CN109428709A - Quantum key distribution method, system and optical network system - Google Patents
Quantum key distribution method, system and optical network system Download PDFInfo
- Publication number
- CN109428709A CN109428709A CN201710723534.0A CN201710723534A CN109428709A CN 109428709 A CN109428709 A CN 109428709A CN 201710723534 A CN201710723534 A CN 201710723534A CN 109428709 A CN109428709 A CN 109428709A
- Authority
- CN
- China
- Prior art keywords
- quantum
- quantum key
- key
- server
- encryption communication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
- H04L9/0855—Quantum cryptography involving additional nodes, e.g. quantum relays, repeaters, intermediate nodes or remote nodes
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Optical Communication System (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a kind of quantum key distribution method, system and optical network systems, method therein includes: that quantum encryption communication sending ending equipment quantum key obtains application, and quantum key is obtained application and is transmitted to the second quantum key server by the first quantum key server;Second quantum key server pushes quantum key to quantum encryption communication receiving device;After the first quantum key server determines that quantum key pushes to quantum encryption communication receiving device, to quantum encryption communication sending ending equipment quantum key.Method, apparatus and optical network system of the invention negotiates to generate symmetric key based on quantum channel, and by quantum-key distribution to communication both ends, can the existing encryption system of quick and smooth upgrading;Using source application, again to the closed-loop fashion of source push after egress push, it is ensured that sending and receiving both ends are all properly received quantum key, and egress is avoided to can not receive correct key and can not decrypt, so as to cause the longer disruption of business.
Description
Technical field
The present invention relates to Technique on Quantum Communication field more particularly to a kind of quantum key distribution methods, system and light net
Network system.
Background technique
With the development of the new technologies such as high performance parallel computation, quantum calculation, traditional encryption based on algorithm complexity is logical
Letter technology faces huge technical security risk, and quantum key distribution (Quantum Key Distribution, QKD) technology is answered
It transports and gives birth to.Quantum key distribution technology, as quantum information carrier, solves the safety of quantum key using photon.Currently,
Quantum key distribution encrypts equipment to both ends and generallys use encryption equipment both ends to quantum key server (Quantum Key
Server, QKS) application key mode, but may not receive effective quantum key due to receiving end so as to cause that can not decrypt,
Also, asymmetric encryption means symmetric cryptography is generallyd use, may be cracked by the methods of quantum computer, collision algorithm, key
Update cycle is slow, updates 1 time within generally 30 minutes.Therefore, it is necessary to a kind of quantum key methods, how solve quantum key
The problem of being effectively distributed to both ends encryption equipment.
Summary of the invention
In view of this, the invention solves a technical problem be to provide a kind of quantum key distribution method, system with
And optical network system.
According to an aspect of the present invention, a kind of quantum key distribution method is provided, comprising: quantum encryption communication transmitting terminal
Equipment is obtained to the first quantum key server quantum key applies;The first quantum key server is by the quantum
Key obtains application and is transmitted to the second quantum key server;The second quantum key server is received to quantum encryption communication
End equipment pushes quantum key;Determine that the quantum key pushes to the quantum cryptography in the first quantum key server
After communications reception end equipment, Xiang Suoshu quantum encryption communication sending ending equipment sends the quantum key;Wherein, the quantum adds
Close communication sending ending equipment and the quantum encryption communication receiving device use quantum cryptography progress data encryption communication.
Optionally, the amount is sent to the first quantum key server in the quantum encryption communication sending ending equipment
Before sub-key obtains application, the quantum encryption communication sending ending equipment is to the first quantum key server quantum
Key application;Quantum key application described in the first quantum key server registers, passes through the quantum key distribution network equipment
The quantum key application is sent to the second quantum key server;Described in the first quantum key server registers
Quantum key application will apply for registration of success message by the quantum key distribution network equipment and be sent to the quantum cryptography
Communicate sending ending equipment.
Optionally, the information carried in the quantum key application includes: sending ending equipment information, receiving device letter
Breath, key demand.
Optionally, the quantum key distribution network equipment is close based on the pairs of quantum of key demand generation
Key, and the pairs of quantum key is sent respectively to the first quantum key server and second quantum key clothes
Business device.
Optionally, the quantum key distribution network equipment respectively with the first quantum key server, described second
Quantum key server is held consultation, and determines the first sub-key, the second sub-key;The quantum key distribution network equipment difference
The quantum key is encrypted using first sub-key, second sub-key, and will be close by first son
Key, the encrypted quantum key of second sub-key are sent respectively to the first quantum key server, described
Two quantum key servers.
Optionally, the first quantum key server is close by the quantum by the quantum key distribution network equipment
Key obtains application and is transmitted to the second quantum key server;The quantum of the second quantum key server based on registration is close
Key application pushes the quantum key to the quantum encryption communication receiving device, and passes through the quantum key distribution network
Equipment sends key to the first quantum key server and pushes success message;The first quantum key server receives
The key pushes success message, and the quantum key application based on registration is sent out to the quantum encryption communication sending ending equipment
Send the quantum key.
Optionally, close to the first quantum key server quantum in the quantum encryption communication sending ending equipment
Before key application, the quantum encryption communication sending ending equipment is registered on the first quantum key server, also,
The quantum encryption communication receiving device is registered on the second quantum key server.
Optionally, the quantum encryption communication sending ending equipment sends key business to the first quantum key server
Nullify application;The first quantum key server is by the quantum key distribution network equipment by the key service cancellation
Application is sent to the second quantum key server;The quantum key of the second quantum key server for registration
Application, which executes, nullifies operation, is sent to key service cancellation success message by the quantum key distribution network equipment described
First quantum key server;The first quantum key server executes the quantum key application of registration and nullifies behaviour
Make.
According to another aspect of the present invention, a kind of quantum key dispatching system is provided, comprising: quantum encryption communication transmitting terminal
Equipment, the first quantum key server, quantum encryption communication receiving device and the second quantum key server;The quantum adds
Close communication sending ending equipment is applied for obtaining to the first quantum key server quantum key;First amount
Sub-key server is transmitted to the second quantum key server for the quantum key to be obtained application;Described second
Quantum key server takes for pushing quantum key to quantum encryption communication receiving device in first quantum key
After business device determines that the quantum key pushes to the quantum encryption communication receiving device, Xiang Suoshu quantum encryption communication is sent
End equipment sends the quantum key;Wherein, the quantum encryption communication sending ending equipment and the quantum encryption communication receive
End equipment carries out data encryption communication using the quantum cryptography.
Optionally, further includes: the quantum key distribution network equipment;In the quantum encryption communication sending ending equipment to described
First quantum key server is sent before the quantum key obtains application, and the quantum encryption communication sending ending equipment is to institute
State the first quantum key server quantum key application;Quantum key Shen described in the first quantum key server registers
Please, the quantum key application is sent to by the second quantum key server by the quantum key distribution network equipment;Institute
Quantum key application described in the first quantum key server registers is stated, is stepped on application by the quantum key distribution network equipment
Note success message is sent to the quantum encryption communication sending ending equipment.
Optionally, the information carried in the quantum key application includes: sending ending equipment information, receiving device letter
Breath, key demand.
Optionally, the quantum key distribution network equipment is close based on the pairs of quantum of key demand generation
Key, and the pairs of quantum key is sent respectively to the first quantum key server and second quantum key clothes
Business device.
Optionally, the quantum key distribution network equipment respectively with the first quantum key server, described second
Quantum key server is held consultation, and determines the first sub-key, the second sub-key;The quantum key distribution network equipment difference
The quantum key is encrypted using first sub-key, second sub-key, and will be close by first son
Key, the encrypted quantum key of second sub-key are sent respectively to the first quantum key server, described
Two quantum key servers.
Optionally, the first quantum key server is close by the quantum by the quantum key distribution network equipment
Key obtains application and is transmitted to the second quantum key server;The quantum of the second quantum key server based on registration is close
Key application pushes the quantum key to the quantum encryption communication receiving device, and passes through the quantum key distribution network
Equipment sends key to the first quantum key server and pushes success message;The first quantum key server receives
The key pushes success message, and the quantum key application based on registration is sent out to the quantum encryption communication sending ending equipment
Send the quantum key.
Optionally, close to the first quantum key server quantum in the quantum encryption communication sending ending equipment
Before key application, the quantum encryption communication sending ending equipment is registered on the first quantum key server, also,
The quantum encryption communication receiving device is registered on the second quantum key server.
Optionally, the quantum encryption communication sending ending equipment sends key business to the first quantum key server
Nullify application;The first quantum key server is by the quantum key distribution network equipment by the key service cancellation
Application is sent to the second quantum key server;The quantum key of the second quantum key server for registration
Application, which executes, nullifies operation, is sent to key service cancellation success message by the quantum key distribution network equipment described
First quantum key server;The first quantum key server executes the quantum key application of registration and nullifies behaviour
Make.
According to another aspect of the invention, a kind of optical network system is provided, comprising: quantum-key distribution system as described above
System.
Quantum key distribution method, system and optical network system of the invention, the first quantum key server will be sent
The quantum key that end equipment is sent obtains application and is transmitted to the second quantum key server, determines in the first quantum key server
After second quantum key server pushes quantum key to receiving device, to sending ending equipment quantum key, pass through base
Negotiate to generate symmetric key in quantum channel, and by quantum-key distribution and be pushed to communication both ends, can quick and smooth upgrading it is existing
There is encryption system;Using source application, again to the closed-loop fashion of source push after egress push, it is ensured that sending and receiving both ends are all correct
Quantum key is received, egress is avoided to can not receive correct key and can not decrypt, so as to cause the longer disruption of business.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only
Some embodiments of the present invention, for those of ordinary skill in the art, without any creative labor, also
Other drawings may be obtained according to these drawings without any creative labor.
Fig. 1 is the flow diagram of one embodiment of quantum key distribution method according to the present invention;
Fig. 2 is the information exchange schematic diagram of another embodiment of quantum key distribution method according to the present invention;
Fig. 3 is the schematic diagram of one embodiment of quantum key dispatching system according to the present invention.
Specific embodiment
With reference to the accompanying drawings to invention is more fully described, wherein illustrating exemplary embodiment of the present invention.Under
Face will combine the attached drawing in the embodiment of the present invention, and technical scheme in the embodiment of the invention is clearly and completely described, show
So, described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Based on the reality in the present invention
Example is applied, every other embodiment obtained by those of ordinary skill in the art without making creative efforts all belongs to
In the scope of protection of the invention.
" first " hereinafter, " second " etc. are only used for distinguishing in description, and there is no other special meanings.
Fig. 1 is the flow diagram of one embodiment of quantum key distribution method according to the present invention, as shown in Figure 1:
Step 101, quantum encryption communication sending ending equipment obtains Shen to the first quantum key server quantum key
Please.
Step 102, quantum key is obtained application and is transmitted to the second quantum key server by the first quantum key server.
Step 103, the second quantum key server pushes quantum key to quantum encryption communication receiving device.
Step 104, determine that quantum key pushes to quantum encryption communication receiving device in the first quantum key server
Afterwards, to quantum encryption communication sending ending equipment quantum key, so that quantum encryption communication sending ending equipment and quantum cryptography
The sub- password of communications reception end equipment usage amount carries out data encryption communication.
In one embodiment, close to the first quantum key server quantum in quantum encryption communication sending ending equipment
Before key application, quantum encryption communication sending ending equipment is registered on the first quantum key server, also, quantum cryptography
Communications reception end equipment is registered on the second quantum key server.
Before quantum encryption communication sending ending equipment obtains application to the first quantum key server quantum key,
Quantum encryption communication sending ending equipment is to the first quantum key server quantum key application.It is carried in quantum key application
Information include sending ending equipment information, receiving device information, key demand etc..
First quantum key server registers quantum key application, by the quantum key distribution network equipment by quantum key
Application is sent to the second quantum key server.First quantum key server registers quantum key application, passes through quantum key
Distribution network equipment will apply for registration of success message and be sent to quantum encryption communication sending ending equipment.
The quantum key distribution network equipment generates pairs of quantum key based on key demand, and pairs of quantum is close
Key is sent respectively to the first quantum key server and the second quantum key server.The quantum key distribution network equipment respectively with
First quantum key server, the second quantum key server are held consultation, and determine the first sub-key, the second sub-key.Quantum
Key distribution network equipment respectively encrypts quantum key using the first sub-key, the second sub-key, and will pass through first
Sub-key, the encrypted quantum key of the second sub-key are sent respectively to the first quantum key server, the second quantum key clothes
Business device.
Quantum key is obtained application by the quantum key distribution network equipment and is transmitted to the by the first quantum key server
Two quantum key servers.Second quantum key server is based on the quantum key application of registration to quantum encryption communication receiving end
Equipment push quantum key, and by the quantum key distribution network equipment to the first quantum key server send key push at
Function message.First quantum key server receives key push success message, and the quantum key application based on registration is to quantum
Coded communication sending ending equipment quantum key.
Quantum encryption communication sending ending equipment sends the application of key service cancellation to the first quantum key server.First amount
Key service cancellation application is sent to the second quantum key service by the quantum key distribution network equipment by sub-key server
Device.Second quantum key server executes the quantum key application of registration and nullifies operation, passes through quantum key distribution network
Key service cancellation success message is sent to the first quantum key server by equipment.First quantum key server is for registration
Quantum key application execute nullify operation.
Fig. 2 is the interaction schematic diagram of another embodiment of quantum key distribution method according to the present invention, such as Fig. 2 institute
Show:
Step 201, quantum encryption communication sending ending equipment QCCDa is infused on the first affiliated quantum key server QKSa
Volume.
Step 202, quantum encryption communication receiving device QCCDb is infused in the second affiliated quantum key server QKSb
Volume.
Step 203, quantum encryption communication sending ending equipment QCCDa is close to the first quantum key server QKSa initiation quantum
Key application, quantum key application include key demand, i.e., how many bit quantum keys per second.
Step 204, the quantum key distribution network equipment includes that quantum key generates central server QKGCS etc..First amount
After sub-key server QKSa registration, central server QKGCS is generated by quantum key, quantum key application is transferred to the
Two quantum key server QKSb.
Step 205, after the second quantum key server QKSb registration, quantum key application is pushed into quantum encryption communication
Receiving device QCCDb, and backtracking confirmation message.
Quantum key generates central server QKGCS and pairs of quantum key QKi is distributed to the first quantum key on demand
Server QKSa and the second quantum key server QKSb.Quantum key generates central server QKGCS and relay node, and
Negotiate quantum key QKc-r_i, QKr-a_i between the first quantum key server QKSa, utilizes QKc-r_i, QKr-a_i couple
The mode that quantum key QKi carries out one-time pad encrypts, and is sequentially transmitted to the first quantum key server QKSa.Similarly utilize
QKc-b_i encrypt and is sent QKi to second quantum key server QKSb.Wherein, i indicates i-th of period, different
QKc-r_i, QKr-a_i, QKc-b_i, QKi of period is different.
Step 206, quantum encryption communication sending ending equipment QCCDa is close to the first quantum key server QKSa initiation quantum
Key acquisition request, quantum key acquisition request transfer to QKSb through QKGCS.
Step 208, the second quantum key server QKSb push quantum key (Qki) to quantum encryption communication receiving end is set
Standby QCCDb, backtracking confirmation message.
First quantum key server QKSa pushes quantum key (Qki) to quantum encryption communication sending ending equipment QCCDa.
Quantum encryption communication sending ending equipment QCCDa and quantum encryption communication receiving device QCCDb are encrypted using quantum key
Communication.
Quantum encryption communication sending ending equipment QCCDa initiates quantum key business note to the first quantum key server QKSa
Pin application, through quantum key distribution network transfers to the second quantum key server QKSb, the second quantum key server QKSb
The application of key service cancellation is pushed to quantum encryption communication receiving device QCCDb, returns to confirmation message.
Quantum key distribution method of the invention, can make OTN end to end or router etc. encrypt equipment utilization from
QKDN network negotiates (generally less than 1 minute) quantum key pair being randomly generated, quickly updating, more demanding to security level
The business such as special line encrypted, encrypt unrelated with intermediate equipment, it is only necessary to which both ends encrypt equipment and use in pairs.
In one embodiment, the present invention provides a kind of quantum key dispatching system, comprising: quantum encryption communication transmitting terminal
Equipment 31, the first quantum key server 33, quantum encryption communication receiving device 32, the second quantum key server 34 and
The quantum key distribution network equipment.The quantum key distribution network equipment may include that relay node 35 and quantum key generate center
Server QKGCS 36 etc..
Quantum encryption communication sending ending equipment 31 is obtained to the first quantum key server quantum key to be applied.First
Quantum key is obtained application and is transmitted to the second quantum key server 34 by quantum key server 33.Second quantum key service
Device 34 pushes quantum key to quantum encryption communication receiving device 32, determines quantum key in the first quantum key server 33
After pushing to quantum encryption communication receiving device 32, to 31 quantum key of quantum encryption communication sending ending equipment.Quantum
Coded communication sending ending equipment 31 and quantum encryption communication receiving device 32 use quantum cryptography progress data encryption communication.
In quantum encryption communication sending ending equipment 31 to before the 33 quantum key application of the first quantum key server,
Quantum encryption communication sending ending equipment 31 is registered on the first quantum key server 33, also, quantum encryption communication connects
Receiving end equipment 32 is registered on the second quantum key server 34.
It obtains and applies to 33 quantum key of the first quantum key server in quantum encryption communication sending ending equipment 31
Before, quantum encryption communication sending ending equipment 31 is to the 33 quantum key application of the first quantum key server.First quantum
Key server 33 registers quantum key application, and quantum key application is sent to second by the quantum key distribution network equipment
Quantum key server 34.First quantum key server 33 registers quantum key application, is set by quantum key distribution network
Quantum encryption communication sending ending equipment 31 is sent to for success message will be applied for registration of.The packet carried in quantum key application
Include sending ending equipment information, receiving device information, key demand etc..
The quantum key distribution network equipment generates pairs of quantum key based on key demand, and pairs of quantum is close
Key is sent respectively to the first quantum key server 33 and the second quantum key server 34.The quantum key distribution network equipment point
It does not hold consultation with the first quantum key server 33, the second quantum key server 34, determines that the first sub-key, the second son are close
Key.The quantum key distribution network equipment respectively encrypts quantum key using the first sub-key, the second sub-key, and will be through
Cross the first sub-key, the encrypted quantum key of the second sub-key is sent respectively to the first quantum key server 33, the second amount
Sub-key server 34.
Quantum key is obtained application by the quantum key distribution network equipment and is transmitted to by the first quantum key server 33
Second quantum key server 34.Second quantum key server 34 is based on the quantum key application of registration to quantum encryption communication
Receiving device 32 pushes quantum key, and is sent by the quantum key distribution network equipment to the first quantum key server 33
Key pushes success message.First quantum key server 33 receives key push success message, and the quantum based on registration is close
Key application is to 31 quantum key of quantum encryption communication sending ending equipment.
Quantum encryption communication sending ending equipment 31 sends the application of key service cancellation to the first quantum key server 33.The
It is close that key service cancellation application by the quantum key distribution network equipment is sent to the second quantum by one quantum key server 33
Key server 34.Second quantum key server 34 executes the quantum key application of registration and nullifies operation, close by quantum
Key service cancellation success message is sent to the first quantum key server 33 by key distribution network equipment.First quantum key clothes
Business device 33 executes the quantum key application of registration and nullifies operation.
In one embodiment, the present invention provides a kind of optical network system, close including the quantum in any embodiment as above
Key distribution system.
Quantum key distribution method, system and the optical network system provided in above-described embodiment, the first quantum key clothes
The quantum key that sending ending equipment is sent is obtained application and is transmitted to the second quantum key server by business device, in the first quantum key
It is close to sending ending equipment quantum after server determines that the second quantum key server pushes quantum key to receiving device
Key is generated symmetric key by being negotiated based on quantum channel, and by quantum-key distribution and is pushed to communication both ends, can quick flat
The sliding existing encryption system of grade;Using source application, again to the closed-loop fashion of source push after egress push, it is ensured that sending and receiving two
End be all properly received quantum key, avoid egress from can not receive correct key and can not decrypt, so as to cause business it is longer in
Disconnected problem;The key safety that can ensure to encrypt can push the multi-vendor interconnection in upstream and downstream mutual by quantum key api interface
Key distribution in logical scene.
Method and system of the invention may be achieved in many ways.For example, can by software, hardware, firmware or
Software, hardware, firmware any combination realize method and system of the invention.The said sequence of the step of for method is only
In order to be illustrated, the step of method of the invention, is not limited to sequence described in detail above, especially says unless otherwise
It is bright.In addition, in some embodiments, also the present invention can be embodied as to record program in the recording medium, these programs include
For realizing machine readable instructions according to the method for the present invention.Thus, the present invention also covers storage for executing according to this hair
The recording medium of the program of bright method.
Description of the invention is given for the purpose of illustration and description, and is not exhaustively or will be of the invention
It is limited to disclosed form.Many modifications and variations are obvious for the ordinary skill in the art.It selects and retouches
It states embodiment and is to more preferably illustrate the principle of the present invention and practical application, and those skilled in the art is enable to manage
The solution present invention is to design various embodiments suitable for specific applications with various modifications.
Claims (17)
1. a kind of quantum key distribution method characterized by comprising
Quantum encryption communication sending ending equipment is obtained to the first quantum key server quantum key to be applied;
The quantum key is obtained application and is transmitted to the second quantum key server by the first quantum key server;
The second quantum key server pushes quantum key to quantum encryption communication receiving device;
Determine that the quantum key pushes to the quantum encryption communication receiving device in the first quantum key server
Afterwards, Xiang Suoshu quantum encryption communication sending ending equipment sends the quantum key;
Wherein, the quantum encryption communication sending ending equipment and the quantum encryption communication receiving device are close using the quantum
Code carries out data encryption communication.
2. the method as described in claim 1, which is characterized in that further include:
The quantum key is sent to the first quantum key server in the quantum encryption communication sending ending equipment to obtain
Before application, the quantum encryption communication sending ending equipment is to the first quantum key server quantum key application;
Quantum key application described in the first quantum key server registers, will be described by the quantum key distribution network equipment
Quantum key application is sent to the second quantum key server;
Quantum key application described in the first quantum key server registers, will by the quantum key distribution network equipment
It applies for registration of success message and is sent to the quantum encryption communication sending ending equipment.
3. method according to claim 2, which is characterized in that
The information carried in the quantum key application includes: sending ending equipment information, receiving device information, key demand
Amount.
4. method as claimed in claim 3, which is characterized in that further include:
The quantum key distribution network equipment generates the pairs of quantum key based on the key demand, and will be pairs of
The quantum key be sent respectively to the first quantum key server and the second quantum key server.
5. method as claimed in claim 4, which is characterized in that further include:
The quantum key distribution network equipment respectively with the first quantum key server, the second quantum key service
Device is held consultation, and determines the first sub-key, the second sub-key;
The quantum key distribution network equipment uses first sub-key, second sub-key close to the quantum respectively
Key is encrypted, and will be sent respectively by first sub-key, the encrypted quantum key of second sub-key
To the first quantum key server, the second quantum key server.
6. method as claimed in claim 3, which is characterized in that further include:
The first quantum key server, which is obtained the quantum key by the quantum key distribution network equipment, to be applied
It is transmitted to the second quantum key server;
The second quantum key server is based on the quantum key application of registration to the quantum encryption communication receiving end
Equipment pushes the quantum key, and is sent out by the quantum key distribution network equipment to the first quantum key server
Key is sent to push success message;
The first quantum key server receives the key push success message, the quantum key Shen based on registration
Please the quantum key is sent to the quantum encryption communication sending ending equipment.
7. method according to claim 2, which is characterized in that further include:
In the quantum encryption communication sending ending equipment to before the first quantum key server quantum key application,
The quantum encryption communication sending ending equipment is registered on the first quantum key server, also, the quantum adds
Close communications reception end equipment is registered on the second quantum key server.
8. method according to claim 2, which is characterized in that further include:
The quantum encryption communication sending ending equipment sends the application of key service cancellation to the first quantum key server;
The first quantum key server is by the quantum key distribution network equipment by the key service cancellation application
It is sent to the second quantum key server;
The second quantum key server executes the quantum key application of registration and nullifies operation, passes through the quantum
Key service cancellation success message is sent to the first quantum key server by key distribution network equipment;
The first quantum key server executes the quantum key application of registration and nullifies operation.
9. a kind of quantum key dispatching system characterized by comprising quantum encryption communication sending ending equipment, the first quantum are close
Key server, quantum encryption communication receiving device and the second quantum key server;
The quantum encryption communication sending ending equipment, for obtaining Shen to the first quantum key server quantum key
Please;The first quantum key server is transmitted to the second quantum key clothes for the quantum key to be obtained application
Business device;The second quantum key server, for pushing quantum key to quantum encryption communication receiving device, described the
After one quantum key server determines that the quantum key pushes to the quantum encryption communication receiving device, Xiang Suoshu quantum
Coded communication sending ending equipment sends the quantum key;Wherein, the quantum encryption communication sending ending equipment and the quantum
Coded communication receiving device carries out data encryption communication using the quantum cryptography.
10. system as claimed in claim 9, which is characterized in that further include: the quantum key distribution network equipment;
The quantum key is sent to the first quantum key server in the quantum encryption communication sending ending equipment to obtain
Before application, the quantum encryption communication sending ending equipment is to the first quantum key server quantum key application;
Quantum key application described in the first quantum key server registers, by the quantum key distribution network equipment by the quantum
Key application is sent to the second quantum key server;Quantum key Shen described in the first quantum key server registers
Please, success message will be applied for registration of by the quantum key distribution network equipment and is sent to the quantum encryption communication transmitting terminal
Equipment.
11. system as claimed in claim 10, which is characterized in that
The information carried in the quantum key application includes: sending ending equipment information, receiving device information, key demand
Amount.
12. system as claimed in claim 11, which is characterized in that the quantum key distribution network equipment is based on the key
Demand generates the pairs of quantum key, and the pairs of quantum key is sent respectively to first quantum key
Server and the second quantum key server.
13. system as claimed in claim 12, which is characterized in that
The quantum key distribution network equipment respectively with the first quantum key server, the second quantum key service
Device is held consultation, and determines the first sub-key, the second sub-key;The quantum key distribution network equipment uses described first respectively
Sub-key, second sub-key encrypt the quantum key, and will be by first sub-key, second son
The encrypted quantum key of key is sent respectively to the first quantum key server, the second quantum key service
Device.
14. system as claimed in claim 11, which is characterized in that
The first quantum key server, which is obtained the quantum key by the quantum key distribution network equipment, to be applied
It is transmitted to the second quantum key server;The second quantum key server is based on the quantum key application of registration to institute
It states quantum encryption communication receiving device and pushes the quantum key, and by the quantum key distribution network equipment to described
First quantum key server sends key and pushes success message;The first quantum key server receives the key and pushes away
Success message is sent, the quantum key application based on registration sends the quantum to the quantum encryption communication sending ending equipment
Key.
15. system as claimed in claim 10, which is characterized in that
In the quantum encryption communication sending ending equipment to before the first quantum key server quantum key application,
The quantum encryption communication sending ending equipment is registered on the first quantum key server, also, the quantum adds
Close communications reception end equipment is registered on the second quantum key server.
16. system as claimed in claim 10, which is characterized in that
The quantum encryption communication sending ending equipment sends the application of key service cancellation to the first quantum key server;Institute
It states the first quantum key server and is sent to the key service cancellation application by the quantum key distribution network equipment
The second quantum key server;The second quantum key server executes note for the quantum key application of registration
Pin operation, it is close by key service cancellation success message to be sent to first quantum by the quantum key distribution network equipment
Key server;The first quantum key server executes the quantum key application of registration and nullifies operation.
17. a kind of optical network system characterized by comprising
Such as the described in any item quantum key dispatching systems of claim 9 to 16.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710723534.0A CN109428709B (en) | 2017-08-22 | 2017-08-22 | Quantum key distribution method and system and optical network system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710723534.0A CN109428709B (en) | 2017-08-22 | 2017-08-22 | Quantum key distribution method and system and optical network system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109428709A true CN109428709A (en) | 2019-03-05 |
CN109428709B CN109428709B (en) | 2022-03-01 |
Family
ID=65497909
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710723534.0A Active CN109428709B (en) | 2017-08-22 | 2017-08-22 | Quantum key distribution method and system and optical network system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109428709B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112350822A (en) * | 2019-08-07 | 2021-02-09 | 科大国盾量子技术股份有限公司 | Key distribution method, device and equipment |
CN113411187A (en) * | 2020-03-17 | 2021-09-17 | 阿里巴巴集团控股有限公司 | Identity authentication method and system, storage medium and processor |
CN113708929A (en) * | 2021-08-26 | 2021-11-26 | 东南大学 | Method for pushing quantum key at fixed time by edge gateway of Internet of things |
CN114866234A (en) * | 2022-04-26 | 2022-08-05 | 中国电信股份有限公司 | Voice communication method, device and equipment based on quantum key encryption and decryption and storage |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101814987A (en) * | 2010-04-29 | 2010-08-25 | 西安西电捷通无线网络通信股份有限公司 | Method and system for establishing key between nodes |
CN101834863A (en) * | 2010-04-29 | 2010-09-15 | 西安西电捷通无线网络通信股份有限公司 | Method and system for establishing secure connection between local area network nodes |
CN102983965A (en) * | 2012-10-18 | 2013-03-20 | 中国电力科学研究院 | Transformer substation quantum communication model, quantum secret key distribution center and model achieving method |
US20140331050A1 (en) * | 2011-04-15 | 2014-11-06 | Quintessence Labs Pty Ltd. | Qkd key management system |
CN104660602A (en) * | 2015-02-14 | 2015-05-27 | 山东量子科学技术研究院有限公司 | Quantum key transmission control method and system |
CN104917595A (en) * | 2015-06-16 | 2015-09-16 | 四川长虹通信科技有限公司 | Secret key switching method and system in encryption communication process |
CN105071929A (en) * | 2015-07-15 | 2015-11-18 | 清华大学 | Postprocessing method for quantum key distribution |
CN106301769A (en) * | 2015-06-08 | 2017-01-04 | 阿里巴巴集团控股有限公司 | Quantum key output intent, storage consistency verification method, Apparatus and system |
-
2017
- 2017-08-22 CN CN201710723534.0A patent/CN109428709B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101814987A (en) * | 2010-04-29 | 2010-08-25 | 西安西电捷通无线网络通信股份有限公司 | Method and system for establishing key between nodes |
CN101834863A (en) * | 2010-04-29 | 2010-09-15 | 西安西电捷通无线网络通信股份有限公司 | Method and system for establishing secure connection between local area network nodes |
US20140331050A1 (en) * | 2011-04-15 | 2014-11-06 | Quintessence Labs Pty Ltd. | Qkd key management system |
CN102983965A (en) * | 2012-10-18 | 2013-03-20 | 中国电力科学研究院 | Transformer substation quantum communication model, quantum secret key distribution center and model achieving method |
CN104660602A (en) * | 2015-02-14 | 2015-05-27 | 山东量子科学技术研究院有限公司 | Quantum key transmission control method and system |
CN106301769A (en) * | 2015-06-08 | 2017-01-04 | 阿里巴巴集团控股有限公司 | Quantum key output intent, storage consistency verification method, Apparatus and system |
CN104917595A (en) * | 2015-06-16 | 2015-09-16 | 四川长虹通信科技有限公司 | Secret key switching method and system in encryption communication process |
CN105071929A (en) * | 2015-07-15 | 2015-11-18 | 清华大学 | Postprocessing method for quantum key distribution |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112350822A (en) * | 2019-08-07 | 2021-02-09 | 科大国盾量子技术股份有限公司 | Key distribution method, device and equipment |
CN113411187A (en) * | 2020-03-17 | 2021-09-17 | 阿里巴巴集团控股有限公司 | Identity authentication method and system, storage medium and processor |
CN113411187B (en) * | 2020-03-17 | 2023-12-15 | 阿里巴巴集团控股有限公司 | Identity authentication method and system, storage medium and processor |
CN113708929A (en) * | 2021-08-26 | 2021-11-26 | 东南大学 | Method for pushing quantum key at fixed time by edge gateway of Internet of things |
CN113708929B (en) * | 2021-08-26 | 2022-07-01 | 东南大学 | Method for regularly pushing quantum key by edge gateway of Internet of things |
CN114866234A (en) * | 2022-04-26 | 2022-08-05 | 中国电信股份有限公司 | Voice communication method, device and equipment based on quantum key encryption and decryption and storage |
CN114866234B (en) * | 2022-04-26 | 2023-11-07 | 中国电信股份有限公司 | Voice communication method, device, equipment and storage based on quantum key encryption and decryption |
Also Published As
Publication number | Publication date |
---|---|
CN109428709B (en) | 2022-03-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109995513B (en) | Low-delay quantum key mobile service method | |
CN109842485B (en) | Centralized quantum key service network system | |
CN110581763B (en) | Quantum key service block chain network system | |
CN108510270B (en) | Mobile transfer method with safe quantum | |
CN108462573B (en) | Flexible quantum secure mobile communication method | |
CN109428709A (en) | Quantum key distribution method, system and optical network system | |
CN201830272U (en) | Network encryption machine based on quantum keys | |
US11212265B2 (en) | Perfect forward secrecy (PFS) protected media access control security (MACSEC) key distribution | |
CN108667607A (en) | A kind of quantum key synchronous method with electric terminal | |
CN106452741A (en) | Communication system for realizing information encryption/decryption transmission based on quantum network and communication method | |
CN101340443A (en) | Session key negotiating method, system and server in communication network | |
CN101771586A (en) | Method, system and equipment for realizing equipment adding in wireless fidelity (Wi-Fi) peer-to-peer network | |
CN107769913A (en) | A kind of communication means and system based on quantum UKey | |
CN109995514A (en) | A kind of safe and efficient quantum key Information Mobile Service method | |
CN104486316A (en) | Quantum key classification providing method for improving electric power data transmission security | |
CN112187450B (en) | Method, device, equipment and storage medium for key management communication | |
CN109995511A (en) | A kind of mobile secret communication method based on quantum key distribution network | |
CN103763094A (en) | Intelligent electric meter system safety monitoring information processing method | |
CN109842442B (en) | Quantum key service method taking airport as regional center | |
CN109756325A (en) | A method of mobile office system safety is promoted using quantum key | |
CN111342952A (en) | Safe and efficient quantum key service method and system | |
Zheng et al. | Controlled quantum secure direct communication with authentication protocol based on five-particle cluster state and classical XOR operation | |
CN110212991A (en) | Quantum wireless network communications system | |
CN109845184A (en) | A kind of data ciphering method and device of instant messaging | |
CN101646172B (en) | Method and device for generating key in distributed MESH network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |