CN110830108A - Anti-attack detection method and device for laser transmitter of quantum secret communication system - Google Patents

Anti-attack detection method and device for laser transmitter of quantum secret communication system Download PDF

Info

Publication number
CN110830108A
CN110830108A CN201911055031.6A CN201911055031A CN110830108A CN 110830108 A CN110830108 A CN 110830108A CN 201911055031 A CN201911055031 A CN 201911055031A CN 110830108 A CN110830108 A CN 110830108A
Authority
CN
China
Prior art keywords
light
laser
wavelength
optical power
laser emitter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911055031.6A
Other languages
Chinese (zh)
Other versions
CN110830108B (en
Inventor
黄安琪
武志豪
吴俊杰
徐平
强晓刚
丁江放
邓明堂
付祥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
National University of Defense Technology
Original Assignee
National University of Defense Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by National University of Defense Technology filed Critical National University of Defense Technology
Priority to CN201911055031.6A priority Critical patent/CN110830108B/en
Publication of CN110830108A publication Critical patent/CN110830108A/en
Application granted granted Critical
Publication of CN110830108B publication Critical patent/CN110830108B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B10/00Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
    • H04B10/70Photonic quantum communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B10/00Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
    • H04B10/07Arrangements for monitoring or testing transmission systems; Arrangements for fault measurement of transmission systems
    • H04B10/075Arrangements for monitoring or testing transmission systems; Arrangements for fault measurement of transmission systems using an in-service signal
    • H04B10/079Arrangements for monitoring or testing transmission systems; Arrangements for fault measurement of transmission systems using an in-service signal using measurements of the data signal
    • H04B10/0795Performance monitoring; Measurement of transmission parameters
    • H04B10/07955Monitoring or measuring power
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Optics & Photonics (AREA)
  • Optical Communication System (AREA)

Abstract

The invention discloses an anti-attack detection method and device for a laser emitter of a quantum secure communication system, and the device comprises anti-attack detection equipment, wherein the anti-attack detection equipment comprises a connector, a seed light preparation module and a result analysis module, the oscillogram, the polarization state and the wavelength information of laser are obtained by comparing the oscillogram I with the oscillogram II, if the pulse width, the pulse light energy and the pulse generation time of the two oscillograms are larger than a preset threshold I, the average counting number of each detector is larger than a preset threshold II after being detected, the wavelength of emitted light is larger than a preset threshold III, the existence of a seed light injection control leak in the laser emitter of an emitting party is judged, namely the laser emitter is controlled by the injected light of an attacker, and if the output light has no obvious difference in the aspects, the laser emitter has no leak. The invention realizes whether the laser emitter at the emitting end in the QKD system has seed light injection attack loopholes or not, and provides direct guarantee for the actual safety of the QKD system.

Description

Anti-attack detection method and device for laser transmitter of quantum secret communication system
Technical Field
The invention belongs to the technical field of quantum secret communication, and particularly relates to an anti-attack detection method and an anti-attack detection device for a laser transmitter at a transmitting end of a quantum secret communication system.
Background
In the information age, information security is crucial to both individuals and countries. However, the ultra-strong computing power of quantum computers will impact the foundation of modern information security and network security, for example, a series of security systems based on RSA algorithm, which are widely used at present, will not be overcome. In order to deal with the security threat of the quantum computer to the classic password basic system, the replacement of the existing classic password system into the password system of quantum security is an important strategic measure. Quantum cryptography is based on the fundamental physics of quantum mechanics, and not on any mathematical assumptions. Therefore, quantum cryptography is able to resist quantum attacks by quantum computers and has been proven to achieve information theoretical security, known as unconditional security. Quantum cryptography is most typically Quantum Key Distribution protocol (QKD) (briefly shown in fig. 1), which solves an important problem that is difficult to solve in classical cryptography: the symmetric key pair is securely distributed over an insecure channel to both legitimate communication parties. QKD ensures that a key carried by a quantum state cannot be eavesdropped on an insecure channel by using the quantum physical unclonable principle, and is based on the quantum physical basic principle only and not on any mathematical hypothesis, so that the key is theoretically proved to achieve information theoretical security, namely unconditional security generally known by us. This is a level of security not achieved by classical encryption algorithms based on mathematical assumptions. Due to the obvious advantages of QKD in safety compared with classical passwords, the QKD attracts attention in quantum information technology leather and is rapidly developed in all aspects. With the continuous development of quantum cryptography, researchers find that many differences exist between theory and reality in the process of experiment and practicality. This is particularly due to the fact that in security proof, there are a number of assumptions that quantum cryptography systems need to satisfy and abstract mathematical models of actual devices, which, however, are likely to not match actual devices. For example, some security assumptions cannot be met in practice; or the model does not fully describe the actual QKD device. In the standard preparative-survey QKD system architecture it is assumed that an eavesdropper (Eve) can only have access to the quantum channel with authority, but cannot enter the preparation and transmitting (Alice) and quantum state receiving and detecting (Bob) parties of the quantum state. In practice, however, Eve may steal the key through quantum channels and exploit security vulnerabilities of aspects of the system. Most existing attack methods are attacks on a detector at the Bob end and on the whole transmission path, such as blind attacks of continuous light and pulse light, time-shifting attacks, dead-time attacks and the like. These attack methods all pose a threat to the perceived security of the system, and if such a security system full of vulnerabilities is applied to practice, a lot of loss is caused, so that the security of each system must be detected. Many experts have already developed many detection methods and devices in the related art, which play a great role in the progress of QKD system.
The various vulnerability detection methods for the QKD system are all detection for the detection end. For most problems in the existing QKD technology, the MDI-QKD (measurement-device-independent quantum key distribution) proposed by Lo et al of the university of toronto 2012 thoroughly closes the loopholes of all measuring ends of the QKD system. And (2) in the MDI-QKD, enabling Alice and Bob of two communication parties to randomly prepare BB84 weak coherent states respectively, then sending to an untrusted third party Charlie to perform Bell state measurement, and establishing a safe secret key according to Bell state measurement results Alice and Bob published by the Charlie. The basic principle of polarization encoded MDI-QKD is shown in FIG. 2. The basic operation flow is as follows: alice and Bob prepare phase-randomized weak coherent light pulses and randomly encode them into one of four BB84 states, here selecting four polarization states | H >, | V >, | + >, | - >, where H/V represents horizontal and vertical polarization, | ± > (| H > ± | V >)/√ 2, respectively. Alice and Bob then send the prepared quantum states to an untrusted third party Charlie through a quantum channel for bell state measurement. Charlie publishes successful bell state measurements and Alice and Bob publish the basis vectors they encode for use. For the part they use the same basis vector, Alice or Bob chooses to flip or not flip the bits in their hand to get the positive associated data, according to Charlie's bell state measurements. And then they obtain the gain and the bit error rate of a single-photon part according to a decoy state method, and obtain a final security key through classical error correction and privacy amplification processes. Since the MDI QKD system can avoid all probe vulnerability, the source security issue will be of great concern. We need to detect the relevant security of the transmitting end for both this more advanced QKD system and most previous QKD systems. The anti-attack detection is the last guarantee for avoiding the problem of information security, and has important scientific significance and practical value for the practicability of various types of QKD.
Disclosure of Invention
The purpose of the invention is as follows: in view of the fact that all transmitting ends in the QKD system based on the weak coherent state use laser emitters, aiming at the possible security loopholes of the laser emitters, the invention provides an anti-attack detection method and an anti-attack detection device of the laser emitter of the quantum secret communication system.
The technical scheme is as follows: in order to achieve the purpose, the invention adopts the technical scheme that:
an anti-attack detection method for a laser transmitter of a quantum secret communication system comprises the following steps:
step 1), recording the average counting number of each detector of the quantum key distribution system in an undisturbed original state, and recording the average counting number as an original counting number n1
And 2) obtaining a laser emitting port of a laser emitter at a legal sending end in the quantum key distribution system through the description of the equipment manufacturer, and cutting off the connection between the laser emitter in an undisturbed original state and the rest devices of the quantum key distribution system.
And 3), sequentially accessing a laser emitting port of the laser emitter which is cut off in the step 2) and connected with the rest device of the quantum key distribution system into an optical power meter, an oscilloscope and a frequency spectrograph, and detecting the characteristics of the laser in the original state emitted by the laser emitter to obtain optical power I, oscillogram I and wavelength I lambda 1.
And 4), emitting a continuous beam of interference light with specific wavelength, specific light intensity and specific polarization into the laser emitter to guide the laser emitter to emit detection light with specific light intensity.
And 5) respectively accessing the light emitted by the laser emitter into the optical power meter, the oscilloscope and the frequency spectrograph again to detect the characteristics of the light emitted by the laser emitter at the moment to obtain a second optical power, a second oscillogram and a second wavelength lambda 2. Connecting the laser emitter with the rest of the quantum key distribution system, inputting the detection light into the rest of the quantum key distribution system, recording the counting number of each detector at the detector end at the moment, and recording the counting number as n after interference2
Step 6), the second optical power, the second oscillogram, the second wavelength lambda 2 and the number n of counted disturbed elements are calculated2The original optical power I, the waveform diagram I, the wavelength I lambda 1 and the original counting number n1And (6) carrying out comparison.
The method comprises the steps that a oscillogram, a polarization state and wavelength information of laser are obtained by comparing the oscillogram I with the oscillogram II, if the two oscillograms are larger than a preset threshold I in pulse width, pulse light energy and pulse generation time, the average counting number of each detector is larger than a preset threshold II after being detected, the wavelength of emitted light is larger than a preset threshold III, it is judged that a laser emitter of an emitting party has a seed light injection control leak, namely the laser emitter can be controlled by injected light of an attacker, and if output light has no obvious difference in the aspects, the laser emitter has no leak.
Preferably: and 3) connecting the outlet of the laser transmitter with an optical power meter, and testing the initial optical power value to obtain the first optical power. And connecting an output port of the laser transmitter with the photoelectric converter and the frequency spectrograph in sequence to obtain the wavelength lambda 1 of the original state laser emitted by the laser transmitter.
Preferably: the energy carried by the interference light in the step 4) is equal to the energy required by the stimulated radiation to radiate specific detection light.
Preferably: and 4) making the interference light by a tunable laser transmitter.
Preferably: the specific polarization state of the interference light in the step 4) is made by a polarization controller.
Preferably: in the step 4), the emitted interference light with the specific wavelength, the specific light intensity and the specific polarization is incident to the laser emitter, the optical power meter is used for testing the optical power of the output detection light, if the optical power meter has a number, the processes of the step 4) and the step 5) are continuously executed, and if not, the detection is ended.
An anti-attack detection device of a laser transmitter of a quantum secret communication system comprises anti-attack detection equipment, wherein the anti-attack detection equipment comprises a connector, a seed light preparation module and a result analysis module.
The connector is used for connecting the seed light preparation module, the result analysis module and the laser emitter, and comprises an interface I, an interface II and an interface III, wherein the interface I is used for being connected with the seed light preparation module. And the second interface is used for connecting with the laser transmitter. And the interface III is used for being connected with the result analysis module.
The result analysis module comprises an optical power meter, an oscilloscope, a frequency spectrograph and a central processor.
The seed light preparation module is used for generating interference light with specific light intensity, wavelength and polarization state.
Is in at restIn the original state of interference, the connection between the laser transmitter and the rest devices of the quantum key distribution system is cut off. Recording the average counting number of each detector of the quantum key distribution system in an undisturbed original state, and recording the average counting number as an original counting number n1The laser transmitter is connected with the second interface, the result analysis module is connected with the third interface, original state laser emitted by the laser transmitter sequentially enters the optical power meter, the oscilloscope and the frequency spectrometer, and characteristics of the original state laser emitted by the laser transmitter are detected to obtain optical power I, oscillogram I and wavelength I lambda 1.
Under the state of interference, the laser transmitter is connected with the rest device of the quantum key distribution system, the counting number of each detector at the detector end at the moment is recorded, and the counting number n is recorded as the counting number after interference2. The seed light preparation module generates interference light with specific light intensity, wavelength and polarization state, the interference light is incident to the laser transmitter, the laser transmitter is connected with the second interface, the result analysis module is connected with the third interface, detection light emitted by the laser transmitter under the action of the interference light sequentially enters the optical power meter, the oscilloscope and the frequency spectrometer, and the characteristics of the detection light are detected to obtain optical power II, oscillogram II and wavelength II lambda 2.
The central processor counts the optical power II, the wave form II, the wavelength II lambda 2 and the number n of the interference2The original optical power I, the waveform diagram I, the wavelength I lambda 1 and the original counting number n1And (6) carrying out comparison. The method comprises the steps that a oscillogram, a polarization state and wavelength information of laser are obtained by comparing the oscillogram I with the oscillogram II, if the two oscillograms are larger than a preset threshold I in pulse width, pulse light energy and pulse generation time, the average counting number of each detector is larger than a preset threshold II after being detected, the wavelength of emitted light is larger than a preset threshold III, it is judged that a laser emitter of an emitting party has a seed light injection control leak, namely the laser emitter can be controlled by injected light of an attacker, and if output light has no obvious difference in the aspects, the laser emitter has no leak.
Preferably: the seed light preparation module comprises a laser emission unit and a polarization modulation unit, wherein the laser emission unit is used for emitting laser with specific light intensity and wavelength, and the polarization modulation unit is used for modulating the polarization state of light.
Compared with the prior art, the invention has the following beneficial effects:
the invention aims at carrying out attack-resistant detection on a Quantum Key Distribution (QKD) system adopting a coherent laser emitter, realizes whether a laser emitter at an emitting end in the QKD system has seed light injection attack holes or not for the first time, provides direct guarantee for the actual safety of the QKD system, has important guiding significance for promoting the research of the laser emitter in the actual application and the research of the safety and the reliability in quantum secret communication, and has important scientific significance and practical value for promoting the practicability of the QKD system.
Drawings
Fig. 1 is a schematic diagram of a quantum key distribution system.
FIG. 2 is a schematic diagram of MDI-QKD.
Fig. 3 is a schematic view of attack detection.
FIG. 4 is a schematic view of a seed light preparation module.
FIG. 5 is a schematic diagram of a result analysis module.
Detailed Description
The present invention is further illustrated by the following description in conjunction with the accompanying drawings and the specific embodiments, it is to be understood that these examples are given solely for the purpose of illustration and are not intended as a definition of the limits of the invention, since various equivalent modifications will occur to those skilled in the art upon reading the present invention and fall within the limits of the appended claims. In order to facilitate the user to use the attack detection device better, the actual use process is described herein particularly in combination with the attack detection schematic diagram and the specific diagrams of each module.
An anti-attack detection method of a quantum secret communication system laser transmitter is implemented by simulating the attack behavior of an attacker, and the process comprises the following steps:
step 1), recording the average counting number of each detector of the quantum key distribution system in an undisturbed original state, and recording the average counting number as an original counting number n1
And 2) obtaining a laser emitting port of a laser emitter at a legal sending end in the quantum key distribution system through the description of the equipment manufacturer, and cutting off the connection between the laser emitter in an undisturbed original state and the rest devices of the Quantum Key Distribution (QKD) system.
And 3), sequentially accessing a laser emitting port of the laser emitter which is cut off in the step 2) and connected with the rest device of the quantum key distribution system into an optical power meter, an oscilloscope and a frequency spectrograph, and detecting the characteristics of the laser in the original state emitted by the laser emitter to obtain optical power I, oscillogram I and wavelength I lambda 1. And connecting the outlet of the laser transmitter with an optical power meter, and testing the initial optical power value to obtain the first optical power. The output port of the laser transmitter is sequentially connected with the photoelectric converter and the oscilloscope in the result detection unit to obtain a first oscillogram of original light emitted by the laser transmitter, and the output port of the laser transmitter is sequentially connected with the photoelectric converter and the frequency spectrograph to obtain a first wavelength lambda 1 of original state laser emitted by the laser transmitter.
And 4), operating a seed light preparation module of the anti-attack detection device, modulating light with specific wavelength, light intensity and polarization, and transmitting a continuous beam of interference light with specific wavelength, specific light intensity and specific polarization to enter a laser transmitter to guide the laser transmitter to emit detection light with specific light intensity. The interfering light carries an energy equal to the energy required for the stimulated radiation to emit the specific detection light. The interfering light is made by a tunable laser transmitter. The specific polarization states of the disturbing light include four polarization states | H >, | V >, | + >, | - >, which are generally made by two different polarization modulators PBS. Emitting interference light with specific wavelength, specific light intensity and specific polarization into a laser emitter, testing the optical power of the output detection light by using an optical power meter, and if the optical power meter has a number, continuing to execute the processes of the step 4) and the step 5), otherwise, ending the detection.
And 5) respectively accessing the light emitted by the laser emitter into the optical power meter, the oscilloscope and the frequency spectrograph again to detect the characteristics of the light emitted by the laser emitter at the moment to obtain a second optical power, a second oscillogram and a second wavelength lambda 2. Connecting the laser emitter with the rest quantum key distribution system, and inputting the detection light to the rest quantum key distribution systemIn the rest quantum key distribution system, the counting number of each detector at the detector end at the moment is recorded and recorded as the counting number n after interference2
Step 6), the second optical power, the second oscillogram, the second wavelength lambda 2 and the number n of counted disturbed elements are calculated2The original optical power I, the waveform diagram I, the wavelength I lambda 1 and the original counting number n1And (6) carrying out comparison.
The oscillogram, the polarization state and the wavelength information of the laser are obtained by comparing the oscillogram I with the oscillogram II, if the two oscillograms have obvious difference in pulse width, pulse light energy and pulse generation time, the average counting number of each detector is obviously increased after being detected, and the wavelength of the emitted light has obvious difference, the laser emitter of the emitting party is judged to have seed light injection control loopholes, namely, the laser emitter is controlled by the injected light of an attacker, and if the output light has no obvious difference in the aspects, the laser emitter has no loopholes. Specifically, a oscillogram, a polarization state and wavelength information of laser are obtained by comparing the oscillogram I with the oscillogram II, if the two oscillograms are larger than a preset threshold I in pulse width, pulse light energy and pulse generation time, the average counting number of each detector is larger than a preset threshold II after being detected, and the wavelength of emitted light is larger than a preset threshold III, it is determined that a laser emitter of an emitting party has a seed light injection control leak, namely, the laser emitter is controlled by injected light of an attacker, and if output light has no obvious difference in the aspects, the laser emitter has no leak.
An anti-attack detection device for a laser transmitter of a quantum secure communication system, the quantum secure communication is realized based on a quantum key distribution system using the laser transmitter as a quantum signal sending unit, as shown in fig. 3, the anti-attack detection device comprises an anti-attack detection device, and the anti-attack detection device comprises a plurality of modules. And judging whether the laser emitter has a vulnerability of the laser emitter for resisting seed light injection attack according to the function of each module and the result of the specified step. The anti-attack detection device comprises a connector, a seed light preparation module and a result analysis module.
The connector is used for connecting the seed light preparation module, the result analysis module and the laser emitter, and comprises an interface I, an interface II and an interface III, wherein the interface I is used for being connected with the seed light preparation module. And the second interface is used for connecting with the laser transmitter. And the interface III is used for being connected with the result analysis module. The light entering from the first interface can only be emitted from the second interface, the light emitted from the second interface enters the laser emitter, the light generated by the laser emitter enters the second interface, and the light emitted from the second interface can only be emitted from the third interface.
As shown in fig. 4, the result analysis module is configured to detect the original output light of the laser emitter and the light intensity, waveform, wavelength, and polarization state after being attacked, so as to obtain a first optical power and a second optical power; a first waveform diagram and a second waveform diagram; wavelength one λ 1, wavelength two λ 2, original count number n1Counting the number n after interference2And the result analysis module comprises an optical power meter, an oscilloscope, a frequency spectrograph and a central processor.
As shown in fig. 4, the seed light preparation module is used to generate the interference light with specific light intensity, wavelength and polarization state. The seed light preparation module comprises a laser emission unit and a polarization modulation unit, wherein the laser emission unit is used for emitting laser with specific light intensity and wavelength, and the polarization modulation unit is used for modulating the polarization state of light.
In an undisturbed original state, the connection between the laser transmitter and the rest of the devices of the quantum key distribution system is cut off. Recording the average counting number of each detector of the quantum key distribution system in an undisturbed original state, and recording the average counting number as an original counting number n1The laser transmitter is connected with the second interface, the result analysis module is connected with the third interface, original state laser emitted by the laser transmitter sequentially enters the optical power meter, the oscilloscope and the frequency spectrometer, and characteristics of the original state laser emitted by the laser transmitter are detected to obtain optical power I, oscillogram I and wavelength I lambda 1.
Under the state of interference, the laser transmitter is connected with the rest device of the quantum key distribution system, the counting number of each detector at the detector end at the moment is recorded, and the counting number n is recorded as the counting number after interference2. The seed light preparation module generates specific light intensity and waveAnd detecting the characteristics of the detection light to obtain a second optical power, a second oscillograph and a second wavelength lambda 2.
The central processor counts the optical power II, the wave form II, the wavelength II lambda 2 and the number n of the interference2The original optical power I, the waveform diagram I, the wavelength I lambda 1 and the original counting number n1And (6) carrying out comparison. The method comprises the steps that a oscillogram, a polarization state and wavelength information of laser are obtained by comparing the oscillogram I with the oscillogram II, if the two oscillograms are larger than a preset threshold I in pulse width, pulse light energy and pulse generation time, the average counting number of each detector is larger than a preset threshold II after being detected, the wavelength of emitted light is larger than a preset threshold III, it is judged that a laser emitter of an emitting party has a seed light injection control leak, namely the laser emitter can be controlled by injected light of an attacker, and if output light has no obvious difference in the aspects, the laser emitter has no leak.
The detection device of the invention has the following using method:
A) firstly, recording the average reading number of each detector at the detector end of the quantum key distribution system in the original state as the original counting number n1
B) And (4) correctly connecting the connectors, and respectively connecting the interface I, the interface II and the interface III to the specified module. The interface I is connected with the seed light preparation module, and the interface II is connected with the laser emitter after the laser emitter with the transmitting end interrupted is connected with the residual QKD;
C) the interface three is connected with each instrument in the result analysis unit one by one, wherein,
and connecting the laser transmitter outlet of the legal transmitting end with an optical power meter, and testing the initial optical power value to obtain the optical power 1.
And connecting the output port of the laser transmitter at the legal sending end with the photoelectric converter and the oscilloscope in the result detection unit in sequence to obtain a first oscillogram of the original light emitted by the laser transmitter.
And connecting the output port of the laser transmitter of the legal sending end with the photoelectric converter in sequence, and connecting a frequency spectrograph in the result detection unit to obtain the wavelength lambda 1 of the original initial light of the laser transmitter.
D) And operating a seed light preparation module of the anti-attack detection device, modulating light with specific wavelength, light intensity and polarization, and entering the laser emitter through the connection module.
E) And B) obtaining the characteristics of the output light after the attack, namely the light power II, the oscillogram II and the wavelength II lambda 2.
Connecting the laser transmitter outlet of the legal sending end with the rest QKD system to obtain the average reading of each detector as the number n of counts after interference2
F) And comparing the optical power I with the optical power II, the oscillogram I with the oscillogram II, the wavelength I lambda 1 with the wavelength II lambda 2, and counting the number of the detectors before and after the detectors are tested.
And C) operating as above, if the optical power meter has the indication number, continuing the next operation of D) and E), otherwise, stopping detection.
After comparison in the step E), if the optical power indicator is obviously increased after being attacked, the waveform diagram b of the output light after being attacked is obviously different from the waveform diagram a in pulse width, pulse light energy, pulse generation time and wavelength, the wavelength is obviously changed, and the respective specific difference of the indicators of the detectors determines that the laser transmitter has a leak of anti-violet injection attack, otherwise, the leak does not exist.
As mentioned in C), after the whole step is completed, the input light with different light intensities, wavelengths and polarizations can be modulated to further detect the influence of the light with different light intensities, wavelengths and polarizations on the detected laser emitter, and the process is continued according to a), B), C), D), E), F) above.
This description is written in a progressive manner and can be properly understood with reference to the drawings. The laser modulation part related to the specification can be judged according to actual conditions, and the modulation of light wavelength, polarization and light intensity is realized through software and hardware. The above description is only of the preferred embodiments of the present invention, and it should be noted that: it will be apparent to those skilled in the art that various modifications and adaptations can be made without departing from the principles of the invention and these are intended to be within the scope of the invention.

Claims (8)

1. An anti-attack detection method for a laser transmitter of a quantum secret communication system is characterized by comprising the following steps:
step 1), recording the average counting number of each detector of the quantum key distribution system in an undisturbed original state, and recording the average counting number as an original counting number n1
Step 2), obtaining a laser emitting port of a laser emitter at a legal sending end in the quantum key distribution system through the description of an equipment manufacturer, and cutting off the connection between the laser emitter in an undisturbed original state and the rest devices of the quantum key distribution system;
step 3), sequentially accessing a laser emitting port of the laser emitter which is cut off in the step 2) and connected with the rest device of the quantum key distribution system into an optical power meter, an oscilloscope and a frequency spectrograph, and detecting the characteristics of original state laser emitted by the laser emitter to obtain optical power I, oscillogram I and wavelength I lambda 1;
step 4), a continuous beam of interference light with specific wavelength, specific light intensity and specific polarization is emitted to enter a laser emitter to guide the laser emitter to emit detection light with specific light intensity;
step 5), respectively accessing the light emitted by the laser emitter into an optical power meter, an oscilloscope and a frequency spectrograph again to detect the characteristics of the light emitted by the laser emitter at the moment to obtain a second optical power, a second oscillogram and a second wavelength lambda 2; connecting the laser emitter with the rest of the quantum key distribution system, inputting the detection light into the rest of the quantum key distribution system, recording the counting number of each detector at the detector end at the moment, and recording the counting number as n after interference2
Step 6), the second optical power, the second oscillogram, the second wavelength lambda 2 and the number n of counted disturbed elements are calculated2With the original optical power I, the waveform diagram I, the wavelength I1 andnumber of primitive counts n1Carrying out comparison;
the method comprises the steps that a oscillogram, a polarization state and wavelength information of laser are obtained by comparing the oscillogram I with the oscillogram II, if the two oscillograms are larger than a preset threshold I in pulse width, pulse light energy and pulse generation time, the average counting number of each detector is larger than a preset threshold II after being detected, the wavelength of emitted light is larger than a preset threshold III, it is judged that a laser emitter of an emitting party has a seed light injection control leak, namely the laser emitter can be controlled by injected light of an attacker, and if output light has no obvious difference in the aspects, the laser emitter has no leak.
2. The method for detecting attack resistance of a laser transmitter in a quantum secure communication system according to claim 1, wherein: step 3), connecting an outlet of the laser transmitter with an optical power meter, and testing an initial optical power value to obtain a first optical power; and connecting an output port of the laser transmitter with the photoelectric converter and the frequency spectrograph in sequence to obtain the wavelength lambda 1 of the original state laser emitted by the laser transmitter.
3. The method for detecting attack resistance of a laser transmitter in a quantum secure communication system according to claim 2, wherein: the energy carried by the interference light in the step 4) is equal to the energy required by the stimulated radiation to radiate specific detection light.
4. The method for detecting attack resistance of a laser transmitter in a quantum secure communication system according to claim 3, wherein: and 4) making the interference light by a tunable laser transmitter.
5. The method for detecting attack resistance of a laser transmitter in a quantum secure communication system according to claim 4, wherein: the specific polarization state of the interference light in the step 4) is made by a polarization controller.
6. The method for detecting attack resistance of a laser transmitter in a quantum secure communication system according to claim 5, wherein: in the step 4), the emitted interference light with the specific wavelength, the specific light intensity and the specific polarization is incident to the laser emitter, the optical power meter is used for testing the optical power of the output detection light, if the optical power meter has a number, the processes of the step 4) and the step 5) are continuously executed, and if not, the detection is ended.
7. An anti attack detection device of quantum secret communication system laser emitter which characterized in that: the system comprises anti-attack detection equipment, wherein the anti-attack detection equipment comprises a connector, a seed light preparation module and a result analysis module;
the connector is used for connecting the seed light preparation module, the result analysis module and the laser emitter, and comprises a first interface, a second interface and a third interface, wherein the first interface is used for being connected with the seed light preparation module; the interface II is used for being connected with a laser transmitter; the interface III is used for being connected with the result analysis module;
the result analysis module comprises an optical power meter, an oscilloscope, a frequency spectrograph and a central processor;
the seed light preparation module is used for generating interference light with specific light intensity, wavelength and polarization state;
under the original state without interference, the connection between the laser transmitter and the rest devices of the quantum key distribution system is cut off; recording the average counting number of each detector of the quantum key distribution system in an undisturbed original state, and recording the average counting number as an original counting number n1The laser transmitter is connected with the second interface, the result analysis module is connected with the third interface, original state laser emitted by the laser transmitter sequentially enters the optical power meter, the oscilloscope and the frequency spectrometer, and characteristics of the original state laser emitted by the laser transmitter are detected to obtain optical power I, oscillogram I and wavelength I lambda 1;
under the state of interference, the laser transmitter is connected with the rest device of the quantum key distribution system, the counting number of each detector at the detector end at the moment is recorded, and the counting number n is recorded as the counting number after interference2(ii) a The seed light preparation module generates interference light with specific light intensity, wavelength and polarization state, the interference light enters the laser transmitter, and the laser transmitter and the interface IIConnecting, wherein a result analysis module is connected with the interface III, detection light emitted by the laser transmitter under the action of interference light sequentially enters the optical power meter, the oscilloscope and the frequency spectrograph, and the characteristics of the detection light are detected to obtain optical power II, a oscillogram II and wavelength II lambda 2;
the central processor counts the optical power II, the wave form II, the wavelength II lambda 2 and the number n of the interference2The original optical power I, the waveform diagram I, the wavelength I lambda 1 and the original counting number n1Carrying out comparison; the method comprises the steps that a oscillogram, a polarization state and wavelength information of laser are obtained by comparing the oscillogram I with the oscillogram II, if the two oscillograms are larger than a preset threshold I in pulse width, pulse light energy and pulse generation time, the average counting number of each detector is larger than a preset threshold II after being detected, the wavelength of emitted light is larger than a preset threshold III, it is judged that a laser emitter of an emitting party has a seed light injection control leak, namely the laser emitter can be controlled by injected light of an attacker, and if output light has no obvious difference in the aspects, the laser emitter has no leak.
8. The apparatus for detecting attack resistance of a laser transmitter in a quantum secure communication system according to claim 7, wherein: the seed light preparation module comprises a laser emission unit and a polarization modulation unit, wherein the laser emission unit is used for emitting laser with specific light intensity and wavelength, and the polarization modulation unit is used for modulating the polarization state of light.
CN201911055031.6A 2019-10-31 2019-10-31 Anti-attack detection method and device for laser transmitter of quantum secret communication system Active CN110830108B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911055031.6A CN110830108B (en) 2019-10-31 2019-10-31 Anti-attack detection method and device for laser transmitter of quantum secret communication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911055031.6A CN110830108B (en) 2019-10-31 2019-10-31 Anti-attack detection method and device for laser transmitter of quantum secret communication system

Publications (2)

Publication Number Publication Date
CN110830108A true CN110830108A (en) 2020-02-21
CN110830108B CN110830108B (en) 2021-03-19

Family

ID=69552178

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911055031.6A Active CN110830108B (en) 2019-10-31 2019-10-31 Anti-attack detection method and device for laser transmitter of quantum secret communication system

Country Status (1)

Country Link
CN (1) CN110830108B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113411183A (en) * 2021-05-31 2021-09-17 中国人民解放军国防科技大学 Synchronous correction vulnerability detection method and device in quantum key distribution system
CN114205074A (en) * 2020-09-17 2022-03-18 科大国盾量子技术股份有限公司 Dead time attack resisting detection device for QKD equipment
CN114614977A (en) * 2020-12-08 2022-06-10 科大国盾量子技术股份有限公司 Quantum communication attack and defense demonstration system based on seed light injection attack
CN114697006A (en) * 2020-12-30 2022-07-01 科大国盾量子技术股份有限公司 Detection method and device for seed light attack resistance
CN115085919A (en) * 2022-06-30 2022-09-20 中国人民解放军国防科技大学 Vulnerability detection method and device for quantum secret communication system calibration process
CN115766198A (en) * 2022-11-11 2023-03-07 中国人民解放军国防科技大学 Loophole detection device and method for quantum secret communication system optical power limiter

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120045053A1 (en) * 2010-08-20 2012-02-23 Bing Qi Random signal generator using quantum noise
CN104518868A (en) * 2013-09-28 2015-04-15 安徽量子通信技术有限公司 QKD (quantum key distribution) system capable of resisting wavelength attack
CN105049200A (en) * 2015-08-14 2015-11-11 清华大学 Data post-processing method of quantum key distribution system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120045053A1 (en) * 2010-08-20 2012-02-23 Bing Qi Random signal generator using quantum noise
CN104518868A (en) * 2013-09-28 2015-04-15 安徽量子通信技术有限公司 QKD (quantum key distribution) system capable of resisting wavelength attack
CN105049200A (en) * 2015-08-14 2015-11-11 清华大学 Data post-processing method of quantum key distribution system

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114205074A (en) * 2020-09-17 2022-03-18 科大国盾量子技术股份有限公司 Dead time attack resisting detection device for QKD equipment
CN114205074B (en) * 2020-09-17 2023-11-28 科大国盾量子技术股份有限公司 QKD equipment dead time attack resistance detection device
CN114614977A (en) * 2020-12-08 2022-06-10 科大国盾量子技术股份有限公司 Quantum communication attack and defense demonstration system based on seed light injection attack
CN114614977B (en) * 2020-12-08 2024-05-03 科大国盾量子技术股份有限公司 Quantum communication attack and defense demonstration system based on seed light injection attack
CN114697006A (en) * 2020-12-30 2022-07-01 科大国盾量子技术股份有限公司 Detection method and device for seed light attack resistance
CN114697006B (en) * 2020-12-30 2024-04-09 科大国盾量子技术股份有限公司 Detection method and device for resisting seed light attack
CN113411183A (en) * 2021-05-31 2021-09-17 中国人民解放军国防科技大学 Synchronous correction vulnerability detection method and device in quantum key distribution system
CN113411183B (en) * 2021-05-31 2022-08-02 中国人民解放军国防科技大学 Synchronous correction vulnerability detection method and device in quantum key distribution system
CN115085919A (en) * 2022-06-30 2022-09-20 中国人民解放军国防科技大学 Vulnerability detection method and device for quantum secret communication system calibration process
CN115085919B (en) * 2022-06-30 2024-04-09 中国人民解放军国防科技大学 Vulnerability detection method and device for quantum secret communication system calibration process
CN115766198A (en) * 2022-11-11 2023-03-07 中国人民解放军国防科技大学 Loophole detection device and method for quantum secret communication system optical power limiter
CN115766198B (en) * 2022-11-11 2024-05-03 中国人民解放军国防科技大学 Leak detection device and method for optical power limiter of quantum secret communication system

Also Published As

Publication number Publication date
CN110830108B (en) 2021-03-19

Similar Documents

Publication Publication Date Title
CN110830108B (en) Anti-attack detection method and device for laser transmitter of quantum secret communication system
Gu et al. Experimental measurement-device-independent type quantum key distribution with flawed and correlated sources
US10020937B2 (en) Apparatus and method for the detection of attacks taking control of the single photon detectors of a quantum cryptography apparatus by randomly changing their efficiency
Huang et al. Testing random-detector-efficiency countermeasure in a commercial system reveals a breakable unrealistic assumption
Lodewyck et al. Quantum key distribution over 25 km with an all-fiber continuous-variable system
US9306739B1 (en) Quantum key distribution protocol process
US7697693B1 (en) Quantum cryptography with multi-party randomness
US20180048466A1 (en) Methods and apparatuses for authentication in quantum key distribution and/or quantum data communication
Xu et al. Quantum cryptography with realistic devices
WO2006130300A2 (en) Systems and methods of enhancing qkd security using a heralded photon source
CN108540281B (en) Quantum security direct communication system irrelevant to measuring equipment
KR20220118350A (en) Long-distance quantum key distribution
Debuisschert et al. Time coding protocols for quantum key distribution
Zhang et al. Experimental side-channel-secure quantum key distribution
Tebyanian et al. Generalized time-bin quantum random number generator with uncharacterized devices
Makarov et al. Preparing a commercial quantum key distribution system for certification against implementation loopholes
CN114697009A (en) Device and method for detecting light source injection locking vulnerability of phase coding QKD equipment and attack end
CN115085919B (en) Vulnerability detection method and device for quantum secret communication system calibration process
Sharma et al. Mitigating the source-side channel vulnerability by characterisation of photon statistics
JP7366440B2 (en) Method, apparatus, computer program and data storage medium for determining a secret shared cryptographic key
CN106911472B (en) Security shot noise continuous variable quantum key distribution monitoring method
Tomita Implementation Security Certification of Decoy‐BB84 Quantum Key Distribution Systems
Molotkov On eavesdropping in quantum cryptography through side channels of information leakage
Nahar Decoy-state quantum key distribution with arbitrary phase mixtures and phase correlations
Rios Experimental Characterization of a Discrete Gaussian-Modulated Quantum Key Distribution System

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant