CN113784345B - Power distribution terminal point-to-point key negotiation method and device based on quantum secure channel - Google Patents
Power distribution terminal point-to-point key negotiation method and device based on quantum secure channel Download PDFInfo
- Publication number
- CN113784345B CN113784345B CN202111335330.2A CN202111335330A CN113784345B CN 113784345 B CN113784345 B CN 113784345B CN 202111335330 A CN202111335330 A CN 202111335330A CN 113784345 B CN113784345 B CN 113784345B
- Authority
- CN
- China
- Prior art keywords
- key
- power distribution
- distribution terminal
- information
- negotiation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000009826 distribution Methods 0.000 title claims abstract description 311
- 238000000034 method Methods 0.000 title claims abstract description 46
- 230000005540 biological transmission Effects 0.000 claims abstract description 57
- 238000013481 data capture Methods 0.000 claims description 14
- 238000012544 monitoring process Methods 0.000 claims description 12
- 239000000126 substance Substances 0.000 claims description 6
- 238000004891 communication Methods 0.000 description 17
- 238000003860 storage Methods 0.000 description 13
- 238000005516 engineering process Methods 0.000 description 11
- 230000008569 process Effects 0.000 description 11
- 230000006870 function Effects 0.000 description 7
- 238000012795 verification Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 5
- 230000008859 change Effects 0.000 description 4
- 230000008901 benefit Effects 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 238000004590 computer program Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 238000013139 quantization Methods 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 238000012163 sequencing technique Methods 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 239000000969 carrier Substances 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000037361 pathway Effects 0.000 description 1
- 238000011056 performance test Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012827 research and development Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0431—Key distribution or pre-distribution; Key agreement
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/06—Energy or water supply
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/30—Services specially adapted for particular environments, situations or purposes
- H04W4/35—Services specially adapted for particular environments, situations or purposes for the management of goods or merchandise
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Business, Economics & Management (AREA)
- Physics & Mathematics (AREA)
- Economics (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Human Resources & Organizations (AREA)
- Marketing (AREA)
- Primary Health Care (AREA)
- Strategic Management (AREA)
- Tourism & Hospitality (AREA)
- Water Supply & Treatment (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Public Health (AREA)
- Electromagnetism (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention provides a power distribution terminal point-to-point key negotiation method and a device based on a quantum secure channel, which comprises the following steps: the first power distribution terminal and the relay equipment establish a first channel based on the received first transmission key and the relay key, and the second power distribution terminal and the relay equipment generate a second channel based on the received second transmission key and the relay key; the first power distribution terminal sends the first negotiation key and the intermediate negotiation key to the second power distribution terminal respectively; the second power distribution terminal sends the second negotiation key and the intermediate negotiation key to the first power distribution terminal respectively; the first power distribution terminal and the second power distribution terminal respectively generate a first combined key and a second combined key; and if the relay equipment judges that the first combined key is the same as the second combined key, the first power distribution terminal and the second power distribution terminal establish a data transmission channel based on the first combined key and/or the second combined key.
Description
Technical Field
The invention relates to the technical field of data transmission, in particular to a power distribution terminal point-to-point key negotiation method and device based on a quantum security channel.
Background
In recent years, the country promotes the deep integration of a power grid and the internet and focuses on constructing an energy internet. By fully applying modern information technologies and advanced communication technologies such as mobile interconnection, artificial intelligence, 5G communication, Beidou and quantum confidentiality, the universal interconnection and man-machine interaction in all links of a power system are realized, an intelligent power grid with comprehensive sensing of states, efficient information processing and convenient and flexible application is created, and powerful data resource support is provided for safe and economic operation of the power grid, improvement of operation performance, improvement of service quality and cultivation and development of strategic emerging industries.
With the gradual maturity of the 5G technology, the power system gradually considers massive power distribution terminal systems, and the 5G technology is adopted for data transmission according to the communication situation of the application scene. However, the distribution service faces new security threats in the aspects of service information, service modes, service carriers and the like, and if the network is invaded, the stable operation of various key systems can be seriously influenced, so that the economic and social stability and the production and life of people are seriously threatened. The traditional depth defense system relying on physical isolation and safety means deployment is not suitable for a 5G network any more, and how to carry out effective service safety protection becomes a brand new problem which needs to be solved urgently.
The quantum secret communication technology utilizes a quantum uncertainty principle and the quantum state uncopyable characteristic to distribute the secure key, an attacker cannot measure and copy the key (quantum state), and once eavesdropping is carried out, the key can be found, so that the quantum secret communication technology has higher security than a traditional key distribution mechanism, and is also the quantum technology with the highest practical degree at present. Therefore, a compatible mechanism of a quantum secret communication safety protection technology and the existing 5G network safety protection technology is explored, the safety level of the 5G network in the application of the power system is improved, and the method has important significance for improving the operation of the dispatching automation service in the 5G system network.
The domestic company completes the verification that the domestic first 5G + quantum communication terminal bears the accurate load control service, and further provides an application solution of the 5G + quantum communication terminal which is strong in popularization and concise in deployment, the 5G + quantum communication terminal has the double functions of 5G communication and quantum confidentiality, can be applied to various service scenes, and solves the problems of safety and reliability of the electricity production control service borne by the public network 5G network. As the fusion application of the 5G communication technology, the quantum encryption technology and the power business equipment for the first time in China, the application not only exerts the advantages of high bandwidth, low time delay and wide link of 5G, but also exerts the advantages of safety and reliability of quantum communication, and can provide all-round supporting capabilities of scientific and technological research, experimental verification, performance test, safety analysis, innovation, research and development and the like for the application of 5G + quantum in power.
As shown in fig. 1, a design diagram of a network infrastructure of a quantum security service platform mainly includes a quantum key generation system, a quantum key scheduling system, and a quantum key application system, and each part has the following functions:
1. the quantum key generation system comprises a quantum key generation and management terminal and a quantum random number generator, and has the main functions of: and quantum key is generated by using quantum characteristics, and quantum key support is provided for a front-end system.
2. Quantum key scheduling system, including exchange cipher machine, quantum cipher service platform system, quantum key fills system, and the main function is: the exchange cipher machine is responsible for quantum key storage and output; the quantum cryptography service platform system is responsible for realizing scheduling and negotiation of quantum keys and ensuring that the quantum keys can be safely and orderly distributed to a quantum key application system; and the quantum key charging system is responsible for charging the quantum key in a U shield/TF card mode and the like and is used at a quantum key application terminal.
3. The quantum key application system comprises a quantum security gateway and a quantum CPE, and has the main functions of: a quantum secure encryption transmission channel is constructed by using a quantum key, the security level of the 5G transmission channel is improved, and the data of a service system can be safely transmitted to a wireless secure access area and transmitted to an electric power intranet master station system through the secure access area.
The existing quantum secret communication scheme is to distribute a quantum key to a quantum CPE and a power distribution terminal through quantum key distribution, and establish a quantum secure channel between the quantum CPE and the power distribution terminal through key negotiation. The quantum key is generally generated by a quantum key generation system, and the distribution of the key is completed by a quantum key distribution system, but there is no efficient way for establishing a secure channel between power distribution terminals.
Disclosure of Invention
The embodiment of the invention provides a power distribution terminal point-to-point key negotiation method and device based on a quantum secure channel, which can obtain a corresponding key through point-to-point negotiation between power distribution terminals and guarantee the security of data transmission.
In a first aspect of the embodiments of the present invention, a method for performing point-to-point key agreement on a power distribution terminal based on a quantum secure channel is provided, where the method includes a first power distribution terminal, a second power distribution terminal, and a relay device, where the first power distribution terminal, the second power distribution terminal, and the relay device are respectively connected to a quantum network base platform, and performing key agreement between the first power distribution terminal and the second power distribution terminal through the following steps:
the first power distribution terminal and the relay equipment establish a first channel based on the received first transmission key and the relay key, and the second power distribution terminal and the relay equipment generate a second channel based on the received second transmission key and the relay key;
the first power distribution terminal generates a first negotiation key based on attribute information and data capture information at the current moment, the first negotiation key is transmitted to the relay equipment through the first channel, the relay equipment generates an intermediate negotiation key based on attributes of the first channel and the second channel, and the first negotiation key and the intermediate negotiation key are respectively sent to the second power distribution terminal;
the second power distribution terminal generates a second negotiation key based on attribute information and data capture information at the current moment, the second negotiation key is transmitted to the relay equipment through the second channel, the relay equipment generates an intermediate negotiation key based on attributes of the second channel and the first channel, and the second negotiation key and the intermediate negotiation key are respectively sent to the first power distribution terminal;
the first power distribution terminal and the second power distribution terminal generate a first combined key and a second combined key respectively based on the first negotiation key, the relay key and the second negotiation key;
and if the relay equipment judges that the first combined key is the same as the second combined key, the first power distribution terminal and the second power distribution terminal establish a data transmission channel based on the first combined key and the second combined key.
Optionally, in a possible implementation manner of the first aspect, the quantum network infrastructure platform is configured to generate a first transmission key, a relay key, and a second transmission key;
and respectively distributing the first transmission key, the relay key and the second transmission key to a first power distribution terminal, relay equipment and a second power distribution terminal based on a quantum security service engine and a terminal key distribution system.
Optionally, in a possible implementation manner of the first aspect, the attribute information of the first power distribution terminal and the second power distribution terminal is preset. Optionally, in a possible implementation manner of the first aspect, the generating, by the first power distribution terminal, the first negotiation key based on the attribute information and the data capture information at the current time includes:
acquiring electric energy monitoring data of a first power distribution terminal at the current moment, and capturing first electric energy information and second electric energy information in the electric energy monitoring data, wherein the data capturing information comprises the first electric energy information and the second electric energy information;
the attribute information comprises a coding information value of the first power distribution terminal and time information of the current moment, and the time information is quantized to obtain a quantized time value;
the first negotiation key is calculated by the following formula,
wherein the content of the first and second substances,
in order to negotiate the key for the first time,
is a weight value of the first power information,
is a magnitude of the first power information,
is the weight value of the second power information,
is the magnitude of the second power information,
is the encoded information value of the first power distribution terminal,
a quantized time value for the first power distribution terminal,
is a preset adjustment value;
the relay device generating an intermediate negotiation key based on the attributes of the first channel and the second channel comprises:
the relay equipment acquires a first time when the first channel is established and a second time when the second channel is established, and generates an intermediate negotiation key based on the first time and the second time.
Optionally, in a possible implementation manner of the first aspect, the generating, by the second power distribution terminal, a second negotiation key based on the attribute information and the data capture information at the current time, where the transmitting, by the second power distribution terminal, the second negotiation key to the relay device through the second channel includes:
acquiring electric energy monitoring data of a second power distribution terminal at the current moment, and capturing third electric energy information and fourth electric energy information in the electric energy monitoring data, wherein the data capturing information comprises the third electric energy information and the fourth electric energy information;
the attribute information comprises a coding information value of the second power distribution terminal and time information of the current moment, and the time information is quantized to obtain a quantized time value;
the second negotiation key is calculated by the following formula,
wherein the content of the first and second substances,
in order to negotiate the key for the second time,
is a weight value of the third power information,
is the magnitude of the third power information,
is the weight value of the fourth power information,
is the magnitude of the fourth power information,
is the encoded information value of the second power distribution terminal,
a quantized time value for the second power distribution terminal,
is a preset adjustment value;
the relay device generating an intermediate negotiation key based on the attributes of the second channel and the first channel comprises:
the relay equipment acquires a first time when the first channel is established and a second time when the second channel is established, and generates an intermediate negotiation key based on the first time and the second time.
Optionally, in a possible implementation manner of the first aspect, the generating, by the first power distribution terminal and the second power distribution terminal, a first combined key and a second combined key based on the first negotiation key, the relay key, and the second negotiation key, respectively, includes:
and the first power distribution terminal and the second power distribution terminal respectively acquire the coding information values of the first power distribution terminal and the second power distribution terminal, and the first negotiation key, the relay key and the second negotiation key are respectively filled into a preset key generation template based on the coding information values to generate a first combination key and a second combination key.
Optionally, in a possible implementation manner of the first aspect, the filling the first negotiation key, the relay key, and the second negotiation key into a preset key generation template respectively based on the encoding information value to generate a first combination key and a second combination key includes:
the key generation template comprises a first slot position, a second slot position and a third slot position;
and if the coding information value of the first power distribution terminal is larger than that of the second power distribution terminal, the first combined key is placed in the first slot position, the second combined key is placed in the third slot position, and the relay key is arranged in the second slot position.
Optionally, in a possible implementation manner of the first aspect, if the relay device determines that the first combination key and the second combination key are the same, the establishing, by the first power distribution terminal and the second power distribution terminal, a data transmission channel based on the first combination key and the second combination key includes:
the first power distribution terminal and the second power distribution terminal generate the first combined key and the second combined key and then respectively send the first combined key and the second combined key to the relay equipment;
the relay equipment sends a request instruction to a first power distribution terminal and sends a receiving instruction to a second power distribution terminal when judging that the first combined key is the same as the second combined key;
the first power distribution terminal requests the second power distribution terminal to establish a data transmission channel on the basis of the first combined key after receiving the request instruction;
and the second power distribution terminal receives a request of the first power distribution terminal based on the receiving instruction, verifies the first combined key according to the second combined key, and establishes a data transmission channel based on the first combined key if the first combined key is the same as the second combined key.
Optionally, in a possible implementation manner of the first aspect, the first power distribution terminal and the second power distribution terminal respectively have unique coded information values.
In a second aspect of the embodiments of the present invention, a power distribution terminal point-to-point key agreement apparatus based on a quantum secure channel is provided, where the power distribution terminal point-to-point key agreement apparatus includes a first power distribution terminal, a second power distribution terminal, and a relay device, where the first power distribution terminal, the second power distribution terminal, and the relay device are respectively connected to a quantum network basic platform, and key agreement is performed between the first power distribution terminal and the second power distribution terminal through the following apparatus, including:
a first channel establishing module, configured to enable the first power distribution terminal and the relay device to establish a first channel based on a received first transmission key and a relay key, and enable the second power distribution terminal and the relay device to generate a second channel based on a received second transmission key and a relay key;
the first key negotiation module is used for enabling the first power distribution terminal to generate a first negotiation key based on attribute information and data capture information at the current moment, the first negotiation key is transmitted to the relay equipment through the first channel, the relay equipment generates an intermediate negotiation key based on attributes of the first channel and the second channel, and the first negotiation key and the intermediate negotiation key are respectively sent to the second power distribution terminal;
the second key negotiation module is used for enabling a second power distribution terminal to generate a second negotiation key based on attribute information and data capture information at the current moment, the second negotiation key is transmitted to the relay equipment through the second channel, the relay equipment generates an intermediate negotiation key based on attributes of the second channel and the first channel, and the second negotiation key and the intermediate negotiation key are respectively sent to the first power distribution terminal;
the combination module is used for enabling the first power distribution terminal and the second power distribution terminal to generate a first combination key and a second combination key respectively based on the first negotiation key, the relay key and the second negotiation key;
and the second channel establishing module is used for establishing a data transmission channel by the first power distribution terminal and the second power distribution terminal based on the first combined key and the second combined key if the relay equipment judges that the first combined key and the second combined key are the same.
In a third aspect of the embodiments of the present invention, a readable storage medium is provided, in which a computer program is stored, which, when being executed by a processor, is adapted to carry out the method according to the first aspect of the present invention and various possible designs of the first aspect of the present invention.
The invention provides a power distribution terminal point-to-point key negotiation method and a device based on a quantum secure channel, which firstly enable a first power distribution terminal, a second power distribution terminal and relay equipment to establish a quantum communication channel according to a quantum network basic platform, then respectively generate a first negotiation key and a second negotiation key according to the attributes of the first power distribution terminal and the second power distribution terminal, respectively transmit the first negotiation key and the second negotiation key through the relay equipment to realize key negotiation between the first power distribution terminal and the second power distribution terminal, enable the first power distribution terminal and the second power distribution terminal to respectively generate corresponding first combined key and second combined key according to the first negotiation key, the second negotiation key and an intermediate negotiation key, enable each terminal to fully consider the conditions of other terminals when generating keys, obtain the information of other terminals, and enable the generated keys to change according to the current data transmission scene, the security of the data transmission channel established between the first power distribution terminal and the second power distribution terminal is ensured.
When the first negotiation key and the second negotiation key are generated, the attribute information of the first power distribution terminal and the second power distribution terminal, the current electric power data capturing information and the current time information are fully considered, and the first negotiation key and the second negotiation key are ensured not to be repeated. And the first negotiation key and the second negotiation key are dynamically changed, and have certain association with the first power distribution terminal and the second power distribution terminal when the first negotiation key and the second negotiation key are dynamically changed, so that the first negotiation key and the second negotiation key are ensured to be recyclable and have certain randomness.
When the first combined key and the second combined key are generated, the first negotiation key, the relay key and the second negotiation key are sequenced according to the coding information of the first power distribution terminal and the second power distribution terminal, and the sequencing result is filled into the corresponding slot position, so that the first negotiation key, the relay key and the second negotiation key can be rapidly combined to obtain the combined key, and the generation efficiency of the combined key is improved.
Drawings
FIG. 1 is a schematic diagram of a connection structure of a quantum network basic platform;
FIG. 2 is a flow chart of a first embodiment of a quantum secure channel-based power distribution terminal point-to-point key agreement method;
FIG. 3 is a flow chart of a second embodiment of a quantum secure channel-based power distribution terminal point-to-point key agreement method;
FIG. 4 is a block diagram of a first embodiment of a quantum secure channel-based point-to-point key agreement device for a power distribution terminal;
FIG. 5 is a schematic diagram of the path between a power distribution terminal and a CPE;
fig. 6 is a schematic diagram of a power distribution terminal and a pathway between power distribution terminals.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first," "second," "third," "fourth," and the like in the description and in the claims, as well as in the drawings, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein.
It should be understood that, in various embodiments of the present invention, the sequence numbers of the processes do not mean the execution sequence, and the execution sequence of the processes should be determined by the functions and the internal logic of the processes, and should not constitute any limitation on the implementation process of the embodiments of the present invention.
It should be understood that in the present application, "comprising" and "having" and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It should be understood that, in the present invention, "a plurality" means two or more. "and/or" is merely an association describing an associated object, meaning that three relationships may exist, e.g., a and/or B, may mean: a exists alone, A and B exist simultaneously, and B exists alone. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "comprises A, B and C" and "comprises A, B, C" means that all three of A, B, C comprise, "comprises A, B or C" means that one of A, B, C comprises, "comprises A, B and/or C" means that any 1 or any 2 or 3 of A, B, C comprises.
It should be understood that in the present invention, "B corresponding to a", "a corresponds to B", or "B corresponds to a" means that B is associated with a, and B can be determined from a. Determining B from a does not mean determining B from a alone, but may be determined from a and/or other information. And the matching of A and B means that the similarity of A and B is greater than or equal to a preset threshold value.
As used herein, "if" may be interpreted as "at … …" or "when … …" or "in response to a determination" or "in response to a detection", depending on the context.
The technical solution of the present invention will be described in detail below with specific examples. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments.
The invention provides a power distribution terminal point-to-point key negotiation method based on a quantum secure channel, which comprises a first power distribution terminal, a second power distribution terminal and a relay device, wherein the first power distribution terminal, the second power distribution terminal and the relay device are respectively connected with a quantum network basic platform, and as shown in figure 1, a quantum secure gateway can be regarded as a gateway connected with the first power distribution terminal or the second power distribution terminal.
The quantum network basic platform is used for generating a first transmission key, a relay key and a second transmission key;
and respectively distributing the first transmission key, the relay key and the second transmission key to a first power distribution terminal, relay equipment and a second power distribution terminal based on a quantum security service engine and a terminal key distribution system. The invention can generate a first transmission key, a relay key and a second transmission key through a quantum key generation system.
The relay equipment is quantum CPE, and the quantum CPE decrypts the relay key through a charging key of the quantum secure TF card; the quantum CPE and the first power distribution terminal establish a first channel based on the relay key and the first transmission key respectively; and the quantum CPE and the second power distribution terminal establish a second channel based on the relay key and the second transmission key respectively. The first channel and the second channel can be regarded as quantum secure encrypted tunnels in the figure.
As shown in fig. 2, the power distribution terminal point-to-point key negotiation method specifically includes:
step S110, the first power distribution terminal and the relay device establish a first channel based on the received first transmission key and the relay key, and the second power distribution terminal and the relay device generate a second channel based on the received second transmission key and the relay key. According to the technical scheme provided by the invention, the first channel and the second channel can be quantum secure encryption tunnels, and the security of data transmission between the first power distribution terminal and the relay equipment and between the second power distribution terminal and the relay equipment can be ensured through the quantum secure encryption tunnels.
Step S120, the first power distribution terminal generates a first negotiation key based on attribute information and data capture information of the current moment, the first negotiation key is transmitted to the relay equipment through the first channel, the relay equipment generates an intermediate negotiation key based on attributes of the first channel and the second channel, and the first negotiation key and the intermediate negotiation key are respectively sent to the second power distribution terminal. The attribute information of the first power distribution terminal and the second power distribution terminal is preset.
In an implementation manner of step S120, step S120 specifically includes:
the method comprises the steps of obtaining electric energy monitoring data of a first power distribution terminal at the current moment, and capturing first electric energy information and second electric energy information in the electric energy monitoring data, wherein the data capturing information comprises the first electric energy information and the second electric energy information. The current time in the present invention may be a time when the first channel is established between the first power distribution terminal and the relay device, and the first time may be 10, 15, 12, 19 minutes in 2020. Since the first power distribution terminal distributes power, a corresponding distribution voltage, a distribution current, a distribution power, and the like are generated during the power distribution process. The first power information and the second power information in the present invention may be distribution voltage, distribution current, distribution power, and the like. The first power information and the second power information may be 1000V, 20A, etc., and the specific form of the first power information and the second power information is not limited in any way.
The attribute information comprises a coding information value of the first power distribution terminal and time information of the current moment, and the time information is quantized to obtain a quantized time value. The invention quantizes the time value into a numerical value, for example, 10/15/12/19/2020, and the invention can directly quantize the time value into 202010151219 and count the time value into a number, so that the quantization is convenient for calculating and generating a key. The encoded information value may be preset, in the technical solution of the present invention, each of the first power distribution terminal and the second power distribution terminal has a unique encoded information value, and the encoded information value may be an arabic number, for example, 11100, 11421, and the like.
The first negotiation key is calculated by the following formula,
wherein the content of the first and second substances,
in order to negotiate the key for the first time,
is a weight value of the first power information,
is a magnitude of the first power information,
is the weight value of the second power information,
is the magnitude of the second power information,
is the encoded information value of the first power distribution terminal,
is a first power distribution terminalThe value of the time after the quantization is,
is a preset adjustment value.
By passing
The relative quantitative value of the first distribution terminal in the electric energy dimension can be obtained through
The time value of the first power distribution terminal for coding and collecting the electric energy information can be obtained, wherein
In order to be fixed, the device is provided with a fixing device,
、
and
the power utilization system is dynamically changed along with the change of time and the change of power utilization scenes. By passing
Can be paired with
Is adjusted so that the first negotiation key can reach the corresponding number of bits.
The generated first negotiation key has the encoding information, the time information and the electric energy information of the first power distribution terminal, and the time information and the electric energy information are dynamically changed, so that the first negotiation key is also dynamically changed, and the first dynamic key is guaranteed not to be decoded.
The relay device generating an intermediate negotiation key based on the attributes of the first channel and the second channel comprises:
the relay equipment acquires a first time when the first channel is established and a second time when the second channel is established, and generates an intermediate negotiation key based on the first time and the second time. When a data transmission channel is established between a first power distribution terminal and a second power distribution terminal, the relay equipment participates, and obtains an intermediate negotiation key according to a first moment when a first channel is established and a second moment when a second channel is established, and the intermediate negotiation key
= first moment
+ second moment
Wherein
And
it may be a certain time of day, for example, 07:52:57 and 10:02:37, 07:52:57 being 75257, 100237 being intermediate negotiated key
=75257+100237。
Step S130, the second power distribution terminal generates a second negotiation key based on attribute information and data capture information of the current moment, the second negotiation key is transmitted to the relay device through the second channel, the relay device generates an intermediate negotiation key based on attributes of the second channel and the first channel, and the second negotiation key and the intermediate negotiation key are respectively sent to the first power distribution terminal.
Wherein, step S130 specifically includes:
the method comprises the steps of obtaining electric energy monitoring data of a second power distribution terminal at the current moment, and capturing third electric energy information and fourth electric energy information in the electric energy monitoring data, wherein the data capturing information comprises the third electric energy information and the fourth electric energy information. The current time in the present invention may be a time when the second channel is established between the first power distribution terminal and the relay device, and the second time may be 10, 15, 14, 21 minutes in 2020. Since the second distribution terminal distributes power, a corresponding distribution voltage, a distribution current, a distribution power, etc. are generated during the distribution process. The third power information and the fourth power information in the present invention may be distribution voltage, distribution current, distribution power, and the like. The third power information and the fourth power information may be 1000V, 20A, etc., and the specific form of the third power information and the fourth power information is not limited in any way.
The attribute information comprises a coding information value of the second power distribution terminal and time information of the current moment, and the time information is quantized to obtain a quantized time value. The invention quantizes the time value into a numerical value, for example, 14 hours, 21 minutes, 10 months, 15 days and 14 days in 2020, the invention can directly quantize the time value into 202010151421, and count the time value into a number, and the purpose of quantizing the time value is that the time value is conveniently used for calculating and generating a key. The encoded information value may be preset, in the technical solution of the present invention, each of the first power distribution terminal and the second power distribution terminal has a unique encoded information value, and the encoded information value may be an arabic number, for example, 11100, 11421, and the like.
The second negotiation key is calculated by the following formula,
wherein the content of the first and second substances,
in order to negotiate the key for the second time,
is a weight value of the third power information,
is the magnitude of the third power information,
is the weight value of the fourth power information,
is the magnitude of the fourth power information,
is the encoded information value of the second power distribution terminal,
a quantized time value for the second power distribution terminal,
is a preset adjustment value.
By passing
The relative quantitative value of the second distribution terminal in the electric energy dimension can be obtained through
The time value of the second power distribution terminal for self coding and collecting the electric energy information can be obtained, wherein
In order to be fixed, the device is provided with a fixing device,
、
and
all in the power utilization scene with the change of timeAnd changes dynamically. By passing
Can be paired with
Is adjusted so that the second negotiation key can reach the corresponding number of bits.
The generated first negotiation key has the encoding information, the time information and the electric energy information of the first power distribution terminal, and the time information and the electric energy information are dynamically changed, so that the first negotiation key is also dynamically changed, and the first dynamic key is guaranteed not to be decoded.
The relay device generating an intermediate negotiation key based on the attributes of the second channel and the first channel comprises:
the relay equipment acquires a first time when the first channel is established and a second time when the second channel is established, and generates an intermediate negotiation key based on the first time and the second time. This step is similar to the step of step S120, and the present invention is not described again.
Step S140, the first power distribution terminal and the second power distribution terminal generate a first combined key and a second combined key respectively based on the first negotiated key, the intermediate negotiated key and the second negotiated key.
In the technical solution provided in the embodiment of the present invention, step S140 specifically includes:
and the first power distribution terminal and the second power distribution terminal respectively acquire the coding information values of the first power distribution terminal and the second power distribution terminal, and the first negotiation key, the intermediate negotiation key and the second negotiation key are respectively filled into a preset key generation template based on the coding information values to generate a first combination key and a second combination key.
The first negotiation key, the intermediate negotiation key and the second negotiation key are respectively filled into a preset key generation template based on the coding information value to generate a first combination key and a second combination key, and the method comprises the following steps:
the key generation template includes a first slot position, a second slot position, and a third slot position. The key generation template may be □ - □ - □ with the first box being the first slot of the key generation template, the second box being the second slot of the key generation template, and the third box being the third slot of the key generation template.
And if the coding information value of the first power distribution terminal is larger than that of the second power distribution terminal, the first combined key is placed in the first slot position, the second combined key is placed in the third slot position, and the relay key is arranged in the second slot position.
When the first negotiation key, the intermediate negotiation key, and the second negotiation key are respectively filled in the key generation template, the determination may be performed according to the encoding information value of each power distribution terminal, for example, the encoding information value of the first power distribution terminal is 11100, the encoding information value of the second power distribution terminal is 11421, and the encoding information value of the second power distribution terminal is greater than the encoding information value of the first power distribution terminal. The first and second combined keys at this time are the digits of the second negotiation key-the digits of the relay key-the digits of the first combined key.
The first negotiation key, the middle negotiation key and the second negotiation key are sequenced according to the coding information of the first power distribution terminal and the second power distribution terminal, and the sequencing result is filled into the corresponding slot position, so that the first negotiation key, the middle negotiation key and the second negotiation key can be rapidly combined to obtain the combined key, and the generation efficiency of the combined key is improved.
Step S150, if the relay device determines that the first combination key and the second combination key are the same, the first power distribution terminal and the second power distribution terminal establish a data transmission channel based on the first combination key and/or the second combination key.
In the technical solution provided by the present invention, as shown in fig. 3, step S150 specifically includes:
step S1501, the first power distribution terminal and the second power distribution terminal generate the first combination key and the second combination key and then respectively send the first combination key and the second combination key to the relay device. The first power distribution terminal and the second power distribution terminal respectively send the first combined key and the second combined key which are respectively generated to the relay equipment to seek verification.
Step S1502, if the relay device determines that the first combination key and the second combination key are the same, sends a request instruction to the first power distribution terminal, and sends a receiving instruction to the second power distribution terminal. When the first combined key and the second combined key are the same, the relay device serving as a third party can respectively send corresponding instructions to the first power distribution terminal and the second power distribution terminal, and before the instructions are sent, the relay device can judge the relationship between the coding information values of the first power distribution terminal and the second power distribution terminal. The setting of the mode can ensure that the relay equipment can fix the establishment mode of the data transmission channel between the first power distribution terminal and the second power distribution terminal. Namely, a request instruction is sent to the first power distribution terminal, and a receiving instruction is sent to the second power distribution terminal.
Step S1503, after receiving the request instruction, the first power distribution terminal requests the second power distribution terminal to establish a data transmission channel based on the first combined key. According to the technical scheme provided by the invention, the first power distribution terminal can request the second power distribution terminal to establish a data transmission channel with the first power distribution terminal after receiving the request instruction.
Step S1504, the second power distribution terminal receives a request of the first power distribution terminal based on the receiving instruction, verifies the first combined key according to the second combined key, and if the first combined key is the same as the second combined key, establishes a data transmission channel based on the first combined key by the first power distribution terminal and the second power distribution terminal. The second power distribution terminal verifies the first combined key sent by the first power distribution terminal after receiving the request of the first power distribution terminal, and when the first combined key is the same as the second combined key, the first power distribution terminal and the second power distribution terminal establish a data transmission channel. At this time, the encryption key of the data transmitted in the data transmission channel is the first combined key.
The embodiment of the present invention further provides a distribution terminal point-to-point key agreement device based on a quantum secure channel, a first distribution terminal, a second distribution terminal, and a relay device, where the first distribution terminal, the second distribution terminal, and the relay device are respectively connected to a quantum network base platform, and key agreement is performed between the first distribution terminal and the second distribution terminal through the following devices, as shown in fig. 4, the distribution terminal point-to-point key agreement device specifically includes:
a first channel establishing module, configured to enable the first power distribution terminal and the relay device to establish a first channel based on a received first transmission key and a relay key, and enable the second power distribution terminal and the relay device to generate a second channel based on a received second transmission key and a relay key;
the first key negotiation module is used for enabling the first power distribution terminal to generate a first negotiation key based on attribute information and data capture information at the current moment, the first negotiation key is transmitted to the relay equipment through the first channel, the relay equipment generates an intermediate negotiation key based on attributes of the first channel and the second channel, and the first negotiation key and the intermediate negotiation key are respectively sent to the second power distribution terminal;
the second key negotiation module is used for enabling a second power distribution terminal to generate a second negotiation key based on attribute information and data capture information at the current moment, the second negotiation key is transmitted to the relay equipment through the second channel, the relay equipment generates an intermediate negotiation key based on attributes of the second channel and the first channel, and the second negotiation key and the intermediate negotiation key are respectively sent to the first power distribution terminal;
the combination module is used for enabling the first power distribution terminal and the second power distribution terminal to generate a first combination key and a second combination key respectively based on the first negotiation key, the intermediate negotiation key and the second negotiation key;
and the second channel establishing module is used for establishing a data transmission channel by the first power distribution terminal and the second power distribution terminal based on the first combined key and/or the second combined key if the relay equipment judges that the first combined key and the second combined key are the same.
In another embodiment of the present invention, as shown in fig. 5, quantum CPE and ith distribution terminal are set
A shared key of
. It is now necessary to establish a secure channel between two distribution terminals, e.g. for distribution terminals
And a power distribution terminal
Establishing a secure channel (i.e. using)
And
is composed of
And
a shared key is negotiated). And designing a key negotiation mechanism between the power distribution terminals. The key agreement between two power distribution terminals is mainly divided into three stages, the first stage
Transit through quantum CPE will
To be transmitted to
And then the second stage
Also through quantum CPE will
To be transmitted to
And finally, the two parties in the third stage use the same hash function to obtain a consistent shared key. The specific contents of the two exchanges are shown in the following table:
the basic idea is as follows:
(1) in the step 001 of the method, the steps of,
randomly generating a number
And through
Secure quantum channel with quantum CPEN i And sending the data to the quantum CPE.
(2) Step 002, quantum CPE by itself with
The safe quantum channel betweenN i Forward to
。
(3) In the step 003 of the method,
randomly generating a number
And through
Secure quantum channel with quantum CPE
And sending the data to the quantum CPE.
(4) Step 004, Quantum CPE by itself with
The safe quantum channel between
Forward to
。
(5) As in the first 4 steps, there is no error,
and
each calculating
. K is obtained as
And
a shared key between.
(6) In step 005, if a network failure or transmission ERROR occurs, each party can transmit 005 ERROR to the other two parties, and the party receiving RST clears the message queue established before, and forces the object just participating in the negotiation to start key negotiation again from 001 message.
In another embodiment of the present invention, as shown in fig. 6, a power distribution terminal is set
And
the secure channel between has been established and the shared key is K. There is now a need to authenticate the security and correctness of the negotiated key K. And the correctness of the key negotiation result is ensured. The authentication process between two power distribution terminals is divided into four phases. In the first stage, the first stage is that,
using a shared secret key K and the other party
Is mapped to a value by a hash function
And then sends it to the secure channel established by the two parties
. A second stage in
Receive from
Thereafter, it verifies its own public key
And whether the shared secret key K calculated by the user can obtain the same t value after hash mapping. At the moment, if the verification is passed and the third phase is entered, otherwise the key agreement fails, a 005 number message is sent and the key agreement is carried out againAnd (6) negotiating. In the third stage, the first step is that,
using a shared secret key K and the other party
Is mapped to a value by a hash function
And is combined with
Is sent to
. A fourth stage of
Receive from
Thereafter, it verifies its own public key
And whether the shared secret key K calculated by the user can obtain the same t value after hash mapping. If the two are equal, the authentication is passed, otherwise, the key negotiation fails, and a message of No. 005 is sent for renegotiation. The specific content of the exchanges is shown in the following table:
the basic idea is as follows:
(1) in the step 006, the process is executed,
computing
And is combined with
Is sent to
。
(2) In a step 007 of the method, the step of the method,
receive from
Then, calculate
And compare
Whether or not equal to
If the two are equal, the verification is passed, otherwise, the key negotiation fails, and a message No. 005 is sent for renegotiation.
If the verification is passed, go to step 008,
computing
And is combined with
Is sent to
。
(3) In the step 009,
receive from
Then, calculate
And compare
Whether or not equal to
If the two are equal, the verification is passed, otherwise, the key negotiation fails, and a message No. 005 is sent for renegotiation.
The readable storage medium may be a computer storage medium or a communication medium. Communication media includes any medium that facilitates transfer of a computer program from one place to another. Computer storage media may be any available media that can be accessed by a general purpose or special purpose computer. For example, a readable storage medium is coupled to the processor such that the processor can read information from, and write information to, the readable storage medium. Of course, the readable storage medium may also be an integral part of the processor. The processor and the readable storage medium may reside in an Application Specific Integrated Circuits (ASIC). Additionally, the ASIC may reside in user equipment. Of course, the processor and the readable storage medium may also reside as discrete components in a communication device. The readable storage medium may be a read-only memory (ROM), a random-access memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.
The present invention also provides a program product comprising execution instructions stored in a readable storage medium. The at least one processor of the device may read the execution instructions from the readable storage medium, and the execution of the execution instructions by the at least one processor causes the device to implement the methods provided by the various embodiments described above.
In the above embodiments of the terminal or the server, it should be understood that the Processor may be a Central Processing Unit (CPU), other general-purpose processors, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the present invention may be embodied directly in a hardware processor, or in a combination of the hardware and software modules within the processor.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (9)
1. A power distribution terminal point-to-point key negotiation method based on a quantum secure channel is characterized by comprising a first power distribution terminal, a second power distribution terminal and relay equipment, wherein the first power distribution terminal, the second power distribution terminal and the relay equipment are respectively connected with a quantum network basic platform, and key negotiation is performed between the first power distribution terminal and the second power distribution terminal through the following steps of:
the first power distribution terminal and the relay equipment establish a first channel based on the received first transmission key and the relay key, and the second power distribution terminal and the relay equipment generate a second channel based on the received second transmission key and the relay key;
the first power distribution terminal generates a first negotiation key based on attribute information and data capture information at the current moment, the first negotiation key is transmitted to the relay equipment through the first channel, the relay equipment generates an intermediate negotiation key based on attributes of the first channel and the second channel, and the first negotiation key and the intermediate negotiation key are respectively sent to the second power distribution terminal;
the second power distribution terminal generates a second negotiation key based on attribute information and data capture information at the current moment, the second negotiation key is transmitted to the relay equipment through the second channel, and the relay equipment respectively sends the second negotiation key and the intermediate negotiation key to the first power distribution terminal;
the first power distribution terminal and the second power distribution terminal generate a first combined key and a second combined key respectively based on the first negotiation key, the intermediate negotiation key and the second negotiation key;
and if the relay equipment judges that the first combined key is the same as the second combined key, the first power distribution terminal and the second power distribution terminal establish a data transmission channel based on the first combined key and/or the second combined key.
2. The quantum secure channel-based power distribution terminal point-to-point key agreement method according to claim 1,
the quantum network basic platform is used for generating a first transmission key, a relay key and a second transmission key;
and respectively distributing the first transmission key, the relay key and the second transmission key to a first power distribution terminal, relay equipment and a second power distribution terminal based on a quantum security service engine and a terminal key distribution system.
3. The quantum secure channel-based power distribution terminal point-to-point key agreement method according to claim 2,
and the attribute information of the first power distribution terminal and the second power distribution terminal is preset.
4. The quantum secure channel-based power distribution terminal point-to-point key agreement method according to claim 1,
the first power distribution terminal generating a first negotiation key based on the attribute information and the data capture information at the current moment comprises the following steps:
acquiring electric energy monitoring data of a first power distribution terminal at the current moment, and capturing first electric energy information and second electric energy information in the electric energy monitoring data, wherein the data capturing information comprises the first electric energy information and the second electric energy information;
the attribute information comprises a coding information value of the first power distribution terminal and time information of the current moment, and the time information is quantized to obtain a quantized time value;
the first negotiation key is calculated by the following formula,
wherein the content of the first and second substances,
in order to negotiate the key for the first time,
is a weight value of the first power information,
is a magnitude of the first power information,
is the weight value of the second power information,
is the magnitude of the second power information,
is the encoded information value of the first power distribution terminal,
a quantized time value for the first power distribution terminal,
is a preset adjustment value;
the relay device generating an intermediate negotiation key based on the attributes of the first channel and the second channel comprises:
the relay equipment acquires a first time when the first channel is established and a second time when the second channel is established, and generates an intermediate negotiation key based on the first time and the second time.
5. The quantum secure channel-based power distribution terminal point-to-point key agreement method according to claim 1,
the second power distribution terminal generates a second negotiation key based on the attribute information and the data capture information at the current moment, and the transmission of the second negotiation key to the relay device through the second channel comprises the following steps:
acquiring electric energy monitoring data of a second power distribution terminal at the current moment, and capturing third electric energy information and fourth electric energy information in the electric energy monitoring data, wherein the data capturing information comprises the third electric energy information and the fourth electric energy information;
the attribute information comprises a coding information value of the second power distribution terminal and time information of the current moment, and the time information is quantized to obtain a quantized time value;
the second negotiation key is calculated by the following formula,
wherein the content of the first and second substances,
in order to negotiate the key for the second time,
is a weight value of the third power information,
is the magnitude of the third power information,
is the weight value of the fourth power information,
is the magnitude of the fourth power information,
is the encoded information value of the second power distribution terminal,
a quantized time value for the second power distribution terminal,
is a preset adjustment value;
the relay device generating an intermediate negotiation key based on the attributes of the second channel and the first channel comprises:
the relay equipment acquires a first time when the first channel is established and a second time when the second channel is established, and generates an intermediate negotiation key based on the first time and the second time.
6. The distribution terminal point-to-point key agreement method based on the quantum secure channel as claimed in any one of claims 4 or 5,
the first power distribution terminal and the second power distribution terminal respectively generate a first combined key and a second combined key based on the first negotiated key, the intermediate negotiated key and the second negotiated key, and the method comprises the following steps:
and the first power distribution terminal and the second power distribution terminal respectively acquire the coding information values of the first power distribution terminal and the second power distribution terminal, and based on the coding information values, the first negotiation key, the intermediate negotiation key and the second negotiation key are respectively filled into a preset key generation template to generate a first combination key and a second combination key.
7. The quantum secure channel-based power distribution terminal point-to-point key agreement method according to claim 6,
based on the coding information value, filling the first negotiation key, the intermediate negotiation key and the second negotiation key into a preset key generation template respectively to generate a first combination key and a second combination key comprises:
the key generation template comprises a first slot position, a second slot position and a third slot position;
and if the coding information value of the first power distribution terminal is greater than that of the second power distribution terminal, the first negotiation key is arranged in the first slot position, the second negotiation key is arranged in the third slot position, and the relay key is arranged in the second slot position.
8. The quantum secure channel-based power distribution terminal point-to-point key agreement method according to claim 7,
if the relay device determines that the first combined key and the second combined key are the same, the step of establishing a data transmission channel by the first power distribution terminal and the second power distribution terminal based on the first combined key and/or the second combined key comprises:
the first power distribution terminal and the second power distribution terminal generate the first combined key and the second combined key and then respectively send the first combined key and the second combined key to the relay equipment;
the relay equipment sends a request instruction to a first power distribution terminal and sends a receiving instruction to a second power distribution terminal when judging that the first combined key is the same as the second combined key;
after receiving the request instruction, the first power distribution terminal requests the second power distribution terminal to establish a data transmission channel on the basis of the first combined key;
and the second power distribution terminal receives a request of the first power distribution terminal based on the receiving instruction, verifies the first combined key according to the second combined key, and establishes a data transmission channel based on the first combined key if the first combined key is the same as the second combined key.
9. The quantum secure channel-based power distribution terminal point-to-point key agreement method according to claim 6,
the first power distribution terminal and the second power distribution terminal respectively have unique coded information values.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111335330.2A CN113784345B (en) | 2021-11-11 | 2021-11-11 | Power distribution terminal point-to-point key negotiation method and device based on quantum secure channel |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111335330.2A CN113784345B (en) | 2021-11-11 | 2021-11-11 | Power distribution terminal point-to-point key negotiation method and device based on quantum secure channel |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113784345A CN113784345A (en) | 2021-12-10 |
| CN113784345B true CN113784345B (en) | 2022-02-08 |
Family
ID=78956895
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111335330.2A Active CN113784345B (en) | 2021-11-11 | 2021-11-11 | Power distribution terminal point-to-point key negotiation method and device based on quantum secure channel |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113784345B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117376404B (en) * | 2023-11-10 | 2024-04-26 | 国网浙江省电力有限公司绍兴供电公司 | Transformer substation communication network frame architecture based on wireless public network and quantum encryption |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108809645A (en) * | 2018-07-24 | 2018-11-13 | 南方电网科学研究院有限责任公司 | The method, apparatus and electrical power distribution automatization system of key agreement |
| CN108880800A (en) * | 2018-07-03 | 2018-11-23 | 北京智芯微电子科技有限公司 | Adapted electrical communication system and method based on quantum secret communication |
-
2021
- 2021-11-11 CN CN202111335330.2A patent/CN113784345B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108880800A (en) * | 2018-07-03 | 2018-11-23 | 北京智芯微电子科技有限公司 | Adapted electrical communication system and method based on quantum secret communication |
| CN108809645A (en) * | 2018-07-24 | 2018-11-13 | 南方电网科学研究院有限责任公司 | The method, apparatus and electrical power distribution automatization system of key agreement |
Non-Patent Citations (1)
| Title |
|---|
| 基于Mesh网络的自组网配电终端安全互联设计;戴瑞海 等;《电工技术》;20170710;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113784345A (en) | 2021-12-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110581854B (en) | Intelligent terminal safety communication method based on block chain | |
| CN111935714B (en) | Identity authentication method in mobile edge computing network | |
| CN104486316A (en) | Quantum key classification providing method for improving electric power data transmission security | |
| CN104219056A (en) | Privacy protection type real-time electric charge collecting method for intelligent power grid | |
| CN110932854B (en) | Block chain key distribution system and method for Internet of things | |
| CN110505053B (en) | Quantum key filling method, device and system | |
| CN110505227A (en) | Power telecom network access authentication method and device based on block chain | |
| CN114422115B (en) | Power grid data encryption transmission method, system, equipment and readable storage medium | |
| CN112910861A (en) | Group authentication and segmented authentication-based authentication method for terminal equipment of power internet of things | |
| CN113630407A (en) | Method and system for enhancing transmission security of MQTT protocol by using symmetric cryptographic technology | |
| CN110765478A (en) | Big data information secure storage encryption system and method thereof | |
| CN112613006A (en) | Power data sharing method and device, electronic equipment and storage medium | |
| CN109995739A (en) | A kind of information transferring method, client, server and storage medium | |
| CN114286416A (en) | Communication control method and device, electronic device and storage medium | |
| CN113784345B (en) | Power distribution terminal point-to-point key negotiation method and device based on quantum secure channel | |
| Liu et al. | Study on network security based on PCA and BP neural network under green communication | |
| Li et al. | A Group-based End-to-end Identity Authentication Method for Massive Power Wireless Private Network | |
| CN114760602A (en) | Holographic communication method, device, system and computer readable storage medium | |
| CN112995939B (en) | Wireless sensor network transmission and cloud service access control system | |
| CN102291236B (en) | Method and system for realizing safe charging in peer-to-peer network | |
| CN114071461A (en) | 5G communication module based on quantum key encryption | |
| CN115277090B (en) | Security authentication system based on lightweight algorithm and working method thereof | |
| CN113360937B (en) | Cloud platform key distribution method and system based on intelligent contracts | |
| CN114679312B (en) | Encryption method, electronic device, and computer-readable storage medium | |
| Tamizhselvan et al. | Distributed time-dependent key management scheme for internet of things |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |