IP recording system based on quantum encryption
Technical Field
The utility model relates to a IP recording system especially relates to a IP recording system based on quantum is encrypted.
Background
The IP telephone recording is that the recording server and the IP telephone are simultaneously connected to a network switch, a port mirror image is arranged on the network switch, port data connected with the IP telephone are simultaneously mirrored to a port connected with the recording server, the recording server can acquire an RTP voice stream of the IP telephone, the RTP voice stream is converted into a voice file and stored on a hard disk, and the other port of the recording server is connected to the network switch and used for recording and listening.
Quantum cryptography is a new cryptographic system, and is different from the traditional cryptographic system, and the quantum cryptography depends on quantum physics rather than mathematical operation complexity. Quantum cryptography apparatus are currently able to produce an indecipherable cryptosystem based on individual photons and their inherent quantum properties, since the quantum state of the system cannot be determined without disturbing the system, theoretically to a level at which the cryptosystem cannot be eavesdropped and deciphered. The quantum random number generator is based on the inherent randomness of quantum mechanics, and the generated sequence randomness is a true random number which is strictly proved in theory. The quantum random number generator has very high rate of generating random numbers, and can meet the use scene with large random number demand.
SUMMERY OF THE UTILITY MODEL
The utility model aims at the not enough of above-mentioned prior art, provide a IP recording system based on quantum is encrypted. The utility model provides high IP recording system's security has reduced the information security risk that causes because of the data is eavesdropped, has reduced the loss that enterprise and individual user caused because of privacy information reveals.
In order to realize the technical purpose, the utility model discloses the technical scheme who takes does: IP recording system based on quantum encryption, its characterized in that: the system comprises a quantum encryption and decryption device, an IP recording server and a quantum key management and control center; also includes IP telephone or voice playing device;
the quantum key management and control center is used for managing and distributing keys and charging the keys into the quantum encryption and decryption devices;
the IP recording server is used for registering users to the quantum key management and control center so as to set user permission;
when the voice call starts, the quantum encryption and decryption device is used for encrypting the mirror image voice data and storing the encrypted mirror image voice data into the IP recording server;
when the voice file needs to be played, the IP telephone or the playing device is used for sending an application to the IP recording server, and the IP recording server sends a notice to the key management and control center to determine whether the user behavior is legal or not;
if the user behavior is determined to be legal, the quantum key control center sends a decryptable instruction to the corresponding quantum encryption and decryption device, and if the user behavior is determined to be illegal, the quantum key control center does not send the instruction to the quantum encryption and decryption device;
the quantum encryption and decryption device is also used for decrypting the voice file ciphertext and then sending the voice file ciphertext to a corresponding IP telephone or a corresponding playing device for playing.
With the development of big data analysis technology, the security of enterprise and personal data becomes important, and once information is leaked, the big data analysis can be performed maliciously so as to obtain key information of enterprises and individuals. The IP phone is an important way for voice communication, and if the protection measures for the recorded voice file are not sufficient, the voice information is intercepted, which will cause very serious consequences. At present, IP recording system does not do safety protection almost, perhaps uses traditional encryption algorithm, and the security is very low, to above-mentioned problem, the utility model discloses use quantum cryptography to have solved IP recording system encryption problem.
The utility model discloses under the original IP recording system prerequisite of not changing, increase quantum encryption function. When the IP telephone answers the voice data, the voice data plaintext is mirrored to one port of the network switch, the mirrored voice data of the port is encrypted by the quantum encryption and decryption device before entering the IP recording system to form a voice data ciphertext, and then the voice data ciphertext enters the IP recording server to be stored; when the voice file in the IP recording server needs to be played, the voice file ciphertext of the IP recording system is decrypted through the quantum encryption and decryption device to form a voice data plaintext, and then the voice data plaintext enters the playing device to be played.
The utility model discloses utilize the quantum key to encrypt, improved the security of IP recording system greatly, reduced the information security risk that causes because of eavesdropping by data, reduced the loss that enterprise and individual user caused because of privacy information reveals.
Drawings
Fig. 1 is a schematic view of the quantum encrypted IP recording system architecture of embodiment 1 of the present invention.
Fig. 2 is a schematic diagram of a quantum encryption and decryption device according to embodiment 1 of the present invention.
Fig. 3 is a schematic view of deployment of the quantum key management and control center according to embodiment 1 of the present invention.
Detailed Description
Example 1
Referring to fig. 1, the quantum encryption-based IP recording system includes a quantum encryption/decryption device, an IP recording server, and a quantum key management and control center; also includes IP telephone or voice playing device; the quantum key management and control center is used for managing and distributing keys and charging the keys into the quantum encryption and decryption devices; the IP recording server is used for registering users to the quantum key management and control center so as to set user permission; when the voice call starts, the quantum encryption and decryption device is used for encrypting the mirror image voice data and storing the encrypted mirror image voice data into the IP recording server; when the voice file needs to be played, the IP telephone or the playing device is used for sending an application to the IP recording server, and the IP recording server sends a notice to the key management and control center to determine whether the user behavior is legal or not; if the user behavior is determined to be legal, the quantum key control center sends a decryptable instruction to the corresponding quantum encryption and decryption device, and if the user behavior is determined to be illegal, the quantum key control center does not send the instruction to the quantum encryption and decryption device; the quantum encryption and decryption device is also used for decrypting the voice file ciphertext and then sending the voice file ciphertext to a corresponding IP telephone or a corresponding playing device for playing.
The voice data of the telephone reaches the IP telephone through the network switch, meanwhile, one port of the network switch can mirror the voice data to the quantum encryption and decryption device, and the quantum encryption and decryption device encrypts the voice data into a ciphertext and then sends the ciphertext to the recording system server; when an IP telephone or other voice playing equipment needs to read a voice file in a recording system server, a quantum key control center is needed to confirm the legality of the reading equipment, the voice file is read after the verification is passed, and a voice data plaintext is formed after a voice data ciphertext is decrypted by a quantum encryption and decryption device and can be identified by the IP telephone or the voice playing equipment.
Referring to fig. 2, the quantum encryption and decryption device is responsible for encrypting and decrypting voice data entering and exiting the recording server. A network module: analyzing the network data packet, and performing transceiving management on the data; the encryption and decryption hardware module: the quantum key is used for carrying out encryption/decryption operation on the IP data, and the encryption algorithm supports the existing algorithms such as a quotient secret, DES and the like and also supports the XOR encryption of the one-time-pad secret. Quantum key storage module: and in the safe storage area for storing the quantum key, the quantum key in the quantum cryptography storage module is called when the quantum encryption and decryption device needs the quantum key. A quantum key acquisition module: the system is responsible for quantum keys, supports modes of on-line key acquisition, off-line key acquisition and the like, and interfaces can adopt RJ45, encrypted USB, encrypted TF card, Bluetooth and the like according to requirements.
Referring to fig. 3, a deployment diagram of a quantum key management and control center is shown, where the quantum key management and control center is connected to all quantum encryption and decryption devices and a recording server, and is used to manage the quantum keys of the devices, and complete device registration, authentication, authority and key management.
In the specific implementation:
1. the quantum encryption and decryption device, the IP recording server, the IP telephone or the voice playing device register the quantum key from the quantum key management and control center;
2. a secret key is filled into the quantum encryption and decryption device, and the secret key is managed and distributed by a quantum secret key management and control center;
3. the IP recording server registers the user to the vector sub-key management and control center and sets the user authority;
4. when the voice call starts, mirror image voice data is encrypted by the quantum encryption and decryption device and then stored in the IP recording server;
5. when the voice file needs to be played, a user sends an application to the IP recording server through the IP telephone or the playing device, and the IP recording server sends a notice to the key control center to determine whether the voice file is legal or not;
6. if the user behavior in the step 5 is legal, the quantum key control center sends a decryptable instruction to the corresponding quantum encryption and decryption device, and if the user behavior in the step 5 is illegal, the quantum encryption and decryption device is not sent the instruction;
7. and after being decrypted by the quantum encryption and decryption device, the voice file ciphertext is sent to the corresponding IP phone or the corresponding playing equipment for playing.