CN212752274U - Quantum key distribution system based on router - Google Patents
Quantum key distribution system based on router Download PDFInfo
- Publication number
- CN212752274U CN212752274U CN202021197366.XU CN202021197366U CN212752274U CN 212752274 U CN212752274 U CN 212752274U CN 202021197366 U CN202021197366 U CN 202021197366U CN 212752274 U CN212752274 U CN 212752274U
- Authority
- CN
- China
- Prior art keywords
- area network
- local area
- router
- terminal
- remote terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Optical Communication System (AREA)
Abstract
The utility model provides a quantum key distribution system based on router, including LAN terminal, LAN router, remote terminal; the local area network terminal is provided with a true random number generator, the local area network router is provided with a single photon detection module, and the remote terminal is correspondingly provided with QKD sending equipment; the local area network router and the remote terminal interact through a quantum channel; the local area network terminal performs key negotiation with the remote terminal based on the BB84 protocol through the local area network router. The utility model discloses can realize not installing the quantum communication between the communication terminal and the remote terminal of QKD equipment in the LAN, improve the communication security at terminal in the LAN.
Description
Technical Field
The utility model relates to a quantum communication field especially relates to a quantum key distribution system based on router.
Background
The principle of Quantum Key Distribution (QKD) is that both communication parties can generate and share a random and secure key by using quantum mechanical characteristics to encrypt and decrypt transmitted information in the communication process of both parties, and the quantum key has absolute security and indecipherability. In the prior art, two communication parties generally need to install the QKD devices respectively and then carry out quantum communication according to a quantum key distribution protocol, and the most common protocol is a BB84 protocol, a B92 protocol and an E91 protocol.
However, based on either protocol, quantum communication can be achieved by installing QKD devices on both sides of the communication. However, in a home scenario or a company scenario, there are many communication terminals with smaller sizes, and because the QKD device has a larger size and a higher price, it is not possible to integrate the QKD device into such a small communication terminal, and therefore, the small mobile communication terminal device in the local area network cannot join the quantum privacy network at present.
How to enable a small terminal device in a local area network to join a quantum secure network without integrating a QKD device is a technical problem to be solved in the field.
Disclosure of Invention
The purpose of the invention is as follows: in order to solve the technical problem, the utility model provides a quantum key distribution system based on router.
The technical scheme is as follows: the utility model provides a technical scheme does:
a quantum key distribution system based on a router comprises a local area network terminal, a local area network router and a remote terminal; the local area network terminal is provided with a true random number generator, the local area network router is provided with a single photon detection module, and the remote terminal is correspondingly provided with QKD sending equipment; the local area network router and the remote terminal interact through a quantum channel;
the local area network terminal performs key negotiation with the remote terminal based on a BB84 protocol through the local area network router:
the remote terminal sends a string of photons with random polarization states to the local area network router through the QKD sending equipment; meanwhile, the local area network terminal generates a base sequence for measurement through the true random number generator and sends the base sequence to the local area network router; the local area network router selects corresponding measurement bases through the single photon detection module to measure the received photons one by one, and feeds back measurement results to the local area network terminal;
the local area network terminal informs the remote terminal of the measurement base sequence through a classical channel, the remote terminal informs the local area network terminal of which the measurement base sequence is correct through classical communication, and the two terminals can obtain a first quantum key obtained according to a BB84 protocol after negotiation; and then, randomly comparing some key sequences in the first quantum key between the two terminals, and when the error rate is less than a threshold value, continuing bit error correction and privacy amplification by the two terminals to finally obtain the unconditionally safe quantum key.
Further, the QKD transmission device includes at least a single-photon emission module.
Furthermore, the single photon emission module is a weak laser pulse generator.
Further, the LAN terminal and the LAN router perform secret communication through a symmetric key mechanism.
Furthermore, a plurality of quantum repeaters are further arranged between the local area network router and the remote terminal, and the quantum repeaters are connected in series through optical fibers to form a quantum channel between the local area network router and the remote terminal.
Has the advantages that: compared with the prior art, the utility model, following technological effect has:
through the utility model provides a technical scheme, terminal in the LAN can carry out quantum communication between the router that has integrateed single photon emission module and the remote terminal who has integrateed the QKD receiving equipment, has greatly improved the security of communication between LAN terminal and external terminal, and a router that has integrateed single photon emission module can provide quantum secret communication network, low cost for a plurality of terminals in the LAN simultaneously.
Drawings
Fig. 1 is a system configuration diagram according to an embodiment.
Detailed Description
The present invention will be further described with reference to the accompanying drawings and specific embodiments.
Example (b):
fig. 1 shows a quantum key distribution system applied to a local area network, which includes a local area network terminal a, a remote terminal B, and a router, where the local area network terminal a is configured with a true random number generator, the router forms a local area network, the local area network terminal a is located in the local area network formed by the router and interacts with the router, and a quantum channel is established between the remote terminal B and the router.
In this embodiment, the lan terminal a serves as a transmitter and a receiver during key agreement, and the remote terminal B serves as a transmitter. Therefore, the router in the system includes the main functional modules of the existing router, and in addition, the router needs to include a single photon detection module, and the single photon detection module can detect the polarization state of the received photon under the measurement basis. The remote terminal B is correspondingly configured with a QKD transmission device capable of modulating the polarization state of the photons according to the control signal and sequentially transmitting the modulated photon strings to the receiving party at certain time intervals.
The flow of the communication method implemented by the system shown in fig. 1 is as follows:
when the local area network terminal A needs to carry out secret communication with the remote terminal B, the two parties carry out corresponding quantum key agreement through the router, and the specific flow of the key agreement is as follows:
first the QKD transmitting device of the remote terminal B generates two true random number sequences Sa (bit sequence), ma (transmission basis sequence) from which the sequence of polarization states x of the light sub-string to be emitted can be determined. Specifically, according to the following rule, when the sa sequence is bit 0 and the ma sequence is also 0, the polarization state is H; when the sa sequence is bit 0 and the ma sequence is 1, the polarization state is +; when the sa sequence is bit 1 and the ma sequence is 0, the polarization state is V; when the sa sequence is bit 1 and the ma sequence is also 1, the polarization states are-, "H, +, V, -" are the four polarization states of the photon. The QKD sending device of remote terminal B then sends the single-photon string of the corresponding polarization state to the router.
The router informs the local area network terminal A when receiving the photons, obtains a measurement base sequence mb generated by the local area network terminal A through the true random number generator and used for selecting a measurement base, detects the photons one by one through the single photon detection module according to the measurement base sequence mb, and feeds back the detection result to the local area network terminal A.
After receiving the measurement result, the lan terminal a converts the measurement result into a bit sequence according to a certain encoding rule, such as bit 0 corresponding to the horizontal polarization state and the 45-degree polarization state, and bit 1 corresponding to the vertical polarization state and the 135-degree polarization state.
Finally, the local area network terminal A informs the remote terminal B of the measurement base sequence mb through a classical channel, the remote terminal B compares ma with mb, then informs the local area network terminal A of which the measurement base sequence is correct through classical communication, and after negotiation, the two parties can obtain a quantum key K1 obtained according to a BB84 protocol. And then the remote terminal B and the local area network terminal A randomly carry out public comparison on some key sequences, when the error rate is less than a threshold value (for example, 11%), the remote terminal B and the local area network terminal A continue to carry out bit error correction and privacy amplification operation, and finally the remote terminal B and the local area network terminal A obtain the unconditionally safe quantum key K. The quantum key K can be used for realizing safe communication between two parties.
Specifically, in the above scheme, the QKD transmission device at least includes a single photon emission module, and the single photon emission module is a relatively ideal single photon source device, and in reality, a weak laser pulse may be used to replace a single photon module, for example, a laser, an attenuator, a polarizer, and a polarization controller may be used to form a single photon module that is practically usable. The remote terminal may be a server or the like.
Specifically, the lan router and the remote terminal may communicate directly through an optical fiber, or a plurality of quantum repeaters may be disposed between the lan router and the remote terminal, and the plurality of quantum repeaters are connected in series through the optical fiber to form a quantum channel between the lan router and the remote terminal. Through the arrangement of the quantum repeater, the condition that the photon receiving fails due to the overlong optical fiber can be avoided.
In addition, a decoy state idea can be added into the BB84 protocol, the decoy state can overcome photon number separation attack, the method has strong practical significance, the method becomes a mainstream scheme of quantum key distribution at present, and the BB84 scheme based on the decoy state is mostly applied in a real scene. In the above embodiment, a spoofing state may also be added, the single-photon module randomly generates a signal state and a spoofing state according to a certain probability, and both sides negotiating the quantum key may obtain an unconditionally secure quantum key according to the BB84 scheme based on the spoofing state.
As a further optimization of the above embodiment, an encryption method is further set between the lan terminal a and the lan router, specifically as follows:
the lan router and the remote terminal B form a quantum key pair by the method of forming a quantum key pair between the lan terminal a and the remote terminal B as described above, and accumulate the quantum key pair continuously, thereby forming quantum key pools of both sides, and the quantum key pool can update keys by using the same method, thereby ensuring the freshness of the quantum key pool.
The method comprises the steps that a quantum key card with a quantum random number key pool issued by a remote terminal B is stored in a local area network terminal A, the same key pool is stored in the remote terminal B at the same time, and therefore quantum key pools of the local area network terminal A and the remote terminal B are formed.
And the local area network router and the local area network terminal A respectively select a group of random number sequences from respective key pools as the symmetric keys of the communication so as to carry out identity authentication and secret communication with the remote terminal B during each communication. The remote terminal B issues quantum random numbers as session keys for the two parties in a secret communication mode, and the quantum random numbers are used as encryption keys between the local area network terminal A and the router.
More preferably, according to the inventive concept in the embodiment, the local area network terminal a performs quantum key agreement with the remote management center through the router to generate a new shared quantum key KG (the remote management center includes the QKD device, so the local area network terminal a can perform QKD key agreement with the remote management center in combination with the router).
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only represent some embodiments of the present invention, and the description thereof is specific and detailed, but not to be construed as limiting the scope of the present invention. It should be noted that, for those skilled in the art, without departing from the spirit of the present invention, several variations and modifications can be made, which are within the scope of the present invention. Therefore, the protection scope of the present invention should be subject to the appended claims.
Claims (5)
1. A quantum key distribution system based on a router is characterized by comprising a local area network terminal, a local area network router and a remote terminal; the local area network terminal is provided with a true random number generator, the local area network router is provided with a single photon detection module, and the remote terminal is correspondingly provided with QKD sending equipment; the local area network router and the remote terminal interact through a quantum channel;
the local area network terminal performs key negotiation with the remote terminal based on a BB84 protocol through the local area network router:
the remote terminal sends a string of photons with random polarization states to the local area network router through the QKD sending equipment; meanwhile, the local area network terminal generates a base sequence for measurement through the true random number generator and sends the base sequence to the local area network router; the local area network router selects corresponding measurement bases through the single photon detection module to measure the received photons one by one, and feeds back measurement results to the local area network terminal;
the local area network terminal carries out classical communication in a BB84 protocol with the remote terminal through a classical channel, and finally obtains the unconditionally safe quantum key.
2. The router-based quantum key distribution system of claim 1, wherein the QKD sending device includes at least a single-photon emission module.
3. The router-based quantum key distribution system of claim 2, wherein the single photon emission module is a weak laser pulse generator.
4. The router-based quantum key distribution system of claim 1, wherein the lan terminal and the lan router perform secure communication via a symmetric key mechanism.
5. The router-based quantum key distribution system of claim 1, wherein a plurality of quantum repeaters are further disposed between the local area network router and the remote terminal, and are connected in series through an optical fiber to form a quantum channel between the local area network router and the remote terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202021197366.XU CN212752274U (en) | 2020-06-24 | 2020-06-24 | Quantum key distribution system based on router |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202021197366.XU CN212752274U (en) | 2020-06-24 | 2020-06-24 | Quantum key distribution system based on router |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN212752274U true CN212752274U (en) | 2021-03-19 |
Family
ID=75010870
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202021197366.XU Active CN212752274U (en) | 2020-06-24 | 2020-06-24 | Quantum key distribution system based on router |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN212752274U (en) |
-
2020
- 2020-06-24 CN CN202021197366.XU patent/CN212752274U/en active Active
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7430295B1 (en) | Simple untrusted network for quantum cryptography | |
| US8855316B2 (en) | Quantum cryptography apparatus | |
| US11930106B2 (en) | Quantum communication system that switches between quantum key distribution (QKD) protocols and associated methods | |
| CN106254072B (en) | Quantum key distribution method | |
| US7899183B2 (en) | Random number generating and sharing system, encrypted communication apparatus, and random number generating and sharing method for use therein | |
| CN108111305B (en) | Multi-type quantum terminal compatible converged network access system and method | |
| JP2011521581A (en) | Quantum key distribution with movable key devices | |
| US7792288B2 (en) | Communication system using quantum cryptography and comprising switching stations | |
| CN109617687A (en) | A kind of quantum cryptography system of visible light communication | |
| CN212660171U (en) | Quantum key distribution system applied to mobile communication network | |
| CN111934785B (en) | Local area network terminal quantum communication method and system based on router | |
| CN108365954B (en) | Control code multiplexing method | |
| CN111917537B (en) | Base station-based mobile communication terminal quantum communication method and system | |
| CN212752274U (en) | Quantum key distribution system based on router | |
| CN212660170U (en) | Quantum key distribution system applied to local area network | |
| CN212752273U (en) | Base station-based mobile communication network quantum key distribution system | |
| CN111934855A (en) | Quantum communication method and system of mobile communication terminal | |
| CN111934856B (en) | Quantum communication method and system applied to local area network | |
| Gatto et al. | Quantum technologies for future quantum optical networks | |
| CN212660169U (en) | Credible relay device for quantum secret communication | |
| CN113949463A (en) | Quantum key distribution system and method based on aircraft relay | |
| Razavi et al. | Architectural considerations in hybrid quantum-classical networks | |
| Legre et al. | Quantum-enhanced physical layer cryptography: A new paradigm for free-space key distribution | |
| US20240089094A1 (en) | Hybrid quantum cryptography protocol for optical communications | |
| CN220421835U (en) | Quantum key distribution system for safe transmission |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| GR01 | Patent grant | ||
| GR01 | Patent grant |