CN111756527B - Method for resisting equipment calibration attack in quantum key distribution system - Google Patents

Method for resisting equipment calibration attack in quantum key distribution system Download PDF

Info

Publication number
CN111756527B
CN111756527B CN201910237689.2A CN201910237689A CN111756527B CN 111756527 B CN111756527 B CN 111756527B CN 201910237689 A CN201910237689 A CN 201910237689A CN 111756527 B CN111756527 B CN 111756527B
Authority
CN
China
Prior art keywords
channel
calibration
detector
delay
parameter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910237689.2A
Other languages
Chinese (zh)
Other versions
CN111756527A (en
Inventor
唐世彪
程节
汤艳琳
孙剑
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Quantumctek Shanghai Co ltd
Quantumctek Co Ltd
Original Assignee
Quantumctek Shanghai Co ltd
Quantumctek Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Quantumctek Shanghai Co ltd, Quantumctek Co Ltd filed Critical Quantumctek Shanghai Co ltd
Priority to CN201910237689.2A priority Critical patent/CN111756527B/en
Publication of CN111756527A publication Critical patent/CN111756527A/en
Application granted granted Critical
Publication of CN111756527B publication Critical patent/CN111756527B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B10/00Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
    • H04B10/70Photonic quantum communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Electromagnetism (AREA)
  • Optics & Photonics (AREA)
  • Theoretical Computer Science (AREA)
  • Optical Communication System (AREA)
  • Photometry And Measurement Of Optical Pulse Characteristics (AREA)

Abstract

The invention discloses a method for resisting equipment calibration attack in a quantum key distribution system, which comprises the following steps: 1) completing the construction of a parameter calibration system; 2) generating a parametric calibration light at the safe region; 3) in the safe area, a receiver detection system to be subjected to parameter calibration completes key parameter measurement; 4) calculating the safety parameters of the receiver detection system; 5) setting a safety threshold DeltaAllowRange; 6) in the external field area, generating parameter calibration light; 7) in the outer field area, the receiver completes the measurement of key parameters of the detector and judges or calibrates. The invention has the advantages that: the function of resisting the equipment calibration attack can be realized only by necessary equipment parameter calibration and system online detection, and the influence caused by instability of an actual system can be more comprehensively eliminated by adding a built-in calibration light source and a coupling element in a safe area inside a receiver and considering the calibration under different specific conditions.

Description

Method for resisting equipment calibration attack in quantum key distribution system
Technical Field
The invention relates to a method for resisting equipment calibration attacks in the technical field of actual quantum key distribution, in particular to a method for resisting equipment calibration attacks in a Quantum Key Distribution (QKD) system.
Background
Because the optical signal of a receiving party is very weak, in order to reduce noise interference and post pulse interference caused by response delay of a semiconductor detector, a gate-controlled single-photon detector is generally adopted, when a gate-controlled signal exists, the response of the semiconductor detector is effective, and the response of the semiconductor detector is ineffective outside the gate-controlled signal.
For example, as shown in FIG. 1, taking the frequency of the light-emitting pulse of 100MHz as an example, the gate control signal at the detecting end is also 100MHz, and the interval between the light signal pulse and the gate control signal is fixed to 10 ns. Each pulse width is typically 100ps, and in a detection period of 10ns at the detector end, in which the gating signal is valid for 200ps, noise and post-pulse interference in the remaining 9ns +800ps where the gating signal is invalid can be filtered out, reducing the interference probability by 98%, thereby making single photon detection more efficient and accurate.
In order to maximize the detection efficiency, a mode of controlling the gate control signal to move with a 10ps accuracy delay is generally adopted to find the position of the gate control signal aligned with the optical pulse signal, so that the detection end can receive the optical pulse signal to the maximum extent, and the maximum detection count is achieved. I.e. the delay position of the gating signal is moved, and when the curve of the detection count and the delay position reaches a peak value, i.e. the detection count is maximal, the gating signal and the optical pulse signal are aligned.
In an actual QKD system, the number of detectors at the detection end is different according to different schemes. Taking the polarization encoding system based on the BB84 protocol as an example, as shown in fig. 2, the detecting end has 4 detectors corresponding to the detection of HVPN4 different polarized lights. Light pulses at the detection end are input from the left side, pass through the optical fiber and the beam splitter, and are equally divided into 4 equal parts to respectively reach the HVPN4 detectors.
Because there may be a discrepancy in the lengths of the optical fibers from the optical pulse input ports to the 4-way detector, there are different delay differences in the optical signals arriving at the 4-way detector. In order to maximize the detection efficiency of the 4-path single-photon detector, four types of completely synchronous HVPN signal light are transmitted at the light-emitting end in sequence, wherein the synchronization refers to that: on the exit of the light-emitting end and the optical fiber link, the light pulse positions of the HVPN are completely coincident, the light pulse input port of the detector end is also completely coincident, the later difference only appears from the light pulse input port of the detector end to 4 paths of single photon detectors, the delay calibration of the gate control signal and the incident light pulse signal is separately carried out on each path of the HVPN when the light pulse input port reaches the detection end, so that the gate control signal just covers the light pulse waveform, the curve of the detection counting position and the delay position reaches the peak value at the moment, namely the detection counting is maximum, and the process is also called as 'delay scanning'.
For the calibration process of the above 4-path detector, there is a "device calibration attack" mode specially for the process.
The device calibration attack (device calibration attack) is to attack a detector in the process of carrying out system calibration on a quantum key distribution system (QKD), introduce a vulnerability of unmatched detector efficiency, and provide a vulnerability which can be attacked for attack means such as time-shift attack and the like based on inconsistent detector efficiency. As in the references: jain N, Wittmann C, Lydersen L, et al, device catalysis activities security of quality key distribution physical Review Letters,2011,107(11): 110501.
In this document, the device calibration attack is directed to a plug & play scheme phase-coded QKD system such as the claus 2 system (QKD system by ID Quantique) in a manner that attacks the so-called Line Length Measurement (LLM) calibration process of the system, which is aimed at maximizing the efficiency of the calibration detector. This document describes the calibration process using fig. 3, taking two detectors D0 and D1 as an example, and the calibration process is performed in the area (a) of fig. 3: bob sends out a pair of intense light pulses to Alice and detects the pulses from Alice back to Bob by scanning the detector gate signals for delays such that the light pulses arriving at the two detectors D0 and D1 are aligned with the detector gate signals to maximize detection efficiency. In region (b) of fig. 3, in order for both detectors D0 and D1 to receive an optical pulse, Alice keeps the Phase Modulator (PM) off, i.e., applies phase 0, while Bob applies phase α ═ pi/2 to between the two component pulses of an optical pulse. So far, the light intensity distribution of the interference outlet is the same, and the optimal positions of the detection efficiencies of the two detectors are the same, and no leak with inconsistent detection efficiencies exists.
The attack mode for the LLM calibration process is: in the LLM process, an attacker Eve in the lines of Alice and Bob divides the loaded phase between two component pulses of an optical pulse into two types, wherein one type is the first half part on one component pulseFractional loading of alpha E1 One is to load alpha on the latter half of a component pulse E1 When Bob applies the phase α ═ pi/2 to between two component pulses of one optical pulse, the phase difference between the two component pulses of one optical pulse is actually divided into two cases, one in which the phase difference in the first half is 0 and the second half is pi. Then the light intensity distribution of the interference exit is not the same, that is, the detectors D0 and D1 at Bob end receive the first half light pulse and the second half light pulse respectively, so that the detection efficiencies of the two detectors correspond to the first half light pulse and the second half light pulse respectively, and the optimal positions of the detection efficiencies are staggered, resulting in a leak with inconsistent detection efficiencies. When the QKD device completes the calibration process and starts to work to generate the key, the detection efficiency of some channels is low, and even only one of the channels has detection count, so that an eavesdropper can completely know the finally generated quantum key (that is, only the effective one of the channels has count, the corresponding original key is fixed to be 0 or 1, and the key is completely fixed), and the security of the QKD device is damaged.
The countermeasure against the attack is to exchange detection values randomly for the detectors at the receiving end, for example, a fixed pi/2 phase is not applied any more, but a random 0 and pi phase randomly replace the detection results of the plurality of detectors, so that the attacking party cannot control the interference result, that is, the attacking party cannot control the detection result of the detectors, and thus both the detectors will receive half the energy of the same complete light pulse, and the optimal position of the detection efficiency is still the same, and there is no leak with inconsistent detection efficiency. Thereby, the device calibration attack can be resisted.
The above-mentioned means for defending against device calibration attacks are only applicable to the phase-coded QKD system based on the active basis vector selection scheme, especially to the devices that rely on randomly modulated signals, such as the phase modulator and its modulation circuit, while for other QKD systems, such as the QKD system based on the passive basis vector selection scheme, the defending means cannot be used because no device at the receiving end Bob can apply random phases to randomly permute the detection results of multiple detectors.
Secondly, the scheme can ensure that the detection efficiency is consistent whether the attack is received or not; however, the scheme cannot intuitively monitor whether the equipment is attacked by the calibration of the equipment, and is not beneficial to demonstration of the attack effect.
Disclosure of Invention
The technical problem to be solved by the invention is to resist the equipment calibration attack in a Quantum Key Distribution (QKD) system, the method can realize the function of resisting the equipment calibration attack only by the necessary equipment parameter calibration and the system online detection mode, and the influence caused by the instability of an actual system can be more comprehensively eliminated by adding a built-in calibration light source and a coupling element in a safe area inside a receiver and considering the calibration under different specific conditions.
The technical problem to be solved by the invention is realized by the following technical scheme: a method of countering device calibration attacks in a quantum key distribution system, comprising the steps of:
1) firstly, completing the construction of a parameter calibration system;
the parameter calibration system comprises: a standard light source, a quantum channel and a receiver detection system to be calibrated by parameters in a sender;
2) generating a parametric calibration light at the safe region;
the method comprises the steps that a light source is used for generating parameter calibration light with the required time position beam combination consistency, and the parameter calibration light is sent to a receiver detection system to be calibrated through a quantum channel;
3) in the safe area, a receiver detection system to be subjected to parameter calibration completes key parameter measurement;
a plurality of channels of the detector of the receiver detection system are respectively named as channel 1, channel 2 and … … channel n, and the key parameter a of each channel is obtained by measurement 1 ,a 2 ,……,a n Wherein n is the number of detectors in the receiver detection system, n channels correspond to n detectors, and after the parameter calibration light reaches the detectors, the plurality of detectors receive the complete light pulses with the same time position, that is, the light pulse waveform time with the same beam combination is used as the consistent reference, so that the plurality of detectors receive the complete light pulses with the same time positionThe time position of the optimum value of the detection efficiency of the detector is recorded as a 1 ,a 2 ,……,a n
4) Calculating the safety parameters of the receiver detection system;
using the key parameter a of at least one detector channel k (k ═ 1, 2, … …, n) k Calculating relative difference b of key parameters of other channels and a channel k as a reference i-k As a security parameter for the receiver of the quantum key distribution system, stored in the receiver detection system, b i-k The calculation method of (c) is as follows:
b i-k =a i -a k i ≠ 1, 2, … …, n, and i ≠ k;
5) setting a safety threshold DeltaAllowRange;
setting a safety threshold DeltaAllowRange according to the characteristics of the detector of the receiving party and the electronic characteristics of the detection pulse time measurement;
6) in the external field area, generating parameter calibration light;
the standard light source of the sender is used for generating parameter calibration light with the required time position and consistent beam combination, and the parameter calibration light is sent to a receiver detection system to be subjected to parameter calibration through a quantum channel of the external field region;
7) in the outer field area, the receiver completes the measurement of key parameters of the detector and judges or calibrates.
As a further specific technical solution, there are two solutions in step 7), wherein the solution one is: the receiver completes the measurement and judgment of the key parameters of the detector and monitors whether the detector is attacked or not, and the method comprises the following steps:
7.1) measuring the channel 1, the channel 2, the channel … … and the channel n to obtain an external field measured value B of each channel key parameter 1 ,B 2 ,……,B n
7.2) according to the safety parameter b i-k And calculating a safety range [ (B) of the difference value of the key parameter measured values of the detector channel i (i is 1, 2, … …, n) and the channel k respectively by using a safety threshold DeltaAllowRange i-k )min,(B i-k )max]Wherein (B) i-k )min=b i-k –DeltaAllowRange,(B i-k )max=b i-k +DeltaAllowRange,i≠k;
7.3) for the detector channel i (i is 1, 2, … …, n), whether the difference value of the key parameter measured values of the detector channel i and the channel k is in a safe range is judged.
Further, the judgment manner in the step 7.3) is as follows: if B is present i-k ∈[(B i-k )min,(B i-k )max]If so, the difference value of the key parameter measurement values of the channel i and the channel k of the detector is within a safety range; if it is not
Figure BDA0002008707540000051
And if the difference values of the key parameter measurement values of all the channels of the at least one detector channel k are all in the safety range, judging that the quantum key distribution system is not attacked by equipment calibration.
Furthermore, if the difference value of the measured values of the key parameters of one channel of the detector is out of the safety range, the quantum key distribution system is likely to be attacked by equipment calibration, the system immediately stops the distribution of the quantum keys, and reports and records the abnormal equipment calibration attack.
As an optional technical solution, in step 7), the second solution is: the receiver completes measurement and calibration of key parameters of the detector, channels 1, 2 and … … are respectively used for a plurality of channels of the detector of the receiver of the quantum key distribution system, and key parameter measurement is completed for a channel k (k is 1, 2, … …, n) of the detector to obtain a measured value c k The key parameter value of the detector channel i (i is 1, 2, … …, n) is not measured, and the key parameter calibration value c is obtained by calculation i :c i =c k +b i-k I is not equal to k, and then the key parameter value of the detector channel i is calibrated into a key parameter calibration value c i
As an optional technical solution, in step 7), the receiver completes the measurement of the key parameters of the detector and determines whether the detector is attacked or not, and may further adopt the following steps:
7.1) for a plurality of channels of the detector at the receiver of the quantum key distribution system, namely channel 1, channel 2, … … and channel n, measuring to obtain an external field measured value B of key parameters of each channel 1 ,B 2 ,……,B n
7.2) measurement B of the key parameter from the detector channel k k Safety parameter b i-k Calculating the safety range [ (B) of the key parameter measured value of the detector channel i by using the safety threshold DeltaAllowRange i )min,(B i )max]Wherein:
(B i )min=B k +b i-k –DeltaAllowRange,
(B i )max=B k +b i-k +DeltaAllowRange;
7.3) for the detector channel i, judging whether the measured value of the key parameter of the corresponding detector channel i is in a safe range.
Further, if B is i ∈[(B i )min,(B i )max]If so, the measured value of the key parameter of the corresponding detector channel i is considered to be in a safety range; if it is not
Figure BDA0002008707540000061
The measured value of the key parameter of the corresponding detector channel i is considered to be out of the safety range; and if the key parameter measurement values of all the channels of the at least one detector channel k are in the safety range, judging that the quantum key distribution system is not attacked by equipment calibration.
As an optimized technical solution, in the step 2), for the selection of the safety area, the following steps are adopted: the sender, the receiver and the quantum channel between the sender and the receiver are all placed in a safe area which cannot be touched by an attacker Eve, and the light source which generates the parameter calibration light with the required time position combination in the step 2) is the standard light source in the sender.
As an optimized technical solution, in the step 2), the selection of the safety area adopts: if the device is required to be calibrated after the external field is built or in the using process, the light source generating the parameter calibration light with the required time and position combination consistent in the step 2) is a built-in calibration light source of the receiving party.
As an optimized technical scheme, the built-in calibration light source of the receiver is connected to a receiver detection system to be calibrated by parameters through the coupling of an optical switch or a BS coupling element.
As an optimized technical scheme, an optical switch is used as a coupling element, at the moment, the optical switch switches an optical path of an input end from a quantum channel to a built-in calibration light source, and the connection between the built-in calibration light source and a detection system is in a safe area.
As a specific technical solution, the key parameter of the detector is a delay value corresponding to a peak count of the detector.
As a further specific technical solution, the quantum key distribution system is a polarization encoding system based on BB84 protocol, and the total number of the detection ends is H, V, P, N four detectors, then in step 3), before each QKD device leaves the factory, a delay scan is performed, and calibration delay values H of H, V, P, N four channels are recorded delay 、V delay 、P delay 、N delay
In the step 4), taking the delay values of one or more of the H, V, P, N channels as a reference, respectively calculating delay differences of the delay values of the other three channels relative to the reference value, taking the delay differences as factory standard delay differences, presetting and storing the factory standard delay differences in the receiver detection system;
in the step 7), calculating an effective range DeltaRegionX _ Y of an allowed delay position difference between the channels X and Y through a safety threshold DeltaAllowRange;
in the step 7), in the field area, each QKD device is scanned with a delay, and field area delay values H of H, V, P, N four channels are recorded wdelay 、V wdelay 、P wdelay 、N wdelay Sequentially calculating the difference of the delay positions of other 3 channels relative to the delay position of the reference channel by taking one or more corresponding channels in the H, V, P, N four channels in the step 4) as reference, and comparing the obtained delay channel difference CurrentDeltaChanX _ Y with the effective delay channel differenceAnd comparing the range DeltaRegionX _ Y, if all the ranges are within the effective range, replying that the delay scanning is successful, and if one delay difference value is not within the effective range, replying that the delay scanning is failed, and reporting that the equipment calibration attack is abnormal.
The invention has the following beneficial effects:
1. the invention is not limited to a QKD system based on a certain specific protocol and a specific device, has wide application scenes, and is suitable for an active (such as a phase modulator) or passive (such as a beam splitter BS) quantum state decoding device;
2. through a necessary device parameter calibration and system online detection mode, the variation of the key parameters of the detector is kept consistent (for example, when the key parameters are the door opening positions of the detector corresponding to the optimal detection efficiency, the defects of inconsistent detection efficiency under the condition that the door opening positions of the optimal detector are staggered are avoided), so that the function of monitoring/resisting the device calibration attack is realized, whether the device calibration attack is suffered from the monitoring is convenient, and the attack effect is also convenient to demonstrate;
3. the built-in calibration light source and the coupling element are added in the safe area inside the receiver, so that the safe parameters of the detector can be calibrated again according to the situation, the problem that the safe parameters of the actual system change along with the external environment and need to be calibrated again can be solved, and the attack misjudgment caused by the change of the safe parameters of the system can be avoided. In addition, the coupling element is preferably an optical switch, and light on an external quantum channel is cut off through the optical switch to prevent the light from entering a safe area (even if the sender Alice stops emitting light, Eve light is possibly input to the receiver Bob through the quantum channel), so that the safety of the calibration process of the safety parameter of the detector can be ensured.
Drawings
FIG. 1 is a schematic diagram of the intervals between the light signal pulses and the gating signals.
Fig. 2 is a schematic diagram of a conventional optical pulse input detection terminal.
Fig. 3 is a diagram of a prior art phase-encoded QKD system.
Fig. 4 is a schematic diagram of a device key parameter calibration system using the method for countering device calibration attacks in a quantum key distribution system according to the present invention.
Fig. 5 is a schematic diagram illustrating a pre-factory delay scan result of the device described in the first embodiment of the present invention.
Fig. 6 is a schematic diagram illustrating a result of a certain time-delay scanning after a factory deployment of a device is brought online according to an embodiment of the present invention.
Fig. 7 is a schematic diagram illustrating a result of a certain time-delay scanning after a factory deployment of a device is brought online according to a second embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The method for resisting equipment calibration attacks in the quantum key distribution system mainly comprises the following steps 1) to 7):
1) firstly, completing the construction of a parameter calibration system;
2) generating a parametric calibration light at the safe region;
3) in the safe area, a receiver detection system to be subjected to parameter calibration completes key parameter measurement;
4) calculating the safety parameters of the receiver detection system;
5) setting a safety threshold DeltaAllowRange;
6) in the external field area, generating parameter calibration light;
7) in the outer field area, the receiver completes the measurement of key parameters of the detector and judges or calibrates.
Next, each step will be explained in detail.
Example one
1) Firstly, the construction of the parameter calibration system is completed, as shown in fig. 4.
The parameter calibration system comprises the following components: and the detection system comprises a standard light source in the sender, a quantum channel and a receiver to be calibrated. The receiver is also provided with a built-in calibration light source which is coupled into a receiver detection system to be calibrated through coupling elements such as an optical switch or a BS.
The parameter calibration needs to be completed in a safe area. The specific case and manner of selection of the security zone is divided into two.
One is that the sender, the receiver and the quantum channel between them are all placed in a secure area that cannot be touched by an attacker Eve. The process of calibrating the parameters of the detection system in this area is safe. This safe area can be guaranteed at factory calibration, as it is not yet deployed in the field to be inaccessible to the attacker Eve.
And secondly, if the equipment needs to be calibrated after the equipment leaves a factory and the external field is built or in the using process (the actual parameters are changed because the system is possibly unstable due to long time), the detection system needs to be calibrated by using a built-in calibration light source and a coupling element of a receiver. In particular, the optical switch is used as a coupling element, and the optical switch switches the optical path of the input end from the quantum channel to the built-in calibration light source, so that the connection between the built-in calibration light source and the detection system is in a safe region, and the calibration result is safe.
2) At the safe area, parametric calibration light is generated.
The standard light source/receiver is internally provided with a calibration light source for generating parameter calibration light with consistent time position beam combination, and the parameter calibration light can be random or periodic, and can be in one quantum state or multiple quantum states. And the parameter calibration light is sent to a receiver detection system to be calibrated through a quantum channel.
3) And in the safe area, a receiver detection system to be calibrated completes the measurement of the key parameters.
A plurality of channels of the detector of the receiver detection system are respectively named as channel 1, channel 2 and … … channel n, and the key parameter a of each channel is obtained by measurement 1 ,a 2 ,……,a n Where n is the number of detectors in the receiver detection system and n channels correspond to n detectors. Specifically, after the parameter calibration light reaches the detector, the plurality of detectors all receive complete light pulses with the same time positionThat is, with the time of the light pulse waveform with the same beam combination as the reference for coincidence, the time position of the optimal value of the detection efficiency of the plurality of detectors is recorded as a 1 ,a 2 ,……,a n . They are identical with respect to the combined identical light pulse waveform without deviating from the center position of the light pulse shape. At the moment, the detection efficiency is consistent, and no inconsistent loopholes exist.
It should be noted that the key parameter of the receiver device of the quantum key distribution system is the relative time difference of the light pulses received by each channel of the detector, and the receiver device of the quantum key distribution system can be divided into a gate-controlled detector and a free-running detector according to the different types of the detectors in the receiver device of the quantum key distribution system.
The definition of the critical parameters of the device is different for different types of detectors. Firstly, a gating type detector: a gated detector is used for detection at a receiver of the quantum key distribution system, and the quantum key distribution system needs to adjust the relative phase relation between the gated signals of each channel of the detector and the light pulses received by the detector, so that the detection counting rate is maximized. The relative phase relationship value (usually a delay value) is a critical parameter of the device. A free-running detector: the receiver of the quantum key distribution system uses a free-running detector to detect, the quantum key distribution system can directly measure and obtain the relative time of arrival of the signal light pulse (relative to a system synchronous signal or a synchronous clock), and the relative time value is the key parameter of the equipment.
4) And (4) the receiver detects the calculation of the system security parameters.
Using key parameter a of detector channel k (k is 1, 2, … …, n) k Calculating relative difference b of key parameters of other channels and a channel k as a reference i-k And the security parameters are stored in a receiver detection system as the security parameters of the receiver of the quantum key distribution system. b i-k The calculation method of (c) is as follows:
b i-k =a i -a k ,i=1,2,……,n,a i is the key parameter value of channel i, and i ≠ k.
5) A safety threshold deltaallowrrange is set.
The safety threshold value DeltaAllowRange is set according to the characteristics of the detector of the receiving party and the electronic characteristics of the detection pulse time measurement part, for example, the safety threshold value DeltaAllowRange is set according to the detection efficiency gate width and the step size of a delay chip of a detector gating signal, and a range of several step sizes can be generally selected.
6) In the outer field region, parametric calibration light is generated.
The standard light source of the sender is used for generating parameter calibration light with the consistent time position beam combination, and the parameter calibration light can be random or periodic, and can be in one quantum state or multiple quantum states. And the parameter calibration light is sent to a receiver detection system to be calibrated through a quantum channel of the external field region.
7) In the outer field area, the receiver completes the measurement of key parameters of the detector and judges or calibrates.
There are two schemes:
a. in the first scheme, a receiver completes the measurement and judgment of key parameters of the detector, and can monitor whether the detector is attacked:
for a plurality of channels of a detector at a receiver of the quantum key distribution system, namely a channel 1, a channel 2, a channel … … and a channel n, measuring to obtain an external field measured value B of key parameters of each channel 1 ,B 2 ,……,B n . The specific steps are similar to '3) in a safe area, the detection system of a receiver to be calibrated completes the measurement of key parameters', namely the steps are as follows: after the parameter calibration light reaches the detectors, the detectors receive the complete light pulse with the same time position, namely, the light pulse waveform time with the same beam combination is used as the consistent reference, and then the time position of the optimal value of the detection efficiency of the detectors is recorded as B 1 ,B 2 ,……,B n
According to a safety parameter b i-k Calculating a safety range [ (B) of the difference value of the key parameter measured values of the detector channel i (i is 1, 2, … …, n) and the channel k by using a safety threshold DeltaAllowRange i-k )min,(B i-k )max]Wherein (B) i-k )min=b i-k –DeltaAllowRange,(B i-k )max=b i-k +DeltaAllowRange,i≠k。
For a detector channel i (i is 1, 2, … …, n), whether the difference value of the measured values of the key parameters of the detector channel i and the channel k is within a safe range is determined as follows: if B is present i-k ∈[(B i-k )min,(B i-k )max]If so, the difference value of the key parameter measurement values of the channel i and the channel k of the detector is within a safety range; if it is not
Figure BDA0002008707540000121
The difference between the measured values of the key parameters of the channel i and the channel k of the detector is considered to be out of the safety range. If the difference values of the key parameter measurement values of all channels of the detector are within the safety range, the quantum key distribution system is judged not to be attacked by equipment calibration, otherwise, the quantum key distribution system is possibly attacked by the equipment calibration, the system immediately stops the distribution of the quantum key, and simultaneously reports and records the abnormal equipment calibration attack.
As a technical common knowledge of a person skilled in the art, the above-mentioned determination of whether the difference values of the measured values of the key parameters of all channels of the detector are within the safety range may be performed with one detector channel as a reference, or may be performed with a plurality of detector channels as references, so as to increase the accuracy of the determination.
b. And in the second scheme, the receiver completes the measurement and calibration of the key parameter of the detector, and the key parameter calibration value c of the detector channel i (i is 1, 2, … …, n) can be conveniently obtained i
For a plurality of channels of a detector at a receiver of the quantum key distribution system, the channels are channel 1, channel 2 and … … channel n respectively, and key parameter measurement is completed on a detector channel k (k is 1, 2, … …, n) to obtain a measured value c k . Key parameter value of detector channel i (i is 1, 2, … …, n) is not measured, and key parameter calibration value c is obtained by calculation i :c i =c k +b i-k ,i≠k。
Calibrating the key parameter value of the detector channel i into key parameter calibrationValue c i
The following describes a method for countering device calibration attacks in a quantum key distribution system in detail by taking a polarization encoding system based on the BB84 protocol as an example.
1) Firstly, the construction of a parameter calibration system is completed.
The parameter calibration system comprises the following components: the system comprises a standard light source in a sender, a quantum channel and a detection system to be calibrated by parameters of a receiver. The receiver is also provided with a built-in calibration light source which is coupled into a receiver detection system to be calibrated through coupling elements such as an optical switch or a BS.
The parameter calibration needs to be completed in a safe area. The specific case and manner of selection of the security zone is divided into two.
One is that the sender, the receiver and the quantum channel between them are all placed in a secure area that cannot be touched by an attacker Eve. The process of calibrating the parameters of the detection system in this area is safe. This safe area can be guaranteed at factory calibration, as it is not yet deployed in the field to be inaccessible to the attacker Eve.
And secondly, if the equipment needs to be calibrated after the equipment leaves a factory and the external field is built or in the using process (the actual parameters are changed because the system is possibly unstable due to long time), the detection system needs to be calibrated by using a built-in calibration light source and a coupling element of a receiver. In particular, the optical switch is used as a coupling element, and the optical switch switches the optical path of the input end from the quantum channel to the built-in calibration light source, so that the connection between the built-in calibration light source and the detection system is in a safe region, and the calibration result is safe.
2) At the safe area, parametric calibration light is generated.
The standard light source/receiver is internally provided with a calibration light source for generating parameter calibration light with consistent time position beam combination, and the parameter calibration light can be random or periodic, and can be in one quantum state or multiple quantum states. And the parameter calibration light is sent to a receiver detection system to be calibrated through a quantum channel.
3) And in the safety area, a receiver detection system to be subjected to parameter calibration completes key parameter measurement.
The total of four HVPN detectors at the detection end, and before each QKD device leaves the factory, the time delay scanning is executed, and the calibration time delay values H of H, V, P, N four channels are recorded delay 、V delay 、P delay 、N delay
4) And (4) the receiver detects the calculation of the system security parameters.
And taking the delay value of any one of the H, V, P, N channels as a reference, respectively calculating the delay differences of the delay values of the other three channels relative to the reference value, wherein the total delay difference is 4 x 3-12 factory standard delay differences, and presetting and storing the delay differences in the receiving side detection system.
Because the length of the optical fiber from the optical pulse inlet to each single-photon detector at the detection end is fixed and unchanged, and the HVPN calibration light independently input at the optical pulse inlet of the detection end is completely synchronous when the QKD is not attacked in normal operation (the synchronization means that the HVPN optical pulse positions are completely coincident on the light-emitting end outlet and the optical fiber link, and the light pulse input ports at the detector end are completely coincident, and the later difference is only reflected from the light pulse input ports at the detector end to the 4-path single-photon detector), the delay difference value between the delay calibration results of the HVPN 4-path detector is basically unchanged.
In practical deployment application, the QKD sending end and the receiving end are generally separated by dozens of kilometers, and are connected by optical fibers. An eavesdropper can attack the middle of the optical fiber line, and in order to detect possible attacks, when the QKD device is started, delay scanning is carried out, delay calibration is carried out on the gate control signals of all paths, and whether the attacks exist or not is judged according to a calibration result.
The specific calculation process of the factory standard delay difference value is as follows:
before each QKD device leaves a factory, performing delay scanning, taking a delay value of any one channel of H, V, P, N as a reference, and then respectively calculating delay differences of delay values of other three channels relative to the reference value, wherein the delay differences are theoretical values and are recorded as TheroreticalDeltaChanX _ Y, wherein the name of X can be H, V, P, N, the name of Y can be H, V, P, N and represents the channel serving as the reference, and X, Y cannot be simultaneously taken as the same name, such as H cannot be simultaneously taken; and 4 × 3 to 12 delay differences can be obtained from the HVPN delay position result obtained from each delay scanning.
The specific calculation is as follows:
the delay time difference of the channel V, P, N with respect to the channel H is calculated using the delay value of the channel H as a reference value, and the calculation method is as follows:
TheoreticalDeltaChanV_H=V delay -H delay
TheoreticalDeltaChanP_H=P delay -H delay
TheoreticalDeltaChanN_H=N delay -H delay
the delay time difference of the lane H, P, N with respect to the lane V is calculated using the delay value of the lane V as a reference value, and the calculation method is as follows:
TheoreticalDeltaChanH_V=H delay -V delay
TheoreticalDeltaChanP_V=P delay -V delay
TheoreticalDeltaChanN_V=N delay -V dealy
the delay time difference of the lane H, V, N with respect to the lane P is calculated using the delay value of the lane P as a reference value, and the calculation method is as follows:
TheoreticalDeltaChanH_P=H delay -P delay
TheoreticalDeltaChanV_P=V delay -P delay
TheoreticalDeltaChanN_P=N delay -P delay
the delay time difference of the lane H, V, P with respect to the lane N is calculated using the delay value of the lane N as a reference value, and the calculation method is as follows:
TheoreticalDeltaChanH_N=H delay -N delay
TheoreticalDeltaChanV_N=V delay -N delay
TheoreticalDeltaChanP_N=P delay -N delay
and presetting and storing the 12 delay differences in the receiver detection system.
Since the delay difference is relative, for example, the delay difference of H relative to V and the delay difference of V relative to H are equivalent, the above 12 delay differences can be reduced to 6, which is another feasible solution.
5) A safety threshold deltaallowrrange is set.
There will be a slight error in the device measurement each time the scanning process is delayed. And counting a large number of delay scanning results according to the operation condition of the deployed equipment to obtain a floating range of a proper delay difference value, such as +/-20 ps.
6) In the outer field region, parametric calibration light is generated.
The standard light source of the sender is used for generating parameter calibration light with the consistent time position beam combination, and the parameter calibration light can be random or periodic, and can be in one quantum state or multiple quantum states. And the parameter calibration light is sent to a receiver detection system to be calibrated through a quantum channel of the external field region.
7) In the outer field area, the receiver completes the measurement of key parameters of the detector and judges or calibrates.
Only a specific example of the first scheme is given here, and a specific way for the receiving side to complete the measurement and determination of the key parameters of the probe is as follows:
according to the safety threshold DeltaAllowRange of the step 5), the lower limit and the upper limit of the effective range DeltaRegionX _ Y of the allowed delay position difference between the channels X and Y are respectively obtained as follows:
lower limit: delta RegionLowX _ Y ═ TheoreticalDeltaChanX _ Y-Delta AllowRange
Upper limit: delta RegionHighX _ Y ═ TheoreticalDeltaChanX _ Y + DeltaAllowRange
Wherein X may be H, V, P, N, Y may be H, V, P, N, which represent H, V, P, N four channels, respectively, and X, Y may not be simultaneously assigned the same name, e.g., H.
In the external field area, each QKD device is subjected to delay scanning, and after the delay scanning is finished, peak counts of four HVPN channels and corresponding gating delay positions (according to delay) can be obtainedScanning principle, delaying the peak of the scanning curve to count the corresponding delay value, gating signal and light pulse signal to align at this time). The outfield zone delay values H of H, V, P, N four channels were recorded wdelay 、V wdelay 、P wdelay 、N wdelay . The means for resisting the equipment calibration attack is to check the relative positions of the delay positions of the four channels. And respectively taking H, V, P, N four channels as a reference, and sequentially calculating the difference value of the delay position of the other 3 channels relative to the delay position of the reference channel. The formula is as follows:
CurrentDeltaChanX_Y=CurrentChanX-CurrentChanY
wherein X may be H, V, P, N, Y may be H, V, P, N, which represent H, V, P, N four channels, respectively, and X, Y may not be simultaneously given the same name, such as H; the HVPN delay position results from each delay scan can yield 4 x 3 to 12 delay differences.
The specific calculation is as follows:
the delay time difference of the channel V, P, N with respect to the channel H is calculated using the delay value of the channel H as a reference value, and the calculation method is as follows:
CurrentDeltaChanV_H=V wdelay -H wdelay
CurrentDeltaChanP_H=P wdelay -H wdelay
CurrentDeltaChanN_H=N wdelay -H wdelay
the delay time difference of the lane H, P, N with respect to the lane V is calculated using the delay value of the lane V as a reference value, and the calculation method is as follows:
CurrentDeltaChan H_V=H wdelay -V wdelay
CurrentDeltaChanP_V=P wdelay -V wdelay
CurrentDeltaChanN_V=N wdelay -V wdelay
the delay time difference of the lane H, V, N with respect to the lane P is calculated using the delay value of the lane P as a reference value, and the calculation method is as follows:
CurrentDeltaChan H_P=H wdelay -P wdelay
CurrentDeltaChanV_P=V wdelay -P wdelay
CurrentDeltaChanN_P=N wdelay -P wdelay
the delay time difference of the lane H, V, P with respect to the lane N is calculated using the delay value of the lane N as a reference value, and the calculation method is as follows:
CurrentDeltaChan H_N=H wdelay -N wdelay
CurrentDeltaChanV_N=V wdelay -N wdelay
CurrentDeltaChanP_N=P wdelay -N wdelay
comparing the obtained delay channel difference CurrentDeltaChanX _ Y with the effective range DeltaRegionX _ Y:
if all are in the effective range, the recovery delay scanning is successful;
if a delay difference value is not in the effective range, replying delay scanning failure and reporting the abnormal equipment calibration attack.
The first embodiment is as follows:
as shown in fig. 5, for example, as to a QKD device, as a result of factory delay scanning, HVPN delay positions are 100ps, 200ps, 300ps, and 400ps, respectively, and then delay differences between HVPNs are:
V-H=100ps,P-H=200ps,N-H=300ps;
H-V=-100ps,P-V=100ps,N-V=200ps;
H-P=-200ps,V-P=-100ps,N-P=100ps;
H-N=-300ps,V-N=-200ps,P-N=-100ps;
and adding a common floating value +/-20 ps obtained by data statistics, wherein the credible range of the delay difference value is as follows:
V-H=[80ps,120ps],P-H=[180ps,220ps],N-H=[280ps,320ps];
H-V=[-120ps,-80ps],P-V=[80ps,120ps],N-V=[180ps,220ps];
H-P=[-220ps,-180ps],V-P=[-120ps,-80ps],N-P=[80ps,120ps];
H-N=[-320ps,-280ps],V-N=[-220ps,-180ps],P-N=[-120ps,-80ps];
the range is stored within this QKD device.
After the equipment leaves the factory and is deployed on line, starting up the equipment to operate, performing a calibration process of the delay scanning equipment, and if the obtained delay scanning result is as shown in fig. 6, then:
V-H=110ps,P-H=220ps,N-H=320ps;
H-V=-110ps,P-V=110ps,N-V=210ps;
H-P=-220ps,V-P=-110ps,N-P=100ps;
H-N=-320ps,V-N=-210ps,P-N=-100ps;
and comparing the delay difference result with the range of the credible delay difference set by the factory, and if the delay difference result is found to be in the credible range, the equipment calibration process of delay scanning is normal and the delay scanning is passed.
Example two:
in the same example, if the result of a certain time-delay scanning is shown in fig. 7, the same factory equipment parameters are as follows:
V-H=120ps,P-H=230ps,N-H=330ps;
H-V=-120ps,P-V=110ps,N-V=210ps;
H-P=-230ps,V-P=-110ps,N-P=100ps;
H-N=-330ps,V-N=-210ps,P-N=-100ps;
comparing the delay difference result with the range of the credible delay difference value set by the factory, finding that P-H, N-H, H-P and H-N exceed the credible range, judging that the equipment calibration attack exists, alarming, restarting the delay scanning process until each delay difference value of the HVPN returns to the credible range, judging that the equipment is recovered to a normal working state, and stopping the equipment calibration attack.
The invention is suitable for all QKD systems, is suitable for active (such as a phase modulator) or passive (such as a beam splitter BS) quantum state decoding devices, can realize the function of resisting equipment calibration attack only by a necessary equipment parameter calibration and a system online detection mode, and can more comprehensively eliminate the influence caused by the instability of an actual system by adding a built-in calibration light source and a coupling element in a safe area inside a receiver and considering the calibration under different specific conditions. In addition, the invention can also monitor whether the equipment is attacked by the calibration of the equipment, thereby being convenient for demonstrating the attack effect.
Example two
The difference between this embodiment and the first embodiment is that step 7) of the first embodiment is implemented in the first scheme that the receiver completes measurement and determination or calibration of the key parameter of the detector in the field area, and the following manner may also be adopted:
7.1) for a plurality of channels of the detector at the receiver of the quantum key distribution system, namely channel 1, channel 2, … … and channel n, measuring to obtain an external field measured value B of key parameters of each channel 1 ,B 2 ,……,B n
7.2) measurement B of the key parameter from the detector channel k k Safety parameter b i-k Calculating the safety range [ (B) of the key parameter measured value of the detector channel i by using the safety threshold DeltaAllowRange i )min,(B i )max]Wherein:
(B i )min=B k +b i-k –DeltaAllowRange,
(B i )max=B k +b i-k +DeltaAllowRange;
7.3) for the detector channel i, judging whether the measured value of the key parameter of the corresponding detector channel i is in a safe range.
Further, the judging method is as follows: if B is present i ∈[(B i )min,(B i )max]If so, the measured value of the key parameter of the corresponding detector channel i is considered to be in a safety range; if it is not
Figure BDA0002008707540000191
The measured value of the key parameter of the corresponding detector channel i is considered to be out of the safety range; if the key parameter measured values of all channels of the detector are within the safety range, the quantum key distribution system is judgedNot subject to device calibration attacks.
As a technical common knowledge of a person skilled in the art, the above-mentioned determining whether the measured values of the key parameters of all channels of the detector are within the safe range may be performed by using one detector channel as a reference, or may be performed by using a plurality of detector channels as references, so as to increase the accuracy of determination.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (13)

1. A method of countering a device calibration attack in a quantum key distribution system, characterized by: which comprises the following steps:
1) firstly, completing the construction of a parameter calibration system;
the parameter calibration system comprises: a standard light source, a quantum channel and a receiver detection system to be calibrated by parameters in a sender;
2) generating a parametric calibration light at the safe region;
the method comprises the steps that a light source is used for generating parameter calibration light with the required time position beam combination consistency, and the parameter calibration light is sent to a receiver detection system to be calibrated through a quantum channel;
3) in the safe area, a receiver detection system to be subjected to parameter calibration completes key parameter measurement;
a plurality of channels of the detector of the receiver detection system are respectively named as channel 1, channel 2 and … … channel n, and the key parameter a of each channel is obtained by measurement 1 ,a 2 ,……,a n Wherein n is the number of detectors in the receiver detection system, n channels correspond to n detectors, the time positions of the optimal values of the detection efficiencies of the detectors are recorded as a by taking the waveform time of the light pulses with the same beam combination as the consistent reference after the parameter calibration light reaches the detectors and the multiple detectors all receive the complete light pulses with the same time positions 1 ,a 2 ,……,a n
4) Calculating the safety parameters of the receiver detection system;
using the key parameter a of at least one detector channel k (k ═ 1, 2, … …, n) k Calculating relative difference b of key parameters of other channels and k as reference i-k As a security parameter for the receiver of the quantum key distribution system, stored in the receiver detection system, b i-k The calculation method of (c) is as follows:
b i-k =a i -a k i ≠ 1, 2, … …, n, and i ≠ k;
5) setting a safety threshold DeltaAllowRange;
setting a safety threshold DeltaAllowRange according to the characteristics of the detector of the receiving party and the electronic characteristics of the detection pulse time measurement;
6) in the external field area, generating parameter calibration light;
the standard light source of the sender is used for generating parameter calibration light with the required time position and consistent beam combination, and the parameter calibration light is sent to a receiver detection system to be subjected to parameter calibration through a quantum channel of the external field region;
7) in the external field area, the receiver completes the measurement of key parameters of the detector and judges whether the detector is attacked or calibrated, and the step of judging whether the detector is attacked or not comprises the following steps: and judging whether the difference value of the key parameter measured values of the detector channel i and the channel k is in a safety range or not, or judging whether the key parameter measured value of the detector channel i is in the safety range or not.
2. The method of countering device calibration attacks in a quantum key distribution system of claim 1, characterized in that: in step 7), the receiver completes the measurement of the key parameters of the detector and judges whether the detector is attacked or not, and the method comprises the following steps:
7.1) measuring the channel 1, the channel 2, the channel … … and the channel n to obtain an external field measured value B of each channel key parameter 1 ,B 2 ,……,B n
7.2) according to the safety parameter b i-k Respectively calculating a detector channel i by using a safety threshold DeltaAllowRange(i ═ 1, 2, … …, n) and the safety margin for the difference between the measured values of the key parameters of channel k [ (B) i-k )min,(B i-k )max]Wherein (B) i-k )min=b i-k –DeltaAllowRange,(B i-k )max=b i-k +DeltaAllowRange,i≠k;
7.3) for the detector channel i (i is 1, 2, … …, n), whether the difference value of the key parameter measured values of the detector channel i and the channel k is in a safe range is judged.
3. The method of countering device calibration attacks in a quantum key distribution system of claim 2, characterized in that: the judgment mode in the step 7.3) is as follows: if B is present i-k ∈[(B i-k )min,(B i-k )max]If so, the difference value of the key parameter measurement values of the channel i and the channel k of the detector is within a safety range; if it is not
Figure FDA0003698320370000021
Figure FDA0003698320370000022
And if the difference values of the key parameter measurement values of all the channels are within the safety range, judging that the quantum key distribution system is not attacked by equipment calibration.
4. A method of countering device calibration attacks in a quantum key distribution system according to claim 3, characterized in that: if the difference value of the key parameter measurement values of one channel of the detector is outside the safety range, the quantum key distribution system is possibly attacked by equipment calibration, the quantum key distribution system immediately stops the distribution of the quantum key, and the abnormal equipment calibration attack is reported and recorded.
5. The method of countering device calibration attacks in a quantum key distribution system of claim 1, characterized in that: in step 7), the receiver completes the detection of key parameters of the detectorMeasuring and calibrating, namely, for a plurality of channels of a detector at a receiver of the quantum key distribution system, respectively a channel 1, a channel 2 and a channel … … n, measuring key parameters of a detector channel k (k is 1, 2, … …, n) and obtaining a measured value c k The key parameter value of the detector channel i (i is 1, 2, … …, n) is not measured, and the key parameter calibration value c is obtained by calculation i :c i =c k +b i-k I is not equal to k, and then the key parameter value of the detector channel i is calibrated into a key parameter calibration value c i
6. The method of countering device calibration attacks in a quantum key distribution system of claim 1, characterized in that: in step 7), the receiver completes the measurement of the key parameters of the detector and judges whether the detector is attacked or not, and the method comprises the following steps:
7.1) for a plurality of channels of the detector at the receiver of the quantum key distribution system, namely channel 1, channel 2, … … and channel n, measuring to obtain an external field measured value B of key parameters of each channel 1 ,B 2 ,……,B n
7.2) measurement B of the key parameter from the detector channel k k Safety parameter b i-k Calculating the safety range [ (B) of the key parameter measurement value of the detector channel i by using the safety threshold DeltaAllowRange i )min,(B i )max]Wherein:
(B i )min=B k +b i-k –DeltaAllowRange,
(B i )max=B k +b i-k +DeltaAllowRange;
7.3) for the detector channel i, judging whether the measured value of the key parameter of the corresponding detector channel i is in a safe range.
7. The method of countering device calibration attacks in a quantum key distribution system of claim 6, characterized in that:
if B is present i ∈[(B i )min,(B i )max]Then the corresponding detector channel is consideredi is within a safe range; if it is not
Figure FDA0003698320370000031
The measured value of the key parameter of the corresponding detector channel i is considered to be out of the safety range; and if the key parameter measured values of all the channels are in the safety range, judging that the quantum key distribution system is not attacked by equipment calibration.
8. The method of countering device calibration attacks in a quantum key distribution system of claim 1, characterized in that: in the step 2), the selection of the safety area adopts: the sender, the receiver and the quantum channel between the sender and the receiver are all placed in a safe area which cannot be touched by an attacker, and the light source which generates the parameter calibration light with the required time position beam combination consistency in the step 2) is the standard light source in the sender.
9. The method of defeating a device calibration attack in a quantum key distribution system as set forth in claim 1, wherein: in the step 2), the selection of the safety area adopts: if the device is required to be calibrated after the external field is built or in the using process, the light source generating the parameter calibration light with the required time and position combination consistent in the step 2) is a built-in calibration light source of the receiving party.
10. The method of countering device calibration attacks in a quantum key distribution system of claim 9, characterized in that: the built-in calibration light source of the receiver is coupled with a receiver detection system to be calibrated through the coupling of the optical switch or the beam splitter coupling element.
11. The method of countering device calibration attacks in a quantum key distribution system of claim 10, characterized in that: by using the optical switch as a coupling element, the optical switch switches the optical path of the input end from the quantum channel to the built-in calibration light source, and the connection between the built-in calibration light source and the detection system is in a safe area.
12. The method of countering device calibration attacks in a quantum key distribution system of claim 1, characterized in that: the key parameter of the detector is a delay value corresponding to the peak value counting of the detector.
13. The method of countering device calibration attacks in a quantum key distribution system of claim 12, characterized in that: the quantum key distribution system is a polarization coding system based on a BB84 protocol, and the total number of detection ends is H, V, P, N four detectors, then in the step 3), before each QKD device leaves the factory, a delay scan is executed, and calibration delay values H of H, V, P, N four channels are recorded delay 、V delay 、P delay 、N delay
In the step 4), taking the delay values of one or more of the H, V, P, N channels as a reference, respectively calculating delay differences of the delay values of the other three channels relative to the reference value, taking the delay differences as factory standard delay differences, presetting and storing the factory standard delay differences in the receiver detection system;
in the step 7), calculating an effective range DeltaRegionX _ Y of an allowed delay position difference between the channels X and Y through a safety threshold DeltaAllowRange;
in the step 7), in the field area, each QKD device is scanned with a delay, and field area delay values H of H, V, P, N four channels are recorded wdelay 、V wdelay 、P wdelay 、N wdelay And sequentially calculating the difference value of the delay position of other 3 channels relative to the delay position of the reference channel by taking one or more of the H, V, P, N four channels corresponding to the step 4) as a reference, comparing the obtained delay channel difference value CurrentDeltaChanX _ Y with the effective range DeltaRegionX _ Y, if all the delay channel difference values are within the effective range, replying that the delay scanning is successful, and if one delay difference value is not within the effective range, replying that the delay scanning is failed, and reporting that the equipment calibration attack is abnormal.
CN201910237689.2A 2019-03-27 2019-03-27 Method for resisting equipment calibration attack in quantum key distribution system Active CN111756527B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910237689.2A CN111756527B (en) 2019-03-27 2019-03-27 Method for resisting equipment calibration attack in quantum key distribution system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910237689.2A CN111756527B (en) 2019-03-27 2019-03-27 Method for resisting equipment calibration attack in quantum key distribution system

Publications (2)

Publication Number Publication Date
CN111756527A CN111756527A (en) 2020-10-09
CN111756527B true CN111756527B (en) 2022-08-02

Family

ID=72672387

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910237689.2A Active CN111756527B (en) 2019-03-27 2019-03-27 Method for resisting equipment calibration attack in quantum key distribution system

Country Status (1)

Country Link
CN (1) CN111756527B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112600666B (en) * 2020-11-18 2022-04-26 中山大学 Quantum secure communication method and device, computer equipment and storage medium
CN114697014B (en) * 2020-12-30 2024-02-13 科大国盾量子技术股份有限公司 Delay scanning method and system for phase-encoded QKD system
CN113452523B (en) * 2021-06-29 2022-06-17 中南大学 Abnormal communication detection method for continuous variable quantum key distribution process
CN115085919B (en) * 2022-06-30 2024-04-09 中国人民解放军国防科技大学 Vulnerability detection method and device for quantum secret communication system calibration process
CN116614230B (en) * 2023-07-20 2023-09-19 合肥量芯科技有限公司 Pseudo-state attack demonstration system for introducing detection efficiency mismatch loopholes
CN116723054B (en) * 2023-08-08 2023-10-27 合肥量芯科技有限公司 Method for resisting detection efficiency mismatch loopholes introduced in calibration process

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103929300A (en) * 2014-04-29 2014-07-16 华南师范大学 Attack method based on active phase compensation of one-way quantum key distribution system
CN104518867A (en) * 2013-09-28 2015-04-15 安徽量子通信技术有限公司 Method for resisting wavelength attack in quantum key distribution system
CN106788706A (en) * 2016-12-05 2017-05-31 上海交通大学 The continuous variable quantum key delivering method of actual attack can be resisted
CN106850196A (en) * 2016-12-05 2017-06-13 上海交通大学 The improved continuous variable quantum key delivering method for resisting actual attack

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4663651B2 (en) * 2003-11-12 2011-04-06 マジック テクノロジーズ,インコーポレーテッド Auto-calibration of detector in QKD system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104518867A (en) * 2013-09-28 2015-04-15 安徽量子通信技术有限公司 Method for resisting wavelength attack in quantum key distribution system
CN103929300A (en) * 2014-04-29 2014-07-16 华南师范大学 Attack method based on active phase compensation of one-way quantum key distribution system
CN106788706A (en) * 2016-12-05 2017-05-31 上海交通大学 The continuous variable quantum key delivering method of actual attack can be resisted
CN106850196A (en) * 2016-12-05 2017-06-13 上海交通大学 The improved continuous variable quantum key delivering method for resisting actual attack

Also Published As

Publication number Publication date
CN111756527A (en) 2020-10-09

Similar Documents

Publication Publication Date Title
CN111756527B (en) Method for resisting equipment calibration attack in quantum key distribution system
US10020937B2 (en) Apparatus and method for the detection of attacks taking control of the single photon detectors of a quantum cryptography apparatus by randomly changing their efficiency
Pang et al. Hacking quantum key distribution via injection locking
CN110784485B (en) Method for resisting attack of detection end of quantum key distribution system
CA2280576C (en) A quantum cryptographic communication channel based on quantum coherence
US8949300B2 (en) Circuit and method for controlling quality of random numbers
CN110830247B (en) Blind vulnerability detection method and device for gated detector in quantum key distribution system
US7227955B2 (en) Single-photon watch dog detector for folded quantum key distribution system
US10110369B2 (en) Quantum-authenticated clock signal
CN110535640B (en) Method and system for detecting control attack of detector
US7242775B2 (en) Optical pulse calibration for quantum key distribution
Pljonkin Vulnerability of the synchronization process in the quantum key distribution system
US20090150561A1 (en) Modulator timing for quantum key distribution
CN113411183B (en) Synchronous correction vulnerability detection method and device in quantum key distribution system
Benton et al. A compact free space quantum key distribution system capable of daylight operation
CN114765532A (en) Device and method for detecting light source injection locking loophole of polarization coding QKD (quantum key distribution) equipment and attack end
EP1522166B1 (en) Watch dog detector for qkd system
Roeschlin et al. EdgeTDC: On the security of time difference of arrival measurements in CAN bus systems
CN110726483B (en) Device and method for resisting avalanche transition region attack
RU2783977C1 (en) Method for detecting a detector blinding attack in quantum cryptography systems with polarisation encoding
Jiang et al. High-speed quantum key distribution using dead-time compensated detector arrays
CN116614230B (en) Pseudo-state attack demonstration system for introducing detection efficiency mismatch loopholes
CN114697006B (en) Detection method and device for resisting seed light attack
Scaffardi et al. All-optical comparator based on cross gain modulation in semiconductor optical amplifiers
CN112118092B (en) Quantum key distribution and reception system defense method aiming at dead time attack

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant