CN109560917B - QKD method, device and system - Google Patents

QKD method, device and system Download PDF

Info

Publication number
CN109560917B
CN109560917B CN201710882423.4A CN201710882423A CN109560917B CN 109560917 B CN109560917 B CN 109560917B CN 201710882423 A CN201710882423 A CN 201710882423A CN 109560917 B CN109560917 B CN 109560917B
Authority
CN
China
Prior art keywords
qkd
target
quantum
key
quantum hardware
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710882423.4A
Other languages
Chinese (zh)
Other versions
CN109560917A (en
Inventor
刘建宏
余刚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Quantumctek Co Ltd
Original Assignee
Quantumctek Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Quantumctek Co Ltd filed Critical Quantumctek Co Ltd
Priority to CN201710882423.4A priority Critical patent/CN109560917B/en
Publication of CN109560917A publication Critical patent/CN109560917A/en
Application granted granted Critical
Publication of CN109560917B publication Critical patent/CN109560917B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B10/00Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
    • H04B10/70Photonic quantum communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • H04L9/0858Details about key distillation or coding, e.g. reconciliation, error correction, privacy amplification, polarisation coding or phase coding

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Electromagnetism (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Optics & Photonics (AREA)
  • Optical Communication System (AREA)

Abstract

Each QKD device of the QKD system comprises a QKD control sub-device and at least one QKD execution sub-device. The QKD execution sub-device provides multiple quantum hardware devices that can meet the user's requirements for quantum keys generated based on different physical implementation principles. And the QKD control sub-device can control the QKD execution sub-device to call the required quantum hardware device and generate the required quantum key. Based on the QKD control sub-equipment and the QKD execution sub-equipment, the QKD technical scheme realizes the separation of control logic and hardware, has good flexibility and high expansibility, and is suitable for the diversified requirements of users.

Description

QKD method, device and system
Technical Field
The present application relates to the field of communications technologies, and in particular, to a QKD method, device, and system.
Background
Quantum communication is a new communication technology combining quantum theory and information theory, and can realize high-performance communication by using quantum effect under physical limit. At present, a practical Quantum communication technology is called Quantum Key Distribution (QKD) technology, and the device foundation is a QKD system based on a Quantum Key Distribution protocol. The QKD system generally comprises a local QKD device and an opposite-end QKD device, wherein the local QKD device and the opposite-end QKD device communicate through a QKD network and a classical communication network to realize quantum key distribution.
At present, the types of QKD protocols supported by different quantum hardware devices are different, and if the types of the QKD protocols supported by the quantum hardware device of the local QKD device in the QKD system are different from the types of the QKD protocols supported by the quantum hardware device of the opposite-end QKD device in the QKD system, the local QKD device and the opposite-end QKD device cannot interact to generate a quantum key. Therefore, the QKD device of the QKD system can only adopt a certain fixed quantum hardware device, and the control logic for generating the quantum key in the QKD device is determined by using the QKD protocol type supported by the quantum hardware device, and the control logic is only applicable to the QKD device and cannot be applicable to QKD devices realized based on other quantum hardware devices. The QKD device in the prior art has poor flexibility and cannot meet diversified practical application requirements.
Disclosure of Invention
The technical problem solved by the application is to provide a QKD method, device and system, which realize a QKD technical scheme with good flexibility and high expansibility and are suitable for diversified requirements of users.
Therefore, the technical scheme for solving the technical problem is as follows:
a quantum key distribution QKD control method, the method comprising:
selecting an identifier of a target quantum hardware device, wherein the target quantum hardware device is one of a plurality of quantum hardware devices provided by a local QKD execution sub-device;
selecting one QKD protocol type as a target QKD protocol type from a plurality of QKD protocol types suitable for the target quantum hardware equipment;
selecting a target key processing parameter, wherein the target key processing parameter is used for calling a target key processing logic and processing data generated by the target quantum hardware equipment to generate a quantum key;
and generating a control parameter according to the identification of the target quantum hardware device, the target QKD protocol type and the target key processing parameter, sending the control parameter to the local QKD execution sub-device, and controlling the local QKD execution sub-device to generate a quantum key.
Optionally, the selecting the identifier of the target quantum hardware device includes:
displaying identifications of a plurality of quantum hardware devices provided by the local QKD execution sub-device;
obtaining an identification of the target quantum hardware device in response to a user selection operation from the identifications of the plurality of quantum hardware devices.
Optionally, the selecting the identifier of the target quantum hardware device includes:
acquiring identifiers of a plurality of quantum hardware devices provided by an opposite-end QKD execution sub-device, wherein the opposite-end QKD execution sub-device is an opposite-end device which communicates with the local QKD execution sub-device by adopting a quantum key distribution network in a QKD system;
extracting the identifier of the quantum hardware device shared by the local QKD execution sub-device and the opposite-end QKD execution sub-device;
and selecting the identifier of one quantum hardware device from the identifiers of the shared quantum hardware devices as the identifier of the target quantum hardware device.
Optionally, the method further includes:
and receiving a state table fed back by the local QKD execution sub-device, wherein the state table is used for representing the operation condition of the local QKD execution sub-device in the process of generating the quantum key.
A quantum key distribution, QKD, execution method, the method comprising:
receiving control parameters sent by the local QKD control sub-equipment, wherein the control parameters comprise an identifier of target quantum hardware equipment, a target QKD protocol type and target key processing parameters;
calling the target quantum hardware equipment identified by the identification of the target quantum hardware equipment from a plurality of quantum hardware equipment according to the identification of the target quantum hardware equipment to generate data corresponding to the target QKD protocol type;
and calling a target key processing logic according to the target key processing parameter, and processing the data to obtain a quantum key.
Optionally, the target key processing parameters include a target basis vector comparison algorithm, a target error correction algorithm, a target privacy enhancement algorithm, and a target verification algorithm, and the invoking a target key processing logic according to the target key processing parameters to process the data to obtain the quantum key includes:
performing basis vector comparison on the data by using basis vector comparison logic corresponding to the target basis vector comparison algorithm to obtain first data;
calling error correction logic corresponding to the target error correction algorithm, and performing key error correction on the first data to obtain second data;
calling a security enhancement logic corresponding to the target security enhancement algorithm, and performing security enhancement on the second data to obtain third data;
and calling a verification logic corresponding to the target verification algorithm, and performing key verification on the third data to obtain a quantum key.
Optionally, the method further includes:
and carrying out key management operation on the generated quantum key, wherein the key management operation comprises key information inquiry, key encryption storage and key encryption output.
A quantum key distribution QKD control sub-device, the control sub-device comprising:
the hardware selection module is used for selecting an identifier of a target quantum hardware device, wherein the target quantum hardware device is one of a plurality of quantum hardware devices provided by a local QKD execution sub-device;
the QKD protocol matching module is used for selecting one QKD protocol type as a target QKD protocol type from multiple QKD protocol types suitable for the target quantum hardware equipment;
the parameter selection module is used for selecting a target key processing parameter, wherein the target key processing parameter is used for calling a target key processing logic and processing data generated by the target quantum hardware equipment to generate a quantum key;
and the control module is used for generating control parameters according to the identification of the target quantum hardware equipment, the target QKD protocol type and the target key processing parameters, sending the control parameters to the local QKD execution sub-equipment and controlling the local QKD execution sub-equipment to generate a quantum key.
Optionally, the hardware matching module includes:
a display unit for displaying the identifications of the plurality of quantum hardware devices provided by the local QKD execution sub-device;
a response unit, configured to obtain an identification of the target quantum hardware device in response to a user selection operation from the identifications of the plurality of quantum hardware devices.
Optionally, the hardware matching module includes:
an obtaining unit, configured to obtain identifiers of multiple quantum hardware devices provided by an opposite-end QKD execution sub-device, where the opposite-end QKD execution sub-device is an opposite-end device in a QKD system, and communicates with the local QKD execution sub-device through a quantum key distribution network;
an extracting unit, configured to extract an identifier of a quantum hardware device shared by the local QKD execution sub-device and the peer QKD execution sub-device;
and the selection unit is used for selecting the identifier of one quantum hardware device from the identifiers of the shared quantum hardware devices as the identifier of the target quantum hardware device.
Optionally, the control sub-device further includes:
and the state monitoring module is used for receiving a state table fed back by the local QKD execution sub-device, and the state table is used for representing the operation condition of the local QKD execution sub-device in the process of generating the quantum key.
A quantum key distribution, QKD, execution sub-device, the execution sub-device comprising:
the receiving module is used for receiving control parameters sent by the local QKD control sub-device, wherein the control parameters comprise an identifier of a target quantum hardware device, a target QKD protocol type and target key processing parameters;
a quantum hardware module, including multiple quantum hardware devices, configured to invoke, from among the multiple quantum hardware devices, a target quantum hardware device identified by an identifier of the target quantum hardware device according to the identifier of the target quantum hardware device, and generate data corresponding to the target QKD protocol type;
a protocol adaptation module, including a plurality of QKD protocol types, for selecting the target QKD protocol type from the plurality of QKD protocol types;
and the key processing module is used for calling a target key processing logic according to the target key processing parameter and processing the data to obtain the quantum key.
Optionally, the target key processing parameters include a target basis vector comparison algorithm, a target error correction algorithm, a target privacy enhancement algorithm, and a target verification algorithm, and the key processing module includes:
the base vector comparison unit is used for comparing the base vectors of the data by using a base vector comparison logic corresponding to the target base vector comparison algorithm to obtain first data;
the error correction unit comprises a plurality of error correction logics and is used for calling the error correction logics corresponding to the target error correction algorithm and carrying out key error correction on the first data to obtain second data;
the security enhancement unit comprises a plurality of security enhancement logics and is used for calling the security enhancement logics corresponding to the target security enhancement algorithm and carrying out security enhancement on the second data to obtain third data;
and the key verification unit comprises various verification logics and is used for calling the verification logic corresponding to the target verification algorithm and carrying out key verification on the third data to obtain a quantum key.
Optionally, the executing sub-device further includes:
and the key management module is used for carrying out key management operation on the generated quantum key, and the key management operation comprises key information inquiry, key encryption storage and key encryption output.
A quantum key distribution QKD device, comprising:
a QKD control sub-device as described above, and at least one QKD execution sub-device as described above.
A quantum key distribution QKD system, comprising:
and two QKD devices as described above, one of the QKD devices serves as a local QKD device, and the other one serves as an opposite-end QKD device.
According to the technical scheme, the method has the following beneficial effects:
each QKD device of the QKD system includes a QKD control sub-device and at least one QKD execution sub-device. The QKD execution sub-device provides a plurality of quantum hardware devices. The QKD execution sub-device receives the control parameters sent by the QKD control sub-device, calls the target quantum hardware device from the plurality of quantum hardware devices according to the control parameters to generate data corresponding to the target QKD protocol type, and calls the target key processing logic to process the data according to the target key processing parameters in the control parameters to generate the quantum key. The QKD execution sub-device provides multiple quantum hardware devices that can meet the user's requirements for quantum keys generated based on different physical implementation principles. And the QKD control sub-device can control the QKD execution sub-device to call the required quantum hardware device and generate the required quantum key. Based on the QKD control sub-equipment and the QKD execution sub-equipment, the QKD technical scheme realizes the separation of control logic and hardware, has good flexibility and high expansibility, and is suitable for the diversified requirements of users.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a QKD control method provided in an embodiment of the present application;
fig. 2 is a flowchart of a QKD execution method provided by an embodiment of the present application;
fig. 3 is a schematic structural diagram of a QKD control sub-device provided in an embodiment of the present application;
fig. 4 is a schematic structural diagram of a QKD execution sub-device provided in an embodiment of the present application;
fig. 5 is a schematic structural diagram of a QKD device provided by an embodiment of the present application;
fig. 6 is a schematic structural diagram of a QKD system according to an embodiment of the present application.
Detailed Description
In order to provide an implementation scheme of a QKD technology with good flexibility and high expansibility, embodiments of the present application provide a method, an apparatus, and a system for controlling QKD, and the embodiments provided by the present application are described below with reference to drawings of the specification.
The existing QKD system includes two QKD devices, each QKD device has a quantum hardware device, and the QKD protocol types supported by the quantum hardware devices and the adopted quantum key post-processing algorithm are pre-configured and fixed, i.e., the processing logic is adapted to the hardware implementation. When the processing logic changes, the hardware needs to be reset for realization; when the hardware implementation changes, the processing logic also needs to be reset adaptively. The QKD system has the advantages of structural solidification, poor flexibility and small expansion space. Moreover, each QKD device can only adopt one quantum hardware device, that is, only one quantum key generated based on one physical implementation principle can be provided, and when a user needs a quantum key generated based on different physical implementation principles, a plurality of QKD systems need to be purchased, and a single QKD system cannot meet the diversified requirements of the user.
In order to solve the above problems, in the embodiments provided by the present application, each QKD device of the QKD system provides a plurality of quantum hardware devices, a QKD protocol type applicable to each quantum hardware device, and a plurality of key processing logics. The QKD equipment separates the control logic from the hardware, the QKD control sub-equipment realizes the control logic, one quantum hardware equipment is selected from a plurality of quantum hardware equipment provided by the QKD execution sub-equipment as a target quantum hardware equipment, and a target QKD protocol type adaptive to the target quantum hardware equipment, a target key processing parameter and the like are obtained to generate a control parameter. And the QKD execution sub-equipment calls corresponding target quantum hardware equipment by using the control parameter to generate data corresponding to the target QKD protocol type, calls a target key processing logic according to the target key processing parameter, and processes the data to obtain the quantum key. The QKD control sub-device can control the QKD execution sub-device, and different quantum hardware devices are adopted to generate different types of quantum keys based on different physical realization principles. The QKD system provided by the embodiment of the application has the advantages of good flexibility and high expansibility, and is suitable for diversified requirements of users.
Example one
The technical solution provided in the present application is explained in detail below. The technical solution provided by the first embodiment is mainly to describe the technical solution provided by one QKD device in the QKD system.
Fig. 1 is a flowchart of a QKD control method provided in an embodiment of the present application, including:
101: the QKD control sub-device selects an identifier of a target quantum hardware device, and the target quantum hardware device is one quantum hardware device of a plurality of quantum hardware devices provided by the local QKD execution sub-device.
102: the QKD control sub-device selects one QKD protocol type as a target QKD protocol type from a plurality of QKD protocol types applicable to the target quantum hardware device.
A QKD device in a QKD system includes a QKD control sub-device and at least one QKD execution sub-device. Each QKD execution sub-device provides a plurality of quantum hardware devices, each of which differs in the physical implementation principles upon which data is generated. Each quantum hardware device comprises an optical hardware device and an encoding device or a decoding device adaptive to the optical hardware device, and the adaptive encoding device or decoding device is different when the optical hardware devices adopted in each quantum hardware device are different. When the QKD equipment is the sending-end QKD equipment, the encoding equipment is adopted; when the QKD device is a receiving-end QKD device, a decoding device is adopted.
For example, when the quantum hardware device adopts an optical hardware device of a discrete polarization mode, a discrete polarization encoding device or a discrete polarization decoding device is adopted; when the quantum hardware equipment adopts the optical hardware equipment in a discrete phase mode, discrete phase coding equipment or decoding equipment is adopted; when the quantum hardware equipment adopts continuous variable optical hardware equipment, continuous variable coding equipment or decoding equipment is adopted; when the quantum hardware Device adopts an optical hardware Device of a measuring Device-Independent (MDI) mode, an MDI coding Device or a decoding Device, etc. is adopted.
Although the QKD execution sub-device can provide a plurality of quantum hardware devices based on different physical implementation principles, the QKD control sub-device can only control the QKD execution sub-device to call one quantum hardware device to generate a quantum key based on one physical implementation principle each time a quantum key is generated. In order to generate the quantum key, not only a quantum hardware device needs to be selected, but also a QKD protocol type supported by the quantum hardware device needs to be selected, so as to ensure that a plurality of hardware devices generating the quantum key are matched with each other, and also ensure that the execution logic generating the quantum key is matched with the hardware devices. The selected quantum hardware device is a target quantum hardware device, and the QKD protocol type selected from the multiple QKD protocol types supported by the target quantum hardware device is the target QKD protocol type.
The QKD system comprises two QKD devices, one QKD control sub-device, a QKD execution sub-device belonging to the same QKD device, and a local QKD execution sub-device for the QKD control sub-device; the QKD execution sub-device that does not belong to the same QKD device as the QKD control sub-device, is the QKD execution sub-device for the opposite end of the QKD control sub-device.
For a QKD control sub-device, a hardware configuration module may be separately provided for managing the plurality of quantum hardware devices provided by each local QKD execution sub-device of the QKD control sub-device. In specific implementation, a quantum hardware device list is maintained for each local QKD execution sub-device, and the quantum hardware device list includes the identifier of each quantum hardware device in the local QKD execution sub-device. The identification of the quantum hardware device may characterize the physical implementation principle on which the quantum hardware device is based.
And after the QKD control sub-device selects the identifier of the target quantum hardware device, namely the optical hardware device and the encoding device adopted when the QKD execution sub-device generates the quantum key are determined.
After the QKD control sub-device selects the identifier of the target quantum hardware device, it is further necessary to obtain a QKD protocol type applicable to the target quantum hardware device. Generally, there are many QKD protocol types suitable for one quantum hardware device, and one QKD protocol type may be selected as a target QKD protocol type according to actual needs. In a specific implementation, the QKD control sub-device may further maintain a QKD protocol matching module, where the QKD protocol matching module is configured to manage various QKD protocol types provided by each local QKD execution sub-device of the QKD control sub-device. In specific implementation, a QKD protocol type list is maintained for each local QKD execution sub-device, where the QKD protocol type list includes QKD protocol types supported in the local QKD execution sub-device.
For example, the following steps are carried out: the QKD protocol types include BB84 protocol, B92 protocol, SARG04 protocol, COW protocol and the like.
103: and the QKD control sub-equipment selects a target key processing parameter, and the target key processing parameter is used for calling a target key processing logic and processing the data generated by the target quantum hardware equipment to generate a quantum key.
The QKD control sub-device also needs to select target key processing parameters, which include a target basis vector comparison algorithm, a target error correction algorithm, a target privacy enhancement algorithm, and a target verification algorithm.
The local QKD execution sub-device may provide a plurality of basis vector comparison logics, each basis vector comparison logic corresponding to a basis vector comparison algorithm. The QKD control sub-device may further maintain a basis vector comparison management module, where the basis vector comparison management module is configured to manage basis vector comparison algorithms provided by each local QKD execution sub-device of the QKD control sub-device. And selecting one of the basis vector comparison algorithms provided by the local QKD execution sub-equipment as a target basis vector comparison algorithm.
The local QKD execution sub-device may provide a plurality of key error correction logics, one for each key error correction algorithm. A key error correction management module may also be maintained in the QKD control sub-device, the key error correction management module being configured to manage various key error correction algorithms provided by respective local QKD execution sub-devices of the QKD control sub-device. One key error correction algorithm is selected as a target error correction algorithm from various key error correction algorithms provided by the local QKD execution sub-device. For example, the key error correction algorithm includes a Cascade algorithm, a Winnow algorithm, an LDPC code algorithm, a Polar code algorithm, and the like.
Similarly, the local QKD execution sub-device may provide a plurality of privacy enhancement logic, one for each privacy enhancement algorithm. A privacy enhancement management module may also be maintained in the QKD control sub-device, the privacy enhancement management module being configured to manage the various privacy enhancement algorithms provided by the respective local QKD execution sub-devices of the QKD control sub-device. One of the privacy-enhancing algorithms provided by the local QKD execution sub-device is selected as the target privacy-enhancing algorithm. For example, the privacy enhancement algorithm includes a privacy enhancement algorithm based on a Toeplitz matrix, a privacy enhancement algorithm based on an FFT, a Hash algorithm, and the like.
Similarly, the local QKD execution sub-device may provide multiple key verification logics, one for each key verification algorithm. A key check management module may also be maintained in the QKD control sub-device, the key check management module being configured to manage various key check algorithms provided by various local QKD execution sub-devices of the QKD control sub-device. One key verification algorithm is selected as a target verification algorithm from various key verification algorithms provided by the local QKD execution sub-device.
It should be noted that the content of the hardware matching module, the QKD protocol matching module, the basis vector comparison management module, the key error correction management module, the privacy enhancement management module, and the key verification management module maintained in the QKD control sub-device may change with the change of the function provided by the QKD execution sub-device.
For example, if the quantum hardware device provided by the QKD execution sub-device is increased, the identification adaptability of the quantum hardware device maintained in the hardware matching module is increased; if the number of quantum hardware devices is reduced, the identification adaptability of the quantum hardware devices maintained in the hardware matching module is reduced; and if the quantum hardware equipment is changed, the identification adaptability of the quantum hardware equipment maintained in the hardware matching module is changed. Other module changes are similar and are not described in detail here.
It should be noted here that, for the target QKD protocol type, the target basis vector comparison algorithm, the target error correction algorithm, the target privacy enhancement algorithm, and the target verification algorithm, when selecting the above parameters, a parameter that is adapted to the target quantum hardware device may be selected arbitrarily; the parameters corresponding to the target quantum hardware device can also be displayed to a user, and the parameters are selected based on the selection operation of the user on each parameter. The specific implementation manner is specifically set according to actual needs, and is not limited here.
104: and the QKD control sub-equipment generates control parameters according to the identification of the target quantum hardware equipment, the target QKD protocol type and the target key processing parameters, sends the control parameters to the local QKD execution sub-equipment and controls the local QKD execution sub-equipment to generate the quantum key.
The QKD control sub-device generates control parameters according to the identification of the target quantum hardware device, the target QKD protocol type and the target key processing parameters, wherein the control parameters comprise the identification of the target quantum hardware device, the target QKD protocol type and the target key processing parameters, and also comprise system frequency, a synchronization mode, synchronization frequency and other parameters which are adaptive to the QKD system.
And after the QKD control sub-device generates the control parameters, the control parameters are sent to the local QKD execution sub-device, and the QKD execution sub-device is controlled to generate the quantum key. Meanwhile, the QKD control sub-device also sends the control parameters to the opposite-end QKD control sub-device, the opposite-end QKD control sub-device sends the control parameters to the opposite-end QKD execution sub-device, and the opposite-end QKD execution sub-device is controlled to generate the quantum key according to the control parameters.
It can be understood that in the process of generating the quantum key, the QKD execution sub-devices of two QKD devices in one QKD system are required, and the adopted target quantum hardware devices are the same based on the same physical implementation principle, the target QKD protocol type, the target basis vector comparison algorithm, the target error correction algorithm, the target privacy enhancement algorithm and the target verification algorithm, so that an effective quantum key can be generated. Therefore, after the control parameters are generated by the QKD control sub-device in one QKD device, the control parameters are sent to the opposite-end QKD control sub-device, and the opposite-end QKD control sub-device does not need to be repeatedly generated.
Wherein, 101: there are at least two possible implementations of the QKD control sub-device in selecting the identity of the target quantum hardware device, described in detail below.
QKDAnd the control sub-equipment selects the identifier of the target quantum hardware equipment.
The first implementation mode comprises the following steps:
displaying identifications of a plurality of quantum hardware devices provided by the local QKD execution sub-device;
in response to a user selection operation from the identities of the plurality of quantum hardware devices, an identity of a target quantum hardware device is obtained.
And (3) in the QKD system, each QKD device adopts a quantum hardware device based on which physical realization principle, namely, the adopted target quantum hardware device is determined through the user-line negotiation. For one QKD device, a QKD execution sub-device in the QKD device displays the identifications of a plurality of quantum hardware devices provided by a local QKD execution sub-device, a user performs selection operation on a display interface provided by the QKD execution sub-device, the identification of one quantum hardware device is selected from the displayed identifications of the plurality of quantum hardware devices, and the QKD execution sub-device responds to the selection operation of the user and takes the identification of the quantum hardware device selected by the user as the identification of a target quantum hardware device.
In a specific implementation, the QKD execution sub-device may provide a drop-down list, where the drop-down list may display the identifiers of multiple quantum hardware devices, and the user selects the negotiated identifier of the quantum hardware device from the drop-down list as the identifier of the target quantum hardware device. The QKD execution sub-devices in the two QKD devices in the QKD system may both select the identification of the target quantum hardware device in the manner described above, ensuring that the two QKD devices in the QKD system employ quantum hardware devices based on the same physical implementation principle.
The second implementation mode comprises the following steps:
acquiring identifiers of a plurality of quantum hardware devices provided by an opposite-end QKD execution sub-device, wherein the opposite-end QKD execution sub-device is an opposite-end device which is communicated with a local QKD execution sub-device by adopting a quantum key distribution network in a QKD system;
extracting the identifiers of quantum hardware equipment shared by the local QKD execution sub-equipment and the opposite-end QKD execution sub-equipment;
and selecting the identification of one quantum hardware device from the identifications of the shared quantum hardware devices as the identification of the target quantum hardware device.
In a QKD system that includes two QKD devices, the QKD control sub-device in one QKD device communicates with the control sub-device in the opposite QKD device using the internet. Therefore, the peer-side QKD control sub-device sends, to the QKD control sub-device, the identifications of the multiple quantum hardware devices, which can characterize the multiple quantum hardware devices that the peer-side QKD execution sub-device can provide. The QKD execution sub-device at the opposite end is a QKD execution sub-device which does not belong to the same QKD device as the QKD control sub-device in the QKD system. The opposite-end QKD control sub-device and the opposite-end QKD execution sub-device belong to the same QKD device.
After the QKD control sub-device obtains the identifications of the quantum hardware devices provided by the QKD execution sub-device at the opposite end, the identifications of the quantum hardware devices can represent the physical realization principle on which the quantum hardware devices are based. Because the quantum hardware devices based on the same physical realization principle have the same identifier, the QKD control sub-device determines the quantum hardware devices supported by the local QKD execution sub-device and the opposite-end QKD execution sub-device according to the identifiers of the plurality of quantum hardware devices sent by the opposite-end QKD control sub-device, and takes the identifiers of the quantum hardware devices supported by the local QKD execution sub-device and the opposite-end QKD execution sub-device as the identifiers of the shared quantum hardware devices. The identification of the shared quantum hardware device may be one or more. The QKD control sub-device selects the identity of one quantum hardware device from the identities of the shared quantum hardware devices as the identity of the target quantum hardware device.
Compared with the second implementation mode, the first implementation mode is that user-off negotiation is performed, and the user executes selection operation according to the negotiation result to realize selection of the identifier of the target quantum hardware equipment; the second implementation is negotiation between two QKD devices in the QKD system, and the selection of the identifier of the target quantum hardware device is automatically implemented. Compared with the first implementation mode, the second implementation mode is high in implementation speed, reduces manual intervention and reduces operation complexity.
After the QKD control sub-device generates the control parameters, it sends the control parameters to the QKD execution sub-device, which generates the quantum key according to the control parameters, as described in detail below.
Fig. 2 is a flowchart of a QKD execution method provided by an embodiment of the present invention, including:
201: the QKD execution sub-device receives control parameters sent by the local QKD control sub-device, including an identification of the target quantum hardware device, the target QKD protocol type, and target key processing parameters.
202: and the QKD execution sub-device calls the target quantum hardware device identified by the identification of the target quantum hardware device from a plurality of quantum hardware devices according to the identification of the target quantum hardware device to generate data corresponding to the target QKD protocol type.
203: and the QKD execution sub-equipment calls a target key processing logic according to the target key processing parameters to process the data to obtain the quantum key.
The QKD execution sub-equipment is provided with a plurality of quantum hardware equipment, and the physical realization principle of each quantum hardware equipment is different; the system also provides processing logics of various QKD protocol types, various basis vector comparison logics, various key error correction logics, various privacy enhancement logics and various key verification logics. QKD performs the above-described functions provided by the sub-devices and can be combined to generate quantum keys based on different physical implementation principles. The QKD control sub-device controls the QKD execution sub-device, and combines various provided functional adaptability to generate quantum keys based on different physical implementation principles.
And the QKD execution sub-equipment calls the quantum hardware equipment identified by the identification of the target quantum hardware equipment according to the identification of the target quantum hardware equipment in the control parameters to generate data corresponding to the target QKD protocol type in the control parameters, wherein the data comprises base vector related data and original key data.
If the QKD execution sub-device belongs to the sending-end QKD device, the vector-related data and the original key data are both randomly generated data. In a target quantum hardware device of the QKD execution sub-device, the optical hardware device is configured to provide a light source, and the encoding device encodes an optical signal output by the light source according to the basis vector related data and the original key data, and transmits the encoded optical signal.
If the QKD execution sub-device belongs to a receiving end QKD device, the vector related data in the data is randomly generated, and the original key data is obtained by receiving an optical signal sent by an opposite end QKD execution sub-device by a target quantum hardware device. In the target quantum hardware device of the QKD execution sub-device, the decoding device receives and decodes the optical signal according to the basis vector related data, and performs photoelectric conversion on the decoded optical signal to obtain original key data. The physical realization principle of the quantum hardware device called by the QKD execution sub-device and the corresponding QKD execution sub-device is the same.
And then, the QKD execution sub-equipment calls a target key processing logic according to target key processing parameters to process the data, wherein the target key processing parameters comprise a target basis vector comparison algorithm, a target error correction algorithm, a target privacy enhancement algorithm and a target verification algorithm, and then the QKD execution sub-equipment sequentially performs basis vector comparison, key error correction, privacy enhancement and key verification on the data. In the above processing procedure, the QKD execution sub-device communicates with the QKD execution sub-device at the opposite end by using the internet, and the above processing is executed at the same time, and finally the quantum key is obtained. In the above processing procedures, the QKD execution sub-device and the QKD execution sub-device at the opposite end are all based on the same control parameters, and therefore, the processing logics adopted are the same.
And transmitting the relative data of the base vectors between the QKD executing sub-equipment and the QKD executing sub-equipment at the opposite end by adopting the base vector comparison logic corresponding to the target base vector comparison algorithm, and performing base vector comparison processing, so as to obtain first data, namely screening key data, from the original key data.
The QKD execution sub-device provides various error correction logics, when key error correction is carried out on the first data, according to the control parameters, the error correction logics corresponding to the target error correction algorithm are called from the various error correction logics, and the key error correction is carried out on the first data to obtain second data.
Similarly, the QKD execution sub-device also provides a plurality of security enhancement logics, and when performing security enhancement on the second data, according to the control parameters, the security enhancement logics corresponding to the target security enhancement algorithm are called from the provided plurality of security enhancement logics, and the second data is subjected to security enhancement to obtain third data.
Similarly, the QKD execution sub-device also provides various key verification logics, when the key verification is carried out on the third data, the key verification logic corresponding to the target verification algorithm is called from the various key verification logics according to the control parameters, and the key verification is carried out on the third data to obtain the fourth data.
It can be understood that, at the same time, the QKD execution sub-device in the opposing QKD device of the QKD system also processes the data using the same basis vector comparison logic, error correction logic, privacy enhancement logic, and key verification logic to obtain the quantum key.
In one example, the QKD execution sub-device generates a state table during generation of the quantum key, and feeds the state table back to the QKD control sub-device belonging to the same QKD device. The QKD control sub-device receives the state table and thus knows the operational conditions of the QKD execution sub-device in the process of generating the quantum key. For example: the QKD execution sub-device generates the quantum key, and the state table comprises counting rate, coding rate, error rate, key amount, abnormal information and the like. In addition, quantum hardware devices provided by the QKD execution sub-device, QKD protocol types, basis vector comparison algorithms, key error correction algorithms, privacy enhancement algorithms, key verification algorithms and other related information can be fed back to the QKD control sub-device through the state table.
The QKD control sub-device maintains a process management module, processes a state table fed back by the QKD execution sub-device, and monitors the operation condition of the QKD execution sub-device in real time.
In one example, the QKD control sub-device also maintains a QKD management module that can implement the following functions: firstly, a storage method, an encryption method and a key classification and classification method adopted by the QKD execution sub-device for the generated quantum key are managed; and secondly, setting the authority of the user to use the quantum key.
Similarly, the QKD execution sub-device maintains a key management module that can provide the following functions: firstly, a storage method, an encryption method and a key classification and grading method of the sub-device configuration are executed according to QKD, and generated quantum keys are classified, graded and encrypted for storage; and secondly, authenticating the user, providing quantum key service for the user after the authentication is passed, and encrypting and outputting the quantum key.
From the above, the embodiments of the present application have the following advantages:
the QKD execution sub-device provides a plurality of quantum hardware devices and a QKD protocol type suitable for each quantum hardware device, and can meet the requirements of users on quantum keys generated based on different physical implementation principles. And the QKD control sub-device can control the quantum hardware device and the QKD protocol type required by triggering the QKD execution sub-device to generate required quantum data. Based on the QKD control sub-equipment and the QKD execution sub-equipment, the QKD technical scheme realizes the separation of control logic and hardware, has good flexibility and high expansibility, and is suitable for the diversified requirements of users.
Fig. 3 is a schematic structural diagram of a QKD control sub-device provided in an embodiment of the present invention, including:
the hardware matching module 301 is configured to select an identifier of a target quantum hardware device, where the target quantum hardware device is one of multiple quantum hardware devices provided by the local QKD execution sub-device.
A QKD protocol matching module 302 for selecting one QKD protocol type from a plurality of QKD protocol types applicable to the target quantum hardware device as a target QKD protocol type.
And the parameter selection module 303 is configured to select a target key processing parameter, where the target key processing parameter is used to invoke a target key processing logic, and process data generated by the target quantum hardware device to generate a quantum key.
A control module 304, configured to generate a control parameter according to the identifier of the target quantum hardware device, the target QKD protocol type, and the target key processing parameter, send the control parameter to the local QKD execution sub-device, and control the local QKD execution sub-device to generate a quantum key.
In one example, the hardware fitting module 301 includes:
a display unit for displaying the identifications of the plurality of quantum hardware devices provided by the local QKD execution sub-device;
a response unit, configured to obtain an identification of the target quantum hardware device in response to a user selection operation from the identifications of the plurality of quantum hardware devices.
In one example, the hardware fitting module 301 includes:
an obtaining unit, configured to obtain identifiers of multiple quantum hardware devices provided by an opposite-end QKD execution sub-device, where the opposite-end QKD execution sub-device is an opposite-end device in a QKD system, and communicates with the local QKD execution sub-device through a quantum key distribution network;
an extracting unit, configured to extract an identifier of a quantum hardware device shared by the local QKD execution sub-device and the peer QKD execution sub-device;
and the selection unit is used for selecting the identifier of one quantum hardware device from the identifiers of the shared quantum hardware devices as the identifier of the target quantum hardware device.
In one example, the control sub-apparatus further includes:
and the state monitoring module is used for receiving a state table fed back by the local QKD execution sub-device, and the state table is used for representing the operation condition of the local QKD execution sub-device in the process of generating the quantum key.
The QKD control sub-device shown in fig. 3 is a sub-device corresponding to the QKD control method shown in fig. 1, and the specific implementation manner is similar to the method shown in fig. 1, and reference is made to the description in the method shown in fig. 1, which is not described again here.
Fig. 4 is a schematic structural diagram of a QKD execution sub-device provided in an embodiment of the present invention, including:
and the receiving module 401 is configured to receive the control parameters sent by the local QKD control sub-device, where the control parameters include an identifier of the target quantum hardware device, a target QKD protocol type, and target key processing parameters.
A quantum hardware module 402, where the quantum hardware module includes a plurality of quantum hardware devices, and is configured to invoke, from among the plurality of quantum hardware devices, a target quantum hardware device identified by the identifier of the target quantum hardware device according to the identifier of the target quantum hardware device, and generate data corresponding to the target QKD protocol type.
A protocol adaptation module 403, which includes a plurality of QKD protocol types, for selecting the target QKD protocol type from the plurality of QKD protocol types.
And a key processing module 404, configured to invoke a target key processing logic according to the target key processing parameter, and process the data to obtain a quantum key.
In one example, the target key processing parameters include a target basis vector comparison algorithm, a target error correction algorithm, a target privacy enhancement algorithm, and a target verification algorithm, and the key processing module 404 includes:
the base vector comparison unit is used for comparing the base vectors of the data by using a base vector comparison logic corresponding to the target base vector comparison algorithm to obtain first data;
the error correction unit comprises a plurality of error correction logics and is used for calling the error correction logics corresponding to the target error correction algorithm and carrying out key error correction on the first data to obtain second data;
the security enhancement unit comprises a plurality of security enhancement logics and is used for calling the security enhancement logics corresponding to the target security enhancement algorithm and carrying out security enhancement on the second data to obtain third data;
and the key verification unit comprises various verification logics and is used for calling the verification logic corresponding to the target verification algorithm and carrying out key verification on the third data to obtain a quantum key.
In one example, the execution sub-device further includes:
and the key management module is used for carrying out key management operation on the generated quantum key, and the key management operation comprises key information inquiry, key encryption storage and key encryption output.
The QKD execution sub-device shown in fig. 4 is a sub-device corresponding to the QKD execution method shown in fig. 2, and the specific implementation manner is similar to the method shown in fig. 2, and reference is made to the description in the method shown in fig. 2, which is not described again here.
Fig. 5 is a QKD device provided by an embodiment of the present invention, including:
a QKD control sub-device 501 shown in fig. 3, and at least one QKD execution sub-device 502 shown in fig. 4.
The QKD device shown in fig. 5 is a device corresponding to the method shown in fig. 1 and 2, the specific implementation is similar to the method shown in fig. 1 and 2, and reference is made to the description in the method shown in fig. 1 and 2, which is not repeated here.
Fig. 6 is a QKD system provided by an embodiment of the present invention, including:
two QKD devices are shown in fig. 5, one as a local QKD device 601 and the other as a peer QKD device 602.
When the local QKD equipment is used as the sending-end QKD equipment, the opposite-end QKD equipment is used as the receiving-end QKD equipment; correspondingly, when the local QKD device is used as the receiving-end QKD device, the opposite-end QKD device is used as the sending-end QKD device.
And the sending end QKD equipment randomly generates basis vector related data and original key data by utilizing target quantum hardware equipment in the execution sub-equipment of the sending end QKD equipment, encodes the optical signal according to the basis vector related data and the original key data, and sends the encoded optical signal to the receiving end QKD equipment. And a target quantum hardware device in the execution sub-device of the receiving end QKD device randomly generates basis vector related data, receives and decodes an optical signal sent by the sending end QKD device according to the basis vector related data, and performs photoelectric conversion on the decoded optical signal to obtain original key data.
The foregoing is only a preferred embodiment of the present application and it should be noted that those skilled in the art can make several improvements and modifications without departing from the principle of the present application, and these improvements and modifications should also be considered as the protection scope of the present application.

Claims (16)

1. A quantum key distribution QKD control method applied to a QKD control sub-device, the method comprising:
selecting an identifier of a target quantum hardware device, wherein the target quantum hardware device is one of a plurality of quantum hardware devices provided by a local QKD execution sub-device; one of the QKD control sub-devices, and at least one of the local QKD execution sub-devices constitute a QKD device; each quantum hardware device comprises an optical hardware device and an encoding device or a decoding device which is matched with the optical hardware device; the physical realization principles of different kinds of quantum hardware devices are different;
selecting one QKD protocol type as a target QKD protocol type from a plurality of QKD protocol types suitable for the target quantum hardware equipment;
selecting a target key processing parameter, wherein the target key processing parameter is used for calling a target key processing logic and processing data generated by the target quantum hardware equipment to generate a quantum key;
and generating a control parameter according to the identification of the target quantum hardware device, the target QKD protocol type and the target key processing parameter, sending the control parameter to the local QKD execution sub-device, and controlling the local QKD execution sub-device to generate a quantum key.
2. The method of claim 1, wherein the selecting the identity of the target quantum hardware device comprises:
displaying identifications of a plurality of quantum hardware devices provided by the local QKD execution sub-device;
obtaining an identification of the target quantum hardware device in response to a user selection operation from the identifications of the plurality of quantum hardware devices.
3. The method of claim 1, wherein the selecting the identity of the target quantum hardware device comprises:
acquiring identifiers of a plurality of quantum hardware devices provided by an opposite-end QKD execution sub-device, wherein the opposite-end QKD execution sub-device is an opposite-end device which communicates with the local QKD execution sub-device by adopting a quantum key distribution network in a QKD system;
extracting the identifier of the quantum hardware device shared by the local QKD execution sub-device and the opposite-end QKD execution sub-device;
and selecting the identifier of one quantum hardware device from the identifiers of the shared quantum hardware devices as the identifier of the target quantum hardware device.
4. The method according to any one of claims 1-3, further comprising:
and receiving a state table fed back by the local QKD execution sub-device, wherein the state table is used for representing the operation condition of the local QKD execution sub-device in the process of generating the quantum key.
5. A quantum key distribution QKD execution method applied to a QKD execution sub-device, the method comprising:
receiving control parameters sent by the local QKD control sub-equipment, wherein the control parameters comprise an identifier of target quantum hardware equipment, a target QKD protocol type and target key processing parameters; one of the local QKD control sub-devices, and at least one of the QKD execution sub-devices constitute a QKD device;
calling the target quantum hardware equipment identified by the identification of the target quantum hardware equipment from a plurality of quantum hardware equipment according to the identification of the target quantum hardware equipment to generate data corresponding to the target QKD protocol type; each quantum hardware device comprises an optical hardware device and an encoding device or a decoding device which is matched with the optical hardware device; the physical realization principles of different kinds of quantum hardware devices are different;
and calling a target key processing logic according to the target key processing parameter, and processing the data to obtain a quantum key.
6. The method of claim 5, wherein the target key processing parameters comprise a target basis vector comparison algorithm, a target error correction algorithm, a target privacy enhancement algorithm, and a target verification algorithm, and the invoking a target key processing logic according to the target key processing parameters to process the data to obtain a quantum key comprises:
performing basis vector comparison on the data by using basis vector comparison logic corresponding to the target basis vector comparison algorithm to obtain first data;
calling error correction logic corresponding to the target error correction algorithm, and performing key error correction on the first data to obtain second data;
calling a security enhancement logic corresponding to the target security enhancement algorithm, and performing security enhancement on the second data to obtain third data;
and calling a verification logic corresponding to the target verification algorithm, and performing key verification on the third data to obtain a quantum key.
7. The method according to any one of claims 5-6, further comprising:
and carrying out key management operation on the generated quantum key, wherein the key management operation comprises key information inquiry, key encryption storage and key encryption output.
8. A quantum key distribution QKD control sub-device, the control sub-device comprising:
the hardware selection module is used for selecting an identifier of a target quantum hardware device, wherein the target quantum hardware device is one of a plurality of quantum hardware devices provided by a local QKD execution sub-device; one of the QKD control sub-devices, and at least one of the local QKD execution sub-devices constitute a QKD device; each quantum hardware device comprises an optical hardware device and an encoding device or a decoding device which is matched with the optical hardware device; the physical implementation principles of the quantum hardware devices of different kinds are different;
the QKD protocol matching module is used for selecting one QKD protocol type from multiple QKD protocol types suitable for the target quantum hardware equipment as a target QKD protocol type;
the parameter selection module is used for selecting a target key processing parameter, wherein the target key processing parameter is used for calling a target key processing logic and processing data generated by the target quantum hardware equipment to generate a quantum key;
and the control module is used for generating control parameters according to the identification of the target quantum hardware equipment, the target QKD protocol type and the target key processing parameters, sending the control parameters to the local QKD execution sub-equipment and controlling the local QKD execution sub-equipment to generate a quantum key.
9. The control sub-device of claim 8, wherein the hardware fitting module comprises:
a display unit for displaying the identifications of the plurality of quantum hardware devices provided by the local QKD execution sub-device;
a response unit, configured to obtain an identification of the target quantum hardware device in response to a selection operation by a user from the identifications of the multiple quantum hardware devices.
10. The control sub-device of claim 8, wherein the hardware fitting module comprises:
an obtaining unit, configured to obtain identifiers of multiple quantum hardware devices provided by an opposite-end QKD execution sub-device, where the opposite-end QKD execution sub-device is an opposite-end device in a QKD system, and communicates with the local QKD execution sub-device through a quantum key distribution network;
an extracting unit, configured to extract an identifier of a quantum hardware device shared by the local QKD execution sub-device and the peer QKD execution sub-device;
and the selection unit is used for selecting the identifier of one quantum hardware device from the identifiers of the shared quantum hardware devices as the identifier of the target quantum hardware device.
11. The control sub-device according to any one of claims 8-10, characterized in that the control sub-device further comprises:
and the state monitoring module is used for receiving a state table fed back by the local QKD execution sub-device, and the state table is used for representing the operation condition of the local QKD execution sub-device in the process of generating the quantum key.
12. A quantum key distribution, QKD, execution sub-device, the execution sub-device comprising:
the receiving module is used for receiving control parameters sent by the local QKD control sub-device, wherein the control parameters comprise an identifier of a target quantum hardware device, a target QKD protocol type and target key processing parameters; one of the local QKD control sub-devices, and at least one of the QKD execution sub-devices constitute a QKD device;
the quantum hardware module comprises a plurality of quantum hardware devices and is used for calling the target quantum hardware device identified by the identification of the target quantum hardware device from the plurality of quantum hardware devices according to the identification of the target quantum hardware device and generating data corresponding to the target QKD protocol type; each quantum hardware device comprises an optical hardware device and an encoding device or a decoding device which is matched with the optical hardware device; the physical realization principles of different kinds of quantum hardware devices are different;
a protocol adaptation module comprising a plurality of QKD protocol types for selecting the target QKD protocol type from the plurality of QKD protocol types;
and the key processing module is used for calling a target key processing logic according to the target key processing parameter and processing the data to obtain the quantum key.
13. The performing sub-device of claim 12, wherein the target key processing parameters comprise a target basis vector comparison algorithm, a target error correction algorithm, a target privacy enhancement algorithm, and a target verification algorithm, and the key processing module comprises:
the base vector comparison unit is used for comparing the base vectors of the data by using a base vector comparison logic corresponding to the target base vector comparison algorithm to obtain first data;
the error correction unit comprises a plurality of error correction logics and is used for calling the error correction logics corresponding to the target error correction algorithm and carrying out key error correction on the first data to obtain second data;
the security enhancement unit comprises a plurality of security enhancement logics and is used for calling the security enhancement logics corresponding to the target security enhancement algorithm and carrying out security enhancement on the second data to obtain third data;
and the key verification unit comprises various verification logics and is used for calling the verification logic corresponding to the target verification algorithm and carrying out key verification on the third data to obtain a quantum key.
14. The execution sub-device of any of claims 12-13, wherein the execution sub-device further comprises:
and the key management module is used for carrying out key management operation on the generated quantum key, and the key management operation comprises key information inquiry, key encryption storage and key encryption output.
15. A quantum key distribution QKD device, comprising:
the QKD control sub-device of any of claims 8-11, and at least one QKD execution sub-device of any of claims 12-14.
16. A quantum key distribution QKD system, comprising:
the QKD devices of claim 15, one as a local QKD device and the other as a peer QKD device.
CN201710882423.4A 2017-09-26 2017-09-26 QKD method, device and system Active CN109560917B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710882423.4A CN109560917B (en) 2017-09-26 2017-09-26 QKD method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710882423.4A CN109560917B (en) 2017-09-26 2017-09-26 QKD method, device and system

Publications (2)

Publication Number Publication Date
CN109560917A CN109560917A (en) 2019-04-02
CN109560917B true CN109560917B (en) 2022-06-17

Family

ID=65862114

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710882423.4A Active CN109560917B (en) 2017-09-26 2017-09-26 QKD method, device and system

Country Status (1)

Country Link
CN (1) CN109560917B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113395158B (en) * 2021-08-18 2022-01-18 北京中创为南京量子通信技术有限公司 Message authentication key generation method and device and message authentication system
CN114448620B (en) * 2022-01-07 2023-10-03 南京邮电大学 Service path selection method of multi-protocol quantum key distribution network and related equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104518866A (en) * 2013-09-30 2015-04-15 安徽量子通信技术有限公司 QKD (quantum key distribution) terminal and system
CN105553648A (en) * 2014-10-30 2016-05-04 阿里巴巴集团控股有限公司 Quantum key distribution, privacy amplification and data transmission methods, apparatuses, and system
CN106899403A (en) * 2015-12-21 2017-06-27 Id量子技术公司 For the apparatus and method required with enhanced security and the trust for reducing of quantum key distribution

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006025410A1 (en) * 2004-08-31 2006-03-09 The Foundation For The Promotion Of Industrial Science Quantum key distribution protocol
CN102983965B (en) * 2012-10-18 2016-12-21 中国电力科学研究院 Transformer station's quantum communications model, quantum key distribution center and model implementation method
CN104660602B (en) * 2015-02-14 2017-05-31 山东量子科学技术研究院有限公司 A kind of quantum key transfer control method and system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104518866A (en) * 2013-09-30 2015-04-15 安徽量子通信技术有限公司 QKD (quantum key distribution) terminal and system
CN105553648A (en) * 2014-10-30 2016-05-04 阿里巴巴集团控股有限公司 Quantum key distribution, privacy amplification and data transmission methods, apparatuses, and system
CN106899403A (en) * 2015-12-21 2017-06-27 Id量子技术公司 For the apparatus and method required with enhanced security and the trust for reducing of quantum key distribution

Also Published As

Publication number Publication date
CN109560917A (en) 2019-04-02

Similar Documents

Publication Publication Date Title
EP2858393B1 (en) Subscription manager secure routing device switching method and device
CN108111305B (en) Multi-type quantum terminal compatible converged network access system and method
CN110247765B (en) Quantum secret data chain communication system
TW201919363A (en) Method and system for quantum key distribution and data processing
CN102957584B (en) Home network equipment management method, control equipment and home network equipment
CN109587178A (en) A kind of intelligent appliance encryption control system and method based on MQTT
CN112104454B (en) Data secure transmission method and system
CN105119891B (en) A kind of data interactive method, set-top box and server
CN109150508A (en) Equipment control and controlled method, device, computer equipment and storage medium
CN109560917B (en) QKD method, device and system
CN113411187A (en) Identity authentication method and system, storage medium and processor
CN105262740A (en) Big data transmission method and system
CN112491532A (en) Video data encryption method and device, storage medium and electronic equipment
CN108206738B (en) Quantum key output method and system
CN109194701A (en) A kind of data processing method and device
CN112332940A (en) Data transmission method based on time synchronization network and related equipment
CN102045343B (en) DC (Digital Certificate) based communication encrypting safety method, server and system
CN109460646A (en) Method for identifying ID, device, system, electronic equipment and readable medium
Epishkina et al. A random traffic padding to limit packet size covert channels
CN106487761B (en) Message transmission method and network equipment
CN112566123B (en) Method and device for determining abnormal network node
CN112217862A (en) Data communication method, device, terminal equipment and storage medium
CN109951417B (en) Identity authentication method, system and terminal equipment
Gaur et al. A comparative study and analysis of cryptographic algorithms: RSA, DES, AES, BLOWFISH, 3-DES, and TWOFISH
CN102739660A (en) Key exchange method for single sign on system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant