CN114785504B - Quantum communication system network topology structure, quantum key distribution method and system - Google Patents

Quantum communication system network topology structure, quantum key distribution method and system Download PDF

Info

Publication number
CN114785504B
CN114785504B CN202210683335.2A CN202210683335A CN114785504B CN 114785504 B CN114785504 B CN 114785504B CN 202210683335 A CN202210683335 A CN 202210683335A CN 114785504 B CN114785504 B CN 114785504B
Authority
CN
China
Prior art keywords
quantum key
quantum
key distribution
authentication
management device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210683335.2A
Other languages
Chinese (zh)
Other versions
CN114785504A (en
Inventor
高光辉
王其兵
王林松
陈柳平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guokaike Quantum Technology Beijing Co Ltd
Original Assignee
Guokaike Quantum Technology Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guokaike Quantum Technology Beijing Co Ltd filed Critical Guokaike Quantum Technology Beijing Co Ltd
Priority to CN202210683335.2A priority Critical patent/CN114785504B/en
Publication of CN114785504A publication Critical patent/CN114785504A/en
Application granted granted Critical
Publication of CN114785504B publication Critical patent/CN114785504B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN

Abstract

The invention discloses a quantum communication system network topology structure, a quantum key distribution method and a system, relating to the technical field of quantum communication and comprising quantum key distribution management equipment, the quantum key distribution management device sends a quantum key distribution starting command and a quantum key distribution stopping command to each quantum key distribution device through the communication channels, quantum keys used as authentication keys are negotiated among the quantum key management devices based on stored quantum key sets, and only the authentication keys and the quantum keys are sent between each quantum key management device and the quantum key distribution devices connected correspondingly, so that the communication safety is improved, and the instruction path complexity is reduced.

Description

Quantum communication system network topology structure, quantum key distribution method and system
Technical Field
The invention relates to the technical field of quantum communication, in particular to a quantum communication system network topology structure, a quantum key distribution method and a quantum key distribution system.
Background
The Quantum communication system generally comprises Quantum Key Distribution management equipment, Quantum Key management equipment and Quantum Key Distribution (Quantum Key Distribution, QKD for short) equipment, wherein the Quantum Key Distribution management equipment is responsible for controlling a Quantum Key Distribution process, the Quantum Key Distribution equipment generates a required Quantum Key through a BB84 protocol and stores the Quantum Key in the Quantum Key management equipment, and the Quantum Key management equipment is responsible for managing Key life cycles such as storage, application, update, destruction and the like of the Quantum Key.
The network topology of the existing quantum communication system is shown in fig. 1, a quantum key distribution management device is connected with a quantum key management device through a classical channel, the quantum key management device is connected with the quantum key distribution device through a local network, and the quantum key distribution devices are connected with the classical channel through quantum channels. This solution has the following drawbacks:
(1) the authentication key distribution, the quantum key distribution start and stop instructions use the same interface, and the authentication key and the quantum key belong to key sensitive parameters, so that the safety is poor;
(2) the authentication key is generated by the quantum key distribution management equipment through an algorithm, is easy to crack and has poor safety;
(3) the quantum key distribution starting instruction and the quantum key distribution stopping instruction are forwarded through the quantum key management device, the path complexity of the instruction is increased, and the logic structure is unclear.
Disclosure of Invention
The embodiment of the invention provides a network topology structure of a quantum communication system, a quantum key distribution method and a quantum key distribution system, which are used for overcoming the defects in the prior art.
In order to achieve the above object, in a first aspect, a network topology of a quantum communication system provided by an embodiment of the present invention includes a quantum key distribution management device, at least 2 quantum key management devices, and at least 2 quantum key distribution devices, where:
and communication channels are established between the quantum key distribution management equipment and each quantum key distribution equipment.
And the quantum key distribution management equipment respectively sends a quantum key distribution starting instruction and a quantum key distribution stopping instruction to each quantum key distribution equipment through the communication channel.
Based on the stored set of quantum keys, the respective quantum key management devices negotiate a quantum key that is used as an authentication key between themselves.
And only the authentication key and the quantum key are transmitted between each quantum key management device and the quantum key distribution device which is correspondingly connected.
In a second aspect, an embodiment of the present invention provides a quantum key distribution method based on the network topology of the quantum communication system in the first aspect, including the following steps:
and S101, receiving a quantum key distribution starting instruction sent by the quantum key distribution management equipment through a preset communication channel.
And S102, respectively sending an authentication key acquisition instruction to each quantum key management device.
And S103, receiving the authentication key sent by each quantum key management device, and sending a quantum key distribution starting response to the quantum key distribution management device.
And S104, authenticating the quantum key distribution equipment based on the authentication key and the receiving end.
And S105, after the authentication is passed, sending a quantum bit signal to quantum key distribution equipment of a receiving end through a quantum channel.
And S106, converting the quantum bit signal into a quantum key required by a quantum communication system.
And S107, respectively sending the quantum key to each quantum key management device.
And S108, repeating the steps S105-S107 until receiving a quantum key distribution stopping instruction sent by the quantum key distribution management equipment.
Preferably, after the authentication key acquisition instruction is respectively sent to the respective quantum key management devices, the method further includes:
and based on the stored quantum key set, each quantum key management device negotiates and determines an authentication key.
Preferably, converting the qubit signal into the required quantum key comprises:
and coding the quantum bit signal based on a BB84 protocol to generate a quantum key required by a quantum communication system.
Preferably, after receiving a quantum key distribution stop instruction sent by the quantum key distribution management device, the method further includes:
and sending a quantum key distribution stop response to the quantum key distribution management equipment.
In a third aspect, a quantum key distribution system provided in an embodiment of the present invention includes:
and the receiving module is configured to receive the quantum key distribution starting instruction sent by the quantum key distribution management device through a preset communication channel.
And the sending module is configured to send the authentication key acquisition instruction to each quantum key management device respectively.
The receiving module is further configured to receive the authentication key sent by each quantum key management device, and send a quantum key distribution start response to the quantum key distribution management device.
And the authentication module is configured to perform authentication between the quantum key distribution devices based on the authentication key, and after the authentication is passed, the quantum key distribution devices send the quantum bit signals to the quantum key distribution devices of the receiving end through the quantum channel.
A conversion module configured to convert the qubit signal into a quantum key required by a quantum communication system.
The sending module is further configured to send the quantum key to each of the quantum key management devices, respectively.
In a fourth aspect, the present invention provides a computer-readable storage medium, where the storage medium stores a computer program, and the computer program is configured to execute the method according to the second aspect.
In a fifth aspect, an embodiment of the present invention provides an electronic device, where the electronic device includes:
a processor;
a memory for storing the processor-executable instructions;
the processor is configured to read the executable instructions from the memory and execute the instructions to implement the method of the second aspect.
The quantum communication system network topology structure, the quantum key distribution method and the system provided by the embodiment of the invention have the following beneficial effects:
(1) by changing the path of the quantum key distribution starting and stopping instruction, the condition that the authentication key distribution, the quantum key distribution starting and stopping instruction use the same communication channel is avoided, and the communication safety is improved;
(2) the quantum key distribution starting instruction and the key distribution stopping instruction are directly sent to the quantum key distribution equipment, the path complexity of the instruction is reduced, and the logic structure is clear;
(3) the quantum key determined by negotiation between the quantum key management devices is used for replacing the authentication key, so that the communication security is higher.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a schematic diagram of a network topology of a conventional quantum communication system.
Fig. 2 is a schematic signaling flow diagram of a conventional quantum key distribution method.
Fig. 3 is a schematic diagram of a network topology of a quantum communication system according to an embodiment of the present invention.
Fig. 4 is a schematic flow chart of a quantum key distribution method according to an embodiment of the present invention.
Fig. 5 is a signaling flow diagram of a quantum key distribution method according to an embodiment of the present invention.
Fig. 6 is a schematic structural diagram of a quantum key distribution system according to an embodiment of the present invention.
Fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be obtained by a person skilled in the art without any inventive step based on the embodiments of the present invention, are within the scope of the present invention.
Example 1
In the quantum communication system of the existing network topology shown in fig. 1, the quantum key distribution process is shown in fig. 2, and the specific steps are as follows:
s101, the quantum key distribution management device respectively sends a quantum key distribution starting instruction carrying an authentication key to the quantum key management device A and the quantum key management device B, wherein the authentication key is obtained by the quantum key distribution management device through calculation according to the IDs of the quantum key management device A and the quantum key management device B.
And S102, the quantum key management device A forwards the quantum key distribution starting instruction and the authentication key to the vector sub-key distribution device A, and the quantum key management device B forwards the key distribution starting instruction and the authentication key to the vector sub-key distribution device B.
S103, the quantum key distribution device a sends a key distribution start response to the sub-key management device a, and the quantum key distribution device B sends a quantum key distribution start response to the sub-key management device B.
And S104, the quantum key management device A and the quantum key management device B respectively forward quantum key distribution starting responses sent by the quantum key distribution device A and the quantum key distribution device B to the quantum key distribution management device, and the quantum key distribution device A and the quantum key distribution device B perform authentication based on the authentication key.
And S105, the quantum key distribution device A sends a quantum bit signal to the quantum key distribution device B through a quantum channel.
And S106, based on the quantum bit signal, the quantum key distribution equipment A and the quantum key distribution equipment B generate the required quantum key after vector comparison and data processing.
S107, the quantum key distribution device A sends the quantum key to the quantum key management device A, and meanwhile, the quantum key distribution device B sends the quantum key to the quantum key management device B. And the quantum key management equipment A and the quantum key management equipment B store the quantum key after comparison.
And S108, repeating the steps S105-S107 until the quantum key distribution management device sends a quantum key distribution stop instruction to the quantum key management device A and the quantum key management device B respectively.
And S109, the quantum key management device A forwards the quantum key distribution stopping instruction to the vector sub-key distribution device A, and the quantum key management device B forwards the quantum key distribution stopping instruction to the vector sub-key distribution device B.
S1010, the quantum key distribution device a sends the quantum key distribution stop response to the quantum key management device a, and the quantum key distribution device B sends the quantum key distribution stop response to the quantum key management device B.
S1011, the quantum key management device a and the quantum key management device B respectively forward the key distribution stop response to the quantum key distribution management device.
Example 2
As shown in fig. 3, a network topology of a quantum communication system provided by an embodiment of the present invention includes a quantum key distribution management device, at least 2 quantum key management devices, and at least 2 quantum key distribution devices, where:
communication channels are established between the quantum key distribution management equipment and the quantum key distribution equipment.
Specifically, the communication channel is a classical channel through which the quantum key distribution management device and each quantum key distribution device can communicate by wire or wirelessly. The path of the key distribution starting and stopping instruction is changed, the condition that the authentication key distribution instruction, the quantum key distribution starting and stopping instruction use the same communication channel is avoided, the communication safety is improved, the key distribution starting instruction and the key distribution stopping instruction are directly sent to the quantum key distribution equipment, the path complexity of the instruction is reduced, and the logic structure is clear.
At least 2 quantum key distribution devices are correspondingly connected to one quantum key distribution management device.
And the quantum key distribution management equipment respectively sends a quantum key distribution starting instruction and a quantum key distribution stopping instruction to each quantum key distribution equipment through the communication channel.
Based on the stored set of quantum keys, the respective quantum key management devices negotiate a quantum key that is used as an authentication key between themselves.
Specifically, each quantum key management device selects and determines one quantum key from a stored set of quantum keys as an authentication key.
The quantum key determined by negotiation between the quantum key management devices is used for replacing the authentication key, so that the communication security is higher.
Each quantum key management device only sends the authentication key and the quantum key to the quantum key distribution device which is correspondingly connected.
Specifically, one quantum key management device is connected with at least 1 quantum key distribution device.
Example 3
As shown in fig. 4, a quantum key distribution method based on a quantum communication system network topology structure according to embodiment 2 provided in the present invention executes a quantum key distribution device whose main body is a sending end, and includes the following steps:
s201, receiving a quantum key distribution start instruction sent by a quantum key distribution management device through a preset communication channel.
And S202, respectively sending an authentication key acquisition instruction to each quantum key management device.
S203, receiving the authentication key sent by each quantum key management device, and sending a quantum key distribution start response to the quantum key distribution management device.
And S204, based on the authentication key, authenticating with the quantum key distribution equipment of the receiving end.
And S205, after the authentication is passed, sending a quantum bit signal to quantum key distribution equipment of a receiving end through a quantum channel.
And S206, converting the quantum bit signal into a quantum key required by a quantum communication system.
Specifically, the quantum key distribution device encodes the quantum bit signal based on the BB84 protocol to generate the quantum key required by the quantum communication system. The encoding method includes polarization encoding, phase encoding and the like.
And S207, respectively sending the quantum key to each quantum key management device.
And S208, repeating the steps S205-S207 until receiving a quantum key distribution stopping instruction sent by the quantum key distribution management device.
Optionally, after step S208, each quantum key distribution device sends a quantum key distribution stop response to the quantum key distribution management device.
Example 4
As shown in fig. 5, the quantum key distribution method based on the quantum communication system network topology according to embodiment 2 provided in the embodiment of the present invention specifically includes the following steps:
s301, the quantum key distribution management device sends a quantum key distribution start instruction to the quantum key distribution device C and the quantum key distribution device D, respectively.
S302, quantum key distribution equipment C sends an authentication key obtaining instruction to the vector subkey management equipment C, and quantum key distribution equipment D sends an authentication key obtaining instruction to the vector subkey management equipment D.
S303, the quantum key management device C negotiates with the quantum key management device D to determine a quantum key used as an authentication key, and sends the authentication key to the quantum key distribution device C and the quantum key distribution device D, respectively.
And S304, the quantum key distribution equipment C and the quantum key distribution equipment D respectively send quantum key distribution starting responses to the quantum key distribution management equipment and carry out authentication based on the authentication key and the quantum key distribution equipment at the receiving end.
And S305, after the authentication is passed, the quantum key distribution device C sends a quantum bit signal to the quantum key distribution device D through a quantum channel.
And S306, generating the required quantum key between the quantum key distribution device C and the quantum key distribution device D after vector comparison and data processing.
S307, the quantum key distribution device C sends the quantum key to the vector sub-key management device C, and at the same time, the quantum key distribution device D sends the quantum key to the vector sub-key management device D, and the quantum key management device C and the quantum key management device D store the quantum key after comparing the quantum key received by them.
And S308, repeating the steps S305-S307 until the quantum key distribution management device sends a quantum key distribution stop instruction to the quantum key distribution device C and the quantum key distribution device D respectively.
S309, the quantum key distribution device C and the quantum key distribution device D respectively send quantum key distribution stop responses to the quantum key distribution management device.
Example 5
As shown in fig. 6, a quantum key distribution system based on the quantum communication system according to embodiment 2 provided in the present invention executes a quantum key distribution device whose main body is a sending end, and specifically includes the following modules:
the receiving module is configured to receive a distribution starting instruction sent by the quantum key distribution management device through a preset communication channel.
And the sending module is configured to send the authentication key acquisition instruction to each quantum key management device respectively.
The receiving module is further configured to receive the authentication key sent by each quantum key management device, and send a quantum key distribution start response to the quantum key distribution management device.
And the authentication module is configured to perform authentication between the quantum key distribution devices based on the authentication key, and after the authentication is passed, the quantum key distribution devices transmit the quantum bit signals to the quantum key distribution devices of the receiving end through the quantum channel.
A conversion module configured to convert the qubit signal into a quantum key required by a quantum communication system.
The sending module is further configured to send the quantum key to each of the quantum key management devices, respectively.
Example 6
Fig. 7 is a structure of an electronic device according to an exemplary embodiment of the present invention. As shown in fig. 7, the electronic device may be either or both of the first device and the second device, or a stand-alone device separate from them, which stand-alone device may communicate with the first device and the second device to receive the collected input signals therefrom. FIG. 7 illustrates a block diagram of an electronic device in accordance with a disclosed embodiment of the invention. As shown in fig. 7, the electronic device includes one or more processors 401 and memory 402.
The processor 401 may be a Central Processing Unit (CPU) or other form of processing unit having pervasive data processing capability and/or instruction execution capability and may control other components in the electronic device to perform desired functions.
Memory 402 may include one or more computer program products that may include various forms of computer-readable storage media, such as volatile memory and/or non-volatile memory. The volatile memory may include, for example, Random Access Memory (RAM), cache memory (cache), and/or the like. The non-volatile memory may include, for example, Read Only Memory (ROM), hard disk, flash memory, etc. One or more computer program instructions may be stored on the computer-readable storage medium and executed by the processor 401 to implement the method for mining historical change records of the software program of the various disclosed embodiments described above and/or other desired functions. In one example, the electronic device may further include: an input device 403 and an output device 404, which are interconnected by a bus system and/or other form of connection mechanism (not shown).
The input device 403 may also include, for example, a keyboard, a mouse, and the like.
The output device 404 can output various information to the outside. The output devices 404 may include, for example, a display, speakers, a printer, and a communication network and its connected remote output devices, among others.
Of course, for simplicity, only some of the components of the electronic device relevant to the present disclosure are shown in fig. 7, omitting components such as buses, input/output interfaces, and the like. In addition, the electronic device may include any other suitable components, depending on the particular application.
Example 7
In addition to the above-described methods and apparatus, embodiments of the present disclosure may also be a computer program product comprising computer program instructions that, when executed by a processor, cause the processor to perform the steps in the methods of infiltration data annotation, encapsulation, and retrieval according to various embodiments of the present disclosure described in the "exemplary methods" section of this specification above.
The computer program product may write program code for performing the operations of the disclosed embodiments of the present invention in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server.
Furthermore, embodiments of the present disclosure may also be a computer-readable storage medium having stored thereon computer program instructions that, when executed by a processor, cause the processor to perform the steps in the methods of infiltration data annotation, encapsulation, and retrieval according to various embodiments of the present disclosure described in the "exemplary methods" section above of this specification.
The computer readable storage medium may take any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may include, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The foregoing describes the general principles of the present disclosure in conjunction with specific embodiments, however, it is noted that the advantages, effects, etc. mentioned in the present disclosure are merely examples and are not limiting, and they should not be considered essential to the various embodiments of the present disclosure. Furthermore, the foregoing disclosure of specific details is for the purpose of illustration and description and is not intended to be limiting, since the present disclosure is not intended to be limited to the specific details set forth herein.
In the present specification, the embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same or similar parts in the embodiments are referred to each other. For the system embodiment, since it basically corresponds to the method embodiment, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The block diagrams of devices, apparatuses, systems involved in the disclosure of the present invention are only given as illustrative examples and are not intended to require or imply that the connections, arrangements, configurations, etc. must be made in the manner shown in the block diagrams. These devices, apparatuses, devices, systems may be connected, arranged, configured in any manner, as will be appreciated by one skilled in the art. Words such as "including," "comprising," "having," and the like are open-ended words that mean "including, but not limited to," and are used interchangeably therewith. The words "or" and "as used herein mean, and are used interchangeably with, the word" and/or, "unless the context clearly dictates otherwise. The word "such as" is used herein to mean, and is used interchangeably with, the phrase "such as but not limited to".
The disclosed methods and apparatus may be implemented in a number of ways. For example, the methods and apparatus disclosed herein may be implemented by software, hardware, firmware, or any combination of software, hardware, and firmware. The above-described order for the steps of the method is for illustrative purposes only, and the steps of the method disclosed herein are not limited to the order specifically described above unless specifically indicated otherwise. Furthermore, in some embodiments, the present disclosure may also be embodied as programs recorded in a recording medium, the programs including machine-readable instructions for implementing methods according to the present disclosure. Thus, the present disclosure also covers a recording medium storing a program for executing the method according to the present disclosure.
It is also noted that in the devices, apparatus and methods disclosed herein, components or steps may be broken down and/or re-combined. Such decomposition and/or recombination should be considered equivalents of the present disclosure. The previous description of the disclosed aspects is provided to enable any person skilled in the art to make or use the present disclosure. Various modifications to these aspects will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other aspects without departing from the scope of the disclosure. Thus, the present disclosure is not intended to be limited to the aspects shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
The foregoing description has been presented for purposes of illustration and description. Furthermore, the description is not intended to limit the disclosed embodiments to the form disclosed herein. While a number of example aspects and embodiments have been discussed above, those of skill in the art will recognize certain variations, modifications, alterations, additions and sub-combinations thereof.
It will be appreciated that the relevant features of the method and apparatus described above are referred to one another. In addition, "first", "second", and the like in the above embodiments are for distinguishing the embodiments, and do not represent merits of the embodiments.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement or the like made within the spirit and principle of the present application shall be included in the scope of the claims of the present application.
It should be noted that the above-mentioned embodiments do not limit the present invention in any way, and all technical solutions obtained by using equivalent alternatives or equivalent variations fall within the protection scope of the present invention.

Claims (8)

1. A quantum communication system comprising a quantum key distribution management device, at least 2 quantum key management devices, and at least 2 quantum key distribution devices, characterized in that:
communication channels are established between the quantum key distribution management equipment and each quantum key distribution equipment;
the quantum key distribution management equipment sends a quantum key distribution starting instruction and a quantum key distribution stopping instruction to each quantum key distribution equipment through the communication channel;
based on the stored quantum key set, the quantum key used as the authentication key is negotiated among the quantum key management devices;
and only the authentication key and the quantum key are transmitted between each quantum key management device and the quantum key distribution device which is correspondingly connected.
2. A quantum key distribution method, comprising:
s101, receiving a quantum key distribution starting instruction sent by quantum key distribution management equipment through a preset communication channel;
s102, sending authentication key acquisition instructions to each quantum key management device respectively;
s103, receiving the authentication key sent by each quantum key management device, and sending a quantum key distribution starting response to the quantum key distribution management device;
s104, based on the authentication key, the authentication is carried out with the quantum key distribution equipment of the receiving end;
s105, after the authentication is passed, sending a quantum bit signal to quantum key distribution equipment of a receiving end through a quantum channel;
s106, converting the quantum bit signal into a quantum key required by a quantum communication system;
s107, the quantum key is respectively sent to the quantum key management equipment;
and S108, repeating the steps S105-S107 until receiving a quantum key distribution stopping instruction sent by the quantum key distribution management device.
3. The quantum key distribution method according to claim 2, wherein after the authentication key acquisition instruction is transmitted to each quantum key management device, the method further comprises:
and based on the stored quantum key set, each quantum key management device negotiates and determines an authentication key.
4. The quantum key distribution method of claim 2, wherein converting the qubit signal into the required quantum key comprises:
and encoding the quantum bit signal based on the BB84 protocol to generate a quantum key required by the quantum communication system.
5. The quantum key distribution method according to claim 2, wherein after receiving the quantum key distribution stop instruction transmitted by the quantum key distribution management device, the method further comprises:
and sending a quantum key distribution stop response to the quantum key distribution management equipment.
6. A quantum key distribution apparatus, comprising:
the receiving module is configured to receive a quantum key distribution starting instruction sent by the quantum key distribution management device through a preset communication channel;
a sending module configured to send authentication key acquisition instructions to the respective quantum key management devices;
the receiving module is further configured to receive the authentication key sent by each quantum key management device, and send a quantum key distribution start response to the quantum key distribution management device;
the authentication module is configured to perform authentication between the quantum key distribution devices based on the authentication key, and after the authentication is passed, the quantum key distribution devices send quantum bit signals to the receiving end through the quantum channel;
a conversion module configured to convert the qubit signal into a quantum key required by a quantum communication system;
the sending module is further configured to send the quantum key to each of the quantum key management devices, respectively.
7. A computer-readable storage medium, characterized in that the storage medium stores a computer program for performing the method of any of the preceding claims 2-5.
8. An electronic device, characterized in that the electronic device comprises:
a processor;
a memory for storing the processor-executable instructions;
the processor is used for reading the executable instructions from the memory and executing the instructions to realize the method of any one of the claims 2-5.
CN202210683335.2A 2022-06-17 2022-06-17 Quantum communication system network topology structure, quantum key distribution method and system Active CN114785504B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210683335.2A CN114785504B (en) 2022-06-17 2022-06-17 Quantum communication system network topology structure, quantum key distribution method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210683335.2A CN114785504B (en) 2022-06-17 2022-06-17 Quantum communication system network topology structure, quantum key distribution method and system

Publications (2)

Publication Number Publication Date
CN114785504A CN114785504A (en) 2022-07-22
CN114785504B true CN114785504B (en) 2022-09-30

Family

ID=82420593

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210683335.2A Active CN114785504B (en) 2022-06-17 2022-06-17 Quantum communication system network topology structure, quantum key distribution method and system

Country Status (1)

Country Link
CN (1) CN114785504B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115276987B (en) * 2022-09-19 2023-01-10 国开启科量子技术(北京)有限公司 Method, apparatus, medium, and device for generating a coding rate for a quantum key distribution device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108737081A (en) * 2017-04-21 2018-11-02 山东量子科学技术研究院有限公司 A kind of quantum key output control system and its method
CN211063620U (en) * 2020-06-16 2020-07-21 南京如般量子科技有限公司 Quantum key distribution site and system based on post-quantum cryptography
CN111934871A (en) * 2020-09-23 2020-11-13 南京易科腾信息技术有限公司 Quantum key management service core network, system and quantum key negotiation method
CN212413174U (en) * 2020-06-19 2021-01-26 南京如般量子科技有限公司 Quantum key distribution management device and distribution system based on post-quantum cryptography and block chains
CN113810187A (en) * 2021-10-13 2021-12-17 国科量子通信网络有限公司 High-speed quantum key distribution system and method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108737081A (en) * 2017-04-21 2018-11-02 山东量子科学技术研究院有限公司 A kind of quantum key output control system and its method
CN211063620U (en) * 2020-06-16 2020-07-21 南京如般量子科技有限公司 Quantum key distribution site and system based on post-quantum cryptography
CN212413174U (en) * 2020-06-19 2021-01-26 南京如般量子科技有限公司 Quantum key distribution management device and distribution system based on post-quantum cryptography and block chains
CN111934871A (en) * 2020-09-23 2020-11-13 南京易科腾信息技术有限公司 Quantum key management service core network, system and quantum key negotiation method
CN113810187A (en) * 2021-10-13 2021-12-17 国科量子通信网络有限公司 High-speed quantum key distribution system and method

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
A Modeling Framework for Studying Quantum Key Distribution System Implementation Nonidealities;LOGAN O. MAILLOUX等;《IEEE Access》;20150331;全文 *
The Role of Quantum and Post-Quantum Techniques in Wireless Network Security - Status Challenges and Future Trends;Sattar B. Sadkhan等;《IICETA-2021》;20211231;全文 *
量子密钥分发网络方案研究;侯 嘉,朱 江;《通信技术》;20210630;全文 *
量子密钥分发网络架构及其标准化;马彰超;《无线电通信技术》;20201231;全文 *

Also Published As

Publication number Publication date
CN114785504A (en) 2022-07-22

Similar Documents

Publication Publication Date Title
US9237008B2 (en) Encryption device, encryption method, and encryption program
US9032208B2 (en) Communication terminal, communication system, communication method and communication program
CN114785504B (en) Quantum communication system network topology structure, quantum key distribution method and system
CN109040063B (en) Method, device and equipment for determining vehicle ECU key and storage medium
CN110084599B (en) Key processing method, device, equipment and storage medium
CN110708291B (en) Data authorization access method, device, medium and electronic equipment in distributed network
US11728971B2 (en) Technologies for serializable binary data distribution
CN106067874A (en) A kind of method by data record to server end, terminal and server
CN115473638A (en) Quantum key encryption and decryption methods and systems
CN109818751B (en) Key processing and using method, device, equipment and storage medium
CN111211894B (en) Data transmission method, device and system
CN109450925B (en) User authority verification method and device for operation and maintenance of power secondary system and electronic equipment
CN113569229B (en) Synchronous login method and device, storage medium and electronic equipment
CN116743504B (en) Safe transmission method and system for digital data in network cable
US11368295B2 (en) Communication system using a random code as an encryption code
CN104994078B (en) Information transmission, acquisition methods and device, information processing system in local area network
CN114697355A (en) Data processing method and Internet of things gateway equipment
KR101796144B1 (en) User terminal, remote controlling server method for controlling of user terminal using beacon signal
KR101731835B1 (en) Energy production monitoring apparatus for data security and operating method thereof
CN109118226A (en) Reimbursement processing method and processing device, electronic equipment, storage medium
CN115955306B (en) Data encryption transmission method and device, electronic equipment and storage medium
CN114978551B (en) Access token issuing method, access token obtaining method, access token issuing device, access token obtaining system, access token issuing equipment and access token issuing medium
JP7321414B2 (en) Transmission control method and program
CN101960421A (en) Use the clearly low-cost security of the message of definition
EP3220601A1 (en) Key event encryption processing system and method thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant