CN116319010B - Method for detecting QKD system defect and hacking based on machine learning - Google Patents
Method for detecting QKD system defect and hacking based on machine learning Download PDFInfo
- Publication number
- CN116319010B CN116319010B CN202310287166.5A CN202310287166A CN116319010B CN 116319010 B CN116319010 B CN 116319010B CN 202310287166 A CN202310287166 A CN 202310287166A CN 116319010 B CN116319010 B CN 116319010B
- Authority
- CN
- China
- Prior art keywords
- pulse
- alice
- quantum
- bit
- hacking
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000007547 defect Effects 0.000 title claims abstract description 65
- 238000000034 method Methods 0.000 title claims abstract description 35
- 238000010801 machine learning Methods 0.000 title claims abstract description 24
- 238000001514 detection method Methods 0.000 claims abstract description 18
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 11
- 238000003745 diagnosis Methods 0.000 claims abstract 2
- 238000005259 measurement Methods 0.000 claims description 26
- 238000002360 preparation method Methods 0.000 claims description 18
- 230000004044 response Effects 0.000 claims description 16
- 238000012549 training Methods 0.000 claims description 13
- 239000013598 vector Substances 0.000 claims description 12
- 238000003066 decision tree Methods 0.000 claims description 11
- 238000007637 random forest analysis Methods 0.000 claims description 11
- 239000000523 sample Substances 0.000 claims description 11
- 230000000694 effects Effects 0.000 claims description 9
- 238000013145 classification model Methods 0.000 claims description 8
- 238000012360 testing method Methods 0.000 claims description 8
- 230000001427 coherent effect Effects 0.000 claims description 6
- 230000001550 time effect Effects 0.000 claims description 4
- 238000006243 chemical reaction Methods 0.000 claims description 3
- 238000012937 correction Methods 0.000 claims description 3
- 238000005070 sampling Methods 0.000 claims description 3
- 238000004364 calculation method Methods 0.000 claims description 2
- 238000004458 analytical method Methods 0.000 abstract description 5
- 230000005540 biological transmission Effects 0.000 description 5
- 238000004891 communication Methods 0.000 description 4
- 239000011159 matrix material Substances 0.000 description 4
- 229910000530 Gallium indium arsenide Inorganic materials 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000000926 separation method Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 239000000969 carrier Substances 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000005610 quantum mechanics Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N10/00—Quantum computing, i.e. information processing based on quantum-mechanical phenomena
- G06N10/60—Quantum algorithms, e.g. based on quantum optimisation, quantum Fourier or Hadamard transforms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N20/00—Machine learning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Evolutionary Computation (AREA)
- Data Mining & Analysis (AREA)
- Mathematical Physics (AREA)
- Artificial Intelligence (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Pure & Applied Mathematics (AREA)
- Condensed Matter Physics & Semiconductors (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Medical Informatics (AREA)
- Computational Mathematics (AREA)
- Electromagnetism (AREA)
- Optical Communication System (AREA)
Abstract
The invention discloses a QKD system defect and hacking detection method based on machine learning, which comprehensively considers several common equipment defect faults and quantum hacking means in a real environment and is applied to the fault diagnosis of an actual quantum key distribution system. The invention analyzes the difference between the actual security and the theoretical security in the quantum key distribution system, quantifies possible defect faults and potential hacking attacks of devices in the system and carries out modeling analysis. In addition, the method can rapidly and accurately judge the defect fault type of the device in the actual quantum key distribution system by using a classification and prediction algorithm based on machine learning, actively feed back the defect fault in the system, and guide a user to effectively prevent the device fault of the system and the attack of an eavesdropper by an attacker on the probability of intercepting and re-transmitting the signal, thereby improving the actual safety of the quantum key distribution system.
Description
Technical Field
The invention relates to the technical field of quantum cryptography, in particular to a method for detecting QKD system defects and hacking based on machine learning.
Background
As a core field of quantum communication, quantum key distribution (Quantum Key Distribution, QKD) improves the security of communications mainly by means of laws of physical security of quantum mechanics. It allows both parties to generate and share a secret, secure and random key for encrypting and decrypting information content in the system, which is also a proprietary advantage of quantum key distribution over traditional communications. However, since the concept of quantum key distribution was proposed, its practical security analysis has been a topic of great interest. There is a difference between the safety of an actual system and the theoretical safety, mainly because theoretical safety analysis does not adequately take into account the imperfections of non-ideal devices in an actual QKD system. Since Bennett and Brassard proposed the first QKD protocol, over 30 years have elapsed, and a great deal of theoretical and experimental work has been done in this area. To make up for the gap between theoretical and practical settings, researchers have proposed different protocols and methods. However, the actual performance of the BB84 protocol is limited by the internal structure of the model and the characteristics of the device itself, which have inherent drawbacks.
The ideal BB84 protocol requires the use of a single Photon source, otherwise it is not resistant to Photon number separation attacks (Photon-number splitting attack). Since in an actual quantum key distribution system a true single photon source is not present. Therefore, weak coherent light sources are generally used in combination with the idea of decoy states to resist photon number separation attacks. When estimating the security key rate by the decoy method, it is necessary to know the magnitude of the amplitude of the decoy and the output signal state of the light source. However, due to quantum fluctuation of the light amplitude and non-ideal characteristics of the modulation device, the actual light intensity value output by the weak coherent light source has random fluctuation relative to the expected value, and errors are brought to the estimation of the security key rate. When the amplitude of the fluctuations is outside a certain range, the QKD protocol will be forced to stop running to adjust for errors. To achieve long-range key distribution, fiber QKD systems typically operate in the 1550nm band, where infrared single-photon detectors of InGaAs/InP avalanche tubes are typically used, which are relatively high in quantum efficiency and simple in structure. Also, to reduce dark counts, inGaAs/InP avalanche tube based detectors are typically operated in gate mode at-30-50 degrees celsius. The gating mode detector can only perform effective detection during the gating signal, and the detection efficiency of the gating mode detector can change along with the arrival time of photons. Such efficiency changes can become an attack vulnerability under certain conditions. Under normal operating conditions, a single photon reaches the detector, which outputs an avalanche signal once. However, single photon detectors also respond to intense light signals. The attacker can also make the single photon detector produce specific output by using strong light signals, so that the attacker can attack. Since the inherent semiconductor structure defect of an InGaAs/InP avalanche transistor can trap carriers and release them when no photons come in, thus producing an avalanche signal, the device is prone to false detection pulse output after a normal detection signal, which is called post-pulse effect. In order to reduce the post-pulse effect, a certain dead time needs to be set after one effective detection to reduce the probability of false detection pulses occurring. An attacker can still attack using dead time as a vulnerability. In addition, active optics commonly used in practical QKD systems are Phase Modulators (PMs), intensity Modulators (IMs), and the like. The phase modulator is mainly applied to randomize the phase of weak coherent states in a decoy state scheme and perform phase encoding and decoding modulation in a phase encoding BB84 protocol scheme; the light intensity modulator is mainly used for preparing signal states or modulating continuous light output by the laser into light pulses. These devices are subject to environmental factors, and certain imperfections may exist. These imperfections can lead to corresponding errors, leakage of side channel information, and even device manipulation by a remote eavesdropper Eve, which typically can compromise the security of the QKD system by stateful preparation errors, phase errors, and truncated retransmission attacks. An eavesdropper can use the loopers to introduce bit error rates below theoretical tolerable thresholds, so that part or even all of the security key information can be acquired without being discovered by both communication parties.
However, the current method still requires a lot of manual effort to detect errors and attacks present in the system, and both Alice and Bob must perform multiple iterative computations to obtain accurate estimates, affecting the actual performance of the QKD system. How to quickly and accurately find errors and attacks caused by imperfections of devices in a quantum key distribution system is a problem to be solved. Furthermore, the estimation process is typically performed after the key transmission process is completed, and once an attack is found, the entire key data should be discarded, wasting a lot of time and resources. Therefore, a research model capable of replacing the traditional manual detection and rapidly and accurately judging the defect faults and hacking attacks of devices in the quantum key distribution system is needed, so that the safety and practical application value of the system are improved.
Disclosure of Invention
The invention aims at overcoming the defects of the prior method and providing an improved method for performing classification prediction feedback on various device defect faults and hacking attacks based on machine learning, wherein the method is applied to various quantum key distribution protocols and various coding systems.
In order to achieve the above purpose, the present invention proposes a method for detecting a fault of a quantum key distribution system and hacking based on machine learning. According to the method, a machine learning model is applied to a quantum key distribution system, a QKD system detects data to carry out security analysis on equipment defect faults and hacking attacks in the system, a classification and prediction algorithm is used for carrying out efficient and accurate judgment, and after the defect fault types of devices in an actual QKD system are judged, the size of the defect faults in an active feedback system is used for guiding a user to effectively prevent the device faults of the system and the attacks of eavesdroppers, so that the security of the quantum key distribution system is improved. The method comprises the following steps:
the invention relates to a detection method for defect faults and hacking attacks of a quantum key distribution system based on machine learning, wherein the quantum key distribution system refers to a time-phase coded quantum key distribution system, and comprises a sending end Alice and a receiving end Bob; the method comprises the following steps:
step 1, acquiring a data set
At the Bob end, after invalid data is removed through the base pairs of the two parties, the count of 32 combinations under the signal state intensity and the decoy state intensity v intensity is obtained according to the response result of the detectorAnd a system defect or hacking tag corresponding to each count; wherein x ε { μ, v } represents the pulse intensity chosen by Alice, +.>Representing the preparation quantum state of Alice, +.>Representing quantum states received by Bob, wherein a, b E {0,1,2,3} correspond to the response results of the detector and respectively represent an event Z-based coded bit 0, a Z-based coded bit 1, an X-based coded bit 0 and an X-based coded bit 1;
the system defects comprise state preparation errors, light source fluctuation, phase errors, post pulse effects, dead time effects and detector efficiency mismatch defects; wherein, the state preparation error and the light source fluctuation are caused by an intensity modulator, the phase error is caused by a phase modulator, the post pulse effect and the dead time effect are caused by a superconducting detector, and the hacking attack is interception retransmission attack caused by an attacker Eve;
step 2, establishing an error classification model based on a random forest algorithm
The input of the error classification model is the countLabels output as different types of errors or attacks;
the data set is divided into training data and test data, the training set is used for completing the establishment of the model, and the test set is used for evaluating the model through accuracy indexes and precision indexes.
Further, the accuracy index and the precision index in the step 2 are respectively:
where P refers to the number of samples of positive examples, N refers to the number of samples of negative examples, TP refers to the number of positive examples predicted correctly, FP refers to the number of positive examples predicted as negative examples, FN refers to the number of positive examples predicted as negative examples, and TN refers to the number of positive examples predicted correctly.
Further, the method for detecting defect faults and hacking attacks of the quantum key distribution system of the invention further comprises the following steps:
step 3, establishing an error prediction model based on a random forest algorithm, and countingAnd the error type output by the error classification model is used as the input of the error prediction model, the error value is used as the output, and the error prediction model is trained to obtain a trained error prediction model;
input QKD system probe data countAnd outputting an error value through the error prediction model by the error type to the trained error prediction model.
Further, count in step 1The calculation method of (2) is as follows:
step 1.1, at the transmitting end, for each light pulse emitted by the laser, alice randomly selects an x base and a Z base, prepares and transmits a quantum state |phi under three intensities of a signal state, a decoy state and a vacuum state jα >The intensity of each pulse is modulated and the base information and the bit information are recorded; wherein |phi jα >A quantum state prepared for Alice with errors due to non-ideal intensity modulator and phase modulator; alpha epsilon { X, Z } is the basis vector used by Alice; j epsilon {0,1} is bit information;
the specific representation of the quantum states prepared by Alice is as follows:
wherein delta 1 ,δ 2 ,δ 3 ,δ 4 Representing the state preparation errors and delta generated by the IM preparation time bits, respectively 1 =δ 2 ,δ 3 =δ 4 ,θ 1 ,θ 2 Representing the phase error produced by the relative phase of the PM modulation and β representing the deflection angle of the reference frame.
In addition, because the actual light intensity value of the weak coherent light source output by the laser fluctuates, the factor of the fluctuation of the light intensity is also taken into consideration; after the fluctuation of the light intensity is considered, the actual light intensity value is
μ=μ×(1±I),v=v×(1±I),w=w×(1±I ) Wherein I is light intensity fluctuation, mu, v and w respectively represent a signal state, a decoy state and a vacuum state.
Step 1.2 Bob performs a projection measurement on the received light pulse
Two threshold detectors are arranged at the Bob receiving end, the two detectors are respectively used for detecting the event bit 0 or bit 1, and the efficiency is respectively marked as eta 0 And eta 1 Defining that only one detector response is a valid event; if Bob receives the light pulse, randomly selecting Z base or X base for measurement, recording the measurement result and the used base vector according to the response condition of the detector, and definingIs Alice selection signal pulse or decoy pulse to prepare quantum state +.>Under the conditions of Bob using ζ B Probability of b corresponding to the measurement result after the base measurement,/->There are 32 cases in total;
step 1.3, consider the occurrence of a intercept retransmission attack
The events sent or received by the user may be 0,1,2 and 3, respectively representing four quantum states of Z-base encoding bit 0, Z-base encoding bit 1, X-base encoding bit 0 and X-base encoding bit 1, taking Alice sending bit 0 and Eve sending bit 0 as an example, bob has half the probability of receiving bit values of 0, so that the attacked bit values areThe expression is as follows:
defining gamma as the probability of Eve's attack, so consider intercepting the table after the probability of a replay attack occursThe following is shown:
similarly, the probability under different conditions can be obtained
Probability under corresponding conditions by selecting different total pulse numbers from the receiving and transmitting sidesConversion to the corresponding count->The concrete representation is as follows:
wherein N is 0 Representing the total number of pulses, c DT Representing correction factors, P, caused by dead time of detector x Representing the probability that Alice sends different pulse intensities, and X epsilon { mu, v }, l representing the basis vector chosen by Alice, r representing the basis vector chosen by Bob, and l, r epsilon { Z, X }; when a (b) e {0,1}, l, r=z, and when a (b) e {2,3}, l, r=x.
Further, the method comprises the steps of,preparation of the Quantum states for the selection of signal pulses in Alice>Under the conditions of Bob using ζ B The probability of the corresponding measurement result after the base measurement is 0 is expressed as follows:
wherein P is n (mu) is the light source distribution with the number of signal state pulse photons of n,representing the preparation quantum state of Alice, +.>Representing quantum states received by Bob, wherein a, b E {0,1,2,3} correspond to the response result of the detector and respectively represent four quantum states of Z-based coded bit 0, Z-based coded bit 1, X-based coded bit 0 and X-based coded bit 1; f (j) is the probability of an event being detected effectively with j photon numbers, and +.>
If the effect of the post-pulse is considered,wherein d represents the dark count of the detector, P ap Is the post-pulse probability;
similarly, the result of all conditions of Alice selecting two different pulse conditions can be obtainedThe two pulses refer to a signal pulse and a decoy pulse.
Compared with the prior art, the invention has the beneficial effects that: compared with the conventional defect fault and hacking attack detection scheme of the quantum key distribution system, the method and the device have the advantages that the effective event count received by the receiving end is utilized to train a random forest model, the defect fault and external attack of the device are efficiently and accurately distinguished by using a classification and prediction algorithm, corresponding devices in the system are calibrated according to different defect faults or attack types, a study object is converted into the corresponding devices from the different defect faults, and the user error is informed. The method is applicable to various quantum key distribution protocols and various coding systems, is not influenced by specific protocols and coding types, has high feasibility and strong universality, and results show that the total classification and prediction time length under the scheme of the invention only needs a few seconds, the accuracy exceeds 99 percent, a user can effectively prevent device faults inside the system and attacks from the outside, and the safety of the quantum key distribution system is fully ensured.
Drawings
FIG. 1 is a technical roadmap of the present invention for a system defect failure and hacking detection method based on machine learning;
FIG. 2 is a schematic diagram of a system defect fault and hacking classification and prediction flow using a random forest algorithm in accordance with the present invention;
fig. 3 is a graph of the result of the confusion matrix for determining the type of system defect failure and hacking source device of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. It should be apparent that the described embodiments are merely some, but not all, examples of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The invention provides a method for detecting defect faults and hacking attacks of a quantum key distribution system based on machine learning, which is suitable for various quantum key distribution systems, wherein the method considers the actual defects of devices and the hacking attacks, wherein the actual defects of the devices comprise the defect faults of an intensity modulator, a phase modulator and a superconducting detector, and the hacking attacks refer to interception and retransmission attacks adopted by Eve on the system. In this embodiment, a BB84 QKD system using time-phase encoding is described as an example, and the system includes a transmitting terminal Alice, a receiving terminal Bob, and a third party Eve if any. The laser at Alice end generates light pulses, the intensity modulator IM changes randomly to realize a decoy state technology, the phase modulator PM is adjusted to encode each light pulse, and the light pulses reach the receiving end Bob through a channel to be measured. Fig. 1 is a technical roadmap of the method for detecting defect faults and hacking attacks of a quantum key distribution system based on machine learning, comprising the following steps:
(1) For each light pulse emitted by the laser, alice randomly selects X groups and Z groups, prepares and transmits signal states, and quantum state |phi under three intensities of a decoy state and a vacuum state jα >And the intensity of each pulse is modulated with a certain probability and the base information and the bit information are recorded. Wherein |phi jα >Consider for Alice a quantum state prepared with errors due to non-idealities of the devices such as intensity modulators, phase modulators, etc.; alpha epsilon { X, Z } is the basis vector used by Alice; j e {0,1} is bit information. The specific representation of the quantum states prepared by Alice is as follows:
wherein delta 1 ,δ 2 ,δ 3 ,δ 4 Representing the state preparation errors and delta generated by the IM preparation time bits, respectively 1 =δ 2 ,δ 3 =δ 4 ,θ 1 ,θ 2 Representing the phase error produced by the relative phase of the PM modulation and β representing the deflection angle of the reference frame. Here delta 1 ,δ 2 ,δ 3 ,δ 4 、θ 1 ,θ 2 And beta is assumed to be the maximum value under the steady operation condition of the system, and the parameters in the actual system do not exceed the maximum value. Furthermore, for three different intensity values, μ, ν, w (μ > ν, w=0) represent signal states respectively,the intensity of each laser pulse is modulated with a certain probability, both in the decoy state and in the vacuum state.
Because of the quantum fluctuation of the light amplitude and the non-ideal nature of the modulation device itself, the actual light intensity value output by the weak coherent light source has random fluctuations with respect to the expected value, and therefore the actual light intensity value should be set to μ=μ× (1 shi I), v=v× (1 shi I), w=w× (1±i), where I is the light intensity fluctuation.
(2) Two threshold detectors are arranged at the Bob receiving end, the two detectors are respectively used for detecting the event bit 0 or bit 1, and the efficiency is respectively marked as eta 0 And eta 1 There is defined and only one detector response as a valid event. Definition of the definitionPreparation of the Quantum states for the selection of signal pulses in Alice>Under the conditions of Bob using ζ B The probability of the corresponding measurement result after the base measurement is 0 is expressed as follows:
wherein P is n (mu) is the light source distribution with the number of signal state pulse photons of n,representing the preparation quantum state of Alice, +.>And the quantum states received by Bob are represented, and a, b E {0,1,2,3} correspond to the response results of the detector and respectively represent an event Z-based coded bit 0, a Z-based coded bit 1, an X-based coded bit 0 and an X-based coded bit 1.F (j) is the probability of an event being detected effectively with j photon numbers, and +.>
If the effect of the post-pulse is considered,wherein d represents the dark count of the detector, P ap Is the post-pulse probability. Considering the defect of mismatching of detection efficiency, the efficiency of two detections is different at different moments. Since the detector is on the receiver side, when Bob's measurement is encoded bit 0, the probability and η under its corresponding conditions 0 Related to η 1 And (5) correlation.
Similarly, the results of all cases where Alice selects two different pulse conditions can be obtained:where x ε { μ, v } represents the pulse intensity chosen by Alice. />Is Alice selection signal pulse or decoy state pulse to prepare quantum stateUnder the conditions of Bob using ζ B Probability of b corresponding to the measurement result after the base measurement,/->There are 32 cases in total.
Due to the loss to some extent in the optical fiber transmission process, part of the light pulse sent by Alice cannot be detected by Bob, so that transmission failure is caused. If Bob receives the light pulse, the Z base or the X base is randomly selected for measurement, and the measurement result and the used base vector are recorded according to the response condition of the detector.
Intercept-replay attacks are the simplest and common means of attack within classical cryptography studies. Eve may first intercept the signal from the transmission for measurement, save the measurement result, prepare the same signal as the measurement result and send it to Bob. Therefore, on the basis of the above, it is necessary to consider the influence of an attacker on the attack of the quantum key distribution system by intercepting the retransmission.
Modeling this attack: the probability of Eve sending different coded bits under the condition that Alice sends different bits (Eve intercepts different bits) is analyzed. The events sent or received by the user may be 0,1,2, and 3, which respectively represent four quantum states of Z-base encoded bit 0, Z-base encoded bit 1, X-base encoded bit 0, and X-base encoded bit 1. Taking Alice to send bit 0 and Eve to send bit 0 as an example, bob has half the probability of receiving a bit value of 0 because 0 and 1 belong to the Z base. Because 2,3 belong to the code bits under the X base, bob has a quarter probability of receiving a bit value of 2,3, respectively. Therefore, if a transmission interception retransmission attack occurs, the attack is followedThe expression is as follows:
defining gamma as the probability of Eve's attack, consider intercepting a replay attack after probabilistic occurrenceThe expression is as follows:
similarly, the probability under different conditions can be obtained
On the basis, the probability under the corresponding condition is selected by the difference between the total pulse number and the receiving and transmitting sidesConversion to the corresponding count->The concrete representation is as follows:
wherein N is 0 Representing the total number of pulses, c DT Representing correction factors, P, caused by dead time of detector x Representing the probability that Alice sends different pulse intensities and X e { μ, v }, l representing Alice's chosen basis vector, r representing Bob's chosen basis vector and l, r e { Z, X }. When a (b) e {0,1}, l, r=z, and when a (b) e {2,3}, l, r=x.
Further, after the measurement phase has resulted in a data set of successful response events, the data set includes counts of 32 different combinationsAnd classifying different defects and attacks of the system by using a machine learning method with different defects and hacking type labels in the system, and judging various defect faults and potential attack types of devices in the system by using a random forest, as shown in figure 2. Random forests are an optimized version of the Bagging algorithm based on a tree model, using CART decision trees as the base learner. Its input is sample set D, and for T E {1,2, …, T }, the sample set D can be obtained by randomly sampling the training set for the T-th time T . The T decision tree model is then trained with the sample set. When training the decision tree model node, selecting a part of sample features from all sample features on the node, selecting an optimal feature to divide left and right subtrees of the decision tree, classifying the scene, and taking the category of the most votes cast by T decision trees as the final category for judgment, wherein the following steps are described in detail:
(1) At the Bob end, after invalid data is removed through the base pairs of the two parties, the count of 32 combinations under the signal state intensity mu and the decoy state intensity nu intensity is obtained according to the response result of the detectorThe system is subjected to processing such as characteristic engineering and the like, and the dark counting rate Y of the system is comprehensively considered 0 Background error code e d Total pulse number N 0 Detection efficiency eta of detector 0 、η 1 And various parameters which can cause the final security key rate change in the system such as the system frequency f and the like are valued in a reasonable common range, so that a complete data set is obtained. The corresponding system parameters are set as follows:
table 1: system parameter interval
Where f is the system frequency, η 0 、η 1 The ranges are consistent but different to simulate the influence of defects with unmatched detection efficiency on the system. Meanwhile, according to the influence of the actual environment on the system, a proper range is set for different defect faults or attack parameters, as shown in table 2:
table 2: systematic error setting interval
Wherein Deltaeta is the mismatch degree of the efficiency of the two detectors, P ap For post-pulse probability τ death Detector dead time size.
(2) The model input is 32-group countThe total data size is 110000, and the labels with different types of defects or attacks are output. The dataset is divided into training data and test data. Wherein the training set is 70% of the total data, and the test set is 30% of the total data. Model building using training set, passing accuracy using test setAnd (3) accuracy->And evaluating the model by the indexes and obtaining the confusion matrix. Wherein P refers to the number of samples of positive examples, N refers to the number of samples of negative examples, TP refers to the number of positive examples predicted correctly, FP refers to the number of positive examples predicted as negative examples, FN refers to the number of positive examples predicted as negative examples, TN refers to the number of positive examples predicted correctly, and finally an error classification model based on a random forest algorithm is established.
(3) Based on the above, after determining the error category of the device in the actual QKD system, in order to further inform the user of the error, the user is guided to perform a tighter security analysis, so that the security is further improved, and an error prediction model based on a random forest algorithm is established. Will countAnd the error type output by the error classification model is used as the input of an error prediction model, the error value is used as the output, the error prediction model is trained, the model trains a plurality of decision tree models, and then the result of model prediction is fused to give a final prediction result, so that the detection data count of the QKD system is inputAnd the error types are transmitted to a trained error prediction model, and different error sizes can be output through the model. And the study object is converted into the corresponding device from different errors, so that errors brought by defect faults of different devices and hacking to the system are obtained, and the corresponding devices in the system are calibrated better for different errors or attack types, and the calibration is specifically shown in table 3.
Table 3: error category caused by different device defect faults and hacking
As can be seen from table 3, each device defect failure or hacking can produce one or more errors, but each error originates from only one device. Therefore, through the model, a user can quickly adjust corresponding devices or resist attack after determining the defect fault or the hacking type, so as to ensure the security of the system. The color depth in the confusion matrix of fig. 3 indicates the count, the abscissa indicates the machine learning model to judge that the defect fault or hacking attack is from the type of the device at present, the ordinate indicates the source of the device to which the actual system defect fault or hacking attack belongs, the diagonal element value of the matrix and the non-diagonal element are 0 to indicate that the system judging result is consistent with the real situation, the value on the non-diagonal line is not 0 to indicate the system judging error, the system judging accuracy is up to 99.54%, the total duration of training and testing only needs a few seconds, the user can be guided to effectively prevent the device fault and the hacking attack of the system, and the security of the quantum key distribution system is greatly improved.
The method is applicable to various quantum key distribution protocols and various coding systems, is not influenced by specific protocols and coding types, and has good universality. The method can be also applied to other quantum cryptography protocols, such as quantum digital signature, quantum key sharing, quantum random number generator and other application directions.
The above description is merely of preferred embodiments of the present invention, and the scope of the present invention is not limited to the above embodiments, but all equivalent modifications or variations according to the present disclosure will be within the scope of the claims.
Claims (9)
1. The method for detecting the defects and hacking of the QKD system for quantum key distribution based on machine learning is characterized in that the quantum key distribution system refers to a time-phase coded quantum key distribution system and comprises a sending end Alice and a receiving end Bob;
the method comprises the following steps:
step 1, acquiring a data set
At the Bob end, after invalid data is removed through the base pairs of the two parties, the count of 32 combinations under the signal state intensity mu and the decoy state intensity v intensity is obtained according to the response result of the detectorAnd a system defect or attack tag corresponding to each count; the system defects comprise state preparation errors, light source fluctuation, phase errors, post pulse effects, dead time effects and detector efficiency mismatch defects;
where x ε { μ, v } represents the pulse intensity chosen by Alice,representing the preparation quantum state of Alice, +.>Representing quantum states received by Bob, wherein a, b E {0,1,2,3} correspond to the response results of the detector and respectively represent an event Z-based coded bit 0, a Z-based coded bit 1, an X-based coded bit 0 and an X-based coded bit 1;
the countThe calculation method of (2) is as follows:
step 1.1, at the transmitting end, for each light pulse emitted by the laser, alice randomly selects X base and Z base, prepares and transmits a signal state, a quantum state |phi under three intensities of a decoy state and a vacuum state jα >The intensity of each pulse is modulated and the base information and the bit information are recorded; wherein |phi jα >A quantum state prepared for Alice with errors due to non-ideal intensity modulator and phase modulator; alpha epsilon { X, Z } is the basis vector used by Alice; j epsilon {0,1} is bit information; in addition, because the actual light intensity value of the weak coherent light source output by the laser fluctuates, the factor of the fluctuation of the light intensity is also taken into consideration;
step 1.2 Bob performs a projection measurement on the received light pulse
Two threshold detectors are arranged at the Bob receiving end, the two detectors are respectively used for detecting the event bit 0 or bit 1, and the efficiency is respectively marked as eta 0 And eta 1 Defining that only one detector response is a valid event; if Bob receives the light pulse, randomly selecting Z base or X base for measurement, recording the measurement result and the used base vector according to the response condition of the detector, and definingIs Alice selection signal pulse or decoy pulse to prepare quantum state +.>Under the conditions of Bob using ζ B Probability of b corresponding to the measurement result after the base measurement,/->There are 32 cases in total;
preparation of the Quantum states for the selection of signal pulses in Alice>Under the conditions of Bob using ζ B The probability of the corresponding measurement result after the base measurement is 0 is expressed as follows:
wherein P is n (mu) is the light source distribution with the number of signal state pulse photons of n,representing the preparation quantum state of Alice, +.>Representing quantum states received by Bob, wherein a, b E {0,1,2,3} correspond to the response result of the detector and respectively represent four quantum states of Z-based coded bit 0, Z-based coded bit 1, X-based coded bit 0 and X-based coded bit 1; f (j) is the probability of an event being detected effectively with j photon numbers, and +.>
If the effect of the post-pulse is considered,wherein D represents the dark count of the detector, P ap Is the post-pulse probability;
similarly, the results of all conditions under two different pulse intensities of Alice are obtainedStep 1.3, consider the occurrence of a intercept retransmission attack
The events sent or received by the user may be 0,1,2 and 3, respectively representing four quantum states of Z-base encoding bit 0, Z-base encoding bit 1, X-base encoding bit 0 and X-base encoding bit 1, taking Alice sending bit 0 and Eve sending bit 0 as an example, bob has half the probability of receiving bit values of 0, so that the attacked bit values areThe expression is as follows:
defining gamma as the probability of Eve's attack, consider intercepting a replay attack after probabilistic occurrenceThe expression is as follows:
similarly, obtain probabilities under different conditions
Probability under corresponding conditions by selecting different total pulse numbers from the receiving and transmitting sidesConversion to the corresponding countThe concrete representation is as follows:
wherein N is 0 Representing the total number of pulses, c DT Representing correction factors, P, caused by dead time of detector x Representing the probability that Alice sends different pulse intensities, and X epsilon { mu, v }, l representing Alice selected basis vectors, r representing Bob selected basis vectors, and l, r epsilon { Z, X }; when a (b) e {0,1}, l, r=z, and when a (b) e {2,3}, l, r=x;
step 2, establishing an error classification model based on a random forest algorithm
The input of the error classification model is the countLabels output as different types of errors or attacks;
the data set is divided into training data and test data, the training set is used for completing the establishment of the model, and the test set is used for evaluating the model through accuracy indexes and precision indexes.
2. The method for detecting defects and hacking attacks of a quantum key distribution QKD system based on machine learning according to claim 1, wherein the accuracy index and precision index in step 2 are respectively:
where P refers to the number of samples of positive examples, N refers to the number of samples of negative examples, TP refers to the number of positive examples predicted correctly, FP refers to the number of positive examples predicted as negative examples, FN refers to the number of positive examples predicted as negative examples, and TN refers to the number of positive examples predicted correctly.
3. The method for detecting defects and hacking attacks in a quantum key distribution QKD system based on machine learning of claim 1, further comprising:
step 3, establishing an error prediction model based on a random forest algorithm; will countAnd the error type output by the error classification model is used as the input of the error prediction model, the error value is used as the output, and the error prediction model is trained to obtain a trained error prediction model;
input QKD system probe data countAnd outputting an error value through the error prediction model after the error type reaches the trained error prediction model.
4. The method for detecting defects and hacking attacks in a quantum key distribution QKD system based on machine learning according to claim 1, wherein in step 1.1, alice prepares a quantum state specifically expressed as follows:
wherein delta 1 ,δ 2 ,δ 3 ,δ 4 Representing the state preparation errors and delta generated by the IM preparation time bits, respectively 1 =δ 2 ,δ 3 =δ 4 ,θ 1 ,θ 2 Representing the phase error produced by the relative phase of the PM modulation and β representing the deflection angle of the reference frame.
5. The method for detecting defects and hacking in a quantum key distribution QKD system based on machine learning according to claim 1, wherein in step 1.1, the actual light intensity value is μ=μ× (1±i), νv=ν× (1±i), and w=w× (1±i), where I is the light intensity fluctuation, μ, v, w represent the signal state, the spoof state, and the vacuum state, respectively, after considering the light intensity fluctuation.
6. The method of machine learning based detection of quantum key distribution QKD system defects and hacking according to claim 1, wherein the post-pulse effects, dead time effects, detector efficiency mismatches among the system defects are all due to detector defects.
7. The method for detecting defects and hacking attacks of a quantum key distribution QKD system based on machine learning according to claim 1, wherein after a data set of response events is obtained in a measurement stage, different system defects and attacks are classified by a machine learning method, and various defect faults and potential attack categories existing in devices in the system are determined by random forests; using CART decision tree as basic learner, inputting sample set D, and obtaining sample set D by T-th random sampling of training set for T E {1,2, …, T } T The method comprises the steps of carrying out a first treatment on the surface of the And training a T decision tree model by using a sampling set, selecting part of sample features from all sample features on nodes when training decision tree model nodes, selecting an optimal feature to divide left and right subtrees of the decision tree, and finally classifying scenes, wherein the category with the largest number of votes cast by the T decision trees is the final category for discrimination, thereby realizing real-time diagnosis of internal faults or external attacks by the system.
8. The method for detecting defects and hacking of a quantum key distribution QKD system based on machine learning according to claim 3, wherein different errors output by the error prediction model are converted into corresponding devices, so as to obtain errors brought by defect faults of different devices and hacking to the system, and the corresponding devices in the system are calibrated for different errors or attack types, and the devices comprise an intensity modulator, a phase modulator and a superconducting detector.
9. The method of machine learning based detection of quantum key distribution QKD system defects and hacking according to claim 8, wherein each device defect failure or hacking produces one or more errors, but each error originates from only one device; the device defects include defects of intensity modulators, phase modulators, and superconducting detectors.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310287166.5A CN116319010B (en) | 2023-03-21 | 2023-03-21 | Method for detecting QKD system defect and hacking based on machine learning |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310287166.5A CN116319010B (en) | 2023-03-21 | 2023-03-21 | Method for detecting QKD system defect and hacking based on machine learning |
Publications (2)
Publication Number | Publication Date |
---|---|
CN116319010A CN116319010A (en) | 2023-06-23 |
CN116319010B true CN116319010B (en) | 2023-11-21 |
Family
ID=86812951
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310287166.5A Active CN116319010B (en) | 2023-03-21 | 2023-03-21 | Method for detecting QKD system defect and hacking based on machine learning |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116319010B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116723054B (en) * | 2023-08-08 | 2023-10-27 | 合肥量芯科技有限公司 | Method for resisting detection efficiency mismatch loopholes introduced in calibration process |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110830247A (en) * | 2019-10-31 | 2020-02-21 | 中国人民解放军国防科技大学 | Blind vulnerability detection method and device for gated detector in quantum key distribution system |
CN112953973A (en) * | 2021-04-12 | 2021-06-11 | 中南大学 | Hybrid attack detection method for continuous variable quantum key distribution system |
CN114697009A (en) * | 2020-12-30 | 2022-07-01 | 科大国盾量子技术股份有限公司 | Device and method for detecting light source injection locking vulnerability of phase coding QKD equipment and attack end |
CN114765532A (en) * | 2020-12-30 | 2022-07-19 | 科大国盾量子技术股份有限公司 | Device and method for detecting light source injection locking loophole of polarization coding QKD (quantum key distribution) equipment and attack end |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB201720063D0 (en) * | 2017-12-01 | 2018-01-17 | Cambridge Entpr Ltd | Quantum security systems |
-
2023
- 2023-03-21 CN CN202310287166.5A patent/CN116319010B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110830247A (en) * | 2019-10-31 | 2020-02-21 | 中国人民解放军国防科技大学 | Blind vulnerability detection method and device for gated detector in quantum key distribution system |
CN114697009A (en) * | 2020-12-30 | 2022-07-01 | 科大国盾量子技术股份有限公司 | Device and method for detecting light source injection locking vulnerability of phase coding QKD equipment and attack end |
CN114765532A (en) * | 2020-12-30 | 2022-07-19 | 科大国盾量子技术股份有限公司 | Device and method for detecting light source injection locking loophole of polarization coding QKD (quantum key distribution) equipment and attack end |
CN112953973A (en) * | 2021-04-12 | 2021-06-11 | 中南大学 | Hybrid attack detection method for continuous variable quantum key distribution system |
Also Published As
Publication number | Publication date |
---|---|
CN116319010A (en) | 2023-06-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8082443B2 (en) | Pedigrees for quantum cryptography | |
Song et al. | Finite-key analysis for measurement-device-independent quantum key distribution | |
CN116319010B (en) | Method for detecting QKD system defect and hacking based on machine learning | |
Yang et al. | Measurement-device-independent entanglement-based quantum key distribution | |
US11818258B2 (en) | Method and system for quantum key distribution | |
CN112272085A (en) | Measuring equipment irrelevant quantum key distribution method based on time slice assisted Bell state measurement | |
Zhou et al. | Tight finite-key analysis for passive decoy-state quantum key distribution under general attacks | |
CN117879818B (en) | Quantum key distribution method and device based on mode pairing | |
CN115834046A (en) | Reference system independent quantum key distribution method with light source monitoring function | |
Li et al. | Statistical-fluctuation analysis for quantum key distribution with consideration of after-pulse contributions | |
Harrington et al. | Enhancing practical security of quantum key distribution with a few decoy states | |
Rao et al. | Noiseless attack and counterfactual security of quantum key distribution | |
CN113438076A (en) | Side-channel-free quantum key distribution method and system | |
Acín et al. | Secrecy properties of quantum channels | |
CN115276988B (en) | Four-strength measuring equipment independent key distribution method | |
Salas | Security of plug-and-play QKD arrangements with finite resources | |
Zhou et al. | Twin-field quantum key distribution with three mutually unbiased bases | |
CN114978501A (en) | Quantum random number generation method irrelevant to measuring equipment | |
CN112787815B (en) | Continuous variable quantum key communication method and system based on attack perception and defense | |
Anghel et al. | A comparison of several implementations of b92 quantum key distribution protocol | |
Song et al. | Concise security bounds for sending-or-not-sending twin-field quantum key distribution with finite pulses | |
Karabo et al. | A novel quantum key distribution resistant against large‐pulse attacks | |
CN116232597B (en) | Plug-and-play measurement device independent quantum digital signature method based on untrusted source | |
Yin et al. | Measurement-device-independent quantum key distribution based on Bell's inequality | |
RU2783977C1 (en) | Method for detecting a detector blinding attack in quantum cryptography systems with polarisation encoding |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |