CN114900293B - Quantum key global relay method and system based on dispatching center - Google Patents

Quantum key global relay method and system based on dispatching center Download PDF

Info

Publication number
CN114900293B
CN114900293B CN202210483607.4A CN202210483607A CN114900293B CN 114900293 B CN114900293 B CN 114900293B CN 202210483607 A CN202210483607 A CN 202210483607A CN 114900293 B CN114900293 B CN 114900293B
Authority
CN
China
Prior art keywords
key
node
exclusive
information
relay
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210483607.4A
Other languages
Chinese (zh)
Other versions
CN114900293A (en
Inventor
丁胜建
郑韶辉
封连重
陈斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Quantum Technologies Co ltd
Original Assignee
Zhejiang Quantum Technologies Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Quantum Technologies Co ltd filed Critical Zhejiang Quantum Technologies Co ltd
Priority to CN202210483607.4A priority Critical patent/CN114900293B/en
Publication of CN114900293A publication Critical patent/CN114900293A/en
Application granted granted Critical
Publication of CN114900293B publication Critical patent/CN114900293B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • H04L9/0855Quantum cryptography involving additional nodes, e.g. quantum relays, repeaters, intermediate nodes or remote nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The quantum key global relay method based on the dispatching center comprises the steps that all quantum key management nodes are connected with the dispatching center; the dispatching center creates, stores and maintains a global node topology table to determine a relay node; the scheduling center requests quantum key exclusive-or information to the relay nodes respectively, and the relay nodes calculate and report the key exclusive-or information; the dispatching center generates a global key exclusive or information list; determining a shortest path; the dispatching center calculates key exclusive or information for realizing key sharing between the source node and the destination node; the dispatching center assembles the key or dispatching information and sends the key or dispatching information to the corresponding node; and the node takes out the corresponding key, and performs exclusive OR decryption to obtain other node keys. Compared with the prior art, the method and the device solve the technical defects that the application scene of the existing relay scheme is single, relay information on a path is repeatedly calculated and forwarded, the method and the device cannot be applied to the application scene of an application layer connected to a relay node, and the like, realize quantum key synchronization of a global node, and enable the global node to have a consistent key.

Description

Quantum key global relay method and system based on dispatching center
Technical Field
The invention relates to the technical field of key relay in a quantum communication network, in particular to a quantum key global relay method and system based on a dispatching center.
Background
In a quantum communication network, due to the limitations of the deployment cost of optical fiber links and the QKD point-to-point key distribution distance, the construction of quantum channels between any nodes in the network and the direct Quantum Key Distribution (QKD) cannot be realized. Therefore, in order to share the quantum key between any nodes in the network, it is necessary to implement key distribution by using a key relay method between two nodes that cannot directly perform the quantum key distribution.
The key relay mode is firstly proposed by Elliott of BBN, the basic idea is to encrypt and decrypt the relay key by utilizing the quantum key shared between adjacent nodes, and realize the encryption transfer of the relay key between one or more relay nodes, and finally achieve the purpose of the user.
In the prior art, the key chain type relay scheme mentioned in the ITU 3800 series research report utilizes a trusted relay node to connect a plurality of short-distance point-to-point quantum key distribution links into a long-distance quantum secret communication link, generates and shares a key based on quantum key distribution equipment among different areas, and realizes the safe transfer of the key among the relay points in a piecewise encryption mode. In addition, the invention patent [ China invention ] CN201711461050.X is a quantum key relay service method, which discloses a quantum key relay service method, mainly solves the problems of safety and efficiency of a quantum key trusted relay process in a quantum communication network, and comprises the following steps: the quantum network management server selects a relay node according to a relay routing table and the current state index of the relay node, the relay node concurrency vector quantum key relay server sends exclusive-or values of shared quantum keys between the relay node concurrency vector quantum key relay server and two adjacent nodes, the quantum key relay server carries out exclusive-or operation on the received corresponding exclusive-or values and obtains exclusive-or values of quantum keys of a source node and a target node, the source node and the target node can share the quantum keys by disclosing the exclusive-or values, the relay method is relatively higher in efficiency, but aims at the key relay from a certain source node to a certain target node, but if key relay synchronization among global nodes is to be realized, the quantum key relay server needs to store a large amount of routing table information, and the relay method is carried out once for each item of the routing table in sequence, so that the process is complicated and partial exclusive-or value repeat operation and forwarding are carried out. The invention patent [ China invention, china invention authorization ] CN201910356345.3 quantum key relay method, device, system, equipment and storage medium, wherein the relay method applied to the service node comprises the following steps: respectively sending first request information to each intermediate node in any path; performing exclusive-or operation on the operation results returned by the intermediate nodes to obtain a target exclusive-or result; sending second request information to the destination node; the second request information comprises a target exclusive-or result, and the second request information is used for indicating a destination node to adopt a target quantum key to carry out exclusive-or operation on the target exclusive-or result so as to obtain a quantum key to be shared; the target quantum key is a second shared key of the destination node in the path; the invention aims to solve the problem that relay communication relationship among terminal nodes in a wide area is complex when terminal nodes in the wide area are subjected to quantum key sharing, and is not suitable for a scene that a relay node is connected with a key encryption and decryption application, namely a scene that key relay synchronization among global nodes is needed. The key relay sharing from the initial node to the terminal node in a certain path is realized through the key relay method, so that the point-to-point encrypted communication between the initial node and the terminal node is only satisfied, however, in the actual application scene, more cases are as follows: the relay node also needs an upper application layer for encrypted communication between any node in the network and any other node, and for encrypted communication between any node and any plurality of nodes.
Disclosure of Invention
The invention aims to provide a quantum key global relay method based on a dispatching center, which aims to solve the technical defects that the existing relay scheme is single in application scene, relay information on paths is repeatedly calculated and forwarded, the method cannot be suitable for application scenes of an application layer connected to a relay node, and the like.
The technical scheme of the invention is realized as follows:
a quantum key global relay method based on a dispatching center comprises the following steps:
(S1-1) all quantum key management nodes in the quantum network are connected with a dispatching center, and the quantum key management nodes report adjacent node relation information to the dispatching center;
(S1-2) the dispatching center creates, stores and maintains a global node topology table according to the adjacent node relation information reported by the quantum key management node, traverses the global node topology table and determines a relay node;
(S1-3) the dispatching center respectively requests quantum key exclusive OR information from the relay nodes, and the relay nodes calculate and report the key exclusive OR information;
(S1-4) the dispatching center receives the key exclusive-or information, calculates indirect exclusive-or information and finally generates a global key exclusive-or information list;
(S1-5) the scheduling center traversing a shortest path from any one node as a source node to any other node as a destination node based on the global node topology table to determine a shortest path;
(S1-6) the scheduling center calculating key exclusive-or information for realizing key sharing between the source node and the destination node based on the shortest path and the global key exclusive-or information list;
(S1-7) the dispatching center assembles key exclusive-or dispatching information according to the exclusive-or information list of each node in turn and sends the key exclusive-or dispatching information to the corresponding node;
and (S1-8) the node receives the exclusive-or scheduling information sent by the scheduling center, and takes out the corresponding key for exclusive-or decryption to obtain other node keys according to the own key identification of the node indicated by the exclusive-or scheduling information.
Preferably, in step (S1-1), the adjacency information reported by any node includes adjacency node relation information, where the adjacency node relation information includes the node identifier of the node itself and an adjacency node identifier list, and how many QKD links, i.e. how many adjacency nodes, are connected to the node.
Preferably, in step (S1-3), any relay node reports quantum key exclusive-or response information, and according to the number N of adjacent downlink links, it is required to report quantum key exclusive-or information of at least N-1 units, where the quantum key exclusive-or information of each unit includes: prev link node identification, next link node identification, relay node self identification, prev link key identification, next link key identification, key exclusive-or value of a designated unit.
Preferably, in the step (S1-4), the scheduling center receives and processes the direct key xor information reported by the relay node, calculates the indirect key xor information not directly reported by the relay node, and caches the direct and indirect key xor information to the global key xor information list; when the relay node has N adjacent nodes, and when N=2, no indirect key exclusive or information exists, and the dispatching center does not need to calculate; when N >2, the dispatching center organizes and exclusive-ors again based on the direct key exclusive-or information of the N-1 units to obtain indirect key exclusive-or information.
Preferably, the shortest path includes a source node identifier, a next-hop relay node identifier, and a next-hop relay node identifier, so as to reach a destination node identifier.
Preferably, in step (S1-6), for each shortest path, the associated key exclusive-or information is retrieved from the global key exclusive-or information list, and then exclusive-or is performed one by one, so as to obtain a key exclusive-or value for realizing key sharing from the source node to the destination node of the shortest path.
Preferably, the related key exclusive-or information is retrieved from the global key exclusive-or information list, the related key exclusive-or value and two groups of key identifiers are retrieved from the global key exclusive-or information list according to the shortest path relay node identifiers, prev node identifiers and Next node identifiers as retrieval parameters, the exclusive-or values of the keys are exclusive-or operated to finally obtain the exclusive-or values of the source node quantum key and the destination node quantum key, the key identifiers of the two groups of keys corresponding to the key exclusive-or values are easy to know, and the groups of exclusive-or values and the destination node key identifiers are added to the exclusive-or value scheduling information list to be sent to the source node.
Preferably, the dispatching center receives and processes the direct key exclusive or information reported by the relay node, and processes and caches the communication message by adopting a network model of a master-slave Reactor plus a workbench thread pool.
Preferably, the scheduling center traverses a shortest path from any node as a source node to any other node as a destination node based on the global node topology table, and further comprises abstracting shortest path search between any two nodes of the global network into shortest path search based on a connectivity graph.
Preferably, the shortest path search abstraction between any two nodes of the global network is a shortest path search based on a connectivity graph, and the using algorithm includes, but is not limited to, breadth-first search algorithm, depth-first traversal algorithm, floyd algorithm, dijkstra algorithm, bellman-Ford algorithm.
The invention also provides a quantum key global relay system based on the dispatching center, which comprises
1) The subsystem applied to the dispatching center comprises the following system structures:
node communication service module: the node connection management sub-module is used for receiving a node connection request by a dispatching center and managing node connection, and the node communication interface sub-module is used for analyzing and assembling communication interface messages;
and a path algorithm module: the system comprises a node topology creation and maintenance submodule and a shortest path search algorithm submodule, wherein the node topology creation and maintenance submodule is used for processing adjacency relation information reported by nodes and creating and maintaining global node network topology, and the shortest path search algorithm submodule is used for searching the shortest path between any node and any other node;
exclusive or scheduling service module: the system comprises an exclusive-or information request sub-module, a global key exclusive-or information calculation sub-module and an exclusive-or scheduling information forwarding sub-module; the global key exclusive-or information calculation submodule processes direct key exclusive-or information reported by the relay node, calculates indirect, caches direct and indirect key exclusive-or information to a global key exclusive-or information list according to the searched shortest path, and the exclusive-or scheduling information forwarding submodule sequentially finds out corresponding exclusive-or information in the global key exclusive-or information list according to each node identifier, assembles a key exclusive-or scheduling information message and forwards the key exclusive-or information to the corresponding node;
general function module: the system comprises a database sub-module and an authentication sub-module, wherein the database sub-module is used for caching and lasting key exclusive or information according to a strategy as required, and the authentication sub-module is used for identity authentication, entity authentication and session key negotiation between a dispatching center and nodes;
2) The subsystem applied to the terminal node and the relay node comprises the following component modules:
node communication service module: the node connection management sub-module is used for initiating a connection request to a dispatching center and managing the connection, and the node communication interface sub-module is used for analyzing and assembling a communication interface message;
and the adjacent information reporting module is used for: the method comprises the steps of creating and maintaining adjacent node relation information and reporting the adjacent node relation information;
and the exclusive or scheduling analysis module: the key exclusive-or scheduling information is used for receiving and processing key exclusive-or scheduling information forwarded by the scheduling center, a corresponding key is taken out from a local key cache area according to the key identifier of the node indicated by the exclusive-or scheduling information, each exclusive-or value in an exclusive-or value list is decrypted by using the key in sequence to obtain other node key plaintext, corresponding other node key identifiers are taken out from the other node key identifier list according to the agreed key exclusive-or value and key identifier corresponding rule, the key and the key identifier of other node links are finally obtained, and the decrypted key is cached;
general function module: the system comprises a database sub-module and an authentication sub-module, wherein the database sub-module is used for caching and lasting secret keys and managing the life cycle of the secret keys, and the authentication sub-module is used for identity authentication, entity authentication and session secret key negotiation between nodes and adjacent nodes and between dispatching centers.
Compared with the prior art, the invention has the following beneficial effects:
(1) Through global key synchronization, each node caches consistent key information (including key identification, keys and the like), so that the key access logic is simple for an application layer, and consistent keys can be obtained between any node application layers for encryption and decryption, thereby having more application value and more convenient key use;
(2) Through global synchronization of keys, each node obtains other link keys in a secure mode of exclusive or decryption, when N QKD links exist in a network and each time the key globally synchronizes the quantum keys of K units, each time synchronous service is completed, each node obtains N x K units of quantum keys, and quantum key quantity of a single node is improved;
(3) Each node has a globally consistent key, so that the key can be conveniently expanded to group encryption and decryption communication, the application scene of the quantum key is expanded from point-to-point to point-to-multipoint and group communication, and the application scene is expanded.
Drawings
FIG. 1 is a flow diagram of a quantum key global relay method based on a dispatch center;
FIG. 2 is a schematic diagram of a subsystem architecture applied to a dispatch center according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a subsystem applied to a terminal node and a relay node according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of node assembly adjacency information according to a third embodiment of the present invention;
fig. 5 is a schematic diagram of a scheduling center generating a global key exclusive or information list according to a fourth embodiment of the present invention.
Description of the embodiments
The present invention will now be described more fully hereinafter with reference to the accompanying drawings, in which embodiments of the invention are shown.
As shown in fig. 1, the invention discloses a quantum key global relay method based on a dispatching center, which comprises the following steps:
(S1-1): all quantum key management nodes in the quantum network are connected with the dispatching center, and the nodes report adjacent information to the dispatching center; the adjacency information reported by any node comprises: and information such as adjacent node relation, wherein the adjacent node relation information comprises node identification of the node itself, an adjacent node identification list, and how many QKD links are connected under the node, namely, how many adjacent nodes are connected.
(S1-2): and the dispatching center creates, stores and maintains a global node topology table according to the adjacent node relation information reported by the nodes, and traverses the global node topology table to determine which nodes are relay nodes.
(S1-3): the scheduling center requests quantum key exclusive-or information to the relay nodes respectively, any relay node reports quantum key exclusive-or response information, and according to the number N of adjacent downlink links, quantum key exclusive-or information of at least N-1 units is required to be reported, and the quantum key exclusive-or information of each unit comprises: prev link node identification, next link node identification, relay node self identification, prev link key identification, next link key identification, key exclusive-or value of a designated unit.
The relay node reports the quantum key exclusive or response information,
when the relay node has N adjacent nodes, namely N QKD links are connected downwards, for the relay node, a certain N > =2, and when N=2, the relay node performs quantum key exclusive-OR on the two links, so that quantum key exclusive-OR response can be assembled; when N >2, the relay node uses a certain link key as a reference key and exclusive-ors with other link keys to obtain quantum key exclusive-or information of N-1 units, which is called direct key exclusive-or information, when the relay node has more than 2 adjacent nodes, namely more than two QKD links.
The direct quantum key exclusive-or information is the minimum data volume key exclusive-or information reported by each relay node, depends on the number of adjacent nodes of the relay node,
as shown in fig. 5, for the relay node Z, the number n of adjacent nodes is 4, the adjacent nodes are { a, B, C, D }, the link keys between the node A, B, C, D and the node Z are KAZ, KBZ, KCZ, KDZ, and the direct key exclusive-or information includes at least: (1) node self identification, reference key identification; (2) A first exclusive-or value KAZ k, a first exclusive-or value non-reference key (i.e., KBZ) identifier, a Prev of the first exclusive-or value, and a Next link node identifier; (3) A second exclusive-or value KAZ KCZ, a second exclusive-or value non-reference key (i.e., KCZ) identification, a second exclusive-or value Prev, and a Next link node identification; (4) The third exclusive-or value KAZ is equal to KDZ, the third exclusive-or value is not the reference key (i.e., KDZ) identification, the Prev of the third exclusive-or value and the Next link node identification.
(S1-4): the dispatching center receives and processes direct key exclusive-OR information reported by the relay node, calculates indirect key exclusive-OR information which is not directly reported by the relay node, and caches the direct and indirect key exclusive-OR information to a global key exclusive-OR information list; when the relay node has N adjacent nodes, and when N=2, no indirect key exclusive or information exists, and the dispatching center does not need to calculate; when N >2, the dispatching center organizes and exclusive-ors again based on the direct key exclusive-or information of the N-1 units to obtain indirect key exclusive-or information.
The indirect key exclusive-or information is a binary exclusive-or value between non-reference keys calculated by a dispatching center based on direct key exclusive-or information reported by a relay node, and is characterized in that:
as shown in fig. 5, the scheduling center calculates the exclusive-or value between the non-reference keys based on the direct key exclusive-or information of the relay node Z, and according to the principle of exclusive-or operation exchange law and permutation and combination, it is easy to know that the exclusive-or value needs to be calculated
Figure SMS_1
The group indirect key exclusive-or information, n=4 is substituted into a formula to obtain 3, namely key exclusive-or values KBZ, KBZ and KCZ in the 3 group indirect key exclusive-or information are KDZ, KBZ and KDZ.
(S1-5): the scheduling center traverses shortest paths with any node (including a relay node) as a source node to any other node (including a relay node) as a destination node based on the global node topology table, and determines the shortest paths by using a shortest path search algorithm.
Further, the shortest path includes a source node identifier, a next-hop relay node identifier, and a next-hop relay node identifier, so as to push the shortest path until a destination node identifier.
(S1-6): the scheduling center calculates key exclusive-or information for realizing key sharing between the source node and the destination node based on the shortest path and the global key exclusive-or information list; and for each shortest path, retrieving the related key exclusive-or information from the global key exclusive-or information list, and performing exclusive-or to obtain a key exclusive-or value for realizing key sharing from the source node to the destination node of the shortest path.
The related key exclusive-or information is searched from a global key exclusive-or information list, related key exclusive-or values and two groups of key identifiers are searched from the global key exclusive-or information list according to the shortest path relay node identifiers, prev node identifiers and Next node identifiers as search parameters, exclusive-or values of the key exclusive-or values are subjected to exclusive-or operation to finally obtain exclusive-or values of a source node quantum key and a destination node quantum key, key identifiers of the two groups of keys corresponding to the key exclusive-or values are easily known, and the groups of exclusive-or values and the destination node key identifiers are added to an exclusive-or value scheduling information list to be sent to the source node; further, because the path is bidirectional, the set of exclusive-or values and the source node key identification are added to an exclusive-or value scheduling information list to be sent to the destination node; and by analogy, the scheduling center calculates an exclusive or value scheduling information list from any node to any other node in the whole network.
(S1-7): the scheduling center assembles key exclusive-or scheduling information, traverses each node exclusive-or value scheduling information list, and comprises the node self key identification, an exclusive-or value list in the exclusive-or value scheduling information list and other node key identification lists corresponding to the exclusive-or value, and sends the node self key identification, the exclusive-or value list and other node key identification lists corresponding to the exclusive-or value list to the corresponding node;
(S1-8): the node receives the exclusive-or scheduling information sent by the scheduling center, and according to the self-key identification of the node indicated by the exclusive-or scheduling information, the node extracts the corresponding key from the local key cache area, and according to the self-reflexibility of the exclusive-or operation (namely a b = a), the node can use the local key associated with the exclusive-or value to decrypt the key possessed by the destination node; sequentially decrypting each term of the exclusive or value in the exclusive or value list to obtain the key plaintext of other nodes, and according to the rule corresponding to the agreed exclusive or value and the key identifier, extracting the corresponding key identifier of other nodes from the key identifier list of other nodes, and then obtaining the key and the key identifier of other node links by the node.
Finally, all nodes acquire keys and key identifications of other node links, so as to finish global relay synchronization of the quantum keys.
The adjacency information reported by any node also comprises associated link state information which indicates that the node is connected with a plurality of QKD link states, namely the running state, the code forming rate, the current key quantity and the like of the QKD link, and the dispatching center judges a global key relay synchronous service execution strategy based on the adjacent link state information of all nodes in the network, wherein the strategy comprises but is not limited to synchronous service initiation time, the unit key quantity expected to be synchronous and the like.
And traversing the global node topology table to determine which nodes are relay nodes, and acquiring that the adjacent nodes of a certain node are regarded as relay nodes when the number of the adjacent nodes is greater than 1 by adopting the topology table-based traversing node adjacent relation, wherein the adjacent nodes are terminal nodes with the number of 1.
And the dispatching center respectively requests quantum key exclusive OR information from the relay nodes, and requests are concurrently carried out in a multithreading/multiprocessing mode.
And the dispatching center receives and processes the direct key exclusive OR information reported by the relay node, and processes and caches the communication message by adopting a network model of a master-slave Reactor and a Worker thread pool.
The scheduling center traverses a shortest path taking any node (including a relay node) as a source node to any other node (including a relay node) as a destination node based on the global node topology table, and the method further comprises the step of abstracting shortest path searching between any two nodes of the global network into shortest path searching based on a communication graph.
The shortest path searching abstraction between any two nodes of the global network is the shortest path searching based on the connected graph, and the using algorithm comprises but is not limited to breadth-first searching algorithm, depth-first traversing algorithm, floyd algorithm, dijkstra algorithm, bellman-Ford algorithm and the like.
The invention also discloses a quantum key global relay synchronization method which is applied to a dispatching center and comprises the following steps of, but is not limited to:
(S2-1): and the dispatching center receives and maintains the connection of each node of the quantum key management network.
(S2-2): and the dispatching center receives and processes the adjacency information message reported by each node, creates, stores and maintains a global node topology table based on an adjacency information algorithm of the graph, and represents the adjacency relation of the global node.
(S2-3): the dispatching center sends an exclusive-or information request to all relay nodes in the network, receives an exclusive-or information response, processes the exclusive-or information response, calculates indirect exclusive-or key information based on direct key exclusive-or information, and caches the indirect exclusive-or key information to a global key exclusive-or information list.
(S2-4): the scheduling center traverses the shortest paths among the global nodes, calculates key exclusive OR values required by the key sharing from the source node to the destination node for each shortest path, and further assembles key exclusive OR scheduling information and forwards the key exclusive OR scheduling information to the source node respectively.
(S2-5): the dispatching center receives the exclusive or dispatching confirmation information of all the nodes and is used for judging the state of the global key relay synchronous service, and when all the nodes confirm that the exclusive or dispatching information is received and processed, the dispatching center can carry out the next global key relay synchronous service according to a set strategy.
The graph-based adjacency information algorithm creates, stores and maintains global node adjacencies, and for a dispatching center, an adjacency relation table based on graph theory is used for creating, storing and maintaining when the number of nodes is relatively small, and an adjacency relation matrix based on graph theory is used for creating, storing and maintaining when the number of nodes is relatively large.
The method comprises the steps of calculating the key exclusive-or value required by the key sharing from a source node to a destination node for each shortest path, and calculating the key exclusive-or value required by the direction from the source node to the destination node, wherein the key exclusive-or value in the direction from the source node to the destination node is also the key exclusive-or value required by the key sharing in the direction from the destination node to the source node because the paths can be reversed at the same time, and the difference between the key exclusive-or value and the key exclusive-or value is that the local key identification carried by key exclusive-or scheduling information forwarded by a scheduling center and the content of a field of a corresponding key identification are opposite.
The exclusive or scheduling confirmation message of all the nodes also comprises information such as link state, code rate and the like of the node associated QKD link, and the scheduling center receives the exclusive or scheduling confirmation message, so that the current key state of each node of the network can be known, and the exclusive or scheduling confirmation message is used as one of judging strategies for how to perform the key global relay synchronization service, for example, if the key is sufficient, the next key global relay synchronization service can be performed.
The invention also discloses a quantum key global relay synchronization method which is applied to the nodes and comprises the following steps of, but is not limited to:
(S3-1): the node initiates a connection to the dispatch center.
(S3-2): the node reports the adjacent information to the dispatching center, wherein the adjacent information comprises the information such as self node identification, an adjacent node identification list and the like.
(S3-3): and the node receives and processes the exclusive or information request sent by the dispatching center, and assembles an exclusive or information response and returns the exclusive or information response to the dispatching center.
(S3-4): and the node receives and processes the exclusive-or scheduling information sent by the scheduling center, and decrypts the exclusive-or scheduling information to obtain all other link keys by using the local keys in a one-to-one exclusive-or key exclusive-or value list.
And the node receives and processes the exclusive-or scheduling information sent by the scheduling center, takes out a corresponding identification key from a local key pool according to the key identification of the node carried by the information, and exclusive-or decrypts all other link keys one by one with a key exclusive-or value list containing all other link keys, thereby realizing that the node safely obtains all other link keys and has a globally consistent quantum key with other nodes.
The invention also provides a quantum key global relay synchronization system based on the dispatching center, which comprises a subsystem applied to the dispatching center, wherein the system structure comprises but not limited to the following component modules:
node communication service module: the node connection management sub-module is used for receiving node connection requests by the dispatching center and managing node connection, and the node communication interface sub-module is used for analyzing and assembling communication interface messages and the like.
And a path algorithm module: the system comprises a node topology creation and maintenance submodule and a shortest path search algorithm submodule, wherein the node topology creation and maintenance submodule is used for processing adjacency relation information reported by nodes and creating and maintaining global node network topology, and the shortest path search algorithm submodule is used for searching the shortest path between any node and any other node.
Exclusive or scheduling service module: the system comprises an exclusive-or information request sub-module, a global key exclusive-or information calculation sub-module and an exclusive-or scheduling information forwarding sub-module; the global key exclusive-or information calculating submodule processes direct key exclusive-or information reported by the relay node, calculates indirect and cached direct and indirect key exclusive-or information to a global key exclusive-or information list according to the searched shortest path, and the exclusive-or scheduling information forwarding submodule sequentially finds out corresponding exclusive-or information in the global key exclusive-or information list according to each node identifier, assembles a key exclusive-or scheduling information message and forwards the key exclusive-or information to the corresponding node.
General function module: the system comprises a database sub-module and an authentication sub-module, wherein the database sub-module is used for caching and persistence of key exclusive or information according to a strategy as required, and the authentication sub-module is used for identity authentication, entity authentication, session key negotiation and the like between a dispatching center and nodes.
The invention also provides a quantum key global relay synchronization system based on the dispatching center, which comprises subsystems applied to the terminal node and the relay node, wherein the system structure comprises but not limited to the following component modules:
node communication service module: the node connection management sub-module is used for initiating a connection request to a dispatching center, managing the connection and the like, and the node communication interface sub-module is used for analyzing and assembling communication interface messages and the like.
And the adjacent information reporting module is used for: and the method is used for creating and maintaining the adjacent node relation information and reporting the adjacent node relation information.
And the exclusive or scheduling analysis module: the key exclusive-or scheduling information is used for receiving and processing key exclusive-or scheduling information forwarded by the scheduling center, a corresponding key is taken out from a local key cache area according to the key identifier of the node indicated by the exclusive-or scheduling information, each exclusive-or value in the exclusive-or value list is decrypted by using the key in sequence to obtain other node key plaintext, corresponding other node key identifiers are taken out from the other node key identifier list according to the agreed key exclusive-or value and key identifier corresponding rule, the key and the key identifier of other node links are finally obtained, and then the decrypted key is cached.
General function module: the system comprises a database sub-module and an authentication sub-module, wherein the database sub-module is used for caching and lasting secret keys and managing the life cycle of the secret keys, and the authentication sub-module is used for identity authentication, entity authentication, session secret key negotiation and the like between nodes and adjacent nodes, among dispatching centers.
Embodiment one:
embodiment one: referring to fig. 2, the invention also provides a quantum key global relay synchronization system based on a dispatching center, which comprises a subsystem applied to the dispatching center, wherein the system structure comprises the following components:
node communication service module 201: the node connection management sub-module is used for receiving node connection requests by the dispatching center and managing node connection, and the node communication interface sub-module is used for analyzing and assembling communication interface messages and the like.
The path algorithm module 202: the system comprises a node topology creation and maintenance submodule and a shortest path search algorithm submodule, wherein the node topology creation and maintenance submodule is used for processing adjacency relation information reported by nodes and creating and maintaining global node network topology, and the shortest path search algorithm submodule is used for searching the shortest path between any node and any other node.
Exclusive or scheduling service module 203: the system comprises an exclusive-or information request sub-module, a global key exclusive-or information calculation sub-module and an exclusive-or scheduling information forwarding sub-module; the global key exclusive-or information calculating submodule processes direct key exclusive-or information reported by the relay node, calculates indirect and cached direct and indirect key exclusive-or information to a global key exclusive-or information list according to the searched shortest path, and the exclusive-or scheduling information forwarding submodule sequentially finds out corresponding exclusive-or information in the global key exclusive-or information list according to each node identifier, assembles a key exclusive-or scheduling information message and forwards the key exclusive-or information to the corresponding node.
General function module 204: the system comprises a database sub-module and an authentication sub-module, wherein the database sub-module is used for caching, lasting key exclusive or information according to a strategy as required, facilitating the functions of system expansion key backtracking and the like, and the authentication sub-module is convenient for the system expansion password security application and the like.
Embodiment two:
embodiment two: referring to fig. 3, the invention also provides a quantum key global relay synchronization system based on a dispatching center, which comprises a subsystem applied to a terminal node and a relay node, wherein the system structure comprises the following component modules:
node communication service module 301: the node connection management sub-module is used for initiating a connection request to a dispatching center, managing the connection and the like, and the node communication interface sub-module is used for analyzing and assembling communication interface messages and the like.
The adjacency information reporting module 302: and the method is used for creating and maintaining the adjacent node relation information and reporting the adjacent node relation information.
Exclusive or schedule parsing module 303: the key exclusive-or scheduling information is used for receiving and processing key exclusive-or scheduling information forwarded by the scheduling center, a corresponding key is taken out from a local key cache area according to the key identifier of the node indicated by the exclusive-or scheduling information, each exclusive-or value in the exclusive-or value list is decrypted by using the key in sequence to obtain other node key plaintext, corresponding other node key identifiers are taken out from the other node key identifier list according to the agreed key exclusive-or value and key identifier corresponding rule, the key and the key identifier of other node links are finally obtained, and then the decrypted key is cached.
General function module 304: the system comprises a database sub-module and an authentication sub-module, wherein the database sub-module is used for caching and lasting the secret key, is convenient for the system to expand the functions of secret key management, secret key life cycle management and the like, and the authentication sub-module is convenient for the system to expand the password security application and the like.
Embodiment III:
embodiment III: referring to fig. 4, the invention also discloses a schematic diagram of node assembly adjacency information, which is as follows:
assume that a network topology of the present system is shown in fig. 4, where a dispatch center is identified as DC, nodes are respectively identified as A, B, C, D, where node A, D is a terminal node, and node B, C is a relay node. The adjacent node relation information comprises the node identification of the node itself and an adjacent node identification list, and how many QKD links are connected with the node, namely, how many adjacent nodes are connected with the node.
Each node respectively assembles adjacent node relation information, and in this embodiment, the adjacent node relation information structure is the node identifier, the number of adjacent nodes and the adjacent node identifier list, and then: the adjacent node relation information of the node A is NbrInfo-A, which is expressed as { A, 1, (B) }, and indicates that the terminal node A has only one neighbor node B; the neighbor node relation information of the node B is NbrInfo-B, which is shown as { B, 2, (a, C) }, and indicates that the relay node B has two neighbor nodes A, C; the adjacent node relation information of the node C is NbrInfo-C, which is expressed as { C, 2, (B, D) }, and shows that the relay node C has two neighbor nodes B, D; the neighbor node relation information of the node D is NbrInfo-D, which is expressed as { D, 1, (C) }, and indicates that the terminal node D has only one neighbor node C.
Embodiment four:
embodiment four: referring to fig. 5, the invention also discloses a schematic diagram of the scheduling center for generating the global key exclusive or information list, which is as follows:
described in the example of fig. 5, the scheduling center in the network shown in the example is identified as DC, the nodes are respectively identified as A, B, C, D, Z, where node A, B, C, D is a terminal node, and node Z is a relay node. For the relay node Z, the number n of adjacent nodes is 4, the adjacent nodes are { a, B, C, D }, the QKD link quantum keys between the node A, B, C, D and the node Z are KAZ, KBZ, KCZ, KDZ, and the corresponding key identifiers are KeyIDAZ, keyIDBZ, keyIDCZ, keyIDDZ.
Let the relay node Z select the reference key as KAZ, and the direct key exclusive-or information at this time includes at least:
(1) The node self identifier Z and the reference key identifier KeyIDAZ are stored in a data structure { Z, keyIDAZ };
(2) The first exclusive-or value KAZ is KBZ, the first exclusive-or value non-reference key KBZ key identifier, the Prev of the first exclusive-or value and the Next link node identifier, and the storage data structure is { KAZ }, { KeyIDAZ, keyIDBZ }, { A, B };
(3) A second exclusive-or value KAZ is equal to KCZ, a second exclusive-or value non-reference key KCZ key identification, a Prev of the second exclusive-or value and a Next link node identification, and the stored data structure is { KAZ is equal to KCZ, { KeyIDAZ, keyIDCZ }, { a, C };
(4) The third exclusive-or value KAZ is equal to { KAZ }, KDZ, { KeyIDAZ, keyIDDZ }, and { A, D }, and the third exclusive-or value is equal to the reference key KDZ key identification, the Prev of the third exclusive-or value and the Next link node identification.
The dispatching center DC is based on the direct key exclusive OR information of the relay node Z, and is easy to know that the corresponding key identifier of KAZ, KBZ, KCZ, KDZ is KeyIDAZ, keyIDBZ, keyIDCZ, keyIDDZ and needs to calculate
Figure SMS_2
The group indirect key exclusive-or information (n is the number of adjacent nodes, 4 is substituted into a formula in the embodiment), namely 3 groups of indirect key exclusive-or information, wherein key exclusive-or values are KBZ KCZ, KBZ, KDZ, key exclusive-or value association key identifiers are { KeyIDBZ, keyIDCZ }, { KeyIDBZ, keyIDDZ }, { KeyIDCZ, keyIDDZ }, and Prev and Next link node identifiers are { B, C }, { B, D }, and { C, D }, respectively.
The key exclusive-or value KBZ of Prev and Next link node identifier { B, C } is easily known, and can be calculated by the first exclusive-or value and the second exclusive-or value (KAZ } { KCZ) } (KAZ } KCZ), the key exclusive-or value associated key identifier { KeyIDBZ, keyIDCZ } is obtained from the known key identifier according to the node identifier, so as to obtain a first set of indirect key exclusive-or information with a stored data structure of { KAZ } KCZ, { KeyIDAZ, keyIDCZ }, { a, C }, and by such pushing, the stored data structure is { KBZ }, keyIDBZ, keyIDDZ }, { B, D }, { KCZ } KDZ, { KeyIDCZ, keyIDDZ }, and finally, the global exclusive-or value scheduling information for the scheduling center DC creation maintenance in this embodiment is:
(1){KAZ⊕KBZ, {KeyIDAZ, KeyIDBZ}, {A, B}}
(2){KAZ⊕KCZ, {KeyIDAZ, KeyIDCZ}, {A, C}}
(3){KAZ⊕KDZ, {KeyIDAZ, KeyIDDZ}, {A, D}}
(4){KBZ⊕KCZ, {KeyIDBZ, KeyIDCZ}, {B, C}}
(5){KBZ⊕KDZ, {KeyIDBZ, KeyIDDZ}, {B, D}}
(6){KCZ⊕KDZ, {KeyIDCZ, KeyIDDZ}, {C, D}}。
as can be seen from a combination of the structure, method and embodiment of the present invention, the present invention has the following features:
1. the dispatching center acquires global relay node key exclusive-or information, calculates every two exclusive-or values among all link keys in the whole network based on node adjacency relationship, and caches the two exclusive-or values to a global key exclusive-or information list for use in global key exclusive-or information forwarding service, so that repeated calculation and reporting forwarding of exclusive-or values on each node path are avoided;
2. the relay node can also acquire the shared key consistent with other nodes through global key exclusive or information forwarding, the relay node can also provide keys for upper-layer applications as required, the application design is simplified, the consistent key can be acquired between two applications only through interactive key identification and acquiring a designated identification key from a connected key management node, the scene requirement of a complex application network is met, and the application value is improved;
3. through global key exclusive-or information forwarding, the node safely obtains other link keys through local key exclusive-or decryption, the quantum key quantity of a single node is improved, and the improvement degree is related to the QKD link number in the network.

Claims (7)

1. The quantum key global relay method based on the dispatching center is characterized by comprising the following steps of:
(S1-1) all quantum key management nodes in the quantum network are connected with a dispatching center, and the quantum key management nodes report adjacent node relation information to the dispatching center;
(S1-2) the dispatching center creates, stores and maintains a global node topology table according to the adjacent node relation information reported by the quantum key management node, traverses the global node topology table and determines a relay node;
(S1-3) the dispatching center respectively requests quantum key exclusive OR information from the relay nodes, and the relay nodes calculate the key exclusive OR information and report the key exclusive OR information:
the scheduling center requests quantum key exclusive-or information to the relay nodes respectively, any relay node reports quantum key exclusive-or response information, and according to the number N of adjacent downlink links, quantum key exclusive-or information of at least N-1 units is required to be reported, and the quantum key exclusive-or information of each unit comprises: prev link node identification, next link node identification, relay node self identification, prev link key identification, next link key identification, key exclusive-or value of a specified unit,
the relay node reports the quantum key exclusive or response information,
when the relay node has N adjacent nodes, for the relay node, N > =2, when N=2, the relay node performs quantum key exclusive-OR on the two links, and assembles quantum key exclusive-OR response; when N >2, the relay node uses a certain link key as a reference key and is exclusive-or with other link keys to obtain quantum key exclusive-or information of N-1 units, which is called direct key exclusive-or information,
the direct key exclusive-or information is the minimum data volume key exclusive-or information reported by each relay node and depends on the number of adjacent nodes of the relay node;
(S1-4) the dispatching center receives the key exclusive OR information, calculates indirect exclusive OR information and finally generates a global key exclusive OR information list:
the dispatching center receives and processes direct key exclusive-OR information reported by the relay node, calculates indirect key exclusive-OR information which is not directly reported by the relay node, and caches the direct and indirect key exclusive-OR information to a global key exclusive-OR information list; when the relay node has N adjacent nodes, and when N=2, no indirect key exclusive or information exists, and the dispatching center does not need to calculate; when N >2, the dispatching center organizes and exclusive-ors again based on the direct key exclusive-or information of the N-1 units to obtain indirect key exclusive-or information,
the indirect key exclusive-or information is a pairwise exclusive-or value between the calculated non-reference keys based on the direct key exclusive-or information reported by the relay node by the dispatching center;
(S1-5) the scheduling center traversing a shortest path from any one node as a source node to any other node as a destination node based on the global node topology table to determine a shortest path;
(S1-6) the scheduling center calculating key exclusive-or information for realizing key sharing between the source node and the destination node based on the shortest path and the global key exclusive-or information list;
(S1-7) the dispatching center assembles key exclusive-or dispatching information according to the exclusive-or information list of each node in turn and sends the key exclusive-or dispatching information to the corresponding node;
and (S1-8) the node receives the exclusive-or scheduling information sent by the scheduling center, and takes out the corresponding key for exclusive-or decryption to obtain other node keys according to the own key identification of the node indicated by the exclusive-or scheduling information.
2. The dispatch center-based quantum key global relay method of claim 1, wherein the shortest path comprises a source node identification, a next hop relay node identification, and a next hop relay node identification, thereby reaching a destination node identification.
3. The quantum key global relay method based on the dispatch center of claim 1, wherein in step (S1-6), for each shortest path, the associated key exclusive-or information is retrieved from the global key exclusive-or information list, and then exclusive-or is performed one by one, so as to obtain the key exclusive-or value for realizing key sharing from the source node to the destination node of the shortest path.
4. A quantum key global relay method based on a dispatching center as claimed in claim 3, wherein the associated key exclusive-or information is retrieved from a global key exclusive-or information list, the associated key exclusive-or value and two groups of key identifiers are retrieved from the global key exclusive-or information list according to the shortest path each relay node identifier, prev node identifier and Next node identifier as retrieval parameters, the exclusive-or values of the keys are exclusive-or operated to finally obtain the exclusive-or value of the source node quantum key and the destination node quantum key, the key identifiers of the two groups of keys corresponding to the key exclusive-or value are easy to know, and the exclusive-or value of the source node quantum key and the destination node key identifier are added to the exclusive-or value dispatching information list to be sent to the source node.
5. The quantum key global relay method based on the dispatching center of claim 1, wherein the dispatching center receives and processes the direct key exclusive or information reported by the relay node, and adopts a network model of master-slave Reactor plus Worker thread pool to process and cache the communication message.
6. The quantum key global relay method based on the dispatching center of claim 1, wherein the dispatching center traverses a shortest path from any node as a source node to any other node as a destination node based on a global node topology table, and further comprising abstracting a shortest path search between any two nodes of a global network into a shortest path search based on a connectivity graph.
7. The quantum key global relay method based on the dispatching center of claim 6, wherein the shortest path search abstraction between any two nodes of the global network is a shortest path search based on a connectivity graph, and the using algorithm includes, but is not limited to, breadth-first search algorithm, depth-first traversal algorithm, floyd algorithm, dijkstra algorithm, bellman-Ford algorithm.
CN202210483607.4A 2022-05-06 2022-05-06 Quantum key global relay method and system based on dispatching center Active CN114900293B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210483607.4A CN114900293B (en) 2022-05-06 2022-05-06 Quantum key global relay method and system based on dispatching center

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210483607.4A CN114900293B (en) 2022-05-06 2022-05-06 Quantum key global relay method and system based on dispatching center

Publications (2)

Publication Number Publication Date
CN114900293A CN114900293A (en) 2022-08-12
CN114900293B true CN114900293B (en) 2023-05-05

Family

ID=82719233

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210483607.4A Active CN114900293B (en) 2022-05-06 2022-05-06 Quantum key global relay method and system based on dispatching center

Country Status (1)

Country Link
CN (1) CN114900293B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115499125B (en) * 2022-11-18 2023-03-24 北京安盟信息技术股份有限公司 Method, system, medium and device for secure distribution of multi-tenant key in cloud environment
CN115865334B (en) * 2022-11-24 2023-07-21 北京百度网讯科技有限公司 Quantum key distribution method and device and electronic equipment

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109995510A (en) * 2017-12-29 2019-07-09 成都零光量子科技有限公司 A kind of quantum key relay services method

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111865567B (en) * 2019-04-29 2021-11-30 科大国盾量子技术股份有限公司 Relay method, device, system, equipment and storage medium of quantum key
CN110690960B (en) * 2019-09-01 2022-02-22 成都量安区块链科技有限公司 Routing service method and device of relay node
CN112367163B (en) * 2019-09-01 2023-09-26 成都量安区块链科技有限公司 Quantum network virtualization method and device
CN112910639B (en) * 2021-02-05 2022-06-24 北京邮电大学 Quantum encryption service transmission method under multi-domain scene and related equipment

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109995510A (en) * 2017-12-29 2019-07-09 成都零光量子科技有限公司 A kind of quantum key relay services method

Also Published As

Publication number Publication date
CN114900293A (en) 2022-08-12

Similar Documents

Publication Publication Date Title
CN114900293B (en) Quantum key global relay method and system based on dispatching center
CN110008717B (en) Decision tree classification service system and method supporting privacy protection
Lu A new communication-efficient privacy-preserving range query scheme in fog-enhanced IoT
CN110581763B (en) Quantum key service block chain network system
CN108880814A (en) A kind of dynamic cluster wireless sensor network key management method
CN102356597B (en) A method for secure communication in a network, a communication device, a network and a computer program therefor
CN103873236B (en) One kind can search for encryption method and equipment
CN110650116B (en) Multi-type multi-dimensional data aggregation method for security smart power grid
Long et al. An advanced key management scheme for secure smart grid communications
Bavdekar et al. Post quantum cryptography: A review of techniques, challenges and standardizations
Zhou et al. Device-oriented keyword-searchable encryption scheme for cloud-assisted industrial IoT
CN112994883B (en) Symmetric key negotiation system and method based on quantum key and true random number source
Saraswathi et al. Dynamic and probabilistic key management for distributed wireless sensor networks
Kayem et al. Key management for secure demand data communication in constrained micro-grids
CN107231628B (en) Safety data fusion method suitable for multiple application scenes
Chen et al. A quantum key distribution routing scheme for hybrid-trusted QKD network system
Delgosha et al. A multivariate key-establishment scheme for wireless sensor networks
CN114401085B (en) Network architecture and key storage method of quantum secret communication network
CN114362938B (en) Quantum communication key management dynamic route generation network architecture and method
CN114362939B (en) Dynamic route forwarding method, storage device and intelligent terminal based on trusted relay quantum secret communication network
Pakniat Public key encryption with keyword search and keyword guessing attack: a survey
Pan et al. Secure control using homomorphic encryption and efficiency analysis
CN114547649A (en) Database encryption method and system
Yang et al. Cross domain authentication based on blockchain for mobile terminals in edge computing environment
Tang et al. Fine-grained Access Control Mechanism of Industrial Internet of Things Based on DAG Blockchain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant