CN111342953A - Demonstration system for quantum channel eavesdropping attack of quantum key distribution equipment - Google Patents
Demonstration system for quantum channel eavesdropping attack of quantum key distribution equipment Download PDFInfo
- Publication number
- CN111342953A CN111342953A CN201811549300.XA CN201811549300A CN111342953A CN 111342953 A CN111342953 A CN 111342953A CN 201811549300 A CN201811549300 A CN 201811549300A CN 111342953 A CN111342953 A CN 111342953A
- Authority
- CN
- China
- Prior art keywords
- bob
- key distribution
- eve
- terminal
- alice
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B10/00—Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
- H04B10/70—Photonic quantum communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Electromagnetism (AREA)
- Optics & Photonics (AREA)
- Theoretical Computer Science (AREA)
- Optical Communication System (AREA)
- Optical Modulation, Optical Deflection, Nonlinear Optics, Optical Demodulation, Optical Logic Elements (AREA)
Abstract
The invention provides a demonstration system for quantum channel eavesdropping attack of quantum key distribution equipment, which comprises a quantum key distribution transmitting end Alice, a quantum key distribution eavesdropping end Eve, a quantum key distribution detecting end Bob, a transmission light path, a control end and a demonstration end, wherein the quantum key distribution transmitting end Alice comprises a quantum key distribution module, a quantum key distribution eavesdropping module, a quantum key distribution module and a quantum key distribution module, wherein the quantum key distribution eavesdropping module comprises a quantum key distribution: the Alice terminal is set to be capable of outputting single-photon signals; the Eve end and the Bob end are set to be capable of detecting the single-photon signal and outputting a detection electric signal; the transmission optical path is set to realize the optical path connection between the Alice end and the Bob end or the optical path connection between the Alice end and the Eve end according to the control signal provided by the control end; and the demonstration end is set to demonstrate the quantum channel eavesdropping attack according to the detection result of the Bob end and/or the Eve end.
Description
Technical Field
The invention relates to the field of quantum communication, in particular to a demonstration system for quantum key distribution equipment quantum channel eavesdropping attack.
Background
A Quantum Key Distribution (QKD) system can theoretically generate consistent quantum keys unconditionally securely for both legitimate parties to a communication. At present, most of attack demonstration aiming at the system is data layer attack, namely an attacker cannot crack data messages encrypted by quantum keys. In addition, some attack experiments aiming at system vulnerabilities and aiming at quantum channels are complex, and the purpose is to highlight possible security vulnerabilities in the QKD system and cannot play a role in demonstrating a secure key distribution of the quantum key distribution system. The single quantum indivisible nature on which these existing systems rely for quantum key distribution security cannot be demonstrated well.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a demonstration system for quantum channel eavesdropping attack of quantum key distribution equipment, which comprises a quantum key distribution transmitting end Alice, a quantum key distribution eavesdropping end Eve, a quantum key distribution detecting end Bob, a transmission light path, a control end and a demonstration end, wherein: the Alice terminal is set to be capable of outputting single-photon signals; the Eve end and the Bob end are set to be capable of detecting the single-photon signal and outputting a detection electric signal; the transmission optical path is set to realize the optical path connection between the Alice end and the Bob end or the optical path connection between the Alice end and the Eve end according to the control signal provided by the control end; and the demonstration end is set to demonstrate the quantum channel eavesdropping attack according to the detection result of the Bob end and/or the Eve end.
Preferably, the transmission optical path may include an optical switch, a first optical path a, a second optical path B, a beam splitting unit, and a beam combining unit. The optical switch may be configured to switch the optical path connection between the Alice terminal and the first optical path a or the second optical path B according to the control signal; the beam combining unit is arranged to combine and output the optical signals input through the first optical path A and the second optical path B; the beam splitting unit is configured to split and output the optical signal input through the second optical path B.
Further, the Alice end is connected with the Bob end through the first optical path a and the beam combining unit; the Alice end is connected with the Eve end through the second light path B and the beam splitting unit, and is connected with the Bob end through the second light path B, the beam splitting unit and the beam combining unit.
Preferably, the beam combining unit may be a beam splitter, and/or the beam splitting unit is a beam splitter or a clamp.
Preferably, the control terminal may include a first counter and a second counter, wherein the first counter is configured to count the detection electrical signal output by the Bob terminal, and the second counter is configured to count the detection electrical signal output by the Eve terminal. Further, the control end may further include a third counter, a signal delay adjuster, and a coincidence gate unit, where the signal delay adjuster is configured such that the detection electrical signal output by the Bob end and the detection electrical signal output by the Eve end arrive at the coincidence gate unit at the same time in one cycle, the coincidence gate unit is configured to perform an and gate operation on the detection electrical signal output by the Bob end and the detection electrical signal output by the Eve end, and the third counter is configured to count valid electrical signals output by the coincidence gate unit.
Preferably, the control terminal may further include a clock source, configured to output a synchronous clock signal to the Alice terminal, the Bob terminal, and the Eve terminal.
Preferably, the control terminal may further include a discriminator for discriminating and shaping the detection electrical signal output by the Bob terminal and/or the detection electrical signal output by the Eve terminal.
Preferably, the Alice terminal may have a low-frequency strong light emission mode and a high-frequency single photon emission mode, and is configured to be capable of switching between the low-frequency strong light emission mode and the high-frequency single photon emission mode based on control of the control terminal.
Preferably, the demonstration end may comprise an input interface allowing a user to input an instruction to determine whether the demonstration system operates in a normal mode or in a tapping mode, and a display interface for system status demonstration.
Drawings
FIG. 1 illustrates the principle of the present invention of a demonstration system for quantum key distribution device quantum channel eavesdropping attacks; and
fig. 2 shows an exemplary embodiment of the demonstration system for quantum key distribution device quantum channel eavesdropping attacks of the present invention.
Detailed Description
Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings. The following examples are provided by way of illustration in order to fully convey the spirit of the invention to those skilled in the art to which the invention pertains. Accordingly, the present invention is not limited to the embodiments disclosed herein.
Fig. 1 is a diagram for explaining the principle of the demonstration system for quantum key distribution device quantum channel eavesdropping attack of the present invention. As shown in fig. 1, the demonstration system may include a quantum key distribution transmitting terminal (Alice), a quantum key distribution eavesdropping terminal (Eve), a quantum key distribution detecting terminal (Bob), a transmission optical path, a control terminal (not shown), and a demonstration terminal (not shown).
The quantum key distribution transmitting terminal Alice transmits a single photon signal for simulating the generation of the quantum key signal. By way of example, the quantum key distribution emitter may be any light source capable of providing a single photon signal, or a light source implemented based on a weakly coherent laser source.
The quantum key distribution detection end Bob can receive and detect the existence of single photon signals and is used for simulating the receiving of the quantum key signals. The quantum key distribution eavesdropping end Eve can receive and detect the existence of single photon signals and is used for simulating an eavesdropper of the quantum key signals. In the invention, the quantum key distribution detection end Bob and the quantum key distribution eavesdropping end Eve preferably have the same detection structure. By way of example, the Bob and Eve terminals may include single photon detectors, preferably avalanche detectors or superconducting detectors.
And the transmission light path realizes the light path connection between the Alice end and the Bob end or between the Alice end and the Eve end according to the control signal provided by the control end.
An embodiment of a transmission light path according to the invention is also exemplarily depicted in fig. 1. As shown, the transmission optical path may include an optical switch, a first optical path a, a second optical path B, a beam splitting unit, and a beam combining unit. The output end of the Alice is connected with the input end of the optical switch through an optical path, and the first output end and the second output end of the optical switch are respectively connected with the first optical path A and the second optical path B, so that the optical switch can enable single photon signals sent by the Alice end to enter the first optical path A or the second optical path B according to control signals.
The beam combining unit comprises a first/second input end and an output end, and is used for combining the optical signals input by the first and second input ends and outputting the combined optical signals to the outside through the output end. As an example, the first input end of the beam combining unit may be optically connected to the first output end of the optical switch via the first optical path a, and the output end of the beam combining unit is optically connected to the Bob end. As an example, the beam combining unit may be a Beam Splitter (BS), as shown in fig. 1.
The beam splitting unit is arranged on the second optical path B, comprises an input end and a first/second output end, and is used for splitting the optical signal input by the input end and outputting the two split optical beams by the first/second output end. As an example, the input end of the beam splitting unit may be optically connected to the second output end of the optical switch, the first output end of the beam splitting unit may be optically connected to the Eve terminal, and the second output end of the beam splitting unit may be connected to the second input end of the beam splitting unit via the second optical path B. The beam splitting unit may be a Beam Splitter (BS) or a clamp, as shown in fig. 1, as examples. The skilled person knows that the clamp can split the optical signal in the optical fiber by destroying the total reflection effect of the optical fiber without destroying the optical fiber.
Under the structure, a single photon signal is emitted from an Alice end and enters two paths, namely a first light path A and a second light path B, through an optical switch. When the optical switch is connected with the first optical path A, the single-photon signal emitted by Alice is directly input to the Bob end to demonstrate the state of not being intercepted. When the optical switch is switched on the second optical path B, the single-photon signal emitted by the Alice terminal propagates towards the Eve/Bob terminal under the action of the beam splitting unit so as to demonstrate the eavesdropping state. It should be noted that due to the characteristic of single-photon indivisible property, it is impossible for the same single-photon signal from Alice to be detected by Bob and Eve simultaneously, so that the single-photon signal used in the quantum key distribution system is proved.
Fig. 2 shows an exemplary embodiment of a demonstration system for quantum key distribution device quantum channel eavesdropping attack, which is used for specifically explaining the structures of a control end and a demonstration end. As shown in fig. 2, a clock source may be disposed in the control end, and outputs clock signals to the Alice end, the Bob end, and the Eve end, so that the clocks of the three ends are synchronized.
The Alice end generates and outputs single photon signals, and the single photon signals enter two paths, namely a first light path A and a second light path B, through the optical switch. When the optical switch is switched on the first optical path a, the single-photon signal emitted by Alice is directly input to Bob via the beam combining unit (e.g., BS). At Bob end, the input single photon signal is detected and a corresponding electrical signal is output. The detection electric signal output by the Bob terminal is then input to the control terminal. In the control end of the present invention, a first discriminator may be preferably provided to discriminate and shape the input detection electrical signal, and then input the shaped effective electrical signal to a first counter for counting, thereby recording the number of signals used in communication (not subject to eavesdropping).
When the optical switch is switched on the second optical path B, the single photon signal emitted by Alice end enters the second optical path B, so as to reach the beam splitting unit (e.g. a clamp). Due to the non-divisible property of the single photon signal, the single photon signal directly enters the Eve end through the first output end of the beam splitting unit or enters the Bob end through the second output end of the beam splitting unit and the second input end and the output end of the beam combining unit according to a certain probability.
When the single-photon signals enter the Eve end, the Eve end detects the input single-photon signals and outputs corresponding electric signals. The detection electric signal output by the Eve terminal is then input to the control terminal. Similarly, a second discriminator may be preferably arranged in the control end of the present invention to discriminate and shape the input detection electrical signal, and then input the shaped effective electrical signal to a second counter for counting, thereby recording the number of signals which are not used for communication (subject to eavesdropping).
The control end of the invention is also provided with a signal delay regulator which is used for enabling the detection electric signal output by the Bob end and the detection electric signal output by the Eve end to simultaneously reach the coincidence gate unit in one period. As an example, a signal delay adjuster can be provided between the second discriminator and the coincidence gate unit. The coincidence gate unit carries out AND gate operation on the input electric signals, namely two paths of signals are input simultaneously, and an effective electric signal is output. The valid electrical signals output by the coincidence gate unit are input into a third counter for counting, so that the number of signals used for communication (and subjected to wiretapping) is recorded.
The three counting results from the three counters are input to the control unit for processing and storage.
The demonstration end comprises an input interface and a display interface. The input interface allows a user to input instructions to determine whether the system is operating in a normal mode or a tapping mode, for example, by controlling the optical switch via the control terminal. The display interface is used for system state demonstration, for example, the non-eavesdropping property of quantum communication is displayed according to counting results of the three counters.
In the invention, in order to ensure the accuracy of the delay adjustment of the signal delay adjuster, the control end is set to enable the Alice end to have two working modes, namely a low-frequency strong light emission mode and a high-frequency single photon emission mode.
The low-frequency strong light emission mode is used for debugging working conditions, and can have a light emission frequency of 10kHz and an average photon number per pulse of 10. In this mode, the required delay values can be found correctly, since the line delay error cannot be larger than one transmission period (e.g. 10kHz frequency for 100us time interval, which corresponds to 10000 meters of cable length). The high-frequency single photon emission mode is used under the working condition, and can have the light-emitting frequency of 40MHz and the average photon number per pulse is 0.5. Under the mode, the single photon inseparable characteristic can be demonstrated, the counting rate per second is kept at a high level, and a good demonstration effect is kept.
By means of the demonstration system, the problem of demonstrating the single photon inseparable characteristic of the quantum key distribution system is solved. The quantum key distribution system is subjected to beam splitting attack through the beam splitting unit, counting statistics is carried out by combining the coincidence gate unit, and the fact that single photon signals of effective codes between Alice and Bob cannot be acquired by Eve is visually shown, namely, effective detection electric signals cannot be generated at the Bob end and the Eve end simultaneously in one period, and the quantum key distribution system has remarkable significance for technical popularization and application and popularization.
The above description is not intended to limit the present invention, and the present invention is not limited to the above examples, and the above alternatives may be used in combination with each other without contradiction. Those skilled in the art will also appreciate that various modifications, additions and substitutions are possible, without departing from the scope and spirit of the invention as disclosed in the accompanying claims.
Claims (10)
1. A demonstration system for quantum key distribution equipment quantum channel eavesdropping attack comprises a quantum key distribution transmitting end Alice, a quantum key distribution eavesdropping end Eve, a quantum key distribution detecting end Bob, a transmission light path, a control end and a demonstration end, wherein:
the Alice terminal is set to be capable of outputting single-photon signals;
the Eve end and the Bob end are set to be capable of detecting the single-photon signal and outputting a detection electric signal;
the transmission optical path is set to realize the optical path connection between the Alice end and the Bob end or the optical path connection between the Alice end and the Eve end according to the control signal provided by the control end; and
the demonstration end is set to demonstrate the quantum channel eavesdropping attack according to the detection result of the Bob end and/or the Eve end.
2. The presentation system as claimed in claim 1, wherein the transmission optical path comprises an optical switch, a first optical path a, a second optical path B, a beam splitting unit and a beam combining unit; the optical switch is set to switch the light path connection between the Alice end and the first light path A or the second light path B according to the control signal; the beam combining unit is arranged to combine and output the optical signals input through the first optical path A and the second optical path B; the beam splitting unit is configured to split and output the optical signal input through the second optical path B.
3. The demonstration system according to claim 2, wherein the Alice terminal is connected to the Bob terminal via the first optical path a and the beam combining unit; the Alice end is connected with the Eve end through the second light path B and the beam splitting unit, and is connected with the Bob end through the second light path B, the beam splitting unit and the beam combining unit.
4. The presentation system as claimed in claim 2 or 3, wherein the beam combining unit is a beam splitter; and/or the beam splitting unit is a beam splitter or a clamp.
5. The presentation system as claimed in claim 1, wherein the control terminal comprises a first counter and a second counter; the first counter is used for counting the detection electric signals output by the Bob end, and the second counter is used for counting the detection electric signals output by the Eve end.
6. The presentation system as claimed in claim 5, wherein the control terminal further comprises a third counter, a signal delay adjuster and a coincidence gate unit, the signal delay adjuster being configured such that the probing electrical signal output by the Bob terminal and the probing electrical signal output by the Eve terminal arrive at the coincidence gate unit simultaneously during one cycle; the coincidence gate unit is arranged to perform an AND gate operation on the detection electric signal output by the Bob terminal and the detection electric signal output by the Eve terminal; and the third counter is used for counting the valid electric signals output by the coincidence gate unit.
7. The presentation system as claimed in claim 5, wherein said control terminal further comprises a clock source for outputting synchronous clock signals to said Alice terminal, said Bob terminal and said Eve terminal.
8. The presentation system as claimed in claim 5, wherein the control terminal further comprises a discriminator for discriminating and shaping the detection electrical signal output by the Bob terminal and/or the detection electrical signal output by the Eve terminal.
9. The presentation system of any one of claims 1, 5-8, wherein the Alice end has a low frequency high light emission mode and a high frequency single photon emission mode and is configured to be switchable between the low frequency high light emission mode and the high frequency single photon emission mode based on control of the control end.
10. The presentation system as claimed in claim 1, wherein said presentation side comprises an input interface allowing a user to input instructions to determine whether said presentation system is operating in a normal mode or in a eavesdropping mode, and a display interface for system status presentation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811549300.XA CN111342953A (en) | 2018-12-18 | 2018-12-18 | Demonstration system for quantum channel eavesdropping attack of quantum key distribution equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811549300.XA CN111342953A (en) | 2018-12-18 | 2018-12-18 | Demonstration system for quantum channel eavesdropping attack of quantum key distribution equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111342953A true CN111342953A (en) | 2020-06-26 |
Family
ID=71186751
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811549300.XA Pending CN111342953A (en) | 2018-12-18 | 2018-12-18 | Demonstration system for quantum channel eavesdropping attack of quantum key distribution equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111342953A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114614978A (en) * | 2020-12-08 | 2022-06-10 | 科大国盾量子技术股份有限公司 | Demonstration system for attack and defense of various quantum communication |
| CN114614977A (en) * | 2020-12-08 | 2022-06-10 | 科大国盾量子技术股份有限公司 | Quantum communication attack and defense demonstration system based on seed light injection attack |
| CN114629561A (en) * | 2020-12-08 | 2022-06-14 | 科大国盾量子技术股份有限公司 | Control system for realizing attack and defense demonstration of various quantum communication |
| CN116614230A (en) * | 2023-07-20 | 2023-08-18 | 合肥量芯科技有限公司 | Pseudo-state attack demonstration system for introducing detection efficiency mismatch loopholes |
-
2018
- 2018-12-18 CN CN201811549300.XA patent/CN111342953A/en active Pending
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114614978A (en) * | 2020-12-08 | 2022-06-10 | 科大国盾量子技术股份有限公司 | Demonstration system for attack and defense of various quantum communication |
| CN114614977A (en) * | 2020-12-08 | 2022-06-10 | 科大国盾量子技术股份有限公司 | Quantum communication attack and defense demonstration system based on seed light injection attack |
| CN114629561A (en) * | 2020-12-08 | 2022-06-14 | 科大国盾量子技术股份有限公司 | Control system for realizing attack and defense demonstration of various quantum communication |
| CN114614977B (en) * | 2020-12-08 | 2024-05-03 | 科大国盾量子技术股份有限公司 | Quantum communication attack and defense demonstration system based on seed light injection attack |
| CN116614230A (en) * | 2023-07-20 | 2023-08-18 | 合肥量芯科技有限公司 | Pseudo-state attack demonstration system for introducing detection efficiency mismatch loopholes |
| CN116614230B (en) * | 2023-07-20 | 2023-09-19 | 合肥量芯科技有限公司 | Pseudo-state attack demonstration system for introducing detection efficiency mismatch loopholes |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111342953A (en) | Demonstration system for quantum channel eavesdropping attack of quantum key distribution equipment | |
| US11411723B2 (en) | Apparatus and method for quantum enhanced physical layer security | |
| JP6303034B2 (en) | Communication system and method | |
| Donaldson et al. | Experimental demonstration of kilometer-range quantum digital signatures | |
| Gerhardt et al. | Experimentally faking the violation of Bell’s inequalities | |
| US8189966B2 (en) | QKD arrangement | |
| JP3829602B2 (en) | Encryption key distribution device | |
| EP2949072B1 (en) | Quantum cryptographic key distribution system including two peripheral devices and an optical source | |
| EP2670642B1 (en) | Quantum key distribution | |
| Pljonkin | Vulnerability of the synchronization process in the quantum key distribution system | |
| US20070116286A1 (en) | quantum communication system | |
| US10523429B2 (en) | Method and device for synchronizing quantum data start points in quantum key distribution system | |
| WO2006074151A2 (en) | Secure use of a single single-photon detector in a qkd system | |
| US9584319B2 (en) | Optical receiving device in optical communication system, control method and device of photon detector, and dark count evaluation method of photon detector | |
| WO2006130300A2 (en) | Systems and methods of enhancing qkd security using a heralded photon source | |
| EP4047861A1 (en) | Method and system for quantum key distribution | |
| CN209419638U (en) | Demo system for the eavesdropping attack of quantum key distribution equipment quantum channel | |
| JP2005268958A (en) | Quantum cipher communication device | |
| JP4746588B2 (en) | Quantum cryptographic communication device and quantum cryptographic communication method | |
| JP4358829B2 (en) | QKD system watchdog detector | |
| Sharma et al. | Mitigating the source-side channel vulnerability by characterisation of photon statistics | |
| JP2003037594A (en) | Optical signal transmitter, and system and method for optical signal transmission | |
| CN110726483B (en) | Device and method for resisting avalanche transition region attack | |
| JP2013198094A (en) | Single photon detector with detecting function for bright illumination attack | |
| Jacak et al. | Quantum cryptography: Theoretical protocols for quantum key distribution and tests of selected commercial qkd systems in commercial fiber networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |