CN114697003B - Centralized type quantum cipher network group key distribution method and system - Google Patents
Centralized type quantum cipher network group key distribution method and system Download PDFInfo
- Publication number
- CN114697003B CN114697003B CN202011584517.1A CN202011584517A CN114697003B CN 114697003 B CN114697003 B CN 114697003B CN 202011584517 A CN202011584517 A CN 202011584517A CN 114697003 B CN114697003 B CN 114697003B
- Authority
- CN
- China
- Prior art keywords
- node
- group key
- route
- spanning tree
- key distribution
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000009826 distribution Methods 0.000 title claims abstract description 106
- 238000000034 method Methods 0.000 title claims abstract description 36
- 238000004891 communication Methods 0.000 claims abstract description 35
- 238000010586 diagram Methods 0.000 claims abstract description 19
- 238000005304 joining Methods 0.000 claims abstract description 10
- 230000008569 process Effects 0.000 claims description 13
- 238000012546 transfer Methods 0.000 claims description 2
- 238000004590 computer program Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 238000011160 research Methods 0.000 description 3
- 238000003860 storage Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
- H04L9/0833—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
- H04L9/0833—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
- H04L9/0836—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key using tree structure or hierarchical structure
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a centralized type quantum cipher network group key distribution method and a system, which acquire node information of newly joining or exiting group communication; calculating a route spanning tree for the next route period group key distribution according to a route diagram of the quantum cryptography network by taking the optimal total route of the group key distribution as a target; according to the route spanning tree information, starting group key distribution by a root node of the route spanning tree, and transmitting layer by layer until all nodes on the route spanning tree obtain the group key; the invention saves the path cost of the group key distribution, thereby reducing the encryption communication cost of the group key.
Description
Technical Field
The invention belongs to the technical field of encryption communication of quantum cryptography networks, and particularly relates to a centralized quantum cryptography network group key distribution method and system.
Background
The statements in this section merely provide background information related to the present disclosure and may not necessarily constitute prior art.
At present, quantum cryptography is developed rapidly, a quantum key is widely paid attention to by the unique safety characteristic, the quantum key is gradually commercialized, and researches on related contents of the quantum key service are key points for pushing large-scale service users of the quantum key, so that related researches on the quantum key service are more and more.
From the current research situation, the quantum key service modes are generally divided into: single-ended random number key service mode, end-to-end key service mode, group key service mode. The group key service mode is used for communication among applications participating in multiple parties in a Quantum Key Distribution (QKD) networking environment, such as video conference, network game, video on demand, stock market transaction, charging television network and the like, and the applications can be regarded as applications of group communication facing an open network environment.
The group key in current quantum cryptography networks is obtained by key relay between nodes of the quantum cryptography network. When a quantum cryptography network group key is applied, only the application of the quantum cryptography network group key is often considered, and the path cost of the group key distribution is not considered (the process of obtaining the group key through quantum key relay by quantum cryptography network nodes participating in group communication in the quantum cryptography network is called quantum cryptography network group key distribution). The longer the distance of the relay path, the greater the cost of generating the relay path, and how to complete the distribution of all the group keys in the shortest or shorter total path is a problem not considered by the current group key application scheme, and the problem is directly related to the cost of the group key encrypted communication.
To the best of the inventors' knowledge, the current literature focuses on how to increase the speed of group key distribution, and does not take the above problems into account. For example, patent document 201811073923.4 discloses a quantum group key agreement method for a quantum key distribution network. The negotiation method comprises the following steps: the user layer puts forward a group key service application to a group key service demand layer; the group key service demand layer receives the group key service application proposed by the user layer and proposes a group key service application to the group key service providing layer; the group key service providing layer selects quantum key distribution equipment meeting the conditions to negotiate to obtain a group key, encrypts the obtained group key and distributes the encrypted group key to the group key service demand layer; the group key service requirement layer distributes the group key to the user layer; and the user layer adopts the key block to encrypt the communication group and distributes the encrypted data to the corresponding user of the user layer. The invention can simply and efficiently complete the negotiation of the group key. However, the invention does not consider the problem of path cost of the group key distribution, does not adopt the optimal path for the group key distribution, and increases the path cost of the group key distribution, thereby increasing the cost of the group key encryption communication.
Disclosure of Invention
In order to solve the problems, the invention provides a method and a system for distributing a group key of a centralized type quantum cryptography network, which take the problem of path cost of the group key distribution into consideration, and adopt an optimal path to distribute the group key, so that the path cost of the group key distribution is effectively reduced on the basis of ensuring the speed of the group key distribution, and the cost of the group key encryption communication is reduced.
According to some embodiments, the present invention employs the following technical solutions:
a centralized type quantum cipher network group key distribution method comprises the following steps:
acquiring node information of newly joining or exiting group communication;
calculating a route spanning tree for the next route period group key distribution according to a route diagram of the quantum cryptography network by taking the optimal total route of the group key distribution as a target;
and according to the route spanning tree information, starting group key distribution by a root node of the route spanning tree, and transmitting layer by layer until all nodes on the route spanning tree acquire the group key.
In the scheme, the optimal path is adopted for group key distribution, and the path cost of group key distribution is effectively reduced on the basis of ensuring the distribution speed of the group key.
As an alternative embodiment, the method is performed cyclically at each routing cycle.
Alternatively, the node information is a quantum cryptography network node ID where the group member is located.
As an alternative embodiment, if there are no nodes newly joining or exiting the group communication within a certain routing period, the routing spanning tree need not be recalculated.
As an alternative embodiment, with the best goal of the total path of group key distribution, the specific process of calculating the route spanning tree of the next route period group key distribution according to the route diagram of the quantum cryptography network includes:
(1) Determining a root node of the route spanning tree, calculating the path sum from each node to other nodes, and taking the node S with the smallest sum as the root node of the route spanning tree;
(2) And searching the node with the shortest path length of the key relay in the rest nodes, and taking the node as a child node, and repeating until no rest nodes exist.
In the above embodiment, the node located at the central position is selected as the root node of the group key distribution, and the root node is used as the initial node of the group key distribution, which is helpful to increase the speed of the group key distribution.
As a further limitation, the specific process of the step (2) includes:
(2-1) marking the set of all nodes except the node S as V, marking the set of the route spanning tree as (U, T), wherein U is the node set of the spanning tree, T is the edge set of the connecting nodes in the spanning tree, and initially, U only comprises one root node S, and T is null;
(2-2) searching two nodes with shortest path length of key relay between nodes in the set U and V, wherein U epsilon U and V epsilon V, adding edges (U, V) into the set T, adding V into the set U, and deleting the node V from the set V;
(2-3) repeating step (2-2) until set V is empty.
As an alternative embodiment, the specific process of starting the group key distribution by the route spanning tree root node and transferring layer by layer includes: the root node of the route spanning tree selects the true random number as a group key, the group key is stored, and meanwhile, the group key is respectively relayed to each child node of the root node of the route spanning tree, and the child nodes redistribute the group key to the child nodes of the next layer.
As a further limitation, a node in each routing spanning tree receives the group key distributed by the upper node, stores the group key, and relays the group key to each child node of the routing spanning tree node if the node also has child nodes on the routing spanning tree.
Alternatively, if there are multiple optimal group key distribution total paths, the group keys are distributed in parallel using multiple lines.
A centralized quantum cryptography network group key distribution system comprising:
The group communication authentication server is configured to acquire the quantum cryptography network node information of the group member newly joining or exiting the group communication and send the quantum cryptography network node information to the group key distribution routing server;
the group key distribution routing server is configured to calculate a routing spanning tree for group key distribution of the next routing period according to a routing diagram of the quantum cryptography network by taking the total path of group key distribution as the optimal target, and send the routing spanning tree to the quantum cryptography network node where each group member is located;
the quantum cryptography network node where the group member is located is configured to start group key distribution by the route spanning tree root node according to the route spanning tree information, and transfer layer by layer until all nodes on the route spanning tree obtain the group key.
As an alternative implementation manner, the group key distribution routing server is connected with the group communication authentication server and is communicated with the quantum cryptography network nodes where the members of each group are located, and provides routing services of group key distribution for each node;
The group communication authentication server is configured to provide registration, login authentication, and logout management for the quantum cryptography network node.
Compared with the prior art, the invention has the beneficial effects that:
The invention provides the global optimal path for the group key distribution planning by establishing the centralized group key distribution routing server, thereby saving the path cost of the group key distribution and reducing the encryption communication cost of the group key.
The invention selects the node at the central position as the root node of the group key distribution, takes the root node as the initial node of the group key distribution, is beneficial to improving the speed of the group key distribution and reduces the cost of the key relay path of the group key distribution.
The group key distribution method based on the route spanning tree provided by the invention is easy to form multi-line parallel distribution in the group key distribution process, so that the speed of group key distribution is improved.
In order to make the above objects, features and advantages of the present invention more comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention.
Fig. 1 is a system configuration diagram according to a second embodiment.
The specific embodiment is as follows:
the invention will be further described with reference to the drawings and examples.
It should be noted that the following detailed description is illustrative and is intended to provide further explanation of the invention. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments according to the present invention. As used herein, the singular is also intended to include the plural unless the context clearly indicates otherwise, and furthermore, it is to be understood that the terms "comprises" and/or "comprising" when used in this specification are taken to specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof.
Embodiment one:
a centralized type quantum cipher network group key distribution method comprises the following steps:
each routing period, node information of newly joining or exiting group communication is acquired, and in this embodiment, a quantum cryptography network node ID where a group member is located may be selected;
calculating a route spanning tree for the next route period group key distribution according to a route diagram of the quantum cryptography network by taking the optimal total route of the group key distribution as a target;
According to the route spanning tree information, the route spanning tree root node starts group key distribution and transmits the group key layer by layer, specifically: the routing spanning tree root node starts group key distribution, and the specific process of layer-by-layer transmission comprises the following steps: the root node of the route spanning tree selects the true random number as a group key, the group key is stored, and meanwhile, the group key is respectively relayed to each child node of the root node of the route spanning tree, and the child nodes redistribute the group key to the child nodes of the next layer.
As a further limitation, a node in each route spanning tree receives a group key distributed by an upper node, stores the group key, and relays the group key to each child node of the route spanning tree node if the node also has child nodes on the route spanning tree; until all nodes on the routing spanning tree obtain the group key.
In the scheme, the optimal path is adopted for group key distribution, and the path cost of group key distribution is effectively reduced on the basis of ensuring the distribution speed of the group key.
As an alternative embodiment, if there are no nodes newly joining or exiting the group communication within a certain routing period, the routing spanning tree need not be recalculated.
As an alternative embodiment, with the best goal of the total path of group key distribution, the specific process of calculating the route spanning tree of the next route period group key distribution according to the route diagram of the quantum cryptography network includes:
(1) Determining a root node of the route spanning tree, calculating the path sum from each node to other nodes, and taking the node S with the smallest sum as the root node of the route spanning tree;
(2) Searching all sets of nodes except the node S and marking the set of the route spanning tree as V, marking the set of the route spanning tree as (U, T), wherein U is the node set of the spanning tree, T is the edge set of the connecting nodes in the spanning tree, and initially, U only comprises one root node S, and T is null;
(3) Searching two nodes with shortest path length of key relay between nodes in the set U and V, wherein U epsilon U and V epsilon V, adding edges (U, V) into the set T, adding V into the set U, and deleting the node V from the set V;
(4) Repeating the step (3) until the set V is empty.
In the above embodiment, the node located at the central position is selected as the root node of the group key distribution, and the root node is used as the initial node of the group key distribution, which is helpful to increase the speed of the group key distribution.
Of course, in some embodiments, if there are multiple best group key distribution total paths, the group keys are distributed in parallel using multiple lines.
In these embodiments, if a root node is finalized, a subsequent key distribution is made starting from the root node. If there are multiple root nodes, one root node can be selected from the root nodes to be used as the final root node, and then other root nodes are regarded as child nodes of the root node, so that subsequent key distribution is started.
Embodiment two:
As shown in fig. 1, a centralized quantum cryptography network group key distribution system, the whole system comprises a group communication authentication server, a routing server for group key distribution and a quantum cryptography network node (simply referred to as a group node) where group members participating in group communication are located.
A group key distribution route server (hereinafter referred to as route server) is established in the quantum cryptography network, and a route service of group key distribution is provided for the group node. The routing server is connected with a group communication authentication server, and the group communication authentication server is responsible for registration, login authentication and exit management of group members participating in group communication.
When the group communication starts, the group communication authentication server sends the quantum cryptography network node ID of the group member participating in the group communication to the group key distribution routing server, and each routing period, the group communication authentication server sends the quantum cryptography network node ID of the group member newly joining or exiting the group communication to the group key distribution routing server, and the group key distribution routing server calculates a routing spanning tree of the group key distribution of the next routing period according to a routing diagram of the quantum cryptography network, and sends routing spanning tree information to the quantum cryptography network node of each group member.
If the quantum cipher network node ID received by the group key distribution routing server does not change in the routing period, the routing server does not need to recalculate the routing spanning tree, and each group node does not need to update the routing spanning tree.
The group key distribution process of the group node is as follows:
The quantum cipher network node where each group member is located receives the route spanning tree information sent by the group key distribution route server, the root node of the route spanning tree starts the group key distribution first, the root node selects the true random number as the group key, the group key is stored, and meanwhile, the group key is respectively relayed to each child node of the root node of the route spanning tree. And if the node in each route spanning tree still has a child node on the route spanning tree, relaying the group key to each child node of the route spanning tree node. Until the routing spanning tree node obtains the group key.
The method for the group key distribution routing server to determine the route spanning tree of the next route period group key distribution according to the route diagram of the quantum cryptography network comprises the following steps:
(1) Firstly, determining a root node of a group node route spanning tree, calculating the path sum from each group node to other nodes, and taking the group node S with the smallest sum as the root node of the route spanning tree;
(2) The method comprises the steps that a set of all group nodes except a node S is marked as V, a set of route spanning trees is marked as (U, T), U is a node set of the spanning trees, T is an edge set of connecting nodes in the spanning trees, and initially, U only comprises a root node S, and T is null;
(3) Searching two nodes closest to U and V (the distance refers to the shortest path length of key relay among nodes), setting U and V, wherein U belongs to U, V belongs to V, adding edges (U, V) into a set T, adding V into the set U, and deleting the node V from the set V;
(4) Step 3 is repeated until the set V is empty.
In the step (1), the node in the central position of all the group nodes is selected as the root node of the group key distribution, and the root node is used as the initial node of the group key distribution, so that the speed of the group key distribution is improved.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only of the preferred embodiments of the present invention and is not intended to limit the present invention, but various modifications and variations can be made to the present invention by those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
While the foregoing description of the embodiments of the present invention has been presented in conjunction with the drawings, it should be understood that it is not intended to limit the scope of the invention, but rather, it is intended to cover all modifications or variations within the scope of the invention as defined by the claims of the present invention.
Claims (5)
1. A centralized type quantum cipher network group key distribution method is characterized in that: the method comprises the following steps:
acquiring node information of newly joining or exiting group communication;
calculating a route spanning tree for the next route period group key distribution according to a route diagram of the quantum cryptography network by taking the optimal total route of the group key distribution as a target;
According to the route spanning tree information, starting group key distribution by a root node of the route spanning tree, and transmitting layer by layer until all nodes on the route spanning tree obtain the group key; the method comprises the following steps: the root node of the route spanning tree selects a true random number as a group key, the group key is stored, meanwhile, the group key is respectively relayed to each child node of the root node of the route spanning tree, and the child nodes redistribute the group key to the child nodes of the next layer; the node in each route spanning tree receives the group key distributed by the upper node, stores the group key, and relays the group key to each child node of the route spanning tree node if the child node exists on the route spanning tree; until all nodes on the route spanning tree obtain the group key;
If no node newly joining or exiting the group communication exists within a certain routing period, the routing spanning tree does not need to be recalculated;
If a plurality of optimal group key distribution total paths exist, distributing the group keys in parallel by utilizing a plurality of lines;
the specific process for calculating the route spanning tree for the next route period group key distribution according to the route diagram of the quantum cryptography network by taking the total route of the group key distribution as the optimal target comprises the following steps:
(1) Determining a root node of the route spanning tree, calculating the path sum from each node to other nodes, and taking the node S with the smallest sum as the root node of the route spanning tree;
(2) Searching the node with the shortest path length of the key relay in the rest nodes, and taking the node as a child node, and repeating until no rest nodes exist;
the specific process of the step (2) comprises the following steps:
(2-1) marking the set of all nodes except the node S as V, marking the set of the route spanning tree as (U, T), wherein U is the node set of the spanning tree, T is the edge set of the connecting nodes in the spanning tree, and initially, U only comprises one root node S, and T is null;
(2-2) searching two nodes with shortest path length of key relay between nodes in the set U and V, wherein U epsilon U and V epsilon V, adding edges (U, V) into the set T, adding V into the set U, and deleting the node V from the set V;
(2-3) repeating step (2-2) until set V is empty.
2. The method for distributing the centralized quantum cryptography network group key according to claim 1, wherein the method comprises the following steps: and is cyclically executed every routing cycle.
3. The method for distributing the centralized quantum cryptography network group key according to claim 1, wherein the method comprises the following steps: the node information is a quantum cryptography network node ID where the group member is located.
4. A centralized type quantum cipher network group key distribution system, adopting a centralized type quantum cipher network group key distribution method as set forth in any one of claims 1-3, characterized in that: comprising the following steps:
The group communication authentication server is configured to acquire the quantum cryptography network node information of the group member newly joining or exiting the group communication and send the quantum cryptography network node information to the group key distribution routing server;
the group key distribution routing server is configured to calculate a routing spanning tree for group key distribution of the next routing period according to a routing diagram of the quantum cryptography network by taking the total path of group key distribution as the optimal target, and send the routing spanning tree to the quantum cryptography network node where each group member is located;
The quantum cryptography network node where the group member is located is configured to start group key distribution by a route spanning tree root node according to route spanning tree information, and transfer layer by layer until all nodes on the route spanning tree obtain the group key;
the specific process for calculating the route spanning tree for the next route period group key distribution according to the route diagram of the quantum cryptography network by taking the total route of the group key distribution as the optimal target comprises the following steps:
(1) Determining a root node of the route spanning tree, calculating the path sum from each node to other nodes, and taking the node S with the smallest sum as the root node of the route spanning tree;
(2) Searching the node with the shortest path length of the key relay in the rest nodes, and taking the node as a child node, and repeating until no rest nodes exist;
the specific process of the step (2) comprises the following steps:
(2-1) marking the set of all nodes except the node S as V, marking the set of the route spanning tree as (U, T), wherein U is the node set of the spanning tree, T is the edge set of the connecting nodes in the spanning tree, and initially, U only comprises one root node S, and T is null;
(2-2) searching two nodes with shortest path length of key relay between nodes in the set U and V, wherein U epsilon U and V epsilon V, adding edges (U, V) into the set T, adding V into the set U, and deleting the node V from the set V;
(2-3) repeating step (2-2) until set V is empty.
5. The centralized quantum cryptography network group key distribution system of claim 4 wherein: the group key distribution routing server is connected with the group communication authentication server and is communicated with the quantum cryptography network nodes where each group member is located, and provides routing service of group key distribution for each node;
the group communication authentication server is configured to provide registration, login authentication, and logout management for the quantum cryptography network node.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011584517.1A CN114697003B (en) | 2020-12-28 | 2020-12-28 | Centralized type quantum cipher network group key distribution method and system |
| PCT/CN2021/117783 WO2022142460A1 (en) | 2020-12-28 | 2021-09-10 | Centralized quantum cryptography network group key distribution method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011584517.1A CN114697003B (en) | 2020-12-28 | 2020-12-28 | Centralized type quantum cipher network group key distribution method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114697003A CN114697003A (en) | 2022-07-01 |
| CN114697003B true CN114697003B (en) | 2024-06-07 |
Family
ID=82130829
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011584517.1A Active CN114697003B (en) | 2020-12-28 | 2020-12-28 | Centralized type quantum cipher network group key distribution method and system |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN114697003B (en) |
| WO (1) | WO2022142460A1 (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6684331B1 (en) * | 1999-12-22 | 2004-01-27 | Cisco Technology, Inc. | Method and apparatus for distributing and updating group controllers over a wide area network using a tree structure |
| CN101022333A (en) * | 2007-02-01 | 2007-08-22 | 华为技术有限公司 | Distributing system, method and device for group key control message |
| CN104579964A (en) * | 2013-01-07 | 2015-04-29 | 山东量子科学技术研究院有限公司 | Dynamic route architecture system for quantum cryptography network |
| CN109962773A (en) * | 2017-12-22 | 2019-07-02 | 山东量子科学技术研究院有限公司 | Wide area quantum cryptography networks data encryption method for routing |
| CN110446239A (en) * | 2019-07-25 | 2019-11-12 | 汕头大学 | A kind of wireless sensor network cluster-dividing method and system based on multiple magic square |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9392525B2 (en) * | 2014-05-16 | 2016-07-12 | Qualcomm Incorporated | Establishing reliable routes without expensive mesh peering |
| WO2020125967A1 (en) * | 2018-12-19 | 2020-06-25 | Telefonaktiebolaget Lm Ericsson (Publ) | Quantum key distribution apparatus and method |
-
2020
- 2020-12-28 CN CN202011584517.1A patent/CN114697003B/en active Active
-
2021
- 2021-09-10 WO PCT/CN2021/117783 patent/WO2022142460A1/en active Application Filing
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6684331B1 (en) * | 1999-12-22 | 2004-01-27 | Cisco Technology, Inc. | Method and apparatus for distributing and updating group controllers over a wide area network using a tree structure |
| CN101022333A (en) * | 2007-02-01 | 2007-08-22 | 华为技术有限公司 | Distributing system, method and device for group key control message |
| CN104579964A (en) * | 2013-01-07 | 2015-04-29 | 山东量子科学技术研究院有限公司 | Dynamic route architecture system for quantum cryptography network |
| CN109962773A (en) * | 2017-12-22 | 2019-07-02 | 山东量子科学技术研究院有限公司 | Wide area quantum cryptography networks data encryption method for routing |
| CN110446239A (en) * | 2019-07-25 | 2019-11-12 | 汕头大学 | A kind of wireless sensor network cluster-dividing method and system based on multiple magic square |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2022142460A1 (en) | 2022-07-07 |
| CN114697003A (en) | 2022-07-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101292467B (en) | Application-level routing protocol for multiparty audio-video conferencing | |
| CN107040378A (en) | A kind of key dispatching system and method based on Multi-user Remote Communication | |
| CN110581763A (en) | Quantum key service block chain network system | |
| KR101070473B1 (en) | Method for generating dynamic group key | |
| JP2014053816A (en) | Communication node, key synchronization method and key synchronization system | |
| CN109873801B (en) | Method, device, storage medium and computing equipment for establishing trusted channel between user and trusted computing cluster | |
| CN104580253A (en) | Method and device for processing user data | |
| CN103765810A (en) | Secure group messaging | |
| CN109194471B (en) | Quantum group key negotiation method oriented to quantum key distribution network | |
| CN107147492A (en) | A kind of cipher key service System and method for communicated based on multiple terminals | |
| CN112818369B (en) | Combined modeling method and device | |
| CN103546276A (en) | Communication device, communication method, and communication system | |
| CN113691313A (en) | Satellite-ground integrated quantum key link virtualization application service system | |
| US20240072996A1 (en) | System and method for key establishment | |
| US10341220B2 (en) | Virtual shortest path tree establishment and processing methods and path computation element | |
| CN114697003B (en) | Centralized type quantum cipher network group key distribution method and system | |
| JP2009272803A (en) | Communication method, and communication system | |
| CN109495248A (en) | Privacy communication means is supervised based on secret sharing scheme | |
| CN115865334B (en) | Quantum key distribution method and device and electronic equipment | |
| JP7171113B1 (en) | SECURE COMPUTING SYSTEM, SERVER, INFORMATION PROCESSING DEVICE, COMPUTER PROGRAM AND SECURE COMPUTING METHOD | |
| US20080165974A1 (en) | Communication Method and Communication System Using Decentralized Key Management Scheme | |
| CN114697004B (en) | Centralized wide area quantum cryptography network group key distribution method and system | |
| CN114362947B (en) | Wide-area quantum key service method and system | |
| CN114697005B (en) | Distributed wide area quantum cryptography network group key distribution method and system | |
| WO2022142463A1 (en) | Group key distribution method in distributed quantum cryptography network, and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |