momentum, etc.
A classical channel is a physical channel that transmits classical signals; classical signals refer to signals carrying information in macroscopic physical quantities in modern communication technology, such as high level, low level, bright light pulses, dark light pulses, bright light pulses of different polarization states, bright light pulses of different phase differences.
In the quantum key distribution protocol, a quantum channel is used to transmit quantum signals, and a classical channel is used to transmit negotiation data, such as information of measurement base selection of a receiving end. Besides, classical channels are also used for transmission of inter-node networking protocols, management data, traffic data.
An access node: the network access of the user terminal device is realized, the surfing and surfing of the user data are completed, and the authority of surfing the user data is controlled by limiting the communication destination terminal.
Switching node: the shared communication key is realized with the adjacent switching nodes/access nodes, a routing table is established through information interaction between the adjacent access nodes/switching nodes, and the path selection of user data transmission is realized.
And (3) a relay node: and the quantum key is generated with the adjacent node, so that the data relay transmission in a hop-by-hop mode is realized.
In some embodiments, the quantum secret communication network system of the present invention further comprises a client device, which may include a private terminal, a user Key Distribution Center (KDC), and a cryptographic apparatus.
A dedicated terminal refers to a terminal dedicated to interacting with a quantum key service system and allowing user key importation to be received through an off-line means, such as a cryptographic bar.
The user key distribution center refers to a key distribution system built by a user or established by the user, and provides the function of importing and exporting a user key.
The cryptographic device refers to a special security device, such as a VPN gateway, with cryptographic algorithm implementation that requires the use of a user key.
For quantum secure communication networks, the user key is considered to be the networked transmission of the traffic data.
In some embodiments, the quantum secret communication network system of the present invention further comprises a management center.
The management center realizes the management of the equipment, the secret key, the strategy, the operation and maintenance, the operation and the like of the quantum secret communication network, and is a logic concept. In particular, the splitting can be performed according to different management objects. For example, the device management center implements admission management for networking devices; the key management center realizes the key management required by the cryptographic algorithm in the network operation; the policy management center realizes the management of the traditional network equipment, security equipment, quantum equipment and other operation modes; the operation and maintenance management center is used for managing the running state of the whole network equipment; and the operation management center performs statistics of charging, service quality and the like according to the service transmission.
In some embodiments, the management center is connected to the switching node. In some embodiments, the user side devices (private terminals, user key distribution centers, cryptographic equipment, etc.) are connected to the access node through a TCP/IP network.
Embodiment III: the invention relates to an integrated relay device of a relay node
1. The structure of the integrated relay device of the relay node of the invention
As shown in fig. 3, the integrated relay device of the present invention is an integrated device, and includes a quantum key generation module, a communication key processing module, and a data relay forwarding module.
1.1. A quantum key generation module: the QKD-B sub-module and the QKD-A sub-module respectively generate quantum keys together with corresponding QKD modules of the preamble node and the successor node, and output the quantum keys to the communication key processing module for storage under the protection of the random key generated by the random key generating sub-module;
1.2. a communication key processing module: storing quantum keys at both ends in ciphertext, i.e. secret quantum keys (T A 、T B ) The method comprises the steps of carrying out a first treatment on the surface of the And the communication key is encrypted, decrypted and forwarded, so that the safe distribution of the communication key is realized. For relaying the communication key K, the module uses a secret quantum key T A And T B For the input secret communication key K B Performing two exclusive OR operations, i.e.The output is the output secret state communication key K A ;
1.3. And the data relay forwarding module is used for: and realizing relay forwarding of service data and management data. Service data M K Means that the network protected by the communication key K transmits the payload data; the module only forwards the service data. The management data refers to various instructions issued by the network management center and node state information data reported by various network nodes according to requirements; the module identifies and processes the associated management data without forwarding the associated management data.
2. The working flow of the integrated relay device of the invention
2.1. Generation of a secret quantum key
The relay node uses a random key to protect the quantum keys at two ends, and the storage and the use are carried out in a secret state.
As shown in fig. 4, the quantum key generation module generates a secret quantum key by:
1) The QKD-A (QKD-B) submodule and the QKD-B (QKD-A) submodule at the opposite end operate BB84 protocol to generate an explicit quantum key q A (q B ) And its index;
2) The random key generation submodule generates a random key T and an index thereof, and the random key is respectively matched with the generated bright state quantum key q A (q B ) Performing bitwise exclusive OR to form a secret quantum key T A And T B Then output to the communication key processing module; simultaneously, storing the random key and the index thereof into a random key cache;
3) The communication key processing module stores the secret state quantum key T respectively A And T B And quantum key indexes corresponding to the two keys for standby.
2.2. Relay forwarding of communication keys
The switching/access node uses the quantum key already generated in the line to effect distribution of the communication key K between two adjacent switching/access nodes.
As shown in fig. 5, the communication key processing module of the current node needs to perform the following operations:
1) Receiving a quantum key q from a classical channel B Encrypted communication key ciphertext K B ;
2) Finding a corresponding secret state quantum key T according to the quantum key index B And combine it with K B Performing bitwise exclusive OR to obtain K T ;
3) Finding the next-hop secret quantum key T protected by the same random key according to the random key index A And combine it with K T Then carrying out bitwise exclusive OR to obtain K A ;
4) Transmitting a communication key ciphertext K from a classical channel A In the case of a correct functioning, the control unit,
5) And after the confirmation of the subsequent node is obtained, informing the random key generation submodule of the random key index so as to delete the cached random key T.
2.3. Managing the sending, receiving and forwarding of data
On one hand, the relay device needs to interact management data with the management center, so that the unified management of the management center on the nodes is realized; on the other hand, the relay device needs to relay the forwarding management data for other nodes.
As shown in fig. 6, the data relay forwarding module of the current node needs to perform the following operations:
1) Receiving management data sent by a previous hop node from a classical channel;
2) Judging whether the current node is required to perform state updating operation according to the identification of the receiving party in the management data, if so, executing the operation;
3) And judging whether the management data needs to be sent to a next hop node according to the identification of the receiving party in the management data, and if so, sending the management data.
2.3.1 management data Transmission
The relay device collects state information according to the management center policy and transmits the state information hop by hop to the management center through a classical channel.
2.3.2 management data reception
The relay device receives the management data from the classical channel and determines whether to receive or forward the management data by the data receiving address. The management data may include security policies, device authentication keys for various types of security states, and the like.
2.3.3 management data forwarding
And for the management data forwarded by the relay device, the relay device does not process.
2.4 error handling flow
a. Receiving end quantum key absence
The communication key processing module receives the communication key ciphertext K B If the receiving-end quantum key T of the secret state can not be found according to the quantum key index B The error is fed back to the preamble node.
b. Transmitting-side quantum key absence
The communication key processing module uses the receiving end quantum key ciphertext T B Cipher text K of communication key received by it B After bitwise exclusive or, if the sending end quantum key ciphertext T can not be found according to the random key index A Notifying the random key generation submodule to provide the random keyAnd indexing a new sending end quantum key ciphertext corresponding to the index.
It will be readily appreciated by those skilled in the art that the above advantageous ways can be freely combined and superimposed without conflict. The foregoing description of the preferred embodiments of the invention is not intended to be limiting, but rather is intended to cover all modifications, equivalents, and alternatives falling within the spirit and principles of the invention. The foregoing is merely a preferred embodiment of the present invention, and it should be noted that it will be apparent to those skilled in the art that modifications and variations can be made without departing from the technical principles of the present invention, and these modifications and variations should also be regarded as the scope of the invention.
Claims (6)
1. The relay device of the quantum secret communication network system is characterized in that the relay device is used for generating a quantum key with an adjacent node and realizing data relay transmission in a hop-by-hop mode; the relay device enables the relay node, the switching node and the access node of the quantum secret communication network system to be respectively connected by using classical channels and quantum channels, and classical channels distributed by quantum keys among the nodes are communicated in an IP-free mode;
the relay device is integrated equipment and comprises a quantum key generation module, a communication key processing module and a data relay forwarding module;
the quantum key generation module comprises a QKD receiving terminal module, a QKD transmitting terminal module and a random key generation sub-module, wherein the QKD receiving terminal module and the QKD transmitting terminal module respectively generate quantum keys together with corresponding QKD sub-modules of a preamble adjacent node and a subsequent adjacent node, and output the quantum keys to the communication key processing module for storage under the protection of the random keys generated by the random key generation sub-module;
the communication key processing module is connected with the QKD receiving terminal module and the QKD transmitting terminal module in the quantum key generation module in an IP-free manner;
the QKD receiving terminal module and the QKD transmitting terminal module are dividedThe corresponding QKD transmitting and receiving terminal modules respectively connected with the preceding and subsequent adjacent nodes operate a quantum key distribution protocol to generate an explicit state quantum key q A And q R And the bright state quantum key is destroyed after power failure.
2. The relay device according to claim 1, wherein the mutual authentication and transmission protection between nodes are achieved by presetting a symmetric key or issuing a device certificate in the quantum key generation module, the communication key processing module, and the data relay forwarding module.
3. The relay device according to claim 1, wherein the random key generation submodule generates a random key T and compares it with the explicit quantum key q, respectively A And q B Performing bitwise exclusive OR encryption to form a secret state quantum key T A And T B Then output to the communication key processing module; and the bright state random key stored in the random key generation sub-module is destroyed after power failure.
4. A relay device according to claim 3, wherein the communication key processing module stores the secret quantum key T A And T B The method comprises the steps of carrying out a first treatment on the surface of the And the communication key is also subjected to encryption, decryption and forwarding processing operations, so that the communication key is safely distributed on the same logic link.
5. The relay device according to claim 1, wherein the relay device implements processing of network management data associated therewith; and/or the relay device also realizes relay forwarding of the user service data and the non-self network management data.
6. A quantum secret communication network system based on quantum key distribution, characterized in that the quantum secret communication network system comprises a relay device according to any of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811341189.5A CN109245887B (en) | 2018-11-12 | 2018-11-12 | Relay device for quantum secret communication network system and communication network system comprising the same |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811341189.5A CN109245887B (en) | 2018-11-12 | 2018-11-12 | Relay device for quantum secret communication network system and communication network system comprising the same |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109245887A CN109245887A (en) | 2019-01-18 |
| CN109245887B true CN109245887B (en) | 2024-01-30 |
Family
ID=65078258
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811341189.5A Active CN109245887B (en) | 2018-11-12 | 2018-11-12 | Relay device for quantum secret communication network system and communication network system comprising the same |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109245887B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110868290B (en) * | 2019-11-21 | 2022-05-31 | 成都量安区块链科技有限公司 | Key service method and device without central control |
| CN114362936A (en) * | 2020-12-30 | 2022-04-15 | 广东国腾量子科技有限公司 | Secret key relay method in communication network based on quantum secrecy |
| CN114401085B (en) * | 2020-12-30 | 2023-11-28 | 广东国腾量子科技有限公司 | Network architecture and key storage method of quantum secret communication network |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010011127A2 (en) * | 2008-07-23 | 2010-01-28 | Mimos Berhad | Quantum network relay |
| CN102238005A (en) * | 2011-08-17 | 2011-11-09 | 上海朗研光电科技有限公司 | Relaying method for remote secure quantum communication |
| WO2016206498A1 (en) * | 2015-06-23 | 2016-12-29 | 中兴通讯股份有限公司 | First quantum node, second quantum node, secure communications architecture system, and method |
| CN107135072A (en) * | 2017-06-05 | 2017-09-05 | 三峡大学 | A kind of wireless sensor network system based on quantum cryptography |
| CN107437995A (en) * | 2016-05-27 | 2017-12-05 | 西安电子科技大学 | Satellite-based wide area quantum communication network system and communication means |
| CN108737076A (en) * | 2017-04-13 | 2018-11-02 | 山东量子科学技术研究院有限公司 | A kind of identity authorization system and identity identifying method |
| CN208986952U (en) * | 2018-11-12 | 2019-06-14 | 中共中央办公厅电子科技学院 | The relay of quantum secret communication network system and communications network system including the device |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7512242B2 (en) * | 2003-03-21 | 2009-03-31 | Bbn Technologies Corp. | Systems and methods for quantum cryptographic key transport |
| CN105827397B (en) * | 2015-01-08 | 2019-10-18 | 阿里巴巴集团控股有限公司 | Quantum key distribution system, method and device based on credible relaying |
-
2018
- 2018-11-12 CN CN201811341189.5A patent/CN109245887B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010011127A2 (en) * | 2008-07-23 | 2010-01-28 | Mimos Berhad | Quantum network relay |
| CN102238005A (en) * | 2011-08-17 | 2011-11-09 | 上海朗研光电科技有限公司 | Relaying method for remote secure quantum communication |
| WO2016206498A1 (en) * | 2015-06-23 | 2016-12-29 | 中兴通讯股份有限公司 | First quantum node, second quantum node, secure communications architecture system, and method |
| CN106330434A (en) * | 2015-06-23 | 2017-01-11 | 中兴通讯股份有限公司 | First quantum node, second quantum node, secure communication architecture system and methods |
| CN107437995A (en) * | 2016-05-27 | 2017-12-05 | 西安电子科技大学 | Satellite-based wide area quantum communication network system and communication means |
| CN108737076A (en) * | 2017-04-13 | 2018-11-02 | 山东量子科学技术研究院有限公司 | A kind of identity authorization system and identity identifying method |
| CN107135072A (en) * | 2017-06-05 | 2017-09-05 | 三峡大学 | A kind of wireless sensor network system based on quantum cryptography |
| CN208986952U (en) * | 2018-11-12 | 2019-06-14 | 中共中央办公厅电子科技学院 | The relay of quantum secret communication network system and communications network system including the device |
Non-Patent Citations (4)
| Title |
|---|
| DGS/QKD-0002_UserReqs.Group Specification Quantum Key Distribution * |
| Use Cases.TSI GS QKD 002.2010,(第V1.1.1期),全文. * |
| 基于信任中继的QKD网络研究;韩伟;武欣嵘;朱勇;张永;耿常锁;;军事通信技术(第04期);全文 * |
| 基于可信中继的广域量子密钥网络模型研究;杨超;张红旗;苏锦海;王凯;姜皇勤;曾光;;工程科学与技术(第02期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109245887A (en) | 2019-01-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109302288B (en) | Quantum secret communication network system based on quantum key distribution technology and application thereof | |
| CN109194477B (en) | Access node device for quantum secret communication network system and communication network system comprising the same | |
| US9838363B2 (en) | Authentication and initial key exchange in ethernet passive optical network over coaxial network | |
| CN109245887B (en) | Relay device for quantum secret communication network system and communication network system comprising the same | |
| US8112622B2 (en) | Chaining port scheme for network security | |
| US20030072059A1 (en) | System and method for securing a communication channel over an optical network | |
| WO2021133204A1 (en) | System for the secure transfer of data within a digital network | |
| CN208986950U (en) | A kind of quantum secret communication network system based on quantum key distribution technology | |
| CN101442403B (en) | Self-adapting method for exchanging composite cipher key and managing session cipher key | |
| US7450719B2 (en) | Gigabit Ethernet-based passive optical network and data encryption method | |
| CN109257274B (en) | Switching node device for quantum secret communication network system and communication network system comprising the same | |
| CN208986952U (en) | The relay of quantum secret communication network system and communications network system including the device | |
| CN114095423B (en) | MPLS-based power communication backbone network data security protection method and system | |
| KR100594023B1 (en) | Method of encryption for gigabit ethernet passive optical network | |
| CN102098672A (en) | Method and system for transmitting key information, transmitting end and receiving end | |
| CN114401085B (en) | Network architecture and key storage method of quantum secret communication network | |
| CN115733683A (en) | Method for realizing Ethernet link self-organizing encryption tunnel by adopting quantum key distribution | |
| WO2023078639A1 (en) | Quantum-secured communication | |
| CN112235318B (en) | Metropolitan area network system for realizing quantum security encryption | |
| Schartner et al. | How to overcome the'Trusted Node Model'in Quantum Cryptography | |
| Lin et al. | Quantum key distribution in partially-trusted QKD ring networks | |
| Liu et al. | Physical layer secure information exchange protocol for mimo ad hoc networks against passive attacks | |
| WO2003023980A2 (en) | System and method for securing a communication channel | |
| Matsuzono et al. | QKDN meets ICN: Efficient Secure In-Network Data Acquisition | |
| US20230269077A1 (en) | On-demand formation of secure user domains |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |