CN111385090B - Key distribution method and system based on multi-key combination quantum key relay - Google Patents

Key distribution method and system based on multi-key combination quantum key relay Download PDF

Info

Publication number
CN111385090B
CN111385090B CN201811631538.7A CN201811631538A CN111385090B CN 111385090 B CN111385090 B CN 111385090B CN 201811631538 A CN201811631538 A CN 201811631538A CN 111385090 B CN111385090 B CN 111385090B
Authority
CN
China
Prior art keywords
key
quantum
keys
node
final
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811631538.7A
Other languages
Chinese (zh)
Other versions
CN111385090A (en
Inventor
赵梅生
刘春华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Institute Of Quantum Science And Technology Co ltd
Original Assignee
Shandong Institute Of Quantum Science And Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Institute Of Quantum Science And Technology Co ltd filed Critical Shandong Institute Of Quantum Science And Technology Co ltd
Priority to CN201811631538.7A priority Critical patent/CN111385090B/en
Publication of CN111385090A publication Critical patent/CN111385090A/en
Application granted granted Critical
Publication of CN111385090B publication Critical patent/CN111385090B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • H04L9/0855Quantum cryptography involving additional nodes, e.g. quantum relays, repeaters, intermediate nodes or remote nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Optical Communication System (AREA)
  • Complex Calculations (AREA)

Abstract

The invention discloses a key distribution method and a system thereof based on multi-key combination quantum key relay, wherein the method comprises the following steps: the source node and the destination node sequentially share the quantum keys through the relay node according to the key distribution sequence; after the quantum key is shared each time, the source node and the destination node respectively calculate a final key by adopting the same algorithm, wherein the final key is obtained by performing at least one round of combined calculation according to the quantum key distributed historically. The invention improves the security of key distribution by the combined calculation of a plurality of keys.

Description

Key distribution method and system based on multi-key combination quantum key relay
Technical Field
The invention belongs to the technical field of quantum communication, and particularly relates to a key distribution method and a key distribution system based on multi-key combination quantum key relay.
Background
Along with the development of network information, the network affects various aspects of people's life, the requirement for security is higher and higher, the requirement for confidentiality of people on network activities is higher and higher, the encryption or authentication technology of service data ensures the requirement for confidentiality of data and some related data of people in network activities, and the security and confidentiality of the network are ensured. The quantum communication brings revolutionary development to information security because of the characteristics of unconditional security, high efficiency and the like, and is the main research direction of data secret transmission at present.
With the increasing construction of quantum communication networks at present, the networks are larger and larger, and two quantum key management devices which are separated by thousands of kilometers need to generate a shared symmetric key through a key relay service. The basic idea of traditional key relay is to encrypt and decrypt a relay key by using a quantum key shared between adjacent nodes, so as to realize encryption and relay of the relay key between one or more relay nodes, and finally reach a target user.
It is worth noting that because the relay key exists in the relay node in the clear, any node participating in the key relay knows the content of the secret communication (i.e. the relay key), i.e. its security is relative, provided that all relay nodes must be trusted; therefore, such a node is called a Trusted Relay (Trusted Relay) node. When the quantum key is transmitted in a relay way among a plurality of credible relays, the quantum key is in an encrypted state on a channel, and when the quantum key is at a credible relay end, the quantum key usually exists in a plaintext. If the trusted relay device has security flaws in the real-world operation process, the quantum key exists in the trusted relay end in the clear text form, an attacker steals the key transmitted on the quantum key, the trusted relay becomes no longer 'trusted', and the key for secret communication is in danger of being stolen.
In order to solve the security problem of the above trusted relay, some solutions are proposed in the prior art, such as patent solution "quantum key distribution system, method and apparatus based on trusted relay" (application number: 201510009615.5), where multiple paths for relaying keys are constructed between a source node and a destination node through a routing device, and then the keys can be passed through multiple paths and recombined in a negotiation manner, so that the keys are secure as long as all nodes on one path are not breached. However, the following problems exist in the method of constructing multiple relay paths to avoid the insecurity of the intermediate node:
firstly, the cost is high, and a plurality of routing devices are needed to build more than one transmission path between a source node and a destination node;
secondly, the anti-attack capability is insufficient, and as long as one node on one path is attacked, the information transmitted on the whole path is unsafe immediately afterwards. In other words, if there are two paths in the whole system, the attacker only needs to take the next node in the two paths, which is equivalent to taking the two paths, and although this method is a little better than the previous method in which the attacker only needs to take the next node, the improvement of the security is still limited.
Therefore, how to improve the safety redundancy at the trusted relay end without increasing the hardware quantity and the cost in the quantum key relay process so that the communication safety of data can be still ensured even if some keys are stolen in the relay process is a technical problem which needs to be urgently solved by technical personnel in the field.
Disclosure of Invention
In order to solve the problems, the invention provides a key distribution method and a key distribution system based on multi-key combination quantum key relay, which effectively realize the improvement of the safety redundancy at a credible relay end under the condition of not improving the quantity and the cost of hardware by the combined calculation of a plurality of keys in the key distribution process, so that the communication safety of data can be still ensured even if some keys are stolen in the relay process.
The invention provides a key distribution method based on multi-key combination quantum key relay.
In order to achieve the purpose, the invention adopts the following technical scheme:
a key distribution method based on multi-key combination quantum key relay comprises the following steps:
the source node and the destination node sequentially share the quantum key through the relay node according to the key distribution sequence;
after the quantum key is shared each time, the source node and the destination node respectively calculate a final key by adopting the same algorithm, wherein the final key is obtained by performing at least one round of combined calculation according to the quantum key distributed historically.
As a further preferred scheme, the specific step of sharing the quantum key by the source node and the destination node through the relay node includes:
the source node encrypts the quantum key distributed at this time by using the shared key between the source node and the relay node, and distributes the encrypted quantum key to the relay node for decryption to obtain the quantum key;
the relay node encrypts the quantum key by using a shared key between the relay node and the next node, distributes the encrypted quantum key to the next node for decryption to obtain the quantum key, and repeats the steps until the relay node is a destination node;
the destination node obtains the quantum key, and the quantum key is shared by the source node and the destination node.
As a further preferred scheme, the specific step of calculating the final key includes:
after sharing the quantum key each time, the source node and the destination node respectively calculate at least one layer of intermediate key by adopting the same algorithm, wherein the intermediate key is obtained by performing at least one round of combined calculation according to the quantum key distributed historically and/or the historical intermediate key;
and the source node and the destination node respectively calculate final keys by adopting the same algorithm, and the final keys are obtained by performing at least one round of combined calculation according to the historical intermediate keys and/or the historical final keys.
As a further preferred solution, the intermediate key and the final key are calculated by using a one-way function.
As a further preferable scheme, the one-way function includes a hash operation function and a one-way trapdoor function.
As a further preferable scheme, the intermediate key is obtained by performing at least one round of combined calculation according to a quantum key distributed historically and/or a historical intermediate key, and includes:
and when the intermediate key is of one layer, performing at least one round of combined calculation according to the quantum key distributed in the current round and all the quantum keys distributed in the history of the quantum keys according to the distribution sequence.
As a further preferable scheme, when the intermediate key is expanded from one layer to two or more layers, the intermediate key of the next layer is obtained by performing at least one round of combined calculation according to the calculation sequence of the intermediate key calculated in the current round of the previous layer and all the intermediate keys calculated in the history of the previous layer.
As a further preferred solution, the quantum terminals of the source node and the destination node store history distribution all quantum keys for calculating the intermediate key.
As a further preferable scheme, the intermediate key is obtained by performing at least one round of combined calculation according to the historically distributed quantum key and/or the historically distributed intermediate key, and includes:
and when the intermediate key is a layer, performing at least one round of combined calculation according to the quantum key distributed in the round and the historical intermediate key calculated in the previous round.
As a further preferable scheme, when the intermediate key is expanded from one layer to two or more layers, the intermediate key of the next layer is obtained by performing at least one round of combined calculation based on the quantum key distributed in the current round of the previous layer and the historical intermediate key calculated in the previous round.
As a further preferable scheme, the quantum terminals of the source node and the destination node store historical intermediate keys calculated in the previous round for calculating the intermediate keys.
As a further preferred scheme, the quantum terminals of the source node and the destination node store the intermediate key of the current round and replace the historical intermediate key calculated in the previous round.
As a further preferred scheme, the final key is obtained by performing at least one round of combined calculation according to the historical intermediate key and/or the historical final key, and includes:
and when the intermediate key is of one layer, performing at least one round of combined calculation according to the calculation sequence of the intermediate key calculated in the current round and all the intermediate keys calculated in the history of the intermediate key.
As a further preferred scheme, when the intermediate key is expanded from one layer to two or more layers, the final key is obtained by performing at least one round of combined calculation according to the calculation sequence of the intermediate key calculated in the current round of the last layer and all the intermediate keys calculated in the history of the last layer.
As a further preferred solution, the quantum terminals of the source node and the destination node store all intermediate keys of historical computation for computing final keys.
As a further preferred scheme, the quantum terminals of the source node and the destination node store history distribution all quantum keys for calculating the intermediate key and the final key.
As a further preferable scheme, the final key is obtained by performing at least one round of combined calculation according to the historical intermediate key and/or the historical final key, and includes:
and when the intermediate key is of one layer, performing at least one round of combined calculation according to the intermediate key calculated in the current round and the historical final key calculated in the previous round.
As a further preferable scheme, when the intermediate key is expanded from one layer to two or more layers, the final key is obtained by performing at least one round of combined calculation based on the intermediate key calculated in the current round of the last layer and the historical final key calculated in the previous round.
As a further preferred scheme, the quantum terminals of the source node and the destination node store the historical final key calculated in the previous round for calculating the final key.
As a further preferred scheme, the quantum terminals of the source node and the destination node store the final key of the current round and replace the historical final key calculated in the previous round.
As a further preferred solution, the quantum terminals of the source node and the destination node store a certain number of historically distributed quantum keys, historically computed intermediate keys, and final keys, and the stored number is adjusted according to the computed intermediate keys and/or final keys.
As a further preferable scheme, the combination includes any one or more of splicing, exclusive or, staggered exclusive or and staggered splicing.
As a further preferred approach, when the combination is a linear operation, the one-way function is a function having a non-linear property.
As a further preferred scheme, when the secure data transmission is performed between the source node and the destination node through the final key, a certain number of final keys calculated first according to the calculation order are discarded and are not used for actual communication.
As a further preferable scheme, if an eavesdropper successfully acquires a key with a probability not higher than a certain value epsilon at each key distribution, the threshold δ, the positive integers N and k are preset, and the following conditions are satisfied:
Figure BDA0001929111400000051
in calculating the intermediate keys, no more than N historical keys are used.
As a further preferred scheme, when calculating the intermediate key, the used historical keys do not exceed N, and the specific steps include:
when the accumulated number of the used historical keys reaches k when the ith intermediate key is calculated by the sub terminal node, the currently distributed quantum key is used as an initial key, the (i + 1) th intermediate key is calculated, and meanwhile, the continuous calculation of the ith intermediate key is not stopped; until the accumulation of the historical keys used for calculating the 1 st intermediate key reaches N, subtracting one from the serial numbers of all the intermediate keys, discarding the original 1 st intermediate key, and calculating a final key by using a new 1 st intermediate key; and i is a positive integer.
As a further preferred embodiment of the method,
the second purpose of the invention is to provide a key distribution system based on multi-key combination quantum key relay.
In order to achieve the purpose, the invention adopts the following technical scheme:
a key distribution system based on multi-key combination quantum key relay is based on any one of the key distribution methods based on multi-key combination quantum key relay.
The invention has the beneficial effects that:
1. according to the invention, through the combined calculation of a plurality of shared keys among quantum terminals, the generation process of each final key specifically used for data secret transmission among quantum terminal nodes is related to all shared keys among the quantum terminal nodes, that is, even if careless mistakes occur in the actual operation of the credible relay node, as long as an attacker does not take all distributed quantum keys, and even if only one key does not take, the data encrypted by the final key cannot be threatened substantially, so that the security of the data in quantum secret communication is further improved.
2. The key distribution method based on multi-key combination quantum key relay is low in cost, and compared with the thought of 'exchanging safety by space' (increasing paths) in a multi-relay path scheme, the thought of the scheme is 'exchanging safety by time', and extra path hardware cost is not required to be increased.
3. The invention relates to a secret key score based on multi-secret key combination quantum secret key relayThe method is high in safety, and unless the relay node is broken through by an attacker (which is difficult to happen in reality) before the relay node is put into first distribution after formal operation (the quantum terminal A distributes the shared key to the quantum terminal B for the first time through the relay node R), even if the relay node R is broken through by the attacker in the ith transmission, the relay node R only obtains k i And subsequent relay keys, but k is missing i The previous key results in that it still cannot calculate the final key used for secure communication. Therefore, even if a relay node is broken by an attacker, it is still secure to relay a key using this relay node.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this application, are included to provide a further understanding of the application, and the description of the exemplary embodiments and illustrations of the application are intended to explain the application and are not intended to limit the application.
Fig. 1 is a schematic diagram of key distribution according to the present invention.
Detailed Description
It should be noted that the following detailed description is exemplary and is intended to provide further explanation of the disclosure. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments according to the present application. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.
The quantum terminal node referred to in the present invention refers to a logical node having functions of quantum key storage, encryption and decryption, key distribution, etc., and including one or more physical devices. It may also be referred to as quantum terminal, terminal node, node for short.
Practice ofExample 1
Fig. 1 is a flowchart of a key distribution method based on multi-key quantum key combination relay according to embodiment 1 of the present invention, where in this embodiment, there is one layer of intermediate keys, as shown in fig. 1, including the following steps:
s1: quantum terminal node A as source node and quantum terminal node B as destination node carry out quantum key k through relay node R 1 Sharing of (2);
in this embodiment, the step S1 specifically includes the following steps:
s11: quantum terminal node A as source node sends quantum key k 1 Encrypting the shared secret key between the quantum terminal node A and the relay node R to obtain k 1 (A-R) and sending the data to the relay node R;
s12: the relay node R receives the encrypted key k sent by the quantum terminal node A as the source node 1 (A-R), decrypting it to give k 1 Quantum key k 1 Encrypting by using a shared secret key between a relay node R and a quantum terminal node B as a destination node to obtain k 1 (R-B) and sending the quantum terminal node B;
s13: the quantum terminal node B receives the encrypted key k sent by the relay node R 1 (R-B), decrypting it to give k 1 Completing the quantum key k between the quantum terminal node A as the source node and the quantum terminal node B as the destination node 1 To share.
In S1 of this embodiment, a quantum terminal node a as a source node and a quantum terminal node B as a destination node store a shared quantum key k respectively 1 . Wherein k1 (A-R), k 1 (R-B) represents that the key is a shared key between two nodes before and after the symbol, k1 (A-R) represents the shared key between the quantum terminal node A and the relay node R, and k 1 (R-B) denotes a shared key between the relay node R and the quantum terminal node B.
S2: quantum terminal node A as source node calculates intermediate key k in turn 1 ' and final key k 1 ", the intermediate key k 1 ' root ofAccording to quantum key k 1 Calculated by using hash function, k 1 '=H 1 (k 1 ) (ii) a Wherein H 1 Is a hash operation function; the final key k 1 According to the intermediate key k 1 ' calculation by hash function, k 1 "=H 2 (k 1 ') wherein, H 2 Is a hash operation function;
in S2 of the present embodiment, the quantum terminal node a as the source node stores the shared intermediate key k 1 '。
S3: simultaneously with the calculation in step S2, the quantum terminal node B as the destination node also calculates the intermediate key k in turn 1 ' and final key k 1 ", the intermediate key k 1 According to quantum key k 1 Calculated by using hash function, k 1 '=H 1 (k 1 ) (ii) a Wherein H 1 Is a hash operation function; the final key k 1 "according to the intermediate key k 1 ' calculation by Hash operation function, k 1 "=H 2 (k 1 ') wherein H 2 A hash operation function is taken;
in S3 of the present embodiment, the quantum terminal node B as the destination node stores the shared intermediate key k 1 '。
S4: according to the key sharing method of the step S1, the quantum terminal node A as the source node and the quantum terminal node B as the destination node continue to carry out the quantum key k through the relay node R 2 Sharing of (2);
in S4 of this embodiment, the quantum terminal node a as the source node and the quantum terminal node B as the destination node store the shared quantum key k respectively 2
S5: quantum terminal node A as source node calculates intermediate key k in turn 2 ' and final key k 2 ", the intermediate key k 2 ' from quantum key k 1 And quantum key k 2 Calculated by using hash function, k 2 '=H 1 (k 1 +k 2 ) (ii) a Wherein H 1 As a function of a hash operation, quantum key k 1 And quantum key k 2 Symbol of (2)The sign "+" indicates that the keys are arranged in order to put the quantum key k 1 And quantum key k 2 Splicing is carried out; the final key k 2 According to the intermediate key k 1 ' and intermediate Key k 2 ' calculation by Hash operation function, k 2 "=H 2 (k 1 '+k 2 ') wherein H 2 As a function of a hash operation, intermediate key k 1 ' and intermediate Key k 2 The sign between '+' indicates that the keys are sequentially put into the intermediate key k 1 ' and intermediate Key k 2 ' splicing;
in S5 of the present embodiment, the quantum terminal node a as the source node stores the shared intermediate key k 2 '。
S6: simultaneously with the calculation in step S5, the quantum terminal node B as the destination node also calculates the intermediate key k in turn 2 ' and final key k 2 ", the intermediate key k 2 According to quantum key k 1 And quantum key k 2 Calculated by using hash function, k 2 '=H 1 (k 1 +k 2 ) (ii) a Wherein H 1 As a function of a hash operation, quantum key k 1 And quantum key k 2 The symbol "+" in between indicates that the keys are arranged in order to put the quantum key k 1 And quantum key k 2 Splicing is carried out; the final key k 2 "according to the intermediate key k 1 ' and intermediate Key k 2 ' calculation by hash function, k 2 "=H 2 (k 1 '+k 2 ') wherein H 2 As a function of a hash operation, intermediate key k 1 ' and intermediate Key k 2 The sign between '+' indicates that the keys are arranged in order to give the intermediate key k 1 ' and intermediate Key k 2 ' splicing;
in S6 of the present embodiment, the quantum terminal node B as the destination node stores the shared intermediate key k 2 '。
S7: according to the key sharing method of the step S1, the quantum terminal node A as the source node and the quantum terminal node B as the destination node continue to share the quantum key k through the relay node R 3 、k 4 ……k m
In S7 of this embodiment, the quantum terminal node a as the source node and the quantum terminal node B as the destination node store the shared quantum key k respectively 3 、k 4 ……k m-1
S8: according to the step S2 or S4, the quantum terminal node A as the source node and the quantum terminal node B as the destination node share one quantum key k each time m Sequentially calculating intermediate keys k by quantum terminal nodes A serving as source nodes m ' and final key k m ";
The intermediate key k m According to the shared quantum key k m All quantum keys k shared with it before 1
Figure BDA0001929111400000081
k 2 ……k m-1 Calculating by adopting a hash operation function:
wherein H 1 The sign between the quantum keys is a hash operation function, and the sign '+' between the quantum keys indicates that the quantum keys are spliced according to the sequence of the keys; the sigma symbol represents that a plurality of quantum keys are spliced one by one in sequence;
the final key k m According to the intermediate key k m ' intermediate secret with all quantum keys shared before it
Figure BDA0001929111400000091
Key k 1 '、k 2 '……k m-1 ' calculation using a hash operation function:
wherein H 2 The sign between the intermediate keys is a hash operation function, and the "+" represents that the intermediate keys are spliced according to the sequence; the sigma symbol represents that a plurality of intermediate keys are spliced one by one in sequence;
in S8 of the present embodiment, the quantum terminal node a as the source node stores the shared intermediate key k 3 '、k 4 '……k m-1 '。
S9: simultaneously with the calculation in step S7, quantum terminal node a as source node and quantum terminal node B as destination node share one quantum key k each time according to step S3 or S5 m The quantum terminal node B as the destination node calculates the intermediate key k in turn m ' and final key k m ";
The intermediate key k m According to the shared quantum key k m All quantum keys k shared with it before 1
Figure BDA0001929111400000092
k 2 ……k m-1 Calculating by adopting a hash operation function:
wherein H 1 The sign between the quantum keys is a hash operation function, and the sign '+' between the quantum keys indicates that the quantum keys are spliced according to the sequence of the keys; the sigma symbol represents that a plurality of quantum keys are spliced one by one in sequence;
the final key k m "according to the intermediate key k m ' intermediate secret with all quantum keys shared before it
Figure BDA0001929111400000093
Key k 1 '、k 2 '……k m-1 ' computing using a hash operation function:
wherein H 2 The sign between the intermediate keys is a hash operation function, and the sign '+' between the intermediate keys indicates that the intermediate keys are spliced according to the sequence of the keys; the sigma symbol represents that a plurality of intermediate keys are spliced one by one in sequence;
in S9 of the present embodiment, the quantum terminal node B as the destination node stores the shared intermediate key k 3 '、k 4 '……k m-1 '。
It should be noted that, in this embodiment, the hash operation function may be replaced by any one-way function, such as a one-way trapdoor function.
Example 2
Embodiment 1 calculation of intermediate key and final key requires that quantum terminal node a as source node and quantum terminal node B as destination node store shared quantum key k separately 1 To k m-1 And the calculated intermediate key k 1 To k m-1 ' to save the storage space of the quantum terminal, the present invention makes a further improvement on the basis of embodiment 1.
On the basis of example 1, the following modifications were made:
1. intermediate key k m ' the calculation mode is changed to k m '=H 1 (k m +k m-1 ');
2. Final Key k m "the calculation mode is changed to k m "=H 2 (k m '+k m-1 ")。
In this embodiment, if only considered from a computational point of view, in order to calculate a new intermediate key k m ', the quantum terminal only needs to store k m-1 ' i.e. k can be shared with new m The results are computed together without necessarily requiring the storage of previously shared k 1 To k m-1 And k obtained by calculation m-2 ' previous intermediate key; similarly, to calculate a new final key k m ", the quantum terminal only needs to store k obtained by the previous round of calculation m-1 "can be compared with newly calculated k m ' the results are calculated together without necessarily requiring the storage of the intermediate key k previously calculated 1 ' to k m-1 ' and k is calculated m-2 "previous final key.
The key distribution method based on multi-key combination quantum key relay provided by the embodiment 2 of the invention comprises the following steps:
s1: quantum terminal node A as source node and quantum terminal node B as destination node carry out quantum key k through relay node R 1 Sharing of (2);
in this embodiment, the step S1 specifically includes the following steps:
s11: quantum terminal node A as source node sends quantum key k 1 Encrypting the shared secret key between the quantum terminal node A and the relay node R to obtain k 1 (A-R), and sending to the relay node R;
s12: the relay node R receives the encrypted secret key k sent by the quantum terminal node A as the source node 1 (A-R), decrypting it to give k 1 Quantum key k 1 Encrypting by using a shared secret key between a relay node R and a quantum terminal node B as a destination node to obtain k 1 (R-B) and sending the quantum terminal node B;
s13: the quantum terminal node B receives the encrypted key k sent by the relay node R 1 (R-B), decrypting it to give k 1 Completing the quantum key k between the quantum terminal node A as the source node and the quantum terminal node B as the destination node 1 To share.
S2: quantum terminal node A as source node calculates intermediate key k in turn 1 ' and final Key k 1 ", the intermediate key k 1 ' Quantum Key k according to this sharing 1 Calculated by using hash operation function, k 1 '=H 1 (k 1 ) (ii) a Wherein H 1 Is a hash operation function; the final key k 1 According to the intermediate key k 1 ' calculation by hash function, k 1 "=H 2 (k 1 ') wherein H 2 Is a hash operation function;
in S2 of the present embodiment, the quantum terminal node a as the source node stores the shared intermediate key k 1 ' and final Key k 1 "。
S3: simultaneously with the calculation in step S2, the quantum terminal node B as the destination node also calculates the intermediate key k in turn 1 ' and final key k 1 ", the intermediate key k 1 ' from quantum key k 1 Calculated by using hash operation function, k 1 '=H 1 (k 1 ) (ii) a Wherein H 1 Is a hash operation function; the final key k 1 "according to the intermediate key k 1 ' use hash calculation of an arithmetic function, k 1 "=H 2 (k 1 ') wherein, H 2 Is a hash operation function;
in S3 of the present embodiment, the quantum terminal node B as the destination node stores the shared intermediate key k 1 ' and final Key k 1 "。
S4: according to the key sharing method of the step S1, the quantum terminal node A as the source node and the quantum terminal node B as the destination node continue to carry out the quantum key k through the relay node R 2 Sharing of (2);
s5: quantum terminal node A as source node calculates intermediate key k in turn 2 ' and final key k 2 ", the intermediate key k 2 ' based on intermediate key k stored in quantum terminal 1 ' and quantum key k shared this time 2 Calculated by using hash operation function, k 2 '=H 1 (k 2 +k 1 ') to a host; wherein H 1 As a function of hash operation, intermediate key k 1 ' and Quantum Key k 2 The symbol "+" in between indicates that the keys are arranged in order to put the intermediate key k 1 ' and Quantum Key k 2 Splicing is carried out; the final key k 2 "according to the final key k 1 "and intermediate key k 2 ' calculation by hash function, k 2 "=H 2 (k 2 '+k 1 ") wherein H 2 As a function of the hash operation, the final key k 1 "and intermediate key k 2 The sign "+" between' indicates that the keys are ordered to give the final key k 1 "and intermediate key k 2 ' splicing;
in S5 of the present embodiment, the intermediate key k to be shared 2 ' and final key k 2 "replace the intermediate key k stored in the quantum terminal node a as source node 1 ' and final key k 1 "。
S6: simultaneously with the calculation in step S5, the quantum terminal node B as the destination node also calculates the intermediate key k in turn 2 ' and final key k 2 ", the intermediate key k 2 ' based on an intermediate key k stored in a quantum terminal 1 ' and this time togetherShared quantum key k 2 Calculated by using hash function, k 2 '=H 1 (k 2 +k 1 ') to a host; wherein H 1 As a function of a hash operation, intermediate key k 1 ' and Quantum Key k 2 The symbol "+" in between indicates that the keys are arranged in order to put the intermediate key k 1 ' and Quantum Key k 2 Splicing is carried out; the final key k 2 "according to the final key k 1 "and intermediate key k 2 ' calculation by Hash operation function, k 2 "=H 2 (k 2 '+k 1 ") wherein H is 2 As a function of the hash operation, the final key k 1 "and intermediate key k 2 The sign between '+' indicates that the keys are ordered to give the final key k 1 "and intermediate key k 2 ' splicing;
in S5 of the present embodiment, the intermediate key k to be shared 2 ' and final key k 2 "Replacing the intermediate key k stored in the quantum terminal node B as destination node 1 ' and final key k 1 "。
S7: according to the key sharing method of the step S1, the quantum terminal node A as the source node and the quantum terminal node B as the destination node continue to share the quantum key k through the relay node R 3 、k 4 ……k m
S8: according to the step S2 or S4, the quantum terminal node A as the source node and the quantum terminal node B as the destination node share one quantum key k each time m Sequentially calculating intermediate keys k by quantum terminal nodes A serving as source nodes m ' and final key k m ";
The intermediate key k m According to the shared quantum key k m K stored with quantum terminal m-1 ' calculation using a hash operation function: k is a radical of m '=H 1 (k m +k m-1 '),
Wherein H 1 The sign between quantum keys is a hash operation function, and the "+" represents that the quantum keys are spliced according to the sequence;
the final key k m "according to the middleKey k m ' and the stored final key k obtained in the previous round of calculation m-1 "adopt the calculation of hash arithmetic function: k is a radical of m "=H 2 (k m '+k m-1 "),
Wherein H 2 The sign "+" between the intermediate key and the final key represents that the intermediate key and the final key are spliced according to the sequence by the key as a hash operation function;
in S8 of the present embodiment, the intermediate key k to be shared m ' and final key k m "replacement of the intermediate key k stored in the quantum terminal node B as destination node m-1 ' and final Key k m-1 "。
S9: simultaneously with the calculation in step S7, quantum terminal node a as source node and quantum terminal node B as destination node each newly share one quantum key k according to step S3 or S5 m The quantum terminal node B as the destination node calculates the intermediate key k in turn m ' and final key k m ";
The intermediate key k m According to the shared quantum key k m K stored with quantum terminal m-1 ' calculation using a hash operation function: k is a radical of m '=H 1 (k m +k m-1 '),
Wherein H 1 The sign between quantum keys is a hash operation function, and the "+" represents that the quantum keys are spliced according to the sequence;
the final key k m "according to the intermediate key k m ' and the stored final key k obtained in the previous round of calculation m-1 "adopt the calculation of hash arithmetic function: k is a radical of m "=H 2 (k m '+k m-1 "),
Wherein H 2 The sign "+" between the intermediate key and the final key represents that the intermediate key and the final key are spliced according to the sequence by the key as a hash operation function;
in S9 of the present embodiment, the intermediate key k to be shared m ' and final key k m "replacement of the intermediate key k stored in the quantum terminal node B as destination node m-1 ' and final key k m-1 "。
It should be noted that, in this embodiment, the hash operation function may be replaced by any one-way function, such as a one-way trapdoor function.
In this embodiment, in order to save the storage space of the quantum terminal, the quantum terminal may also adopt another storage mode, and further improvement is made on the basis of embodiment 1:
the quantum terminal of the quantum terminal node A as the source node and the quantum terminal of the quantum terminal node B as the destination node only stores the shared quantum key k 1 To k m Instead of storing the intermediate key and the final key generated all the time, when a new final key needs to be generated, the intermediate key and the final key are obtained by performing temporary iterative calculation according to the formula in the embodiment 1.
In this embodiment, in order to save the storage space of the quantum terminal, the quantum terminal may further adopt another storage mode, and a further improvement is made on the basis of embodiment 1:
technical scheme of quantum terminal in ' saving intermediate key and final key generated in past ' and ' saving shared quantum key k only 1 To k m” The technical scheme of the method is balanced, a certain number of shared keys, intermediate keys and final keys are stored according to actual conditions, but the shared keys, the intermediate keys and the final keys are not stored completely, and the storage number of various keys is based on the fact that the final keys can be obtained through formula temporary iteration.
Example 3
A further improvement is made on the basis of the embodiment 1 or the embodiment 2:
in the formula for calculating the intermediate key or the final key, the combination between two or more keys may be implemented not only by splicing, but also by changing the combination into other combinations, such as exclusive-or operation, staggered splicing operation, and the like.
It should be noted that when the combination is a linear operation, the hash function should preferably be selected to have a non-linear nature.
For example, step S8 in embodiment 1 is modified in this embodiment as follows:
s8: according to step S2 or S4, quantum terminal node a as source node and quantum terminal node B as destination node share one quantum key k each time m Sequentially calculating intermediate keys k by quantum terminal nodes A serving as source nodes m ' and final key k m ";
The intermediate key k m According to the shared quantum key k m All quantum keys k shared with it before 1
Figure BDA0001929111400000141
k 2 ……k m-1 Calculating by adopting a hash operation function:
wherein H 1 The method is a hash operation function, wherein: 'symbol ^ between quantum keys' indicates that the quantum keys are subjected to exclusive or according to the sequence of the keys;
the final key k m "according to the intermediate key k m ' intermediate secret with all quantum keys it has shared before
Figure BDA0001929111400000142
Key k 1 '、k 2 '……k m-1 ' calculation using a hash operation function:
wherein H 2 The symbol [ ] between the intermediate keys indicates that the keys are xor-ed in order, as a function of the hash operation.
For example, step S8 in embodiment 2 is modified in this embodiment as follows:
s8: according to the step S2 or S4, the quantum terminal node A as the source node and the quantum terminal node B as the destination node share one quantum key k each time m Sequentially calculating intermediate keys k by quantum terminal nodes A serving as source nodes m ' and final Key k m ";
In the (A)Inter-key k m According to the shared quantum key k m K stored with quantum terminal m-1 ' calculation using a hash operation function: k is a radical of formula m '=H 1 (k m ⊕k m-1 '),
Wherein H 1 The method is a hash operation function, wherein: 'symbol ^ between quantum keys' indicates that the quantum keys are subjected to exclusive or according to the sequence of the keys;
the final key k m "according to the intermediate key k m ' and the stored final key k obtained in the previous round of calculation m-1 "adopt the calculation of hash arithmetic function: k is a radical of formula m "=H 2 (k m '⊕k m-1 "),
Wherein H 2 The sign [ ] between the intermediate keys indicates that the keys are xor-ed in order, for a hash function.
It should be noted that, when calculating the intermediate key and the final key, the combination manner between the multiple keys may be the same or different, for example, when calculating the intermediate key, the combination manner between the multiple keys uses concatenation, and when calculating the final key, the combination manner between the multiple keys uses exclusive or.
Example 4
On the basis of embodiments 1-3, further, using the same algorithm, the number of levels of intermediate keys can be expanded from one level to two or more levels,
taking example 1 as an example: k can be calculated continuously m "'=H 3 (k 1 "+k 2 "+k 3 "+……+k m "); wherein H 3 A hash operation function is taken;
taking example 2 as an example: k can be obtained by continuous calculation m "'=H 3 (k m "+k m-1 "'); wherein H 3 Is a hash operation function;
at this time, k m "from the final key to the second layer intermediate key, and k m "' is the final key for data security communication.
The embodiment 4 of the present invention provides a secret key distribution method based on multi-key combination quantum key relay based on the embodiment 2, which includes the following steps:
s1: quantum terminal node A as source node and quantum terminal node B as destination node carry out quantum key k through relay node R 1 Sharing of (2);
in this embodiment, the step S1 specifically includes the following steps:
s11: quantum terminal node A as source node sends quantum key k 1 Encrypting the shared secret key between the quantum terminal node A and the relay node R to obtain k 1 (A-R) and sending the data to the relay node R;
s12: the relay node R receives the encrypted key k sent by the quantum terminal node A as the source node 1 (A-R), decrypting it to give k 1 Quantum key k 1 Encrypting by using a shared secret key between a relay node R and a quantum terminal node B as a destination node to obtain k 1 (R-B) and sending the data to a quantum terminal node B;
s13: the quantum terminal node B receives the encrypted key k sent by the relay node R 1 (R-B), decrypting it to give k 1 Completing the quantum key k between the quantum terminal node A as the source node and the quantum terminal node B as the destination node 1 To share.
S2: quantum terminal node A as source node calculates intermediate key k of first layer in sequence 1 ', second layer intermediate key k 1 "and the final key k 1 "', the first layer intermediate key k 1 ' according to the quantum key k shared this time 1 Calculated by using hash operation function, k 1 '=H 1 (k 1 ) (ii) a Wherein H 1 A hash operation function is taken; the second layer intermediate key k 1 "according to the first layer intermediate key k 1 ' calculation by hash function, k 1 "=H 2 (k 1 ') wherein, H 2 Is a hash operation function; the final key k 1 "' based on the second layer intermediate key k 1 "calculation by hash function, k 1 "'=H 3 (k 1 ") wherein H 3 Is a hash operation boxCounting;
in S2 of the present embodiment, the quantum terminal node a as the source node stores the shared first-layer intermediate key k 1 ', second layer intermediate key k 1 "and the final key k 1 "'。
S3: while calculating in step S2, quantum terminal node B as destination node also calculates the intermediate key k of the first layer in turn 1 ', second layer intermediate key k 1 "and final key k 1 "', the first layer intermediate key k 1 ' Quantum Key k according to this sharing 1 Calculated by using hash function, k 1 '=H 1 (k 1 ) (ii) a Wherein H 1 A hash operation function is taken; the second layer intermediate key k 1 "according to the first layer intermediate key k 1 ' calculation by hash function, k 1 "=H 2 (k 1 ') wherein H 2 Is a hash operation function; the final key k 1 "' based on the second layer intermediate key k 1 "calculation by hash function, k 1 "'=H 3 (k 1 ") wherein H is 3 Is a hash operation function;
in S3 of the present embodiment, the quantum terminal node B as the destination node stores the shared first-layer intermediate key k 1 ', second layer intermediate key k 1 "and the final key k 1 "'。
S4: according to the key sharing method of the step S1, the quantum terminal node A as the source node and the quantum terminal node B as the destination node continue to carry out the quantum key k pair through the relay node R 2 Sharing of (2);
s5: quantum terminal node A as source node calculates intermediate key k of first layer in sequence 2 ', second layer intermediate key k 2 "and the final key k 2 "', the first layer intermediate key k 2 ' based on a first layer intermediate key k stored in a quantum terminal 1 ' and quantum key k shared this time 2 Calculated by using hash function, k 2 '=H 1 (k 2 +k 1 ') to a host; wherein H 1 As a function of hash operation, a first layer of intermediate key k 1 ' and Quantum Key k 2 The symbol "+" in between indicates that the keys are arranged in order to put the first layer intermediate key k 1 ' and Quantum Key k 2 Splicing is carried out; the second layer intermediate key k 2 "according to the second layer intermediate key k 1 "and first layer intermediate key k 2 ' calculation by hash function, k 2 "=H 2 (k 1 "+k 2 ') wherein H 2 As a function of hash operation, a second layer intermediate key k 1 "and first layer intermediate key k 2 The symbol "+" between' indicates that the keys are arranged in order to give the second layer intermediate key k 1 "and a first layer intermediate key k 2 ' splicing; the final key k 2 "' based on the final key k 1 "' and a second layer intermediate key k 2 "calculation by hash function, k 2 "'=H 2 (k 1 "'+k 2 ") wherein H is 2 As a function of hash operation, the final key k 1 "' and a second layer intermediate key k 2 The symbol between "+" indicates that the keys are ordered to give the final key k 1 "' and a second layer intermediate key k 2 Splicing;
in S5 of the present embodiment, the first-layer intermediate key k to be shared 2 ', second layer intermediate key k 2 "and the final key k 2 "' replaces the first layer intermediate key k stored in the quantum termination node a as the source node 1 ', second layer intermediate key k 1 "and final key k 1 "'。
S6: at the same time of the calculation in step S5, the quantum terminal node B as the destination node also sequentially calculates the intermediate key k of the first layer 2 ', second layer intermediate key k 2 "and the final key k 2 "', said first layer intermediate key k 2 ' based on a first layer intermediate key k stored in a quantum terminal 1 ' and quantum key k shared this time 2 Calculated by using hash operation function, k 2 '=H 1 (k 2 +k 1 ') to a host; wherein H 1 As a function of the hash operation, a first layer intermediate key k 1 ' and Quantum Key k 2 The symbol "+" in between indicates that the key is orderedFirst layer intermediate key k 1 ' and Quantum Key k 2 Splicing is carried out; the second layer intermediate key k 2 "according to the second layer intermediate key k 1 "and first layer intermediate key k 2 ' calculation by hash function, k 2 "=H 2 (k 1 "+k 2 ') wherein H 2 As a function of the hash operation, a second layer intermediate key k 1 "and a first layer intermediate key k 2 The sign between '+' indicates that the keys are sequentially to put the second layer intermediate key k 1 "and first layer intermediate key k 2 ' splicing; the final key k 2 "' based on the final key k 1 "' and a second layer intermediate key k 2 "calculation by hash function, k 2 "'=H 2 (k 1 "'+k 2 ") wherein H is 2 As a function of the hash operation, the final key k 1 "' and a second layer intermediate key k 2 The symbol between "+" indicates that the keys are ordered to give the final key k 1 "' and a second layer intermediate key k 2 Splicing;
in S6 of the present embodiment, the first-layer intermediate key k to be shared 2 ', second layer intermediate key k 2 "and the final key k 2 ' replace the first layer intermediate key k stored in the quantum terminal node B as destination node 1 ', second layer intermediate key k 1 "and the final key k 1 "'。
S7: according to the key sharing method of the step S1, the quantum terminal node A as the source node and the quantum terminal node B as the destination node continue to share the quantum key k through the relay node R 3 、k 4 ……k m
S8: according to the step S2 or S4, the quantum terminal node A as the source node and the quantum terminal node B as the destination node share one quantum key k each time m Sequentially calculating a first-layer intermediate key k by using a quantum terminal node A as a source node m ', second layer intermediate key k m "and the final key k m "';
The first layer intermediate key k m According to the sharing quantumKey k m K stored with quantum terminal m-1 ' calculation using a hash operation function: k is a radical of m '=H 1 (k m +k m-1 '),
Wherein H 1 The sign between quantum keys is a hash operation function, and the "+" represents that the quantum keys are spliced according to the sequence;
the second layer intermediate key k m "according to the first intermediate key k m ' and the stored second layer key k obtained in the previous round of calculation m-1 "adopt the calculation of hash arithmetic function: k is a radical of m "=H 2 (k m '+k m-1 "),
Wherein H 2 The sign between the intermediate keys is a hash operation function, and the "+" represents that the intermediate keys are spliced according to the sequence;
the final key k m "' based on the second intermediate key k m "and the final key k obtained from the previous round of calculation stored m-1 "' is calculated using a hash function: k is a radical of formula m "'=H 2 (k m ”+k m-1 "'),
Wherein H 2 The sign between the keys is a hash operation function, and the sign between the keys is '+' which indicates that the keys splice the intermediate keys in sequence;
in S8 of the present embodiment, the first-layer intermediate key k to be shared m ', second layer intermediate key k m "and final key k m "' replaces the first layer intermediate key k stored in the quantum termination node a as the source node m-1 ', second layer intermediate key k m-1 "and the final key k m-1 "'。
S9: simultaneously with the calculation in step S7, quantum terminal node a as source node and quantum terminal node B as destination node share one quantum key k each time according to step S3 or S5 m The quantum terminal node B as the destination node calculates the intermediate key k of the first layer in turn m ', second layer intermediate key k m "and the final key k m "';
Said first layer intermediate key k m According to the shared quantum keyk m K stored with quantum terminal m-1 ' computing using a hash operation function: k is a radical of formula m '=H 1 (k m +k m-1 '),
Wherein H 1 The sign between quantum keys is a hash operation function, and the "+" represents that the quantum keys are spliced according to the sequence;
the second layer intermediate key k m "according to the first intermediate key k m ' and the stored second layer key k obtained from the previous round of calculation m-1 "adopt the calculation of hash arithmetic function: k is a radical of formula m "=H 2 (k m '+k m-1 "),
Wherein H 2 The sign between the intermediate keys is a hash operation function, and the sign '+' between the intermediate keys indicates that the intermediate keys are spliced according to the sequence of the keys;
the final key k m "' based on the second intermediate key k m "and the final key k obtained in the previous round of calculation stored m-1 "' is calculated using a hash function: k is a radical of m "'=H 2 (k m ”+k m-1 "'),
Wherein H 2 The sign between the keys is a hash operation function, and the sign '+' between the keys indicates that the keys splice the intermediate keys according to the sequence;
in S9 of the present embodiment, the first-layer intermediate key k to be shared m ', second layer intermediate key k m "and the final key k m ' replace the first layer intermediate key k stored in the quantum terminal node B as destination node m-1 ', second layer intermediate key k m-1 "and the final key k m-1 "'。
It should be noted that, in the present embodiment, the hash operation function may be replaced by an arbitrary one-way function, such as a one-way trapdoor function.
Example 5
On the basis of the embodiments 1-4, further, when the quantum terminal node a as the source node and the quantum terminal node B as the destination node use the final key for data secret transmission, the first few final keys calculated can be discarded and not used for actual communication. In order to avoid the prior secret key from being exposed due to a third party to influence the security of the subsequent secret key.
Example 6
On the basis of embodiments 1 to 5, further, if there is a certain small value epsilon, at each key distribution, an eavesdropper successfully knows the distributed quantum shared key with a probability not higher than epsilon. Then a certain threshold δ, positive integers N and k are set, with the following agreement between them:
Figure BDA0001929111400000191
the quantum terminal node A as the source node and the quantum terminal node B as the destination node perform combined calculation on the historical shared secret key according to the method described in the embodiments 1-5 to obtain an intermediate secret key k 1 m ' referred to as a first intermediate key. Computing a first intermediate key k on a quantum terminal node 1 m When the used historical shared secret key reaches k, the terminal node takes the current shared secret key as the initial secret key and starts to calculate a second intermediate secret key k 2 m ' while continuing calculation of the first intermediate key is not stopped. Similarly, the first intermediate key k is calculated by the equivalent child terminal node 1 m When the used historical shared key reaches k x (i-1), the current shared key is used as a starting key, the calculation of the ith intermediate key is started, and meanwhile, the continuous calculation of the first, second, \ 8230; \8230;, and the ith-1 intermediate key is not stopped. Until the calculation of the history keys used by the first intermediate key reaches N, discarding the first intermediate key and simultaneously discarding the ith intermediate key (i)>= 2) renames the i-1 th intermediate key, after which the final key k is calculated with the new first intermediate key m "where i is a positive integer, which refers to the serial number of the ith intermediate key to be calculated.
The above process is repeated to ensure that the number of used historical keys does not exceed N when calculating the intermediate key.
When some multi-key combination schemes are used, such as an exclusive-or splicing scheme, each key leakage is accumulated in the final splicing key, and by adopting the embodiment, the information leakage can be prevented from being accumulated all the time.
Meanwhile, the embodiment can also avoid that the key inconsistency error of a certain time always influences the subsequent key consistency.
Example 7
Based on the method of the embodiment 1 to 6, the invention also provides a key distribution system based on multi-key combination quantum key relay, which comprises the following steps:
the system of this embodiment adopts an existing key distribution system, and applies any one of the above key distribution methods based on multi-key combination quantum key relay to the system.
The invention has the beneficial effects that:
1. according to the invention, through the combined calculation of a plurality of shared keys among quantum terminals, the generation process of each final key specifically used for the secret data transmission among quantum terminal nodes is related to all the shared keys among the quantum terminal nodes, namely, even if the credible relay node is careless in actual operation, as long as an attacker does not take all the distributed quantum keys and even if only one key is not taken, the data encrypted by the final key cannot be substantially threatened, so that the data security in the secret quantum communication is further improved.
2. The key distribution method based on multi-key combination quantum key relay is low in cost, and compared with the thought of 'exchanging safety by space' (increasing paths) in a multi-relay path scheme, the thought of the scheme is 'exchanging safety by time', and extra path hardware cost is not required to be increased.
3. The key distribution method based on multi-key combination quantum key relay is high in safety, and unless the relay node is broken through by an attacker (which is difficult to happen in reality) before the relay node is put into first distribution after formal operation (the quantum terminal A distributes the shared key to the quantum terminal B for the first time through the relay node R), even if the relay node R is broken through by the attacker during ith transmission, the attacker obtains the relay node RIs also only k i And subsequent relay keys, but k is missing i The previous key results in that it still cannot calculate the final key used for secure communication. Therefore, even if a relay node is broken by an attacker, it is still secure to relay a key using this relay node.
Those skilled in the art will appreciate that the modules or steps of the present invention described above can be implemented using general purpose computer means, or alternatively, they can be implemented using program code that is executable by computing means, such that they are stored in memory means and executed by computing means, or they are separately fabricated into individual integrated circuit modules, or multiple modules or steps of them are fabricated into a single integrated circuit module. The present invention is not limited to any specific combination of hardware and software.
Although the specific embodiments of the present invention have been described with reference to the accompanying drawings, it is not intended to limit the scope of the present invention, and it should be understood by those skilled in the art that simple modifications, functional framework re-combination, etc. based on the embodiments of the present invention described above are within the scope of the present invention. That is, on the basis of the technical solutions of the present invention, various modifications or changes that can be made by those skilled in the art without creative efforts are still within the protection scope of the present invention.

Claims (26)

1. A key distribution method based on multi-key combination quantum key relay is characterized by comprising the following steps:
the source node and the destination node sequentially share the quantum key through the relay node according to the key distribution sequence;
after the quantum key is shared each time, the source node and the destination node respectively calculate a final key by adopting the same algorithm, wherein the final key is obtained by performing at least one round of combined calculation according to the quantum key distributed historically;
the specific step of calculating the final key comprises:
after sharing the quantum key each time, the source node and the destination node respectively calculate at least one layer of intermediate key by adopting the same algorithm, wherein the intermediate key is obtained by performing at least one round of combined calculation according to the quantum key distributed historically and/or the historical intermediate key;
and the source node and the destination node respectively calculate final keys by adopting the same algorithm, and the final keys are obtained by performing at least one round of combined calculation according to the historical intermediate keys and/or the historical final keys.
2. The key distribution method according to claim 1, wherein the step of sharing the quantum key between the source node and the destination node via the relay node comprises:
the source node encrypts the quantum key distributed at this time by using the shared key between the source node and the relay node, and distributes the encrypted quantum key to the relay node for decryption to obtain the quantum key;
the relay node encrypts the quantum key by using a shared key between the relay node and the next node, distributes the encrypted quantum key to the next node for decryption to obtain the quantum key, and repeats the steps until a target node is reached;
the destination node obtains the quantum key, and the quantum key is shared by the source node and the destination node.
3. The method as claimed in claim 1, wherein the intermediate key and the final key are calculated by using a one-way function.
4. The key distribution method based on multi-key combination quantum key relay as claimed in claim 3, wherein the one-way function comprises a hash operation function and a one-way trapdoor function.
5. The key distribution method according to claim 1, wherein the intermediate key is obtained by performing at least one round of combined calculation according to the historically distributed quantum keys and/or the historically intermediate keys, and comprises:
and when the intermediate key is a layer, performing at least one round of combined calculation according to the distribution sequence of the quantum keys distributed in the round and all the quantum keys distributed in the history of the quantum keys.
6. The key distribution method based on multi-key combination quantum key relay as claimed in claim 5, wherein when the intermediate key is expanded from one layer to two or more layers, the intermediate key of the next layer is obtained by performing at least one round of combination calculation according to the calculation sequence of the intermediate key calculated in the previous round and all the intermediate keys calculated in history.
7. The key distribution method based on multi-key combination quantum key relay as claimed in claim 6, wherein the quantum terminals of the source node and the destination node store history to distribute all quantum keys for computing the intermediate key.
8. The key distribution method based on multi-key combination quantum key relay as claimed in claim 1, wherein the intermediate key is obtained by at least one round of combination calculation according to the historically distributed quantum key and/or the historically intermediate key, and includes:
and when the intermediate key is a layer, performing at least one round of combined calculation according to the quantum key distributed in the round and the historical intermediate key calculated in the previous round.
9. The method as claimed in claim 8, wherein when the intermediate key is expanded from one layer to two or more layers, the intermediate key of the next layer is obtained by performing at least one round of combined calculation based on the quantum key distributed in the current round of the previous layer and the historical intermediate key calculated in the previous round.
10. The key distribution method based on multi-key combination quantum key relay as claimed in claim 9, wherein the quantum terminals of the source node and the destination node store historical intermediate keys of the previous round of computation for computing the intermediate keys.
11. The key distribution method based on multi-key combination quantum key relay as claimed in claim 10, wherein the quantum terminals of the source node and the destination node store the intermediate key of the current round and replace the historical intermediate key calculated in the previous round.
12. The key distribution method of claim 1, wherein the final key is obtained by performing at least one round of combination calculation according to the historical intermediate keys and/or the historical final keys, and comprises:
when the intermediate key is a layer, at least one round of combined calculation is carried out according to the calculation sequence of the intermediate key calculated in the round and all the intermediate keys calculated in the history.
13. The key distribution method based on multi-key combination quantum key relay as claimed in claim 12, wherein when the intermediate key is expanded from one layer to two or more layers, the final key is obtained by performing at least one round of combination calculation according to the calculation order between the intermediate key calculated in the current round of the last layer and all the intermediate keys calculated in the history thereof.
14. The key distribution method based on multi-key combination quantum key relay as claimed in claim 13, wherein the quantum terminals of the source node and the destination node store all the intermediate keys of the historical computation for computing the final key.
15. The key distribution method based on multi-key combination quantum key relay as claimed in claim 14, wherein the quantum terminals of the source node and the destination node store history of distributing all quantum keys for computing the intermediate key and the final key.
16. The key distribution method of claim 1, wherein the final key is obtained by performing at least one round of combination calculation according to the historical intermediate keys and/or the historical final keys, and comprises:
and when the intermediate key is of one layer, performing at least one round of combined calculation according to the intermediate key calculated in the current round and the historical final key calculated in the previous round.
17. The method as claimed in claim 16, wherein when the intermediate key is expanded from one layer to two or more layers, the final key is obtained by performing at least one round of combined calculation based on the last layer of the intermediate key calculated in the current round and the historical final key calculated in the previous round.
18. The key distribution method based on multi-key combination quantum key relay as claimed in claim 17, wherein the quantum terminals of the source node and the destination node store the historical final key of the previous round of computation for computing the final key.
19. The key distribution method based on multi-key combination quantum key relay as claimed in claim 18, wherein the quantum terminals of the source node and the destination node store the final key of the current round and replace the historical final key of the previous round of computation.
20. The key distribution method based on multi-key combination quantum key relay as claimed in claim 1, wherein the quantum terminals of the source node and the destination node store a certain number of historically distributed quantum keys, historically computed intermediate keys and final keys, the stored number being adjusted according to the computed intermediate keys and/or final keys.
21. The key distribution method according to claim 1, wherein the combination comprises any one or more of concatenation, exclusive or, staggered exclusive or and staggered concatenation.
22. The method as claimed in claim 3, wherein the one-way function is a function with non-linear property when the combination is linear operation.
23. The key distribution method according to claim 1, wherein a certain number of final keys calculated first in the calculation order are discarded and not used for actual communication when data security transmission is performed between the source node and the destination node through the final keys.
24. The key distribution method based on multi-key combination quantum key relay as claimed in claim 1, wherein if an eavesdropper successfully acquires the key with a probability not higher than a certain value e at each key distribution, a threshold δ, positive integers N and k are preset, and the following are satisfied:
Figure FDA0003720863530000031
in calculating the intermediate keys, no more than N historical keys are used.
25. The method according to claim 24, wherein the number of the used historical secret keys is not more than N when calculating the intermediate secret key, and the method comprises:
when the accumulated number of the historical keys used by the quantum terminal node for calculating the ith intermediate key reaches k, taking the currently distributed quantum key as an initial key, starting to calculate the (i + 1) th intermediate key, and simultaneously not stopping continuously calculating the ith intermediate key; until the accumulation of the historical keys used for calculating the 1 st intermediate key reaches N, subtracting one from the serial numbers of all the intermediate keys, discarding the original 1 st intermediate key, and calculating a final key by using a new 1 st intermediate key; and i is a positive integer.
26. A key distribution system based on multi-key quantum key relay, characterized in that the system is based on a key distribution method based on multi-key quantum key relay as claimed in any of claims 1-25.
CN201811631538.7A 2018-12-29 2018-12-29 Key distribution method and system based on multi-key combination quantum key relay Active CN111385090B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811631538.7A CN111385090B (en) 2018-12-29 2018-12-29 Key distribution method and system based on multi-key combination quantum key relay

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811631538.7A CN111385090B (en) 2018-12-29 2018-12-29 Key distribution method and system based on multi-key combination quantum key relay

Publications (2)

Publication Number Publication Date
CN111385090A CN111385090A (en) 2020-07-07
CN111385090B true CN111385090B (en) 2023-03-10

Family

ID=71220752

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811631538.7A Active CN111385090B (en) 2018-12-29 2018-12-29 Key distribution method and system based on multi-key combination quantum key relay

Country Status (1)

Country Link
CN (1) CN111385090B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114362935B (en) * 2020-12-30 2023-10-24 广东国腾量子科技有限公司 Method for indirectly communicating multiple quantum key management terminal devices
CN114697015A (en) * 2020-12-31 2022-07-01 科大国盾量子技术股份有限公司 Key management method and key distribution method for trusted relay node
GB2604326B (en) * 2021-01-29 2023-07-12 Arqit Ltd QKD switching system

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101123815A (en) * 2007-07-20 2008-02-13 中兴通讯股份有限公司 Method for microwave to access home agent root secret key synchronization in global intercommunication mobile IPv4
CN101378591A (en) * 2007-08-31 2009-03-04 华为技术有限公司 Method, system and device for negotiating safety capability when terminal is moving
CN101719826A (en) * 2009-05-13 2010-06-02 北京宏基恒信科技有限责任公司 Dynamic token having function of updating seed key and updating method for seed key thereof
CN102904713A (en) * 2011-07-25 2013-01-30 深圳市金溢科技有限公司 Key exchange method for secret key encryption communication system
CN103840936A (en) * 2014-02-28 2014-06-04 山东量子科学技术研究院有限公司 Reliable encryption transmission system and method of quantum cryptography network
CN105471576A (en) * 2015-12-28 2016-04-06 科大国盾量子技术股份有限公司 Quantum key relaying method, quantum terminal nodes and quantum key relaying system
EP3182638A1 (en) * 2015-12-18 2017-06-21 ID Quantique S.A. Apparatus and method for adding an entropy source to quantum key distribution systems

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101123815A (en) * 2007-07-20 2008-02-13 中兴通讯股份有限公司 Method for microwave to access home agent root secret key synchronization in global intercommunication mobile IPv4
CN101378591A (en) * 2007-08-31 2009-03-04 华为技术有限公司 Method, system and device for negotiating safety capability when terminal is moving
CN101719826A (en) * 2009-05-13 2010-06-02 北京宏基恒信科技有限责任公司 Dynamic token having function of updating seed key and updating method for seed key thereof
CN102904713A (en) * 2011-07-25 2013-01-30 深圳市金溢科技有限公司 Key exchange method for secret key encryption communication system
CN103840936A (en) * 2014-02-28 2014-06-04 山东量子科学技术研究院有限公司 Reliable encryption transmission system and method of quantum cryptography network
EP3182638A1 (en) * 2015-12-18 2017-06-21 ID Quantique S.A. Apparatus and method for adding an entropy source to quantum key distribution systems
CN105471576A (en) * 2015-12-28 2016-04-06 科大国盾量子技术股份有限公司 Quantum key relaying method, quantum terminal nodes and quantum key relaying system

Also Published As

Publication number Publication date
CN111385090A (en) 2020-07-07

Similar Documents

Publication Publication Date Title
Maram et al. CHURP: dynamic-committee proactive secret sharing
US11595196B2 (en) Quantum key distribution method and device, and storage medium
RU2736870C1 (en) Complex for secure data transmission in digital data network using single-pass quantum key distribution system and method of keys adjustment during operation of system
US11057293B2 (en) Method and system for validating ordered proof of transit of traffic packets in a network
RU2621182C1 (en) Key joint usage device and the system for its configuration
CN110581763B (en) Quantum key service block chain network system
KR20190005878A (en) Method and system for secure data transmission
CN111385090B (en) Key distribution method and system based on multi-key combination quantum key relay
US11387999B2 (en) Access to secured information
CN112187450B (en) Method, device, equipment and storage medium for key management communication
US8681986B2 (en) Single-round password-based key exchange protocols
JP2022501971A (en) Methods for key management, user devices, management devices, storage media and computer program products
CN106941404A (en) Cryptographic key protection method and device
CN108599926A (en) A kind of HTTP-Digest modified AKA identity authorization systems and method based on pool of symmetric keys
WO2016068847A1 (en) Key splitting
Jayaraman et al. Decentralized certificate authorities
CN114765543A (en) Encryption communication method and system of quantum cryptography network expansion equipment
CN117318943B (en) Quantum distributed data storage and recovery method
Coruh et al. ESAR: enhanced secure authentication and revocation scheme for vehicular Ad Hoc networks
CN108599941A (en) Random asymmetries expand byte encryption of communicated data method
CN111245611B (en) Anti-quantum computation identity authentication method and system based on secret sharing and wearable equipment
EP3883178A1 (en) Encryption system and method employing permutation group-based encryption technology
US20230388105A1 (en) Encryption communication system, encryption communication apparatus, and encryption communication method
Chaitanya et al. Implementation of security and bandwidth reduction in multi cloud environment
Lin et al. Composable Security of Distributed Symmetric Key Exchange Protocol

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant