CN111404674A - Method and equipment for generating and receiving session key - Google Patents
Method and equipment for generating and receiving session key Download PDFInfo
- Publication number
- CN111404674A CN111404674A CN201910002534.0A CN201910002534A CN111404674A CN 111404674 A CN111404674 A CN 111404674A CN 201910002534 A CN201910002534 A CN 201910002534A CN 111404674 A CN111404674 A CN 111404674A
- Authority
- CN
- China
- Prior art keywords
- random number
- quantum
- key
- session key
- receiving
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Abstract
The invention discloses a method and equipment for generating and receiving a session key, which are used for solving the problem that quantum communication is easy to interfere. The method comprises the following steps: generating at least one random number S; transmitting the corresponding random number S through the quantum channel corresponding to each random number S, so that the receiving party performs hash operation on the received random number S and the preset key by using a hash function to generate a session key Ks; receiving a corresponding random number S transmitted by a quantum key distribution terminal through at least two quantum channels; and carrying out hash operation on the received random number S and the preset key by using a hash function to generate a session key Ks. The method is used for long-distance transmission of the quantum key in quantum communication and anti-interference transmission of the quantum key.
Description
Technical Field
The present invention relates to quantum key distribution, and in particular, to a method and apparatus for generating and receiving a session key.
Background
Due to the rapid development of quantum computing technology, the security of many classical cryptographic algorithms faces increasingly severe challenges. Quantum computing techniques have different effects on asymmetric cryptographic algorithms and symmetric cryptographic algorithms. The existing symmetric cryptographic algorithm can ensure the safety of the existing symmetric cryptographic algorithm under the quantum computing condition as long as the key length is doubled. However, the quantum computing technology will make the asymmetric algorithms based on the computing complexity, such as RSA and DH, commonly used at present to fail. Since most systems use symmetric key algorithms for data protection, but the keys used by them rely on asymmetric algorithm generation, quantum computing techniques pose a serious threat to today's security systems.
Based on the characteristics of Quantum mechanics law such as irrevocability, inaccuracy in measurement, irreproducibility, ideal randomness and the like, the Quantum Key Distribution (Quantum Key Distribution) is a Key technology capable of ensuring the safe Distribution of keys in the Quantum era and does not depend on any requirements and assumptions on computational complexity. The method replaces the existing asymmetric algorithm to realize key agreement, and can enable the existing security system to be continuously used in the quantum age. Although it has wide application prospect, it has the following disadvantages:
in the quantum communication process, when a quantum is measured, a sudden change of state occurs, and communication is stopped when both communication parties find that the state is changed. Any form of intrusion by an adversary, whether eavesdropping, copying or jamming, can thwart communications.
Disclosure of Invention
The invention provides a method and equipment for generating and receiving a session key, which can solve the problem that quantum communication is easy to interfere.
In a first aspect, the present invention provides a method for generating a session key, where the method includes:
generating at least one random number;
and transmitting the corresponding random number through a quantum channel corresponding to the random number, so that the receiver performs hash operation on the received random number and a preset key by using a hash function to generate a session key.
In a second aspect, the present invention provides a method for receiving a session key, including:
receiving corresponding random numbers transmitted by the quantum key distribution terminal through at least two quantum channels;
and carrying out hash operation on the received random number and the preset key by using a hash function to generate a session key.
In a third aspect, the present invention provides a session key generation device, including: a processor and a memory, wherein the memory stores program code that, when executed by the processor, causes the processor to perform the steps of:
generating at least one random number;
and transmitting the corresponding random number through a quantum channel corresponding to the random number, so that the receiver performs hash operation on the received random number and a preset key by using a hash function to generate a session key.
In a fourth aspect, the present invention provides a receiving device for a session key, including: a processor and a memory, wherein the memory stores program code that, when executed by the processor, causes the processor to perform the steps of:
receiving corresponding random numbers transmitted by the quantum key distribution terminal through at least two quantum channels;
and carrying out hash operation on the received random number and the preset key by using a hash function to generate a session key.
The method and the device for generating and receiving the session key have the following beneficial effects that:
the session key is generated based on the hash function according to the preset key and the random number, so that the security of the session key can be guaranteed without depending on whether the relay station of the quantum network is credible, the quantum communication is not easy to be hindered when the relay station is used for transmitting the quantum key in a long distance, and the requirement of a user on the security of the session key can be met;
and when a multi-quantum channel key is distributed, the whole quantum communication system can still not be influenced when one quantum channel is interfered, and the anti-interference capability of quantum communication is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.
FIG. 1 is a diagram of a system for generating and receiving session keys;
FIG. 2 is a diagram of a single quantum channel key generation system;
FIG. 3 is a diagram of two quantum channel key generation systems;
FIG. 4 is a diagram of a multiple quantum channel key generation system;
FIG. 5 is a diagram of a method for generating session keys;
fig. 6 is a diagram of a receiving method of a session key.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be described in further detail with reference to the accompanying drawings, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example one
The embodiment of the present invention provides a session key generation and reception system, as shown in fig. 1, the system includes a quantum key distribution end, at least one quantum key receiving end, and at least two quantum channels, where:
the quantum key distribution terminal is used for generating at least one random number S and sending the generated random number S to at least one quantum key receiving terminal through at least two quantum channels;
and the quantum key receiving end receives the corresponding random number S transmitted by the quantum key distribution end through at least two quantum channels, and generates a session key Ks after performing hash operation on the received random number S and the preset key K by using a hash function.
Because the hash function is a one-way hash function which compresses data with any length to a certain fixed length through a hash algorithm, even if an attacker obtains the random number S transmitted by the quantum channel, the session key Ks cannot be obtained because the secret keys preset by both communication users are unknown, the reliability of quantum communication is ensured, and the safety of generating the session key is ensured.
In addition, in the quantum communication process, based on the characteristics of the quantum channel, the consistency of the sent message and the received message can be ensured, an attacker cannot modify the random number S, and when the quantum is measured, the state mutation occurs, and the communication is stopped once the communication parties find that the state is changed.
As an optional implementation mode, the hash function is a secure hash algorithm SHA-256, a secure hash algorithm SHA-512 or a secure hash algorithm SHA-3.
As an alternative embodiment, the random number S represents a single random number value, or may represent a stream of random numbers.
According to the difference between the random number S and the number of the quantum channels, the random number S generated by the at least two quantum channels is sent to at least one quantum key receiving end, and the following conditions are provided:
the first condition is as follows: when the random number S represents a single random number value, the single random number S correspondingly uses a quantum channel A to transmit the single random number S;
case two: when the random number S represents a random number stream, one random number stream S is correspondingly transmitted by using a quantum channel A;
case three: n (n is a positive integer and 2 or more) random values S represent n random values S1S2…SnIn this case, each random value is transmitted using a quantum channel A, and n quantum channels are used for transmission, e.g. through quantum channel A1Transmitting a random value S1Through quantum channel A2Transmitting a random value S2By analogy, via quantum channel AnThe random number Sn is transmitted.
Case four: n (n is a positive integer and 2 or more) random number streams S represent n random number streams S1S2…SnWhen transmitting the single random number stream S by using a quantum channel A corresponding to each random number stream, n quantum channels are required to be used for transmission, for example, by using the quantum channel A1Transmitting a stream of random numbers S1Through quantum channel A2Transmitting a stream of random numbers S2By analogy, via quantum channel AnTransmitting a stream of random numbers Sn。
As an optional implementation, transmitting the corresponding random number S through the quantum channel corresponding to each random number S includes:
and transmitting the corresponding random number S through the quantum channel corresponding to each random number S in the quantum communication relay network.
Because quantum communication uses single photons as carriers, the quantum communication distance generally does not exceed 200 kilometers in consideration of the attenuation of the single photons in an optical fiber channel and the sensitivity of a detector, the application range of quantum key distribution is limited, and a plurality of relay stations in a relay network carry out relay forwarding of quantum keys, so that the long-distance transmission of the quantum communication can be realized.
In the prior art, at least more than one relay station is arranged between two remote communication users, a quantum channel is used between every two adjacent relay stations to obtain a shared quantum key, the shared quantum key is used for carrying out 'encryption-decryption-encryption … decryption' relay forwarding operation on a session key to be transmitted section by section, and finally a receiver obtains the session key to realize remote quantum communication. And the quantum key transmission in the prior art depends on that the relay station is a trusted relay station.
In this embodiment, quantum communication remote transmission can be achieved by using a quantum communication relay network, specifically, the quantum communication relay network is a relay network architecture composed of at least one relay station, and the relay station is used as a relay to forward information transmitted by a user at a distribution end to a receiving end for receiving. At least more than one relay station is arranged between two communication users, corresponding random number S is transmitted between every two adjacent relay stations through at least one quantum channel, the random number S is forwarded through a plurality of relay stations, and finally a receiving party obtains a session key to realize long-distance quantum communication.
Because the relay station is used for relay forwarding operation of the random number S, the relay station does not need to be a trusted relay station, even if the relay station is not trusted, an attacker obtains the random number, because the receiving end uses a hash function to perform hash operation on the received random number S and a preset key to generate a session key Ks, based on the characteristics of the hash function, the attacker cannot obtain the session key Ks according to S under the condition of not knowing the preset keys of two communication parties, and the security of transmitting the session key Ks generated by the random number S based on the hash function by using a quantum channel in the relay network is ensured.
In summary, the transmitting end transmits the corresponding random number S by using the quantum channel corresponding to each random number S in the quantum communication relay network, and the receiving end performs hash operation on the received random number S and the preset key by using the hash function to generate the session key Ks, so that not only can long-distance transmission of the quantum channel be realized, but also the problem that quantum communication is easily hindered can be solved.
As an alternative implementation, the distribution end may send at least one random number S to one receiving end, or send at least one random number S to multiple receiving ends. The distributing end may also generate a session key Ks based on a hash function using the preset key K and the generated random number S, so that the distributing end and one or more receiving ends communicate with each other using the session key Ks.
As an alternative embodiment, the communication between the distributor and one or more receivers using the session key Ks includes:
the transmitting end receives the confirmation message fed back by the receiving end and determines the random number S successfully received by the receiving end;
and carrying out hash operation on the random number S successfully received by the receiver and the preset key by utilizing a hash function to generate a session key Ks.
At this time, the distributing end receives the confirmation message fed back by the receiving end, knows which random numbers S are received by the receiving end, can perform hash operation on the preset secret key K and the successfully received random numbers S by using a hash function to generate the same session secret key Ks, and encrypts the message to be transmitted by the distributing end by using the session secret key Ks, thereby ensuring the safety of communication between the distributing end and the receiving end user.
As another optional implementation, the distributing end, serving as a distributor for distributing the quantum key, may send at least one random number S to a plurality of receiving ends. Each receiving end receives the same random number S or receives a plurality of same random numbers S, and each receiving end generates a session key Ks based on a hash function by using the received random number S and a preset key K. Because the random number S received by each receiving terminal is the same as the preset key K, the same session key Ks is generated based on the hash function, and the session key Ks can be used as a shared session key to encrypt the messages transmitted between any two receiving terminals in the multiple receiving terminals, so that the safety of the messages transmitted by both communication terminals is ensured.
In summary, in the embodiment, the problem of short quantum communication distance is solved by using the relay network, and the problem of easy interference of quantum communication is solved by using the multiple quantum channels in the relay network.
For clearly describing a quantum key secure distribution system provided by the embodiment of the present invention, taking two quantum channel key distribution systems as an example, the system is defined as including: the system comprises a quantum key distribution end, a quantum key receiving end, a quantum relay network and a quantum channel. As shown in fig. 2, the interaction flow between the quantum key distribution end and the quantum key receiving end in the system is as follows:
step 201: the distributing terminal generates a random number S, and the random number S represents a single random number value;
step 202: transmitting a corresponding random number S to a receiving end through a quantum channel in a quantum relay network;
the quantum channel performs relay forwarding on the random number S sent by the transmitting end through the relay forwarding operation of each relay station, and finally transmits the random number S to the receiving end for receiving.
Step 203: and the receiving end receives the corresponding random number S transmitted by the single quantum channel, and performs hash operation on the received random number S and the preset key K by using a hash function to generate a session key Ks.
The preset key K is the same preset key K agreed by the distributor and the receiver in advance.
Step 204: and after the receiving end successfully receives the random number S, feeding back a confirmation message to the transmitting end.
After the receiving end does not receive the random number S, the distribution end cannot receive the feedback confirmation message sent by the receiving end.
Step 205: the transmitting end receives the feedback confirmation message sent by the receiving end, determines the random number S successfully received by the receiving end, and utilizes the hash function to carry out hash operation on the random number S successfully received by the receiving end and the preset key to generate the session key Ks.
The distributing end and the receiving end use the same random number S and the preset key to generate the same session key Ks by using a hash function, and the information transmitted between the distributing end and the receiving end is encrypted by using the session key Ks, so that the safety of information transmission of both communication parties is ensured.
Taking two quantum channel key distribution systems as an example, the system is defined to include: the system comprises a quantum key distribution end, a quantum key receiving end, a quantum relay network and two quantum channels. As shown in fig. 3, the interaction flow between the quantum key distribution end and the quantum key receiving end in the system is as follows:
step 301: the distributing terminal generates two random numbers S1、S2Random number S1、S2Each represents a single random number;
step 302: through two quantum channels A in a quantum relay network1、A2Respectively transmitting corresponding random numbers S to a receiving end1、S2;
In a relay networkWith a plurality of relay stations, quantum channels A1、A2Two random numbers S sent by the transmitting terminal through the relay forwarding operation of each relay station1、S2Performing relay forwarding, and finally forwarding the random number S1、S2And transmitting the data to a receiving end for receiving.
Step 303: the receiving end receives two quantum channels A1、A2Corresponding random number S of transmission1、S2Using a hash function on the received random number S1、S2And carrying out Hash operation on the preset key K to generate a session key Ks.
The preset key K is the same preset key K agreed by the distributor and the receiver in advance.
Step 304: the receiving end successfully receives the random number S1、S2And then feeding back a confirmation message to the distributing terminal.
Step 305: the transmitting end receives the feedback confirmation message sent by the receiving end and determines the random number S successfully received by the receiving end1、S2And using hash function to successfully receive the random number S by the receiving party1、S2And carrying out Hash operation on the preset key to generate a session key Ks.
If the receiving end only receives the random number S1Sending the received random number S to the transmitting end1The distribution end confirms only the random number S1The receiving end successfully receives the key K and the random number S, and the distributing end and the receiving end can still use the Hash function to match the preset key K and the random number S1And carrying out hash operation to generate a session key Ks.
The distributing end and the receiving end use the same random number S and the preset key to generate the same session key Ks by using a hash function, and the information transmitted between the distributing end and the receiving end is encrypted by using the session key Ks, so that the safety of information transmission of both communication parties is ensured.
Taking a multi-quantum channel key distribution system as an example, the system is defined as comprising: the system comprises a quantum key distribution end, a quantum key receiving end, a quantum relay network and a plurality of quantum channels. As shown in fig. 4, the interaction flow between the quantum key distribution end and the quantum key receiving end in the system is as follows:
step 401: the distributing terminal generates n (n is a positive integer and is greater than or equal to 2) random numbers S, and the random numbers S represent n random numbers S1S2…Sn;
Step 402: and transmitting the corresponding random number S to a receiving end through n quantum channels A (n is a positive integer and is more than or equal to 2) in the quantum relay network.
Wherein each quantum channel transmits a corresponding random number S, i.e. quantum channel a1Transmitting a random value S1Through quantum channel A2Transmitting a random value S2By analogy, via quantum channel AnTransmitting a random number Sn;
the relay network is provided with a plurality of relay stations, each relay station in each quantum channel can relay and forward the random number S transmitted in the quantum channel sent by the transmitting end, and finally transmits the random number S to the receiving end for receiving.
Step 403: and the receiving end receives the corresponding random number S transmitted by each quantum channel, and performs hash operation on the received random number S and the preset key K by using a hash function to generate a session key Ks.
The receiving end receives the random number S transmitted by each quantum channel, that is, the random number received by the receiving end is: s1S2…SnThe preset key K is the same preset key K agreed by the distributor and the receiver in advance, and the preset key K and the random number S are utilized based on a Hash function1S2…SnAnd carrying out Hash operation to generate a session key Ks.
Step 404: and after the receiving end successfully receives the random number S, feeding back a confirmation message to the transmitting end.
The receiving end does not receive the random number S, and the transmitting end cannot receive the feedback confirmation message sent by the receiving end.
Step 405: the transmitting end receives the feedback confirmation message sent by the receiving end, determines the random number S successfully received by the receiving end, and utilizes the hash function to carry out hash operation on the random number S successfully received by the receiving end and the preset key to generate the session key Ks.
For example, the receiving end successfully receives the random number S1、S2、S3、S4Sending feedback confirmation message to the transmitting end without receiving S sent by the transmitting end4If the receiving end receives the feedback confirmation message S, the receiving end sends the feedback confirmation message S to the transmitting end1、S2、S3(ii) a After the transmitting end receives the feedback confirmation message, the receiving end is determined to receive the random number S1、S2、S3。
The same random number S is used by the distributing end and the receiving end1、S2、S3And the preset key K generates the same session key Ks by utilizing a hash function, and encrypts the information transmitted between the transmitting end and the receiving end by utilizing the session key Ks, so that the safety of the information transmitted by the two communication parties is ensured.
To sum up, according to the different number of quantum channels in the relay network, taking a single quantum channel and a multiple quantum channel as an example, the beneficial effects of the invention are summarized as follows:
taking the example that the single quantum channel and the distributing terminal send a random number S, the single quantum channel in the relay network is used to send the random number S to the receiving terminal, and the receiving terminal generates the session key by using the hash function.
Based on the one-way characteristic of the hash function, even if the relay station in the relay network is not trusted, the attacker acquires the random number S, but the attacker does not know the preset key K between the communication users, and therefore the attacker still cannot acquire the session key. The security of the session key does not depend on whether the relay station of the quantum network is trusted or not, and the requirement of a communication user on the security of the session key is ensured.
Sending n random numbers S by multi-quantum channel and transmitting terminal1S2…SnOr n streams of random numbers S1S2…Sn(n is a positive integer and 2 or more), for example, the random number or the random number stream is transmitted to the receiving end by using a quantum channel corresponding to each random number, and the receiving end generates a session key by using a hash function.
Based on the one-way characteristic of the hash function and the multi-quantum channel transmission, even if all the quantum channels are not credible, an attacker cannot obtain a session key, and the multi-quantum channel key is distributed, so that even if one quantum channel is interfered, the communication of the whole quantum communication system is not influenced.
Example two
Based on the same inventive concept, the embodiment of the present invention provides a device for secure distribution and reception of quantum keys, and specific implementation of the device may refer to the description of the system embodiment section, and repeated details are not described again.
The apparatus includes a processor, a memory, and a transceiver.
The processor is responsible for managing the bus architecture and the usual processing, and the memory may store data used by the processor in performing operations. The transceiver is used for receiving and transmitting data under the control of the processor.
The bus architecture may include any number of interconnected buses and bridges, with various circuits of one or more processors, represented by a processor, and memory, represented by a memory, being linked together. The bus architecture may also link together various other circuits such as peripherals, voltage regulators, power management circuits, and the like, which are well known in the art, and therefore, will not be described any further herein. The bus interface provides an interface. The processor is responsible for managing the bus architecture and the usual processing, and the memory may store data used by the processor in performing operations.
The process disclosed by the embodiment of the invention can be applied to a processor or realized by the processor. In implementation, the steps of the signal processing flow may be implemented by integrated logic circuits of hardware or instructions in the form of software in a processor. The processor may be a general purpose processor, a digital signal processor, an application specific integrated circuit, a field programmable gate array or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or the like that implement or perform the methods, steps, and logic blocks disclosed in embodiments of the present invention. A general purpose processor may be a microprocessor or any conventional processor or the like. The steps of a method disclosed in connection with the embodiments of the present invention may be directly implemented by a hardware processor, or may be implemented by a combination of hardware and software modules in the processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in the memory, and the processor reads the information in the memory and completes the steps of the signal processing flow by combining the hardware.
A first device, a session key generation device.
Wherein, the processor is used for reading the program in the memory and executing the following processes:
generating at least one random number;
and transmitting the corresponding random number through a quantum channel corresponding to the random number, so that the receiver performs hash operation on the received random number and a preset key by using a hash function to generate a session key.
As an optional embodiment, generating at least one random number comprises:
generating a random number;
transmitting a corresponding random number through a quantum channel corresponding to the random number, comprising:
transmitting the random number through a quantum channel corresponding to a random number.
As an optional embodiment, generating at least one random number comprises:
generating at least two random numbers;
transmitting a corresponding random number through a quantum channel corresponding to the random number, comprising:
and transmitting the corresponding random number through one quantum channel corresponding to each random number, wherein one random number corresponds to one quantum channel.
As an optional implementation, the processor is further configured to:
and transmitting the corresponding random number through the quantum channel corresponding to each random number in the quantum communication relay network.
As an optional implementation, the processor is further configured to:
receiving a confirmation message fed back by a receiver, and determining a random number successfully received by the receiver;
carrying out hash operation on the received random number and a preset key by utilizing a hash function to generate a session key, wherein the hash operation comprises the following steps:
and carrying out hash operation on the random number successfully received by the receiver and the preset key by utilizing a hash function to generate a session key.
Optionally, the hash function is a secure hash algorithm SHA-256, or a secure hash algorithm SHA-512, or a secure hash algorithm SHA-3.
A second device, a receiving device for session keys.
Wherein, the processor is used for reading the program in the memory and executing the following processes:
receiving corresponding random numbers transmitted by the quantum key distribution terminal through at least two quantum channels;
and carrying out hash operation on the received random number and the preset key by using a hash function to generate a session key.
As an optional implementation, the processor is further configured to:
and receiving corresponding random numbers transmitted by at least two quantum channels in the quantum communication relay network.
As an optional implementation, the processor is further configured to:
after the random number is successfully received, a confirmation message is fed back to the distributing terminal.
Optionally, the hash function is a secure hash algorithm SHA-256, or a secure hash algorithm SHA-512, or a secure hash algorithm SHA-3.
EXAMPLE III
Based on the same inventive concept, embodiments of the present invention provide a quantum key secure distribution receiving apparatus, and specific implementations of the apparatus may refer to descriptions in the system embodiment section, and repeated descriptions are omitted.
First means, a session key generation means.
The device includes:
a random number generation unit for generating at least one random number;
and the session key unit is used for transmitting the corresponding random number through the quantum channel corresponding to the random number, so that the receiver performs hash operation on the received random number and the preset key by using a hash function to generate a session key.
As an optional embodiment, generating at least one random number comprises:
generating a random number;
transmitting a corresponding random number through a quantum channel corresponding to the random number, comprising:
transmitting the random number through a quantum channel corresponding to a random number.
As an optional embodiment, generating at least one random number comprises:
generating at least two random numbers;
transmitting a corresponding random number through a quantum channel corresponding to the random number, comprising:
and transmitting the corresponding random number through one quantum channel corresponding to each random number, wherein one random number corresponds to one quantum channel.
As an optional implementation manner, the session key unit is further configured to transmit the corresponding random number through a quantum channel corresponding to each random number in the quantum communication relay network.
As an optional implementation, the method is further configured to:
receiving a confirmation message fed back by a receiver, and determining a random number successfully received by the receiver;
carrying out hash operation on the received random number and a preset key by utilizing a hash function to generate a session key, wherein the session key is used for:
and carrying out hash operation on the random number successfully received by the receiver and the preset key by utilizing a hash function to generate a session key.
As an optional implementation mode, the hash function is a secure hash algorithm SHA-256, a secure hash algorithm SHA-512 or a secure hash algorithm SHA-3.
A second device, a receiving device of the session key.
The device includes:
the receiving key unit is used for receiving the corresponding random numbers transmitted by the quantum key distribution end through at least two quantum channels;
and the session key unit is used for carrying out hash operation on the received random number and the preset key by utilizing a hash function to generate a session key.
As an optional implementation, the receiving key unit is further configured to:
and receiving corresponding random numbers transmitted by at least two quantum channels in the quantum communication relay network.
As an optional implementation, the apparatus is further configured to:
after the random number is successfully received, a confirmation message is fed back to the distributing terminal.
As an optional implementation mode, the hash function is a secure hash algorithm SHA-256, a secure hash algorithm SHA-512 or a secure hash algorithm SHA-3.
Example four
First, an embodiment of the present invention provides a method for generating a session key at a distributing end, as shown in fig. 5, where the method includes:
step 501: at least one random number is generated.
In the implementation, the following cases are classified according to the quantum channels:
the first condition is as follows: the distributing end generates a random number and sends the random number to the receiving end through a quantum channel;
case two: the distributing terminal generates at least two random numbers and sends the random numbers to the receiving terminal through at least two quantum channels corresponding to the random numbers.
Step 502: and transmitting the corresponding random number through a quantum channel corresponding to the random number, so that the receiver performs hash operation on the received random number and a preset key by using a hash function to generate a session key.
As an optional implementation, transmitting the corresponding random number through the quantum channel corresponding to each random number includes:
and transmitting the corresponding random number through the quantum channel corresponding to each random number in the quantum communication relay network.
As an optional implementation, the method further includes:
receiving a confirmation message fed back by a receiver, and determining a random number successfully received by the receiver;
carrying out hash operation on the received random number and a preset key by utilizing a hash function to generate a session key, wherein the hash operation comprises the following steps:
and carrying out hash operation on the random number successfully received by the receiver and the preset key by utilizing a hash function to generate a session key.
As an optional implementation mode, the hash function is a secure hash algorithm SHA-256, a secure hash algorithm SHA-512 or a secure hash algorithm SHA-3.
Method two, the embodiment of the present invention provides a receiving method of a session key at a receiving end, as shown in fig. 6, the method includes:
step 601: receiving corresponding random numbers transmitted by the quantum key distribution terminal through at least two quantum channels;
in the implementation, the sender sends at least two random numbers, and the receiver receives at least one random number, because if the sender sends two random numbers, once a quantum link is interfered, the receiver can only receive one random number.
Step 602: and carrying out hash operation on the received random number and the preset key by using a hash function to generate a session key.
As an optional implementation, receiving the corresponding random numbers transmitted by the quantum key distribution end through at least two quantum channels includes:
and receiving corresponding random numbers transmitted by at least two quantum channels in the quantum communication relay network.
As an optional implementation, the method further includes:
after the random number is successfully received, a confirmation message is fed back to the distributing terminal.
As an alternative embodiment, the hash function is secure hash algorithm SHA-256 or secure hash algorithm SHA-512 or secure hash algorithm SHA-3.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.
Claims (12)
1. A method for generating a session key, the method comprising:
generating at least one random number;
and transmitting the corresponding random number through a quantum channel corresponding to the random number, so that the receiver performs hash operation on the received random number and a preset key by using a hash function to generate a session key.
2. The method of claim 1, wherein generating at least one random number comprises:
generating a random number;
transmitting a corresponding random number through a quantum channel corresponding to the random number, comprising:
transmitting the random number through a quantum channel corresponding to a random number.
3. The method of claim 1, wherein generating at least one random number comprises:
generating at least two random numbers;
transmitting a corresponding random number through a quantum channel corresponding to the random number, comprising:
and transmitting the corresponding random number through one quantum channel corresponding to each random number, wherein one random number corresponds to one quantum channel.
4. The method according to any one of claims 1 to 3, wherein transmitting the corresponding random number through the quantum channel corresponding to the random number comprises:
and transmitting the corresponding random number through the quantum channel corresponding to each random number in the quantum communication relay network.
5. The method of claim 1, further comprising:
receiving a confirmation message fed back by a receiver, and determining a random number successfully received by the receiver;
carrying out hash operation on the received random number and a preset key by utilizing a hash function to generate a session key, wherein the hash operation comprises the following steps:
and carrying out hash operation on the random number S successfully received by the receiver and the preset key by utilizing a hash function to generate a session key.
6. The method of claim 1, wherein the hash function is secure hash algorithm SHA-256 or secure hash algorithm SHA-512 or secure hash algorithm SHA-3.
7. A method for receiving a session key, the method comprising:
receiving corresponding random numbers transmitted by the quantum key distribution terminal through at least two quantum channels;
and carrying out hash operation on the received random number and the preset key by using a hash function to generate a session key Ks.
8. The method of claim 7, wherein receiving the corresponding random numbers transmitted by the quantum key distribution end through the at least two quantum channels comprises:
and receiving corresponding random numbers transmitted by at least two quantum channels in the quantum communication relay network.
9. The method of claim 7, further comprising:
after the random number is successfully received, a confirmation message is fed back to the distributing terminal.
10. The method of claim 7, wherein the hash function is secure hash algorithm SHA-256 or secure hash algorithm SHA-512 or secure hash algorithm SHA-3.
11. A session key generation device, characterized by comprising: a processor and a memory, wherein the memory stores program code that, when executed by the processor, causes the processor to perform the steps of the method of any of claims 1 to 6.
12. A receiving apparatus of a session key, characterized in that the apparatus comprises: a processor and a memory, wherein the memory stores program code that, when executed by the processor, causes the processor to perform the steps of the method of any of claims 7 to 10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910002534.0A CN111404674B (en) | 2019-01-02 | 2019-01-02 | Method and equipment for generating and receiving session key |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910002534.0A CN111404674B (en) | 2019-01-02 | 2019-01-02 | Method and equipment for generating and receiving session key |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111404674A true CN111404674A (en) | 2020-07-10 |
| CN111404674B CN111404674B (en) | 2023-06-27 |
Family
ID=71430221
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910002534.0A Active CN111404674B (en) | 2019-01-02 | 2019-01-02 | Method and equipment for generating and receiving session key |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111404674B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112165443A (en) * | 2020-08-01 | 2021-01-01 | 广东电网有限责任公司广州供电局 | Multi-key information encryption and decryption method and device and storage medium |
| CN112512038A (en) * | 2020-11-19 | 2021-03-16 | 建信金融科技有限责任公司 | Method and device for generating session key, electronic equipment and readable storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101204034A (en) * | 2005-09-19 | 2008-06-18 | 香港中文大学 | System and method for quantum key distribution over WDM links |
| CN105471576A (en) * | 2015-12-28 | 2016-04-06 | 科大国盾量子技术股份有限公司 | Quantum key relaying method, quantum terminal nodes and quantum key relaying system |
| US20160337032A1 (en) * | 2015-05-12 | 2016-11-17 | Id Quantique Sa | Apparatus and Method for Providing Eavesdropping Detection of an Optical Fiber Communication |
| CN106612176A (en) * | 2016-12-16 | 2017-05-03 | 中国电子科技集团公司第三十研究所 | Negotiation system and negotiation method based on quantum truly random number negotiation secret key |
| CN108064436A (en) * | 2017-11-21 | 2018-05-22 | 深圳市汇顶科技股份有限公司 | Biometric information transmission method for building up, device, system and storage medium |
| CN108365953A (en) * | 2018-02-06 | 2018-08-03 | 中南大学 | Adaptive differential phase shift quantum key dissemination system based on deep neural network and its implementation |
-
2019
- 2019-01-02 CN CN201910002534.0A patent/CN111404674B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101204034A (en) * | 2005-09-19 | 2008-06-18 | 香港中文大学 | System and method for quantum key distribution over WDM links |
| US20160337032A1 (en) * | 2015-05-12 | 2016-11-17 | Id Quantique Sa | Apparatus and Method for Providing Eavesdropping Detection of an Optical Fiber Communication |
| CN105471576A (en) * | 2015-12-28 | 2016-04-06 | 科大国盾量子技术股份有限公司 | Quantum key relaying method, quantum terminal nodes and quantum key relaying system |
| CN106612176A (en) * | 2016-12-16 | 2017-05-03 | 中国电子科技集团公司第三十研究所 | Negotiation system and negotiation method based on quantum truly random number negotiation secret key |
| CN108064436A (en) * | 2017-11-21 | 2018-05-22 | 深圳市汇顶科技股份有限公司 | Biometric information transmission method for building up, device, system and storage medium |
| CN108365953A (en) * | 2018-02-06 | 2018-08-03 | 中南大学 | Adaptive differential phase shift quantum key dissemination system based on deep neural network and its implementation |
Non-Patent Citations (1)
| Title |
|---|
| 伍典策: "基于量子中继器的量子信息网络体系结构及路由技术研究", 《中国优秀硕士学位论文全文数据库信息科技辑》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112165443A (en) * | 2020-08-01 | 2021-01-01 | 广东电网有限责任公司广州供电局 | Multi-key information encryption and decryption method and device and storage medium |
| CN112512038A (en) * | 2020-11-19 | 2021-03-16 | 建信金融科技有限责任公司 | Method and device for generating session key, electronic equipment and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111404674B (en) | 2023-06-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108696411B (en) | Device for use in a CAN system | |
| Rahim et al. | Study of three pass protocol on data security | |
| CN110335043B (en) | Transaction privacy protection method, device and system based on blockchain system | |
| Bordel et al. | An intra-slice security solution for emerging 5G networks based on pseudo-random number generators | |
| CN111371790B (en) | Data encryption sending method based on alliance chain, related method, device and system | |
| CN111448779A (en) | System, device and method for hybrid secret sharing | |
| JP7353375B2 (en) | End-to-end double ratchet encryption with epoch key exchange | |
| KR101608815B1 (en) | Method and system for providing service encryption in closed type network | |
| CN111342976A (en) | Verifiable ideal lattice upper threshold proxy re-encryption method and system | |
| US20230188325A1 (en) | Computer-implemented system and method for highly secure, high speed encryption and transmission of data | |
| CN107534558B (en) | Method for protecting the information security of data transmitted via a data bus and data bus system | |
| KR101516114B1 (en) | Certificate-based proxy re-encryption method and its system | |
| US7894608B2 (en) | Secure approach to send data from one system to another | |
| CN105024807A (en) | Data processing method and system | |
| CA2819211C (en) | Data encryption | |
| US11528127B2 (en) | Computer-implemented system and method for highly secure, high speed encryption and transmission of data | |
| CN110378128A (en) | Data ciphering method, device and terminal device | |
| CN113300999B (en) | Information processing method, electronic device, and readable storage medium | |
| CN107249002B (en) | Method, system and device for improving safety of intelligent electric energy meter | |
| CN111404674B (en) | Method and equipment for generating and receiving session key | |
| CN111953487B (en) | Key management system | |
| CN106487761B (en) | Message transmission method and network equipment | |
| CN116644442A (en) | File verification method, device and system based on compound encryption and storage medium | |
| Kushwaha et al. | Enhancing Selective Encryption Algorithm for Secured MANET | |
| CN111404673B (en) | Quantum key distribution method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |