CN114697004A - Centralized wide-area quantum cryptography network group key distribution method and system - Google Patents
Centralized wide-area quantum cryptography network group key distribution method and system Download PDFInfo
- Publication number
- CN114697004A CN114697004A CN202011584554.2A CN202011584554A CN114697004A CN 114697004 A CN114697004 A CN 114697004A CN 202011584554 A CN202011584554 A CN 202011584554A CN 114697004 A CN114697004 A CN 114697004A
- Authority
- CN
- China
- Prior art keywords
- node
- group
- routing
- wide area
- nodes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000009826 distribution Methods 0.000 title claims abstract description 62
- 238000000034 method Methods 0.000 title claims abstract description 39
- 238000004891 communication Methods 0.000 claims abstract description 34
- 238000005304 joining Methods 0.000 claims abstract description 6
- 230000008569 process Effects 0.000 claims description 12
- 238000004364 calculation method Methods 0.000 claims description 6
- 238000010586 diagram Methods 0.000 description 10
- 238000004590 computer program Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 5
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 238000003860 storage Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
- H04L9/0833—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a centralized wide area quantum cryptography network group key distribution method and a centralized wide area quantum cryptography network group key distribution system, wherein group node information is obtained, and in each routing period, group node information of newly joining or quitting group communication is determined, wherein the group node is a quantum cryptography network node where group members participating in group communication are located; selecting a group node from each metropolitan area network containing the group nodes as a wide area routing node, and calculating wide area routing spanning trees of all the wide area routing nodes according to a quantum cryptography network routing graph by taking the optimal total path of group key distribution between the metropolitan area networks as a target; calculating a metropolitan area routing spanning tree of a group node of a metropolitan area in which each wide area routing node is positioned according to the metropolitan area routing graph in which each wide area routing node is positioned; and the wide area routing node and the metropolitan area group node respectively distribute the group keys layer by layer according to the corresponding routing spanning tree until all nodes at the lowest layer of the metropolitan area routing spanning tree obtain the group keys. The invention can reduce the distribution cost of the quantum cryptography network group key.
Description
Technical Field
The invention belongs to the technical field of encrypted communication of quantum cryptography networks, and particularly relates to a centralized wide-area quantum cryptography network group key distribution method and system.
Background
The statements in this section merely provide background information related to the present disclosure and may not constitute prior art.
The quantum key gets wide attention due to the unique security characteristic, and receives more and more attention of multiple users, but the quality requirement on quantum key service is higher and higher as large-scale service users come.
The group key service mode is one of quantum key service modes, and is mainly applied to scenes of multi-party participation in a quantum key distribution networking environment, such as video conferences, network games, video on demand, financial transactions and the like. The group key in the current quantum cryptography network is obtained by key relaying between quantum cryptography network nodes. When people apply the quantum cryptography network group key, only the application of the quantum cryptography network group key is usually considered, and the path cost of group key distribution is not considered; the group key is relayed between the quantum cryptography network nodes, the longer the distance of the relay path is, the higher the generation cost of the relay key is, and how to complete the distribution of the whole group key by the shortest or shorter total path is a problem which is not considered by the current group key application scheme, and the problem is directly related to the cost of the group key encryption communication.
Quantum cryptography networks have evolved from metropolitan area networks to wide area networks. Compared with the group key distribution in the metro network, the group key distribution between the metro networks has a larger number of levels of path cost, so when the number of group members is large, the planning of the group key distribution path between the metro networks should be considered first.
Disclosure of Invention
In order to solve the problems that the cost of a group key distribution path is not considered in the current group key application and distribution scheme, an optimal path is not adopted for group key distribution, the path cost of group key distribution is increased, and the encryption communication cost of the group key is increased, the invention provides a centralized wide-area quantum cryptography network group key distribution method and a centralized wide-area quantum cryptography network group key distribution system.
According to some embodiments, the invention adopts the following technical scheme:
a centralized wide area quantum cryptography network group key distribution method comprises the following steps:
acquiring group node information, and determining group node information of newly joining or exiting group communication in each routing period, wherein the group node is a quantum cryptography network node where group members participating in group communication are located;
selecting a group node from each metropolitan area network containing the group nodes as a wide area routing node, and calculating wide area routing spanning trees of all the wide area routing nodes according to a quantum cryptography network routing graph by taking the optimal total path of group key distribution between the metropolitan area networks as a target;
calculating a metropolitan area routing spanning tree of a group node of a metropolitan area in which each wide area routing node is positioned according to the metropolitan area routing graph in which each wide area routing node is positioned;
and the wide area routing node and the metropolitan area group node respectively distribute the group keys layer by layer according to the corresponding routing spanning tree until all nodes at the lowest layer of the metropolitan area routing spanning tree obtain the group keys.
As an alternative embodiment, the group node information is a quantum cryptography network node ID where the group member is located.
As an alternative implementation, the specific process of calculating the wide area routing spanning tree of all wide area routing nodes according to the quantum cryptography network routing graph with the best total path of group key distribution between the metropolitan area networks as the target includes:
determining root nodes of the wide area routing spanning tree, calculating the shortest key relay path sum from each wide area routing node to other nodes, and taking the wide area routing node S with the smallest sum as the root node of the routing spanning tree;
and searching the node with the shortest path length of the key relay in the rest nodes, taking the node as a child node of the corresponding wide area routing node, and repeating the steps until no rest nodes exist.
As a further limitation, a set of all wide area routing nodes except a root node S is denoted as V, a set of a wide area routing spanning tree is denoted as (U, T), U is a node set of the spanning tree, T is an edge set of a connecting node in the spanning tree, initially, U only contains one root node S, and T is null;
and searching two nodes with shortest path length of key relay in the U and the V, setting the two nodes as U and V, wherein U belongs to the U, V belongs to the V, adding edges (U, V) into the set T, adding V into the set U, and deleting the node V from the set V at the same time, and repeating the step until the set V is empty.
As an alternative embodiment, if there are a plurality of nodes with the shortest path length from the key relay of a certain node, the corresponding node is used as the node of the next layer of the certain node.
As an alternative embodiment, the calculation method of the metro routing spanning tree is as follows:
recording the set of all metropolitan area group nodes except the wide area routing node S as V, recording the set of a metropolitan area routing spanning tree as (U, T), wherein U is the node set of the spanning tree, T is the edge set of a connection node in the spanning tree, initially, U only contains one wide area routing node S, and T is empty;
searching two nodes with the shortest key relay path length between the nodes in the U and the V, setting the two nodes as U and V, wherein U belongs to the U, V belongs to the V, adding edges (U, V) into a set T, adding V into the set U, and deleting the node V from the set V; this step is repeated until the set V is empty.
The specific process that the wide area routing node and the metropolitan area group node distribute the group keys layer by layer according to the corresponding routing spanning tree until all nodes at the lowest layer of the metropolitan area routing spanning tree obtain the group keys comprises the following steps: each wide area routing node transmits group passwords layer by layer according to the wide area routing spanning tree and the group node information of the metropolitan area network where the wide area routing node is located until the node of each wide area routing spanning tree receives a group key;
as an alternative implementation, after receiving the group key, each wide area routing node calculates a metro routing spanning tree of the group node of the metro area where the wide area routing node is located according to the metro routing graph where the wide area routing node is located, and sends the metro routing spanning tree to each metro group node of the metro area where the wide area routing node is located, and the group passwords are transmitted layer by layer until all nodes at the lowest layer of the metro routing spanning tree obtain the group key.
As an alternative implementation, in a certain routing cycle, if the quantum cryptography network node information is not changed, the routing spanning tree does not need to be updated.
As an alternative embodiment, if there are multiple best group key distribution master paths, the group keys are distributed in parallel using multiple lines.
A centralized wide area quantum cryptography network group key distribution system, comprising:
the group communication authentication server is configured to acquire group node information and determine group node information newly joining or exiting group communication in each routing period, wherein the group node is a quantum cryptography network node where group members participating in group communication are located;
the group key distribution routing server is configured to select one group node from each metropolitan area network containing the group node as a wide area routing node, calculate the wide area routing spanning trees of all the wide area routing nodes according to a quantum cryptography network routing graph by taking the optimal total path of group key distribution between the metropolitan area networks as a target, and send the wide area routing spanning trees and group node information contained in each metropolitan area network to the wide area routing node of the metropolitan area network;
a wide area routing node configured to receive wide area routing distribution of the group key while providing routing services of the group key distribution for the metro group node;
and the metropolitan area group node is configured to transmit the group passwords layer by layer according to the metropolitan area routing spanning tree until all nodes at the lowest layer of the metropolitan area routing spanning tree obtain the group key.
Compared with the prior art, the invention has the beneficial effects that:
the invention establishes the route server and plans the optimal path of the wide area route distributed by the group key in a unified way, thereby preventing the group key from being repeatedly distributed among the metropolitan area networks to increase the distribution cost of the group key and solving the problems in the prior art.
The invention groups the group nodes according to the metropolitan area network, and the routing server only needs to communicate with the wide area routing node in each metropolitan area network, thereby reducing the calculation complexity and the communication complexity of the wide area communication path of the routing server.
According to the invention, the wide area routing node positioned in the central position of the network is selected as the root node for starting group key distribution in the calculation of the wide area routing spanning tree, so that the speed of group key distribution is improved, the key relay path length of group key distribution is reduced, and the group key distribution cost is reduced;
the group key distribution method based on the route spanning tree provided by the invention is easy to form multi-line parallel distribution in the group key distribution process, and the speed of group key distribution is improved by concurrent execution.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, are included to provide a further understanding of the invention, and are incorporated in and constitute a part of this specification, illustrate exemplary embodiments of the invention and together with the description serve to explain the invention and not to limit the invention.
Fig. 1 is a diagram of a group key distribution system structure;
fig. 2 is a schematic diagram of a group key distribution process.
The specific implementation mode is as follows:
the invention is further described with reference to the following figures and examples.
It is to be understood that the following detailed description is exemplary and is intended to provide further explanation of the invention as claimed. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments according to the invention. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.
In the invention, the process of obtaining the group key by quantum cipher network nodes participating in group communication in the quantum cipher network through quantum key relay is called quantum cipher network group key distribution.
A centralized wide area quantum cryptography network group key distribution system, as shown in fig. 1, the whole system includes a group communication authentication server, a group key distribution routing server, a wide area routing node, and a metropolitan area group node, and functions of each part are as follows:
and the group communication authentication server is configured to register, log in and log out the group members participating in the group communication.
And the group key distribution routing server (hereinafter referred to as the routing server) provides routing service of group key distribution for the wide area routing node. The routing server is connected with the group communication authentication server. When group communication starts, the group communication authentication server sends the quantum cryptography network node (group node for short) ID where the group members participating in the group communication are located to the routing server. Each routing cycle, the group communication authentication server sends a group node ID of a new joining or exiting group communication to the routing server.
Of course, in other embodiments, it is not limited to only sending the group node ID, and other information may be substituted or included.
The wide area routing nodes are from metropolitan area group nodes, and the group key distribution routing server selects one group node from each metropolitan area network with the group node as the wide area routing node. The wide area routing node is used for receiving wide area routing distribution of the group key and providing routing service of the group key distribution for the metropolitan area group node.
The metropolitan area group node is a quantum cryptography network node where group members of group communication are located, and a group key is obtained through a wide area routing node of a metropolitan area where the metropolitan area group node is located.
A specific process of a centralized wide-area quantum cryptography network group key distribution method is, as shown in fig. 2, divided into two processes: group key distribution for wide area routing nodes and group key distribution for metropolitan area group nodes.
The group key distribution process of the wide area routing node is as follows:
when the group communication starts, the group communication authentication server transmits the group node ID participating in the group communication to the routing server. And in each routing period, the routing server receives the group node IDs which are sent by the group communication authentication server and are newly added into and quitted from the group communication. The routing server groups all group node IDs participating in group communication in the period according to the metropolitan area, namely the group nodes of the same metropolitan area network are one group, and one group node is selected from each group to be used as the wide area routing node of the group. And the routing server calculates the wide area routing spanning trees of all the wide area routing nodes according to the wide area quantum cryptography network routing graph. The routing server sends the wide-area routing spanning tree and the group node ID contained in each metropolitan area network to the wide-area routing node of the metropolitan area network.
Each wide area routing node receives a wide area routing spanning tree and a group node ID of a metropolitan area where the wide area routing node is located. First, group key distribution among wide area routing nodes is performed, starting with the wide area routing node where the root node of the wide area routing spanning tree is located. And the root node selects a true random number as a group key, and relays the group key to child nodes of the root node of the wide area routing spanning tree respectively. Each wide area routing spanning tree node receives the group key relayed by its parent node, if the node has child nodes, the group key is relayed to each child node of the node until each wide area routing spanning tree node receives the group key.
The metropolitan area group node group key distribution process is as follows:
after each wide area routing node receives the group key, according to the metropolitan area routing graph where the wide area routing node is located, the local node is taken as a root node to calculate a metropolitan area routing spanning tree of the group node of the metropolitan area where the wide area routing node is located, and then the metropolitan area routing spanning tree is sent to each metropolitan area group node. According to the MAN, the WAN relays the group key to each sub-node in the MAN. Each metropolitan area group node receives the group key relayed by the upper node of the metropolitan area routing spanning tree, if the group node has a child node in the metropolitan area routing spanning tree, the group key is relayed to each child node until all child nodes of the lowest layer of the metropolitan area routing spanning tree obtain the group key.
The calculation method of the wide area routing spanning tree comprises the following steps:
1. firstly, determining root nodes of a wide area routing spanning tree, calculating the shortest key relay path sum from each wide area routing node to other wide area routing nodes, and taking the wide area routing node S with the smallest sum as the root node of the routing spanning tree;
2. recording the set of all wide area routing nodes except the root node S as V, recording the set of a wide area routing spanning tree as (U, T), wherein U is the node set of the spanning tree, T is the edge set of the connecting nodes in the spanning tree, and initially, U only contains one root node S, and T is null;
3. searching two nodes with the shortest distance between the U and the V (the distance refers to the shortest path length of key relay between the nodes), setting the two nodes as U and V, wherein U belongs to U, V belongs to V, adding edges (U, V) into a set T, adding V into the set U, and deleting the node V from the set V;
4. repeat step 3 until set V is empty.
The calculation method of the metropolitan area routing spanning tree comprises the following steps:
1. recording the set of all metropolitan area group nodes except the wide area routing node S as V, recording the set of a metropolitan area routing spanning tree as (U, T), wherein U is the node set of the spanning tree, T is the edge set of a connection node in the spanning tree, initially, U only contains one wide area routing node S, and T is empty;
2. searching two nodes with the shortest distance between the U and the V (the distance refers to the shortest path length of key relay between the nodes), setting the two nodes as U and V, wherein U belongs to U, V belongs to V, adding edges (U, V) into a set T, adding V into the set U, and deleting the node V from the set V;
3. repeat step 2 until set V is empty.
If the quantum cryptography network node ID received by the routing server does not change in the routing period, the routing server and the routing node do not need to update the routing spanning tree.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Although the embodiments of the present invention have been described with reference to the accompanying drawings, it is not intended to limit the scope of the present invention, and it should be understood by those skilled in the art that various modifications and variations can be made without inventive efforts by those skilled in the art based on the technical solution of the present invention.
Claims (10)
1. A centralized wide area quantum cryptography network group key distribution method is characterized in that: the method comprises the following steps:
acquiring group node information, and determining group node information of newly joining or exiting group communication in each routing period, wherein the group node is a quantum cryptography network node where group members participating in group communication are located;
selecting a group node from each metropolitan area network containing the group nodes as a wide area routing node, and calculating wide area routing spanning trees of all the wide area routing nodes according to a quantum cryptography network routing graph by taking the optimal total path of group key distribution between the metropolitan area networks as a target;
calculating a metropolitan area routing spanning tree of a group node of a metropolitan area in which each wide area routing node is positioned according to the metropolitan area routing graph in which each wide area routing node is positioned;
and the wide area routing node and the metropolitan area group node respectively distribute the group keys layer by layer according to the corresponding routing spanning tree until all nodes at the lowest layer of the metropolitan area routing spanning tree obtain the group keys.
2. The method of claim 1, wherein the method comprises: and the group node information is the quantum cryptography network node ID where the group member is located.
3. The method of claim 1, wherein the method comprises: the specific process of calculating the wide area routing spanning tree of all wide area routing nodes according to the quantum cryptography network routing graph by taking the optimal total path of group key distribution between the metropolitan area networks as a target comprises the following steps:
determining root nodes of the wide area routing spanning tree, calculating the shortest key relay path sum from each wide area routing node to other wide area routing nodes, and taking the wide area routing node S with the smallest sum as the root node of the routing spanning tree;
and searching the node with the shortest path length of the key relay in the rest nodes, taking the node as a child node of the corresponding wide area routing node, and repeating the steps until no rest nodes exist.
4. The method of claim 3, wherein the method comprises: recording a set of all wide area routing nodes except a root node S as V, recording a set of a wide area routing spanning tree as (U, T), wherein U is a node set of the spanning tree, T is an edge set of connecting nodes in the spanning tree, and initially, U only contains one root node S and T is empty;
and searching two nodes with shortest path length of key relay in the U and the V, setting the two nodes as U and V, wherein U belongs to the U, V belongs to the V, adding edges (U, V) into the set T, adding V into the set U, and deleting the node V from the set V at the same time, and repeating the step until the set V is empty.
5. The method for distributing group key of centralized wide-area quantum cryptography network of claim 1, wherein: and if a plurality of nodes with the shortest path length from the key relay of a certain node exist, taking the corresponding node as the next layer node of the certain node.
6. The method for distributing group key of centralized wide-area quantum cryptography network of claim 1, wherein: the calculation method of the metropolitan area routing spanning tree comprises the following steps:
recording the set of all metropolitan area group nodes except the wide area routing node S as V, recording the set of a metropolitan area routing spanning tree as (U, T), wherein U is the node set of the spanning tree, T is the edge set of a connection node in the spanning tree, initially, U only contains one wide area routing node S, and T is empty;
searching two nodes with the shortest key relay path length between the nodes in the U and the V, setting the two nodes as U and V, wherein U belongs to the U, V belongs to the V, adding edges (U, V) into a set T, adding V into the set U, and deleting the node V from the set V; this step is repeated until the set V is empty.
The specific process that the wide area routing node and the metropolitan area group node distribute the group keys layer by layer according to the corresponding routing spanning tree until all nodes at the lowest layer of the metropolitan area routing spanning tree obtain the group keys comprises the following steps: and each wide area routing node transmits the group key layer by layer according to the wide area routing spanning tree and the group node information of the metropolitan area network where the wide area routing node is located until the node of each wide area routing spanning tree receives the group key.
7. The method of claim 1, wherein the method comprises: after each wide area routing node receives the group key, according to the metropolitan area routing graph where the wide area routing node is located, the metropolitan area routing spanning tree of the group node of the metropolitan area where the wide area routing node is located is calculated by taking the node as a root node, the metropolitan area routing spanning tree is sent to each metropolitan area group node of the metropolitan area network where the wide area routing node is located, and the group passwords are transmitted layer by layer until all nodes at the lowest layer of the metropolitan area routing spanning tree obtain the group key.
8. The method of claim 1, wherein the method comprises: in a certain routing period, if the information of the quantum cryptography network nodes is not changed, the routing spanning tree does not need to be updated.
9. The method of claim 1, wherein the method comprises: if there are multiple best group key distribution total paths, the group keys are distributed in parallel by using multiple lines.
10. A centralized wide area quantum cryptography network group key distribution system is characterized in that: the method comprises the following steps:
the group communication authentication server is configured to acquire group node information, and determine group node information of newly joining or exiting group communication in each routing period, wherein the group node is a quantum cryptography network node where group members participating in group communication are located;
the group key distribution routing server is configured to select one group node from each metropolitan area network containing the group node as a wide area routing node, calculate the wide area routing spanning trees of all the wide area routing nodes according to a quantum cryptography network routing graph by taking the optimal total path of group key distribution between the metropolitan area networks as a target, and send the wide area routing spanning trees and group node information contained in each metropolitan area network to the wide area routing node of the metropolitan area network;
a wide area routing node configured to receive wide area routing distribution of the group key while providing routing services of the group key distribution for the metro group node;
and the metropolitan area group node is configured to transmit the group keys layer by layer according to the metropolitan area routing spanning tree until all nodes at the lowest layer of the metropolitan area routing spanning tree obtain the group keys.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011584554.2A CN114697004B (en) | 2020-12-28 | 2020-12-28 | Centralized wide area quantum cryptography network group key distribution method and system |
| PCT/CN2021/117785 WO2022142462A1 (en) | 2020-12-28 | 2021-09-10 | Centralized wide area quantum cryptography network group key distribution method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011584554.2A CN114697004B (en) | 2020-12-28 | 2020-12-28 | Centralized wide area quantum cryptography network group key distribution method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114697004A true CN114697004A (en) | 2022-07-01 |
| CN114697004B CN114697004B (en) | 2024-05-17 |
Family
ID=82129320
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011584554.2A Active CN114697004B (en) | 2020-12-28 | 2020-12-28 | Centralized wide area quantum cryptography network group key distribution method and system |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN114697004B (en) |
| WO (1) | WO2022142462A1 (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6684331B1 (en) * | 1999-12-22 | 2004-01-27 | Cisco Technology, Inc. | Method and apparatus for distributing and updating group controllers over a wide area network using a tree structure |
| CN101022333A (en) * | 2007-02-01 | 2007-08-22 | 华为技术有限公司 | Distributing system, method and device for group key control message |
| CN104579964A (en) * | 2013-01-07 | 2015-04-29 | 山东量子科学技术研究院有限公司 | Dynamic route architecture system for quantum cryptography network |
| US20150334631A1 (en) * | 2014-05-16 | 2015-11-19 | Qualcomm Incorporated | Establishing reliable routes without expensive mesh peering |
| CN109962773A (en) * | 2017-12-22 | 2019-07-02 | 山东量子科学技术研究院有限公司 | Wide area quantum cryptography networks data encryption method for routing |
| CN110446239A (en) * | 2019-07-25 | 2019-11-12 | 汕头大学 | A kind of wireless sensor network cluster-dividing method and system based on multiple magic square |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2020125967A1 (en) * | 2018-12-19 | 2020-06-25 | Telefonaktiebolaget Lm Ericsson (Publ) | Quantum key distribution apparatus and method |
-
2020
- 2020-12-28 CN CN202011584554.2A patent/CN114697004B/en active Active
-
2021
- 2021-09-10 WO PCT/CN2021/117785 patent/WO2022142462A1/en active Application Filing
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6684331B1 (en) * | 1999-12-22 | 2004-01-27 | Cisco Technology, Inc. | Method and apparatus for distributing and updating group controllers over a wide area network using a tree structure |
| CN101022333A (en) * | 2007-02-01 | 2007-08-22 | 华为技术有限公司 | Distributing system, method and device for group key control message |
| CN104579964A (en) * | 2013-01-07 | 2015-04-29 | 山东量子科学技术研究院有限公司 | Dynamic route architecture system for quantum cryptography network |
| US20150334631A1 (en) * | 2014-05-16 | 2015-11-19 | Qualcomm Incorporated | Establishing reliable routes without expensive mesh peering |
| CN109962773A (en) * | 2017-12-22 | 2019-07-02 | 山东量子科学技术研究院有限公司 | Wide area quantum cryptography networks data encryption method for routing |
| CN110446239A (en) * | 2019-07-25 | 2019-11-12 | 汕头大学 | A kind of wireless sensor network cluster-dividing method and system based on multiple magic square |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2022142462A1 (en) | 2022-07-07 |
| CN114697004B (en) | 2024-05-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110380844A (en) | A kind of quantum key delivering method, equipment and storage medium | |
| CN111523150B (en) | Document editing method, device and system based on block chain | |
| CN105791169A (en) | Switch transmission control method, switch transmitting method and related equipment in SDN (Software Defined Network) | |
| CN110299939B (en) | Sharing protection method and device for time division multiplexing QKD optical network | |
| CN103001892B (en) | Based on network resource allocation method and the system of cloud computing | |
| CN111614708A (en) | Transaction system based on block chain | |
| CN113645278B (en) | Cross-chain message transmission method, device and storage medium of block chain | |
| Kuhn et al. | The complexity of data aggregation in directed networks | |
| CN114090983A (en) | Heterogeneous federated learning platform communication method and device | |
| CN116957109A (en) | Model construction method, device, equipment and medium based on federal learning | |
| Avin et al. | Order optimal information spreading using algebraic gossip | |
| CN114499842A (en) | QKD network key resource pre-allocation method based on reinforcement learning | |
| CN114697002B (en) | Distributed quantum cryptography network group key distribution method and system | |
| CN105453494B (en) | Virtual shortest path tree is established and the method and path-calculating element of processing | |
| CN111869190A (en) | System and method for random differential relaying and network coding | |
| Shi et al. | Concurrent Entanglement Routing for Quantum Networks: Model and Designs | |
| CN103368770B (en) | Adaptive ALM overlay networks based on gateway-level topology are built and maintenance system | |
| CN114697004A (en) | Centralized wide-area quantum cryptography network group key distribution method and system | |
| CN114697005B (en) | Distributed wide area quantum cryptography network group key distribution method and system | |
| CN108768787B (en) | Block link point excitation method and device | |
| CN113468200B (en) | Method and device for expanding fragments in block chain system | |
| CN114697003B (en) | Centralized type quantum cipher network group key distribution method and system | |
| JP2009038416A (en) | Multicast communication system, and group key management server | |
| Huskov et al. | The concept of services assurance in heterogeneous service-oriented systems | |
| CN102082811B (en) | Multi-domain network establishment method, multi-domain network, node communication method and network node |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |