CN109286489A - A kind of quantum communications method and network based on secondary encryption - Google Patents
A kind of quantum communications method and network based on secondary encryption Download PDFInfo
- Publication number
- CN109286489A CN109286489A CN201710605579.8A CN201710605579A CN109286489A CN 109286489 A CN109286489 A CN 109286489A CN 201710605579 A CN201710605579 A CN 201710605579A CN 109286489 A CN109286489 A CN 109286489A
- Authority
- CN
- China
- Prior art keywords
- key
- quantum
- storage unit
- fresh
- history
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
- H04L9/0855—Quantum cryptography involving additional nodes, e.g. quantum relays, repeaters, intermediate nodes or remote nodes
Abstract
The invention discloses a kind of quantum communication network and communication means, wherein for quantum communication network, by way of the history quantum key stored in the fresh quantum key of relay transmission and node to be carried out to encryption in key network node and forms shared quantum key, it solves to cause fresh key is stolen to wait be may cause safety defect by physical attacks in key relay processes easily, to realize safer quantum communications.
Description
Technical field
The present invention relates to quantum communications field, relate more specifically to quantum communications method and network based on secondary encryption.
Background technique
Mainstream development direction of the quantum communications as international communication field, has received widespread attention and studies.At present should
Research direction makes fast progress, and usage range is wider, has advantageous advantage relative to traditional communication mode.In practical side
Experiment and application verification has been obtained in face, the network construction of quantum communications, especially quantum communication network.Technique on Quantum Communication
In a key link be related to the distribution of quantum key, wherein utilize quantum-mechanical basic principle, with the property list of photon
Random number bit sequence is levied, a set of quantum key can be established by traditional channel, to realize quantum key distribution.Due to
Quantum-mechanical fundamental characteristics, quantum key distribution in principle, relative to conventional communication mode, have not reproducible, absolute
Secrecy, the incomparable advantage that can not be eavesdropped.
From being born first quantum key distribution agreement in 1984, under world scientific research personnel makes joint efforts, quantum key
Dissemination system has reached its maturity.2003, US Department of Defense Advanced Research Projects Agency (DARPA) started planned foundation amount
Sub- communication network;2004, Europe began setting up SECOQC quantum communication network, and stable;China also establishes purport
In the quantum communications try net for verifying and promoting quantum communication system;Japan Report in 2011 establishes the high speed quantum in Tokyo
Network, mainly using high speed quantum key distribution (QKD) system as link backbone.
However the influence factors such as light source, line loss and the decoding end device performance of quantum communications are limited to, quantum is logical
The distance of letter receives certain limitation.Quantum communication network more mature at present uses the network communication based on credible relaying
Mode, it may be assumed that in a communication network, increase trusted node using as relay node, trusted node simultaneously with the superior and the subordinate's trustable network
Node (it includes relay node, transmitting terminal and receiving end) carries out quantum key distribution operation.Amount on each network node
After quantum key distribution process is fully completed, then point-to-point quantum key distribution can be realized by each relay node, mentioned
For the quantum communications of encryption.
However, even if the loss and safety of entire quantum communications route, which are guaranteed, (guarantees general credible relay node
Safety), but the key relays node in quantum communications route and receive the safety of terminal but concerning entirely communicating
The success or failure of journey.These key relays nodes and reception terminal generally include decoding end measurement device and key storage device, will
The key data received is decoded and obtains primary key through measurement, is when necessary stored in these primary keys accordingly
Memory device in.It, then can be by it from section once listener-in touches the quantum key stored in node by physical means
Copy is stolen in point, to destroy the safety and reliability of quantum communications.In fact, the defense needs for physical contact increases
Add a large amount of cost of human and material resources, also results in more uncontrollable factors.This allows for this by credible relay node
The quantum communication network of realization is in actual moving process, although may be implemented to communicate at a distance, it may be sacrificed
Safety, and higher cost are unfavorable for building and using on a large scale.
Therefore, just at present, need one kind that can meet telecommunication basic demand in quantum communication network
Under the premise of further improve coded communication safety, reduce the scheme of network cost.
Summary of the invention
In view of the above-mentioned problems, may include multiple key network nodes the invention proposes a kind of quantum communication network,
The key network node includes storage unit, and history quantum key K is stored in the storage unito.According to the present invention, institute
Stating key network node can be configured to, during quantum key distribution, when it receives fresh quantum key KNWhen, it can
With by the fresh quantum key KNWith the history quantum key KoCryptographic calculation is carried out to obtain operation result Km, and by institute
State operation result KmIt stores in the storage unit, is used as shared quantum key.It is formed by this through secondary encryption
The mode of shared quantum key can solve to cause fresh key is stolen can by physical attacks in key relay processes easily
Safety defect caused by energy.
Further, the operation result KmThe history quantum key of the cryptographic calculation can be participated in by covering
KoMode store in the storage unit.History quantum key can be wiped out in this way, so that providing more has
The safety guarantee of effect.
In the present invention, key network node is the stronger network node of security protection, can be transmitting terminal, receiving end
Or crucial relay node.
Optionally, the storage unit can be the form of toroidal memory, to realize the circulation covering of quantum key
Storage.
In the present invention, one or more credible relayings can be equipped between two neighboring in the key network node
Node, and between two adjacent key network nodes the fresh quantum can be transmitted in such a way that key relays
Key KN。
Further, the key network node can also include encryption/decryption element, for relaying number to received key
According to being decrypted to obtain the fresh quantum key KNAnd/or by the fresh quantum key KNWith the history quantum key
KoCarry out cryptographic calculation.
Optionally, the cryptographic calculation can be XOR operation.
Another aspect provides a kind of quantum communications methods for quantum communication network, wherein the quantum
Communication network includes multiple key network nodes, and the key network node includes storage unit, and the storage unit is stored with
History quantum key Ko.According to the method for the present invention, during quantum key distribution, the key network node is being received
Fresh quantum key KNWhen can be by the fresh quantum key KNWith the history quantum key KoCryptographic calculation is carried out to obtain
Operation result Km, and by the operation result KmIt stores in the storage unit, is used as shared quantum key.
Further, the operation result KmIt is close to can be the history quantum that the cryptographic calculation is participated in by covering
Key KoMode store in the storage unit.
Further, one or more credible relayings can be equipped between two neighboring in the key network node save
Point, and the fresh quantum key is transmitted in such a way that key relays between two adjacent key network nodes
KN。
Detailed description of the invention
Fig. 1 schematically shows the memory cell structure and storing process of one exemplary embodiment of the present invention;With
Fig. 2 schematically depicts the flow chart of storing process shown in Fig. 1.
Specific embodiment
Hereinafter, exemplary embodiment of the present invention is with reference to the accompanying drawings to detailed description.The following examples are to illustrate
Mode provide, sufficiently to convey spirit of the invention to those skilled in the art in the invention.Therefore, the present invention is unlimited
In embodiment disclosed herein.
According to the present invention, quantum communication network may include transmitting terminal, receiving end and positioned at one or more between the two
A relay node.May exist some key relays nodes in these relay nodes, it is generally recognized that these key relays nodes
It is higher than general relay node in terms of safety.In quantum communication network, key relays node, transmitting terminal and receiving end
Crucial network node is belonged to, wherein being usually provided with enciphering/deciphering unit and storage unit.
In the prior art, the key distribution between network node often will can by one or more between them
Letter relay node is completed in a manner of key relaying.However, existing in this key relay processes because of credible relay node
It is physically attacked and the key of relaying is caused to steal the possibility divulged a secret.In order to avoid this security risk, in communication of the invention
In method and network, the storage unit in key network node can be arranged to by recycle covering write-in in a manner of to data into
Row storage.Specifically, data are written since the initial position of storage unit when in storage unit to be write data into
It is sequentially stored in storage unit, i.e., write pointer is mobile from the initial position of storage unit to end position;When memory space
When being fully written, i.e. write pointer has arrived at the end position of storage unit, if continuing to write-in data, write pointer will be returned at this time
Restore the initial position of storage unit and sequentially mobile to end position again, the number that the data being newly written will store before covering
According to.
Assuming that will key network node A (such as transmitting terminal or key relays node) and key network node B (such as
Key relays node or receiving end) between formed it is new it is symmetrical share quantum key, exist between key network node A and B
One or more credible relay node C1 ..., Cn, and there are old symmetrical shared quantum key K on node A and node Bo(under
Claim " history quantum key K0”)。
During a quantum key distribution, it is necessary first to form fresh quantum key K at key network node AN,
The fresh quantum key KNBy key relaying through credible relay node C1 ..., Cn is passed at key network node B.This
When, fresh quantum key KNIt will be with data (i.e. history quantum key K before coveringo) mode store key network node B's
In storage unit.According to fresh quantum key KNBefore updating storage the shared quantum key in unit, covering is stored into position
Legacy data (the history quantum key K seto) read out and with quantum key KNCarry out cryptographic calculationAnd
By cryptographic calculation result KmIt is stored in storage unit, legacy data before is covered.Same quantum key renewal process also exists
It is carried out at node A, i.e. newly-generated fresh quantum key K at node ANBy with covering storage location on legacy data (history amount
Sub-key Ko) read out and with fresh quantum key KNCarry out same cryptographic calculationAnd by cryptographic calculation
As a result KmIt is stored in storage unit, legacy data before is covered.
Therefore, it is close new shared quantum will to be formed during this secondary quantum key distribution, on key network node A and B
Key (namely cryptographic calculation result Km), it is to be stored in the storage unit of respective node in a manner of covering write-in.
By way of this history key and new distribution key encrypting storing, even if passing through the credible relaying section of physical attacks
Point Ci obtains the fresh quantum key K of relayingN, or consume a longer time the expired history quantum key obtained in node A or B
Ko, cannot all know to share quantum key (namely cryptographic calculation result K provided by quantum key distribution at this timem), thus effectively
Ground improves the safety of quantum communications key, has ensured quantum communications safety.
On the basis of understanding basic principle of the invention, those skilled in the art be understand that, above-mentioned to cover history
The mode of key be written it is not necessary to, can also be by the history key cryptographic calculation in fresh quantum key and storage unit
As a result KmIt separately stores, does not cover or wipe history key.
In the present invention, the Encryption Algorithm between history key and fresh quantum key can use XOR operation, can also
To be other any suitable Encryption Algorithm.
Below the principle of the present invention will be further illustrated by example shown in FIG. 1.In Fig. 1, key relays node
In storage unit can be toroidal memory, will using recurrent wrIting storage mode.
As shown in Figure 1, obtaining new original quantum key K each timeN(namely fresh quantum key KN) before, it is crucial
Toroidal memory in network node has stored last primary key KO(i.e. history key).Assuming that in upper primary storage
After the completion, write pointer is directed toward the position 1 in memory, and has had the bit 1# of history key, bit 2#, bit in memory
3#.When key network node starts to receive one section of fresh quantum key KN(it may, for example, be by passing to adjacent relay node
Acquisition is decrypted in the relaying key data passed), and obtain first bit 1.Memory stores bit 1 and write pointer meaning
The bit 1# of history key in position obtains a new bit 1 ' by cryptographic calculation, and bit 1 ' is stored in write pointer
Pointed location, and cover bit 1#.After the completion of storing process at position 1, write pointer will be directed toward the next position 2.It is every as a result,
The bit of a new quantum key is obtained, which is added with the bit of the history key of corresponding storage location using certain
Decryption method obtains new bit data, and in memory by the bit storage of bit data covering history key, makes later
Write pointer is directed toward the next position of toroidal memory, thus obtains the fresh quantum key passed through after secondary encryption,
The shared quantum key pair between two key network nodes will be constituted, is used for subsequent quantum communications.Fig. 2 is schematically described
The flow chart of the above process.
In the present invention, in the key relays node and terminal recipient (key network for keeping existing quantum communication network
Node) on the basis of basic structure is constant, by the change of the storage mode to the quantum key newly distributed, i.e., do not store directly
The quantum key newly distributed, but it is subjected to cryptographic calculation with history quantum key and is stored in later with cryptographic calculation result
It is used in storage unit as fresh quantum key, it is possible to reduce the loophole of listener-in's physical contact substantially increases such as crucial
The safety of the key networks node such as relay node and terminal recipient.Specifically, in entire quantum communication network, if having
The transmitting terminal and receiving end of dry relay node and key relays node and communication.For key relays node and terminal recipient this
A little crucial network nodes, when being communicated using above-mentioned function mode, key node and terminal recipient use knot
The secondary encryption key that history key and fresh key obtain is closed, common relay node then uses conventional store, relays immediately
Mode, without additional encryption.For general relay node, listener-in allows to be physically contacted, and at most can only also obtain
To partial history code key or fresh key;For key relays node and terminal recipient, then using modes such as manual inspections
Safeguard protection, exclude listener-in physical contact possibility.Listener-in can not obtain history key, fresh key and encryption simultaneously
Algorithm, you can't get the secondary encryption keys eventually for secret communication.
It is effectively improved under the premise of ensure that existing quantum communication network can transmit at a distance by the present invention
The level of security of quantum communications relaying, while keeping existing structure constant, the requirement to manual inspection and protection substantially reduces
(only needing to reinforce protection for key relays node and terminal recipient), so that the construction and maintenance cost of quantum communication network
It is lower, it is very suitable to practical application and popularization.
Particular embodiments described above has carried out further in detail the purpose of the present invention, technical scheme and beneficial effects
Describe in detail bright, it should be understood that the above is only a specific embodiment of the present invention, is not intended to restrict the invention, it is all
Within the spirit and principles in the present invention, any modification, equivalent substitution, improvement and etc. done should be included in protection of the invention
Within the scope of.
Claims (10)
1. a kind of quantum communication network comprising multiple key network nodes, the key network node includes storage unit, institute
It states and is stored with history quantum key K in storage unito, it is characterised in that:
The key network node is configured to, when receiving fresh quantum key K during quantum key distributionNWhen, by institute
State fresh quantum key KNWith the history quantum key KoCryptographic calculation is carried out to obtain operation result Km, and by the operation
As a result KmIt stores in the storage unit, is used as shared quantum key.
2. quantum communication network as described in claim 1, wherein the operation result KmThe encryption fortune is participated in by covering
The history quantum key K calculatedoMode store in the storage unit.
3. quantum communication network as described in claim 1, wherein the key network node include transmitting terminal, receiving end and
Key relays node.
4. quantum communication network as described in claim 1, wherein the storage unit is toroidal memory.
5. quantum communication network as described in claim 1, wherein be equipped between two neighboring in the key network node
One or more credible relay nodes, and transmitted in such a way that key relays between two adjacent key network nodes
The fresh quantum key KN。
6. quantum communication network as described in claim 1, wherein the key network node further includes encryption/decryption element, is used
It is decrypted in received key relaying data to obtain the fresh quantum key KNAnd/or by the fresh quantum key
KNWith the history quantum key KoCarry out cryptographic calculation.
7. quantum communication network as described in claim 1 or 6, wherein the cryptographic calculation is XOR operation.
8. a kind of quantum communications method for quantum communication network, the quantum communication network includes multiple key network sections
Point, the key network node includes storage unit, and the storage unit is stored with history quantum key Ko, it is characterised in that:
During quantum key distribution, the key network node is receiving fresh quantum key KNWhen, by the fresh amounts
Sub-key KNWith the history quantum key KoCryptographic calculation is carried out to obtain operation result Km, and by the operation result KmIt deposits
It stores up in the storage unit, is used as shared quantum key.
9. quantum communications method as claimed in claim 8, wherein the operation result KmThe encryption fortune is participated in by covering
The history quantum key K calculatedoMode store in the storage unit.
10. quantum communications method as claimed in claim 8, wherein set between two neighboring in the key network node
There are one or more credible relay nodes, is transmitted in such a way that key relays between two adjacent key network nodes
The fresh quantum key KN。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710605579.8A CN109286489A (en) | 2017-07-20 | 2017-07-20 | A kind of quantum communications method and network based on secondary encryption |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710605579.8A CN109286489A (en) | 2017-07-20 | 2017-07-20 | A kind of quantum communications method and network based on secondary encryption |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109286489A true CN109286489A (en) | 2019-01-29 |
Family
ID=65185541
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710605579.8A Pending CN109286489A (en) | 2017-07-20 | 2017-07-20 | A kind of quantum communications method and network based on secondary encryption |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109286489A (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103491531A (en) * | 2013-08-23 | 2014-01-01 | 中国科学技术大学 | Method for using quantum keys to improve safety of electric power information transmission in power system WiMAX wireless communication network |
CN103763099A (en) * | 2014-02-13 | 2014-04-30 | 国家电网公司 | Electric power security communication network based on quantum key distribution technology |
CN104243143A (en) * | 2013-06-08 | 2014-12-24 | 安徽量子通信技术有限公司 | Mobile secret communication method based on quantum key distribution network |
CN105471576A (en) * | 2015-12-28 | 2016-04-06 | 科大国盾量子技术股份有限公司 | Quantum key relaying method, quantum terminal nodes and quantum key relaying system |
CN105827397A (en) * | 2015-01-08 | 2016-08-03 | 阿里巴巴集团控股有限公司 | Quantum key distribution system, method and device based on trusted relay |
-
2017
- 2017-07-20 CN CN201710605579.8A patent/CN109286489A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104243143A (en) * | 2013-06-08 | 2014-12-24 | 安徽量子通信技术有限公司 | Mobile secret communication method based on quantum key distribution network |
CN103491531A (en) * | 2013-08-23 | 2014-01-01 | 中国科学技术大学 | Method for using quantum keys to improve safety of electric power information transmission in power system WiMAX wireless communication network |
CN103763099A (en) * | 2014-02-13 | 2014-04-30 | 国家电网公司 | Electric power security communication network based on quantum key distribution technology |
CN105827397A (en) * | 2015-01-08 | 2016-08-03 | 阿里巴巴集团控股有限公司 | Quantum key distribution system, method and device based on trusted relay |
CN105471576A (en) * | 2015-12-28 | 2016-04-06 | 科大国盾量子技术股份有限公司 | Quantum key relaying method, quantum terminal nodes and quantum key relaying system |
Non-Patent Citations (6)
Title |
---|
M PEEV等: ""The SECOQC quantum key distribution network in Vienna"", 《NEW JOURNAL OF PHYSICS》 * |
吴华等: ""量子通信现状与展望"", 《中国科学:信息科学》 * |
周静等: ""量子密钥技术提升电力系统二次防护安全性研究"", 《电网技术》 * |
孙伟等: ""基于相干叠加态的非正交编码诱骗态量子密钥分发"", 《物理学报》 * |
尹华磊等: ""超过404km的测量设备无关量子密钥分发实验"", 《信息安全研究》 * |
蔡文奇等: ""量子密钥分发系统中同步激光甄别器的研制"", 《中国激光》 * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Courtland | China's 2,000-km quantum link is almost complete [News] | |
US20230224148A1 (en) | System and method for quantum-safe authentication, encryption and decryption of information | |
CN107249009B (en) | Data verification method and system based on block chain | |
Wang et al. | Experimental authentication of quantum key distribution with post-quantum cryptography | |
ES2717548B2 (en) | Secure key agreement with untrusted devices | |
CN108738017A (en) | Secure communication in network access point | |
Charles et al. | Securing network-on-chip using incremental cryptography | |
CN110365474B (en) | Key agreement method and communication equipment | |
CN108847939A (en) | A kind of MDI-QKD agreement based on quantum network | |
CN107493168A (en) | Quanta identity authentication method and its application process during quantum key distribution | |
CN109586924A (en) | A kind of intelligent distribution network data safe transmission method based on cloud computing | |
CN111586680A (en) | Power grid end-to-end communication encryption system and method, communication equipment and storage medium | |
Sun et al. | Deterministic secure quantum communication with practical devices | |
KR20190040443A (en) | Apparatus and method for creating secure session of smart meter | |
CN109286489A (en) | A kind of quantum communications method and network based on secondary encryption | |
Li et al. | Deterministic quantum secure direct communication protocol based on hyper-entangled state | |
Makhdoom et al. | A novel code attestation scheme against Sybil Attack in Wireless Sensor Networks | |
Li et al. | Study on the security of the authentication scheme with key recycling in QKD | |
Wang et al. | A segment-based multipath distribution method in partially-trusted relay quantum networks | |
CN109831303A (en) | A kind of high-intensitive random encrypting method with 8 chip microcontrollers of low side | |
CN114244499B (en) | Group communication method and system based on tree structure symmetric key pool | |
CN104010303B (en) | Terminal based on physical layer key and the two-way authentication Enhancement Method of core net | |
Gilbert et al. | Secrecy, computational loads and rates in practical quantum cryptography | |
Gope et al. | A reconfigurable and secure firmware updating framework for advanced metering infrastructure | |
Zhu et al. | A quantum key-based mobile security payment scheme |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20190129 |