JP2017169187A - Quantum key distribution device, quantum key distribution system, and quantum key distribution method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a quantum key distribution device, quantum key distribution system, and quantum key distribution method, capable of implementing provision of services of quantum key distribution and a quantum cryptography technology that handle a parameter or variation individually requested by an object using a cryptographic key.SOLUTION: A quantum key distribution device of an embodiment is connected to another quantum key distribution device via a quantum communication path and shares a cryptographic key with the other quantum key distribution device, the quantum key distribution device comprising a common processing unit, one or more individual processing units, and a distribution unit. The common processing unit outputs intermediate data on the basis of bit information acquired through transmission or reception of a photon string with the other quantum key distribution device via the quantum communication path. The individual processing units create or provide the cryptographic key on the basis of the intermediate data. The distribution unit distributes the intermediate data output by the common processing unit to two or more distribution destinations including the one or more individual processing units.SELECTED DRAWING: Figure 6

Description

  Embodiments described herein relate generally to a quantum key distribution device, a quantum key distribution system, and a quantum key distribution method.

  The quantum key distribution system includes a transmission node, a reception node, and an optical fiber link that connects the transmission node and the reception node. The transmitting node continuously transmits single photons to the receiving node via an optical fiber link (quantum communication path) that is an optical fiber communication path. Thereafter, the transmitting node and the receiving node exchange control information with each other, thereby securely sharing the encryption key between the transmitting node and the receiving node. This technique is realized by a technique generally called quantum key distribution (QKD).

  Also, in quantum key distribution, photons used to share cryptographic keys have an uncertainty principle, which is one of the basic principles of quantum mechanics that a physical state changes when observed. Based on this principle, when an eavesdropper observes a photon containing information on the encryption key transmitted by the transmitting node on the quantum communication path, the physical state of the photon changes, and the receiving node receiving the photon sends the photon to the eavesdropper. The observation can be detected. As a result, based on the photon sequence obtained at the transmission node and the photon sequence detected at the reception node, control information is exchanged between the transmission node and the reception node, so that a secure encryption is finally achieved. The key is obtained.

  Two nodes (for example, the transmission node and the reception node described above) perform encryption and decryption using the shared encryption key described above, and perform encrypted data communication using an encryption communication method called a one-time pad. I do. The one-time pad is an encryption communication method in which 1 byte of data is encrypted and transmitted with 1 byte of an encryption key, decrypted using the same 1-byte encryption key at the time of reception, and the once used encryption key is discarded. In the encrypted data communication using this one-time pad, it is guaranteed by information theory that an eavesdropper having any knowledge cannot decipher. In this way, a technique for performing encrypted data communication using a secure encryption key shared by quantum key distribution is called a quantum encryption technique. The quantum key distribution and the quantum cryptography technology thus provide a very high security function.

  On the other hand, in order to realize quantum key distribution, as described above, a technique for controlling an optical element or the like for continuously transmitting / receiving a single photon with high accuracy is required, and the cost is increased. . In addition, it is necessary to install an optical fiber that connects the transmission node and the reception node, which increases the cost. It is difficult from the viewpoint of cost to install and install such high-cost apparatuses and facilities individually for a small-scale application or a plurality of users of the quantum key distribution service or the quantum cryptography service. As a technique for dealing with this, a technique has been proposed that employs an operation method of providing an encryption key for a plurality of applications using a set of quantum key distribution devices.

  However, in the above-described technique, the encryption key generated and stored by the set of quantum key distribution devices is only assigned to a plurality of applications. Therefore, it is possible to provide multiple types of quantum key distribution at low cost, or different quantum key distribution or quantum cryptography functions using variations of various parameters or algorithms related to quantum key distribution and quantum cryptography technology that are different for multiple users. Or providing a plurality of users with a quantum key distribution or a quantum cryptography function according to each user's request.

US Pat. No. 7,646,873 JP 2014-53816 A

  The present invention has been made in view of the above, and is capable of realizing quantum key distribution and provision of a quantum cryptography service according to parameters or variations individually requested by an object using the encryption key. An object is to provide a key distribution device, a quantum key distribution system, and a quantum key distribution method.

  The quantum key distribution device according to the embodiment is a quantum key distribution device that is connected to another quantum key distribution device through a quantum communication channel and shares an encryption key, and includes a common processing unit, one or more individual processing units, And a distribution unit. The common processing unit outputs intermediate data based on the bit information acquired by transmitting or receiving the photon sequence to or from another quantum key distribution device via the quantum communication path. The individual processing unit generates or provides an encryption key based on the intermediate data. The distribution unit distributes the intermediate data output by the common processing unit to two or more distribution destinations including one or more individual processing units.

It is a figure which shows an example of the whole structure of a quantum key distribution system. It is a figure which shows an example of the hardware constitutions of a QKD apparatus. It is a figure which shows the structure of the functional block of a general QKD apparatus. FIG. 10 is a sequence diagram showing a common encryption key sharing operation. It is a figure which illustrates notionally the structure of a virtual QKD apparatus. It is a figure which shows the structure of the functional block of the QKD apparatus which concerns on 1st Embodiment. It is a figure which shows the structure of the functional block of the QKD apparatus which concerns on 1st Embodiment. It is a figure which shows the structure of the functional block of the QKD apparatus which concerns on 2nd Embodiment. It is a figure which shows the structure of the functional block of the QKD apparatus which concerns on 3rd Embodiment. It is a figure which shows the structure of the functional block of the QKD apparatus which concerns on 4th Embodiment. It is a figure which shows the structure of the functional block of the QKD apparatus which concerns on 5th Embodiment. It is a figure which shows the structure of the functional block of the QKD apparatus which concerns on 6th Embodiment.

  Hereinafter, a quantum key distribution device, a quantum key distribution system, and a quantum key distribution method according to embodiments of the present invention will be described in detail with reference to the drawings. However, since the drawings are schematic, a specific configuration should be determined in consideration of the following description.

(First embodiment)
FIG. 1 is a diagram illustrating an example of the overall configuration of a quantum key distribution system. The configuration of the quantum key distribution system 100 will be described with reference to FIG.

  As shown in FIG. 1, the quantum key distribution system 100 includes a QKD device 1 (quantum key distribution device), a QKD device 2 (quantum key distribution device), an optical fiber link 3, and a communication cable 4. Has been.

  The QKD device 1 is a transmitter that transmits a photon string, which is generated by a laser and includes a single photon that is a base for generating an encryption key, to the QKD device 2 via an optical fiber link 3. The QKD device 1 performs a key distillation process (shifting process, error correction process, and confidentiality enhancement process), which will be described later, based on the transmitted photon sequence, and generates an encryption key. Further, during the key distillation process, the QKD apparatus 1 communicates with the QKD apparatus 2 via the communication cable 4 (control information (general digital data, not a single photon, hereinafter “key distillation process data”). Exchange). Here, in addition to the key distillation process data, as will be described later, a communication cable 4 serving as a communication path for data communicated by applications (key utilization units 106a to 106c and 206a to 206c shown in FIG. Sometimes referred to as “road”. Note that the key distillation processing data may be transferred via the optical fiber link 3 between the QKD device 1 and the QKD device 2 instead of the communication cable 4, or other communication path (for example, a general communication path) It may be transferred using an internet line or the like.

  The QKD device 2 is a receiver that receives from the QKD device 1 via the optical fiber link 3 a photon string that is composed of a single photon that is a basis for generating an encryption key. The QKD device 2 executes key distillation processing (shifting processing, error correction processing, and confidentiality enhancement processing) described later based on the received photon sequence, and the same encryption key as the encryption key generated by the QKD device 1 Generate a key. In addition, during the key distillation process, the QKD device 2 exchanges control information (key distillation process data) with the QKD device 1 via the communication cable 4.

  The optical fiber link 3 is an optical fiber cable that functions as a quantum communication path serving as a transmission path for a single photon output from the QKD device 1. The communication cable 4 is a cable that functions as a classical communication path for communicating communication data of an application as described later in addition to key distillation processing data between the QKD device 1 and the QKD device 2.

  In the quantum key distribution system 100 including the QKD device 1 and the QKD device 2 described above, when an eavesdropper observes the photon sequence transmitted by the QKD device 1 on the optical fiber link 3, the physical state of the photon changes. The QKD device 2 that has received the photon can recognize that the photon has been observed by an eavesdropper.

  In the above-described photon transmission / reception process, key distillation process, and key management (encryption key management) and key use (encryption key use) described later of the QKD devices 1 and 2, a plurality of setting items and the like are set. There are a number of variations of operations such as parameter or algorithm selection. These parameters and variations may then be appropriately selected depending on the respective application requirements, service level agreements, or application embodiments. Here, the service level agreement means that, from the standpoint of a provider who owns a physical QKD device and provides a quantum key distribution service or a quantum cryptographic function service, there are some conditions for the service user. That defines the quality of service provided. For example, provisions relating to availability and usage charges are typical. From the viewpoint of quantum key distribution service or quantum cryptographic function service, the key generation speed, the error rate of the intermediate data of the encryption key to be provided, the speed, error rate, base bias, dispersion of laser intensity, and the like can be mentioned. Conditional provisions for these can be service level agreements. On the other hand, from the standpoint of the user of the quantum key distribution service or quantum cryptographic function service of this embodiment without having a physical QKD device, various options (combinations of parameters and variations) ) Is possible. From the viewpoint of service operability and operation cost, it is conceivable to select parameter variations for quantum key distribution and quantum cryptography functions. Details of parameters and variations in photon transmission / reception processing, key distillation processing, key management, and key utilization, which are specific processing of quantum key distribution and quantum cryptography functions, will be described later.

  FIG. 2 is a diagram illustrating an example of a hardware configuration of the QKD apparatus. The hardware configuration of the QKD devices 1 and 2 will be described with reference to FIG. In the following description, the QKD device 1 will be described as an example.

  As shown in FIG. 2, the QKD device 1 includes a CPU (Central Processing Unit) 301, a ROM (Read Only Memory) 302, a RAM (Random Access Memory) 303, a communication I / F 304, an auxiliary storage device 305, and the like. And an optical processing device 306.

  The CPU 301 is an arithmetic device that controls the overall operation of the QKD device 1. The ROM 302 is a nonvolatile storage device that stores programs such as BIOS (Basic Input / Output System) or firmware executed by the CPU 301 to control each function. A RAM 303 is a volatile storage device that functions as a work memory of the CPU 301.

  The communication I / F 304 is an interface for performing data communication via a classical communication path (communication cable 4 or the like). The communication I / F 304 may be an interface corresponding to Ethernet (registered trademark) such as 10Base-T, 100Base-TX, or 1000Base-T, or may be an optical fiber interface.

  The auxiliary storage device 305 is a non-volatile storage device that stores and accumulates various programs executed by the CPU 301 and intermediate data and encryption keys generated during the encryption key sharing operation (quantum key distribution). The auxiliary storage device 305 is a storage device capable of electrical, magnetic, or optical storage such as an HDD (Hard Disk Drive), an SSD (Solid State Drive), a flash memory, or an optical disk.

  The optical processing device 306 is an optical device that transmits or receives a photon train through a quantum communication path. The optical processing device 306 of the QKD device 1 generates, for example, a polarization state based on basis information generated by, for example, a randomly selected basis, based on a bit sequence (photon bit sequence) that is bit information generated by random numbers. The photon string composed of the single photons is transmitted to the optical processing device 306 of the QKD device 2 through the quantum communication path (the optical fiber link 3 shown in FIG. 1). That is, each photon of the photon train generated by the optical processing device 306 of the QKD device 1 has 1-bit information of “0” or “1”. The optical processing device 306 of the QKD device 2 receives the photon sequence from the optical processing device 306 of the QKD device 1 via the quantum communication path, and converts the received photon sequence into basis information generated by, for example, a randomly selected basis. The photon bit string which is bit information is obtained by reading based on the above.

  The CPU 301, the ROM 302, the RAM 303, the communication I / F 304, the auxiliary storage device 305, and the optical processing device 306 described above are connected to each other via a bus 307 such as an address bus and a data bus.

  FIG. 3 is a diagram illustrating an example of a functional block configuration of a general QKD apparatus. With reference to FIG. 3, the configuration of functional blocks of a QKD device (QKD devices 10 and 20) of a general quantum key distribution system (quantum key distribution system 500) will be described.

  As shown in FIG. 3, the QKD device 10 includes a quantum key sharing unit 11, a shifting processing unit 12, an error correction processing unit 13, a confidentiality enhancement processing unit 14, a key management unit 15, and a key use unit. 16, a communication unit 17, and a storage unit 18.

  The quantum key sharing unit 11 is, for example, based on a photon bit string that is bit information generated by random numbers, for example, a single unit generated so as to have a polarization state based on base information (transmission base) generated by a randomly selected base. This is a functional unit that performs photon transmission processing for transmitting a photon sequence composed of one photon to the quantum key sharing unit 21 of the QKD device 20 via a quantum communication path. The quantum key sharing unit 11 stores the generated photon bit string and the transmission base (information including these may be referred to as “transmission photon information”) in the storage unit 18. The quantum key sharing unit 11 sends the generated transmission base and photon bit string to the shifting processing unit 12. As will be described later, the quantum key sharing unit 11 receives a photon bit string based on the information received from the quantum key sharing unit 21 via the classical communication channel and indicating the time when the quantum key sharing unit 21 detected the photon. It is also possible to extract bit information corresponding to the photons detected from, and to make this a new photon bit string.

  As a source of single photons generated by the quantum key sharing unit 11, a laser light source attenuated can be used. In this case, in the photon transmission process, the intensity of the laser light source, the attenuation factor, its dispersion, and the like are parameters. Further, when a laser light source is used as a single photon generation source by the quantum key sharing unit 11, when encoding information of a photon bit string into a photon string by a transmission base, a plurality of photons are not transmitted strictly. May be. In order to eliminate such a case and guarantee the security of quantum key distribution, a method called a decoy method is used. In the decoy method, the intensity of the output of the laser light source is not always constant, but photons are transmitted at a certain probability with pulses having an intensity different from the intensity of the output for transmitting a normal bit. There are a decoy pulse and a vacuum pulse as pulses transmitted at an intensity different from the intensity of the normal output. In this case, in the photon transmission process, the output intensity of the laser when transmitting the decoy pulse or the vacuum pulse, the transmission frequency (probability), and the like are also parameters.

  Furthermore, in the selection of the transmission base by the quantum key sharing unit 11 and the selection of the reception base by the quantum key sharing unit 21 described later, there is basically a method of randomly selecting two types of bases at a ratio of 50:50. However, in order to perform quantum key distribution more efficiently, a method called “Efficient BB84” is also known in which this ratio is inclined. In this case, the ratio of which base to select in the photon transmission process is also a parameter.

  The shifting processing unit 12 receives the base information (reception base) generated by the quantum key sharing unit 21 of the QKD device 20 from the QKD device 20 via the classical communication path, and stores the received reception base in the storage unit 18. This is a functional unit that compares the stored transmission base and extracts a bit corresponding to the matching part from the photon bit string to perform a shifting process for generating a shared bit string. The shifting processing unit 12 sends the generated shared bit string to the error correction processing unit 13.

  The shared bit string generated by the shifting process includes noise on the optical fiber, noise caused by the photon detector characteristics of the quantum key sharing unit 21 of the QKD device 20, or wiretapping by an eavesdropper during transmission / reception of photons. Since a trace or the like is included, some bits may be different between the shared bit string generated by the shifting processing unit 12 and the shared bit string generated by the shifting processing unit 22 described later. The extent (probability) that this shared bit string is wrong is called the error rate. The error rate also fluctuates due to, for example, vibration of the optical fiber or temperature change. Here, in the shifting process, an estimated error rate may be calculated for use in an error correction process described later. The estimated error rate corresponds to, for example, bit information received from the QKD device 20 by transmitting a part of the bit information of the shared bit sequence from the QKD device 20 to the QKD device 10 and the shared bit sequence generated by the QKD device 10. It is a ratio indicating the degree of error estimated to be included in the shared bit string by comparing with bit information. Note that a part of bit information of the shared bit string may be transmitted from the QKD device 10 to the QKD device 20. In this case, the amount of bit information in the shared bit string used for calculating the estimated error rate in the shifting process is a parameter.

  The error correction processing unit 13 exchanges error correction control unit 23 and error correction control information (EC (Error Correction) information) with the error correction processing unit 23 of the QKD device 20 through the classical communication channel, thereby generating a shared bit string generated. This is a functional unit that executes an error correction process for correcting the bit error and generating a corrected bit string. The error correction processing unit 13 sends the generated corrected bit string to the confidentiality enhancement processing unit 14. As a result, the post-correction bit string generated by the error correction processing unit 13 and the post-correction bit string generated by error correction processing by the error correction processing unit 23 described later are completely identical bit strings.

  In order to perform error correction processing, there are variations of various algorithms such as cascade or LDPC (Low Density Parity-Check). Further, in the error correction processing of each variation, there are parameters such as the processing unit of the input shared bit string and the error correction code to be selected.

  For example, when LDPC is used as an algorithm for error correction processing, the error correction code agreed in advance is shared between the QKD device 10 and the QKD device 20. The error correction processing unit 13 generates syndrome data as error correction control information from the corrected bit string using an error correction code, and transmits this to the QKD device 20 via the classical communication path. As will be described later, the error correction processing unit 23 of the QKD device 20 uses the error correction control information received from the QKD device 10 to generate a corrected bit string.

  Here, the error correction code has parameters of error correction capability and efficiency. An error correction code with a low error correction capability can efficiently correct a shared bit string with a low error rate (high efficiency), but cannot correct a shared bit string with a high error rate, and error correction. In this case, the shared bit string to be subjected to error correction processing is discarded. On the other hand, an error correction code with high error correction capability can correct even a shared bit string with a high error rate, but the size of the syndrome data to be communicated increases and the size of the finally obtained encryption key decreases. (Inefficient). For this reason, in the error correction process, a method of referring to the estimated error rate for the shared bit string calculated in the above-described shifting process and selecting an error correction code according to the estimated error rate may be used. However, there is an overhead for switching and using many error correction codes, and at the same time, the accuracy of the estimated error rate itself may not be guaranteed. In this way, in the operation of error correction processing, what kind of characteristic error correction code is used, how much error rate can be corrected, and how much probability of error correction failure. There are variations such as whether to allow, how much efficiency is important, and what operation is performed when error correction processing fails.

  Other variations in the error correction processing include the processing speed (whether processing is performed only with software, processing with high speed by installing dedicated hardware, etc.), the QKD device 10 and the QKD device 20 There is a communication method and a format of the communication method (what communication protocol is used for communication, whether the communication itself is encrypted, how data authentication is performed), and the like.

  The confidentiality enhancement processing unit 14 receives control information (PA (Privacy Amplification) information) from the confidentiality enhancement processing unit 24 of the QKD device 20 via the classical communication path, and based on this PA information. The number of errors corrected by the error correction process for the generated corrected bit string is theoretically leaked in the photon transmission process, the shifting process, and the error correction process. This is a functional unit that generates a cryptographic key by performing confidentiality enhancement processing for canceling a certain bit. The confidentiality enhancement processing unit 14 stores the generated encryption key in the storage unit 18 and accumulates it.

  As the confidentiality enhancement processing, the confidentiality enhancement processing unit 14 performs, for example, a key length calculation for calculating how many bits the compressed bit string is compressed based on the known quantum cryptography. Then, the confidentiality enhancement processing unit 14 performs key compression to generate an encryption key having a bit length obtained by key length calculation, and generates an encryption key.

  There are also various algorithm variations based on quantum cryptography for confidentiality enhancement processing. For example, an algorithm based on a hash operation using a universal hash function is one of variations. In this case, the parameters of the hash function itself are also parameters in the confidentiality enhancement process. The parameters of the hash function itself may be set in the QKD device 10 and the QKD device 20 in advance, and transmitted from the QKD device 10 to the QKD device 20 or from the QKD device 20 to the QKD device 10 to be transmitted. It may be updated. In such confidentiality enhancement processing using a hash function, there are variations on how the hash function is updated, and the update period of the hash function is a parameter.

  As other variations in the confidentiality enhancement processing, what is the processing speed (whether processing is performed only with software or processing is performed at high speed by installing dedicated hardware), the QKD device 10 and the QKD device 20 And the communication method and format of the communication system (what communication protocol is used for communication, whether the communication itself is encrypted, how data authentication is performed), and the like.

  The key management unit 15 is a functional unit that performs management (key management) of encryption keys stored (accumulated) in the storage unit 18. The key management unit 15 also provides the encryption key stored in the storage unit 18 to the key use unit 16 that is an application or the like that performs encrypted data communication.

  Regarding the form of key management, the unit for storing the encryption key is set to a predetermined fixed length, the length generated by the confidentiality enhancement process, or the storage unit of these encryption keys There are variations such as what kind of key ID is assigned every time and how the generation time of the encryption key is managed. Also, regarding the implementation form of encryption key storage (storage), whether the encryption key is in binary format or text format, and whether the encryption key storage mode uses a file system or a database There are variations. In addition, there are variations such as the size of the storage capacity and the behavior when the encryption key cannot be stored.

  Also, assuming that the encryption key is used in the one-time pad, the encryption key for encryption data communication from the QKD device 10 to the QKD device 20 and the encryption key for encryption data communication from the QKD device 20 to the QKD device 10 And whether or not to store them separately, and if a plurality of applications use encryption keys, whether or not to store them separately for each of these applications can also be considered as variations. In addition, regarding the provision of the encryption key, various variations can be considered as to which interface is used to provide the encryption key to the application. For example, a method of providing a stream interface that provides an encryption key to an application, a method of preparing an API (Application Program Interface) of a dedicated language, and an HTML (HyperText Markup Language) -based API that transmits an encryption key as a response There are also variations in the method of preparing. At this time, how to provide or not to provide encryption keys for multiple applications, how to authenticate, authorize, charge, and log manage applications that provide encryption keys, and How to realize related flow control when the generation is not in time is also a variation.

  The key use unit 16 is an application or the like that uses the encryption key provided from the key management unit 15 (key use) and performs encrypted data communication.

  Regarding the method of using the encryption key of the key utilization unit 16, for example, variations regarding the encryption algorithm such as whether the encryption key is used for one-time pad encryption or AES (Advanced Encryption Standard) encryption There is. In addition, there are variations such as whether to use the data authentication function and what authentication algorithm to use. For block ciphers such as AES, how many bits the key length is used, how often the encryption key is updated, and the like are variations. These variations should be selected depending on the strength of security required for the application or the security function (whether authentication is required, etc.).

  In addition to the method of implementing these key utilization functions as a part of the application itself, there is also a method of implementing them as a library that provides these functions. When implemented as a library, a plurality of variations are conceivable for the design of the library interface, such as what functions are provided to the higher-level program and what language is provided for the program.

  The communication unit 17 is a functional unit that communicates data with the QKD device 20 via a classical communication path.

  The storage unit 18 is a functional unit that accumulates (stores) the encryption key generated by the confidentiality enhancement processing unit 14.

  As shown in FIG. 3, the QKD device 20 includes a quantum key sharing unit 21, a shifting processing unit 22, an error correction processing unit 23, a confidentiality enhancement processing unit 24, a key management unit 25, and a key use unit. 26, a communication unit 27, and a storage unit 28.

  The quantum key sharing unit 21 performs photon detection processing for detecting a photon sequence from the quantum key sharing unit 11 of the QKD device 10 via the quantum communication path, and generates the detected photon sequence based on, for example, a randomly selected basis. It is a functional unit that obtains a photon bit string that is bit information by reading based on base information (reception base). The quantum key sharing unit 21 causes the storage unit 28 to store the photon bit string and the reception base (information including these may be referred to as “detected photon information”). The quantum key sharing unit 21 sends the generated reception information and photon bit string to the shifting processing unit 22. The quantum key sharing unit 21 may include information indicating the time when the photon transmitted from the quantum key sharing unit 11 is detected via the quantum communication path in the detected photon information. In this case, the quantum key sharing unit 21 may transmit information indicating this time to the quantum key sharing unit 11 via the classical communication path. In addition, the photon transmission process by the quantum key sharing unit 11 and the photon detection process by the quantum key sharing unit 21 are collectively referred to as “photon transmission / reception process” hereinafter.

  The shifting processing unit 22 receives the base information (transmission base) generated by the quantum key sharing unit 11 of the QKD device 10 from the QKD device 10 via the classical communication path, and stores the received transmission base and the storage unit 28 This is a functional unit that compares a stored reception base and extracts a bit corresponding to a matching part from a photon bit string to generate a shared bit string and performs a shifting process. The shifting processing unit 22 sends the generated shared bit string to the error correction processing unit 23.

  The error correction processing unit 23 corrects the bit error of the generated shared bit string by exchanging error correction control information (EC information) with the error correction processing unit 13 of the QKD device 10 through the classical communication channel. This is a functional unit that executes an error correction process for generating a corrected bit string. The error correction processing unit 23 sends the generated corrected bit string to the confidentiality enhancement processing unit 24. As a result, the post-correction bit string generated by the error correction processing unit 23 and the post-correction bit string generated by the error correction processing by the error correction processing unit 13 described above are completely identical bit strings.

  For example, as described above, when using LDPC as an algorithm for error correction processing, the error correction processing unit 23 is based on the error correction control information received from the QKD device 10 via the classical communication path and the shared bit string. A corrected bit string is generated using an error correction code.

  The confidentiality enhancement processing unit 24 generates control information (PA information) via the classical communication path, transmits the control information to the confidentiality enhancement processing unit 14 of the QKD device 10, and generates the corrected information based on the PA information. To cancel bits that may have been leaked and intercepted by an eavesdropper theoretically in the photon transmission process, shifting process, and error correction process from the number of errors corrected by the error correction process for the bit string It is a functional unit that performs encryption enhancement processing and generates an encryption key. The confidentiality enhancement processing unit 24 stores the generated encryption key in the storage unit 28 and accumulates it. The specific processing content of the confidentiality enhancement processing is the same as that of the confidentiality enhancement processing unit 14 described above.

  The key management unit 25 is a functional unit that manages (key management) encryption keys stored (accumulated) in the storage unit 28. The key management unit 25 also provides the encryption key stored in the storage unit 28 to the key use unit 26 that is an application or the like that performs encrypted data communication.

  The key use unit 26 is an application or the like that performs encryption data communication using the encryption key provided from the key management unit 25 (key use).

  The communication unit 27 is a functional unit that communicates data with the QKD device 10 via a classical communication path.

  The storage unit 28 is a functional unit that accumulates (stores) the encryption key generated by the confidentiality enhancement processing unit 24.

  Regarding the parameters and variations of the functions and operations of the quantum key sharing unit 21, the shifting processing unit 22, the error correction processing unit 23, the confidentiality enhancement processing unit 24, the key management unit 25, and the key use unit 26, the QKD apparatus 10 As described above.

  FIG. 4 is a sequence diagram illustrating an example of an encryption key sharing operation of a general quantum key distribution system. With reference to FIG. 4, a general operation flow of the quantum cryptographic function including a common cryptographic key sharing operation (quantum key distribution) will be described.

<Step S11>
The quantum key sharing unit 11 is, for example, based on a photon bit string that is bit information generated by random numbers, for example, a single unit generated so as to have a polarization state based on base information (transmission base) generated by a randomly selected base. Photon transmission processing is performed in which a photon sequence composed of one photon is transmitted to the quantum key sharing unit 21 of the QKD device 20 via the quantum communication path. The quantum key sharing unit 11 stores the generated photon bit string and transmission base (transmission photon information) in the storage unit 18. The quantum key sharing unit 11 sends the generated transmission base and photon bit string to the shifting processing unit 12.

<Step S12>
The quantum key sharing unit 21 performs photon detection processing for detecting a photon sequence from the quantum key sharing unit 11 of the QKD device 10 via the quantum communication path, and generates the detected photon sequence based on, for example, a randomly selected basis. A photon bit string which is bit information is obtained by reading based on the base information (reception base). The quantum key sharing unit 21 stores the photon bit string and the reception basis (detected photon information) in the storage unit 28. The quantum key sharing unit 21 sends the generated reception information and photon bit string to the shifting processing unit 22.

<Step S13>
The shifting processing unit 12 receives the base information (reception base) generated by the quantum key sharing unit 21 of the QKD device 20 from the QKD device 20 via the classical communication path, and stores the received reception base in the storage unit 18. A shifting process is performed to compare the stored transmission base and extract a bit corresponding to the matching part from the photon bit string to generate a shared bit string. The shifting processing unit 12 sends the generated shared bit string to the error correction processing unit 13.

<Step S14>
The shifting processing unit 22 receives the base information (transmission base) generated by the quantum key sharing unit 11 of the QKD device 10 from the QKD device 10 via the classical communication path, and stores the received transmission base and the storage unit 28 A shifting process is performed to compare the stored reception base and extract a bit corresponding to the matching part from the photon bit string to generate a shared bit string. The shifting processing unit 22 sends the generated shared bit string to the error correction processing unit 23.

<Step S15>
The error correction processing unit 13 corrects the bit error of the generated shared bit string by exchanging the error correction processing unit 23 of the QKD device 20 and the error correction control information (EC information) via the classical communication channel. Then, error correction processing for generating a corrected bit string is executed. The error correction processing unit 13 sends the generated corrected bit string to the confidentiality enhancement processing unit 14.

<Step S16>
The error correction processing unit 23 corrects the bit error of the generated shared bit string by exchanging error correction control information (EC information) with the error correction processing unit 13 of the QKD device 10 through the classical communication channel. Then, error correction processing for generating a corrected bit string is executed. The error correction processing unit 23 sends the generated corrected bit string to the confidentiality enhancement processing unit 24. As a result, the post-correction bit string generated by the error correction processing unit 23 and the post-correction bit string generated by the error correction processing by the error correction processing unit 13 described above are completely identical bit strings.

<Step S17>
The confidentiality enhancement processing unit 14 receives control information (PA information) from the confidentiality enhancement processing unit 24 of the QKD device 20 via the classical communication path, and generates a corrected bit string based on the PA information. On the other hand, from the number of errors corrected by error correction processing, confidentiality to cancel bits that could theoretically be leaked and eavesdropped by an eavesdropper in photon transmission processing, shifting processing, and error correction processing A cryptographic key is generated by performing an augmentation process. The confidentiality enhancement processing unit 14 stores the generated encryption key in the storage unit 18 and accumulates it.

<Step S18>
The confidentiality enhancement processing unit 24 generates control information (PA information) via the classical communication path, transmits the control information to the confidentiality enhancement processing unit 14 of the QKD device 10, and generates the corrected information based on the PA information. To cancel bits that may have been leaked and intercepted by an eavesdropper theoretically in the photon transmission process, shifting process, and error correction process from the number of errors corrected by the error correction process for the bit string An encryption key is generated by performing confidentiality enhancement processing. The confidentiality enhancement processing unit 24 stores the generated encryption key in the storage unit 28 and accumulates it.

<Step S19>
The key management unit 15 performs management (key management) of encryption keys stored (accumulated) in the storage unit 18. The key management unit 15 also provides the encryption key stored in the storage unit 18 to the key use unit 16 that is an application or the like that performs encrypted data communication.

<Step S20>
The key management unit 25 manages the encryption key stored (accumulated) in the storage unit 28. The key management unit 25 also provides the encryption key stored in the storage unit 28 to the key use unit 26 that is an application or the like that performs encrypted data communication.

<Step S21>
The key use unit 16 uses the encryption key provided from the key management unit 15 (key use) to perform encrypted data communication.

<Step S22>
The key use unit 26 uses the encryption key provided from the key management unit 25 (key use) to perform encrypted data communication.

  By the operation as described above, the QKD device 10 and the QKD device 20 generate matching encryption keys. By repeatedly executing the above-described operation, it is possible to continuously generate mutually matching encryption keys.

  FIG. 5 is a diagram conceptually illustrating the configuration of the virtual QKD apparatus. With reference to FIG. 5, the quantum key distribution and the virtualization of the quantum cryptography function will be described.

  As shown in FIG. 5, there is a set of QKD devices that connect two locations (locations where the QKD device 1 and the QKD device 2 are respectively installed). The quantum key distribution system 100 including one set of QKD devices includes a QKD device 1 (physical QKD device) existing at one site, a QKD device 2 (physical QKD device) existing at the other site, and two physical devices. An optical fiber link 3 (see FIG. 1) that connects QKD devices as a quantum communication path, and a communication cable 4 (see FIG. 1) that connects two physical QKD devices as a classical communication path. Yes. Here, there is only one set of QKD devices (QKD devices 1 and 2), but in the example shown in FIG. 5, three different companies (company A to C) are virtually dedicated QKDs. It looks like you have a set of devices. That is, one set of QKD devices is virtualized, and each company virtually occupies three sets of QKD devices (virtual QKD devices). Specifically, as shown in FIG. 5, the company A occupies a virtual QKD device A1 that virtualizes the QKD device 1 and a virtual QKD device A2 that virtualizes the QKD device 2. The company B occupies a virtual QKD device B1 that virtualizes the QKD device 1 and a virtual QKD device B2 that virtualizes the QKD device 2. Further, the company C occupies a virtual QKD device C1 that virtualizes the QKD device 1 and a virtual QKD device C2 that virtualizes the QKD device 2.

  Each company responds to their request, policy, or service level agreement agreed with the QKD device provider (hereinafter sometimes referred to collectively as “request content”), and virtually owns the QKD device (virtual QKD device) is operated. Each company's virtual QKD device apparently performs operations based on the quantum key distribution and quantum cryptography functions with different parameters and different variations according to the contents of each request.

  In the example shown in FIG. 5, the virtualized QKD device is set for three companies, companies A to C, but is not limited to this, and for each other number of companies. The QKD device may be virtualized. Hereinafter, for simplification of description, a case where the QKD devices 1 and 2 are virtualized with respect to three companies A to C will be described.

  FIG. 6 is a diagram illustrating an example of a functional block configuration of the QKD apparatus according to the first embodiment. With reference to FIG. 6, the functional block configuration of the QKD devices (QKD devices 1 and 2) according to the present embodiment will be described. Note that the description will focus on differences from the functional block configuration and encryption key sharing operation of the general QKD device described with reference to FIGS.

  As shown in FIG. 6, among the processes in the operation of the quantum cryptography function including quantum key distribution, the photon transmission / reception process is executed as usual as the QKD apparatuses 1 and 2 as physical QKD apparatuses. On the other hand, with respect to key distillation processing (shifting processing, error correction processing, and confidentiality enhancement processing), key management, and key usage, the QKD devices 1 and 2 are virtualized for companies A to C, respectively. The QKD devices A1 and A2, the virtual QKD devices B1 and B2, and the virtual QKD devices C1 and C2 are independently executed with different parameters and different variations. Here, what parameters and variations exist in each of the shifting processing, error correction processing, confidentiality enhancement processing, key management, and key usage are as described above with reference to FIG. These parameters and variations are selected based on the request contents of the operators of the virtual QKD devices A1 and A2, the virtual QKD devices B1 and B2, and the virtual QKD devices C1 and C2.

  As shown in FIG. 6, the QKD device 1 includes a quantum key sharing unit 101, shifting processing units 102a to 102c, error correction processing units 103a to 103c, confidentiality enhancement processing units 104a to 104c, and a key management unit. 105a to 105c, key use units 106a to 106c, a distribution unit 107, a setting unit 108, a communication unit 109, and a storage unit 110.

  The quantum key sharing unit 101, the communication unit 109, and the storage unit 110 are functional units that have the same functions as the quantum key sharing unit 11, the communication unit 17, and the storage unit 18 described above with reference to FIG. The quantum key sharing unit 101 is realized by the optical processing device 306 shown in FIG. The communication unit 109 is realized by the communication I / F 304 illustrated in FIG. The storage unit 110 is realized by the auxiliary storage device 305 illustrated in FIG.

  Each of the shifting processing units 102a to 102c is a functional unit having the same function as the shifting processing unit 12 described above with reference to FIG. 3 as a basic shifting process. The shifting processing units 102a to 102c operate according to the parameters and variations for the shifting process set by the setting unit 108 based on the request contents of the companies A to C, respectively.

  The error correction processing units 103a to 103c are functional units having the same functions as the error correction processing unit 13 described above with reference to FIG. 3 as basic error correction processing. The error correction processing units 103a to 103c operate according to the parameters and variations for error correction processing set by the setting unit 108 based on the request contents of the companies A to C, respectively.

  The confidentiality enhancement processing units 104a to 104c are functional units that perform the same functions as the confidentiality enhancement processing unit 14 described above with reference to FIG. 3 as basic confidentiality enhancement processing. The confidentiality enhancement processing units 104a to 104c operate according to the parameters and variations for the confidentiality enhancement processing set by the setting unit 108 based on the request contents of the companies A to C, respectively.

  Each of the key management units 105a to 105c is a functional unit that bears the same key management function as the key management unit 15 described above with reference to FIG. The key management units 105a to 105c operate according to the key management parameters and variations set by the setting unit 108 based on the request contents of the companies A to C, respectively.

  Each of the key use units 106a to 106c is a functional unit having a key use function similar to that of the key use unit 16 described above with reference to FIG. The key use units 106a to 106c operate according to the key use parameters and variations set by the setting unit 108 based on the request contents of the companies A to C, respectively.

  The setting unit 108 is a functional unit that sets parameters and variations for shifting processing, error correction processing, confidentiality enhancement processing, key management, and key usage according to the request contents of the companies A to C, respectively.

  The distribution unit 107 distributes transmission photon information (transmission base and photon bit string), which is intermediate data generated by the photon transmission / reception processing by the quantum key sharing unit 101 and the quantum key sharing unit 201, to the shifting processing units 102a to 102c. It is a functional part. The distribution unit 107 determines the amount of transmission photon information distributed to each of the shifting processing units 102a to 102c according to the request contents of the companies A to C.

  For example, the simplest distribution method of transmission photon information is a method of equally dividing the transmission photon information into the shifting processing units 102a to 102c. Further, the distribution unit 107 distributes the transmitted photon information with an inclination according to the key generation rate required by each of the companies A to C (the rate at which the encryption key is generated by the confidentiality enhancement processing unit 14). Also good. For example, when the request for the key generation speed of company A is twice that of companies B and C, the distribution unit 107 determines that the distribution ratio of the transmitted photon information is company A: company B: company C = 2: 1. It is good also as what distributes so that it may become: 1. In this case, you may consider the priority linked | related with each company A-C.

  Furthermore, the criteria for determining the distribution amount of the transmitted photon information to the shifting processing units 102a to 102c by the distribution unit 107 include base bias, the ratio of decoy pulses and vacuum pulses, their dispersion, and laser intensity dispersion. . Regarding the base bias, it is conceivable that the base bias required by companies or the like differs for each virtual QKD device. About the ratio of a decoy pulse and a vacuum pulse, it is possible that the ratio of the decoy pulse and vacuum pulse which a company etc. requests | requires differs for every virtual QKD apparatus. About dispersion | distribution of a decoy pulse and a vacuum pulse, it is possible that the tolerance | permissibility with respect to this dispersion | distribution differs for every virtual QKD apparatus which a company etc. occupies. Regarding the dispersion of the laser intensity, it is conceivable that the tolerance for this dispersion differs for each virtual QKD device that is exclusively used by a company or the like.

  The above-described shifting processing units 102a to 102c, error correction processing units 103a to 103c, confidentiality enhancement processing units 104a to 104c, key management units 105a to 105c, key utilization units 106a to 106c, distribution unit 107, and setting unit 108 2 is realized by the CPU 301 shown in FIG. 2 reading out the program stored in the auxiliary storage device 305 or the like to the RAM 303 and executing it. Of the shifting processing units 102a to 102c, the error correction processing units 103a to 103c, the confidentiality enhancement processing units 104a to 104c, the key management units 105a to 105c, the key use units 106a to 106c, the distribution unit 107, and the setting unit 108 All are not limited to being realized by the execution of the program, and at least one of them is, for example, hardware such as an application specific integrated circuit (ASIC), a field-programmable gate array (FPGA), or other integrated circuits. It may be realized by a circuit.

  Note that the quantum key sharing unit 101, the shifting processing units 102a to 102c, the error correction processing units 103a to 103c, the confidentiality enhancement processing units 104a to 104c, the key management units 105a to 105c, and the key use units 106a to 106c shown in FIG. The distribution unit 107, the setting unit 108, the communication unit 109, and the storage unit 110 conceptually show functions, and are not limited to such a configuration. For example, in the QKD device 1 illustrated in FIG. 6, a plurality of functional units illustrated as independent functional units may be configured as one functional unit. On the other hand, in the QKD device 1 shown in FIG. 6, the function of one functional unit may be divided into a plurality of units and configured as a plurality of functional units.

  As illustrated in FIG. 6, the QKD device 2 includes a quantum key sharing unit 201, shifting processing units 202a to 202c, error correction processing units 203a to 203c, confidentiality enhancement processing units 204a to 204c, and a key management unit. 205a to 205c, key use units 206a to 206c, a distribution unit 207, a setting unit 208, a communication unit 209, and a storage unit 210.

  The quantum key sharing unit 201, the communication unit 209, and the storage unit 210 are functional units that have the same functions as the quantum key sharing unit 21, the communication unit 27, and the storage unit 28 described above with reference to FIG. The quantum key sharing unit 201 is realized by the optical processing device 306 illustrated in FIG. The communication unit 209 is realized by the communication I / F 304 illustrated in FIG. The storage unit 210 is realized by the auxiliary storage device 305 illustrated in FIG.

  The shifting processing units 202a to 202c are functional units that perform the same functions as the shifting processing unit 22 described above with reference to FIG. 3 as basic shifting processing. The shifting processing units 202a to 202c operate according to the parameters and variations for the shifting process set by the setting unit 208 based on the request contents of the companies A to C, respectively.

  Each of the error correction processing units 203a to 203c is a functional unit having the same function as the error correction processing unit 23 described above with reference to FIG. 3 as basic error correction processing. The error correction processing units 203a to 203c operate according to the parameters and variations for error correction processing set by the setting unit 208 based on the request contents of the companies A to C, respectively.

  The confidentiality enhancement processing units 204a to 204c are functional units that perform the same functions as the confidentiality enhancement processing unit 24 described above with reference to FIG. 3 as basic confidentiality enhancement processing. The confidentiality enhancement processing units 204a to 204c operate according to the parameters and variations for the confidentiality enhancement processing set by the setting unit 208 based on the request contents of the companies A to C, respectively.

  Each of the key management units 205a to 205c is a functional unit that bears the same key management function as the key management unit 25 described above with reference to FIG. The key management units 205a to 205c operate according to the key management parameters and variations set by the setting unit 208 based on the request contents of the companies A to C, respectively.

  Each of the key use units 206a to 206c is a functional unit having a key use function similar to that of the key use unit 26 described above with reference to FIG. The key use units 206a to 206c operate according to the key use parameters and variations set by the setting unit 208 based on the request contents of the companies A to C, respectively.

  The setting unit 208 is a functional unit that sets shifting processing, error correction processing, confidentiality enhancement processing, key management, and key use parameters and variations according to the request contents of the companies A to C, respectively.

  The distribution unit 207 distributes detected photon information (reception base and photon bit string), which is intermediate data generated by the photon transmission / reception processing by the quantum key sharing unit 201 and the quantum key sharing unit 101, to the shifting processing units 202a to 202c. It is a functional part. The distribution unit 207 determines the distribution amount of the detected photon information to be distributed to each of the shifting processing units 202a to 202c according to the request contents of the companies A to C. A specific method of distributing the detected photon information by the distributing unit 207 is the same as the method of distributing the transmitted photon information by the distributing unit 107 described above.

  The above-described shifting processing units 202a to 202c, error correction processing units 203a to 203c, confidentiality enhancement processing units 204a to 204c, key management units 205a to 205c, key use units 206a to 206c, distribution unit 207, and setting unit 208 2 is realized by the CPU 301 shown in FIG. 2 reading out the program stored in the auxiliary storage device 305 or the like to the RAM 303 and executing it. The shifting processing units 202a to 202c, the error correction processing units 203a to 203c, the confidentiality enhancement processing units 204a to 204c, the key management units 205a to 205c, the key use units 206a to 206c, the distribution unit 207, and the setting unit 208 Not all are realized by execution of a program, and at least one of them may be realized by a hardware circuit such as an ASIC, FPGA, or other integrated circuit.

  Note that the quantum key sharing unit 201, the shift processing units 202a to 202c, the error correction processing units 203a to 203c, the confidentiality enhancement processing units 204a to 204c, the key management units 205a to 205c, and the key use units 206a to 206c shown in FIG. The distribution unit 207, the setting unit 208, the communication unit 209, and the storage unit 210 conceptually show functions, and are not limited to such a configuration. For example, in the QKD device 2 shown in FIG. 6, a plurality of functional units illustrated as independent functional units may be configured as one functional unit. On the other hand, the QKD device 2 shown in FIG. 6 may be configured as a plurality of functional units divided into a plurality of functions of one functional unit.

  In addition, there is a possibility that the laser intensity of each data pulse, decoy pulse, and vacuum pulse considered to be optimum differs for each virtual QKD device. In this case, depending on the setting of the non-virtualized quantum key sharing unit 101 (201), data pulses, decoy pulses, and vacuums of different intensities are provided for each virtual QKD device (depending on the request contents of the companies A to C). It is also possible in principle to set to send a pulse.

  In the present embodiment, the “common processing unit” of the present invention corresponds to the quantum key sharing unit 101 in the QKD apparatus 1, and the “individual processing unit” is each processing unit after the shifting processing units 102 a to 102 c. It corresponds to. The same applies to the QKD device 2. In the present embodiment, the “key distillation processing unit” of the present invention includes each of the shifting processing units 102a to 102c, the error correction processing units 103a to 103c, and the confidentiality enhancement processing units 104a to 104c in the QKD device 1. It corresponds to a series of processing units. The same applies to the QKD device 2.

  As described above, in the present embodiment, a physical set of QKD devices is virtualized to make it appear that there are a plurality of sets of QKD devices (virtual QKD devices). In the example of the embodiment, the company) is dedicated. Then, for each of a plurality of users or use organizations, the virtual QKD device exclusively used by each user or use organization is operated with different parameters and different variations. In particular, in the present embodiment, the virtual QKD apparatus is operated with different parameters and different variations for the processes after the shifting process among the processes of the quantum key distribution and the quantum cryptographic function. As a result, it is possible to provide quantum key distribution and quantum cryptography functions after the shifting process according to the request contents of a plurality of users and user organizations. That is, a set of physical QKD devices can actually provide different types of quantum key distribution and quantum cryptography functions. This is compared with the conventional technology in which a dedicated physical QKD device had to be installed and installed for each user and user organization when using quantum key distribution or quantum cryptography functions with different parameters and different variations. Thus, it is possible to significantly reduce the usage cost of the quantum key distribution and quantum cryptography functions. Furthermore, from the viewpoints of developers and providers of QKD devices, a set of QKD devices can conventionally provide only one type of quantum key distribution or quantum encryption function, but the quantum key distribution system according to the present embodiment. By using 100, a plurality of different types of quantum key distribution or quantum cryptography functions can be provided by one set of QKD devices, so that users and organizations of the quantum key distribution or quantum cryptography functions can be expanded.

  In addition, the amount of distribution of intermediate data (transmission photon information, detection photon information) generated by the photon transmission / reception process by the quantum key sharing units 101 and 201 can be determined according to the request contents of the user and the user organization. . Thereby, the encryption key can be generated and provided at a generation speed according to the request contents of the user and the user organization.

  In FIG. 6, in order to virtualize one set of QKD devices as three sets of QKD devices, the distribution units 107 and 207 have shown the distribution to three distribution destinations. However, the distribution destination of the distribution unit is not limited to three. For example, it may be two or four or more. Further, the distribution destination may not be an “individual processing unit” that is executed in the same QKD device, that is, a shifting processing unit. That is, there is an “individual processing unit” executed on another device, and the distribution unit distributes intermediate data (transmitted photon information or detected photon information) to the “individual processing unit”. Also good. In this case, the QKD device has one or more individual processing units, and the distribution unit distributes the intermediate data to two or more distribution destinations including one or more individual processing units executed by the QKD device. FIG. 7 is a diagram illustrating a configuration when the distribution unit distributes a total of two individual processing units, one individual processing unit inside the QKD device and one individual processing unit outside the QKD device. . The same configuration can be applied to the following second to sixth embodiments.

(Second Embodiment)
The quantum key distribution system according to the second embodiment will be described focusing on differences from the quantum key distribution system 100 according to the first embodiment. In the first embodiment, among the processes of the quantum key distribution and the quantum cryptography function, the operations executed after the shifting process with different parameters and different variations for each company have been described. In the present embodiment, of the processes of quantum key distribution and quantum cryptography functions, operations performed after the error correction process with different parameters and different variations for each company will be described. Note that the overall configuration of the quantum key distribution system according to the present embodiment, the hardware configuration of the QKD device, and the aspects of quantum key distribution and the virtualization of the quantum cryptography function are the same as those in the first embodiment.

  FIG. 8 is a diagram illustrating an example of a functional block configuration of the QKD apparatus according to the second embodiment. The configuration of functional blocks of the QKD device (QKD devices 1a and 2a) according to the present embodiment will be described with reference to FIG. Note that the description will focus on differences from the functional block configuration and encryption key sharing operation of the general QKD device described with reference to FIGS.

  As shown in FIG. 8, among the processes in the operation of the quantum cryptography function including quantum key distribution, the QKD devices 1a and 2a are normally executed as physical QKD devices for the photon transmission / reception process and the shifting process. . On the other hand, for part of the key distillation process (error correction process and confidentiality enhancement process), key management, and key usage, the QKD apparatuses 1a and 2a are virtual QKD apparatuses that are virtualized for the companies A to C, respectively. A1, A2, virtual QKD devices B1, B2, and virtual QKD devices C1, C2 are executed independently with different parameters and different variations. Here, what parameters and variations exist in each of the error correction processing, confidentiality enhancement processing, key management, and key usage are as described above with reference to FIG. These parameters and variations are selected based on the request contents of the operators of the virtual QKD devices A1 and A2, the virtual QKD devices B1 and B2, and the virtual QKD devices C1 and C2.

  As shown in FIG. 8, the QKD device 1a of the quantum key distribution system 100a according to this embodiment includes a quantum key sharing unit 101, a shifting processing unit 102, error correction processing units 103a to 103c, and confidentiality enhancement processing. Units 104a to 104c, key management units 105a to 105c, key use units 106a to 106c, a distribution unit 107, a setting unit 108, a communication unit 109, and a storage unit 110.

  The functions and configurations of the quantum key sharing unit 101, the communication unit 109, and the storage unit 110 are the same as the functions and configurations of the quantum key sharing unit 101, the communication unit 109, and the storage unit 110 of the QKD device 1 according to the first embodiment, respectively. It is.

  The shifting processing unit 102 is a functional unit that executes the same shifting processing as the shifting processing unit 12 described above with reference to FIG. In the shifting process, when the estimated error rate is calculated, it is assumed that a corresponding estimated error rate is associated with each generated shared bit string.

  The functions and configurations of the error correction processing units 103a to 103c, the confidentiality enhancement processing units 104a to 104c, the key management units 105a to 105c, and the key use units 106a to 106c are the same as those of the QKD device 1 according to the first embodiment. The functions and configurations of the correction processing units 103a to 103c, the confidentiality enhancement processing units 104a to 104c, the key management units 105a to 105c, and the key use units 106a to 106c are the same. That is, the error correction processing units 103a to 103c, the confidentiality enhancement processing units 104a to 104c, the key management units 105a to 105c, and the key use units 106a to 106c are set by the setting unit 108 based on the request contents of the companies A to C. According to the parameters and variations specified.

  The setting unit 108 is a functional unit that sets parameters and variations for error correction processing, confidentiality enhancement processing, key management, and key usage according to the request contents of the companies A to C, respectively.

  The distribution unit 107 is a functional unit that distributes the shared bit string, which is intermediate data generated by the shifting processing by the shifting processing unit 102, to the error correction processing units 103a to 103c. The distribution unit 107 determines a shared bit string distribution method to each of the error correction processing units 103a to 103c according to the request contents of the companies A to C. In this case, you may consider the priority linked | related with each company A-C.

  The standard for determining the shared bit string allocation method for the error correction processing units 103a to 103c by the distribution unit 107 may include the same as in the first embodiment. However, in the shared bit string, data directly related to the photon transmission / reception processing such as base bias, decoy pulse and vacuum pulse ratio, their dispersion, and laser intensity dispersion is generally removed. In general, it is a bit string after a certain shifting process is completed. Therefore, the key generation rate and the estimated error rate can be generally used as a reference for determining the shared bit string allocation method. The distribution based on the key generation speed is as described in the first embodiment. Here, allocation based on the estimated error rate will be described.

  The error correction processing units 103a to 103c have different error rate ranges for the shared bit strings due to differences in the error correction processing algorithms used, or the confidentiality enhancement processing units 104a to 104c use the confidentiality enhancement processing used respectively. Due to differences in algorithms based on the quantum cryptography, the error rate range of the shared bit sequence, which is advantageous for generating the encryption key, may be different. For example, the error correction processing unit 103a desirably has an error rate of 2 to 5 [%] and can accept up to 10 [%], whereas the error correction processing unit 103b has an error rate of 2.5. ~ 3.0 [%] is desirable and up to 6 [%] may be acceptable. In such a case, the distribution unit 107 determines which shared bit string is allocated to each of the error correction processing units 103a to 103c based on the estimated error rate calculated by the shifting processing unit 102. In this case, a request for a key generation speed associated with each of the companies A to C, or priority may be considered.

  Note that the quantum key sharing unit 101, the shifting processing unit 102, the error correction processing units 103a to 103c, the confidentiality enhancement processing units 104a to 104c, the key management units 105a to 105c, the key use units 106a to 106c, and the allocation shown in FIG. The unit 107, the setting unit 108, the communication unit 109, and the storage unit 110 conceptually show functions, and are not limited to such a configuration. For example, in the QKD device 1a illustrated in FIG. 8, a plurality of functional units illustrated as independent functional units may be configured as one functional unit. On the other hand, in the QKD device 1a shown in FIG. 8, the function of one function unit may be divided into a plurality of functions and configured as a plurality of function units.

  As shown in FIG. 8, the QKD device 2a of the quantum key distribution system 100a according to this embodiment includes a quantum key sharing unit 201, a shifting processing unit 202, error correction processing units 203a to 203c, and confidentiality enhancement processing. Sections 204a to 204c, key management sections 205a to 205c, key use sections 206a to 206c, distribution section 207, setting section 208, communication section 209, and storage section 210.

  The functions and configurations of the quantum key sharing unit 201, the communication unit 209, and the storage unit 210 are the same as the functions and configurations of the quantum key sharing unit 201, the communication unit 209, and the storage unit 210 of the QKD device 2 according to the first embodiment, respectively. It is.

  The shifting processing unit 202 is a functional unit that executes the same shifting processing as the shifting processing unit 22 described above with reference to FIG. In the shifting process, when the estimated error rate is calculated, it is assumed that a corresponding estimated error rate is associated with each generated shared bit string.

  The functions and configurations of the error correction processing units 203a to 203c, the confidentiality enhancement processing units 204a to 204c, the key management units 205a to 205c, and the key use units 206a to 206c are the same as those of the QKD apparatus 2 according to the first embodiment. The functions and configurations of the correction processing units 203a to 203c, the confidentiality enhancement processing units 204a to 204c, the key management units 205a to 205c, and the key use units 206a to 206c are the same. That is, the error correction processing units 203a to 203c, the confidentiality enhancement processing units 204a to 204c, the key management units 205a to 205c, and the key use units 206a to 206c are set by the setting unit 208 based on the request contents of the companies A to C. According to the parameters and variations specified.

  The setting unit 208 is a functional unit that sets parameters and variations for error correction processing, confidentiality enhancement processing, key management, and key usage according to the request contents of the companies A to C, respectively.

  The distribution unit 207 is a functional unit that distributes the shared bit string, which is intermediate data generated by the shifting processing by the shifting processing unit 202, to the error correction processing units 203a to 203c. The distribution unit 207 determines a shared bit string distribution method to each of the error correction processing units 203a to 203c according to the request contents of the companies A to C. A specific shared bit string distribution method by the distribution unit 207 is the same as the shared bit string distribution method by the distribution unit 107 described above.

  Note that the quantum key sharing unit 201, the shifting processing unit 202, the error correction processing units 203a to 203c, the confidentiality enhancement processing units 204a to 204c, the key management units 205a to 205c, the key use units 206a to 206c, and the distribution shown in FIG. The unit 207, the setting unit 208, the communication unit 209, and the storage unit 210 conceptually show functions, and are not limited to such a configuration. For example, in the QKD device 2a shown in FIG. 8, a plurality of functional units illustrated as independent functional units may be configured as one functional unit. On the other hand, in the QKD device 2a shown in FIG. 8, the function of one functional unit may be divided into a plurality of units and configured as a plurality of functional units.

  In the present embodiment, the “common processing unit” of the present invention corresponds to the quantum key sharing unit 101 and the shifting processing unit 102 in the QKD apparatus 1a, and the “individual processing units” are error correction processing units 103a to 103c. This corresponds to each of the subsequent processing units. The same applies to the QKD device 2a. In the present embodiment, the “first key distillation processing unit” of the present invention corresponds to the shifting processing unit 102 in the QKD apparatus 1a, and the “second key distillation processing unit” corresponds to the error correction processing units 103a to 103c. , And a series of processing units of the confidentiality enhancement processing units 104a to 104c. The same applies to the QKD device 2a.

  As described above, in this embodiment as well, in the same way as in the first embodiment, a physical set of QKD devices is virtualized, and it appears that there are a plurality of sets of QKD devices (virtual QKD devices). Each user or user organization (company in the example of the above embodiment) is dedicated. And according to the request | requirement content of a some user or utilization organization, the virtual QKD apparatus which each user or utilization organization occupies by the different parameter and a different variation shall be operated. In particular, in the present embodiment, the virtual QKD apparatus is operated with different parameters and different variations for the processes after the error correction process among the processes of the quantum key distribution and the quantum encryption function. As a result, it is possible to provide quantum key distribution and quantum cryptography functions after error correction processing according to the request contents of a plurality of users and user organizations. That is, a set of physical QKD devices can actually provide different types of quantum key distribution and quantum cryptography functions. Other effects of the quantum key distribution system 100a according to the present embodiment are the same as the effects described in the first embodiment.

(Third embodiment)
The quantum key distribution system according to the third embodiment will be described focusing on differences from the quantum key distribution system 100 according to the first embodiment. In the present embodiment, of the processes of the quantum key distribution and the quantum cryptography function, the operations executed after the confidentiality enhancement process will be described with different parameters and different variations for each company. Note that the overall configuration of the quantum key distribution system according to the present embodiment, the hardware configuration of the QKD device, and the aspects of quantum key distribution and the virtualization of the quantum cryptography function are the same as those in the first embodiment.

  FIG. 9 is a diagram illustrating an example of a functional block configuration of the QKD apparatus according to the third embodiment. The configuration of functional blocks of the QKD device (QKD devices 1b and 2b) according to the present embodiment will be described with reference to FIG. Note that the description will focus on differences from the functional block configuration and encryption key sharing operation of the general QKD device described with reference to FIGS.

  As shown in FIG. 9, among the processes in the operation of the quantum cryptography function including quantum key distribution, the QKD devices 1b and 2b are assumed to be physical QKD devices for photon transmission / reception processing, shifting processing, and error correction processing. Run as usual. On the other hand, regarding the confidentiality enhancement processing, key management, and key use in the key distillation processing, the QKD devices 1b and 2b are virtual QKD devices A1 and A2 and virtual QKD that are virtualized for the companies A to C, respectively. The devices B1 and B2 and the virtual QKD devices C1 and C2 are independently executed with different parameters and different variations. Here, what parameters and variations exist in each of the confidentiality enhancement process, key management, and key use are as described above with reference to FIG. These parameters and variations are selected based on the request contents of the operators of the virtual QKD devices A1 and A2, the virtual QKD devices B1 and B2, and the virtual QKD devices C1 and C2.

  As shown in FIG. 9, the QKD device 1b of the quantum key distribution system 100b according to the present embodiment includes a quantum key sharing unit 101, a shifting processing unit 102, an error correction processing unit 103, and a confidentiality enhancement processing unit 104a. To 104c, key management units 105a to 105c, key use units 106a to 106c, a distribution unit 107, a setting unit 108, a communication unit 109, and a storage unit 110.

  The functions and configurations of the quantum key sharing unit 101, the communication unit 109, and the storage unit 110 are the same as the functions and configurations of the quantum key sharing unit 101, the communication unit 109, and the storage unit 110 of the QKD device 1 according to the first embodiment, respectively. It is.

  The shifting processing unit 102 is a functional unit that executes the same shifting processing as the shifting processing unit 12 described above with reference to FIG. In the shifting process, when the estimated error rate is calculated, it is assumed that a corresponding estimated error rate is associated with each generated shared bit string.

  The error correction processing unit 103 is a functional unit that executes the same error correction processing as the error correction processing unit 13 described above with reference to FIG. As a result of the error correction process, an error rate indicating how much error is included is associated with each generated bit string after correction.

  The functions and configurations of the confidentiality enhancement processing units 104a to 104c, the key management units 105a to 105c, and the key utilization units 106a to 106c are the confidentiality enhancement processing units 104a to 104c of the QKD device 1 according to the first embodiment, respectively. The functions and configurations of the key management units 105a to 105c and the key use units 106a to 106c are the same. That is, the confidentiality enhancement processing units 104a to 104c, the key management units 105a to 105c, and the key use units 106a to 106c operate according to the parameters and variations set by the setting unit 108 based on the request contents of the companies A to C, respectively. To do.

  The setting unit 108 is a functional unit that sets parameters and variations for confidentiality enhancement processing, key management, and key use according to the request contents of the companies A to C, respectively.

  The distribution unit 107 is a functional unit that distributes the corrected bit string, which is intermediate data generated by the error correction processing by the error correction processing unit 103, to the confidentiality enhancement processing units 104a to 104c. The distribution unit 107 determines the distribution method of the corrected bit string to each of the confidentiality enhancement processing units 104a to 104c according to the request contents of the companies A to C. In this case, you may consider the priority linked | related with each company A-C.

  The reference for determining the distribution method of the corrected bit string for the confidentiality enhancement processing units 104a to 104c by the distribution unit 107 may include the same as in the first embodiment. What can generally be used as a criterion for determining the distribution method of the corrected bit string is a key generation speed and an error rate. The distribution based on the key generation speed is as described in the first embodiment. The distribution based on the error rate is the same as the distribution based on the estimated error rate in the second embodiment. Here, the estimated error rate is an estimated value, whereas the error rate obtained as a result of the error correction process is strictly determined based on the number of errors included in the shared bit string.

  9, the quantum key sharing unit 101, the shifting processing unit 102, the error correction processing unit 103, the confidentiality enhancement processing units 104a to 104c, the key management units 105a to 105c, the key use units 106a to 106c, and the distribution unit 107. The setting unit 108, the communication unit 109, and the storage unit 110 conceptually show functions, and are not limited to such a configuration. For example, in the QKD device 1b illustrated in FIG. 9, a plurality of functional units illustrated as independent functional units may be configured as one functional unit. On the other hand, in the QKD device 1b shown in FIG. 9, the function of one functional unit may be divided into a plurality of units and configured as a plurality of functional units.

  As shown in FIG. 9, the QKD device 2b of the quantum key distribution system 100b according to the present embodiment includes a quantum key sharing unit 201, a shifting processing unit 202, an error correction processing unit 203, and a confidentiality enhancement processing unit 204a. To 204c, key management units 205a to 205c, key use units 206a to 206c, a distribution unit 207, a setting unit 208, a communication unit 209, and a storage unit 210.

  The functions and configurations of the quantum key sharing unit 201, the communication unit 209, and the storage unit 210 are the same as the functions and configurations of the quantum key sharing unit 201, the communication unit 209, and the storage unit 210 of the QKD device 2 according to the first embodiment, respectively. It is.

  The shifting processing unit 202 is a functional unit that executes the same shifting processing as the shifting processing unit 22 described above with reference to FIG. In the shifting process, when the estimated error rate is calculated, it is assumed that a corresponding estimated error rate is associated with each generated shared bit string.

  The error correction processing unit 203 is a functional unit that executes the same error correction processing as the error correction processing unit 23 described above with reference to FIG. As a result of the error correction process, an error rate indicating how much error is included is associated with each generated bit string after correction.

  The functions and configurations of the confidentiality enhancement processing units 204a to 204c, the key management units 205a to 205c, and the key utilization units 206a to 206c are the confidentiality enhancement processing units 204a to 204c of the QKD device 2 according to the first embodiment, respectively. The functions and configurations of the key management units 205a to 205c and the key use units 206a to 206c are the same. That is, the confidentiality enhancement processing units 204a to 204c, the key management units 205a to 205c, and the key use units 206a to 206c operate according to the parameters and variations set by the setting unit 208 based on the request contents of the companies A to C, respectively. To do.

  The setting unit 208 is a functional unit that sets parameters and variations for confidentiality enhancement processing, key management, and key usage according to the request contents of the companies A to C, respectively.

  The distribution unit 207 is a functional unit that distributes a corrected bit string, which is intermediate data generated by error correction processing by the error correction processing unit 203, to the confidentiality enhancement processing units 204a to 204c. The distribution unit 207 determines the distribution method of the corrected bit string to each of the confidentiality enhancement processing units 204a to 204c according to the request contents of the companies A to C. A specific distribution method of the corrected bit string by the distribution unit 207 is the same as the distribution method of the corrected bit string by the distribution unit 107 described above.

  Note that the quantum key sharing unit 201, the shifting processing unit 202, the error correction processing unit 203, the confidentiality enhancement processing units 204a to 204c, the key management units 205a to 205c, the key use units 206a to 206c, and the distribution unit 207 shown in FIG. The setting unit 208, the communication unit 209, and the storage unit 210 conceptually show functions, and are not limited to such a configuration. For example, in the QKD device 2b shown in FIG. 9, a plurality of functional units illustrated as independent functional units may be configured as one functional unit. On the other hand, in the QKD device 2b shown in FIG. 9, the function of one functional unit may be divided into a plurality of units and configured as a plurality of functional units.

  In the present embodiment, the “common processing unit” of the present invention corresponds to the quantum key sharing unit 101, the shifting processing unit 102, and the error correction processing unit 103 in the QKD device 1b, and the “individual processing unit” is a secret. It corresponds to each processing unit after the property enhancement processing units 104a to 104c. The same applies to the QKD device 2b. In the present embodiment, the “first key distillation processing unit” of the present invention corresponds to the shifting processing unit 102 and the error correction processing unit 103 in the QKD apparatus 1b, and the “second key distillation processing unit” is a secret. It corresponds to each of the sex enhancement processing units 104a to 104c. The same applies to the QKD device 2b.

  As described above, in this embodiment as well, in the same way as in the first embodiment, a physical set of QKD devices is virtualized, and it appears that there are a plurality of sets of QKD devices (virtual QKD devices). Each user or user organization (company in the example of the above embodiment) is dedicated. And according to the request | requirement content of a some user or utilization organization, the virtual QKD apparatus which each user or utilization organization occupies by the different parameter and a different variation shall be operated. In particular, in the present embodiment, the virtual QKD device is operated with different parameters and different variations for the processing after the confidentiality enhancement processing among the processing of the quantum key distribution and the quantum encryption function. As a result, it is possible to provide quantum key distribution and quantum cryptography functions after confidentiality enhancement processing according to the contents of requests of a plurality of users and user organizations. That is, a set of physical QKD devices can actually provide different types of quantum key distribution and quantum cryptography functions. Other effects of the quantum key distribution system 100b according to the present embodiment are the same as the effects described in the first embodiment.

(Fourth embodiment)
A quantum key distribution system according to the fourth embodiment will be described focusing on differences from the quantum key distribution system 100 according to the first embodiment. In the present embodiment, of the processes of the quantum cryptography function, the operations performed for the key management and key use processes with different parameters and different variations for each company will be described. Note that the overall configuration of the quantum key distribution system according to the present embodiment, the hardware configuration of the QKD device, and the aspects of quantum key distribution and the virtualization of the quantum cryptography function are the same as those in the first embodiment.

  FIG. 10 is a diagram illustrating an example of a functional block configuration of the QKD apparatus according to the fourth embodiment. The configuration of the functional blocks of the QKD device (QKD devices 1c and 2c) according to the present embodiment will be described with reference to FIG. Note that the description will focus on differences from the functional block configuration and encryption key sharing operation of the general QKD device described with reference to FIGS.

  As shown in FIG. 10, among the processes in the operation of the quantum cryptography function including quantum key distribution, the QKD devices 1c and 2c are physically connected to the photon transmission / reception process, the shifting process, the error correction process, and the confidentiality enhancement process. As a typical QKD device. On the other hand, for key management and key usage, the QKD devices 1c and 2c are virtual QKD devices A1 and A2, virtual QKD devices B1 and B2, and virtual QKD devices C1 and C2, which are virtualized with respect to companies A to C, respectively. As above, it is executed independently with different parameters and different variations. Here, what parameters and variations exist in each of the key management and the key use are as described above with reference to FIG. These parameters and variations are selected based on the request contents of the operators of the virtual QKD devices A1 and A2, the virtual QKD devices B1 and B2, and the virtual QKD devices C1 and C2.

  As illustrated in FIG. 10, the QKD device 1c of the quantum key distribution system 100c according to the present embodiment includes a quantum key sharing unit 101, a shifting processing unit 102, an error correction processing unit 103, and a confidentiality enhancement processing unit 104. A key management unit 105a to 105c, a key use unit 106a to 106c, a distribution unit 107, a setting unit 108, a communication unit 109, and a storage unit 110.

  The functions and configurations of the quantum key sharing unit 101, the communication unit 109, and the storage unit 110 are the same as the functions and configurations of the quantum key sharing unit 101, the communication unit 109, and the storage unit 110 of the QKD device 1 according to the first embodiment, respectively. It is.

  The shifting processing unit 102 is a functional unit that executes the same shifting processing as the shifting processing unit 12 described above with reference to FIG. In the shifting process, when the estimated error rate is calculated, it is assumed that a corresponding estimated error rate is associated with each generated shared bit string.

  The error correction processing unit 103 is a functional unit that executes the same error correction processing as the error correction processing unit 13 described above with reference to FIG. As a result of the error correction process, an error rate indicating how much error is included is associated with each generated bit string after correction.

  The confidentiality enhancement processing unit 104 is a functional unit that normally executes the confidentiality enhancement processing similar to the confidentiality enhancement processing unit 14 described above with reference to FIG.

  Functions and configurations of the key management units 105a to 105c and the key use units 106a to 106c are the same as the functions and configurations of the key management units 105a to 105c and the key use units 106a to 106c of the QKD device 1 according to the first embodiment, respectively. It is. That is, the key management units 105a to 105c and the key use units 106a to 106c operate according to the parameters and variations set by the setting unit 108 based on the request contents of the companies A to C, respectively.

  The setting unit 108 is a functional unit that sets parameters and variations for key management and key use according to the request contents of the companies A to C, respectively.

  The distribution unit 107 is a functional unit that distributes the encryption key, which is intermediate data generated by the confidentiality enhancement processing by the confidentiality enhancement processing unit 104, to the key management units 105a to 105c. The distribution unit 107 determines a method for distributing the encryption key to each of the key management units 105a to 105c according to the request contents of the companies A to C. In this case, you may consider the priority linked | related with each company A-C.

  The criteria for determining the encryption key distribution method for the key management units 105a to 105c by the distribution unit 107 may include the same as those in the first embodiment described above. The key generation speed and error rate that can be generally used as the criteria for determining the encryption key distribution method. The distribution based on the key generation speed is as described in the first embodiment. The distribution based on the error rate is as described in the third embodiment.

  10, the quantum key sharing unit 101, the shifting processing unit 102, the error correction processing unit 103, the confidentiality enhancement processing unit 104, the key management units 105a to 105c, the key use units 106a to 106c, the distribution unit 107, the setting The unit 108, the communication unit 109, and the storage unit 110 conceptually show functions, and are not limited to such a configuration. For example, in the QKD device 1c illustrated in FIG. 10, a plurality of functional units illustrated as independent functional units may be configured as one functional unit. On the other hand, in the QKD device 1c shown in FIG. 10, the function of one functional unit may be divided into a plurality of units and configured as a plurality of functional units.

  As shown in FIG. 10, the QKD device 2c of the quantum key distribution system 100c according to the present embodiment includes a quantum key sharing unit 201, a shifting processing unit 202, an error correction processing unit 203, and a confidentiality enhancement processing unit 204. A key management unit 205a to 205c, a key use unit 206a to 206c, a distribution unit 207, a setting unit 208, a communication unit 209, and a storage unit 210.

  The functions and configurations of the quantum key sharing unit 201, the communication unit 209, and the storage unit 210 are the same as the functions and configurations of the quantum key sharing unit 201, the communication unit 209, and the storage unit 210 of the QKD device 2 according to the first embodiment, respectively. It is.

  The shifting processing unit 202 is a functional unit that executes the same shifting processing as the shifting processing unit 22 described above with reference to FIG. In the shifting process, when the estimated error rate is calculated, it is assumed that a corresponding estimated error rate is associated with each generated shared bit string.

  The error correction processing unit 203 is a functional unit that executes the same error correction processing as the error correction processing unit 23 described above with reference to FIG. As a result of the error correction process, an error rate indicating how much error is included is associated with each generated bit string after correction.

  The confidentiality enhancement processing unit 204 is a functional unit that normally executes the confidentiality enhancement processing similar to the confidentiality enhancement processing unit 24 described above with reference to FIG.

  The functions and configurations of the key management units 205a to 205c and the key use units 206a to 206c are the same as the functions and configurations of the key management units 205a to 205c and the key use units 206a to 206c of the QKD device 2 according to the first embodiment, respectively. It is. That is, the key management units 205a to 205c and the key use units 206a to 206c operate according to the parameters and variations set by the setting unit 208 based on the request contents of the companies A to C, respectively.

  The setting unit 208 is a functional unit that sets parameters and variations for key management and key use according to the request contents of the companies A to C, respectively.

  The distribution unit 207 is a functional unit that distributes the encryption key generated by the confidentiality enhancement processing by the confidentiality enhancement processing unit 204 to the key management units 205a to 205c. The distribution unit 207 determines an encryption key distribution method to each of the key management units 205a to 205c according to the request contents of the companies A to C. A specific encryption key distribution method by the distribution unit 207 is the same as the encryption key distribution method by the distribution unit 107 described above.

  Note that the quantum key sharing unit 201, the shifting processing unit 202, the error correction processing unit 203, the confidentiality enhancement processing unit 204, the key management units 205a to 205c, the key use units 206a to 206c, the distribution unit 207, and the setting illustrated in FIG. The unit 208, the communication unit 209, and the storage unit 210 conceptually show functions, and are not limited to such a configuration. For example, in the QKD device 2c shown in FIG. 10, a plurality of functional units illustrated as independent functional units may be configured as one functional unit. On the other hand, the QKD device 2c shown in FIG. 10 may be configured as a plurality of functional units divided into a plurality of functions of one functional unit.

  In the present embodiment, the “common processing unit” of the present invention corresponds to the quantum key sharing unit 101, the shifting processing unit 102, the error correction processing unit 103, and the confidentiality enhancement processing unit 104 in the QKD device 1c. The “individual processing unit” corresponds to each processing unit after the key management units 105a to 105c. The same applies to the QKD device 2c. In the present embodiment, the “key distillation processing unit” of the present invention corresponds to the shifting processing unit 102, the error correction processing unit 103, and the confidentiality enhancement processing unit 104 in the QKD device 1c. The same applies to the QKD device 2c.

  As described above, in this embodiment as well, in the same way as in the first embodiment, a physical set of QKD devices is virtualized, and it appears that there are a plurality of sets of QKD devices (virtual QKD devices). Each user or user organization (company in the example of the above embodiment) is dedicated. And according to the request | requirement content of a some user or utilization organization, the virtual QKD apparatus which each user or utilization organization occupies by the different parameter and a different variation shall be operated. In particular, in the present embodiment, the virtual QKD apparatus is operated with different parameters and different variations for key management and key use processing among the processes of the quantum cryptography function. As a result, it is possible to provide a quantum cryptography function for key management and key usage according to the respective request contents of a plurality of users and user organizations. That is, a set of physical QKD devices can actually provide different types of quantum key distribution and quantum cryptography functions. Other effects of the quantum key distribution system 100c according to the present embodiment are the same as the effects described in the first embodiment.

(Fifth embodiment)
A quantum key distribution system according to the fifth embodiment will be described focusing on differences from the quantum key distribution system 100 according to the first embodiment. In the present embodiment, of the quantum cryptographic function processing, the operation to be performed with respect to the key use processing will be described with different parameters and different variations for each company. Note that the overall configuration of the quantum key distribution system according to the present embodiment, the hardware configuration of the QKD device, and the aspects of quantum key distribution and the virtualization of the quantum cryptography function are the same as those in the first embodiment.

  FIG. 11 is a diagram illustrating an example of a functional block configuration of a QKD apparatus according to the fifth embodiment. The configuration of functional blocks of the QKD device (QKD devices 1d and 2d) according to the present embodiment will be described with reference to FIG. Note that the description will focus on differences from the functional block configuration and encryption key sharing operation of the general QKD device described with reference to FIGS.

  As shown in FIG. 11, among the processes in the operation of the quantum cryptography function including quantum key distribution, the QKD devices 1d, 2d are used for photon transmission / reception processing, shifting processing, error correction processing, confidentiality enhancement processing, and key management. Runs normally as a physical QKD device. On the other hand, with respect to key usage, QKD devices 1d and 2d are different as virtual QKD devices A1 and A2, virtual QKD devices B1 and B2, and virtual QKD devices C1 and C2, which are virtualized for companies A to C, respectively. Run independently with parameters and different variations. Here, the parameters and variations in each key usage are as described above with reference to FIG. These parameters and variations are selected based on the request contents of the operators of the virtual QKD devices A1 and A2, the virtual QKD devices B1 and B2, and the virtual QKD devices C1 and C2.

  As shown in FIG. 11, the QKD device 1d of the quantum key distribution system 100d according to the present embodiment includes a quantum key sharing unit 101, a shifting processing unit 102, an error correction processing unit 103, and a confidentiality enhancement processing unit 104. A key management unit 105, key use units 106a to 106c, a distribution unit 107, a setting unit 108, a communication unit 109, and a storage unit 110.

  The functions and configurations of the quantum key sharing unit 101, the communication unit 109, and the storage unit 110 are the same as the functions and configurations of the quantum key sharing unit 101, the communication unit 109, and the storage unit 110 of the QKD device 1 according to the first embodiment, respectively. It is.

  The shifting processing unit 102 is a functional unit that executes the same shifting processing as the shifting processing unit 12 described above with reference to FIG. In the shifting process, when the estimated error rate is calculated, it is assumed that a corresponding estimated error rate is associated with each generated shared bit string.

  The error correction processing unit 103 is a functional unit that executes the same error correction processing as the error correction processing unit 13 described above with reference to FIG. As a result of the error correction process, an error rate indicating how much error is included is associated with each generated bit string after correction.

  The confidentiality enhancement processing unit 104 is a functional unit that normally executes the confidentiality enhancement processing similar to the confidentiality enhancement processing unit 14 described above with reference to FIG.

  The key management unit 105 is a functional unit that performs key management as usual, similar to the key management unit 15 described above with reference to FIG.

  The functions and configurations of the key utilization units 106a to 106c are the same as the functions and configurations of the key utilization units 106a to 106c of the QKD device 1 according to the first embodiment, respectively. That is, the key use units 106a to 106c operate according to the parameters and variations set by the setting unit 108 based on the request contents of the companies A to C, respectively.

  The setting unit 108 is a functional unit that sets key use parameters and variations according to the request contents of the companies A to C, respectively.

  The distribution unit 107 is a functional unit that distributes the encryption key, which is intermediate data provided by the key management unit 105, to the key use units 106a to 106c. The distribution unit 107 determines a method for distributing the encryption key to each of the key use units 106a to 106c according to the request contents of the companies A to C. In this case, you may consider the priority linked | related with each company A-C.

  The criteria for determining the encryption key distribution method for the key use units 106a to 106c by the distribution unit 107 may include the same as those in the fourth embodiment described above.

  Note that the quantum key sharing unit 101, the shifting processing unit 102, the error correction processing unit 103, the confidentiality enhancement processing unit 104, the key management unit 105, the key use units 106a to 106c, the distribution unit 107, and the setting unit 108 illustrated in FIG. The communication unit 109 and the storage unit 110 conceptually show functions, and are not limited to such a configuration. For example, in the QKD device 1d illustrated in FIG. 11, a plurality of functional units illustrated as independent functional units may be configured as one functional unit. On the other hand, the QKD device 1d shown in FIG. 11 may be configured as a plurality of functional units divided into a plurality of functions included in one functional unit.

  As shown in FIG. 11, the QKD device 2d of the quantum key distribution system 100d according to the present embodiment includes a quantum key sharing unit 201, a shifting processing unit 202, an error correction processing unit 203, and a confidentiality enhancement processing unit 204. A key management unit 205, key use units 206a to 206c, a distribution unit 207, a setting unit 208, a communication unit 209, and a storage unit 210.

  The functions and configurations of the quantum key sharing unit 201, the communication unit 209, and the storage unit 210 are the same as the functions and configurations of the quantum key sharing unit 201, the communication unit 209, and the storage unit 210 of the QKD device 2 according to the first embodiment, respectively. It is.

  The shifting processing unit 202 is a functional unit that executes the same shifting processing as the shifting processing unit 22 described above with reference to FIG. In the shifting process, when the estimated error rate is calculated, it is assumed that a corresponding estimated error rate is associated with each generated shared bit string.

  The error correction processing unit 203 is a functional unit that executes the same error correction processing as the error correction processing unit 23 described above with reference to FIG. As a result of the error correction process, an error rate indicating how much error is included is associated with each generated bit string after correction.

  The confidentiality enhancement processing unit 204 is a functional unit that normally executes the confidentiality enhancement processing similar to the confidentiality enhancement processing unit 24 described above with reference to FIG.

  The key management unit 205 is a functional unit that performs key management as usual, similarly to the key management unit 25 described above with reference to FIG.

  The functions and configurations of the key utilization units 206a to 206c are the same as the functions and configurations of the key utilization units 206a to 206c of the QKD device 2 according to the first embodiment, respectively. That is, the key use units 206a to 206c operate according to the parameters and variations set by the setting unit 208 based on the request contents of the companies A to C, respectively.

  The setting unit 208 is a functional unit that sets key use parameters and variations according to the request contents of the companies A to C, respectively.

  The distribution unit 207 is a functional unit that distributes the encryption key provided by the key management unit 205 to the key use units 206a to 206c. The distribution unit 207 determines an encryption key distribution method to each of the key use units 206a to 206c according to the request contents of the companies A to C. A specific encryption key distribution method by the distribution unit 207 is the same as the encryption key distribution method by the distribution unit 107 described above.

  Note that the quantum key sharing unit 201, the shifting processing unit 202, the error correction processing unit 203, the confidentiality enhancement processing unit 204, the key management unit 205, the key use units 206a to 206c, the distribution unit 207, and the setting unit 208 illustrated in FIG. The communication unit 209 and the storage unit 210 conceptually show functions, and are not limited to such a configuration. For example, in the QKD device 2d shown in FIG. 11, a plurality of functional units illustrated as independent functional units may be configured as one functional unit. On the other hand, the QKD device 2d shown in FIG. 11 may be configured as a plurality of functional units divided into a plurality of functions included in one functional unit.

  In the present embodiment, the “common processing unit” of the present invention includes the quantum key sharing unit 101, the shifting processing unit 102, the error correction processing unit 103, the confidentiality enhancement processing unit 104, and the key management unit 105 in the QKD device 1d. The “individual processing unit” corresponds to each of the key use units 106a to 106c. The same applies to the QKD device 2d.

  As described above, in this embodiment as well, in the same way as in the first embodiment, a physical set of QKD devices is virtualized, and it appears that there are a plurality of sets of QKD devices (virtual QKD devices). Each user or user organization (company in the example of the above embodiment) is dedicated. And according to the request | requirement content of a some user or utilization organization, the virtual QKD apparatus which each user or utilization organization occupies by the different parameter and a different variation shall be operated. In particular, in the present embodiment, the virtual QKD device is operated with different parameters and different variations for the key use processing among the processes of the quantum cryptography function. As a result, it is possible to provide a quantum cryptography function for key use according to the request contents of a plurality of users and user organizations. That is, a set of physical QKD devices can actually provide different types of quantum key distribution and quantum cryptography functions. Other effects of the quantum key distribution system 100d according to the present embodiment are the same as the effects described in the first embodiment.

(Sixth embodiment)
The quantum key distribution system according to the sixth embodiment will be described focusing on differences from the quantum key distribution system 100 according to the first embodiment. In the first embodiment, among the processes of quantum key distribution and quantum cryptography functions, the processes after the shifting process are executed with different parameters and different variations on the virtual QKD device in order to respond to the request contents of each company. The operation has been described. In the present embodiment, physical requirements are met so as to satisfy the requirements of companies (operators) for operations on the virtual QKD device (requests of companies, policies, service level agreements agreed with QKD device providers, etc.). The contents of the QKD device will be described. Note that the overall configuration of the quantum key distribution system according to the present embodiment, the hardware configuration of the QKD device, and the aspects of quantum key distribution and the virtualization of the quantum cryptography function are the same as those in the first embodiment.

  FIG. 12 is a diagram illustrating an example of a functional block configuration of a QKD apparatus according to the sixth embodiment. The configuration of functional blocks of the QKD devices (QKD devices 1e and 2e) of the quantum key distribution system 100e according to the present embodiment will be described with reference to FIG. Note that the description will focus on differences from the functional block configuration and encryption key sharing operation of the general QKD device described with reference to FIGS.

  In the example illustrated in FIG. 12, for example, a configuration in which a function of transmitting and detecting photons is enhanced in order to meet a request content regarding a key generation speed of a company or the like. That is, the QKD device 1e side physically includes two quantum key sharing units (quantum key sharing units 101a and 101b), and the QKD device 2e side physically includes two quantum key sharing units (quantum key sharing units). Part 201a, 201b). The configuration of other functional blocks of the QKD devices 1e and 2e is the same as the configuration of each of the QKD devices 1 and 2 according to the first embodiment shown in FIG. That is, with respect to key distillation processing (shifting processing, error correction processing, and confidentiality enhancement processing), key management, and key usage, the QKD devices 1e and 2e are respectively virtualized according to the contents of requests from companies A to C. The virtual QKD devices A1 and A2, the virtual QKD devices B1 and B2, and the virtual QKD devices C1 and C2 are executed independently with different parameters and different variations. Here, what parameters and variations exist in each of the shifting processing, error correction processing, confidentiality enhancement processing, key management, and key usage are as described above with reference to FIG. These parameters and variations are selected based on the request contents of the operators of the virtual QKD devices A1 and A2, the virtual QKD devices B1 and B2, and the virtual QKD devices C1 and C2. Further, the two quantum key sharing units of the QKD devices 1e and 2e are realized by providing two optical processing devices 306 shown in FIG.

  As shown in FIG. 12, it is possible to increase the generation speed of transmission photon information and detection photon information by enhancing physical hardware devices (quantum key sharing units 101a, 101b, 201a, 201b). . Then, the distribution unit 107 distributes the increased transmission photon information to the shifting processing units 102a to 102c, and the distribution unit 207 distributes the increased detected photon information to the shifting processing units 202a to 202c. This makes it possible to satisfy the requirements of companies A to C regarding the final encryption key generation speed (key generation speed).

  In the configuration shown in FIG. 12, since the processing after the shifting processing is virtualized as in the first embodiment, physical quantum key sharing that is a generation source of transmission photon information and detection photon information is performed. Even if the number of units (optical processing device 306) is increased (or decreased), the distribution unit 107 (207) appropriately distributes the transmitted photon information and the detected photon information, thereby obtaining a virtual QKD device. The influence on the operation part of can be reduced.

  Note that the quantum key sharing units 101a and 101b, the shifting processing units 102a to 102c, the error correction processing units 103a to 103c, the confidentiality enhancement processing units 104a to 104c, the key management units 105a to 105c, and the key use unit 106a illustrated in FIG. ˜106c, the distribution unit 107, the setting unit 108, the communication unit 109, and the storage unit 110 conceptually show functions, and are not limited to such a configuration. For example, in the QKD device 1e shown in FIG. 12, a plurality of functional units illustrated as independent functional units may be configured as one functional unit. On the other hand, in the QKD device 1e shown in FIG. 12, the function of one function unit may be divided into a plurality of functions and configured as a plurality of function units.

  Also, the quantum key sharing units 201a and 201b, the shifting processing units 202a to 202c, the error correction processing units 203a to 203c, the confidentiality enhancement processing units 204a to 204c, the key management units 205a to 205c, and the key use unit 206a shown in FIG. ˜206c, the distribution unit 207, the setting unit 208, the communication unit 209, and the storage unit 210 conceptually show functions, and are not limited to such a configuration. For example, in the QKD device 2e shown in FIG. 12, a plurality of functional units illustrated as independent functional units may be configured as one functional unit. On the other hand, in the QKD device 2e shown in FIG. 12, the function of one functional unit may be divided into a plurality of units and configured as a plurality of functional units.

  Further, in the present embodiment, the “common processing unit” of the present invention corresponds to the quantum key sharing units 101a and 101b in the QKD device 1e, and the “individual processing unit” corresponds to each of the shifting processing units 102a to 102c and the subsequent ones. It corresponds to a processing unit. The same applies to the QKD device 2e.

  As described above, by increasing the physical hardware device (in the above-described quantum key sharing unit), for example, in order to cope with or enhance the failure of the physical QKD device, the hardware of the physical QKD device Even if addition or deletion occurs, it is possible to continue the operation of the quantum key distribution system 100e while suppressing only a part of the influence such as deterioration of the key generation speed on the virtual QKD device. In addition, it goes without saying that the quantum key distribution system 100e according to the present embodiment has the effects described in the first embodiment.

  Note that, as described above, the configuration in which the physical hardware device (quantum key sharing units 101a, 101b, 201a, 201b in the example illustrated in FIG. 12) is increased is the quantum device according to the second to fifth embodiments described above. It can be applied to a key distribution system.

  Further, in the example shown in FIG. 12, a configuration in which physical hardware devices are augmented is shown. However, in order to satisfy the contents of requests from companies (operators) for operations on virtual QKD devices, You may make it respond | correspond by adjustment of the setting with respect to an apparatus. For example, a response may be made such as adjusting physical device settings so that transmission photon information / detection photon information can be distributed to all virtual QKD devices. In addition, for example, when there is a key generation speed required by the virtual QKD device even in relation to the key generation speed, quantum key sharing is performed so that photon transmission / reception processing exceeding the total value of these key generation speeds can be realized It is also possible to cope with such adjustments of the units (for example, changing the laser driving speed) or adding dedicated processing hardware for realizing the operation of the virtual QKD device. In this case, a configuration in which some of the increased dedicated processing hardware is used only by some of the virtual QKD devices is also possible.

  The program executed by the QKD device according to each of the above-described embodiments may be provided by being incorporated in advance in the ROM 302, for example.

  The program executed by the QKD device according to each of the above-described embodiments is a file in an installable format or an executable format and is a CD-ROM (Compact Disk Read Only Memory), a flexible disk (FD), a CD-R. (Compact Disk Recordable), DVD (Digital Versatile Disk), and the like may be recorded on a computer-readable recording medium and provided as a computer program product.

  Further, the program executed by the QKD device according to each of the above-described embodiments may be provided by being stored on a computer connected to a network such as the Internet and downloaded via the network. The program executed by the QKD device according to each of the above embodiments may be provided or distributed via a network such as the Internet.

  In addition, the program executed by the QKD device according to each of the above-described embodiments can cause a computer to function as each functional unit of the above-described QKD device. In this computer, the CPU 301 can read a program from a computer-readable storage medium onto a main storage device and execute the program.

  Although the embodiments of the present invention have been described, these embodiments are presented as examples, and are not intended to limit the scope of the invention. These novel embodiments can be implemented in various other forms, and various omissions, replacements, and changes can be made without departing from the spirit of the invention. These embodiments are included in the scope and gist of the invention, and are included in the invention described in the claims and the equivalents thereof.

DESCRIPTION OF SYMBOLS 1, 1a-1e, 2, 2a-2e QKD apparatus 3 Optical fiber link 4 Communication cable 10 QKD apparatus 11 Quantum key sharing part 12 Shifting process part 13 Error correction process part 14 Confidentiality enhancement process part 15 Key management part 16 Key Use unit 17 Communication unit 18 Storage unit 20 QKD device 21 Quantum key sharing unit 22 Shifting processing unit 23 Error correction processing unit 24 Confidentiality enhancement processing unit 25 Key management unit 26 Key use unit 27 Communication unit 28 Storage unit 100, 100a to 100a 100e Quantum key distribution system 101, 101a, 101b Quantum key sharing unit 102, 102a-102c Shifting processing unit 103, 103a-103c Error correction processing unit 104, 104a-104c Confidentiality enhancement processing unit 105, 105a-105c Key management unit 106a to 106c Key utilization unit 107 Distribution unit 108 Fixed unit 109 Communication unit 110 Storage unit 201 Quantum key sharing unit 202, 202a to 202c Shifting processing unit 203, 203a to 203c Error correction processing unit 204, 204a to 204c Confidentiality enhancement processing unit 205, 205a to 205c Key management unit 206a ˜206c Key utilization unit 207 distribution unit 208 setting unit 209 communication unit 210 storage unit 301 CPU
302 ROM
303 RAM
304 Communication I / F
305 Auxiliary storage device 306 Optical processing device 307 Bus 500 Quantum key distribution system A1, A2, B1, B2, C1, C2 Virtual QKD device

Claims (13)

A quantum key distribution device that is connected to another quantum key distribution device via a quantum communication channel and shares an encryption key,
A common processing unit that outputs intermediate data based on bit information acquired by transmission or reception of a photon sequence with the other quantum key distribution device via the quantum communication channel;
One or more individual processing units that generate or provide the encryption key based on the intermediate data;
A distribution unit that distributes the intermediate data output by the common processing unit to two or more distribution destinations including the one or more individual processing units;
Quantum key distribution device. The common processing unit includes a quantum key sharing unit that outputs transmission photon information or detection photon information as the intermediate data,
The one or more individual processing units each include a key distillation processing unit that generates the encryption key by key distillation processing from the transmission photon information or the detected photon information that is the intermediate data distributed by the distribution unit. Item 2. The quantum key distribution device according to Item 1. The distribution unit equally distributes the intermediate data to two or more individual processing units,
The quantum key distribution device according to claim 1. The distribution unit determines a distribution method of the intermediate data based on a request content in each individual processing unit for two or more individual processing units.
The quantum key distribution device according to claim 1.   The distribution unit determines the intermediate data according to a request content that defines at least one of base bias, a ratio of decoy pulses and vacuum pulses, dispersion of the decoy pulses and vacuum pulses, and dispersion of laser intensity. The quantum key distribution device according to claim 2, wherein the quantum key distribution device is allocated to each of the key distillation processing units.   The quantum key distribution device according to claim 1, wherein the distribution unit distributes the intermediate data to the individual processing units in accordance with a request content that defines a generation speed of the intermediate data. The common processing unit includes:
A quantum key sharing unit for obtaining a photon bit string corresponding to the photon string transmitted or received via the quantum communication path;
A first key distillation processing unit that executes a part of the key distillation process from the photon bit string and outputs the intermediate data;
Including
The one or more individual processing units execute a remaining process excluding the part of the key distillation process from the intermediate data distributed by the distribution unit to generate the encryption key. The quantum key distribution apparatus according to claim 1, each including a key distillation processing unit. The first key distillation processing unit calculates an estimated error rate for the intermediate data;
The quantum key distribution device according to claim 7, wherein the distribution unit distributes the intermediate data to the second key distillation processing unit according to a request content that defines the estimated error rate corresponding to the intermediate data. The first key distillation processing unit obtains an error rate of the intermediate data by error correction processing of the key distillation processing for the intermediate data,
The quantum key distribution device according to claim 7, wherein the distribution unit distributes the intermediate data to the second key distillation processing unit according to a request content that defines the error rate corresponding to the intermediate data. The common processing unit includes:
A quantum key sharing unit for obtaining a photon bit string corresponding to the photon string transmitted or received via the quantum communication path;
A key distillation processing unit that outputs the encryption key generated by the key distillation process from the photon bit string as the intermediate data;
Including
The quantum key distribution device according to claim 1, wherein each of the one or more individual processing units includes a key management unit that provides the application with the encryption key that is the intermediate data distributed by the distribution unit.   The quantum key distribution device according to claim 2, wherein the common processing unit includes two or more quantum key sharing units. A quantum key distribution system in which a plurality of quantum key distribution devices are connected via a quantum communication channel and share an encryption key,
The plurality of quantum key distribution devices include:
A common processing unit that outputs intermediate data based on bit information acquired by transmission or reception of a photon sequence with another quantum key distribution device via the quantum communication channel;
One or more individual processing units that generate or provide the encryption key based on the intermediate data;
A distribution unit that distributes the intermediate data output by the common processing unit to two or more distribution destinations including the one or more individual processing units;
Quantum key distribution system with A quantum key distribution method of a quantum key distribution system in which a plurality of quantum key distribution devices are connected via a quantum communication channel and share an encryption key,
A common processing step of outputting intermediate data based on bit information acquired by transmission or reception of a photon sequence with another quantum key distribution device via the quantum communication path;
An individual processing step in which one or more individual processing units generate or provide the encryption key based on the intermediate data;
A distribution step for distributing the intermediate data output in the common processing step to two or more distribution destinations including the one or more individual processing units;
A quantum key distribution method comprising:

Images