CN114172639B

CN114172639B - Quantum encryption communication method based on block chain

Info

Publication number: CN114172639B
Application number: CN202010950906.5A
Authority: CN
Inventors: 郭凯; 曹毅宁; 许波; 王俊华
Original assignee: Institute of Network Engineering Institute of Systems Engineering Academy of Military Sciences
Current assignee: Institute of Network Engineering Institute of Systems Engineering Academy of Military Sciences
Priority date: 2020-09-11
Filing date: 2020-09-11
Publication date: 2023-06-27
Anticipated expiration: 2040-09-11
Also published as: CN114172639A

Abstract

The invention discloses a quantum encryption communication method based on a blockchain, which comprises a plurality of encryption communication nodes and communication acceptance platform nodes, wherein based on error quantum bits proposed by negotiation interaction and information post-processing of the two parties, a quantum true random number sequence which is synchronously shared is obtained, and a service processing result is generated; transmitting a transaction to the block chain, and storing the transaction in a distributed database of the block chain after passing the common identification verification of the block chain; and the plurality of encryption communication nodes verify all service results on the blockchain, and when the service results pass the verification, new processing results are generated according to preset processing steps. The invention completes the traceability of the data storage of the alliance chain by introducing the alliance block chain, can realize the non-falsification of the behaviors on the whole chain, can quickly inquire and verify when finding out the problem node, can provide services for the outside after the whole alliance chain is verified, realizes the traceability of the whole certificate storage and behavior record, and ensures the authenticity and the security of all processes of quantum encryption.

Description

Quantum encryption communication method based on block chain

Technical Field

The invention belongs to the field of interdisciplines of optical fiber communication, wireless communication and quantum communication, in particular to a communication method for realizing tamper resistance and privacy information protection by using a blockchain technology, and particularly relates to a quantum encryption communication method, a quantum encryption communication system and a storage medium based on blockchains.

Background

The quantum communication technology is mainly based on the Hessenberg measurement inaccuracy principle, the quantum inseparable principle, the quantum unclonable principle and the like, and is characterized in that a quantum state synchronous sharing mechanism with fidelity and no damage is established for both communication parties so as to realize information interaction (quantum distribution), and eavesdropping attack and environmental disturbance of a transmission channel are monitored according to the real-time change condition of the quantum state. Quantum distribution can provide high-security information transmission support for both communication parties and synchronous shared quantum true random numbers for both communication parties, and the quantum distribution is the basis of the current most mature quantum key distribution technology.

In the field of quantum communication, information transmission among multiple parties is often involved, and even if the information transmission of a single channel of two parties is also provided with the condition that whether the information is tampered or not and cannot be traced and obtained evidence exists, aiming at the problem, the alliance blockchain can be well solved.

The blockchain technology can also be a distributed account book technology, and is a distributed storage technology for commonly maintaining a complete behavior record in a common accounting mode of a plurality of node devices. Because the blockchain technology has the characteristics of decentralization, disclosure transparency and non-falsification, the high value of the blockchain technology is gradually exerted in many application scenes. The blockchains are divided into public chains, private chains, and federation chains according to the difference of participating nodes.

Disclosure of Invention

Aiming at the prior art, the technical problem to be solved by the invention is how to realize synchronous sharing (quantum distribution) of quantum true random numbers of both communication parties on the basis of a distributed storage technology based on a blockchain while realizing the existing general quantum key distribution technology route, and the invention carries out certification on the basis of multiple nodes of the whole chain, thereby ensuring traceability of the whole process.

In order to achieve the above effects, the blockchain-based quantum encryption communication method provided by the invention comprises a plurality of encryption communication nodes and communication acceptance platform nodes, wherein the encryption communication nodes and the communication acceptance platform nodes are interconnected by independent quantum channels, and the communication acceptance platform nodes receive data requests of the encryption communication nodes;

based on error quantum bits proposed by both parties through negotiation interaction and information post-processing, acquiring a quantum true random number sequence shared synchronously, and generating a service processing result, wherein the service processing result at least comprises a data abstract of the processing result;

the transaction is sent to the block chain, and the transaction comprises a business processing result which is stored in a distributed database of the block chain after passing the consensus verification of the block chain;

and the plurality of encryption communication nodes verify all service results on the blockchain, and when the service results pass the verification, new processing results are generated according to preset processing steps.

Preferably, a true random number synchronous sharing mechanism is established between the encrypted communication node and the communication acceptance platform node by quantum distribution, and the security concern low-speed data is hidden in the non-security concern high-speed data in a heterogeneous data mixed transmission mode.

Preferably, the service processing result includes a hash digest of the data request and a hash digest of the quantum key protocol of the encrypted transmission.

Preferably, the quantum key distribution protocols include, but are not limited to, BB84 protocol, E91 protocol, BBM92 protocol, high-dimensional quantum key distribution protocol, time-energy entanglement protocol, TF protocol, continuous variable quantum key distribution protocol.

Preferably, the communication parties agree in advance on a criterion and a marking method for the security concern low-speed data and the non-security concern high-speed data.

Preferably, the communication parties agree in advance on a high-speed data block length and a low-speed data insertion bit number, and the high-speed data block length and the low-speed data insertion bit number are fixed-length or variable-length.

Preferably, the two communication parties agree in advance whether the low-speed data is inserted into the high-speed data block at any position before the first bit, after the last bit or in the middle of the high-speed data block.

Preferably, the plurality of encrypted communication nodes and the communication reception platform node are federation member node devices.

A system for implementing a blockchain-based quantum cryptography communication method, comprising a quantum light source, a polarization controller, a polarization beam splitter, a single photon detector, the system further comprising:

the communication acceptance platform node receives a data request of the encryption communication node;

the data processing module is used for acquiring a synchronous shared quantum true random number sequence based on error quantum bits proposed by the two parties through negotiation interaction and information post-processing, and generating a service processing result, wherein the service processing result at least comprises a data abstract of the processing result;

the quantum distribution module realizes the synchronous sharing of true random numbers of two communication parties through quantum state transmission;

the data fusion module is used for dividing the non-security-oriented high-speed data into blocks, inserting a certain bit or a certain bit of the security-oriented low-speed data into each data block according to the quantum true random number distribution result, and sequentially integrating each data block to form double-speed data fusion data;

the data uplink module sends a transaction to the block chain, wherein the transaction comprises a service processing result which is stored in a distributed database of the block chain after passing through the consensus verification of the block chain;

and the data verification module is used for verifying all service results on the blockchain by the plurality of encryption communication nodes, and generating new processing results according to preset processing steps after the verification is passed.

A computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of the above method.

Compared with the prior art, the invention completes the traceability of the data storage of the alliance chain by introducing the alliance blockchain, can realize the non-falsification of the behaviors on the whole chain, can quickly inquire and verify when finding out the problem node, can externally provide services after the whole alliance chain is verified, realizes the traceability of the whole storage certificate and the behavior record, and ensures the authenticity and the security of all processes of quantum encryption.

Drawings

In order to more clearly illustrate the technical solution of the embodiments of the present invention, the drawings that are needed to be used in the embodiments of the present invention will be briefly described, and other drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.

FIG. 1 is a schematic diagram of a block chain based quantum cryptography communication system of the present invention;

FIG. 2 shows a quantum cryptography communication quantum distribution schematic diagram of the present invention;

fig. 3 shows a schematic diagram of the principle of the two-speed data fusion communication based on quantum distribution.

Detailed Description

Features and exemplary embodiments of various aspects of the present invention will be described in detail below, and in order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail below with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are merely configured to illustrate the invention and are not configured to limit the invention. It will be apparent to one skilled in the art that the present invention may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the invention by showing examples of the invention.

It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.

The method is mainly used for the situation of multiple nodes in quantum encryption communication, an Internet database is established through a distributed account book network of a block chain, a quantum communication alliance chain composed of multiple nodes participating in the quantum communication is recorded on a shared account book according to time sequence, each block data corresponds to consensus service combination achieved by each node in a period of time, and behaviors are sequentially transmitted to the blocks through hash encryption in the subsequent execution process of each step to form the block chain. The block chain uplink stores the data after hash encryption processing, so that the data of the block chain uplink is not leaked, but each time of behavior and data can be uplink, so that the record is traceable when errors occur or the block chain uplink is broken, and the problem node and the problem step can be quickly inquired at the node where the problem occurs.

The embodiment provides a quantum encryption communication method based on a blockchain, which comprises a plurality of encryption communication nodes and communication acceptance platform nodes, wherein the nodes are alliance chain power saving equipment, and the method comprises the following steps:

s1, the encryption communication node and the communication acceptance platform node are interconnected by an independent quantum channel, and the communication acceptance platform node receives a data request of the encryption communication node;

s2, based on error quantum bits proposed by both parties through negotiation interaction and information post-processing, acquiring a quantum true random number sequence shared synchronously, and generating a service processing result, wherein the service processing result at least comprises a data abstract of the processing result;

s3, sending a transaction to the blockchain, wherein the transaction comprises a business processing result, and the business processing result is stored in a distributed database of the blockchain after passing through the consensus verification of the blockchain;

and S4, verifying all service results on the blockchain by the plurality of encryption communication nodes, and generating new processing results according to preset processing steps after verification is passed.

The transaction (transaction) described in this specification refers to a piece of data that each node creates through the equipment terminals of the blockchain and needs to be published and stored to the blockchain's distributed database. In the invention, the transaction can be data of one-time quantum encryption communication, a quantum key protocol, or channel establishment of one-time encryption communication, etc. The data comprises a quantum true random number sequence, double-speed data fusion communication data, security concern low-speed data, non-security concern high-speed data and the like.

In some embodiments, a true random number synchronous sharing mechanism is established between the encryption communication node and the communication acceptance platform node by quantum distribution, and security concern low-speed data is hidden in non-security concern high-speed data in a heterogeneous data mixed transmission mode.

In some embodiments, both parties to the communication share information meeting unclonable requirements and unclonable requirements.

In some embodiments, the service processing result includes a hash digest of the data request and a hash digest of the transmitted encrypted quantum key protocol.

In some embodiments, the quantum key distribution protocols include, but are not limited to, BB84 protocol, E91 protocol, BBM92 protocol, high-dimensional quantum key distribution protocol, time-energy entanglement protocol, TF protocol, continuous variable quantum key distribution protocol.

In some embodiments, the two parties of the communication agree in advance on decision criteria and the way to flag the security concern low speed data and the non-security concern high speed data.

In some embodiments, the two parties of communication agree in advance on a high-speed data block length and a low-speed data insertion bit number, which are fixed-length or variable-length.

In some embodiments, the two parties agree in advance whether the low-speed data is inserted into the high-speed data block before the first bit, after the last bit, or anywhere in the middle of the high-speed data block.

In some embodiments, the plurality of encrypted communication nodes and the communication acceptance platform node are federation member node devices.

The invention also provides a system for realizing the quantum encryption communication method based on the blockchain, which comprises a quantum light source, a polarization controller, a polarization beam splitter and a single photon detector, and the system further comprises:

As shown in fig. 2, the present invention provides an embodiment of a quantum distribution system based on single photon polarization states, wherein the single photon sequence generated by the quantum light source has one of four polarization states H (horizontal), V (vertical), + (45 °), - (135 °) with equal probability; a sender (Alice) randomly selects one group (H/V or +/-) of two groups of orthogonal basis vectors through a polarization controller and a polarization beam splitter to modulate single photons; bob randomly selects one of two sets of orthogonal basis vectors (H/V or +/-V) through a polarization controller and a polarization beam splitter to demodulate a single photon and detect the single photon through a single photon detector; alice and Bob compare the measurement results by using a public channel and reject invalid information, and the two parties obtain a quantum (binary) true random number sequence which is synchronously shared; the true random number sequence is used as a binary key, namely quantum key distribution.

As shown in fig. 3, the invention provides an embodiment of a dual-speed data fusion communication workflow based on quantum distribution, which specifically comprises the following steps:

1. the sender Alice and the receiver Bob share the quantum true random number sequence in real time through a quantum key distribution system: 0100011101001011;

alice needs to send two groups of data to Bob simultaneously, 128 bits are total for the non-safety-critical high-speed data, 8 bits are total for the safety-critical low-speed data, each 8 bits of the non-safety-critical high-speed data are used as a data block, and all bits of the safety-critical low-speed data are independently grouped;

alice inserts the security concern low-speed data into the non-security concern high-speed data according to the quantum true random number distribution: the 1 st bit quantum true random number is 0, then no data is inserted into the 1 st group of non-safety-critical high-speed data (the X is shown as blank in the figure), the 1 st bit of the safety-critical low-speed data is inserted into the back of the 2 nd group of non-safety-critical high-speed data when the 2 nd bit quantum true random number is 1, and the 8-bit safety-critical low-speed data can be completely hidden in 128 as the safety-critical high-speed data by the same way;

alice integrates and transmits double-speed data fusion communication data to Bob, and Bob identifies safety-related low-speed data from the double-speed data fusion communication data according to a quantum true random number sequence and a pre-agreed data packet length (high-speed 8 bits and low-speed 1 bits): the 1 st bit quantum true random number is 0, the 9 th bit data is still the non-safety-critical high-speed data, the 2 nd bit quantum true random number is 1, the 17 th bit data is the safety-critical low-speed data, and the like, the extraction of the low-speed hidden data and the restoration of the high-speed data can be realized.

The invention also provides an embodiment of a quantum encryption communication method based on the blockchain, which is mainly used for the situation of multiple nodes in quantum encryption communication, an Internet database is established through a distributed account book network of the blockchain, the quantum communication alliance chain consisting of multiple nodes participating in the quantum communication is used for recording each block data on a shared account book according to time sequence, each block data corresponds to the combination of consensus services achieved by each node in a period of time, and the actions are sequentially transmitted to the blocks through hash encryption in the subsequent execution process of each step to form the blockchain. The block chain uplink stores the data after hash encryption processing, so that the data of the block chain uplink is not leaked, but each time of behavior and data can be uplink, so that the record is traceable when errors occur or the block chain uplink is broken, and the problem node and the problem step can be quickly inquired at the node where the problem occurs.

For convenience of description, the above devices are described as being functionally divided into various units, respectively. Of course, the functions of each element may be implemented in one or more software and/or hardware elements when implemented in the present application.

It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

The application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.

Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.

In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for system embodiments, since they are substantially similar to method embodiments, the description is relatively simple, as relevant to see a section of the description of method embodiments.

The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and changes may be made to the present application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc. which are within the spirit and principles of the present application are intended to be included within the scope of the claims of the present application.

Claims

1. The quantum encryption communication method based on the blockchain comprises a plurality of encryption communication nodes and communication acceptance platform nodes, wherein the encryption communication nodes and the communication acceptance platform nodes are interconnected by independent quantum channels, and the communication acceptance platform nodes receive data requests of the encryption communication nodes;

establishing an Internet database through a distributed account book network of a block chain, recording each block data in time sequence on a shared account book by a quantum communication alliance chain formed by multiple nodes involved in quantum communication, wherein each block data corresponds to the combination of consensus services achieved by each node in a period of time, and sequentially transmitting behaviors to the blocks through hash encryption in the subsequent execution process of each step to form the block chain;

2. The blockchain-based quantum encryption communication method of claim 1, wherein a true random number synchronous sharing mechanism is established between the encryption communication node and the communication acceptance platform node by quantum distribution, and security concern low-speed data is hidden in non-security concern high-speed data in a heterogeneous data mixed transmission mode.

3. The blockchain-based quantum encryption communication method according to claim 1 or 2, wherein the service processing result comprises a hash digest of the data request and a hash digest of a quantum key protocol of encrypted transmission.

4. The blockchain-based quantum cryptography communication method of claim 3, wherein the quantum key distribution protocol includes BB84 protocol, E91 protocol, BBM92 protocol, high-dimensional quantum key distribution protocol, time-energy entanglement protocol, TF protocol, continuous variable quantum key distribution protocol.

5. The blockchain-based quantum cryptography communication method of claim 1 or 2, wherein the two parties agree in advance on decision criteria and a marking manner of security-critical low-speed data and non-security-critical high-speed data.

6. The blockchain-based quantum encryption communication method of claim 1 or 2, wherein the two parties of communication agree in advance on a high-speed data block length and a low-speed data insertion bit number, which are fixed-length or variable-length.

7. The quantum-dot-chain-based communication method according to claim 1 or 2, wherein the two parties agree in advance on the position of the low-speed data inserted into the high-speed data block, which is before the first bit, after the last bit, or at any intermediate position of the high-speed data block.

8. The blockchain-based quantum cryptography communication method of claim 1 wherein the plurality of cryptography communication nodes and communication acceptance platform nodes are federation member node devices.

9. A system for implementing the blockchain-based quantum cryptography communication method of claims 1-8, comprising a quantum light source, a polarization controller, a polarizing beam splitter, a single photon detector, characterized in that the system further comprises:

the data uplink module establishes an internet database through a distributed account book network of a block chain, a quantum communication alliance chain composed of multiple nodes involved in quantum communication is used for recording each block data according to time sequence on a shared account book, each block data corresponds to consensus service combination achieved by each node in a period of time, and the actions are sequentially transmitted to the blocks through hash encryption in the subsequent execution process of each step to form the block chain;

10. A computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of the method of any of claims 1-8.