CN114205076A - Quantum key distribution system based on digital certificate - Google Patents
Quantum key distribution system based on digital certificate Download PDFInfo
- Publication number
- CN114205076A CN114205076A CN202111368962.9A CN202111368962A CN114205076A CN 114205076 A CN114205076 A CN 114205076A CN 202111368962 A CN202111368962 A CN 202111368962A CN 114205076 A CN114205076 A CN 114205076A
- Authority
- CN
- China
- Prior art keywords
- module
- digital certificate
- key
- user
- local area
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004891 communication Methods 0.000 claims abstract description 32
- 238000012795 verification Methods 0.000 claims abstract description 28
- 230000005540 biological transmission Effects 0.000 claims abstract description 26
- 238000009434 installation Methods 0.000 claims description 11
- 230000002452 interceptive effect Effects 0.000 claims description 3
- 238000000034 method Methods 0.000 description 10
- 238000004590 computer program Methods 0.000 description 7
- 238000012545 processing Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 230000000694 effects Effects 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The application relates to the technical field of network security, and provides a quantum key distribution system based on a digital certificate, which can realize safer encrypted communication and comprises the following steps: the initial verification module is used for acquiring the digital certificate application authentication information of the user when the user sends a login request to the intervening local area network; the real-name module is used for verifying the application authentication information of the digital certificate, and if the verification result indicates that the user enters the intervention local area network for the first time, the automatic prompting module prompts the user to install a root CA certificate; the CA center module is used for sending the digital certificate application authentication information to the key distribution module; and the key distribution module is used for applying for authentication information based on the digital certificate, generating a time phase type quantum key through the quantum key generation terminal, reading and safely storing the time phase type quantum key, and outputting the time phase type quantum key to an intervening local area network for encryption through online distribution or offline transmission.
Description
Technical Field
The application relates to the technical field of network security, in particular to a quantum key distribution system based on a digital certificate.
Background
Quantum key distribution is to ensure the security of communication by using quantum mechanical characteristics, and enables two communication parties to generate and share a random and secure key to encrypt and decrypt messages. In the communication of user safety access, networking between enterprises and branch institutions, interconnection financial network access and power longitudinal network access, the encryption communication can be realized through a secret key distributed by a public key algorithm.
However, some scenarios do not support some key algorithms, do not meet relevant specifications, and do not provide services of key generation, security management, data packet encryption operation and decryption operation; if the lawless persons invade, the application information of the data certificate can be leaked.
Disclosure of Invention
In view of the above, it is necessary to provide a quantum key distribution system based on digital certificates.
A digital certificate based quantum key distribution system, the system comprising:
the system comprises an initial verification module, a verification module and a verification module, wherein the initial verification module is used for acquiring digital certificate application authentication information of a user when the user sends a login request to an intervening local area network;
the real-name module is used for verifying the application authentication information of the digital certificate, and if the verification result indicates that the user enters the intervention local area network for the first time, the automatic prompting module prompts the user to install a root CA certificate;
the CA center module is used for sending the digital certificate application authentication information to the key distribution module;
and the key distribution module is used for generating a time phase type quantum key through a quantum key generation terminal based on the digital certificate application authentication information, reading and safely storing the time phase type quantum key, and outputting the time phase type quantum key to the intervention local area network for encryption through online distribution or offline transmission.
In one embodiment, the digital certificate application authentication information is transmitted via a digital certificate authentication network.
In one embodiment, the real-name module is further configured to confirm that the user loses the root CA certificate and prompt the user to manually install the root CA certificate through a manual module if the result of the verification indicates that the user does not enter the intervening local area network for the first time.
In one embodiment, the manual module is configured to instruct a user to select a "root CA certificate" for installation on a digital certificate authentication network, select a folder position to be installed according to a pop-up dialog, complete installation after clicking is determined, directly select the internet in a browser, select a desired content, and complete all operations according to a prompt.
In one embodiment, the CA center module is further configured to encrypt, decrypt, digitally sign, and sign the digital certificate application authentication information transmitted over the digital certificate authentication network.
In one embodiment, the initial authentication module comprises a login unit and an application unit;
the login unit is used for receiving a login request sent by a user to the intervening local area network;
the application unit is used for acquiring the digital certificate of the user to apply for authentication information.
In one embodiment, the key distribution module includes a key generation unit, a key reading unit, a key storage unit, and a key distribution unit.
In one of the embodiments, the first and second electrodes are,
the key generation unit is used for generating an algorithm of a key through an online or offline interactive negotiation mode;
the key reading unit and the key storage unit are used for reading and safely storing the time phase type quantum key;
and the key distribution unit is used for outputting the time phase type quantum key to the intervention local area network for encryption through online distribution and offline transmission.
In one embodiment, the intervening local area network includes a server and an encryption module.
In one embodiment, the key distribution module is connected with a computer and a printer, and the computer and the printer are in communication connection through a wire; the computer sends an instruction to the printer according to the printing content; after receiving the printing instruction, the printer reads the document content to be printed by the computer through the data line and prints the document content; the key distribution module is provided with at least two groups, and interacts data with the initial verification module through an intervening local area network.
In the quantum key distribution system based on the digital certificate, the secure encrypted communication is realized by the cooperation of the intervening local area network, the CA center module and the key distribution module, and the communication security is increased by the key generation, reading, storage, distribution and other identity authentications in the key distribution module; by combining the quantum key distribution network with the digital certificate network, even if a third party eavesdrops on a password, the two communication convenience can be perceived, and a key with safety guarantee is generated, so that the quantum secret communication network suitable for different places is realized, and stronger safety protection capability is provided for data transmission. The CA center module can carry out various processing such as encryption, decryption, digital signature and signature authentication on various information transmitted on the Internet, and can simultaneously ensure that the information is not invaded by lawbreakers in the digital transmission process, or the content in the information cannot be checked even if the information is invaded, so that the leakage of data certificate application information can be avoided, and the safety in the digital certificate storage and transmission process is improved.
Drawings
FIG. 1 is a schematic diagram of an architecture of a digital certificate based quantum key distribution system in one embodiment;
FIG. 2 is a schematic diagram of an initial verification module in one embodiment;
FIG. 3 is a schematic diagram of a CA center module in one embodiment;
FIG. 4 is a flow chart illustrating a method for quantum key distribution based on digital certificates in one embodiment;
FIG. 5 is a diagram illustrating an internal structure of a computer device according to an embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
Reference in the specification to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the specification. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.
The present application provides a quantum key distribution system based on a digital certificate, as shown in fig. 1, the system includes an initial verification module, a real name module, a ca (verification authority) central module, and a key distribution module.
The initial verification module is used for acquiring the digital certificate application authentication information of a user when the user sends a login request to an intervening local area network.
An intervening local area network is a local area network that a user wants to intervene in a local server for the user. Specifically, as shown in fig. 2, the initial verification module may include a login unit configured to receive a login request sent by a user to an intervening local area network, and an application unit configured to obtain a digital certificate of the user and apply for authentication information.
The real-name module is used for verifying the application authentication information of the digital certificate, and if the verification result indicates that the user enters the intervention local area network for the first time, the automatic prompting module prompts the user to install a root CA certificate; the root CA certificate is responsible for issuing digital certificates, authenticating digital certificates, and managing issued digital certificates.
And the CA center module is used for sending the digital certificate application authentication information to the key distribution module. The CA center module can also receive the first verification real name information of the user uploaded by the automatic prompt module.
Before issuing a digital certificate, a user needs to verify the identity information of the user in a real name, the digital certificate in the real name of the user contains basic information and public key information of the user, and part of the digital certificate is attached with related information signed by a certification center, so that a CA center module can encrypt, decrypt and store various information transmitted on the Internet, and can ensure that the information is not invaded by lawbreakers in the digital transmission process or the content in the information cannot be checked even if the information is invaded (as shown in figure 3), thereby avoiding the leakage of the authentication information applied by the data certificate and improving the safety in the storage and transmission processes of the digital certificate.
After obtaining the digital certificate, the user performs some activities that the user wants to perform through the digital certificate. However, each digital certificate is different, and the credibility of each certificate also has a certain difference, so that the digital certificate obtained by the user side is unique.
And the key distribution module is used for generating a time phase type quantum key through a quantum key generation terminal based on the digital certificate application authentication information, reading and safely storing the time phase type quantum key, and outputting the time phase type quantum key to the intervention local area network for encryption through online distribution or offline transmission.
In the system, the intervention local area network, the CA center module and the key distribution module are used in a matched manner, so that more secure encrypted communication is realized, and the security of communication is increased through multiple identity authentications such as key generation, reading, storage and distribution in the key distribution module; by combining the quantum key distribution network with the digital certificate network, even if a third party eavesdrops on a password, the two communication convenience can be perceived, and a key with safety guarantee is generated, so that the quantum secret communication network suitable for different places is realized, and stronger safety protection capability is provided for data transmission. The CA center module can carry out various processing such as encryption, decryption, digital signature and signature authentication on various information transmitted on the Internet, and can simultaneously ensure that the information is not invaded by lawbreakers in the digital transmission process, or the content in the information cannot be checked even if the information is invaded, so that the leakage of data certificate application information can be avoided, and the safety in the digital certificate storage and transmission process is improved.
The digital certificate application authentication information is transmitted through a digital certificate authentication network, and the transmission safety of the digital certificate application authentication information is ensured.
In one embodiment, the real-name module is further configured to confirm that the user loses the root CA certificate and prompt the user to manually install the root CA certificate through a manual module if the result of the verification indicates that the user does not enter the intervening local area network for the first time.
In this example, if the user does not enter the intervening local area network for the first time, the user may lose the root CA certificate, and at this time, the user may be prompted to manually install the root CA certificate through the manual module, so as to ensure normal installation of the root CA certificate.
Further, the manual module is used for instructing a user to select a root CA certificate on the digital certificate authentication network for installation, selecting a folder position to be installed according to a pop-up dialog box, completing installation after clicking is determined, directly selecting the Internet in a browser, selecting required contents, and completing all operations according to prompts.
In the above mode, the user manually installs the digital certificate authentication network, so that the installation safety can be ensured; and moreover, manual installation can be completed by directly interacting the user with the equipment, so that the installation efficiency is improved.
In one embodiment, the CA center module is further configured to encrypt, decrypt, digitally sign, and sign the digital certificate application authentication information transmitted over the digital certificate authentication network.
In one embodiment, the key distribution module includes a key generation unit, a key reading unit, a key storage unit, and a key distribution unit.
Further, the key generating unit is used for generating an algorithm of a key through an online or offline interactive negotiation manner; the key reading unit and the key storage unit are used for reading and safely storing the time phase type quantum key; and the key distribution unit is used for outputting the time phase type quantum key to the intervention local area network for encryption through online distribution and offline transmission.
Further, the intervening local area network includes a server and an encryption module, and correspondingly, the key distribution unit is configured to output the time phase type quantum key to the server through online distribution and offline transmission, and the server is encrypted by the encryption module.
In the above manner, the key distribution module interacts data with the initial verification module through the intervening local area network, and generates a time phase type quantum key through the quantum key generation terminal, so that point-to-point quantum key negotiation and quantum distribution are realized, and safer encrypted communication is realized.
In one embodiment, the key distribution module is connected with a computer and a printer, and the computer and the printer are in communication connection through a wire; the computer sends an instruction to the printer according to the printing content; after receiving the printing instruction, the printer reads the document content to be printed by the computer through the data line and prints the document content; the key distribution module is provided with at least two groups, and interacts data with the initial verification module through an intervening local area network. Preferably, the key distribution modules are set to at least 5 groups.
The present embodiment provides a quantum key distribution method based on a digital certificate, as shown in fig. 4, including the following steps:
step S401: starting digital authentication;
step S402: intervening in a local area network of a local server;
step S403: the user applies for registration login by sending digital certificate application information, checks the user identity and performs identity real-name authentication, if the user is installed for the first time, the system automatically prompts the user to install a root certificate, and the CA center performs encryption, decryption, digital signature and signature authentication on various information transmitted on the Internet; if the prompt is not given or the root certificate is lost, the user needs to manually operate to complete installation;
step S404: both sides of quantum key communication can issue and share a random and safe key for a user, and output the quantum key to an intervening local area network and encrypt the quantum key in an online distribution or offline transmission mode;
step S405: if a third party tries to eavesdrop the password, both communication parties can perceive the password;
step S406: information is transmitted through a quantum superposition state or a quantum entanglement state, a communication system can detect whether eavesdropping exists, and when the eavesdropping is lower than a certain standard, a secret key with safety guarantee can be generated.
The implementation realizes safer encrypted communication by the cooperation of the server local area network, the data certificate module and the key distribution module. And the security of communication is increased through multiple items of identity authentication such as key generation, reading, storage and distribution in the key distribution module. In addition, by combining the quantum key distribution network with the digital certificate network, even if a third party eavesdrops on the password, the two communication convenience can be perceived, and a key with safety guarantee is generated, so that the quantum secret communication network suitable for different places is realized, and stronger safety protection capability is provided for data transmission.
The CA center of this embodiment can perform various processing such as encryption, decryption, digital signature, signature authentication, etc. on various information transmitted over the internet, and can also ensure that the content cannot be viewed by lawbreakers in the process of digital transmission, or even if the content is invaded, thereby avoiding the disclosure of the data certificate application information.
In summary, the invention realizes safer encrypted communication by the cooperation of the server local area network, the data certificate module and the key distribution module, and increases the communication security by multiple identity authentications such as key generation, reading, storage and distribution in the key distribution module; by combining the quantum key distribution network with the digital certificate network, even if a third party eavesdrops on a password, the two communication convenience can be perceived, and a key with safety guarantee is generated, so that the quantum secret communication network suitable for different places is realized, and stronger safety protection capability is provided for data transmission.
The CA center module of the application can encrypt, decrypt, digitally sign and sign various processes such as authentication of signature to various information transmitted on the internet, and meanwhile, the CA center module can also ensure that the information is not invaded by lawbreakers in the process of digital transmission, or the content in the information cannot be checked even if the information is invaded, so that the disclosure of the application information of the data certificate can be avoided, and the safety of the digital certificate in the storage and transmission processes is improved.
The present application further provides a quantum key distribution system based on a digital certificate, as shown in fig. 1, including: the initial verification module consists of a login unit and an application unit, and the application unit authenticates the application of the digital certificate when a user sends a login request to the intervening local area network through the login unit; the real name module is used for verifying the signal message of which the real name information is finished, and returning a processing result to the user after the processing result is processed by the automatic prompt module and the manual module; and the CA center module is used for sending the user information processing result to the key distribution module for key distribution and receiving the first user verification real name information uploaded by the automatic prompt module.
In the embodiment, the secure encrypted communication is realized by the cooperation of the local area network, the CA center module and the key distribution module, and the security of the communication is increased by the multiple identity authentications of key generation, reading, storage, distribution and the like in the key distribution module; by combining the quantum key distribution network with the digital certificate network, even if a third party eavesdrops on a password, the two communication convenience can be perceived, and a key with safety guarantee is generated, so that the quantum secret communication network suitable for different places is realized, and stronger safety protection capability is provided for data transmission. The CA center module can carry out various processing such as encryption, decryption, digital signature and signature authentication on various information transmitted on the Internet, and can simultaneously ensure that the information is not invaded by lawbreakers in the digital transmission process, or the content in the information cannot be checked even if the information is invaded, so that the leakage of data certificate application information can be avoided, and the safety in the digital certificate storage and transmission process is improved.
It should be understood that, although the steps in the flowchart of fig. 4 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least a portion of the steps in fig. 4 may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed in turn or alternately with other steps or at least a portion of the other steps or stages.
In one embodiment, a computer device is provided, the internal structure of which may be as shown in FIG. 5. The computer device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer device is used for storing relevant data of the quantum key distribution method based on the digital certificate. The network interface of the computer device is used for communicating with an external terminal through a network connection. Which computer program is executed by a processor to carry out the steps presented in the above-mentioned implementation.
Those skilled in the art will appreciate that the architecture shown in fig. 5 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, a computer device is provided, which includes a memory and a processor, the memory stores a computer program, and the processor implements the steps of the above embodiments when executing the computer program.
In one embodiment, a computer-readable storage medium is provided, on which a computer program is stored, which, when being executed by a processor, performs the steps of the various embodiments described above.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database or other medium used in the embodiments provided herein can include at least one of non-volatile and volatile memory. Non-volatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical storage, or the like. Volatile Memory can include Random Access Memory (RAM) or external cache Memory. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM), among others.
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above examples only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (10)
1. A digital certificate based quantum key distribution system, the system comprising:
the system comprises an initial verification module, a verification module and a verification module, wherein the initial verification module is used for acquiring digital certificate application authentication information of a user when the user sends a login request to an intervening local area network;
the real-name module is used for verifying the application authentication information of the digital certificate, and if the verification result indicates that the user enters the intervention local area network for the first time, the automatic prompting module prompts the user to install a root CA certificate;
the CA center module is used for sending the digital certificate application authentication information to the key distribution module;
and the key distribution module is used for generating a time phase type quantum key through a quantum key generation terminal based on the digital certificate application authentication information, reading and safely storing the time phase type quantum key, and outputting the time phase type quantum key to the intervention local area network for encryption through online distribution or offline transmission.
2. The system of claim 1, wherein the digital certificate application authentication information is transmitted via a digital certificate authentication network.
3. The system according to claim 1, wherein the real-name module is further configured to confirm that the user loses a root CA certificate and prompt the user to manually install a root CA certificate through a manual module if the result of the verification indicates that the user does not first enter the intervening lan.
4. The system of claim 3, wherein the manual module is configured to instruct a user to select a "root CA certificate" for installation on the digital certificate authentication network, select a folder location to be installed according to a pop-up dialog box, complete installation after clicking is determined, directly select the internet in the browser, select a desired content, and complete all operations according to prompts.
5. The system of claim 1, wherein the CA center module is further configured to encrypt, decrypt, digitally sign, and sign the digital certificate application authentication information transmitted over the digital certificate authentication network.
6. The system of claim 1, wherein the initial authentication module comprises a login unit and an application unit;
the login unit is used for receiving a login request sent by a user to the intervening local area network;
the application unit is used for acquiring the digital certificate of the user to apply for authentication information.
7. The system according to claim 1, wherein the key distribution module includes a key generation unit, a key reading unit, a key storage unit, and a key distribution unit.
8. The system of claim 7,
the key generation unit is used for generating an algorithm of a key through an online or offline interactive negotiation mode;
the key reading unit and the key storage unit are used for reading and safely storing the time phase type quantum key;
and the key distribution unit is used for outputting the time phase type quantum key to the intervention local area network for encryption through online distribution and offline transmission.
9. The system of claim 8, wherein the intervening local area network comprises a server and an encryption module.
10. The system of claim 1, wherein the key distribution module is connected to a computer and a printer, and the computer and the printer are connected in communication through a wire; the computer sends an instruction to the printer according to the printing content; after receiving the printing instruction, the printer reads the document content to be printed by the computer through the data line and prints the document content; the key distribution module is provided with at least two groups, and interacts data with the initial verification module through an intervening local area network.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111368962.9A CN114205076A (en) | 2021-11-18 | 2021-11-18 | Quantum key distribution system based on digital certificate |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111368962.9A CN114205076A (en) | 2021-11-18 | 2021-11-18 | Quantum key distribution system based on digital certificate |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114205076A true CN114205076A (en) | 2022-03-18 |
Family
ID=80647970
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111368962.9A Pending CN114205076A (en) | 2021-11-18 | 2021-11-18 | Quantum key distribution system based on digital certificate |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114205076A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114785499A (en) * | 2022-04-28 | 2022-07-22 | 深圳科盾量子信息科技有限公司 | Communication system and method based on quantum encryption |
| CN114826593A (en) * | 2022-06-28 | 2022-07-29 | 济南量子技术研究院 | Quantum security data transmission method and digital certificate authentication system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103475464A (en) * | 2013-08-20 | 2013-12-25 | 国家电网公司 | Power special quantum encryption gateway system |
| CN109818756A (en) * | 2019-03-13 | 2019-05-28 | 北京信息科技大学 | A kind of identity authorization system implementation method based on quantum key distribution technology |
| WO2020140914A1 (en) * | 2019-01-02 | 2020-07-09 | 中国移动通信有限公司研究院 | Client authentication method, apparatus, and computer-readable storage medium |
| CN113037478A (en) * | 2021-03-22 | 2021-06-25 | 阿米华晟数据科技(江苏)有限公司 | Quantum key distribution system and method |
| CN113472720A (en) * | 2020-03-31 | 2021-10-01 | 山东云海安全认证服务有限公司 | Digital certificate key processing method and device, terminal equipment and storage medium |
-
2021
- 2021-11-18 CN CN202111368962.9A patent/CN114205076A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103475464A (en) * | 2013-08-20 | 2013-12-25 | 国家电网公司 | Power special quantum encryption gateway system |
| WO2020140914A1 (en) * | 2019-01-02 | 2020-07-09 | 中国移动通信有限公司研究院 | Client authentication method, apparatus, and computer-readable storage medium |
| CN109818756A (en) * | 2019-03-13 | 2019-05-28 | 北京信息科技大学 | A kind of identity authorization system implementation method based on quantum key distribution technology |
| CN113472720A (en) * | 2020-03-31 | 2021-10-01 | 山东云海安全认证服务有限公司 | Digital certificate key processing method and device, terminal equipment and storage medium |
| CN113037478A (en) * | 2021-03-22 | 2021-06-25 | 阿米华晟数据科技(江苏)有限公司 | Quantum key distribution system and method |
Non-Patent Citations (2)
| Title |
|---|
| 吕乐乐;: "数字证书在网络安全中的应用研究", 科技创新与应用, no. 07 * |
| 马丽华: "光纤通信系统", 31 August 2015, 北京邮电大学出版社, pages: 233 - 236 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114785499A (en) * | 2022-04-28 | 2022-07-22 | 深圳科盾量子信息科技有限公司 | Communication system and method based on quantum encryption |
| CN114785499B (en) * | 2022-04-28 | 2023-07-18 | 深圳科盾量子信息科技有限公司 | Communication system and method based on quantum encryption |
| CN114826593A (en) * | 2022-06-28 | 2022-07-29 | 济南量子技术研究院 | Quantum security data transmission method and digital certificate authentication system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP1782213B1 (en) | Secure messaging system with derived keys | |
| US8627084B1 (en) | Secure messaging systems | |
| US7899185B2 (en) | Real privacy management authentication system | |
| US9137017B2 (en) | Key recovery mechanism | |
| US6895501B1 (en) | Method and apparatus for distributing, interpreting, and storing heterogeneous certificates in a homogenous public key infrastructure | |
| US8196186B2 (en) | Security architecture for peer-to-peer storage system | |
| US10567370B2 (en) | Certificate authority | |
| CN109495445A (en) | Identity identifying method, device, terminal, server and medium based on Internet of Things | |
| CN111030814A (en) | Key negotiation method and device | |
| US20130124870A1 (en) | Cryptographic document processing in a network | |
| US7412059B1 (en) | Public-key encryption system | |
| CN108111497A (en) | Video camera and server inter-authentication method and device | |
| CN114205076A (en) | Quantum key distribution system based on digital certificate | |
| CN110932850A (en) | Communication encryption method and system | |
| US11483146B2 (en) | Technique for protecting a cryptographic key by means of a user password | |
| US20060053288A1 (en) | Interface method and device for the on-line exchange of content data in a secure manner | |
| CN110690969A (en) | Method and system for completing bidirectional SSL/TLS authentication in cooperation of multiple parties | |
| CN111600903A (en) | Communication method, system, equipment and readable storage medium | |
| JP6465426B1 (en) | Electronic signature system, certificate issuing system, key management system, and electronic certificate issuing method | |
| CN114238912A (en) | Digital certificate processing method and device, computer equipment and storage medium | |
| CN112261103A (en) | Node access method and related equipment | |
| CN115580415B (en) | Data interaction authentication method, device and system in block chain | |
| CN114650181B (en) | E-mail encryption and decryption method, system, equipment and computer readable storage medium | |
| CN116170759A (en) | Local area network access method and system based on WeChat | |
| US20090187760A1 (en) | Security Mechanism within a Local Area Network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |