JP2017092987A - Communication device, communication system, and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To perform efficient routing so that the amount of consumed encryption keys in an entire system becomes small while avoiding consumption and depletion of encryption keys at a particular node and keeping throughput.SOLUTION: A communication device is connected with a plurality of external devices. The communication device comprises an acquisition unit and a selection unit. The acquisition unit acquires resource information representing resources of encryption keys that can be provided by the external devices. The selection unit selects one route on the basis of a bottle neck and the number of hops on routes of the resources represented by the resource information among a plurality of routes leading to the external devices.SELECTED DRAWING: Figure 1

Description

  Embodiments described herein relate generally to a communication device, a communication system, and a program.

  There is known a key sharing network composed of a plurality of nodes connected to each other by a plurality of links. Each node has a function of generating and sharing a random number between nodes connected by a link, and a function of performing encrypted communication on a link using the generated random number as an encryption key (hereinafter referred to as a link key). Prepare. Also, some of the nodes have a function of generating a cryptographic key (hereinafter referred to as an application key) that is a random number independent of the link, and a function of transmitting the generated application key to another node via the link. And comprising.

  An application in the key sharing network has a function of acquiring an application key from a node and using this as an encryption key to perform encrypted communication with another application. The encryption communication at this time may be performed by a network such as the Internet (hereinafter referred to as an application network) different from the key sharing network. Further, the node and the application may be realized as an integrated unit. The node and the application may be configured as independent terminals, and an application key may be transmitted and received between both terminals.

  The function of generating and sharing a random number (link key) between nodes connected by a link in a node is realized by a technique generally called quantum cryptography or quantum key distribution (QKD), for example.

Dianati, M., Alleaume, R., Gagnaire, M. and Shen, X. (2008), Architecture and protocols of the future European quantum key distribution network. Security and Communication Networks, 1: 57-74. DOI: 10.1002 / sec.13 Kollmitzer C., Pivk M. (Eds.), Applied Quantum Cryptography, Lect. Notes Phys. 797 (Springer, Berlin Heidelberg 2010), p155-p168, DOI 10.1007 / 978-3-642-04831-9

  In quantum key distribution, routing for sharing an application key between nodes in a key sharing network, that is, transfer of an application key through a plurality of nodes is performed. Therefore, in a quantum cryptography communication system, it is desirable to perform routing efficiently while avoiding consumption and depletion of link keys used for transferring application keys.

  The communication device of the embodiment is connected to a plurality of external devices. The communication device includes an acquisition unit and a selection unit. The acquisition unit acquires resource information indicating a cryptographic key resource that can be provided by an external device. The selection unit selects one route based on the bottleneck on the route of the resource represented by the resource information and the number of hops among the plurality of routes reaching the external device.

The block diagram of the quantum cryptography communication system in embodiment. The figure which shows the sharing procedure of the encryption key in a key sharing network. The figure which shows an example of the procedure of OSPF. The figure for demonstrating a metric. The figure which shows the comparative example of the hop number of a path | pass. The block diagram of the node in this embodiment. The figure for demonstrating the routing algorithm of embodiment. The figure for demonstrating the routing algorithm of embodiment. The figure for demonstrating the routing algorithm of embodiment. The figure for demonstrating the routing algorithm of embodiment. The figure for demonstrating the routing algorithm of embodiment. The flowchart of the path | pass selection process in this embodiment. The figure which shows the network structural example. The figure which shows the procedure of routing. The figure which shows the procedure of routing. The figure which shows the procedure of routing. The figure which shows the procedure of routing. The figure which shows the procedure of routing. The figure which shows the procedure of routing. The figure which shows the procedure of routing. The figure which shows the procedure of routing. The figure which shows the procedure of routing. The figure which shows the procedure of routing. The figure which shows the procedure of routing. The figure which shows the procedure of routing. The block diagram of the quantum cryptography communication system in a modification. The hardware block diagram of the communication apparatus concerning this embodiment.

  Exemplary embodiments of a communication apparatus according to the present invention will be explained below in detail with reference to the accompanying drawings.

  OSPF (Open Shortest Path Fast) may be used as a protocol (routing protocol) for determining a path (path) for sharing an encryption key in quantum key distribution. OSPF uses distance (the sum of the costs of links included in each path) as a metric for performing routing (route control).

  Each node of the quantum cryptography communication system shares an application key using a key sharing network. The node consumes the link key when exchanging the application key encrypted with the link key. The node uses the link key in the one-time pad, that is, discards the link key once used. Therefore, the application key cannot be exchanged and relayed at a speed higher than the amount of the shared link key or the speed at which the link key is shared. When exchanging application keys via a plurality of nodes, the sharing speed of the application keys is limited to the link having the smallest link key or the link having the lowest link key sharing speed. The throughput of cryptographic communication in the quantum cryptography communication system is restricted by such a bottleneck. Alternatively, communication itself cannot be performed on a link whose link key is exhausted. In a quantum cryptography communication system, it is desirable to avoid such a bottleneck link as much as possible and to select an efficient path and share an application key.

  On the other hand, when attention is paid to the link key consumption of the entire system, it can be said that the path passing through many links has more link key consumption. Since the link key is used when sharing the application key, it is a valuable system resource that determines the throughput of the application. For this reason, as a whole system, it is desirable to reduce the number of links through which the consumption of link keys is reduced.

  As described above, in the quantum cryptography communication system, when the link key is considered as a constraint resource (key resource) in the system, it is desirable to perform routing efficiently while avoiding consumption and depletion of the key.

  Therefore, the communication system according to the present embodiment realizes a routing algorithm for suppressing the consumption of link keys as much as possible and efficiently sharing application keys. As a result, the consumption of link keys in the entire system can be reduced while maintaining throughput while avoiding depletion of link keys in a specific node.

  For example, the communication system according to the present embodiment uses an algorithm for calculating resource information representing a cryptographic key resource (key resource) that can be provided to an application as part of a routing protocol. As a result, the path selection (path selection) metric becomes a bottleneck (a value indicating a bottleneck) of the key resource, and the path selection avoids key depletion. The communication system according to the present embodiment further employs the number of hops as a metric. This makes it possible to select a path that suppresses the consumption of the link key.

  The value indicating the bottleneck is, for example, the value of the resource of the part that becomes the bottleneck. As will be described later, for example, the minimum value of the cost (resource) of each link included in the path is a value indicating a bottleneck. Hereinafter, a value indicating a bottleneck may be simply referred to as a bottleneck.

  Each node constituting the key sharing network exchanges available key resource information and network information with each other. Each node calculates the bottleneck of the key resource and the number of hops regarding the path for sharing the application key. Each node uses a key resource bottleneck and the number of hops as a metric to avoid the key depletion of links where the key generation speed is low and the key holding amount is low, and at the same time Select a path to suppress key consumption.

It should be noted that avoiding bottlenecks and reducing the number of hops are different metrics, and there may be some variations depending on the order of evaluation and weighting. The node selects a path that avoids exhaustion of the link key of a link and suppresses key consumption in the entire system, for example, by the following procedure (A) or (B).
(A) Path selection considering the metric [number of hops] is performed for paths having the same metric [bottleneck of key resource].
(B) Path selection is performed using a single metric that considers both the bottleneck and the number of hops.

  Furthermore, the routing protocol may be re-executed when a large change in the key resource occurs.

  In addition, although the bottleneck of the key resource and the number of hops of the path are adopted as an example of the metric, other elements can also be the metric. Further, the bottleneck is adopted as the first metric element, and the hop count is evaluated as the next element. However, the order of evaluating these may be reversed. That is, routing may be performed based on the number of hops of the path as a metric, and the bottleneck may be evaluated when the number of hops is equal. It is also possible to adjust the degree of reflecting each of the bottleneck of the key resource and the number of hops of the path in the metric. This is possible, for example, by calculating a metric by weighting the bottleneck of the key resource and the number of hops of the path.

  Considering the bottleneck of the key resource relates to the speed of sharing the application key (throughput) or the avoidance propensity for link key depletion on a link. Also, considering the number of hops is related to the key consumption of the entire system. Depending on the application to which the quantum cryptography communication system is applied, the metric should be used properly.

  FIG. 1 is a diagram illustrating a configuration example of a quantum cryptography communication system according to the present embodiment. FIG. 1 is an example of a case where a node and an application are realized independently. The communication system includes nodes 100a to 100e as communication devices and applications 200a and 200b. The nodes 100a to 100e share a link key (link keys 301 to 304) through the key sharing network 502. The applications 200a and 200b perform encrypted communication using application keys (application keys 401 to 402) via the application network 501.

  When there is no need to distinguish the nodes 100a to 100e, the node 100 may be simply referred to as a node 100. When there is no need to distinguish between the applications 200a and 200b, the application 200a may be simply referred to as an application 200. The number of nodes 100 is not limited to five. Further, the number of applications 200 is not limited to two.

  As described above, the nodes 100a to 100e have a function of generating and sharing a random number with an opposite node, and a function of performing cryptographic communication on the key sharing network 502 using the generated random number as a link key. Is provided. The node 100 may have a function of generating a random number independently of the link and a function of transmitting the generated random number to another node.

  FIG. 2 is a diagram illustrating an example of an encryption key sharing procedure in the key sharing network. The node 100 generates a link key with another node 100. FIG. 2 shows an example in which the link key 302 is shared between the node 100a and the node 100c, and an example in which the link key 303 is shared between the node 100c and the node 100e.

  Thereafter, each node 100 performs routing for sharing the application key. Each node 100 shares (transfers) the application key using the link key in the path determined by the routing. FIG. 2 shows an example in which an application key is shared between the node 100a and the node 100e, and application keys 401 and 402 are provided, respectively.

  Next, a procedure for determining the routing table of the key sharing network using OSPF, which is an existing routing protocol, will be described. In OSPF, the node 100 transmits a message called a link state, and shares information such as the state of the link to which the node 100 is connected, the network address of the link, and the cost for each link with other nodes 100. The link state includes information (network information) indicating how a certain node 100 is connected to any other node 100. Each node 100 that has received the link state grasps the network configuration based on the network information. Then, a table (link state database) representing the network configuration is constructed. Each node 100 creates a shortest path tree starting from itself using a Dijkstra algorithm from the link state database, and creates a routing table.

FIG. 3 is a diagram illustrating an example of the procedure of OSPF. Each node 100 performs routing by OSPF according to the procedure shown in (1) to (4) of FIG.
(1) The link state is shared with other nodes 100. The link state includes, for example, the state of the connected link, the network address, and the cost for each link.
(2) Each node 100 refers to the link state and creates a table (link state database) representing the network configuration.
(3) Using the Dijkstra algorithm from the link state database, create a shortest path tree starting from itself.
(4) A routing table (for example, a table in which an IP address is associated with a next hop) is created from the shortest path tree.

  The basic routing table determination procedure in the key sharing network has been described above. The present embodiment mainly relates to the creation of the shortest path tree (3) among the above-described procedures. Other (1), (2) and (4) can be executed in the same procedure as in the prior art. However, as will be described later, information unique to the present embodiment is included in a part of the information shared by the procedure (1).

Here, a metric calculation method in the routing protocol of this embodiment will be described. First, the data associated with each link and each node 100 configuring the key sharing network is as follows.
Data associated with the link:
Cost (resource information): Key generation speed Cost (resource information): Key holding amount Data associated with the node 100:
・ Database representing the network configuration (link state database)
・ Final information as the shortest path tree ・ Bottleneck from the start point to the other node 100 ・ Number of hops from the start point to the other node 100 ・ Next hop

  In the present embodiment, two types of costs (resource information) are used as data associated with a link, a link key generation rate (key generation rate) and a link key retention amount (key retention amount). The key generation speed represents a speed at which a link key is shared by performing quantum key distribution between the nodes 100. The key generation speed varies from link to link depending on the setting parameters of the node 100 operating by being connected to the link and the influence of the environment. The key holding amount is an amount of a key that has not been used yet among keys shared by performing quantum key distribution among a plurality of nodes 100. The key holding amount increases by performing quantum key distribution, and is consumed (decreases) by using a link key in key routing. In the present embodiment, these two are handled as link costs. Hereinafter, these are collectively referred to as key resources. The key resource is not limited to this. For example, only the key generation rate or only the key holding amount may be used as the key resource.

  As described above, each node 100 has a link state database representing the network configuration (connection relationship) in the area as information necessary for calculating the shortest path. Each node 100 also has definite information as a shortest path tree, the cost (resource information) of each link from the start point to each other node 100, the number of hops from the start point to each other node 100, and the next hop. .

  The confirmation information as the shortest path tree indicates whether or not the shortest path to the node 100 is confirmed for each external device (another node 100). When it is not determined, it indicates that the path to the node 100 is only the shortest path candidate (shortest path candidate).

  The bottleneck from the starting point to the other node 100 represents the bottleneck of the cost (resource information) of the link when passing through the shortest path candidate for reaching the other node 100. The number of hops from the start point to the other node 100 represents the number of hops when passing through the shortest path candidate for reaching the other node 100. The cost of each link from the start point to the other node 100 and the number of hops from the start point to the other node 100 are held for each other node 100.

  The next hop represents a next hop that is a candidate for the shortest path.

  In the Dijkstra algorithm in OSPF, the metric was distance. On the other hand, in the key consumption suppression routing protocol of this embodiment, a bottleneck in a path is used for calculation of a metric, not a distance. A bottleneck is introduced as a metric in order to keep the key generation speed and the key holding amount between the nodes 100 sharing the application key at a certain value or more and to prevent the data communication speed in the application network from being hindered. .

  FIG. 4 is a diagram for explaining the metric. Using FIG. 4 as an example, distances and bottlenecks as metrics will be described. The numerical value attached to the link in FIG. 4 represents the cost.

  When the distance is a metric, the sum of the costs of each link included in the path from s to t in FIG. 4 is the path metric (distance). When the bottleneck is a metric, the minimum value of the cost of each link included in the path from s to t is the metric (bottleneck).

  In the example of FIG. 4, the distance is 4 + 3 + 8 = 15 because it is the sum of the costs of the links included in the path. That is, the metric for this path is 15. On the other hand, since the bottleneck is the minimum value of the cost of each link included in the path, min {4, 3, 8} = 3. That is, the metric for this path is 3.

  As described above, in OSPF, the Dijkstra algorithm is performed using a metric as a distance, but in the key consumption suppression routing protocol, a bottleneck is adopted for the metric to perform routing processing. However, if only the bottleneck is used as a metric, there are no criteria for judging when there are multiple paths with the same bottleneck, so there are many hops depending on the implementation of the path evaluation order and the form of the target network. There is a possibility of selecting a detour path. That is, there is a possibility of increasing the link key consumption of the system.

  FIG. 5 is a diagram illustrating a comparative example of the number of hops of a path obtained using a bottleneck as a metric. In FIG. 5, the number assigned to the node represents the node number, and the number assigned to the link represents the cost of the link. Hereinafter, a node having a node number n (n is an integer of 1 or more) may be represented as a node n.

  The path A of node 1 → node 2 → node 3 → node 4 → node 5 → node 6 has 3 bottlenecks and 5 hops. On the other hand, the path B of node 1 → node 3 → node 5 → node 6 also has a hop count of 3 although the bottleneck is 3. Assuming that each link included in the path consumes a link key corresponding to the bottleneck, the path A consumes 15 link keys. On the other hand, in the path B, consumption of 9 link keys can be suppressed. Therefore, the path B with the smaller number of hops can suppress the key consumption of the entire system than the path A with the larger number of hops.

  Therefore, in addition to the path bottleneck, the hop count of the path from the transmission source node 100 to the destination node 100 is added as a metric. By doing so, a path with a smaller number of hops is selected among paths having the same bottleneck, and routing that further suppresses key consumption of the entire system is possible.

  FIG. 6 is a block diagram illustrating a functional configuration example of the node 100 in the present embodiment. The node 100 includes a control unit 101, a management unit 102, a platform unit 103, a communication unit 104, and a routing processing unit 110. The routing processing unit 110 includes a storage unit 121, an acquisition unit 111, a count unit 112, a calculation unit 113, and a selection unit 114.

  The storage unit 121 stores various information such as a routing table and resource information of each node 100. For example, the storage unit 121 stores, for each node 100, resource information (key generation speed, key holding amount) acquired from the node 100.

  The acquisition unit 111 acquires resource information and network information of a link key that can be provided by the node 100 from another node 100.

  For example, the count unit 112 refers to the network information and obtains the number of hops of the shortest path candidate until the other node 100 is reached.

The calculation unit 113 calculates a metric from the bottleneck and the number of hops. Below, the example of the more concrete metric calculation method of each of (A) and (B) mentioned above is shown.
(A1) The bottleneck and the number of hops are prepared in different areas, and the number of hops is compared when the bottleneck is equal.
(B1) One calculation formula is calculated for calculating a metric including a bottleneck (BN) and the number of hops (Hop). Two examples of calculation formulas are shown below.
metric = BN + 1 / (Hop) (E1)
metric = BN + (1-Hop / 10) (E2)

  For example, when BN = 4 and Hop = 2, in equation E1, metric = 4 + 1/2 = 4.5. For example, when BN = 4 and Hop = 2, in formula E2, metric = 4 + (1-2 / 10) = 4.8.

  In (A1), the bottleneck and the number of hops up to each node 100 are held, and the number of hops is compared only when the bottleneck is equal. In (B1), a calculation formula representing a metric is created in advance, and the metric is calculated from the bottleneck and the number of hops to each node 100.

  The result of the metric calculation is the same in (A1) and (B1). When (B1) is used, the type of metric to be used is one type as in the existing Dijkstra algorithm. This can potentially reuse many of the existing implementations. However, it should be noted that when (B1) is used, accurate metric calculation is possible only when the number of hops is 10 or less.

  Note that the metric calculation formulas described above are examples, and the present invention is not limited to these. For example, another formula may be used in which a result obtained by adding a weight to the bottleneck and the number of hops is used as a metric. In this case, the coefficient (weight) concerning the bottleneck and the number of hops is arbitrary.

  The selection unit 114 selects one path (the path with the best metric) from a plurality of path candidates reaching the external device (another node 100) based on the metric.

  The control unit 101 controls processing performed in the node 100. For example, the control unit 101 is responsible for starting each component unit.

  The management unit 102 manages key resources such as a key generation speed and a key holding amount of a link to which the node 100 is connected.

  The platform unit 103 provides management of other components on the node 100, computer operating system functions necessary for operation, basic network functions, security functions, and the like.

  The communication unit 104 communicates with other connected nodes 100. The communication unit 104 generates and shares a random number between the nodes 100 connected by a link using quantum cryptography, and manages the generated random number as a link key. The communication unit 104 is used by other components when performing data communication with another node 100 connected by a link. Data exchanged with other nodes 100 via the communication unit 104 includes application key data. These data are normally exchanged by encrypted communication using a link key managed by the node 100.

  Each of the above units (control unit 101, management unit 102, platform unit 103, communication unit 104, routing processing unit 110) causes a processing device such as a CPU (Central Processing Unit) to execute a program, that is, realized by software. Alternatively, it may be realized by hardware such as an IC (Integrated Circuit), or may be realized by using software and hardware together. Further, the storage unit 121 can be configured by any commonly used storage medium such as an HDD (Hard Disk Drive), an optical disk, a memory card, and a RAM (Random Access Memory).

  The configuration of the node 100 in this embodiment has been described above. However, the above description is an example.

Next, details of the key consumption suppression routing protocol in this embodiment will be described. The following is the basic sequence of the key consumption suppression routing protocol. Here, processes (S1) to (S9) for creating a shortest path tree after creating a routing table after sharing the link state between the nodes 100 and grasping the network configuration will be described. Hereinafter, in order to represent a node (node) of the shortest path tree (tree structure) corresponding to each node 100 as a device (communication device), it may be described as a “node” without a reference sign.
(S1) An initialization label is set for all nodes.
(S2) A bottleneck is obtained for all nodes connected to the start point.
(S3) The value of the node having the largest bottleneck among the nodes connected to the start point is determined.
(S4) A new bottleneck in the path from the start point is newly calculated for all nodes connected to the determined node.
(S5) If the newly calculated bottleneck is larger than the bottleneck to be held, the bottleneck is updated and a new path is held. Then, the previous path is deleted as not used.
(S6) If the bottleneck to be held is larger than the newly calculated bottleneck, the current bottleneck and path are held. The newly calculated path is deleted as not used.
(S7) If the newly calculated bottleneck is equal to the bottleneck to be held, the number of hops of each path to that node is obtained, and the path with the smaller number of hops is held.
(S8) Among the nodes that have not been determined, the value of the node having the largest bottleneck from the starting point is determined.
(S9) Repeat (S4) to (S8) until the values of all the nodes are determined.

Next, the routing algorithm of this embodiment is shown. This algorithm uses a bottleneck and the number of hops as a metric instead of a distance handled as a metric in the Dijkstra algorithm used in OSPF. First, the notation used in this algorithm will be described.
s: start point V: set of points of the entire graph VP: set of points where the bottleneck is determined V \ VP: set of points where the bottleneck is undetermined BN [n]: bottleneck up to point n hop [n]: Number of hops to point n cost [l]: Cost of side l path [n] = l: Path to point n is side l

Next, an example of the routing algorithm of this embodiment will be described.
(S11) The starting point s is selected, and VP: = φ, BN [s]: = 0, hop [s]: = 0 (path [s]: = 0). For a point v other than s, BN [v]: = − 1, hop [v]: = 0 (path [v]: = − 1). Note that v is not included in V \ {s}.
(S12) The following is repeated until V = VP.
(S12a) Find a point w such that BN [w] = max {BN [v] | vεV \ VP} (find a point w having the largest bottleneck value among points where the bottleneck is undetermined) .
(S12b) VP: = VP ｛{w} (The point w is included in the set of points where the bottleneck is determined).
The following processing is executed for each side e = (w, v) starting from w.
if BN [w]> cost (e)> BN [v]
then BN [v] = cost (e),
hop [v]: = hop [w] +1 (path (v): = e)
if cost (e)> BN [w]> BN [v]
then BN [v] = BN [w],
hop [v]: = hop [w] +1 (path (v): = e)
(If the bottleneck up to point w and the cost of side e are greater than point v, update)
if BN [w] ≧ BN [v] = cost (e) and
hop [v]> hop [w] +1
then BN [v] = cost (e),
hop [v]: = hop [w] +1 (path (v): = e)
if cost (e)> BN [v] = BN [w] and
hop [v]> hop [w] +1
then BN [v] = BN [w],
hop [v]: = hop [w] +1 (path (v): = e)
(If the bottleneck up to the point w is equal to the bottleneck of the path from the side e, the number of hops is compared. If the number of hops from the point w is smaller than the number of hops held at the point v, it is updated.)

  Here, (S12b) of the above algorithm will be described with reference to FIGS. Consider a link e = (w, v) where the source node is w and the destination node is v.

  FIG. 7 shows that when BN [w]> cost (e)> BN [v], BN [v] = cost (e), hop [v]: = hop [w] +1 (path (v): = e It is a figure which shows the example which becomes. FIG. 7 shows an example in which the bottleneck to the node w is 8, the bottleneck of the path reaching the node v without going through the node w is 4, and the cost of the link e is 6. The bottleneck to the node v is better (larger) than the current bottleneck 4 in the path including the newly connected link e. For this reason, the link e becomes a bottleneck, and the value indicating the bottleneck is 6. Thus, when the cost of the link is smaller than the bottleneck of the transmission source node, the bottleneck to the destination node is updated with the cost of the link.

  FIG. 8 shows that when cost (e)> BN [w]> BN [v], BN [v] = BN [w], hop [v]: = hop [w] +1 (path (v): = e It is a figure which shows the example which becomes. FIG. 8 shows an example in which the bottleneck to the node w is 6, the bottleneck of the path reaching the node v without going through the node w is 4, and the cost of the link e is 8. The bottleneck to the node v is better (larger) than the current bottleneck 4 and the path including the newly connected link e. On the other hand, the cost 8 of the link e is not a bottleneck (larger than the bottleneck 6 up to the node w). For this reason, the bottleneck to the node v is 6 like the bottleneck to the node w. Thus, when the bottleneck to the transmission source node is smaller than the cost of the newly connected link, the bottleneck to the destination node is updated with the bottleneck to the transmission source node.

  FIG. 9 is a diagram illustrating an example in which the bottleneck up to the destination node is not updated. As shown in FIG. 9, the bottleneck to the node w, the cost of the link e, and the bottleneck to the node v are compared, and the bottleneck of the path that reaches the node v through the path not passing through the node w is the largest. In this case, since the path including the link e cannot be the shortest path, the bottleneck is not updated.

  FIG. 10 shows that when BN [w] ≧ BN [v] = cost (e) and hop [v]> hop [w] +1, BN [v] = cost (e), hop [v]: = hop [ It is a figure which shows the example used as w] +1 (path (v): = e). As shown in FIG. 10, when the bottleneck up to the node v and the cost of the link e are equal to 6, and the bottleneck of the path reaching the node w is 8, which is larger than 6, the number of hops is compared. As shown in FIG. 10, it is assumed that the number of hops to the node w is 2 and the number of hops to the node v is 5. In this case, even if the node v reaches the node v via the link e, the number of hops is 2 + 1 = 3, which is smaller than the number of hops 5 to the node v. For this reason, the path to the node v is updated to a path via the link e.

  FIG. 11 shows that when cost (e)> BN [v] = BN [w] and hop [v]> hop [w] +1, BN [v] = BN [w], hop [v]: = hop [ It is a figure which shows the example used as w] +1 (path (v): = e). As shown in FIG. 11, when the bottleneck to the node v and the bottleneck to the node w are equal to 6, and the cost of the link e is 8 which is larger than 6, the number of hops is compared. As shown in FIG. 11, it is assumed that the number of hops to the node w is 2 and the number of hops to the node v is 5. In this case, even if the node v reaches the node v via the link e, the number of hops is 2 + 1 = 3, which is smaller than the number of hops 5 to the node v. For this reason, the path to the node v is updated to a path via the link e.

  Next, a path selection process performed by the node 100 according to the present embodiment configured as described above will be described with reference to FIG. FIG. 12 is a flowchart illustrating an example of a path selection process in the present embodiment.

  First, the acquisition unit 111 acquires link key resource information and network information that can be provided by the node 100 from another node 100 (step S101).

  When the procedure (A) (or (A1)) is applied, the counting unit 112 counts the number of hops of the shortest path candidate until the other node 100 is reached. The number of hops is referred to when a plurality of path candidates having the same bottleneck are obtained. When applying the procedure (B) (or (B1)), the calculation unit 113 calculates a metric including a bottleneck and the number of hops.

  Next, the selection unit 114 follows each of the procedures (A) and (B) described above, and determines the cost (bottleneck and hop) of the path between the node 100 and each of the other nodes 100. The path with the best cost) is selected (step S102).

  The routing processing unit 110 creates a routing table from the selected path (shortest path tree) and stores it in the storage unit 121 (step S103).

  Next, a specific example of path selection processing (routing) by the selection unit 114 will be described. Hereinafter, a network as shown in FIG. 13 will be described as an example. 14 to 25 are diagrams showing an example of a routing procedure in the case of the network of FIG.

  A number assigned to a node (a circled number) indicates a node number. The number assigned to the link (number enclosed in a square) indicates the cost of the link. The cost of the link indicates, for example, a key generation speed and a key holding amount. Two numbers written near a node represent the cost to reach that node. In this embodiment, this cost is expressed in the form of [bottleneck−hop count]. A double circle node represents a node in which the shortest path to that node is determined.

  Here, a process of creating a shortest path tree before creating a routing table after sharing a link state between nodes and grasping a network configuration will be described. Although a one-way network will be described as an example, a shortest path tree can be obtained in the same manner even in a bidirectional network.

  First, the cost for reaching each node is initialized to −1 (FIG. 14). Note that the initial value −1 is an example, and any negative number may be used as the initial value considering that the cost is a positive number. The node 1 that is the starting point node (hereinafter also referred to as the starting point node 1) has a cost of bottleneck 0 and a hop count of 0 (“0-0”), and the shortest path is determined.

  The node 2 connected to the node 1 has a bottleneck 3 and a hop number 1. Node 3 has bottleneck 6 and hop count 1 (FIG. 15). Among the nodes 2 and 3, the node 3 with the best bottleneck is determined as the bottleneck 6 and the number of hops 1 and the shortest path is determined (FIG. 16).

  The confirmed nodes are node 1 and node 3, and the next hop from start node 1 to destination node 3 is node 3.

  Node 2 connected to node 3 is updated to bottleneck 5 and hop count 2. Node 4 is updated to bottleneck 1 and hop count 2. Node 5 is updated to bottleneck 3 and hop count 2 (FIG. 17).

  For the node 2 with the best cost, the shortest path is determined with the bottleneck 5 and the hop number 2 (FIG. 18). The confirmed nodes are node 1, node 3, and node 2, and the next hop from the start node 1 to the destination node 2 is node 3.

  The node 4 connected to the node 2 is updated to the bottleneck 5 and the hop number 3 (FIG. 19).

  For the node 4 with the best cost, the shortest path is determined with the bottleneck 5 and the number of hops 3 (FIG. 20). The confirmed nodes are node 1, node 3, node 2, and node 4, and the next hop from the start node 1 to the destination node 4 is node 3.

  The node 5 connected to the node 4 has the bottleneck 3 and the hop number 4, but is not updated because the hop number is large. Node 6 is updated with bottleneck 2 and hop count 4 (FIG. 21).

  For the node 5 having the best cost, the shortest path is determined with the bottleneck 3 and the hop number 2 (FIG. 22). The confirmed nodes are node 1, node 3, node 2, node 4, and node 5, and the next hop from the start node 1 to the destination node 5 is node 3.

  The node 6 connected to the node 5 is updated to the bottleneck 3 and the hop number 3 (FIG. 23).

  Finally, the shortest path is determined when the node 6 has the bottleneck 3 and the hop number 3. The confirmed nodes are node 1, node 3, node 2, node 4, node 5, and node 6, and the next hop from start node 1 to destination node 6 is node 3 (FIG. 24).

  Finally, all the nodes are determined, and the shortest path tree is completed. The shortest path from node 1 to node 6 is node 1 → node 3 → node 5 → node 6 (FIG. 25).

  As described above, the shortest path tree is obtained. Also, a routing table is created using the constructed shortest path tree. The application key is shared with reference to the created routing table.

(Modification)
In the configuration in which each node 100 executes OSPF and holds a routing table, when there are multiple paths having the same metric, a route different from the route intended by the transmission source node is selected, and the key transmission destination is actually The best path may be different. This is because each node 100 selects not the best path from the transmission source node but the best path from each node 100 itself to the destination node.

  If this situation is not desirable, the source node sends the key using the source routing method, and the path determined by the source node can be selected by specifying the path to send the key in advance. . Source routing is a method in which a path through which data passes is determined by a transmission source, and data is transferred along the determined path.

  In addition, a server for managing routing may be prepared, and this server may designate a path along which the key advances. FIG. 26 is a diagram illustrating a configuration example of the quantum cryptography communication system in the modified example configured as described above. The quantum cryptography communication system according to the modification includes a routing management server 600. The routing management server 600 calculates the best path and reflects the calculated path in the routing table of each node 100. As a result, each node 100 can select the best path.

  Note that key resources are generated due to the influence of quantum key distribution and the increase of the key holding amount, the decrease of the key holding amount by transferring the application key, the environmental change of the quantum cryptography device, etc. It can change as the speed changes. For this reason, when the change of the key resource is detected, the routing protocol including this embodiment may be re-executed to calculate the optimum path again. For example, the selection unit 114 compares resource information (key generation speed, key possession amount, etc.) acquired at different times, and executes path selection processing (routing protocol) when the amount of change between both is equal to or greater than a threshold value. You may comprise as follows.

  As described above, the communication system according to the present embodiment performs routing for sharing the encryption key in consideration of the resource bottleneck and the number of hops. As a result, while avoiding the exhaustion of the encryption key in a specific node, the throughput can be maintained and the consumption amount of the encryption key in the entire system can be reduced.

  Next, the hardware configuration of the communication apparatus (node 100) according to the present embodiment will be described with reference to FIG. FIG. 27 is an explanatory diagram illustrating a hardware configuration of the communication apparatus according to the present embodiment.

  The communication device according to the present embodiment communicates with a control device such as a CPU (Central Processing Unit) 51 and a storage device such as a ROM (Read Only Memory) 52 and a RAM (Random Access Memory) 53 connected to a network. A communication I / F 54 to be performed and a bus 61 for connecting each unit are provided.

  A program executed by the communication apparatus according to the present embodiment is provided by being incorporated in advance in the ROM 52 or the like.

  A program executed by the communication apparatus according to the present embodiment is a file in an installable format or an executable format, and is a CD-ROM (Compact Disk Read Only Memory), a flexible disk (FD), a CD-R (Compact Disk Recordable). ), A DVD (Digital Versatile Disk) or the like may be recorded on a computer-readable recording medium and provided as a computer program product.

  Furthermore, the program executed by the communication apparatus according to the present embodiment may be stored on a computer connected to a network such as the Internet and provided by being downloaded via the network. The program executed by the communication apparatus according to the present embodiment may be provided or distributed via a network such as the Internet.

  The program executed by the communication apparatus according to the present embodiment can cause a computer to function as each unit of the communication apparatus described above. In this computer, the CPU 51 can read a program from a computer-readable storage medium onto a main storage device and execute the program.

  Although several embodiments of the present invention have been described, these embodiments are presented by way of example and are not intended to limit the scope of the invention. These novel embodiments can be implemented in various other forms, and various omissions, replacements, and changes can be made without departing from the scope of the invention. These embodiments and modifications thereof are included in the scope and gist of the invention, and are included in the invention described in the claims and the equivalents thereof.

100a to 100e Node 101 Control unit 102 Management unit 103 Platform unit 104 Communication unit 110 Routing processing unit 111 Acquisition unit 112 Count unit 113 Calculation unit 114 Selection unit 121 Storage unit 200a, 200b Application

Claims (6)

A communication device connected to a plurality of external devices capable of providing an encryption key by quantum key distribution,
An acquisition unit for acquiring resource information representing a resource including at least one of a generation speed of the encryption key that can be provided by the external device and an amount of the encryption key held;
Selecting one or more first routes based on a first metric that is one of a bottleneck on the resource route represented by the resource information and the number of hops among a plurality of routes reaching the external device; A selection unit that selects one route from the selected first route based on a second metric that is the other of the bottleneck and the number of hops;
A communication device comprising: The selection unit selects the first route with the best bottleneck among the plurality of routes, and when there are a plurality of the first routes with the best bottleneck, Select a route with a small number of hops.
The communication apparatus according to claim 1. The selection unit selects the first route that minimizes the number of hops from among the plurality of routes, and when there are a plurality of the first routes that minimize the number of hops, Among them, choose the route that has the best bottleneck,
The communication apparatus according to claim 1. The acquisition unit acquires first resource information representing a resource including at least one of a generation speed of an encryption key and an amount of the encryption key that can be provided by the external device, and at a time different from the first resource information, Obtaining second resource information representing a resource including at least one of a generation speed of an encryption key that can be provided by the external device and an amount of the encryption key held;
The selection unit executes a selection process of selecting one route from the plurality of routes when the amount of change between the resource represented by the second resource information and the resource represented by the first resource information is equal to or greater than a threshold;
The communication apparatus according to claim 1. A communication system comprising a plurality of communication devices capable of providing an encryption key by quantum key distribution,
Each of the communication devices
An acquisition unit for acquiring resource information representing a resource including at least one of a generation speed of an encryption key that can be provided by another communication device and an amount of the encryption key held;
One or more first routes are selected based on a first metric that is one of the bottleneck and the number of hops on the resource route represented by the resource information among the plurality of routes reaching the other communication device. And a selection unit that selects one route from the selected first route based on a second metric that is the other of the bottleneck and the number of hops,
Communications system. A computer connected to a plurality of external devices capable of providing an encryption key by quantum key distribution,
An acquisition unit for acquiring resource information representing a resource including at least one of a generation speed of the encryption key that can be provided by the external device and an amount of the encryption key held;
Selecting one or more first routes based on a first metric that is one of a bottleneck on the resource route represented by the resource information and the number of hops among a plurality of routes reaching the external device; A selection unit that selects one route from the selected first route based on a second metric that is the other of the bottleneck and the number of hops;
Program to function as.

Images