CN109412794A - A kind of quantum key automatic filling method and system adapting to power business - Google Patents
A kind of quantum key automatic filling method and system adapting to power business Download PDFInfo
- Publication number
- CN109412794A CN109412794A CN201810960449.0A CN201810960449A CN109412794A CN 109412794 A CN109412794 A CN 109412794A CN 201810960449 A CN201810960449 A CN 201810960449A CN 109412794 A CN109412794 A CN 109412794A
- Authority
- CN
- China
- Prior art keywords
- quantum
- key
- ukey
- card
- random number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
Abstract
The invention discloses a kind of quantum key automatic filling method and system for adapting to power business, defer to the deployment framework of the convergence of power business main website and the access of power business terminal, quantum key is divided into quantum authentication key, quantum cryptography key and quantum more new key, quantum authentication key is used for authentication when communication interaction, quantum cryptography key is used for the encryption and decryption of data when communication interaction, when quantum more new key is used to update quantum authentication key, quantum cryptography key and/or quantum more new key, to the encryption and decryption of quantum key new in communication interaction.Key is updated by quantum to update quantum authentication, encryption and/or more new key, realizes automatic filling and the update of quantum key.
Description
Technical field
The present invention relates to it is a kind of adapt to power business quantum key automatic filling method and system, belong to quantum mechanics and
Information science technology field.
Background technique
Currently, electric system important service mainly uses optical fiber private network and national commercial cipher algorithm for encryption transmission, peace
Full property relies primarily on key privacy and computational complexity.But with the enhancing of the development of attack technology and mankind's computing capability,
There is the lossless eavesdropping and spoof attack means for optical cable, while with the gradually maturation of quantum calculation technology, being based on
The conventional encryption algorithm of computation complexity crack difficulty and the time exponentially declines, the wind that traditional Secrecy system is cracked
Danger increases severely with day.
Quantum key distribution is based on fundamental principles of quantum mechanics, ensure that inevitable once there is eavesdropping sent out from principle
It is existing, it not will receive computing capability and the threat that mathematics standard is constantly promoted, there is long-term safety, can theoretically realize can not
The safe and secret communication decoded has become the development and application trend for ensureing data transmission security both at home and abroad.
To improve power system information safety protection level, based on own fiber resource, State Grid Corporation of China mostly is being built
If quantum secret communication demonstration project, the adaptability of Quantum Secure Communication power business is demonstrated.But due to light quantum
With the characteristics such as unclonable, indivisible, therefore quantum channel is only capable of using bare fibre for transmission medium, and midway is inseparable
Light, amplification or regeneration occupy a large amount of bare fibre resources.Meanwhile current powerline network is using optical fiber, wireless, electric power
The communications such as line carrier wave, and the modes such as light is put, electricity relays largely are used to extend transmission distance, it is difficult to agree with above-mentioned
It is required that limiting Quantum Secure Communication to a certain extent in the applied generalization of electric system.
Summary of the invention
It is an object of the invention to overcome deficiency in the prior art, a kind of quantum key automatic filling method is proposed,
Realize automatic filling and the update of quantum key.
In order to solve the above technical problems, the present invention provides a kind of quantum key automatic filling methods, comprising:
Quantum key is divided into quantum authentication key, quantum cryptography key and quantum more new key, quantum authentication key, quantum
Encryption key and quantum more new key are all made of one-time pad mode;Wherein,
Quantum authentication key is used for authentication when communication interaction, and data adds solution when quantum cryptography key is for communication interaction
Close, quantum more new key is for handing over communication when updating quantum authentication key, quantum cryptography key and/or quantum more new key
The encryption and decryption of new quantum key in mutually.
Preferably, quantum authentication key uses regular length, the length of quantum more new key and quantum cryptography key according to
Demand determines.
Meanwhile the invention also provides a kind of quantum key automatic filling method and system for adapting to power business, defer to
The deployment framework of the convergence of power business main website and the access of power business terminal, meanwhile, power business terminal side quantum key updates
Independent of traditional bare fibre quantum channel, construction cost is reduced, application scenarios are extended, improves quantum secret communication
Technology power system practicalization is horizontal.
In order to solve the above technical problems, a kind of quantum key automatic filling method of adaptation power business of the invention,
It is characterized in, one or more quantum random number generators, quantum key filling supervisor and amount including being deployed in business main website side
Sub- safe access gateway, and multiple quantum Ukey/TF cards of service terminal side are deployed in, business main website is through quantum secure accessing
Gateway is connect with each service terminal, and each quantum random number generator is separately connected quantum key filling supervisor, quantum key
Fill supervisor through quantum safe access gateway and each quantum Ukey/TF card connection, method the following steps are included:
Step S1, initial key fill the stage: quantum key fill supervisor from each quantum random number generator obtain quantum with
Then quantum random number key is filled to quantum Ukey/TF card as its initial key, while transmitting equal amount by machine number key
Sub- random number key to quantum safe access gateway stores;
Step 2: the initial key in quantum safe access gateway and quantum Ukey/TF card is divided into quantum authentication key, amount
Sub- encryption key and quantum more new key, quantum authentication key, quantum cryptography key and quantum more new key are all made of one time one
Close mode;
Step S3 is pacified when having service data interaction between service terminal and business main website using quantum Ukey/TF card, quantum
Quantum authentication key in full access gateway realizes certification between the two, is realized and is handed over using quantum encryption key after authenticating successfully
The encryption and decryption of business datum during mutually;
Step S4, quantum key more new stage: close using the quantum authentication in quantum Ukey/TF card, quantum safe access gateway
Key realizes the certification between the two and quantum key filling supervisor, and quantum key filling supervisor occurs from each quantum random number
Device obtains quantum random number key, is sent to quantum Ukey/TF card by quantum safe access gateway;Utilize quantum secure accessing
Quantum more new key realizes the encryption and decryption of quantum random number key in interactive process in gateway, quantum Ukey/TF card.
Preferably, when management information class power business, quantum random number generator is two or more;Production control class electricity
When power business, quantum random number generator is three or more.
Preferably, the stage is filled in initial key, quantum key fills supervisor and passes through USB port/TF card slot and quantum
Ukey/TF card is provisional direct-connected, completes the filling of quantum Ukey/TF card initial key.
Preferably, quantum authentication key is using regular length, quantum more new key and quantum cryptography key according to access electricity
The type of power business determines, controls class business for power generation, quantum updates size of key and is much larger than quantum cryptography size of key;It is right
In electrical management content service, quantum cryptography key is much larger than quantum more new key.
Preferably, for electrical management content service, when service traffics are big, quantum more new key is amplified several
Times.
Correspondingly, the present invention also provides a kind of quantum key automatic filling systems for adapting to power business, characterized in that
One or more quantum random number generators, quantum key filling supervisor and quantum safety including being deployed in business main website side
Access gateway, and be deployed in multiple quantum Ukey/TF cards of service terminal side, business main website through quantum safe access gateway with
Each service terminal connection, each quantum random number generator are separately connected quantum key filling supervisor, quantum key filler line
Reason machine is connected through quantum safe access gateway and each quantum Ukey/TF card, system work process include initial key fill the stage,
Service data interaction stage and quantum key more new stage;
Initial key fills the stage: it is close from each quantum random number generator acquisition quantum random number that quantum key fills supervisor
Then quantum random number key is filled to quantum Ukey/TF card as its initial key by key, while it is random to transmit identical quantum
Number key to quantum safe access gateway stores;
Initial key in quantum safe access gateway and quantum Ukey/TF card is divided into quantum authentication key, quantum cryptography
Key and quantum more new key, quantum authentication key, quantum cryptography key and quantum more new key are all made of one-time pad mode;
The service data interaction stage: when having service data interaction between service terminal and business main website, quantum Ukey/TF is utilized
Quantum authentication key in card, quantum safe access gateway realizes certification between the two, and quantum cryptography is utilized after authenticating successfully
Key realizes the encryption and decryption of business datum in interactive process;
The quantum key more new stage: two are realized using the quantum authentication key in quantum Ukey/TF card, quantum safe access gateway
Certification between person and quantum key filling supervisor, quantum key fill supervisor from each quantum random number generator amount to obtain
Sub- random number key is sent to quantum Ukey/TF card by quantum safe access gateway;Utilize quantum safe access gateway, amount
Quantum more new key realizes the encryption and decryption of quantum random number key in interactive process in sub- Ukey/TF card.
Compared with prior art, the beneficial effects obtained by the present invention are as follows being: quantum key automatic filling method of the invention
Key is updated by quantum to update quantum authentication, encryption and/or more new key, realizes the automatic filling and more of quantum key
Newly.The quantum key automatic filling method and system of adaptation power business of the invention, defer to the convergence of power business main website and electricity
The deployment framework of power service terminal access, meanwhile, power business terminal side quantum key is updated independent of traditional bare fibre
Quantum channel reduces construction cost, extends application scenarios, improves Quantum Secure Communication power system practical water
It is flat.
Detailed description of the invention
Fig. 1 is power telecom network communication mode schematic diagram in the prior art;
Fig. 2 is the block schematic illustration of quantum key automatic filling method in the embodiment of the present invention;
Fig. 3 is that power generation controls class business quantum Ukey/TF card quantum key division schematic diagram in embodiment;
Fig. 4 is that electrical management content service quantum Ukey/TF card quantum key divides schematic diagram in embodiment.
Specific embodiment
The invention will be further described below in conjunction with the accompanying drawings.Following embodiment is only used for clearly illustrating the present invention
Technical solution, and not intended to limit the protection scope of the present invention.
A kind of quantum key automatic filling method of the invention, comprising:
Quantum key is divided into quantum authentication key, quantum cryptography key and quantum more new key, quantum authentication key, quantum
Encryption key and quantum more new key are all made of one-time pad mode;Wherein,
Quantum authentication key is used for authentication when communication interaction, and data adds solution when quantum cryptography key is for communication interaction
Close, quantum more new key is for handing over communication when updating quantum authentication key, quantum cryptography key and/or quantum more new key
The encryption and decryption of new quantum key in mutually.
The present invention updates key by quantum to update quantum authentication, encryption and/or more new key, realizes quantum key
Automatic filling and update.
For current powerline network using communications such as optical fiber, wireless, power line carriers, and passed to extend
Defeated distance largely uses the modes such as light is put, electricity relays, and is difficult to provide naked fibre core channel realization quantum under major applications scene
Key distribution, limits Quantum Secure Communication the applied generalization of electric system the problems such as, this hair to a certain extent
Improving eyesight is to provide a kind of quantum key automatic filling system and method for adapting to power business, defers to the convergence of power business main website
(a business main website is through safe access gateway and multiple industry with the point-to-multipoint convergent type deployment framework of power business terminal access
Terminal of being engaged in is connected, and is point-to-multipoint framework), the network architecture for meeting a variety of communication links of electric system and depositing.The present invention proposes
Method, power business terminal side quantum key update independent of traditional bare fibre quantum channel, reduce construction cost,
Application scenarios are extended, it is horizontal to improve Quantum Secure Communication power system practicalization.
Existing power telecom network uses communication, shown in Figure 1, wherein fiber optic communication mode (such as SDH/
OTN communication mode) it is mainly electric power backbone network, realize 35kV and the above website all standing;Communication is mainly distributed
It such as EPON/ Industrial Ethernet, wireless private network/wireless public network is the main of adapted telecommunication net in electric power terminal communication access net
Communication mode;Power line carrier mode, which is distributed mainly on, is difficult to laying optical cable and wireless signal is difficult to overlay area, be optical fiber and
Wireless arbitrary way.
On the basis of understanding power telecom network communication, a kind of quantum of adaptation power business of the invention is close
Key automatic filling system structure, it is shown in Figure 2, it is close that N number of quantum random number generator, a quantum are affixed one's name in business main website side
Key fills supervisor and a quantum safe access gateway, disposes an a quantum Ukey or quantum TF in each service terminal
Card, business main website are connect to carry out the transmission of business datum with N number of service terminal through quantum safe access gateway, each quantum with
Machine number generator is separately connected quantum key filling supervisor, and quantum key filling supervisor is through quantum safe access gateway and respectively
Quantum Ukey/TF card is connected to carry out the filling and update of quantum key.
Quantum random number generator is used to generate quantum random number key, and is sent to quantum key filling supervisor.This
Embodiment affixes one's name to more quantum random number generators in main website side, have the feature that first is that, more quantum random number generators
For the true random number through physics entropy theory Strict Proof generated using physical means, it is mutually independent, it is irrelevant, into one
Step enhances the randomness of quantum random number key.Second is that more quantum random number generator specific numbers are according to quantum key
The power business security level that automatic filling system is supported determines, is defaulted as two for management information class power business, structure
Load balancing and warm back-up operating mode are built, while more can be extended to according to quantum key consumption;Class is controlled for production
Power business is three or more, and preceding two compositions load balancing mode, third platform is as warm back-up.Third is that more quantum with
Machine number generator uses load balancing mode, it is ensured that generates sufficient amount of quantum random number key.Fourth is that more quantum with
Warm back-up mechanism is used between machine number generator, can protect the reliability of quantum random number key supply.
Quantum key fills authentication and the quantum that supervisor is used for quantum safe access gateway and quantum Ukey/TF card
Key supply.Quantum key fill supervisor and quantum safe access gateway be it is permanently direct-connected, pass through quantum secure accessing net
It closes permanently direct-connected with the service terminal comprising quantum Ukey/TF card.The stage is filled in initial key, passes through USB port/TF card slot
It is provisional direct-connected with quantum Ukey/TF card, the filling of quantum Ukey/TF card initial key is completed, and identical initial key is sent
It is stored to quantum safe access gateway.In the quantum key more new stage, quantum Ukey/TF card, quantum secure accessing are used first
Quantum authentication key in gateway realizes the certification of the two with quantum key filling supervisor, and it is close that application obtains quantum random number
Key;Then it is close key pair quantum random number to be updated using the identical quantum in quantum Ukey/TF card, quantum safe access gateway
Key is encrypted, and realizes the filling and update of quantum key in quantum Ukey/TF card, and same key is sent to quantum safety
Access gateway storage.
Quantum safe access gateway can by increase quantum key memory module, using the symmetric encipherment algorithm of one-time pad
Etc. functions realize have the smooth upgrade of safe access gateway to electric system, wherein quantum key memory module, for storing
Quantum key fills the identical quantum key with quantum Ukey/TF card that supervisor provides, and realizes to the card of Ukey/TF containing quantum
The authentication of service terminal, business datum encryption and decryption.
Quantum Ukey/TF card major function is storage key, while completing key in conjunction with quantum key filling supervisor
Filling, in conjunction with quantum safe access gateway complete key use, destroy and update.
Business main website side: quantum random number generator and quantum key filling supervisor, quantum key filling supervisor with
Communication link between quantum safe access gateway, quantum safe access gateway and business main website is short distance trusted communications link;
Service terminal side: the communication link between quantum safe access gateway and the service terminal of the card of Ukey/TF containing quantum is long away from non-
Trusted communications link.Short distance trusted communications link, communication distance is short, communication environment closing, is not easy between corresponding two communication entities
For outside world scene, wired connection modes or the communications with security protection such as optical fiber, copper cable, chain are mainly used
The data transmitted in road do not use quantum key to encrypt.Communication distance is remote between corresponding two communication entities of the latter, communication environment is opened
It puts, be easy the data by outside world scene, transmitted in link using quantum key encryption.
A kind of quantum key automatic filling method of adaptation power business based on system above structure, including following step
It is rapid:
Step S1, initial key fill the stage: quantum key fill supervisor from each quantum random number generator obtain quantum with
Then quantum random number key is filled to quantum Ukey/TF card as its initial key, while transmitting equal amount by machine number key
Sub- random number key to quantum safe access gateway stores;
Quantum key filling supervisor is obtained by short distance trusted communications link from more quantum random number generators in the present embodiment
The sub- random number key of taken amount, and it is stored in local.Quantum key filling management prow is first to quantum Ukey/TF card, quantum safety
Access gateway carries out authentication, specifically includes: the various ways such as preset certificate, dynamic password;After certification passes through, quantum key
Supervisor is filled according to quantum Ukey/TF card capacity, general provisional direct-connected by USB port/TF card slot and quantum Ukey/TF card
The part quantum random number key being locally stored is filled to quantum Ukey/TF card as initial key;Same key is led to simultaneously
It crosses short distance trusted communications link and sends quantum safe access gateway to and stored.Wherein, quantum Ukey/TF card amount of capacity needs
All kinds of factors such as considering cost, power business data volume, default minimum may be configured as 1G.
Step 2: the initial key in quantum safe access gateway and quantum Ukey/TF card is divided into quantum authentication key
Ka, quantum cryptography key Ke and quantum more new key Ku, quantum authentication key, quantum cryptography key and quantum more new key are adopted
With one-time pad mode;Wherein,
Quantum authentication key is used for authentication when communication interaction, and data adds solution when quantum cryptography key is for communication interaction
Close, quantum more new key is for handing over communication when updating quantum authentication key, quantum cryptography key and/or quantum more new key
The encryption and decryption of new quantum key in mutually.
Quantum authentication key uses regular length, quantum more new key in the present embodiment quantum Ukey/TF card initial key
It is determined with quantum cryptography key according to the type of access power business, class business, quantum more new key is controlled for power generation
Amount is much larger than quantum cryptography size of key, guarantees the safety of key by quickly more new key;For electrical management info class industry
Business, quantum cryptography key are much larger than quantum more new key, update key by amplification quantum, though certain safety is sacrificed,
The high availability of guarantee business.
In the present embodiment, class business is controlled for power generation, the renewal speed (i.e. length) of quantum more new key is set
It is set to N times (N >=2 select desired value according to service traffics size) of quantum authentication key and quantum cryptography key depletion rate,
Such as when N=2, key is divided referring to Fig. 3, quantum more new key first is that for updating quantum authentication key and quantum cryptography key,
Second is that realizing for updating the quantum more new key consumed to quantum authentication key, quantum cryptography key and quantum more Xinmi City
The real-time filling and long-range update of key;After the quantum more new key use, destroy immediately.
In the present embodiment, electrical management content service is amplified quantum more new key according to service traffics size
M times (M >=1), such as: M=6, key divide referring to fig. 4, and quantum more new key is first is that for updating quantum authentication key and quantum
Encryption key, second is that for updating the quantum more new key consumed, with realization to quantum authentication key, quantum cryptography key and
The real-time filling and long-range update of quantum more new key.
Step S3 utilizes quantum Ukey/TF card, amount when having service data interaction between service terminal and business main website
Quantum authentication key in sub- safe access gateway realizes certification between the two, real using quantum encryption key after authenticating successfully
The encryption and decryption of business datum in existing interactive process.
Service data interaction process:
Quantum authentication key and quantum cryptography key are all made of one-time pad mode in the present embodiment, when service terminal is to business master
When upload business datum of standing, the quantum authentication key in quantum Ukey/TF card, quantum safe access gateway is utilized to realize the two
Between certification, after certification passes through, service terminal encrypts business datum using quantum encryption key, and encrypted business datum is logical
It crosses remote untrusted communication link and reaches quantum safe access gateway, then quantum safe access gateway is close using quantum cryptography
It is decrypted in key, and the business datum after decryption uploads to business main website, when business datum is larger, can carry out multiple business
The upload of data;When business main website issuing service data are to service terminal, the process and the above process of encryption and decryption business datum
On the contrary.
Business datum after what is transmitted in remote untrusted communication link be quantum cryptography, to guarantee business datum
Transmission reliability.
During service data interaction, destroyed immediately after quantum authentication key and quantum cryptography key use.Due to quantum
Ukey, quantum TF card and quantum safe access gateway have certain capacity, can the amount of consuming when business datum encrypting and decrypting
Authentication subprocess key and quantum cryptography key, are filled.If the key capacity in quantum Ukey and quantum TF card is discontented,
The renewal process of quantum key is exactly to fill process;If the key capacity in quantum Ukey and quantum TF card is full, quantum key
Renewal process be exactly renewal process.Guarantee first quantum Ukey and quantum TF card key capacity be it is full, then pass through reality
When more newly arrive and guarantee safety.
The quantum key more new stage: step S4 is recognized using the quantum in quantum Ukey/TF card, quantum safe access gateway
It demonstrate,proves key and realizes that the two and quantum key fill the certification between supervisor, quantum key fills supervisor from each quantum random number
Generator obtains quantum random number key, is sent to quantum Ukey/TF card by quantum safe access gateway;Utilize quantum safety
Quantum more new key realizes the encryption and decryption of quantum random number key in interactive process in access gateway, quantum Ukey/TF card.
After more new key consumes for quantum authentication key, quantum cryptography key or quantum, or will be to quantum Ukey/TF
When quantum key updates in card, quantum Ukey/TF card obtains newly to the filling supervisor application of the quantum key of business main website side
Quantum random number key.Its detailed process are as follows: recognized first using the quantum in quantum Ukey/TF card, quantum safe access gateway
The certification that key realizes the two with quantum key filling supervisor is demonstrate,proved, it is random to obtain quantum to the reason machine application of quantum key filler line
Number key;Quantum key fills supervisor and obtains the desired amount of quantum random number key from each quantum random number generator, then
Quantum random number key is sent to quantum safe access gateway, quantum safe access gateway stores this quantum random number key,
And update key pair quantum random number key using quantum and encrypted, encrypted quantum random number key is passed through remote
Untrusted communication link is sent to the quantum Ukey/TF card of service terminal, the Cali quantum Ukey/TF with identical quantum in it more
New key is decrypted, and realizes the filling and update of quantum key in quantum Ukey/TF card.After quantum more new key use, with
Destroy.
What is transmitted in remote untrusted communication link is the quantum random number key after quantum cryptography, to guarantee quantum
The transmission reliability of key.
There is no the limitations of sequencing between step S3 and step S4, when there is no service data interaction for a long time,
Quantum key in quantum safe access gateway and quantum Ukey/TF card can be updated.
Step 3 and 4 processes are constantly repeated, realize the automatic filling and remotely more of the quantum key in quantum Ukey/TF card
Newly.
The way currently generallyd use is, the key in quantum Ukey or quantum TF card needs main website to fill after having used up
The filling of note machine.And the present invention updates key by quantum to update quantum authentication, encryption and/or more new key, realizes quantum
The automatic filling of quantum key in Ukey/TF card and long-range update.
Correspondingly, being based on inventive concept same as the above method, the present invention also provides a kind of adaptation power businesses
Quantum key automatic filling system, characterized in that one or more quantum random numbers including being deployed in business main website side occur
Device, quantum key filling supervisor and quantum safe access gateway, and it is deployed in multiple quantum Ukey/TF of service terminal side
Card, business main website are connect through quantum safe access gateway with each service terminal, each quantum random number generator amount of being separately connected
Sub-key fills supervisor, and quantum key fills supervisor and connects through quantum safe access gateway and each quantum Ukey/TF card, is
The system course of work includes initial key filling stage, service data interaction stage and quantum key more new stage;
Initial key fills the stage: it is close from each quantum random number generator acquisition quantum random number that quantum key fills supervisor
Then quantum random number key is filled to quantum Ukey/TF card as its initial key by key, while it is random to transmit identical quantum
Number key to quantum safe access gateway stores;
Initial key in quantum safe access gateway and quantum Ukey/TF card is divided into quantum authentication key, quantum cryptography
Key and quantum more new key, quantum authentication key, quantum cryptography key and quantum more new key are all made of one-time pad mode;
The service data interaction stage: when having service data interaction between service terminal and business main website, quantum Ukey/TF is utilized
Quantum authentication key in card, quantum safe access gateway realizes certification between the two, and quantum cryptography is utilized after authenticating successfully
Key realizes the encryption and decryption of business datum in interactive process;
The quantum key more new stage: two are realized using the quantum authentication key in quantum Ukey/TF card, quantum safe access gateway
Certification between person and quantum key filling supervisor, quantum key fill supervisor from each quantum random number generator amount to obtain
Sub- random number key is sent to quantum Ukey/TF card by quantum safe access gateway;Utilize quantum safe access gateway, amount
Quantum more new key realizes the encryption and decryption of quantum random number key in interactive process in sub- Ukey/TF card.
It should be understood by those skilled in the art that, embodiments herein can provide as method, system or computer program
Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the application
Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the application, which can be used in one or more,
The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces
The form of product.
The application is referring to method, the process of equipment (system) and computer program product according to the embodiment of the present application
Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions
The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs
Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce
A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real
The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates,
Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or
The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one
The step of function of being specified in a box or multiple boxes.
The above is only a preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art
For member, without departing from the technical principles of the invention, several improvements and modifications, these improvements and modifications can also be made
Also it should be regarded as protection scope of the present invention.
Claims (8)
1. a kind of quantum key automatic filling method, characterized in that include:
Quantum key is divided into quantum authentication key, quantum cryptography key and quantum more new key, quantum authentication key, quantum
Encryption key and quantum more new key are all made of one-time pad mode;Wherein,
Quantum authentication key is used for authentication when communication interaction, and data adds solution when quantum cryptography key is for communication interaction
Close, quantum more new key is for handing over communication when updating quantum authentication key, quantum cryptography key and/or quantum more new key
The encryption and decryption of new quantum key in mutually.
2. a kind of quantum key automatic filling method according to claim 1, characterized in that quantum authentication key is using solid
The length of measured length, quantum more new key and quantum cryptography key determines according to demand.
3. a kind of quantum key automatic filling method for adapting to power business, characterized in that 1 including being deployed in business main website side
A or multiple quantum random number generators, quantum key filling supervisor and quantum safe access gateway, and it is deployed in business
Multiple quantum Ukey/TF cards of terminal side, business main website are connect through quantum safe access gateway with each service terminal, each quantum
Randomizer be separately connected quantum key filling supervisor, quantum key fill supervisor through quantum safe access gateway with
The connection of each quantum Ukey/TF card, method the following steps are included:
Step S1, initial key fill the stage: quantum key fill supervisor from each quantum random number generator obtain quantum with
Then quantum random number key is filled to quantum Ukey/TF card as its initial key, while transmitting equal amount by machine number key
Sub- random number key to quantum safe access gateway stores;
Step 2: the initial key in quantum safe access gateway and quantum Ukey/TF card is divided into quantum authentication key, amount
Sub- encryption key and quantum more new key, quantum authentication key, quantum cryptography key and quantum more new key are all made of one time one
Close mode;
Step S3 is pacified when having service data interaction between service terminal and business main website using quantum Ukey/TF card, quantum
Quantum authentication key in full access gateway realizes certification between the two, is realized and is handed over using quantum encryption key after authenticating successfully
The encryption and decryption of business datum during mutually;
Step S4, quantum key more new stage: close using the quantum authentication in quantum Ukey/TF card, quantum safe access gateway
Key realizes the certification between the two and quantum key filling supervisor, and quantum key filling supervisor occurs from each quantum random number
Device obtains quantum random number key, is sent to quantum Ukey/TF card by quantum safe access gateway;Utilize quantum secure accessing
Quantum more new key realizes the encryption and decryption of quantum random number key in interactive process in gateway, quantum Ukey/TF card.
4. a kind of quantum key automatic filling method for adapting to power business according to claim 1, characterized in that management
When info class power business, quantum random number generator is two or more;When production control class power business, quantum random number
Generator is three or more.
5. a kind of quantum key automatic filling method for adapting to power business according to claim 1, characterized in that first
Beginning key fills the stage, and quantum key filling supervisor is provisional direct-connected by USB port/TF card slot and quantum Ukey/TF card, complete
It is filled at quantum Ukey/TF card initial key.
6. a kind of quantum key automatic filling method for adapting to power business according to claim 1, characterized in that quantum
Authentication key is determined using regular length, quantum more new key and quantum cryptography key according to the type of access power business, right
Class business is controlled in power generation, quantum updates size of key and is much larger than quantum cryptography size of key;For electrical management info class industry
Business, quantum cryptography size of key update size of key much larger than quantum.
7. a kind of quantum key automatic filling method for adapting to power business according to claim 1, characterized in that work as industry
When business flow is big, quantum more new key is amplified into several times.
8. a kind of quantum key automatic filling system for adapting to power business, characterized in that 1 including being deployed in business main website side
A or multiple quantum random number generators, quantum key filling supervisor and quantum safe access gateway, and it is deployed in business
Multiple quantum Ukey/TF cards of terminal side, business main website are connect through quantum safe access gateway with each service terminal, each quantum
Randomizer be separately connected quantum key filling supervisor, quantum key fill supervisor through quantum safe access gateway with
Each quantum Ukey/TF card connection, system work process include that initial key filling stage, service data interaction stage and quantum are close
The key more new stage;
Initial key fills the stage: it is close from each quantum random number generator acquisition quantum random number that quantum key fills supervisor
Then quantum random number key is filled to quantum Ukey/TF card as its initial key by key, while it is random to transmit identical quantum
Number key to quantum safe access gateway stores;
Initial key in quantum safe access gateway and quantum Ukey/TF card is divided into quantum authentication key, quantum cryptography
Key and quantum more new key, quantum authentication key, quantum cryptography key and quantum more new key are all made of one-time pad mode;
The service data interaction stage: when having service data interaction between service terminal and business main website, quantum Ukey/TF is utilized
Quantum authentication key in card, quantum safe access gateway realizes certification between the two, and quantum cryptography is utilized after authenticating successfully
Key realizes the encryption and decryption of business datum in interactive process;
The quantum key more new stage: two are realized using the quantum authentication key in quantum Ukey/TF card, quantum safe access gateway
Certification between person and quantum key filling supervisor, quantum key fill supervisor from each quantum random number generator amount to obtain
Sub- random number key is sent to quantum Ukey/TF card by quantum safe access gateway;Utilize quantum safe access gateway, amount
Quantum more new key realizes the encryption and decryption of quantum random number key in interactive process in sub- Ukey/TF card.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810960449.0A CN109412794B (en) | 2018-08-22 | 2018-08-22 | Quantum key automatic charging method and system suitable for power business |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810960449.0A CN109412794B (en) | 2018-08-22 | 2018-08-22 | Quantum key automatic charging method and system suitable for power business |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109412794A true CN109412794A (en) | 2019-03-01 |
CN109412794B CN109412794B (en) | 2021-10-22 |
Family
ID=65464344
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810960449.0A Active CN109412794B (en) | 2018-08-22 | 2018-08-22 | Quantum key automatic charging method and system suitable for power business |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109412794B (en) |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109728908A (en) * | 2019-03-18 | 2019-05-07 | 南方电网调峰调频发电有限公司信息通信分公司 | A kind of key management method based on quantum safety moving storage medium |
CN110535637A (en) * | 2019-08-15 | 2019-12-03 | 国网安徽省电力有限公司信息通信分公司 | A kind of the wireless dispatch method, apparatus and system of quantum key |
CN110572265A (en) * | 2019-10-24 | 2019-12-13 | 国网山东省电力公司信息通信公司 | terminal security access gateway method, device and system based on quantum communication |
CN111917543A (en) * | 2020-08-14 | 2020-11-10 | 国科量子通信网络有限公司 | User access cloud platform security access authentication system and application method thereof |
CN112737781A (en) * | 2021-03-29 | 2021-04-30 | 南京易科腾信息技术有限公司 | Quantum key management service method, system and storage medium |
CN113872762A (en) * | 2021-11-29 | 2021-12-31 | 国网浙江省电力有限公司金华供电公司 | Quantum encryption communication system based on power distribution terminal equipment and use method thereof |
CN113904769A (en) * | 2021-12-08 | 2022-01-07 | 浙江九州量子信息技术股份有限公司 | Quantum encryption-based power distribution automation reinforcement implementation method |
CN114499853A (en) * | 2022-02-11 | 2022-05-13 | 浙江国盾量子电力科技有限公司 | Power distribution station video transmission communication system and method based on 5G and quantum encryption |
CN114531238A (en) * | 2022-04-24 | 2022-05-24 | 中电信量子科技有限公司 | Secret key safe filling method and system based on quantum secret key distribution |
CN114553404A (en) * | 2022-01-28 | 2022-05-27 | 国电南瑞南京控制系统有限公司 | Power distribution longitudinal encryption method and system based on quantum encryption |
EP3934158A4 (en) * | 2019-12-27 | 2022-12-07 | Joint Stock Company "Infotecs" | System for the secure transfer of data within a digital network |
CN115694816A (en) * | 2023-01-04 | 2023-02-03 | 南京中科齐信科技有限公司 | Quantum key pair filling method based on UDS protocol |
CN116208333A (en) * | 2023-03-01 | 2023-06-02 | 国网浙江杭州市萧山区供电有限公司 | Quantum key regulation and control method for remote control terminal of intelligent substation |
CN117220878A (en) * | 2023-10-20 | 2023-12-12 | 合肥合燃华润燃气有限公司 | Remote online quantum key management method and system for gas meter |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103490891A (en) * | 2013-08-23 | 2014-01-01 | 中国科学技术大学 | Method for updating and using secret key in power grid SSL VPN |
US8897449B1 (en) * | 2011-09-12 | 2014-11-25 | Quantum Valley Investment Fund LP | Quantum computing on encrypted data |
CN104780040A (en) * | 2015-04-06 | 2015-07-15 | 安徽问天量子科技股份有限公司 | Handheld device encryption method and system based on quantum cryptography |
CN105515780A (en) * | 2016-01-12 | 2016-04-20 | 浙江神州量子网络科技有限公司 | System and method for authenticating identity based on quantum key |
CN106452739A (en) * | 2016-09-23 | 2017-02-22 | 浙江神州量子网络科技有限公司 | Quantum network service station and quantum communication network |
CN108134669A (en) * | 2018-01-11 | 2018-06-08 | 北京国电通网络技术有限公司 | Towards the quantum key dynamic supply method of power scheduling business and management system |
-
2018
- 2018-08-22 CN CN201810960449.0A patent/CN109412794B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8897449B1 (en) * | 2011-09-12 | 2014-11-25 | Quantum Valley Investment Fund LP | Quantum computing on encrypted data |
CN103490891A (en) * | 2013-08-23 | 2014-01-01 | 中国科学技术大学 | Method for updating and using secret key in power grid SSL VPN |
CN104780040A (en) * | 2015-04-06 | 2015-07-15 | 安徽问天量子科技股份有限公司 | Handheld device encryption method and system based on quantum cryptography |
CN105515780A (en) * | 2016-01-12 | 2016-04-20 | 浙江神州量子网络科技有限公司 | System and method for authenticating identity based on quantum key |
CN106452739A (en) * | 2016-09-23 | 2017-02-22 | 浙江神州量子网络科技有限公司 | Quantum network service station and quantum communication network |
CN108134669A (en) * | 2018-01-11 | 2018-06-08 | 北京国电通网络技术有限公司 | Towards the quantum key dynamic supply method of power scheduling business and management system |
Cited By (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109728908B (en) * | 2019-03-18 | 2021-10-15 | 南方电网调峰调频发电有限公司信息通信分公司 | Secret key management method based on quantum secure mobile storage medium |
CN109728908A (en) * | 2019-03-18 | 2019-05-07 | 南方电网调峰调频发电有限公司信息通信分公司 | A kind of key management method based on quantum safety moving storage medium |
CN110535637A (en) * | 2019-08-15 | 2019-12-03 | 国网安徽省电力有限公司信息通信分公司 | A kind of the wireless dispatch method, apparatus and system of quantum key |
CN110572265A (en) * | 2019-10-24 | 2019-12-13 | 国网山东省电力公司信息通信公司 | terminal security access gateway method, device and system based on quantum communication |
CN110572265B (en) * | 2019-10-24 | 2022-04-05 | 国网山东省电力公司信息通信公司 | Terminal security access gateway method, device and system based on quantum communication |
EP3934158A4 (en) * | 2019-12-27 | 2022-12-07 | Joint Stock Company "Infotecs" | System for the secure transfer of data within a digital network |
CN111917543B (en) * | 2020-08-14 | 2023-08-29 | 国科量子通信网络有限公司 | User access cloud platform security access authentication system and application method thereof |
CN111917543A (en) * | 2020-08-14 | 2020-11-10 | 国科量子通信网络有限公司 | User access cloud platform security access authentication system and application method thereof |
CN112737781B (en) * | 2021-03-29 | 2021-06-18 | 南京易科腾信息技术有限公司 | Quantum key management service method, system and storage medium |
CN112737781A (en) * | 2021-03-29 | 2021-04-30 | 南京易科腾信息技术有限公司 | Quantum key management service method, system and storage medium |
CN113872762A (en) * | 2021-11-29 | 2021-12-31 | 国网浙江省电力有限公司金华供电公司 | Quantum encryption communication system based on power distribution terminal equipment and use method thereof |
CN113872762B (en) * | 2021-11-29 | 2022-03-25 | 国网浙江省电力有限公司金华供电公司 | Quantum encryption communication system based on power distribution terminal equipment and use method thereof |
CN113904769A (en) * | 2021-12-08 | 2022-01-07 | 浙江九州量子信息技术股份有限公司 | Quantum encryption-based power distribution automation reinforcement implementation method |
CN114553404A (en) * | 2022-01-28 | 2022-05-27 | 国电南瑞南京控制系统有限公司 | Power distribution longitudinal encryption method and system based on quantum encryption |
CN114499853B (en) * | 2022-02-11 | 2022-11-15 | 浙江国盾量子电力科技有限公司 | Power distribution station video transmission communication system and method based on 5G and quantum encryption |
CN114499853A (en) * | 2022-02-11 | 2022-05-13 | 浙江国盾量子电力科技有限公司 | Power distribution station video transmission communication system and method based on 5G and quantum encryption |
CN114531238A (en) * | 2022-04-24 | 2022-05-24 | 中电信量子科技有限公司 | Secret key safe filling method and system based on quantum secret key distribution |
CN115694816A (en) * | 2023-01-04 | 2023-02-03 | 南京中科齐信科技有限公司 | Quantum key pair filling method based on UDS protocol |
CN115694816B (en) * | 2023-01-04 | 2023-03-17 | 南京中科齐信科技有限公司 | Quantum key pair filling method based on UDS protocol |
CN116208333A (en) * | 2023-03-01 | 2023-06-02 | 国网浙江杭州市萧山区供电有限公司 | Quantum key regulation and control method for remote control terminal of intelligent substation |
CN116208333B (en) * | 2023-03-01 | 2024-02-06 | 国网浙江杭州市萧山区供电有限公司 | Quantum key regulation and control method and system for remote control terminal of intelligent substation |
CN117220878A (en) * | 2023-10-20 | 2023-12-12 | 合肥合燃华润燃气有限公司 | Remote online quantum key management method and system for gas meter |
Also Published As
Publication number | Publication date |
---|---|
CN109412794B (en) | 2021-10-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109412794A (en) | A kind of quantum key automatic filling method and system adapting to power business | |
CN108234501A (en) | A kind of virtual plant safety communicating method based on quantum key fusion | |
CN103763099B (en) | Electric power security communication network based on quantum key distribution technology | |
CN103475464B (en) | A kind of power special quantum encryption gateway system | |
CN103491531B (en) | Power system WiMAX wireless communication networks uses the method that quantum key improves power information transmission security | |
CN108880800B (en) | Power distribution and utilization communication system and method based on quantum secret communication | |
CN102983965B (en) | Transformer station's quantum communications model, quantum key distribution center and model implementation method | |
CN105245326A (en) | Intelligent power grid safety communication method based on combination cipher | |
CN107135070A (en) | Method for implanting, framework and the system of RSA key pair and certificate | |
CN109194474A (en) | A kind of data transmission method and device | |
CN103746962A (en) | GOOSE electric real-time message encryption and decryption method | |
CN203851153U (en) | Electric power security communication network based on quantum key distribution technology | |
CN109714166A (en) | A kind of mobile distribution method, system, terminal and storage medium based on quantum key | |
CN110611572A (en) | Asymmetric password terminal based on quantum random number, communication system and method | |
CN115001717B (en) | Terminal equipment authentication method and system based on identification public key | |
CN113872760A (en) | SM9 key infrastructure and security system | |
Upadhyay et al. | An efficient key management and multi-layered security framework for SCADA systems | |
CN110391905A (en) | A kind of internet behavior auditing system and method based on quantum key encryption technology | |
CN113207121A (en) | Key management method and system for intelligent power distribution network communication system | |
CN103763095B (en) | Intelligent substation key management method | |
CN110138559A (en) | The method and system of quantum-key distribution are carried out to the terminal in platform area | |
CN114398627A (en) | Zero-trust-based power scheduling quantum password cloud application system and method | |
CN108964898A (en) | It is a kind of that electricity consumption cryptographic communication system and method are matched based on Quantum Secure Communication | |
CN103812645A (en) | Reception secret key sharing system and method based on optical communication | |
CN109040120A (en) | A kind of SV message encryption and decryption method based on IEC61850 standard |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |