CN109428709A - Quantum key distribution method, system and optical network system - Google Patents

Quantum key distribution method, system and optical network system Download PDF

Info

Publication number
CN109428709A
CN109428709A CN201710723534.0A CN201710723534A CN109428709A CN 109428709 A CN109428709 A CN 109428709A CN 201710723534 A CN201710723534 A CN 201710723534A CN 109428709 A CN109428709 A CN 109428709A
Authority
CN
China
Prior art keywords
quantum
quantum key
key
server
encryption communication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710723534.0A
Other languages
Chinese (zh)
Other versions
CN109428709B (en
Inventor
唐建军
李俊杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Corp Ltd
Original Assignee
China Telecom Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Corp Ltd filed Critical China Telecom Corp Ltd
Priority to CN201710723534.0A priority Critical patent/CN109428709B/en
Publication of CN109428709A publication Critical patent/CN109428709A/en
Application granted granted Critical
Publication of CN109428709B publication Critical patent/CN109428709B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • H04L9/0855Quantum cryptography involving additional nodes, e.g. quantum relays, repeaters, intermediate nodes or remote nodes

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Optical Communication System (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a kind of quantum key distribution method, system and optical network systems, method therein includes: that quantum encryption communication sending ending equipment quantum key obtains application, and quantum key is obtained application and is transmitted to the second quantum key server by the first quantum key server;Second quantum key server pushes quantum key to quantum encryption communication receiving device;After the first quantum key server determines that quantum key pushes to quantum encryption communication receiving device, to quantum encryption communication sending ending equipment quantum key.Method, apparatus and optical network system of the invention negotiates to generate symmetric key based on quantum channel, and by quantum-key distribution to communication both ends, can the existing encryption system of quick and smooth upgrading;Using source application, again to the closed-loop fashion of source push after egress push, it is ensured that sending and receiving both ends are all properly received quantum key, and egress is avoided to can not receive correct key and can not decrypt, so as to cause the longer disruption of business.

Description

Quantum key distribution method, system and optical network system
Technical field
The present invention relates to Technique on Quantum Communication field more particularly to a kind of quantum key distribution methods, system and light net Network system.
Background technique
With the development of the new technologies such as high performance parallel computation, quantum calculation, traditional encryption based on algorithm complexity is logical Letter technology faces huge technical security risk, and quantum key distribution (Quantum Key Distribution, QKD) technology is answered It transports and gives birth to.Quantum key distribution technology, as quantum information carrier, solves the safety of quantum key using photon.Currently, Quantum key distribution encrypts equipment to both ends and generallys use encryption equipment both ends to quantum key server (Quantum Key Server, QKS) application key mode, but may not receive effective quantum key due to receiving end so as to cause that can not decrypt, Also, asymmetric encryption means symmetric cryptography is generallyd use, may be cracked by the methods of quantum computer, collision algorithm, key Update cycle is slow, updates 1 time within generally 30 minutes.Therefore, it is necessary to a kind of quantum key methods, how solve quantum key The problem of being effectively distributed to both ends encryption equipment.
Summary of the invention
In view of this, the invention solves a technical problem be to provide a kind of quantum key distribution method, system with And optical network system.
According to an aspect of the present invention, a kind of quantum key distribution method is provided, comprising: quantum encryption communication transmitting terminal Equipment is obtained to the first quantum key server quantum key applies;The first quantum key server is by the quantum Key obtains application and is transmitted to the second quantum key server;The second quantum key server is received to quantum encryption communication End equipment pushes quantum key;Determine that the quantum key pushes to the quantum cryptography in the first quantum key server After communications reception end equipment, Xiang Suoshu quantum encryption communication sending ending equipment sends the quantum key;Wherein, the quantum adds Close communication sending ending equipment and the quantum encryption communication receiving device use quantum cryptography progress data encryption communication.
Optionally, the amount is sent to the first quantum key server in the quantum encryption communication sending ending equipment Before sub-key obtains application, the quantum encryption communication sending ending equipment is to the first quantum key server quantum Key application;Quantum key application described in the first quantum key server registers, passes through the quantum key distribution network equipment The quantum key application is sent to the second quantum key server;Described in the first quantum key server registers Quantum key application will apply for registration of success message by the quantum key distribution network equipment and be sent to the quantum cryptography Communicate sending ending equipment.
Optionally, the information carried in the quantum key application includes: sending ending equipment information, receiving device letter Breath, key demand.
Optionally, the quantum key distribution network equipment is close based on the pairs of quantum of key demand generation Key, and the pairs of quantum key is sent respectively to the first quantum key server and second quantum key clothes Business device.
Optionally, the quantum key distribution network equipment respectively with the first quantum key server, described second Quantum key server is held consultation, and determines the first sub-key, the second sub-key;The quantum key distribution network equipment difference The quantum key is encrypted using first sub-key, second sub-key, and will be close by first son Key, the encrypted quantum key of second sub-key are sent respectively to the first quantum key server, described Two quantum key servers.
Optionally, the first quantum key server is close by the quantum by the quantum key distribution network equipment Key obtains application and is transmitted to the second quantum key server;The quantum of the second quantum key server based on registration is close Key application pushes the quantum key to the quantum encryption communication receiving device, and passes through the quantum key distribution network Equipment sends key to the first quantum key server and pushes success message;The first quantum key server receives The key pushes success message, and the quantum key application based on registration is sent out to the quantum encryption communication sending ending equipment Send the quantum key.
Optionally, close to the first quantum key server quantum in the quantum encryption communication sending ending equipment Before key application, the quantum encryption communication sending ending equipment is registered on the first quantum key server, also, The quantum encryption communication receiving device is registered on the second quantum key server.
Optionally, the quantum encryption communication sending ending equipment sends key business to the first quantum key server Nullify application;The first quantum key server is by the quantum key distribution network equipment by the key service cancellation Application is sent to the second quantum key server;The quantum key of the second quantum key server for registration Application, which executes, nullifies operation, is sent to key service cancellation success message by the quantum key distribution network equipment described First quantum key server;The first quantum key server executes the quantum key application of registration and nullifies behaviour Make.
According to another aspect of the present invention, a kind of quantum key dispatching system is provided, comprising: quantum encryption communication transmitting terminal Equipment, the first quantum key server, quantum encryption communication receiving device and the second quantum key server;The quantum adds Close communication sending ending equipment is applied for obtaining to the first quantum key server quantum key;First amount Sub-key server is transmitted to the second quantum key server for the quantum key to be obtained application;Described second Quantum key server takes for pushing quantum key to quantum encryption communication receiving device in first quantum key After business device determines that the quantum key pushes to the quantum encryption communication receiving device, Xiang Suoshu quantum encryption communication is sent End equipment sends the quantum key;Wherein, the quantum encryption communication sending ending equipment and the quantum encryption communication receive End equipment carries out data encryption communication using the quantum cryptography.
Optionally, further includes: the quantum key distribution network equipment;In the quantum encryption communication sending ending equipment to described First quantum key server is sent before the quantum key obtains application, and the quantum encryption communication sending ending equipment is to institute State the first quantum key server quantum key application;Quantum key Shen described in the first quantum key server registers Please, the quantum key application is sent to by the second quantum key server by the quantum key distribution network equipment;Institute Quantum key application described in the first quantum key server registers is stated, is stepped on application by the quantum key distribution network equipment Note success message is sent to the quantum encryption communication sending ending equipment.
Optionally, the information carried in the quantum key application includes: sending ending equipment information, receiving device letter Breath, key demand.
Optionally, the quantum key distribution network equipment is close based on the pairs of quantum of key demand generation Key, and the pairs of quantum key is sent respectively to the first quantum key server and second quantum key clothes Business device.
Optionally, the quantum key distribution network equipment respectively with the first quantum key server, described second Quantum key server is held consultation, and determines the first sub-key, the second sub-key;The quantum key distribution network equipment difference The quantum key is encrypted using first sub-key, second sub-key, and will be close by first son Key, the encrypted quantum key of second sub-key are sent respectively to the first quantum key server, described Two quantum key servers.
Optionally, the first quantum key server is close by the quantum by the quantum key distribution network equipment Key obtains application and is transmitted to the second quantum key server;The quantum of the second quantum key server based on registration is close Key application pushes the quantum key to the quantum encryption communication receiving device, and passes through the quantum key distribution network Equipment sends key to the first quantum key server and pushes success message;The first quantum key server receives The key pushes success message, and the quantum key application based on registration is sent out to the quantum encryption communication sending ending equipment Send the quantum key.
Optionally, close to the first quantum key server quantum in the quantum encryption communication sending ending equipment Before key application, the quantum encryption communication sending ending equipment is registered on the first quantum key server, also, The quantum encryption communication receiving device is registered on the second quantum key server.
Optionally, the quantum encryption communication sending ending equipment sends key business to the first quantum key server Nullify application;The first quantum key server is by the quantum key distribution network equipment by the key service cancellation Application is sent to the second quantum key server;The quantum key of the second quantum key server for registration Application, which executes, nullifies operation, is sent to key service cancellation success message by the quantum key distribution network equipment described First quantum key server;The first quantum key server executes the quantum key application of registration and nullifies behaviour Make.
According to another aspect of the invention, a kind of optical network system is provided, comprising: quantum-key distribution system as described above System.
Quantum key distribution method, system and optical network system of the invention, the first quantum key server will be sent The quantum key that end equipment is sent obtains application and is transmitted to the second quantum key server, determines in the first quantum key server After second quantum key server pushes quantum key to receiving device, to sending ending equipment quantum key, pass through base Negotiate to generate symmetric key in quantum channel, and by quantum-key distribution and be pushed to communication both ends, can quick and smooth upgrading it is existing There is encryption system;Using source application, again to the closed-loop fashion of source push after egress push, it is ensured that sending and receiving both ends are all correct Quantum key is received, egress is avoided to can not receive correct key and can not decrypt, so as to cause the longer disruption of business.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only Some embodiments of the present invention, for those of ordinary skill in the art, without any creative labor, also Other drawings may be obtained according to these drawings without any creative labor.
Fig. 1 is the flow diagram of one embodiment of quantum key distribution method according to the present invention;
Fig. 2 is the information exchange schematic diagram of another embodiment of quantum key distribution method according to the present invention;
Fig. 3 is the schematic diagram of one embodiment of quantum key dispatching system according to the present invention.
Specific embodiment
With reference to the accompanying drawings to invention is more fully described, wherein illustrating exemplary embodiment of the present invention.Under Face will combine the attached drawing in the embodiment of the present invention, and technical scheme in the embodiment of the invention is clearly and completely described, show So, described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Based on the reality in the present invention Example is applied, every other embodiment obtained by those of ordinary skill in the art without making creative efforts all belongs to In the scope of protection of the invention.
" first " hereinafter, " second " etc. are only used for distinguishing in description, and there is no other special meanings.
Fig. 1 is the flow diagram of one embodiment of quantum key distribution method according to the present invention, as shown in Figure 1:
Step 101, quantum encryption communication sending ending equipment obtains Shen to the first quantum key server quantum key Please.
Step 102, quantum key is obtained application and is transmitted to the second quantum key server by the first quantum key server.
Step 103, the second quantum key server pushes quantum key to quantum encryption communication receiving device.
Step 104, determine that quantum key pushes to quantum encryption communication receiving device in the first quantum key server Afterwards, to quantum encryption communication sending ending equipment quantum key, so that quantum encryption communication sending ending equipment and quantum cryptography The sub- password of communications reception end equipment usage amount carries out data encryption communication.
In one embodiment, close to the first quantum key server quantum in quantum encryption communication sending ending equipment Before key application, quantum encryption communication sending ending equipment is registered on the first quantum key server, also, quantum cryptography Communications reception end equipment is registered on the second quantum key server.
Before quantum encryption communication sending ending equipment obtains application to the first quantum key server quantum key, Quantum encryption communication sending ending equipment is to the first quantum key server quantum key application.It is carried in quantum key application Information include sending ending equipment information, receiving device information, key demand etc..
First quantum key server registers quantum key application, by the quantum key distribution network equipment by quantum key Application is sent to the second quantum key server.First quantum key server registers quantum key application, passes through quantum key Distribution network equipment will apply for registration of success message and be sent to quantum encryption communication sending ending equipment.
The quantum key distribution network equipment generates pairs of quantum key based on key demand, and pairs of quantum is close Key is sent respectively to the first quantum key server and the second quantum key server.The quantum key distribution network equipment respectively with First quantum key server, the second quantum key server are held consultation, and determine the first sub-key, the second sub-key.Quantum Key distribution network equipment respectively encrypts quantum key using the first sub-key, the second sub-key, and will pass through first Sub-key, the encrypted quantum key of the second sub-key are sent respectively to the first quantum key server, the second quantum key clothes Business device.
Quantum key is obtained application by the quantum key distribution network equipment and is transmitted to the by the first quantum key server Two quantum key servers.Second quantum key server is based on the quantum key application of registration to quantum encryption communication receiving end Equipment push quantum key, and by the quantum key distribution network equipment to the first quantum key server send key push at Function message.First quantum key server receives key push success message, and the quantum key application based on registration is to quantum Coded communication sending ending equipment quantum key.
Quantum encryption communication sending ending equipment sends the application of key service cancellation to the first quantum key server.First amount Key service cancellation application is sent to the second quantum key service by the quantum key distribution network equipment by sub-key server Device.Second quantum key server executes the quantum key application of registration and nullifies operation, passes through quantum key distribution network Key service cancellation success message is sent to the first quantum key server by equipment.First quantum key server is for registration Quantum key application execute nullify operation.
Fig. 2 is the interaction schematic diagram of another embodiment of quantum key distribution method according to the present invention, such as Fig. 2 institute Show:
Step 201, quantum encryption communication sending ending equipment QCCDa is infused on the first affiliated quantum key server QKSa Volume.
Step 202, quantum encryption communication receiving device QCCDb is infused in the second affiliated quantum key server QKSb Volume.
Step 203, quantum encryption communication sending ending equipment QCCDa is close to the first quantum key server QKSa initiation quantum Key application, quantum key application include key demand, i.e., how many bit quantum keys per second.
Step 204, the quantum key distribution network equipment includes that quantum key generates central server QKGCS etc..First amount After sub-key server QKSa registration, central server QKGCS is generated by quantum key, quantum key application is transferred to the Two quantum key server QKSb.
Step 205, after the second quantum key server QKSb registration, quantum key application is pushed into quantum encryption communication Receiving device QCCDb, and backtracking confirmation message.
Quantum key generates central server QKGCS and pairs of quantum key QKi is distributed to the first quantum key on demand Server QKSa and the second quantum key server QKSb.Quantum key generates central server QKGCS and relay node, and Negotiate quantum key QKc-r_i, QKr-a_i between the first quantum key server QKSa, utilizes QKc-r_i, QKr-a_i couple The mode that quantum key QKi carries out one-time pad encrypts, and is sequentially transmitted to the first quantum key server QKSa.Similarly utilize QKc-b_i encrypt and is sent QKi to second quantum key server QKSb.Wherein, i indicates i-th of period, different QKc-r_i, QKr-a_i, QKc-b_i, QKi of period is different.
Step 206, quantum encryption communication sending ending equipment QCCDa is close to the first quantum key server QKSa initiation quantum Key acquisition request, quantum key acquisition request transfer to QKSb through QKGCS.
Step 208, the second quantum key server QKSb push quantum key (Qki) to quantum encryption communication receiving end is set Standby QCCDb, backtracking confirmation message.
First quantum key server QKSa pushes quantum key (Qki) to quantum encryption communication sending ending equipment QCCDa. Quantum encryption communication sending ending equipment QCCDa and quantum encryption communication receiving device QCCDb are encrypted using quantum key Communication.
Quantum encryption communication sending ending equipment QCCDa initiates quantum key business note to the first quantum key server QKSa Pin application, through quantum key distribution network transfers to the second quantum key server QKSb, the second quantum key server QKSb The application of key service cancellation is pushed to quantum encryption communication receiving device QCCDb, returns to confirmation message.
Quantum key distribution method of the invention, can make OTN end to end or router etc. encrypt equipment utilization from QKDN network negotiates (generally less than 1 minute) quantum key pair being randomly generated, quickly updating, more demanding to security level The business such as special line encrypted, encrypt unrelated with intermediate equipment, it is only necessary to which both ends encrypt equipment and use in pairs.
In one embodiment, the present invention provides a kind of quantum key dispatching system, comprising: quantum encryption communication transmitting terminal Equipment 31, the first quantum key server 33, quantum encryption communication receiving device 32, the second quantum key server 34 and The quantum key distribution network equipment.The quantum key distribution network equipment may include that relay node 35 and quantum key generate center Server QKGCS 36 etc..
Quantum encryption communication sending ending equipment 31 is obtained to the first quantum key server quantum key to be applied.First Quantum key is obtained application and is transmitted to the second quantum key server 34 by quantum key server 33.Second quantum key service Device 34 pushes quantum key to quantum encryption communication receiving device 32, determines quantum key in the first quantum key server 33 After pushing to quantum encryption communication receiving device 32, to 31 quantum key of quantum encryption communication sending ending equipment.Quantum Coded communication sending ending equipment 31 and quantum encryption communication receiving device 32 use quantum cryptography progress data encryption communication.
In quantum encryption communication sending ending equipment 31 to before the 33 quantum key application of the first quantum key server, Quantum encryption communication sending ending equipment 31 is registered on the first quantum key server 33, also, quantum encryption communication connects Receiving end equipment 32 is registered on the second quantum key server 34.
It obtains and applies to 33 quantum key of the first quantum key server in quantum encryption communication sending ending equipment 31 Before, quantum encryption communication sending ending equipment 31 is to the 33 quantum key application of the first quantum key server.First quantum Key server 33 registers quantum key application, and quantum key application is sent to second by the quantum key distribution network equipment Quantum key server 34.First quantum key server 33 registers quantum key application, is set by quantum key distribution network Quantum encryption communication sending ending equipment 31 is sent to for success message will be applied for registration of.The packet carried in quantum key application Include sending ending equipment information, receiving device information, key demand etc..
The quantum key distribution network equipment generates pairs of quantum key based on key demand, and pairs of quantum is close Key is sent respectively to the first quantum key server 33 and the second quantum key server 34.The quantum key distribution network equipment point It does not hold consultation with the first quantum key server 33, the second quantum key server 34, determines that the first sub-key, the second son are close Key.The quantum key distribution network equipment respectively encrypts quantum key using the first sub-key, the second sub-key, and will be through Cross the first sub-key, the encrypted quantum key of the second sub-key is sent respectively to the first quantum key server 33, the second amount Sub-key server 34.
Quantum key is obtained application by the quantum key distribution network equipment and is transmitted to by the first quantum key server 33 Second quantum key server 34.Second quantum key server 34 is based on the quantum key application of registration to quantum encryption communication Receiving device 32 pushes quantum key, and is sent by the quantum key distribution network equipment to the first quantum key server 33 Key pushes success message.First quantum key server 33 receives key push success message, and the quantum based on registration is close Key application is to 31 quantum key of quantum encryption communication sending ending equipment.
Quantum encryption communication sending ending equipment 31 sends the application of key service cancellation to the first quantum key server 33.The It is close that key service cancellation application by the quantum key distribution network equipment is sent to the second quantum by one quantum key server 33 Key server 34.Second quantum key server 34 executes the quantum key application of registration and nullifies operation, close by quantum Key service cancellation success message is sent to the first quantum key server 33 by key distribution network equipment.First quantum key clothes Business device 33 executes the quantum key application of registration and nullifies operation.
In one embodiment, the present invention provides a kind of optical network system, close including the quantum in any embodiment as above Key distribution system.
Quantum key distribution method, system and the optical network system provided in above-described embodiment, the first quantum key clothes The quantum key that sending ending equipment is sent is obtained application and is transmitted to the second quantum key server by business device, in the first quantum key It is close to sending ending equipment quantum after server determines that the second quantum key server pushes quantum key to receiving device Key is generated symmetric key by being negotiated based on quantum channel, and by quantum-key distribution and is pushed to communication both ends, can quick flat The sliding existing encryption system of grade;Using source application, again to the closed-loop fashion of source push after egress push, it is ensured that sending and receiving two End be all properly received quantum key, avoid egress from can not receive correct key and can not decrypt, so as to cause business it is longer in Disconnected problem;The key safety that can ensure to encrypt can push the multi-vendor interconnection in upstream and downstream mutual by quantum key api interface Key distribution in logical scene.
Method and system of the invention may be achieved in many ways.For example, can by software, hardware, firmware or Software, hardware, firmware any combination realize method and system of the invention.The said sequence of the step of for method is only In order to be illustrated, the step of method of the invention, is not limited to sequence described in detail above, especially says unless otherwise It is bright.In addition, in some embodiments, also the present invention can be embodied as to record program in the recording medium, these programs include For realizing machine readable instructions according to the method for the present invention.Thus, the present invention also covers storage for executing according to this hair The recording medium of the program of bright method.
Description of the invention is given for the purpose of illustration and description, and is not exhaustively or will be of the invention It is limited to disclosed form.Many modifications and variations are obvious for the ordinary skill in the art.It selects and retouches It states embodiment and is to more preferably illustrate the principle of the present invention and practical application, and those skilled in the art is enable to manage The solution present invention is to design various embodiments suitable for specific applications with various modifications.

Claims (17)

1. a kind of quantum key distribution method characterized by comprising
Quantum encryption communication sending ending equipment is obtained to the first quantum key server quantum key to be applied;
The quantum key is obtained application and is transmitted to the second quantum key server by the first quantum key server;
The second quantum key server pushes quantum key to quantum encryption communication receiving device;
Determine that the quantum key pushes to the quantum encryption communication receiving device in the first quantum key server Afterwards, Xiang Suoshu quantum encryption communication sending ending equipment sends the quantum key;
Wherein, the quantum encryption communication sending ending equipment and the quantum encryption communication receiving device are close using the quantum Code carries out data encryption communication.
2. the method as described in claim 1, which is characterized in that further include:
The quantum key is sent to the first quantum key server in the quantum encryption communication sending ending equipment to obtain Before application, the quantum encryption communication sending ending equipment is to the first quantum key server quantum key application;
Quantum key application described in the first quantum key server registers, will be described by the quantum key distribution network equipment Quantum key application is sent to the second quantum key server;
Quantum key application described in the first quantum key server registers, will by the quantum key distribution network equipment It applies for registration of success message and is sent to the quantum encryption communication sending ending equipment.
3. method according to claim 2, which is characterized in that
The information carried in the quantum key application includes: sending ending equipment information, receiving device information, key demand Amount.
4. method as claimed in claim 3, which is characterized in that further include:
The quantum key distribution network equipment generates the pairs of quantum key based on the key demand, and will be pairs of The quantum key be sent respectively to the first quantum key server and the second quantum key server.
5. method as claimed in claim 4, which is characterized in that further include:
The quantum key distribution network equipment respectively with the first quantum key server, the second quantum key service Device is held consultation, and determines the first sub-key, the second sub-key;
The quantum key distribution network equipment uses first sub-key, second sub-key close to the quantum respectively Key is encrypted, and will be sent respectively by first sub-key, the encrypted quantum key of second sub-key To the first quantum key server, the second quantum key server.
6. method as claimed in claim 3, which is characterized in that further include:
The first quantum key server, which is obtained the quantum key by the quantum key distribution network equipment, to be applied It is transmitted to the second quantum key server;
The second quantum key server is based on the quantum key application of registration to the quantum encryption communication receiving end Equipment pushes the quantum key, and is sent out by the quantum key distribution network equipment to the first quantum key server Key is sent to push success message;
The first quantum key server receives the key push success message, the quantum key Shen based on registration Please the quantum key is sent to the quantum encryption communication sending ending equipment.
7. method according to claim 2, which is characterized in that further include:
In the quantum encryption communication sending ending equipment to before the first quantum key server quantum key application, The quantum encryption communication sending ending equipment is registered on the first quantum key server, also, the quantum adds Close communications reception end equipment is registered on the second quantum key server.
8. method according to claim 2, which is characterized in that further include:
The quantum encryption communication sending ending equipment sends the application of key service cancellation to the first quantum key server;
The first quantum key server is by the quantum key distribution network equipment by the key service cancellation application It is sent to the second quantum key server;
The second quantum key server executes the quantum key application of registration and nullifies operation, passes through the quantum Key service cancellation success message is sent to the first quantum key server by key distribution network equipment;
The first quantum key server executes the quantum key application of registration and nullifies operation.
9. a kind of quantum key dispatching system characterized by comprising quantum encryption communication sending ending equipment, the first quantum are close Key server, quantum encryption communication receiving device and the second quantum key server;
The quantum encryption communication sending ending equipment, for obtaining Shen to the first quantum key server quantum key Please;The first quantum key server is transmitted to the second quantum key clothes for the quantum key to be obtained application Business device;The second quantum key server, for pushing quantum key to quantum encryption communication receiving device, described the After one quantum key server determines that the quantum key pushes to the quantum encryption communication receiving device, Xiang Suoshu quantum Coded communication sending ending equipment sends the quantum key;Wherein, the quantum encryption communication sending ending equipment and the quantum Coded communication receiving device carries out data encryption communication using the quantum cryptography.
10. system as claimed in claim 9, which is characterized in that further include: the quantum key distribution network equipment;
The quantum key is sent to the first quantum key server in the quantum encryption communication sending ending equipment to obtain Before application, the quantum encryption communication sending ending equipment is to the first quantum key server quantum key application; Quantum key application described in the first quantum key server registers, by the quantum key distribution network equipment by the quantum Key application is sent to the second quantum key server;Quantum key Shen described in the first quantum key server registers Please, success message will be applied for registration of by the quantum key distribution network equipment and is sent to the quantum encryption communication transmitting terminal Equipment.
11. system as claimed in claim 10, which is characterized in that
The information carried in the quantum key application includes: sending ending equipment information, receiving device information, key demand Amount.
12. system as claimed in claim 11, which is characterized in that the quantum key distribution network equipment is based on the key Demand generates the pairs of quantum key, and the pairs of quantum key is sent respectively to first quantum key Server and the second quantum key server.
13. system as claimed in claim 12, which is characterized in that
The quantum key distribution network equipment respectively with the first quantum key server, the second quantum key service Device is held consultation, and determines the first sub-key, the second sub-key;The quantum key distribution network equipment uses described first respectively Sub-key, second sub-key encrypt the quantum key, and will be by first sub-key, second son The encrypted quantum key of key is sent respectively to the first quantum key server, the second quantum key service Device.
14. system as claimed in claim 11, which is characterized in that
The first quantum key server, which is obtained the quantum key by the quantum key distribution network equipment, to be applied It is transmitted to the second quantum key server;The second quantum key server is based on the quantum key application of registration to institute It states quantum encryption communication receiving device and pushes the quantum key, and by the quantum key distribution network equipment to described First quantum key server sends key and pushes success message;The first quantum key server receives the key and pushes away Success message is sent, the quantum key application based on registration sends the quantum to the quantum encryption communication sending ending equipment Key.
15. system as claimed in claim 10, which is characterized in that
In the quantum encryption communication sending ending equipment to before the first quantum key server quantum key application, The quantum encryption communication sending ending equipment is registered on the first quantum key server, also, the quantum adds Close communications reception end equipment is registered on the second quantum key server.
16. system as claimed in claim 10, which is characterized in that
The quantum encryption communication sending ending equipment sends the application of key service cancellation to the first quantum key server;Institute It states the first quantum key server and is sent to the key service cancellation application by the quantum key distribution network equipment The second quantum key server;The second quantum key server executes note for the quantum key application of registration Pin operation, it is close by key service cancellation success message to be sent to first quantum by the quantum key distribution network equipment Key server;The first quantum key server executes the quantum key application of registration and nullifies operation.
17. a kind of optical network system characterized by comprising
Such as the described in any item quantum key dispatching systems of claim 9 to 16.
CN201710723534.0A 2017-08-22 2017-08-22 Quantum key distribution method and system and optical network system Active CN109428709B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710723534.0A CN109428709B (en) 2017-08-22 2017-08-22 Quantum key distribution method and system and optical network system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710723534.0A CN109428709B (en) 2017-08-22 2017-08-22 Quantum key distribution method and system and optical network system

Publications (2)

Publication Number Publication Date
CN109428709A true CN109428709A (en) 2019-03-05
CN109428709B CN109428709B (en) 2022-03-01

Family

ID=65497909

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710723534.0A Active CN109428709B (en) 2017-08-22 2017-08-22 Quantum key distribution method and system and optical network system

Country Status (1)

Country Link
CN (1) CN109428709B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112350822A (en) * 2019-08-07 2021-02-09 科大国盾量子技术股份有限公司 Key distribution method, device and equipment
CN113411187A (en) * 2020-03-17 2021-09-17 阿里巴巴集团控股有限公司 Identity authentication method and system, storage medium and processor
CN113708929A (en) * 2021-08-26 2021-11-26 东南大学 Method for pushing quantum key at fixed time by edge gateway of Internet of things
CN114866234A (en) * 2022-04-26 2022-08-05 中国电信股份有限公司 Voice communication method, device and equipment based on quantum key encryption and decryption and storage

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101814987A (en) * 2010-04-29 2010-08-25 西安西电捷通无线网络通信股份有限公司 Method and system for establishing key between nodes
CN101834863A (en) * 2010-04-29 2010-09-15 西安西电捷通无线网络通信股份有限公司 Method and system for establishing secure connection between local area network nodes
CN102983965A (en) * 2012-10-18 2013-03-20 中国电力科学研究院 Transformer substation quantum communication model, quantum secret key distribution center and model achieving method
US20140331050A1 (en) * 2011-04-15 2014-11-06 Quintessence Labs Pty Ltd. Qkd key management system
CN104660602A (en) * 2015-02-14 2015-05-27 山东量子科学技术研究院有限公司 Quantum key transmission control method and system
CN104917595A (en) * 2015-06-16 2015-09-16 四川长虹通信科技有限公司 Secret key switching method and system in encryption communication process
CN105071929A (en) * 2015-07-15 2015-11-18 清华大学 Postprocessing method for quantum key distribution
CN106301769A (en) * 2015-06-08 2017-01-04 阿里巴巴集团控股有限公司 Quantum key output intent, storage consistency verification method, Apparatus and system

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101814987A (en) * 2010-04-29 2010-08-25 西安西电捷通无线网络通信股份有限公司 Method and system for establishing key between nodes
CN101834863A (en) * 2010-04-29 2010-09-15 西安西电捷通无线网络通信股份有限公司 Method and system for establishing secure connection between local area network nodes
US20140331050A1 (en) * 2011-04-15 2014-11-06 Quintessence Labs Pty Ltd. Qkd key management system
CN102983965A (en) * 2012-10-18 2013-03-20 中国电力科学研究院 Transformer substation quantum communication model, quantum secret key distribution center and model achieving method
CN104660602A (en) * 2015-02-14 2015-05-27 山东量子科学技术研究院有限公司 Quantum key transmission control method and system
CN106301769A (en) * 2015-06-08 2017-01-04 阿里巴巴集团控股有限公司 Quantum key output intent, storage consistency verification method, Apparatus and system
CN104917595A (en) * 2015-06-16 2015-09-16 四川长虹通信科技有限公司 Secret key switching method and system in encryption communication process
CN105071929A (en) * 2015-07-15 2015-11-18 清华大学 Postprocessing method for quantum key distribution

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112350822A (en) * 2019-08-07 2021-02-09 科大国盾量子技术股份有限公司 Key distribution method, device and equipment
CN113411187A (en) * 2020-03-17 2021-09-17 阿里巴巴集团控股有限公司 Identity authentication method and system, storage medium and processor
CN113411187B (en) * 2020-03-17 2023-12-15 阿里巴巴集团控股有限公司 Identity authentication method and system, storage medium and processor
CN113708929A (en) * 2021-08-26 2021-11-26 东南大学 Method for pushing quantum key at fixed time by edge gateway of Internet of things
CN113708929B (en) * 2021-08-26 2022-07-01 东南大学 Method for regularly pushing quantum key by edge gateway of Internet of things
CN114866234A (en) * 2022-04-26 2022-08-05 中国电信股份有限公司 Voice communication method, device and equipment based on quantum key encryption and decryption and storage
CN114866234B (en) * 2022-04-26 2023-11-07 中国电信股份有限公司 Voice communication method, device, equipment and storage based on quantum key encryption and decryption

Also Published As

Publication number Publication date
CN109428709B (en) 2022-03-01

Similar Documents

Publication Publication Date Title
CN109995513B (en) Low-delay quantum key mobile service method
CN109842485B (en) Centralized quantum key service network system
CN110581763B (en) Quantum key service block chain network system
CN108510270B (en) Mobile transfer method with safe quantum
CN108462573B (en) Flexible quantum secure mobile communication method
CN109428709A (en) Quantum key distribution method, system and optical network system
CN201830272U (en) Network encryption machine based on quantum keys
US11212265B2 (en) Perfect forward secrecy (PFS) protected media access control security (MACSEC) key distribution
CN108667607A (en) A kind of quantum key synchronous method with electric terminal
CN106452741A (en) Communication system for realizing information encryption/decryption transmission based on quantum network and communication method
CN101340443A (en) Session key negotiating method, system and server in communication network
CN101771586A (en) Method, system and equipment for realizing equipment adding in wireless fidelity (Wi-Fi) peer-to-peer network
CN107769913A (en) A kind of communication means and system based on quantum UKey
CN109995514A (en) A kind of safe and efficient quantum key Information Mobile Service method
CN104486316A (en) Quantum key classification providing method for improving electric power data transmission security
CN112187450B (en) Method, device, equipment and storage medium for key management communication
CN109995511A (en) A kind of mobile secret communication method based on quantum key distribution network
CN103763094A (en) Intelligent electric meter system safety monitoring information processing method
CN109842442B (en) Quantum key service method taking airport as regional center
CN109756325A (en) A method of mobile office system safety is promoted using quantum key
CN111342952A (en) Safe and efficient quantum key service method and system
Zheng et al. Controlled quantum secure direct communication with authentication protocol based on five-particle cluster state and classical XOR operation
CN110212991A (en) Quantum wireless network communications system
CN109845184A (en) A kind of data ciphering method and device of instant messaging
CN101646172B (en) Method and device for generating key in distributed MESH network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant