CN114362936A - Secret key relay method in communication network based on quantum secrecy - Google Patents
Secret key relay method in communication network based on quantum secrecy Download PDFInfo
- Publication number
- CN114362936A CN114362936A CN202111626913.0A CN202111626913A CN114362936A CN 114362936 A CN114362936 A CN 114362936A CN 202111626913 A CN202111626913 A CN 202111626913A CN 114362936 A CN114362936 A CN 114362936A
- Authority
- CN
- China
- Prior art keywords
- key
- quantum
- xor
- relay
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Optical Communication System (AREA)
Abstract
The invention discloses a secret key relay method in a quantum secret communication network, wherein quantum secret keys are stored in an Alice selection secret key k1 in sequence through secret keys, are transmitted to the Alice sending command to an access node, and are sent to a relay node 1 after the access node receives the naming; in the relay node 1, the received key and the key XOR value stored in the node and calculated in advance are subjected to XOR processing, all the following relay nodes and access nodes are sequentially processed according to the previous steps, and finally the key is transmitted to the Bob end for XOR processing. In the quantum key sending process, the relay nodes can perform parallel calculation in advance, the stored quantum keys are subjected to XOR processing, the calculation result is stored, and each relay node or access node only needs to calculate XOR processing once, so that the calculation amount is reduced, and the efficiency of the transmission process is improved.
Description
Technical Field
The invention relates to the field of quantum secret communication and quantum computation, in particular to a secret key relay method in a communication network based on quantum secret.
Background
Quantum communication is a novel communication mode for information transmission by using quantum superposition states and entanglement effects, is a novel interdiscipline developed in the last two decades, and belongs to the novel research field of combination of quantum theory and information theory. With the technical progress, quantum communication has gradually been realized from theory in recent years and developed towards engineering. The security of quantum communication is based on physical principles rather than traditional computational complexity, and theoretically, absolute security of data transmission can be realized, so that the quantum communication is highly concerned by people.
The quantum secret communication network mainly comprises a QKD terminal device, a key management server and the like and is used for generating and distributing keys.
Based on the prior art, due to the limitation of channel deployment cost and quantum communication distance, quantum channels can not be built based on any nodes in the network. In order to realize that any node can transmit and share a key, key distribution is mainly realized by adopting a key relay mode, and the key distribution method mainly adopts the principle that symmetric quantum keys generated by sharing QKD between adjacent nodes are utilized, and the keys needing to be relayed are encrypted and decrypted by utilizing the symmetric quantum keys, so that the relay keys are transmitted among a plurality of relay nodes one by one and finally reach a destination terminal user, and meanwhile, the communication among nodes at any distance is also met.
The nodes participating in the key relay perform decryption operation and encryption operation on the relay key, the relay key exists in the relay node in a plaintext form, all the nodes participating in the relay know the plaintext information of the relay key, that is, the security is relative, and the premise is that the relay node must be trusted. On a key relay complete link, a quantum terminal node starting end, a quantum terminal node ending end and intermediate nodes (i.e. signaling relay nodes) need to be provided. In the transmission process of the relay key, when the relay key passes through each relay node, the relay key needs to be subjected to xor operation twice (mainly decryption and encryption).
The quantum key relay process is the whole process of transmitting an original key k1 from Alice to Bob through the relay node. The existing key relay transmission process has the following defects:
the relay node needs to be subjected to XOR operation twice through encryption and decryption, so that the time consumption in the transmission process is increased; when the relay node performs the xor decryption operation, the relay key exists in a plaintext form, so that the potential safety hazard exists.
Therefore, further improvement of the existing relay process is needed to improve the efficiency and security of the relay process.
Disclosure of Invention
In order to solve the technical problem, a secret key relay method based on quantum secret communication network is provided.
In order to achieve the purpose, the technical scheme adopted by the invention is as follows: a secret key relay method based on a quantum secret communication network is applied to the quantum secret communication network, the quantum secret communication network comprises a plurality of KMSs, a multi-user Alice end, a multi-user Bob end and a plurality of credible relay nodes, any one KMS is respectively connected with the Alice end, the Bob end and the credible relay nodes through a classical network, the Alice end, the plurality of credible relay nodes and the Bob end are sequentially connected through the quantum network, and the method is used for finishing quantum key communication between the Alice end and the Bob end and comprises the following steps:
step one, storage of a key:
s1-1, the Alice end sends network communication information to the KMS, wherein the network communication information comprises a network address of the information source and a network address of the information sink;
s1-2, after receiving the network communication information, the KMS searches an optimal path according to the network address of the information source and the network address of the information sink and acquires the network information of all trusted relay nodes in the optimal path;
s1-3, the KMS issues an exclusive or encryption instruction to all the trusted relay nodes;
s1-4, after receiving the instruction issued by the KMS, the trusted relay node performs XOR calculation on the key stored by the node to obtain a local initial XOR value, and stores the local initial XOR value;
step two, sending the key:
step S2-1, Alice selects a key k1 from the original key k for transmission;
step S2-2, Alice sends the key k1 and the XOR encryption instruction to the trusted relay node 1;
step S2-3, after the trusted relay node 1 receives the key k1 and the XOR encryption instruction, the key k1 and the local primary XOR value of the node in the step I are subjected to XOR calculation to obtain a secondary XOR value, and the secondary XOR value is sent to the trusted relay node N;
step S2-4, after the trusted relay node N receives the quadratic XOR value, the primary XOR value in the node and the received quadratic XOR value are subjected to XOR calculation to obtain an XOR value, and the XOR value is sent to the trusted relay node N + 1;
step S2-5, after the trusted relay node N +1 receives the XOR value of the step S2-4, repeating the operation of the step S2-4 and processing all the following trusted relay nodes in sequence, wherein N is a positive integer 1,2,3 … … in sequence;
and S2-6, the last relay node transmits the XOR value to the Bob end, and the Bob end carries out XOR processing on the received XOR value and the quantum key stored by the Bob end to restore the key k1 sent by Alice.
Preferably, the original quantum key is a symmetric key.
Preferably, the optimal path is only the path with the least relay nodes from the sending end to the receiving end in the transmission process.
Preferably, the network information of step S1-2 is the remaining quantum key amount in the trusted relay node.
Preferably, the quantum key is stored in an encrypted manner by a preset encryption key.
The invention has the beneficial technical effects that: in the quantum key sending process, the trusted relay nodes perform parallel calculation in advance, the stored quantum keys are subjected to XOR processing and calculation results are stored, each trusted relay node only needs to calculate XOR processing once, the calculation amount is reduced, and the efficiency of the transmission process is further improved; each relay node performs XOR calculation twice in a dispersed manner, so that the utilization rate of CPU resources is improved; the relay key does not need to be decrypted in the trusted relay node, and does not exist in a plaintext form, so that the security of the relay key is improved.
Drawings
FIG. 1 is a block diagram of a quantum secure communication network architecture according to the present invention;
FIG. 2 is a block diagram of a quantum secure communication network architecture according to an embodiment of the present invention 1;
fig. 3 is a block diagram of a key relay process in the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments, but the scope of the present invention is not limited to the following embodiments.
As shown in fig. 1, a key relay method in a quantum-based secure communication network includes the following steps:
referring to fig. 1 and 2, a secret key relay method in a quantum secure communication network is applied, the quantum secure communication network comprises a plurality of KMSs, a plurality of users 'Alice terminals, Bob terminals and a plurality of trusted relay nodes, the plurality of KMSs, the plurality of users' Alice terminals, Bob terminals and the plurality of trusted relay nodes form a whole huge communication network, any one communication unit comprises one KMS, one Alice terminal, one Bob terminal and a plurality of trusted relay nodes, the KMSs are respectively connected with the Alice terminals, the Bob terminals and the plurality of trusted relay nodes through a classical network, and the Alice terminals, the plurality of trusted relay nodes and the Bob terminals are sequentially connected through the quantum network. Wherein KMS denotes a key management server, KM denotes key management, K: representing signal transmission through a classical network, q: indicating transmission by quantum signals.
The Alice end is connected with the credible relay node 1 and the KMS through a network and used for selecting the transmitted quantum key and transmitting a request to the KMS so that the selected key is relayed to the Bob end;
the credible relay node 1 is connected with the Alice, the KMS and the credible relay node through a network, is used for receiving an instruction issued by the KMS, is responsible for the access of an Alice terminal, and simultaneously realizes the function of quantum key relay;
the intermediate trusted relay node N is connected with the Bob, the KMS and the trusted relay node through a network, receives a command issued by the KMS, is responsible for the access of the Bob end, and simultaneously realizes the function of quantum key relay;
the KMS is used for receiving a command request of the Alice terminal, planning a key relay route and issuing an exclusive-or encryption command to a related relay node.
As shown in fig. 3, in the key relay process of this embodiment, each trusted relay node performs xor calculation on a quantum key stored in a key of the node in advance to obtain a local initial xor value, stores the calculated local initial xor value, and then further performs key transmission, where the detailed steps are as follows:
the method comprises the following steps: local primary XOR processing:
s1-1, the Alice end sends network communication information to the KMS, wherein the network communication information comprises a network address (an initial point) of a source and a network address (a destination) of a destination;
and S1-2, after receiving the network communication information, the KMS searches for an optimal path according to the network address of the information source and the network address of the information sink (the optimal path is based on the path with the least number of nodes in the received path), and acquires the network information of each trusted relay node of the optimal path, wherein the network information mainly comprises the residual quantum key amount of KM in the trusted relay node, and the KMS can update the topological structure of each node in the quantum secret communication network according to the residual quantum key amount information of each node KM.
S1-3, the KMS issues an exclusive-OR encryption instruction to all the trusted relay nodes, wherein the sign of the exclusive-OR operation is ^ the sign of the exclusive-OR operation;
s1-4, after receiving the XOR instruction issued by the KMS, each trusted relay node performs XOR calculation on the key stored in the node to obtain a local initial XOR value, and stores the calculation result (for example, XOR processing is performed on the key a and the key b to indicate that a ≦ b);
step two: sending of the key:
step S2-1, Alice selects a key k1 from original keys k for transmission, the original k represents the residual quantum keys at the Alice terminal, k1 represents the key to be used specifically selected from the residual quantum keys, and k1 is a part of k;
step S2-2, Alice sends the key k1 and the XOR encryption instruction to the trusted relay node 1;
step S2-3, after the trusted relay node 1 receives the key k1 and the XOR encryption instruction, the key k1 and the local primary XOR value of the node in the step I are subjected to XOR calculation to obtain a secondary XOR value, and the secondary XOR value is sent to the trusted relay node N;
step S2-4, after the trusted relay node N receives the quadratic XOR value, the primary XOR value in the node and the received quadratic XOR value are subjected to XOR calculation to obtain an XOR value, and the XOR value is sent to the trusted relay node N + 1;
step S2-5, after the trusted relay node N +1 receives the XOR value of the step S2-4, repeating the operation of the step S2-4 and sequentially processing all the following trusted relay nodes, wherein N is the serial number of the trusted relay node, and N is a positive integer 1,2,3 … … N in sequence;
and step S2-6, the last relay node transmits the XOR value (k1 ^ b) to the Bob end, the Bob end performs XOR processing on the received XOR value (k1 ^ b) and the quantum key b stored by the Bob end, namely (k1 ^ b), k1 ^ b ^ k1, and finally restores the key k1 sent by Alice.
In the quantum key sending process, the trusted relay nodes can perform parallel XOR calculation in advance, perform XOR processing on the stored quantum keys and store calculation results, and only one XOR processing needs to be calculated at each trusted relay node, so that the calculation amount is reduced, and the efficiency of the transmission process is increased; and the XOR calculation is performed on each credible relay node in a dispersed manner twice, so that the utilization rate of CPU resources is improved to a certain extent.
Variations and modifications to the above-described embodiments may occur to those skilled in the art, which fall within the scope and spirit of the above description. Therefore, the present invention is not limited to the specific embodiments disclosed and described above, and some modifications and variations of the present invention should fall within the scope of the claims of the present invention. Furthermore, although specific terms are employed herein, they are used in a generic and descriptive sense only and not for purposes of limitation.
Claims (5)
1. A secret key relay method based on a quantum secret communication network is characterized in that the secret key relay method is applied to the quantum secret communication network, the quantum secret communication network comprises a plurality of KMSs, a multi-user Alice end, a multi-user Bob end and a plurality of credible relay nodes, any one KMS is respectively connected with the Alice end, the Bob end and the credible relay nodes through a classical network, and the Alice end, the plurality of credible relay nodes and the Bob end are sequentially connected through the quantum network, and the secret key relay method comprises the following steps:
step one, storage of a key:
s1-1, the Alice terminal sends a network communication instruction to the KMS, wherein the network communication instruction comprises a network address of the information source and a network address of the information sink;
s1-2, after receiving the network communication instruction, the KMS searches an optimal path according to the network address of the information source and the network address of the information sink and acquires the network information of all trusted relay nodes in the optimal path;
s1-3, the KMS issues an exclusive or encryption instruction to all the trusted relay nodes;
s1-4, after receiving the instruction issued by the KMS, the trusted relay node performs XOR calculation on the key stored by the node to obtain a local initial XOR value, and stores the local initial XOR value;
step two, sending the key:
step S2-1, Alice selects a key k1 for communication from the original keys k for transmission;
step S2-2, Alice sends the key k1 and the XOR encryption instruction to the trusted relay node 1;
step S2-3, after the trusted relay node 1 receives the key k1 and the XOR encryption instruction, the key k1 and the local primary XOR value of the node in the step I are subjected to XOR calculation to obtain a secondary XOR value, and the secondary XOR value is sent to the trusted relay node N;
step S2-4, after the trusted relay node N receives the quadratic XOR value, the local primary XOR value in the node and the received quadratic XOR value are subjected to XOR calculation to obtain an XOR value, and the XOR value is sent to the trusted relay node N + 1;
step S2-5, after the trusted relay node N +1 receives the XOR value of the step S2-4, repeating the operation of the step S2-4 and processing all the following trusted relay nodes in sequence, wherein N is a positive integer 1,2,3 … … in sequence;
and S2-6, the last relay node transmits the XOR value to the Bob end, and the Bob end carries out XOR processing on the received XOR value and the quantum key stored by the Bob end to restore the key k1 sent by Alice.
2. The key relay method in a quantum-based secure communication network as claimed in claim 1, wherein the original quantum key is a symmetric key.
3. The key relay method based on quantum secret communication network of claim 1, wherein the optimal path refers to a path passing the fewest trusted relay nodes from a sending end to a receiving end in a transmission process.
4. The key relay method in the communication network based on quantum secrecy of claim 1, wherein the network information of step S1-2 is the remaining quantum key amount in the trusted relay node.
5. The key relay method in a communication network based on quantum secrecy as claimed in claim 1, wherein the quantum key is stored by encryption with a preset encryption key.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2020116453327 | 2020-12-30 | ||
| CN202011645332 | 2020-12-30 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114362936A true CN114362936A (en) | 2022-04-15 |
Family
ID=81103597
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111626913.0A Pending CN114362936A (en) | 2020-12-30 | 2021-12-28 | Secret key relay method in communication network based on quantum secrecy |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114362936A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2023227067A1 (en) * | 2022-05-25 | 2023-11-30 | 中国移动通信有限公司研究院 | Quantum network communication method and apparatus, electronic device and storage medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106330434A (en) * | 2015-06-23 | 2017-01-11 | 中兴通讯股份有限公司 | First quantum node, second quantum node, secure communication architecture system and methods |
| CN108270557A (en) * | 2016-12-30 | 2018-07-10 | 科大国盾量子技术股份有限公司 | A kind of backbone system and its trunking method based on quantum communications |
| CN109245887A (en) * | 2018-11-12 | 2019-01-18 | 中共中央办公厅电子科技学院 | The relay of quantum secret communication network system and communications network system including the device |
| CN109995510A (en) * | 2017-12-29 | 2019-07-09 | 成都零光量子科技有限公司 | A kind of quantum key relay services method |
| CN109995515A (en) * | 2017-12-29 | 2019-07-09 | 成都零光量子科技有限公司 | A kind of quantum key trunking method |
| CN110581763A (en) * | 2018-06-09 | 2019-12-17 | 成都零光量子科技有限公司 | Quantum key service block chain network system |
| CN112019331A (en) * | 2020-08-11 | 2020-12-01 | 如般量子科技有限公司 | Encryption and decryption method and system for quantum secret communication |
-
2021
- 2021-12-28 CN CN202111626913.0A patent/CN114362936A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106330434A (en) * | 2015-06-23 | 2017-01-11 | 中兴通讯股份有限公司 | First quantum node, second quantum node, secure communication architecture system and methods |
| CN108270557A (en) * | 2016-12-30 | 2018-07-10 | 科大国盾量子技术股份有限公司 | A kind of backbone system and its trunking method based on quantum communications |
| CN109995510A (en) * | 2017-12-29 | 2019-07-09 | 成都零光量子科技有限公司 | A kind of quantum key relay services method |
| CN109995515A (en) * | 2017-12-29 | 2019-07-09 | 成都零光量子科技有限公司 | A kind of quantum key trunking method |
| CN110581763A (en) * | 2018-06-09 | 2019-12-17 | 成都零光量子科技有限公司 | Quantum key service block chain network system |
| CN109245887A (en) * | 2018-11-12 | 2019-01-18 | 中共中央办公厅电子科技学院 | The relay of quantum secret communication network system and communications network system including the device |
| CN112019331A (en) * | 2020-08-11 | 2020-12-01 | 如般量子科技有限公司 | Encryption and decryption method and system for quantum secret communication |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2023227067A1 (en) * | 2022-05-25 | 2023-11-30 | 中国移动通信有限公司研究院 | Quantum network communication method and apparatus, electronic device and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102916806B (en) | Cryptograph key distribution system | |
| CN108234501A (en) | A kind of virtual plant safety communicating method based on quantum key fusion | |
| CN107094076B (en) | Secret communication method based on quantum true random number and communication system | |
| CN105471576A (en) | Quantum key relaying method, quantum terminal nodes and quantum key relaying system | |
| CN103763099A (en) | Electric power security communication network based on quantum key distribution technology | |
| CN106452739A (en) | Quantum network service station and quantum communication network | |
| CN113114460B (en) | Quantum encryption-based power distribution network information secure transmission method | |
| WO2023082600A1 (en) | Quantum key-based blockchain network and data secure transmission method | |
| CN108847928B (en) | Communication system and communication method for realizing information encryption and decryption transmission based on group type quantum key card | |
| CN109660337A (en) | A kind of communications network system and its cryptographic key distribution method that quantum is merged with classics | |
| WO2021082077A1 (en) | Asymmetric cryptographic terminal based on quantum random number, and communication system and method | |
| CN203851153U (en) | Electric power security communication network based on quantum key distribution technology | |
| CN100440775C (en) | Encryption communication method and device | |
| CN111865589A (en) | Quantum communication encryption system and method for realizing mobile communication quantum encryption transmission | |
| CN109981584A (en) | A kind of distributed social contact method based on block chain | |
| CN110391905A (en) | A kind of internet behavior auditing system and method based on quantum key encryption technology | |
| Ma et al. | Co-communication protocol of underwater sensor networks with quantum and acoustic communication capabilities | |
| CN110535626A (en) | The quantum communications service station secret communication method and system of identity-based | |
| CN111600661B (en) | Three-dimensional encryption OFDM optical system based on real-time updated chaotic key distribution | |
| CN103346875A (en) | Method for generating digital chaos code in chaotic secure communication system | |
| CN108270553B (en) | Trusted repeater, and secret key encryption method, device and system of quantum communication network | |
| CN206042014U (en) | Quantum network service station and quantum communication network | |
| CN114362936A (en) | Secret key relay method in communication network based on quantum secrecy | |
| CN114362928B (en) | Quantum key distribution and reconstruction method for multi-node encryption | |
| CN112565285B (en) | Communication encryption method suitable for rail transit |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |