CN114362923B - Secret key refreshing system and method in quantum secret communication system - Google Patents

Secret key refreshing system and method in quantum secret communication system Download PDF

Info

Publication number
CN114362923B
CN114362923B CN202011039050.2A CN202011039050A CN114362923B CN 114362923 B CN114362923 B CN 114362923B CN 202011039050 A CN202011039050 A CN 202011039050A CN 114362923 B CN114362923 B CN 114362923B
Authority
CN
China
Prior art keywords
key
quantum
refreshing
user terminal
service station
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011039050.2A
Other languages
Chinese (zh)
Other versions
CN114362923A (en
Inventor
富尧
钟一民
杨羽成
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruban Quantum Technology Co Ltd
Nanjing Ruban Quantum Technology Co Ltd
Original Assignee
Ruban Quantum Technology Co Ltd
Nanjing Ruban Quantum Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ruban Quantum Technology Co Ltd, Nanjing Ruban Quantum Technology Co Ltd filed Critical Ruban Quantum Technology Co Ltd
Priority to CN202011039050.2A priority Critical patent/CN114362923B/en
Publication of CN114362923A publication Critical patent/CN114362923A/en
Application granted granted Critical
Publication of CN114362923B publication Critical patent/CN114362923B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a secret key refreshing system and a secret key refreshing method in a quantum secret communication system, wherein the system comprises a first quantum communication service station, a second quantum communication service station and a quantum secret communication user terminal, the quantum secret communication user terminal comprises a common user terminal and a secret key refreshing user terminal, near-distance communication can be carried out between the common user terminal and the secret key refreshing user terminal, the common user terminal is provided with a common quantum secret key card, and the secret key refreshing user terminal is provided with a secret key refreshing quantum secret key card. The beneficial effects are that: by combining the symmetric key pool and the key refreshing parameters obtained from the key refreshing user end, a new symmetric key pool can be obtained by calculation according to the key refreshing parameters, so that in the extreme case that the symmetric key pool in a quantum key fob is cracked, the key pool of the backup quantum key fob cannot be cracked because the enemy cannot obtain the key refreshing parameters.

Description

Secret key refreshing system and method in quantum secret communication system
Technical Field
The invention relates to the field of quantum secret communication, in particular to a secret key refreshing system and a secret key refreshing method in a quantum secret communication system.
Background
The trend in economic globalization has been overwhelming, and hundreds of billions of information flows over the internet, just like humans build a virtualized world in storage devices, focusing on privacy and knowledge. And this information is of intangible value as resources in the real world.
At present, besides the possibility that a hacker or the like steals your information, the existing message communication manufacturer can also check your communication information at any time. Therefore, in order for a person or an organization to ensure that its own information is not stolen, the key must be grasped in the own party to ensure the security of its own information, and it becomes critical for the management of the key. Conventional encryption schemes rely mainly on asymmetric cryptography. The asymmetric cryptography has the advantage of reducing much cost without requiring the process of agreement of keys by both parties. But the advent of quantum computers has made most of today's asymmetric cryptographic algorithms overwhelming.
Also present with quantum computers are quantum communications. Quantum Key Distribution (QKD) technology is guaranteed by quantum physics rationale, and can distribute keys unconditionally and securely over public channels, in principle ensuring that they must be discovered once eavesdropping is present. Once the keys are successfully established at both parties, the set of keys is secure and such keys with absolute randomness are in principle not hackable.
The quantum secret communication technology is a network for realizing safe and efficient key sharing among 2 quantum secret communication terminals by utilizing a quantum key distribution technology; classical networks are traditional data communication networks, and data transmission between devices is achieved.
However, the prior art has the following drawbacks:
1. In the prior art, some users are issued 2 or more quantum key cards with the same key pool at the same time as backup. There is a possibility that a symmetric key pool in a quantum key fob may be broken down by being lost or captured. Once the key pool of a certain quantum key fob is cracked, the key pool of the backup quantum key fob is also cracked;
2. in the prior art, after the symmetric key pool is used for a plurality of times, the used keys are not used any more, so that the number of keys in the key pool is continuously reduced. The key replenishment needs to be performed to a designated key issuing place in the quantum secret communication network; key replenishment requires a long time for data transmission and data writing due to a large amount of data; key replenishment requires manual operation by a sales clerk. It is seen that key replenishment is less convenient for the user.
For the problems in the related art, no effective solution has been proposed at present.
Disclosure of Invention
Aiming at the problems in the related art, the invention provides a key refreshing system and a key refreshing method in a quantum secret communication system, so as to overcome the technical problems in the prior art.
For this purpose, the invention adopts the following specific technical scheme:
According to one aspect of the invention, a key refreshing system in a quantum secret communication system is provided, the refreshing system comprises a first quantum communication service station, a second quantum communication service station and a quantum secret communication user terminal, and the first quantum communication service station and the second quantum communication service station are connected through a quantum key distribution network;
the quantum secret communication user terminal comprises a common user terminal and a key refreshing user terminal, short-distance communication can be carried out between the common user terminal and the key refreshing user terminal, the common user terminal is provided with a common quantum key card, and the key refreshing user terminal is provided with a key refreshing quantum key card.
Further, the key refreshing quantum key card is issued by the first quantum communication service station, the common quantum key card is issued by the second quantum communication service station, a first symmetric key pool shared with the first quantum communication service station is configured in the key refreshing quantum key card, and a second symmetric key pool shared with the second quantum communication service station is configured in the common quantum key card.
Further, the key refreshing user terminal includes, but is not limited to, at least one of a gateway, a server in a user local area network, or an operator-controlled operation terminal in the internet, and the key refreshing user terminal can be independently authenticated with the first quantum communication service station.
Further, the near field communication includes, but is not limited to, a near field communication mode such as wired connection, two-dimensional code communication, near field communication, infrared communication or bluetooth communication, and the content of the near field communication includes information of the common user terminal and user information thereof collected by the key refreshing user terminal, and further includes a key refreshing parameter sent by the key refreshing user terminal to the common user terminal.
According to another aspect of the present invention, there is provided a key refreshing method in a quantum secret communication system, the refreshing method comprising the steps of:
s1, identity authentication between a first quantum communication service station and a key refreshing user terminal is realized by using an identity authentication method between the user terminal and the service station;
S2, implementing identity authentication between the second quantum communication service station and the common user terminal according to an identity authentication method between the user terminal and the service station;
S3, realizing identity authentication between the common user terminal and the key refreshing user terminal according to an identity authentication method between the user terminals;
s4, the common user side acquires the key refreshing parameter and refreshes a key pool.
Further, the step S1 of implementing identity authentication between the first quantum communication service station and the key refreshing user terminal by using an identity authentication method between the user terminal and the service station specifically includes the following steps:
S11, the key refreshing user terminal and the first quantum communication service station adopt preset key selection logic, and the same first symmetric keys are respectively taken out from respective first symmetric key pools;
And S12, respectively using the first symmetric key to carry out bidirectional challenge response authentication by the key refreshing user terminal and the first quantum communication service station, and obtaining a first session key between the key refreshing user terminal and the first quantum communication service station after the authentication is completed.
Further, the step S2 of implementing identity authentication between the second quantum communication service station and the common user terminal according to the identity authentication method between the user terminal and the service station specifically includes the following steps:
S21, the common user terminal and the second quantum communication service station adopt preset key selection logic, and the same second symmetric keys are respectively taken out from respective second symmetric key pools;
S22, the common user terminal and the second quantum communication service station respectively use the second symmetric key to carry out bidirectional challenge response authentication, and a second session key between the common user terminal and the second quantum communication service station is obtained after authentication is completed.
Further, the first quantum communication service station stores a first symmetric key pool which is the same as the corresponding key refreshing user side, and the second quantum communication service station stores a second symmetric key pool which is the same as the corresponding common user side.
Further, the step S3 of implementing identity authentication between the common user terminal and the key refreshing user terminal according to the identity authentication method between the user terminals specifically includes the following steps:
s31, setting the key refreshing user terminal to belong to the first quantum communication service station, and setting the common user terminal to belong to the second quantum communication service station;
S32, the first quantum communication service station and the second quantum communication service station generate a quantum key distribution key through a quantum key distribution network;
S33, the first quantum communication service station encrypts the quantum key distribution key by using a first session key and sends first encryption information to the key refreshing user side;
s34, the key refreshing user decrypts the first encrypted information by using the first session key to obtain the quantum key distribution key;
S35, the second quantum communication service station encrypts the quantum key distribution key by using a second session key and sends second encryption information to the common user terminal;
S36, the common user decrypts the second encrypted information by using the second session key to obtain the quantum key distribution key;
S37, the key refreshing user terminal and the common user terminal respectively use the corresponding quantum key distribution keys to carry out bidirectional challenge response authentication, and a third session key between the key refreshing user terminal and the common user terminal is obtained after authentication is completed.
Further, the step S4 of the general user side obtaining a key refreshing parameter and refreshing a key pool specifically includes the following steps:
s41, the key refreshing user sends information of an object to be subjected to identity authentication and key refreshing parameters to the first quantum communication service station;
S42, the first quantum communication service station sends information of an object to be subjected to identity authentication and information of a secret key refreshing parameter to the second quantum communication service station, and informs the second quantum communication service station to refresh the second symmetric secret key pool;
s43, the key refreshing user terminal encrypts the key refreshing parameter and sends third encryption information to the common quantum key fob of the common user terminal;
S44, the common user terminal receives the third encrypted information, decrypts the third encrypted information to obtain the key refreshing parameter, and refreshes the second symmetric key pool by using the key refreshing parameter.
The beneficial effects of the invention are as follows:
1) The invention combines the symmetric key pool and the key refreshing parameter obtained from the key refreshing user terminal, and can calculate the new symmetric key pool according to the key refreshing parameter, so that the key pool of the backup quantum key card can not be cracked under the extreme condition that the symmetric key pool in a quantum key card is cracked because the enemy can not obtain the key refreshing parameter.
2) After the symmetric key pool is used for a plurality of times, the security and the service life of the symmetric key pool can be improved through key refreshing. The key supplementation is not required to be carried out to a designated key issuing place in the quantum secret communication network, and only is required to be carried out to a key refreshing user end with a number of key issuing places being much larger than that of the key issuing places; because the data volume is smaller, the key refreshing only needs a shorter time for data transmission and data writing; the key refreshing user terminal is a self-service terminal, and meanwhile, the common user terminal and user information thereof are stored for post audit, and manual operation of a sales clerk is not needed. It can be seen that the key refreshing is more convenient for the user than the key supplementing, and meets the requirements of the user in some cases.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a block diagram of a key refreshing system in a quantum secure communication system according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of acquiring a key refreshing parameter by a common user side in a key refreshing method in a quantum secret communication system according to an embodiment of the present invention.
Detailed Description
For the purpose of further illustrating the various embodiments, the present invention provides the accompanying drawings, which are a part of the disclosure of the present invention, and which are mainly used to illustrate the embodiments and, together with the description, serve to explain the principles of the embodiments, and with reference to these descriptions, one skilled in the art will recognize other possible implementations and advantages of the present invention, wherein elements are not drawn to scale, and like reference numerals are generally used to designate like elements.
According to the embodiment of the invention, a key refreshing system and a key refreshing method in a quantum secret communication system are provided.
The present invention will be further described with reference to the accompanying drawings and detailed description, as shown in fig. 1, according to an embodiment of the present invention, there is provided a key refreshing system in a quantum secret communication system, where the refreshing system includes a quantum communication service station (quantum communication service station QA and quantum communication service station QB), a quantum secret communication client, and a quantum key fob. The quantum key fob contains a pool of symmetric keys that is shared with the quantum communication service station that issued the quantum key fob.
The quantum communication service stations are connected by a QKD (quantum key distribution) network.
The quantum secret communication user terminal is divided into a common user terminal B and a key refreshing user terminal A. The common user terminal B is provided with a common quantum key card, and the common quantum key card has the possibility of losing or being stolen; the key refreshing user side A is provided with a key refreshing quantum key card.
The key refreshing user end A is an important user end, such as a gateway, a server in a user local area network or an operation terminal controlled by an operator in the Internet, and the quantum key card is unlikely to be lost or stolen due to higher security protection level; the key refreshing user A can be independently authenticated with the quantum communication service station; the key refreshing user terminal a can perform close-range communication with the common user terminal B, such as wired connection, two-dimension code communication, NFC communication, infrared communication, bluetooth communication, etc., wherein the communication content is that the key refreshing user terminal a collects information (identity number, model, device code, photo, biological information, identity card information, etc. of the user) of the common user terminal B and user information of the common user terminal B, and the key refreshing user terminal a sends a key refreshing parameter KR to the common user terminal B.
If the user loses the ordinary quantum key card, the user reports to the quantum communication network that the ordinary quantum key card is lost and possibly stolen. The quantum communication service station marks the key in the key fob as unusable and the key needs to be refreshed for use. When the pirate refreshes the common quantum key card, professionals can acquire information of the pirate at the corresponding refreshing client side, so that the pirate is caught.
According to another aspect of the present invention, there is provided a key refreshing method in a quantum secret communication system, the refreshing method comprising the steps of:
S1, key refreshing user side authentication (identity authentication between a quantum communication service station QA and a key refreshing user side A is realized by using an identity authentication method between the user side and the service station);
The quantum communication service station stores the same symmetric key pool as the corresponding key refreshing user terminal A, and the symmetric key pool of the key refreshing user terminal A is stored in the key refreshing quantum key card. The key refreshing user terminal A and the quantum communication service station can take out the same symmetric key from the symmetric key pool through a preset key selection logic.
The symmetric key is used for bidirectional challenge response authentication, and the key is not used after being used or is used after being converted, so that the key is replaced after each authentication.
After authentication is completed, a session key KSA is arranged between the key refreshing user end A and the quantum communication service station;
S2, common user authentication (the identity authentication between the QB and the common user terminal B is realized according to an identity authentication method between the user terminal and the service station);
The quantum communication service station stores the same symmetric key pool as the corresponding common user terminal B, and the symmetric key pool of the common user terminal B is stored in the own common quantum key card. The common user terminal B and the quantum communication service station can take out the same symmetric key from the symmetric key pool through a preset key selection logic.
The symmetric key is used for bidirectional challenge response authentication, and the key is not used after being used or is used after being converted, so that the key is replaced after each authentication.
After authentication is completed, a session key KSB is arranged between the common user terminal B and the quantum communication service station.
S3, authentication between the common user terminal and the key refreshing user terminal (identity authentication between the common user terminal B and the key refreshing user terminal A is realized according to an identity authentication method between the user terminals);
Hereinafter, the key refreshing user terminal a is referred to as a user terminal a, and the common user terminal B is referred to as a user terminal B.
It is assumed that the user terminal a and the user terminal B belong to the quantum communication service stations QA and QB, respectively. The session key between A and QA is KSA and the session key between B and QB is KSB.
QA and QB generate a QKD (quantum key distribution) key KQ using a QKD network.
QA encrypts KQ using KSA to obtain { KQ } KSA, and then sends { KQ } KSA to A. A KQ is obtained by decrypting { KQ } KSA using KSA.
QB encrypts KQ using KSB to obtain { KQ } KSB, and then sends { KQ } KSB to B. B obtaining KQ after decrypting { KQ } KSB using KSB.
A and B use KQ as authentication key to carry out two-way challenge-response authentication, and after authentication is completed, session key KSAB is arranged between A and B.
S4, the common user side acquires key refreshing parameters, as shown in fig. 2.
Hereinafter, the key refreshing user terminal a is referred to as a user terminal a, and the common user terminal B is referred to as a user terminal B.
The key refresh formula is K new=FKR (K, KR), which means that the key K is calculated by using the key refresh parameter KR to obtain the key K new. Where F KR is a key refresh function, preferably a symmetric encryption function or a message authentication code function, the length of K new is equal to the length of K.
S41, A-QA (a key refreshing user terminal A sends information of an object to be subjected to identity authentication and key refreshing parameters to a quantum communication service station QA);
The user terminal A collects the information of the user terminal B and stores the information in the storage device of the user terminal A, wherein the storage device comprises the user terminal B and the user information of the user terminal B, and the specific information is as described above. The identity number of B is marked as IDB.
And the user side A generates a true random number key refreshing parameter KR according to a random number generator in the key refreshing quantum key fob.
The user side A encrypts the IDB and the KR by using the KSA to obtain { IDB||KR } KSA, and sends the encrypted information to the QA.
S42, QA-QB (the quantum communication service station QA sends information of an object to be subjected to identity authentication and information of a key refreshing parameter KR to the quantum communication service station QB and informs the quantum communication service station QB to refresh a symmetric key pool);
After receiving { IDB||KR } KSA, QA decrypts with KSA to obtain IDB and KR, and encrypts with QKD key KQ between QA and QB to obtain { IDB|KR } KQ. The { IDB||KR } KQ is then sent to QB.
After receiving { IDB||KR } KQ, QB decrypts the { IDB|KR } KQ by using KQ to obtain IDB and KR. And finding a key pool corresponding to the common user terminal B according to the IDB, refreshing the key pool according to a key refreshing parameter KR, wherein the refreshing process is as follows:
And equally dividing the key pool into a plurality of sections, setting each section of key as K, calculating each section of new key according to a key refreshing formula K new=FKR (K, KR), and combining to obtain a new key pool.
S43, A-B (a common quantum key card of which the key refreshing user side A encrypts the key refreshing parameter and sends the encrypted information to the common user side B);
a encrypts KR by KSAB to obtain { KR } KSAB, and sends the { KR } KSAB to a quantum key fob of a common user terminal through close range communication.
S44, refreshing the key pool (the common user terminal B receives the encryption information, decrypts to obtain the key refreshing parameter KR and refreshes the symmetric key pool by using the key refreshing parameter KR).
B receives { KR } KSAB, decrypts it using KSAB to obtain the key refresh parameter KR. And then B can break away from the key refreshing user side A to refresh the local key pool of the user side A. The refresh process is the same as the above steps.
In summary, by means of the above technical solution of the present invention, the present invention combines the symmetric key pool and the key refreshing parameter obtained from the key refreshing user, and can calculate the new symmetric key pool according to the key refreshing parameter, so that in the extreme case that the symmetric key pool in a quantum key fob is cracked, the key pool of the backup quantum key fob cannot be cracked because the enemy cannot obtain the key refreshing parameter.
In addition, after the symmetric key pool is used for a plurality of times, the security and the service life of the symmetric key pool can be improved through key refreshing. The key supplementation is not required to be carried out to a designated key issuing place in the quantum secret communication network, and only is required to be carried out to a key refreshing user end with a number of key issuing places being much larger than that of the key issuing places; because the data volume is smaller, the key refreshing only needs a shorter time for data transmission and data writing; the key refreshing user terminal is a self-service terminal, and meanwhile, the common user terminal and user information thereof are stored for post audit, and manual operation of a sales clerk is not needed. It can be seen that the key refreshing is more convenient for the user than the key supplementing, and meets the requirements of the user in some cases.
The foregoing description of the preferred embodiments of the invention is not intended to be limiting, but rather is intended to cover all modifications, equivalents, alternatives, and improvements that fall within the spirit and scope of the invention.

Claims (9)

1. The key refreshing system in the quantum secret communication system is characterized by comprising a first quantum communication service station, a second quantum communication service station and a quantum secret communication user terminal, wherein the first quantum communication service station and the second quantum communication service station are connected through a quantum key distribution network;
The quantum secret communication user terminal comprises a common user terminal and a key refreshing user terminal, wherein short-distance communication can be performed between the common user terminal and the key refreshing user terminal, the common user terminal is provided with a common quantum key card, and the key refreshing user terminal is provided with a key refreshing quantum key card;
The near field communication includes but is not limited to wired connection, two-dimensional code communication, near field communication, infrared communication or Bluetooth communication near field communication, and the content of the near field communication includes information of the common user terminal and user information thereof collected by the key refreshing user terminal, and also includes key refreshing parameters sent by the key refreshing user terminal to the common user terminal.
2. A key refresh system in a quantum secure communication system according to claim 1, wherein the key refresh quantum key fob is issued by the first quantum communication service station, the ordinary quantum key fob is issued by the second quantum communication service station, and a first symmetric key pool shared with the first quantum communication service station is provided in the key refresh quantum key fob, and a second symmetric key pool shared with the second quantum communication service station is provided in the ordinary quantum key fob.
3. A key refreshing system in a quantum secret communication system according to claim 1, wherein the key refreshing client comprises, but is not limited to, at least one of a gateway in a user local area network, a server or an operator controlled operation terminal in the internet, and the key refreshing client can be authenticated with the first quantum communication service station alone.
4. A method for refreshing a key in a quantum secret communication system, for implementing the key refreshing system in the quantum secret communication system according to any one of claims 1 to 3, characterized in that the refreshing method comprises the following steps:
s1, identity authentication between a first quantum communication service station and a key refreshing user terminal is realized by using an identity authentication method between the user terminal and the service station;
S2, implementing identity authentication between the second quantum communication service station and the common user terminal according to an identity authentication method between the user terminal and the service station;
S3, realizing identity authentication between the common user terminal and the key refreshing user terminal according to an identity authentication method between the user terminals;
s4, the common user side acquires the key refreshing parameter and refreshes a key pool.
5. The method for refreshing a key in a quantum secret communication system according to claim 4, wherein the step S1 of implementing identity authentication between the first quantum secret communication service station and the key refreshing client by using an identity authentication method between the client and the service station specifically comprises the following steps:
S11, the key refreshing user terminal and the first quantum communication service station adopt preset key selection logic, and the same first symmetric keys are respectively taken out from respective first symmetric key pools;
And S12, respectively using the first symmetric key to carry out bidirectional challenge response authentication by the key refreshing user terminal and the first quantum communication service station, and obtaining a first session key between the key refreshing user terminal and the first quantum communication service station after the authentication is completed.
6. The method for refreshing a key in a quantum secret communication system according to claim 5, wherein the step S2 of implementing identity authentication between the second quantum secret communication service station and the common user terminal according to the identity authentication method between the user terminal and the service station specifically comprises the following steps:
S21, the common user terminal and the second quantum communication service station adopt preset key selection logic, and the same second symmetric keys are respectively taken out from respective second symmetric key pools;
S22, the common user terminal and the second quantum communication service station respectively use the second symmetric key to carry out bidirectional challenge response authentication, and a second session key between the common user terminal and the second quantum communication service station is obtained after authentication is completed.
7. The method for refreshing a key in a quantum secret communication system according to claim 6, wherein a first symmetric key pool identical to the corresponding key refreshing user terminal is stored in the first quantum communication service station, and a second symmetric key pool identical to the corresponding normal user terminal is stored in the second quantum communication service station.
8. The method for refreshing a key in a quantum secret communication system according to claim 7, wherein the step S3 of implementing identity authentication between the common ue and the key refreshing ue according to the identity authentication method between the ues specifically comprises the following steps:
s31, setting the key refreshing user terminal to belong to the first quantum communication service station, and setting the common user terminal to belong to the second quantum communication service station;
S32, the first quantum communication service station and the second quantum communication service station generate a quantum key distribution key through a quantum key distribution network;
S33, the first quantum communication service station encrypts the quantum key distribution key by using a first session key and sends first encryption information to the key refreshing user side;
s34, the key refreshing user decrypts the first encrypted information by using the first session key to obtain the quantum key distribution key;
S35, the second quantum communication service station encrypts the quantum key distribution key by using a second session key and sends second encryption information to the common user terminal;
S36, the common user decrypts the second encrypted information by using the second session key to obtain the quantum key distribution key;
S37, the key refreshing user terminal and the common user terminal respectively use the corresponding quantum key distribution keys to carry out bidirectional challenge response authentication, and a third session key between the key refreshing user terminal and the common user terminal is obtained after authentication is completed.
9. The method for refreshing the key in the quantum secret communication system according to claim 8, wherein the step S4 of the general user side obtaining the key refreshing parameter and refreshing the key pool specifically comprises the following steps:
s41, the key refreshing user sends information of an object to be subjected to identity authentication and key refreshing parameters to the first quantum communication service station;
S42, the first quantum communication service station sends information of an object to be subjected to identity authentication and information of a secret key refreshing parameter to the second quantum communication service station, and informs the second quantum communication service station to refresh the second symmetric secret key pool;
s43, the key refreshing user terminal encrypts the key refreshing parameter and sends third encryption information to the common quantum key fob of the common user terminal;
S44, the common user terminal receives the third encrypted information, decrypts the third encrypted information to obtain the key refreshing parameter, and refreshes the second symmetric key pool by using the key refreshing parameter.
CN202011039050.2A 2020-09-28 2020-09-28 Secret key refreshing system and method in quantum secret communication system Active CN114362923B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011039050.2A CN114362923B (en) 2020-09-28 2020-09-28 Secret key refreshing system and method in quantum secret communication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011039050.2A CN114362923B (en) 2020-09-28 2020-09-28 Secret key refreshing system and method in quantum secret communication system

Publications (2)

Publication Number Publication Date
CN114362923A CN114362923A (en) 2022-04-15
CN114362923B true CN114362923B (en) 2024-05-17

Family

ID=81089763

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011039050.2A Active CN114362923B (en) 2020-09-28 2020-09-28 Secret key refreshing system and method in quantum secret communication system

Country Status (1)

Country Link
CN (1) CN114362923B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108965266A (en) * 2018-06-28 2018-12-07 如般量子科技有限公司 A kind of User-to-User identity authorization system and method based on group key pond and Kerberos
WO2019069103A1 (en) * 2017-10-06 2019-04-11 Novus Paradigm Technologies Corporation A system and method for quantum-safe authentication, encryption and decryption of information
CN110380845A (en) * 2019-06-25 2019-10-25 如般量子科技有限公司 Quantum secret communication alliance chain method of commerce based on group's pool of symmetric keys, system, equipment
CN110932870A (en) * 2019-12-12 2020-03-27 南京如般量子科技有限公司 Secret sharing and timestamp based quantum communication service station key negotiation system and method
CN111314074A (en) * 2020-02-25 2020-06-19 南京如般量子科技有限公司 Secret sharing and timestamp based quantum secret communication key distribution and negotiation system

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009534923A (en) * 2006-04-18 2009-09-24 マジック テクノロジーズ,インコーポレーテッド User authentication and key management for quantum cryptography networks
US8483394B2 (en) * 2010-06-15 2013-07-09 Los Alamos National Security, Llc Secure multi-party communication with quantum key distribution managed by trusted authority
US9509506B2 (en) * 2011-09-30 2016-11-29 Los Alamos National Security, Llc Quantum key management
US10560265B2 (en) * 2013-06-08 2020-02-11 Quantumctek Co., Ltd. Mobile secret communications method based on quantum key distribution network
CN112217637B (en) * 2016-11-04 2024-03-15 华为技术有限公司 Quantum key relay method and device based on centralized management and control network
CN109561047B (en) * 2017-09-26 2021-04-13 安徽问天量子科技股份有限公司 Encrypted data storage system and method based on key remote storage

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019069103A1 (en) * 2017-10-06 2019-04-11 Novus Paradigm Technologies Corporation A system and method for quantum-safe authentication, encryption and decryption of information
CN108965266A (en) * 2018-06-28 2018-12-07 如般量子科技有限公司 A kind of User-to-User identity authorization system and method based on group key pond and Kerberos
CN110380845A (en) * 2019-06-25 2019-10-25 如般量子科技有限公司 Quantum secret communication alliance chain method of commerce based on group's pool of symmetric keys, system, equipment
CN110932870A (en) * 2019-12-12 2020-03-27 南京如般量子科技有限公司 Secret sharing and timestamp based quantum communication service station key negotiation system and method
CN111314074A (en) * 2020-02-25 2020-06-19 南京如般量子科技有限公司 Secret sharing and timestamp based quantum secret communication key distribution and negotiation system

Also Published As

Publication number Publication date
CN114362923A (en) 2022-04-15

Similar Documents

Publication Publication Date Title
EP3005608B1 (en) Authentication
CN109756329B (en) Anti-quantum computing shared key negotiation method and system based on private key pool
CN111787530B (en) Block chain digital identity management method based on SIM card
CN110932854B (en) Block chain key distribution system and method for Internet of things
CN108965338A (en) The method of three factor authentications and key agreement under environment of multi-server
CN111416715B (en) Quantum secret communication identity authentication system and method based on secret sharing
CN102946313A (en) Model and method for user authentication for quantum key distribution network
CN110380845B (en) Quantum secret communication alliance chain transaction method, system and equipment based on group symmetric key pool
CN110138548B (en) Quantum communication service station key negotiation method and system based on asymmetric key pool pair and DH protocol
CN110224816B (en) Anti-quantum computing application system based on key fob and serial number, near-field energy-saving communication method and computer equipment
CN111416712B (en) Quantum secret communication identity authentication system and method based on multiple mobile devices
CN107911211B (en) Two-dimensional code authentication system based on quantum communication network
CN101282216A (en) Method for switching three-partner key with privacy protection based on password authentication
CN106230840B (en) A kind of command identifying method of high security
CN110098925B (en) Quantum communication service station key negotiation method and system based on asymmetric key pool pair and random number
CN113595725B (en) Communication system and communication method based on quantum key card arrangement
Harn et al. A novel design of membership authentication and group key establishment protocol
CN213279684U (en) Quantum secret communication user side and quantum secret communication system
CN114362923B (en) Secret key refreshing system and method in quantum secret communication system
CN111368271A (en) Method and system for realizing password management based on multiple encryption
CN113904833B (en) Dynamic multi-factor identity authentication method and communication method based on threshold
CN215186781U (en) Quantum computing resistant mobile communication system based on quantum secret communication network
CN109302283A (en) Cloud storage method and system is acted on behalf of in anti-quantum calculation based on public asymmetric key pond
Shayan et al. IoT-based anonymous authentication protocol using biometrics in smart homes
CN114071461A (en) 5G communication module based on quantum key encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant