CN109412794A - A kind of quantum key automatic filling method and system adapting to power business - Google Patents

A kind of quantum key automatic filling method and system adapting to power business Download PDF

Info

Publication number
CN109412794A
CN109412794A CN201810960449.0A CN201810960449A CN109412794A CN 109412794 A CN109412794 A CN 109412794A CN 201810960449 A CN201810960449 A CN 201810960449A CN 109412794 A CN109412794 A CN 109412794A
Authority
CN
China
Prior art keywords
quantum
key
ukey
card
random number
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810960449.0A
Other languages
Chinese (zh)
Other versions
CN109412794B (en
Inventor
冯宝
刘金锁
张影
胡倩倩
贾玮
张平
李洋
吕超
完颜绍澎
卞宇翔
朱雪阳
郭子昕
黄益彬
马亚妮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Nari Shield Technology Co Ltd
NARI Group Corp
Nari Information and Communication Technology Co
Original Assignee
Nanjing Nari Shield Technology Co Ltd
NARI Group Corp
Nari Information and Communication Technology Co
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Nari Shield Technology Co Ltd, NARI Group Corp, Nari Information and Communication Technology Co filed Critical Nanjing Nari Shield Technology Co Ltd
Priority to CN201810960449.0A priority Critical patent/CN109412794B/en
Publication of CN109412794A publication Critical patent/CN109412794A/en
Application granted granted Critical
Publication of CN109412794B publication Critical patent/CN109412794B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying

Abstract

The invention discloses a kind of quantum key automatic filling method and system for adapting to power business, defer to the deployment framework of the convergence of power business main website and the access of power business terminal, quantum key is divided into quantum authentication key, quantum cryptography key and quantum more new key, quantum authentication key is used for authentication when communication interaction, quantum cryptography key is used for the encryption and decryption of data when communication interaction, when quantum more new key is used to update quantum authentication key, quantum cryptography key and/or quantum more new key, to the encryption and decryption of quantum key new in communication interaction.Key is updated by quantum to update quantum authentication, encryption and/or more new key, realizes automatic filling and the update of quantum key.

Description

A kind of quantum key automatic filling method and system adapting to power business
Technical field
The present invention relates to it is a kind of adapt to power business quantum key automatic filling method and system, belong to quantum mechanics and Information science technology field.
Background technique
Currently, electric system important service mainly uses optical fiber private network and national commercial cipher algorithm for encryption transmission, peace Full property relies primarily on key privacy and computational complexity.But with the enhancing of the development of attack technology and mankind's computing capability, There is the lossless eavesdropping and spoof attack means for optical cable, while with the gradually maturation of quantum calculation technology, being based on The conventional encryption algorithm of computation complexity crack difficulty and the time exponentially declines, the wind that traditional Secrecy system is cracked Danger increases severely with day.
Quantum key distribution is based on fundamental principles of quantum mechanics, ensure that inevitable once there is eavesdropping sent out from principle It is existing, it not will receive computing capability and the threat that mathematics standard is constantly promoted, there is long-term safety, can theoretically realize can not The safe and secret communication decoded has become the development and application trend for ensureing data transmission security both at home and abroad.
To improve power system information safety protection level, based on own fiber resource, State Grid Corporation of China mostly is being built If quantum secret communication demonstration project, the adaptability of Quantum Secure Communication power business is demonstrated.But due to light quantum With the characteristics such as unclonable, indivisible, therefore quantum channel is only capable of using bare fibre for transmission medium, and midway is inseparable Light, amplification or regeneration occupy a large amount of bare fibre resources.Meanwhile current powerline network is using optical fiber, wireless, electric power The communications such as line carrier wave, and the modes such as light is put, electricity relays largely are used to extend transmission distance, it is difficult to agree with above-mentioned It is required that limiting Quantum Secure Communication to a certain extent in the applied generalization of electric system.
Summary of the invention
It is an object of the invention to overcome deficiency in the prior art, a kind of quantum key automatic filling method is proposed, Realize automatic filling and the update of quantum key.
In order to solve the above technical problems, the present invention provides a kind of quantum key automatic filling methods, comprising:
Quantum key is divided into quantum authentication key, quantum cryptography key and quantum more new key, quantum authentication key, quantum Encryption key and quantum more new key are all made of one-time pad mode;Wherein,
Quantum authentication key is used for authentication when communication interaction, and data adds solution when quantum cryptography key is for communication interaction Close, quantum more new key is for handing over communication when updating quantum authentication key, quantum cryptography key and/or quantum more new key The encryption and decryption of new quantum key in mutually.
Preferably, quantum authentication key uses regular length, the length of quantum more new key and quantum cryptography key according to Demand determines.
Meanwhile the invention also provides a kind of quantum key automatic filling method and system for adapting to power business, defer to The deployment framework of the convergence of power business main website and the access of power business terminal, meanwhile, power business terminal side quantum key updates Independent of traditional bare fibre quantum channel, construction cost is reduced, application scenarios are extended, improves quantum secret communication Technology power system practicalization is horizontal.
In order to solve the above technical problems, a kind of quantum key automatic filling method of adaptation power business of the invention, It is characterized in, one or more quantum random number generators, quantum key filling supervisor and amount including being deployed in business main website side Sub- safe access gateway, and multiple quantum Ukey/TF cards of service terminal side are deployed in, business main website is through quantum secure accessing Gateway is connect with each service terminal, and each quantum random number generator is separately connected quantum key filling supervisor, quantum key Fill supervisor through quantum safe access gateway and each quantum Ukey/TF card connection, method the following steps are included:
Step S1, initial key fill the stage: quantum key fill supervisor from each quantum random number generator obtain quantum with Then quantum random number key is filled to quantum Ukey/TF card as its initial key, while transmitting equal amount by machine number key Sub- random number key to quantum safe access gateway stores;
Step 2: the initial key in quantum safe access gateway and quantum Ukey/TF card is divided into quantum authentication key, amount Sub- encryption key and quantum more new key, quantum authentication key, quantum cryptography key and quantum more new key are all made of one time one Close mode;
Step S3 is pacified when having service data interaction between service terminal and business main website using quantum Ukey/TF card, quantum Quantum authentication key in full access gateway realizes certification between the two, is realized and is handed over using quantum encryption key after authenticating successfully The encryption and decryption of business datum during mutually;
Step S4, quantum key more new stage: close using the quantum authentication in quantum Ukey/TF card, quantum safe access gateway Key realizes the certification between the two and quantum key filling supervisor, and quantum key filling supervisor occurs from each quantum random number Device obtains quantum random number key, is sent to quantum Ukey/TF card by quantum safe access gateway;Utilize quantum secure accessing Quantum more new key realizes the encryption and decryption of quantum random number key in interactive process in gateway, quantum Ukey/TF card.
Preferably, when management information class power business, quantum random number generator is two or more;Production control class electricity When power business, quantum random number generator is three or more.
Preferably, the stage is filled in initial key, quantum key fills supervisor and passes through USB port/TF card slot and quantum Ukey/TF card is provisional direct-connected, completes the filling of quantum Ukey/TF card initial key.
Preferably, quantum authentication key is using regular length, quantum more new key and quantum cryptography key according to access electricity The type of power business determines, controls class business for power generation, quantum updates size of key and is much larger than quantum cryptography size of key;It is right In electrical management content service, quantum cryptography key is much larger than quantum more new key.
Preferably, for electrical management content service, when service traffics are big, quantum more new key is amplified several Times.
Correspondingly, the present invention also provides a kind of quantum key automatic filling systems for adapting to power business, characterized in that One or more quantum random number generators, quantum key filling supervisor and quantum safety including being deployed in business main website side Access gateway, and be deployed in multiple quantum Ukey/TF cards of service terminal side, business main website through quantum safe access gateway with Each service terminal connection, each quantum random number generator are separately connected quantum key filling supervisor, quantum key filler line Reason machine is connected through quantum safe access gateway and each quantum Ukey/TF card, system work process include initial key fill the stage, Service data interaction stage and quantum key more new stage;
Initial key fills the stage: it is close from each quantum random number generator acquisition quantum random number that quantum key fills supervisor Then quantum random number key is filled to quantum Ukey/TF card as its initial key by key, while it is random to transmit identical quantum Number key to quantum safe access gateway stores;
Initial key in quantum safe access gateway and quantum Ukey/TF card is divided into quantum authentication key, quantum cryptography Key and quantum more new key, quantum authentication key, quantum cryptography key and quantum more new key are all made of one-time pad mode;
The service data interaction stage: when having service data interaction between service terminal and business main website, quantum Ukey/TF is utilized Quantum authentication key in card, quantum safe access gateway realizes certification between the two, and quantum cryptography is utilized after authenticating successfully Key realizes the encryption and decryption of business datum in interactive process;
The quantum key more new stage: two are realized using the quantum authentication key in quantum Ukey/TF card, quantum safe access gateway Certification between person and quantum key filling supervisor, quantum key fill supervisor from each quantum random number generator amount to obtain Sub- random number key is sent to quantum Ukey/TF card by quantum safe access gateway;Utilize quantum safe access gateway, amount Quantum more new key realizes the encryption and decryption of quantum random number key in interactive process in sub- Ukey/TF card.
Compared with prior art, the beneficial effects obtained by the present invention are as follows being: quantum key automatic filling method of the invention Key is updated by quantum to update quantum authentication, encryption and/or more new key, realizes the automatic filling and more of quantum key Newly.The quantum key automatic filling method and system of adaptation power business of the invention, defer to the convergence of power business main website and electricity The deployment framework of power service terminal access, meanwhile, power business terminal side quantum key is updated independent of traditional bare fibre Quantum channel reduces construction cost, extends application scenarios, improves Quantum Secure Communication power system practical water It is flat.
Detailed description of the invention
Fig. 1 is power telecom network communication mode schematic diagram in the prior art;
Fig. 2 is the block schematic illustration of quantum key automatic filling method in the embodiment of the present invention;
Fig. 3 is that power generation controls class business quantum Ukey/TF card quantum key division schematic diagram in embodiment;
Fig. 4 is that electrical management content service quantum Ukey/TF card quantum key divides schematic diagram in embodiment.
Specific embodiment
The invention will be further described below in conjunction with the accompanying drawings.Following embodiment is only used for clearly illustrating the present invention Technical solution, and not intended to limit the protection scope of the present invention.
A kind of quantum key automatic filling method of the invention, comprising:
Quantum key is divided into quantum authentication key, quantum cryptography key and quantum more new key, quantum authentication key, quantum Encryption key and quantum more new key are all made of one-time pad mode;Wherein,
Quantum authentication key is used for authentication when communication interaction, and data adds solution when quantum cryptography key is for communication interaction Close, quantum more new key is for handing over communication when updating quantum authentication key, quantum cryptography key and/or quantum more new key The encryption and decryption of new quantum key in mutually.
The present invention updates key by quantum to update quantum authentication, encryption and/or more new key, realizes quantum key Automatic filling and update.
For current powerline network using communications such as optical fiber, wireless, power line carriers, and passed to extend Defeated distance largely uses the modes such as light is put, electricity relays, and is difficult to provide naked fibre core channel realization quantum under major applications scene Key distribution, limits Quantum Secure Communication the applied generalization of electric system the problems such as, this hair to a certain extent Improving eyesight is to provide a kind of quantum key automatic filling system and method for adapting to power business, defers to the convergence of power business main website (a business main website is through safe access gateway and multiple industry with the point-to-multipoint convergent type deployment framework of power business terminal access Terminal of being engaged in is connected, and is point-to-multipoint framework), the network architecture for meeting a variety of communication links of electric system and depositing.The present invention proposes Method, power business terminal side quantum key update independent of traditional bare fibre quantum channel, reduce construction cost, Application scenarios are extended, it is horizontal to improve Quantum Secure Communication power system practicalization.
Existing power telecom network uses communication, shown in Figure 1, wherein fiber optic communication mode (such as SDH/ OTN communication mode) it is mainly electric power backbone network, realize 35kV and the above website all standing;Communication is mainly distributed It such as EPON/ Industrial Ethernet, wireless private network/wireless public network is the main of adapted telecommunication net in electric power terminal communication access net Communication mode;Power line carrier mode, which is distributed mainly on, is difficult to laying optical cable and wireless signal is difficult to overlay area, be optical fiber and Wireless arbitrary way.
On the basis of understanding power telecom network communication, a kind of quantum of adaptation power business of the invention is close Key automatic filling system structure, it is shown in Figure 2, it is close that N number of quantum random number generator, a quantum are affixed one's name in business main website side Key fills supervisor and a quantum safe access gateway, disposes an a quantum Ukey or quantum TF in each service terminal Card, business main website are connect to carry out the transmission of business datum with N number of service terminal through quantum safe access gateway, each quantum with Machine number generator is separately connected quantum key filling supervisor, and quantum key filling supervisor is through quantum safe access gateway and respectively Quantum Ukey/TF card is connected to carry out the filling and update of quantum key.
Quantum random number generator is used to generate quantum random number key, and is sent to quantum key filling supervisor.This Embodiment affixes one's name to more quantum random number generators in main website side, have the feature that first is that, more quantum random number generators For the true random number through physics entropy theory Strict Proof generated using physical means, it is mutually independent, it is irrelevant, into one Step enhances the randomness of quantum random number key.Second is that more quantum random number generator specific numbers are according to quantum key The power business security level that automatic filling system is supported determines, is defaulted as two for management information class power business, structure Load balancing and warm back-up operating mode are built, while more can be extended to according to quantum key consumption;Class is controlled for production Power business is three or more, and preceding two compositions load balancing mode, third platform is as warm back-up.Third is that more quantum with Machine number generator uses load balancing mode, it is ensured that generates sufficient amount of quantum random number key.Fourth is that more quantum with Warm back-up mechanism is used between machine number generator, can protect the reliability of quantum random number key supply.
Quantum key fills authentication and the quantum that supervisor is used for quantum safe access gateway and quantum Ukey/TF card Key supply.Quantum key fill supervisor and quantum safe access gateway be it is permanently direct-connected, pass through quantum secure accessing net It closes permanently direct-connected with the service terminal comprising quantum Ukey/TF card.The stage is filled in initial key, passes through USB port/TF card slot It is provisional direct-connected with quantum Ukey/TF card, the filling of quantum Ukey/TF card initial key is completed, and identical initial key is sent It is stored to quantum safe access gateway.In the quantum key more new stage, quantum Ukey/TF card, quantum secure accessing are used first Quantum authentication key in gateway realizes the certification of the two with quantum key filling supervisor, and it is close that application obtains quantum random number Key;Then it is close key pair quantum random number to be updated using the identical quantum in quantum Ukey/TF card, quantum safe access gateway Key is encrypted, and realizes the filling and update of quantum key in quantum Ukey/TF card, and same key is sent to quantum safety Access gateway storage.
Quantum safe access gateway can by increase quantum key memory module, using the symmetric encipherment algorithm of one-time pad Etc. functions realize have the smooth upgrade of safe access gateway to electric system, wherein quantum key memory module, for storing Quantum key fills the identical quantum key with quantum Ukey/TF card that supervisor provides, and realizes to the card of Ukey/TF containing quantum The authentication of service terminal, business datum encryption and decryption.
Quantum Ukey/TF card major function is storage key, while completing key in conjunction with quantum key filling supervisor Filling, in conjunction with quantum safe access gateway complete key use, destroy and update.
Business main website side: quantum random number generator and quantum key filling supervisor, quantum key filling supervisor with Communication link between quantum safe access gateway, quantum safe access gateway and business main website is short distance trusted communications link; Service terminal side: the communication link between quantum safe access gateway and the service terminal of the card of Ukey/TF containing quantum is long away from non- Trusted communications link.Short distance trusted communications link, communication distance is short, communication environment closing, is not easy between corresponding two communication entities For outside world scene, wired connection modes or the communications with security protection such as optical fiber, copper cable, chain are mainly used The data transmitted in road do not use quantum key to encrypt.Communication distance is remote between corresponding two communication entities of the latter, communication environment is opened It puts, be easy the data by outside world scene, transmitted in link using quantum key encryption.
A kind of quantum key automatic filling method of adaptation power business based on system above structure, including following step It is rapid:
Step S1, initial key fill the stage: quantum key fill supervisor from each quantum random number generator obtain quantum with Then quantum random number key is filled to quantum Ukey/TF card as its initial key, while transmitting equal amount by machine number key Sub- random number key to quantum safe access gateway stores;
Quantum key filling supervisor is obtained by short distance trusted communications link from more quantum random number generators in the present embodiment The sub- random number key of taken amount, and it is stored in local.Quantum key filling management prow is first to quantum Ukey/TF card, quantum safety Access gateway carries out authentication, specifically includes: the various ways such as preset certificate, dynamic password;After certification passes through, quantum key Supervisor is filled according to quantum Ukey/TF card capacity, general provisional direct-connected by USB port/TF card slot and quantum Ukey/TF card The part quantum random number key being locally stored is filled to quantum Ukey/TF card as initial key;Same key is led to simultaneously It crosses short distance trusted communications link and sends quantum safe access gateway to and stored.Wherein, quantum Ukey/TF card amount of capacity needs All kinds of factors such as considering cost, power business data volume, default minimum may be configured as 1G.
Step 2: the initial key in quantum safe access gateway and quantum Ukey/TF card is divided into quantum authentication key Ka, quantum cryptography key Ke and quantum more new key Ku, quantum authentication key, quantum cryptography key and quantum more new key are adopted With one-time pad mode;Wherein,
Quantum authentication key is used for authentication when communication interaction, and data adds solution when quantum cryptography key is for communication interaction Close, quantum more new key is for handing over communication when updating quantum authentication key, quantum cryptography key and/or quantum more new key The encryption and decryption of new quantum key in mutually.
Quantum authentication key uses regular length, quantum more new key in the present embodiment quantum Ukey/TF card initial key It is determined with quantum cryptography key according to the type of access power business, class business, quantum more new key is controlled for power generation Amount is much larger than quantum cryptography size of key, guarantees the safety of key by quickly more new key;For electrical management info class industry Business, quantum cryptography key are much larger than quantum more new key, update key by amplification quantum, though certain safety is sacrificed, The high availability of guarantee business.
In the present embodiment, class business is controlled for power generation, the renewal speed (i.e. length) of quantum more new key is set It is set to N times (N >=2 select desired value according to service traffics size) of quantum authentication key and quantum cryptography key depletion rate, Such as when N=2, key is divided referring to Fig. 3, quantum more new key first is that for updating quantum authentication key and quantum cryptography key, Second is that realizing for updating the quantum more new key consumed to quantum authentication key, quantum cryptography key and quantum more Xinmi City The real-time filling and long-range update of key;After the quantum more new key use, destroy immediately.
In the present embodiment, electrical management content service is amplified quantum more new key according to service traffics size M times (M >=1), such as: M=6, key divide referring to fig. 4, and quantum more new key is first is that for updating quantum authentication key and quantum Encryption key, second is that for updating the quantum more new key consumed, with realization to quantum authentication key, quantum cryptography key and The real-time filling and long-range update of quantum more new key.
Step S3 utilizes quantum Ukey/TF card, amount when having service data interaction between service terminal and business main website Quantum authentication key in sub- safe access gateway realizes certification between the two, real using quantum encryption key after authenticating successfully The encryption and decryption of business datum in existing interactive process.
Service data interaction process:
Quantum authentication key and quantum cryptography key are all made of one-time pad mode in the present embodiment, when service terminal is to business master When upload business datum of standing, the quantum authentication key in quantum Ukey/TF card, quantum safe access gateway is utilized to realize the two Between certification, after certification passes through, service terminal encrypts business datum using quantum encryption key, and encrypted business datum is logical It crosses remote untrusted communication link and reaches quantum safe access gateway, then quantum safe access gateway is close using quantum cryptography It is decrypted in key, and the business datum after decryption uploads to business main website, when business datum is larger, can carry out multiple business The upload of data;When business main website issuing service data are to service terminal, the process and the above process of encryption and decryption business datum On the contrary.
Business datum after what is transmitted in remote untrusted communication link be quantum cryptography, to guarantee business datum Transmission reliability.
During service data interaction, destroyed immediately after quantum authentication key and quantum cryptography key use.Due to quantum Ukey, quantum TF card and quantum safe access gateway have certain capacity, can the amount of consuming when business datum encrypting and decrypting Authentication subprocess key and quantum cryptography key, are filled.If the key capacity in quantum Ukey and quantum TF card is discontented, The renewal process of quantum key is exactly to fill process;If the key capacity in quantum Ukey and quantum TF card is full, quantum key Renewal process be exactly renewal process.Guarantee first quantum Ukey and quantum TF card key capacity be it is full, then pass through reality When more newly arrive and guarantee safety.
The quantum key more new stage: step S4 is recognized using the quantum in quantum Ukey/TF card, quantum safe access gateway It demonstrate,proves key and realizes that the two and quantum key fill the certification between supervisor, quantum key fills supervisor from each quantum random number Generator obtains quantum random number key, is sent to quantum Ukey/TF card by quantum safe access gateway;Utilize quantum safety Quantum more new key realizes the encryption and decryption of quantum random number key in interactive process in access gateway, quantum Ukey/TF card.
After more new key consumes for quantum authentication key, quantum cryptography key or quantum, or will be to quantum Ukey/TF When quantum key updates in card, quantum Ukey/TF card obtains newly to the filling supervisor application of the quantum key of business main website side Quantum random number key.Its detailed process are as follows: recognized first using the quantum in quantum Ukey/TF card, quantum safe access gateway The certification that key realizes the two with quantum key filling supervisor is demonstrate,proved, it is random to obtain quantum to the reason machine application of quantum key filler line Number key;Quantum key fills supervisor and obtains the desired amount of quantum random number key from each quantum random number generator, then Quantum random number key is sent to quantum safe access gateway, quantum safe access gateway stores this quantum random number key, And update key pair quantum random number key using quantum and encrypted, encrypted quantum random number key is passed through remote Untrusted communication link is sent to the quantum Ukey/TF card of service terminal, the Cali quantum Ukey/TF with identical quantum in it more New key is decrypted, and realizes the filling and update of quantum key in quantum Ukey/TF card.After quantum more new key use, with Destroy.
What is transmitted in remote untrusted communication link is the quantum random number key after quantum cryptography, to guarantee quantum The transmission reliability of key.
There is no the limitations of sequencing between step S3 and step S4, when there is no service data interaction for a long time, Quantum key in quantum safe access gateway and quantum Ukey/TF card can be updated.
Step 3 and 4 processes are constantly repeated, realize the automatic filling and remotely more of the quantum key in quantum Ukey/TF card Newly.
The way currently generallyd use is, the key in quantum Ukey or quantum TF card needs main website to fill after having used up The filling of note machine.And the present invention updates key by quantum to update quantum authentication, encryption and/or more new key, realizes quantum The automatic filling of quantum key in Ukey/TF card and long-range update.
Correspondingly, being based on inventive concept same as the above method, the present invention also provides a kind of adaptation power businesses Quantum key automatic filling system, characterized in that one or more quantum random numbers including being deployed in business main website side occur Device, quantum key filling supervisor and quantum safe access gateway, and it is deployed in multiple quantum Ukey/TF of service terminal side Card, business main website are connect through quantum safe access gateway with each service terminal, each quantum random number generator amount of being separately connected Sub-key fills supervisor, and quantum key fills supervisor and connects through quantum safe access gateway and each quantum Ukey/TF card, is The system course of work includes initial key filling stage, service data interaction stage and quantum key more new stage;
Initial key fills the stage: it is close from each quantum random number generator acquisition quantum random number that quantum key fills supervisor Then quantum random number key is filled to quantum Ukey/TF card as its initial key by key, while it is random to transmit identical quantum Number key to quantum safe access gateway stores;
Initial key in quantum safe access gateway and quantum Ukey/TF card is divided into quantum authentication key, quantum cryptography Key and quantum more new key, quantum authentication key, quantum cryptography key and quantum more new key are all made of one-time pad mode;
The service data interaction stage: when having service data interaction between service terminal and business main website, quantum Ukey/TF is utilized Quantum authentication key in card, quantum safe access gateway realizes certification between the two, and quantum cryptography is utilized after authenticating successfully Key realizes the encryption and decryption of business datum in interactive process;
The quantum key more new stage: two are realized using the quantum authentication key in quantum Ukey/TF card, quantum safe access gateway Certification between person and quantum key filling supervisor, quantum key fill supervisor from each quantum random number generator amount to obtain Sub- random number key is sent to quantum Ukey/TF card by quantum safe access gateway;Utilize quantum safe access gateway, amount Quantum more new key realizes the encryption and decryption of quantum random number key in interactive process in sub- Ukey/TF card.
It should be understood by those skilled in the art that, embodiments herein can provide as method, system or computer program Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the application Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the application, which can be used in one or more, The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces The form of product.
The application is referring to method, the process of equipment (system) and computer program product according to the embodiment of the present application Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates, Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one The step of function of being specified in a box or multiple boxes.
The above is only a preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art For member, without departing from the technical principles of the invention, several improvements and modifications, these improvements and modifications can also be made Also it should be regarded as protection scope of the present invention.

Claims (8)

1. a kind of quantum key automatic filling method, characterized in that include:
Quantum key is divided into quantum authentication key, quantum cryptography key and quantum more new key, quantum authentication key, quantum Encryption key and quantum more new key are all made of one-time pad mode;Wherein,
Quantum authentication key is used for authentication when communication interaction, and data adds solution when quantum cryptography key is for communication interaction Close, quantum more new key is for handing over communication when updating quantum authentication key, quantum cryptography key and/or quantum more new key The encryption and decryption of new quantum key in mutually.
2. a kind of quantum key automatic filling method according to claim 1, characterized in that quantum authentication key is using solid The length of measured length, quantum more new key and quantum cryptography key determines according to demand.
3. a kind of quantum key automatic filling method for adapting to power business, characterized in that 1 including being deployed in business main website side A or multiple quantum random number generators, quantum key filling supervisor and quantum safe access gateway, and it is deployed in business Multiple quantum Ukey/TF cards of terminal side, business main website are connect through quantum safe access gateway with each service terminal, each quantum Randomizer be separately connected quantum key filling supervisor, quantum key fill supervisor through quantum safe access gateway with The connection of each quantum Ukey/TF card, method the following steps are included:
Step S1, initial key fill the stage: quantum key fill supervisor from each quantum random number generator obtain quantum with Then quantum random number key is filled to quantum Ukey/TF card as its initial key, while transmitting equal amount by machine number key Sub- random number key to quantum safe access gateway stores;
Step 2: the initial key in quantum safe access gateway and quantum Ukey/TF card is divided into quantum authentication key, amount Sub- encryption key and quantum more new key, quantum authentication key, quantum cryptography key and quantum more new key are all made of one time one Close mode;
Step S3 is pacified when having service data interaction between service terminal and business main website using quantum Ukey/TF card, quantum Quantum authentication key in full access gateway realizes certification between the two, is realized and is handed over using quantum encryption key after authenticating successfully The encryption and decryption of business datum during mutually;
Step S4, quantum key more new stage: close using the quantum authentication in quantum Ukey/TF card, quantum safe access gateway Key realizes the certification between the two and quantum key filling supervisor, and quantum key filling supervisor occurs from each quantum random number Device obtains quantum random number key, is sent to quantum Ukey/TF card by quantum safe access gateway;Utilize quantum secure accessing Quantum more new key realizes the encryption and decryption of quantum random number key in interactive process in gateway, quantum Ukey/TF card.
4. a kind of quantum key automatic filling method for adapting to power business according to claim 1, characterized in that management When info class power business, quantum random number generator is two or more;When production control class power business, quantum random number Generator is three or more.
5. a kind of quantum key automatic filling method for adapting to power business according to claim 1, characterized in that first Beginning key fills the stage, and quantum key filling supervisor is provisional direct-connected by USB port/TF card slot and quantum Ukey/TF card, complete It is filled at quantum Ukey/TF card initial key.
6. a kind of quantum key automatic filling method for adapting to power business according to claim 1, characterized in that quantum Authentication key is determined using regular length, quantum more new key and quantum cryptography key according to the type of access power business, right Class business is controlled in power generation, quantum updates size of key and is much larger than quantum cryptography size of key;For electrical management info class industry Business, quantum cryptography size of key update size of key much larger than quantum.
7. a kind of quantum key automatic filling method for adapting to power business according to claim 1, characterized in that work as industry When business flow is big, quantum more new key is amplified into several times.
8. a kind of quantum key automatic filling system for adapting to power business, characterized in that 1 including being deployed in business main website side A or multiple quantum random number generators, quantum key filling supervisor and quantum safe access gateway, and it is deployed in business Multiple quantum Ukey/TF cards of terminal side, business main website are connect through quantum safe access gateway with each service terminal, each quantum Randomizer be separately connected quantum key filling supervisor, quantum key fill supervisor through quantum safe access gateway with Each quantum Ukey/TF card connection, system work process include that initial key filling stage, service data interaction stage and quantum are close The key more new stage;
Initial key fills the stage: it is close from each quantum random number generator acquisition quantum random number that quantum key fills supervisor Then quantum random number key is filled to quantum Ukey/TF card as its initial key by key, while it is random to transmit identical quantum Number key to quantum safe access gateway stores;
Initial key in quantum safe access gateway and quantum Ukey/TF card is divided into quantum authentication key, quantum cryptography Key and quantum more new key, quantum authentication key, quantum cryptography key and quantum more new key are all made of one-time pad mode;
The service data interaction stage: when having service data interaction between service terminal and business main website, quantum Ukey/TF is utilized Quantum authentication key in card, quantum safe access gateway realizes certification between the two, and quantum cryptography is utilized after authenticating successfully Key realizes the encryption and decryption of business datum in interactive process;
The quantum key more new stage: two are realized using the quantum authentication key in quantum Ukey/TF card, quantum safe access gateway Certification between person and quantum key filling supervisor, quantum key fill supervisor from each quantum random number generator amount to obtain Sub- random number key is sent to quantum Ukey/TF card by quantum safe access gateway;Utilize quantum safe access gateway, amount Quantum more new key realizes the encryption and decryption of quantum random number key in interactive process in sub- Ukey/TF card.
CN201810960449.0A 2018-08-22 2018-08-22 Quantum key automatic charging method and system suitable for power business Active CN109412794B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810960449.0A CN109412794B (en) 2018-08-22 2018-08-22 Quantum key automatic charging method and system suitable for power business

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810960449.0A CN109412794B (en) 2018-08-22 2018-08-22 Quantum key automatic charging method and system suitable for power business

Publications (2)

Publication Number Publication Date
CN109412794A true CN109412794A (en) 2019-03-01
CN109412794B CN109412794B (en) 2021-10-22

Family

ID=65464344

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810960449.0A Active CN109412794B (en) 2018-08-22 2018-08-22 Quantum key automatic charging method and system suitable for power business

Country Status (1)

Country Link
CN (1) CN109412794B (en)

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109728908A (en) * 2019-03-18 2019-05-07 南方电网调峰调频发电有限公司信息通信分公司 A kind of key management method based on quantum safety moving storage medium
CN110535637A (en) * 2019-08-15 2019-12-03 国网安徽省电力有限公司信息通信分公司 A kind of the wireless dispatch method, apparatus and system of quantum key
CN110572265A (en) * 2019-10-24 2019-12-13 国网山东省电力公司信息通信公司 terminal security access gateway method, device and system based on quantum communication
CN111917543A (en) * 2020-08-14 2020-11-10 国科量子通信网络有限公司 User access cloud platform security access authentication system and application method thereof
CN112737781A (en) * 2021-03-29 2021-04-30 南京易科腾信息技术有限公司 Quantum key management service method, system and storage medium
CN113872762A (en) * 2021-11-29 2021-12-31 国网浙江省电力有限公司金华供电公司 Quantum encryption communication system based on power distribution terminal equipment and use method thereof
CN113904769A (en) * 2021-12-08 2022-01-07 浙江九州量子信息技术股份有限公司 Quantum encryption-based power distribution automation reinforcement implementation method
CN114499853A (en) * 2022-02-11 2022-05-13 浙江国盾量子电力科技有限公司 Power distribution station video transmission communication system and method based on 5G and quantum encryption
CN114531238A (en) * 2022-04-24 2022-05-24 中电信量子科技有限公司 Secret key safe filling method and system based on quantum secret key distribution
CN114553404A (en) * 2022-01-28 2022-05-27 国电南瑞南京控制系统有限公司 Power distribution longitudinal encryption method and system based on quantum encryption
EP3934158A4 (en) * 2019-12-27 2022-12-07 Joint Stock Company "Infotecs" System for the secure transfer of data within a digital network
CN115694816A (en) * 2023-01-04 2023-02-03 南京中科齐信科技有限公司 Quantum key pair filling method based on UDS protocol
CN116208333A (en) * 2023-03-01 2023-06-02 国网浙江杭州市萧山区供电有限公司 Quantum key regulation and control method for remote control terminal of intelligent substation
CN117220878A (en) * 2023-10-20 2023-12-12 合肥合燃华润燃气有限公司 Remote online quantum key management method and system for gas meter

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103490891A (en) * 2013-08-23 2014-01-01 中国科学技术大学 Method for updating and using secret key in power grid SSL VPN
US8897449B1 (en) * 2011-09-12 2014-11-25 Quantum Valley Investment Fund LP Quantum computing on encrypted data
CN104780040A (en) * 2015-04-06 2015-07-15 安徽问天量子科技股份有限公司 Handheld device encryption method and system based on quantum cryptography
CN105515780A (en) * 2016-01-12 2016-04-20 浙江神州量子网络科技有限公司 System and method for authenticating identity based on quantum key
CN106452739A (en) * 2016-09-23 2017-02-22 浙江神州量子网络科技有限公司 Quantum network service station and quantum communication network
CN108134669A (en) * 2018-01-11 2018-06-08 北京国电通网络技术有限公司 Towards the quantum key dynamic supply method of power scheduling business and management system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8897449B1 (en) * 2011-09-12 2014-11-25 Quantum Valley Investment Fund LP Quantum computing on encrypted data
CN103490891A (en) * 2013-08-23 2014-01-01 中国科学技术大学 Method for updating and using secret key in power grid SSL VPN
CN104780040A (en) * 2015-04-06 2015-07-15 安徽问天量子科技股份有限公司 Handheld device encryption method and system based on quantum cryptography
CN105515780A (en) * 2016-01-12 2016-04-20 浙江神州量子网络科技有限公司 System and method for authenticating identity based on quantum key
CN106452739A (en) * 2016-09-23 2017-02-22 浙江神州量子网络科技有限公司 Quantum network service station and quantum communication network
CN108134669A (en) * 2018-01-11 2018-06-08 北京国电通网络技术有限公司 Towards the quantum key dynamic supply method of power scheduling business and management system

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109728908B (en) * 2019-03-18 2021-10-15 南方电网调峰调频发电有限公司信息通信分公司 Secret key management method based on quantum secure mobile storage medium
CN109728908A (en) * 2019-03-18 2019-05-07 南方电网调峰调频发电有限公司信息通信分公司 A kind of key management method based on quantum safety moving storage medium
CN110535637A (en) * 2019-08-15 2019-12-03 国网安徽省电力有限公司信息通信分公司 A kind of the wireless dispatch method, apparatus and system of quantum key
CN110572265A (en) * 2019-10-24 2019-12-13 国网山东省电力公司信息通信公司 terminal security access gateway method, device and system based on quantum communication
CN110572265B (en) * 2019-10-24 2022-04-05 国网山东省电力公司信息通信公司 Terminal security access gateway method, device and system based on quantum communication
EP3934158A4 (en) * 2019-12-27 2022-12-07 Joint Stock Company "Infotecs" System for the secure transfer of data within a digital network
CN111917543B (en) * 2020-08-14 2023-08-29 国科量子通信网络有限公司 User access cloud platform security access authentication system and application method thereof
CN111917543A (en) * 2020-08-14 2020-11-10 国科量子通信网络有限公司 User access cloud platform security access authentication system and application method thereof
CN112737781B (en) * 2021-03-29 2021-06-18 南京易科腾信息技术有限公司 Quantum key management service method, system and storage medium
CN112737781A (en) * 2021-03-29 2021-04-30 南京易科腾信息技术有限公司 Quantum key management service method, system and storage medium
CN113872762A (en) * 2021-11-29 2021-12-31 国网浙江省电力有限公司金华供电公司 Quantum encryption communication system based on power distribution terminal equipment and use method thereof
CN113872762B (en) * 2021-11-29 2022-03-25 国网浙江省电力有限公司金华供电公司 Quantum encryption communication system based on power distribution terminal equipment and use method thereof
CN113904769A (en) * 2021-12-08 2022-01-07 浙江九州量子信息技术股份有限公司 Quantum encryption-based power distribution automation reinforcement implementation method
CN114553404A (en) * 2022-01-28 2022-05-27 国电南瑞南京控制系统有限公司 Power distribution longitudinal encryption method and system based on quantum encryption
CN114499853B (en) * 2022-02-11 2022-11-15 浙江国盾量子电力科技有限公司 Power distribution station video transmission communication system and method based on 5G and quantum encryption
CN114499853A (en) * 2022-02-11 2022-05-13 浙江国盾量子电力科技有限公司 Power distribution station video transmission communication system and method based on 5G and quantum encryption
CN114531238A (en) * 2022-04-24 2022-05-24 中电信量子科技有限公司 Secret key safe filling method and system based on quantum secret key distribution
CN115694816A (en) * 2023-01-04 2023-02-03 南京中科齐信科技有限公司 Quantum key pair filling method based on UDS protocol
CN115694816B (en) * 2023-01-04 2023-03-17 南京中科齐信科技有限公司 Quantum key pair filling method based on UDS protocol
CN116208333A (en) * 2023-03-01 2023-06-02 国网浙江杭州市萧山区供电有限公司 Quantum key regulation and control method for remote control terminal of intelligent substation
CN116208333B (en) * 2023-03-01 2024-02-06 国网浙江杭州市萧山区供电有限公司 Quantum key regulation and control method and system for remote control terminal of intelligent substation
CN117220878A (en) * 2023-10-20 2023-12-12 合肥合燃华润燃气有限公司 Remote online quantum key management method and system for gas meter

Also Published As

Publication number Publication date
CN109412794B (en) 2021-10-22

Similar Documents

Publication Publication Date Title
CN109412794A (en) A kind of quantum key automatic filling method and system adapting to power business
CN108234501A (en) A kind of virtual plant safety communicating method based on quantum key fusion
CN103763099B (en) Electric power security communication network based on quantum key distribution technology
CN103475464B (en) A kind of power special quantum encryption gateway system
CN103491531B (en) Power system WiMAX wireless communication networks uses the method that quantum key improves power information transmission security
CN108880800B (en) Power distribution and utilization communication system and method based on quantum secret communication
CN102983965B (en) Transformer station's quantum communications model, quantum key distribution center and model implementation method
CN105245326A (en) Intelligent power grid safety communication method based on combination cipher
CN107135070A (en) Method for implanting, framework and the system of RSA key pair and certificate
CN109194474A (en) A kind of data transmission method and device
CN103746962A (en) GOOSE electric real-time message encryption and decryption method
CN203851153U (en) Electric power security communication network based on quantum key distribution technology
CN109714166A (en) A kind of mobile distribution method, system, terminal and storage medium based on quantum key
CN110611572A (en) Asymmetric password terminal based on quantum random number, communication system and method
CN115001717B (en) Terminal equipment authentication method and system based on identification public key
CN113872760A (en) SM9 key infrastructure and security system
Upadhyay et al. An efficient key management and multi-layered security framework for SCADA systems
CN110391905A (en) A kind of internet behavior auditing system and method based on quantum key encryption technology
CN113207121A (en) Key management method and system for intelligent power distribution network communication system
CN103763095B (en) Intelligent substation key management method
CN110138559A (en) The method and system of quantum-key distribution are carried out to the terminal in platform area
CN114398627A (en) Zero-trust-based power scheduling quantum password cloud application system and method
CN108964898A (en) It is a kind of that electricity consumption cryptographic communication system and method are matched based on Quantum Secure Communication
CN103812645A (en) Reception secret key sharing system and method based on optical communication
CN109040120A (en) A kind of SV message encryption and decryption method based on IEC61850 standard

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant