CN119561687A - Method, apparatus, medium and device for synchronizing quantum keys - Google Patents
Method, apparatus, medium and device for synchronizing quantum keys Download PDFInfo
- Publication number
- CN119561687A CN119561687A CN202510133610.7A CN202510133610A CN119561687A CN 119561687 A CN119561687 A CN 119561687A CN 202510133610 A CN202510133610 A CN 202510133610A CN 119561687 A CN119561687 A CN 119561687A
- Authority
- CN
- China
- Prior art keywords
- quantum key
- terminal
- response
- message
- qkd device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/12—Transmitting and receiving encryption devices synchronised or initially set up in a particular manner
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Optical Communication System (AREA)
Abstract
The invention provides a method, a device, a medium and a device for synchronizing quantum keys, wherein the method comprises the steps of firstly respectively acquiring quantum key sequences generated by quantum key distribution by a QKD device from the QKD devices connected to two terminals by utilizing identification of the quantum key sequences, and then respectively acquiring quantum keys for encryption/decryption from the two terminals acquiring the quantum key sequences by utilizing index positions of the quantum keys so as to ensure that the two terminals can synchronously update to symmetric quantum keys from the connected QKD devices, thereby providing guarantee for data security transmission between the terminals.
Description
Technical Field
The present invention relates to the field of quantum communications technologies, and in particular, to a method, an apparatus, a medium, and a device for synchronizing quantum keys.
Background
In a quantum key distribution (Quantum Key Distribution, QKD) system, an emitter generates quantum states from a quantum bit source (e.g., photons), and the quantum states are encoded and transmitted to a receiver using quantum mechanical properties (e.g., quantum unclonable theorem and uncertainty principles). The transmitting side and the receiving side randomly select a measuring base to measure the quantum state, the measuring base is compared through a classical channel, consistent bits are screened out, and then after-treatment steps such as key negotiation, privacy amplification and the like are carried out, so that a safe quantum key is finally generated. This process ensures the randomness, uniqueness and unconditional security of the key.
Therefore, how to realize real-time synchronous storage and management of quantum keys at both ends of QKD is always a problem to be solved in the field of secret communication. This is not only the basis for ensuring that both parties can use fully consistent keys for encryption and decryption operations, but also the core for maintaining the security of the communication process. By synchronously storing the keys, potential key leakage and tampering risks can be resisted, and only legal communication parties can decrypt information, so that solid security guarantee is provided for encrypted communication at present of increasing quantum computing threat.
Disclosure of Invention
The present invention aims to provide a method, a device, a medium and a device for synchronizing quantum keys.
According to an aspect of the present invention there is provided a method for synchronizing quantum keys comprising S111 a first terminal receives a quantum key sequence from a first QKD device and sends a quantum key cache synchronization message to a second terminal in response to receipt of the quantum key sequence from the first QKD device, the quantum key cache synchronization message comprising an identification of the quantum key sequence S112 a second terminal receives a quantum key cache synchronization message from the first terminal and obtains the quantum key sequence with the identification from the second QKD device in response to receipt of the quantum key cache synchronization message from the first terminal, and then sends a quantum key cache synchronization response message to the first terminal in response to obtaining the quantum key sequence with the identification from the second QKD device S113 the first terminal receives the quantum key cache synchronization response message from the second terminal and sends a local quantum key synchronization message to the second terminal in response to receipt of the quantum key cache synchronization message from the second terminal, S114 the second terminal receives the local quantum key synchronization message from the first terminal and receives the local quantum key cache synchronization message from the first terminal and in response to receipt of the quantum key cache synchronization message from the second terminal as a local key in response to receipt of the quantum key sequence from the first terminal and a quantum key in response to receipt of the quantum key sequence from the second terminal to the quantum key cache synchronization message from the second terminal, and then sends a quantum key sequence to the first terminal in response to the quantum key sequence from the quantum key buffer synchronization message from the second terminal to the first terminal and the quantum key buffer synchronization message from the quantum key sequence is sent to the second terminal in response to the quantum key sequence. And in response to receiving a local quantum key synchronization response message from a second terminal, obtaining a second quantum key from a quantum key sequence from the first QKD device according to the index location as a quantum key currently used to encrypt data in the first terminal, wherein the first terminal is connected to the first QKD device, the second terminal is connected to the second QKD device, the quantum key sequence resulting from quantum key distribution by the first and second QKD devices via free space and/or optical fibers.
According to another aspect of the invention there is provided a method for synchronizing quantum keys comprising the steps of receiving a quantum key sequence from a first QKD device at a first terminal, transmitting a quantum key cache synchronization message to a second terminal in response to receipt of the quantum key sequence from the first QKD device, the quantum key cache synchronization message comprising an identification of the quantum key sequence, causing the second terminal to obtain a quantum key sequence with the identification from the second QKD device in response to receipt of the quantum key cache synchronization message from the first terminal, then transmitting a quantum key cache synchronization response message to the first terminal in response to obtaining the quantum key sequence with the identification from the second QKD device, receiving a quantum key cache synchronization response message from the second terminal, transmitting a local quantum key synchronization message to the second terminal in response to receipt of the quantum key cache synchronization response message from the second terminal, causing the second terminal to backup a quantum key for decrypting data in the second terminal in response to receipt of the local quantum key synchronization message from the first terminal, subsequently transmitting the quantum key cache synchronization message from the second QKD device as a current quantum key data to the first quantum key synchronization message from the second terminal, the local quantum key synchronization response message includes an index position corresponding to the first quantum key in a quantum key sequence from the second QKD device, receives the local quantum key synchronization response message from the second terminal, and obtains the second quantum key from the quantum key sequence from the first QKD device as a quantum key currently used for encrypting data in the first terminal according to the index position in response to receiving the local quantum key synchronization response message from the second terminal, wherein the first terminal is connected with the first QKD device, the second terminal is connected with the second QKD device, and the quantum key sequence is generated by quantum key distribution of the first QKD device and the second QKD device through free space and/or optical fibers.
According to another aspect of the invention, there is provided a method for synchronizing quantum keys, the method comprising the steps of receiving, at a second terminal, a quantum key cache synchronization message from a first terminal, the quantum key cache synchronization message comprising an identification of a quantum key sequence received by the first terminal from a first QKD device; obtaining a quantum key sequence with the identity from a second QKD device in response to receiving a quantum key cache synchronization message from the first terminal, sending a quantum key cache synchronization response message to the first terminal in response to obtaining the quantum key sequence with the identity from the second QKD device, such that the first terminal sends a local quantum key synchronization message to the second terminal in response to receiving the quantum key cache synchronization response message from the second terminal, receiving the local quantum key synchronization message from the first terminal, backing up a quantum key currently used to decrypt data in the second terminal in response to receiving the local quantum key synchronization message from the first terminal, obtaining the first quantum key from the quantum key sequence from the second QKD device as a quantum key currently used to decrypt data in the second terminal, sending the local quantum key synchronization response message to the first terminal, the local quantum key synchronization response message including a corresponding index location of the first quantum key in the quantum key sequence from the second QKD device, such that the first terminal receives the local quantum key synchronization response message from the second terminal, backups a quantum key currently used to decrypt data in the first QKD device from the first terminal in accordance with the quantum key sequence of the first index location, the second terminal is connected to a second QKD device, the quantum key sequence resulting from quantum key distribution by the first QKD device and the second QKD device via free space and/or optical fibers.
According to another aspect of the present invention there is provided an apparatus for synchronizing quantum keys, the apparatus comprising a quantum key receiving unit for receiving a quantum key sequence from a first QKD device, a first message transmitting unit for transmitting a quantum key cache synchronization message to a second terminal in response to receipt of the quantum key sequence from the first QKD device, the quantum key cache synchronization message including an identification of the quantum key sequence such that the second terminal obtains the quantum key sequence with the identification from the second QKD device in response to receipt of the quantum key cache synchronization message from the first terminal, and then transmits a quantum key cache synchronization response message to the first terminal in response to obtaining the quantum key sequence with the identification from the second QKD device, a first response receiving unit for receiving the quantum key cache synchronization response message from the second terminal, a second message transmitting unit for transmitting a local quantum key synchronization message to the second terminal in response to receipt of the quantum key cache synchronization message from the second terminal, such that the second terminal locally decrypts the quantum key sequence as a quantum key in response to receipt of the quantum key sequence from the first terminal in response to receipt of the quantum key cache synchronization message from the second terminal, a quantum key sequence from the second terminal as a quantum key in response to receipt of the quantum key sequence from the second terminal in response to the quantum key cache synchronization message from the second terminal, and a quantum key acquisition unit for acquiring a second quantum key from a quantum key sequence from the first QKD device according to the index position as a quantum key currently used for encrypting data in the first terminal in response to receiving the local quantum key sync response message from the second terminal, wherein the first terminal is connected to the first QKD device and the second terminal is connected to the second QKD device, and the quantum key sequence is generated by quantum key distribution of the first QKD device and the second QKD device via free space and/or optical fiber.
According to another aspect of the present invention there is provided an apparatus for synchronizing quantum keys, the apparatus comprising a first message receiving unit for receiving a quantum key cache synchronization message from a first terminal, the quantum key cache synchronization message comprising an identification of a quantum key sequence received by the first terminal from a first QKD device, a quantum key synchronization unit for acquiring a quantum key sequence having the identification from a second QKD device in response to receiving the quantum key cache synchronization message from the first terminal, a first response transmitting unit for transmitting a quantum key cache synchronization response message to the first terminal in response to acquiring the quantum key sequence having the identification from the second QKD device, such that the first terminal transmits a local quantum key synchronization message to the second terminal in response to receiving the quantum key cache synchronization message from the second terminal, a second message receiving unit for receiving the local quantum key synchronization message from the first terminal, a local key backup unit for backing up a quantum key currently used for decrypting data in the second terminal in response to receiving the local key synchronization message from the first terminal, a quantum key backup unit for transmitting the quantum key sequence from the second quantum key sequence corresponding to the first quantum key sequence as a quantum key from the second terminal in response to receiving the quantum key sequence from the second terminal, causing the first terminal to obtain, in response to receiving a local quantum key synchronization response message from the second terminal, a second quantum key from a quantum key sequence from the first QKD device according to the index position as a quantum key currently used to encrypt data in the first terminal, wherein the first terminal is connected to the first QKD device and the second terminal is connected to the second QKD device, the quantum key sequence resulting from quantum key distribution by the first and second QKD devices via free space and/or optical fibers.
According to another aspect of the invention there is also provided a computer readable storage medium storing a computer program which, when executed by a processor, implements a method for synchronizing quantum keys as previously described.
According to another aspect of the invention there is also provided a computer device comprising a processor, a memory storing a computer program which, when executed by the processor, implements a method for synchronizing quantum keys as previously described.
The method, the device, the medium and the equipment for synchronizing the quantum key not only enable the terminal to synchronously update the symmetric quantum key from the connected QKD equipment without interrupting data encryption/decryption, but also enable the terminal to adaptively adjust the synchronous quantum key updating rate along with the change of the quantum key generating rate of the QKD equipment, in particular, under the condition that the QKD equipment generates the quantum key at a high speed or a certain number of quantum keys are stored in the buffer memory of the QKD equipment, the second-level quantum key updating can be realized, and the data encryption/decryption between the terminals has higher safety and stability.
Drawings
The above objects and features of the present invention will become more apparent from the following description taken in conjunction with the accompanying drawings.
Fig. 1 schematically shows a flow chart of a method for synchronizing quantum keys according to an exemplary embodiment of the invention.
Fig. 2 schematically shows a block diagram of an apparatus for synchronizing quantum keys according to an exemplary embodiment of the present invention.
Fig. 3 schematically shows a data interaction procedure for synchronizing quantum keys according to an exemplary embodiment of the invention.
Detailed Description
Fig. 1 schematically shows a flow chart of a method for synchronizing quantum keys according to an exemplary embodiment of the invention.
As shown in fig. 1, in an exemplary embodiment of the present invention, a method for synchronizing quantum keys may include at least the following steps to enable a terminal to synchronously update to symmetric quantum keys from a connected QKD device without interrupting data encryption/decryption.
First, in step S111, the first terminal receives a quantum key sequence from the first QKD device, the received quantum key sequence is deposited into a first terminal cache, and then a quantum key cache synchronization message is sent to the second terminal in response to receiving the quantum key sequence from the first QKD device, the quantum key cache synchronization message including an identification of the quantum key sequence.
Next, at step S112, the second terminal receives the quantum key cache synchronization message from the first terminal, and acquires the quantum key sequence with the identity from the second QKD device in response to receiving the quantum key cache synchronization message from the first terminal, the acquired quantum key sequence is deposited into the second terminal cache, and then transmits a quantum key cache synchronization response message to the first terminal in response to acquiring the quantum key sequence with the identity from the second QKD device.
Next, in step S113, the first terminal receives the quantum key cache synchronization response message from the second terminal, and transmits a local quantum key synchronization message to the second terminal in response to receiving the quantum key cache synchronization response message from the second terminal.
Next, at step S114, the second terminal receives the local quantum key sync message from the first terminal and backs up the quantum key currently used to decrypt the data in the second terminal in response to receiving the local quantum key sync message from the first terminal, and then obtains the first quantum key from the quantum key sequence from the second QKD device as the quantum key currently used to decrypt the data in the second terminal and sends a local quantum key sync response message to the first terminal, the local quantum key sync response message including the index position of the first quantum key corresponding to the quantum key sequence from the second QKD device.
Next, in step S115, the first terminal receives the local quantum key synchronization response message from the second terminal, and in response to receiving the local quantum key synchronization response message from the second terminal, acquires a second quantum key from the quantum key sequence from the first QKD device according to the index position as the quantum key currently used to encrypt data in the first terminal.
In an exemplary embodiment of the invention, the first terminal is connected to a first QKD device and the second terminal is connected to a second QKD device, and the quantum key sequence is generated by quantum key distribution of the first QKD device and the second QKD device via free space and/or optical fibers.
To ensure that the corresponding symmetric quantum key can be provided at both ends when the encryption/decryption direction at both ends is switched, the method for synchronizing the quantum keys may further include the following steps (not shown in fig. 1) after performing step 115.
Next, at step S116, the first terminal backs up the quantum key currently used to decrypt the data in the first terminal, and then obtains a third quantum key from the quantum key sequence from the first QKD device as the quantum key currently used to decrypt the data in the first terminal and sends another local quantum key synchronization message to the second terminal, the another local quantum key synchronization message including another index position corresponding to the third quantum key in the quantum key sequence from the first QKD device.
Next, at step S117, the second terminal receives another local quantum key synchronization message from the first terminal, and in response to receiving the local quantum key synchronization message from the first terminal, acquires a fourth quantum key from the quantum key sequence from the second QKD device according to another index location as the quantum key currently used to encrypt data in the second terminal, and then transmits another local quantum key synchronization response message to the first terminal.
In addition, in order to enable the terminal to adaptively adjust its rate of synchronously updating the quantum key with the change in the quantum key generation rate of the QKD device, the method for synchronizing the quantum key may further include the following steps (not shown in fig. 1) before performing step 111.
First, in step S109, the first QKD device transmits to the first terminal the quantum key generation rate of the first QKD device and/or the number of quantum keys in the first QKD device cache.
Next, in step S110, the first terminal receives the above-mentioned quantum key generation rate and/or quantum key number from the first QKD device, and adjusts the quantum key synchronization update rates of the first terminal and the second terminal according to the above-mentioned quantum key generation rate and/or quantum key number, so that the quantum key synchronization update rates of the first terminal and the second terminal increase in response to an increase in the above-mentioned quantum key generation rate and/or quantum key number, and decrease in response to a decrease in the above-mentioned quantum key generation rate and/or quantum key number.
In one example, the quantum key synchronization update process of the first terminal and the second terminal may include steps S111 to S115. In another example, the quantum key synchronization update process of the first terminal and the second terminal may include steps S111 to S117.
In addition, in an exemplary embodiment of the present invention, step S111 may further include the steps of the first terminal sending a quantum key acquisition request to the first QKD device, the first QKD device receiving the quantum key acquisition request from the first terminal and sending a quantum key sequence to the first terminal in response to receiving the quantum key acquisition request from the first terminal.
Accordingly, in an exemplary embodiment of the invention, step S112 may further comprise the steps of the second terminal sending a quantum key acquisition request to the second QKD device, the quantum key acquisition request comprising an identification of a quantum key sequence in a quantum key cache synchronization message from the first terminal, the second QKD device receiving the quantum key acquisition request from the second terminal and sending the quantum key sequence with the identification to the second terminal in response to receiving the quantum key acquisition request from the second terminal.
Fig. 2 schematically shows a block diagram of an apparatus for synchronizing quantum keys according to an exemplary embodiment of the present invention.
Referring to fig. 2, the apparatus for synchronizing quantum keys shown in fig. 2 may be deployed at a first terminal and a second terminal, respectively, as shown in fig. 2, the first terminal being connected to a first QKD device and the second terminal being connected to a second QKD device, the quantum key sequence being generated by quantum key distribution by the first QKD device and the second QKD device via free space and/or optical fibers.
In the first terminal shown in fig. 2, the means for synchronizing the quantum key may include at least a quantum key receiving unit, a first message transmitting unit, a first response receiving unit, a second message transmitting unit, a second response receiving unit, and a quantum key obtaining unit.
Wherein the quantum key receiving unit is configured to receive a quantum key sequence from the first QKD device, the first message transmitting unit is configured to transmit a quantum key cache synchronization message to the second terminal in response to receiving the quantum key sequence from the first QKD device, the quantum key cache synchronization message including an identification of the quantum key sequence such that the second terminal obtains the quantum key sequence with the identification from the second QKD device in response to receiving the quantum key cache synchronization message from the first terminal, and then transmits a quantum key cache synchronization response message to the first terminal in response to obtaining the quantum key sequence with the identification from the second QKD device, the first response receiving unit is configured to receive the quantum key cache synchronization response message from the second terminal, the second message transmitting unit is configured to transmit a local quantum key synchronization message to the second terminal in response to receiving the quantum key cache synchronization message from the second terminal such that the second terminal performs a quantum key backup for currently decrypting data in the second terminal in response to receiving the local quantum key synchronization message from the first terminal, and subsequently obtains the first quantum key backup for currently serving as the quantum key for the second terminal to decrypt the quantum key data in the second terminal from the second QKD device, the local quantum key synchronization response message includes an index position corresponding to the first quantum key in the quantum key sequence from the second QKD device, the second response receiving unit is configured to receive the local quantum key synchronization response message from the second terminal, and the quantum key obtaining unit is configured to obtain, from the quantum key sequence from the first QKD device, the second quantum key as a quantum key currently used to encrypt data in the first terminal according to the index position in response to receiving the local quantum key synchronization response message from the second terminal.
In the second terminal shown in fig. 2, the means for synchronizing the quantum key may include at least a first message receiving unit, a quantum key synchronizing unit, a first response transmitting unit, a second message receiving unit, a local key backup unit, a quantum key obtaining unit, and a second response transmitting unit.
Wherein the first message receiving unit is configured to receive a quantum key cache synchronization message from the first terminal, the quantum key cache synchronization message including an identification of a quantum key sequence received by the first terminal from the first QKD device, the quantum key synchronization unit is configured to acquire a quantum key sequence having the identification from the second QKD device in response to receiving the quantum key cache synchronization message from the first terminal, the first response transmitting unit is configured to transmit a quantum key cache synchronization response message to the first terminal in response to acquiring the quantum key sequence having the identification from the second QKD device, such that the first terminal transmits a local quantum key synchronization message to the second terminal in response to receiving the quantum key cache synchronization response message from the second terminal, the second message receiving unit is configured to receive the local quantum key synchronization message from the first terminal, the local key backup unit is configured to backup a quantum key currently used for decrypting data in the second terminal in response to receiving the local quantum key synchronization message from the first terminal, the quantum key acquisition unit is configured to acquire the first quantum key as a quantum key currently used for decrypting data in the second terminal from the quantum key sequence from the second QKD device, the second quantum key transmission unit is configured to transmit the local quantum key synchronization message to the second terminal in response to the quantum key sequence from the first QKD device to the second terminal, the local key response to the local key buffer comprises the local key synchronization message from the first quantum key device, such that the first terminal obtains a second quantum key from the sequence of quantum keys from the first QKD device according to the index location as the quantum key currently used to encrypt data in the first terminal in response to receiving the local quantum key synchronization response message from the second terminal.
Fig. 3 schematically shows a data interaction procedure for synchronizing quantum keys according to an exemplary embodiment of the invention.
Referring to fig. 3, QKD-a is connected to encryption terminal a and QKD-B is connected to encryption terminal B, and the quantum key sequence is generated by quantum key distribution of QKD-a and QKD-B via free space and/or optical fibers (e.g., quantum channels as shown in fig. 3).
As shown in fig. 3, QKD-A, QKD-B, encrypted terminal a, and encrypted terminal B can each perform the following data processing procedure.
QKD-a sends to encryption terminal a the quantum key generation rate of QKD-a and/or the number of quantum keys in the QKD-a cache.
The encryption terminal A receives the quantum key generation rate and/or the quantum key number from the QKD-A, and adjusts the quantum key synchronous update rates of the encryption terminal A and the encryption terminal B according to the received quantum key generation rate and/or the quantum key number, so that the quantum key synchronous update rates of the encryption terminal A and the encryption terminal B increase in response to the increase of the quantum key generation rate of the QKD-A and/or the quantum key number in the QKD-A buffer, and decrease in response to the decrease of the quantum key generation rate of the QKD-A and/or the quantum key number in the QKD-A buffer.
In the example shown in fig. 3, the quantum key synchronization update process of the encryption terminal a and the encryption terminal B may include the following interactive processing.
The encryption terminal a sends a quantum key acquisition request to QKD-a.
The QKD-a receives a quantum key acquisition request from an encryption terminal a and sends a quantum key sequence Qkey _cache to the encryption terminal a in response to receiving the quantum key acquisition request from the encryption terminal a.
Encryption terminal a receives quantum key sequence Qkey _cache from QKD-a and then sends a quantum key Cache sync message to encryption terminal B in response to receiving quantum key sequence Qkey _cache from QKD-a, the quantum key Cache sync message including the identification ID of quantum key sequence Qkey _cache.
The encryption terminal B receives the quantum key Cache synchronization message from the encryption terminal a and sends a quantum key acquisition request to the QKD-B in response to receiving the quantum key Cache synchronization message from the encryption terminal a, the quantum key acquisition request including an identification ID of the quantum key sequence Qkey _cache in the quantum key Cache synchronization message from the encryption terminal a.
The QKD-B receives the quantum key acquisition request from the encryption terminal B and transmits a quantum key sequence Qkey _cache with an identification ID to the encryption terminal B in response to receiving the quantum key acquisition request from the encryption terminal B.
Encryption terminal B receives quantum key sequence Qkey _cache from QKD-B and sends a quantum key Cache sync response message to encryption terminal a in response to acquiring quantum key sequence Qkey _cache with identification ID from QKD-B.
The encryption terminal a receives the quantum key cache synchronization response message from the encryption terminal B and transmits a local quantum key synchronization message to the encryption terminal B in response to receiving the quantum key cache synchronization response message from the encryption terminal B.
The encryption terminal B receives the local quantum key synchronization message from the encryption terminal a and backs up the quantum key qkey _dec_cur_b currently used to decrypt the data in the encryption terminal B to qkey _dec_old_b in response to receiving the local quantum key synchronization message from the encryption terminal a, and then acquires the quantum key Qkey1 from the quantum key sequence Qkey _cache from the QKD-B as the quantum key qkey _dec_cur_b currently used to decrypt the data in the encryption terminal B and transmits a local quantum key synchronization response message including the index position qkey _dec_offset_b corresponding to the quantum key Qkey1 in the quantum key sequence Qkey _cache from the QKD-B to the encryption terminal a.
The encryption terminal a receives the local quantum key synchronization response message from the encryption terminal B and, in response to receiving the local quantum key synchronization response message from the encryption terminal B, obtains the quantum key Qkey2 from the quantum key sequence Qkey _cache from the QKD-a as the quantum key currently used to encrypt the data in the encryption terminal a, then backs up the quantum key qkey _dec_cur_a currently used to decrypt the data in the encryption terminal a to qkey _dec_old_a, then proceeds to obtain the quantum key Qkey3 from the quantum key sequence Qkey _cache from the QKD-a as the quantum key currently used to decrypt the data in the encryption terminal a, and sends again to the encryption terminal B the local quantum key synchronization message including the quantum key Qkey at the corresponding index position qkey _dec_offset_a in the quantum key sequence Qkey _cache from the QKD-a.
Encryption terminal B receives the local quantum key synchronization message from encryption terminal a and obtains quantum key Qkey4 from quantum key sequence Qkey _cache from QKD-B as the quantum key currently used to encrypt data in encryption terminal B according to index position qkey _dec_offset_a in response to receiving the local quantum key synchronization message again from encryption terminal a.
It can be seen that the method and the device for synchronously acquiring the synchronous quantum key not only enable the terminal to synchronously update the symmetric quantum key from the connected QKD device without interrupting data encryption/decryption, but also enable the terminal to adaptively adjust the rate of synchronously updating the quantum key along with the change of the quantum key generation rate of the QKD device, in particular, enable the second-level quantum key update to be realized under the condition that the QKD device generates the quantum key at a high speed or a certain number of quantum keys are stored in the buffer memory of the QKD device, so that the data encryption/decryption between the terminals has higher security and stability.
A computer-readable storage medium storing a computer program may also be provided according to an exemplary embodiment of the present invention. The computer readable storage medium stores a computer program which, when executed by a processor, causes the processor to perform a method for synchronizing quantum keys according to the invention. The computer readable recording medium is any data storage device that can store data which can be read out by a computer system. Examples of the computer readable recording medium include read-only memory, random-access memory, read-only optical discs, magnetic tapes, floppy discs, optical data storage devices, and carrier waves (such as data transmission through the internet via wired or wireless transmission paths).
A computer device may also be provided according to an exemplary embodiment of the present invention. The computer device includes a processor and a memory. The memory is used for storing a computer program. The computer program is executed by a processor to cause the processor to perform the method for synchronizing quantum keys according to the invention.
While the application has been shown and described with reference to the preferred embodiments, it will be understood by those skilled in the art that various changes and modifications may be made to these embodiments without departing from the spirit and scope of the application as defined by the following claims.
Claims (11)
1. A method for synchronizing quantum keys, comprising:
s111, the first terminal receives a quantum key sequence from the first QKD device and sends a quantum key cache synchronization message to the second terminal in response to receiving the quantum key sequence from the first QKD device, the quantum key cache synchronization message comprising an identification of the quantum key sequence;
S112. the second terminal receives the quantum key cache synchronization message from the first terminal, and in response to receiving the quantum key cache synchronization message from the first terminal, obtains the quantum key sequence with the identity from the second QKD device, and then sends a quantum key cache synchronization response message to the first terminal in response to obtaining the quantum key sequence with the identity from the second QKD device;
S113, the first terminal receives the quantum key cache synchronous response message from the second terminal, and sends a local quantum key synchronous message to the second terminal in response to receiving the quantum key cache synchronous response message from the second terminal;
S114, the second terminal receives the local quantum key synchronization message from the first terminal and backups the quantum key currently used for decrypting the data in the second terminal in response to receiving the local quantum key synchronization message from the first terminal, and then acquires the first quantum key from the quantum key sequence from the second QKD device as the quantum key currently used for decrypting the data in the second terminal and sends a local quantum key synchronization response message to the first terminal, wherein the local quantum key synchronization response message comprises the corresponding index position of the first quantum key in the quantum key sequence from the second QKD device;
S115, the first terminal receives the local quantum key synchronization response message from the second terminal, and in response to receiving the local quantum key synchronization response message from the second terminal, obtains a second quantum key from the quantum key sequence from the first QKD device according to the index location as the quantum key currently used for encrypting data in the first terminal,
Wherein the first terminal is connected to a first QKD device and the second terminal is connected to a second QKD device, the quantum key sequence being generated by quantum key distribution of the first and second QKD devices via free space and/or optical fibers.
2. The method as recited in claim 1, further comprising:
S116, the first terminal backs up the quantum key currently used for decrypting the data in the first terminal, then acquires a third quantum key from the quantum key sequence from the first QKD device as the quantum key currently used for decrypting the data in the first terminal and sends another local quantum key synchronization message to the second terminal, wherein the another local quantum key synchronization message comprises another index position corresponding to the third quantum key in the quantum key sequence from the first QKD device;
S117, the second terminal receives another local quantum key synchronization message from the first terminal, acquires a fourth quantum key from the quantum key sequence from the second QKD device according to the another index position as a quantum key currently used for encrypting data in the second terminal in response to receiving the another local quantum key synchronization message from the first terminal, and then sends another local quantum key synchronization response message to the first terminal.
3. The method as recited in claim 2, further comprising:
S109, the first QKD device sends the quantum key generation rate of the first QKD device and/or the quantum key number in the buffer memory of the first QKD device to the first terminal;
S110, the first terminal receives the quantum key generation rate and/or the quantum key quantity from the first QKD device, and adjusts the quantum key synchronous update rate of the first terminal and the second terminal according to the quantum key generation rate and/or the quantum key quantity, so that the quantum key synchronous update rate of the first terminal and the second terminal is increased in response to the increase of the quantum key generation rate and/or the quantum key quantity, and is decreased in response to the decrease of the quantum key generation rate and/or the quantum key quantity, wherein the quantum key synchronous update process of the first terminal and the second terminal comprises steps S111 to S115, or steps S111 to S117.
4. A method for synchronizing quantum keys, comprising performing, at a first terminal, the steps of:
Receiving a quantum key sequence from a first QKD device;
Transmitting a quantum key cache synchronization message to the second terminal in response to receiving the quantum key sequence from the first QKD device, the quantum key cache synchronization message including an identification of the quantum key sequence, such that the second terminal obtains the quantum key sequence with the identification from the second QKD device in response to receiving the quantum key cache synchronization message from the first terminal, and then transmits a quantum key cache synchronization response message to the first terminal in response to obtaining the quantum key sequence with the identification from the second QKD device;
receiving a quantum key cache synchronization response message from the second terminal;
Transmitting a local quantum key synchronization message to the second terminal in response to receiving the quantum key cache synchronization response message from the second terminal, such that the second terminal backs up the quantum key currently used to decrypt the data in the second terminal in response to receiving the local quantum key synchronization message from the first terminal, and subsequently obtains the first quantum key from the quantum key sequence from the second QKD device as the quantum key currently used to decrypt the data in the second terminal and transmits a local quantum key synchronization response message to the first terminal, the local quantum key synchronization response message including a corresponding index position of the first quantum key in the quantum key sequence from the second QKD device;
receiving a local quantum key synchronization response message from the second terminal;
Obtaining a second quantum key from the sequence of quantum keys from the first QKD device according to the index location as a quantum key currently used to encrypt data in the first terminal in response to receiving a local quantum key synchronization response message from the second terminal,
Wherein the first terminal is connected to a first QKD device and the second terminal is connected to a second QKD device, the quantum key sequence being generated by quantum key distribution of the first and second QKD devices via free space and/or optical fibers.
5. The method of claim 4, further comprising performing, at the first terminal, the steps of:
backing up a quantum key currently used for decrypting data in the first terminal;
Obtaining a third quantum key from the quantum key sequence from the first QKD device as the quantum key currently used to decrypt the data in the first terminal and sending another local quantum key synchronization message to the second terminal, the another local quantum key synchronization message including a corresponding another index position of the third quantum key in the quantum key sequence from the first QKD device, such that the second terminal obtains a fourth quantum key from the quantum key sequence from the second QKD device according to the another index position as the quantum key currently used to encrypt the data in the second terminal in response to receiving the another local quantum key synchronization message from the first terminal, and then sends another local quantum key synchronization response message to the first terminal.
6. A method for synchronizing quantum keys, comprising performing the following steps at a second terminal:
Receiving a quantum key cache synchronization message from a first terminal, the quantum key cache synchronization message including an identification of a quantum key sequence received by the first terminal from a first QKD device;
Obtaining a quantum key sequence with the identity from the second QKD device in response to receiving a quantum key cache synchronization message from the first terminal;
transmitting a quantum key cache synchronization response message to the first terminal in response to obtaining the quantum key sequence with the identity from the second QKD device, such that the first terminal transmits a local quantum key synchronization message to the second terminal in response to receiving the quantum key cache synchronization response message from the second terminal;
Receiving a local quantum key synchronization message from a first terminal;
Backing up a quantum key currently used to decrypt data in the second terminal in response to receiving a local quantum key synchronization message from the first terminal;
obtaining a first quantum key from a sequence of quantum keys from a second QKD device as a quantum key currently used to decrypt data in a second terminal;
Sending a local quantum key sync response message to the first terminal, the local quantum key sync response message including an index position of the first quantum key corresponding in the quantum key sequence from the second QKD device, such that the first terminal, in response to receiving the local quantum key sync response message from the second terminal, obtains the second quantum key from the quantum key sequence from the first QKD device as the quantum key currently used to encrypt data in the first terminal based on the index position,
Wherein the first terminal is connected to a first QKD device and the second terminal is connected to a second QKD device, the quantum key sequence being generated by quantum key distribution of the first and second QKD devices via free space and/or optical fibers.
7. The method of claim 6, further comprising performing, at the second terminal, the steps of:
Receiving a further local quantum key synchronisation message from the first terminal, the further local quantum key synchronisation message comprising a further index position corresponding to a third quantum key in the sequence of quantum keys from the first QKD device, the third quantum key being a quantum key that the first terminal backed up for being currently used to decrypt data in the first terminal, the quantum key subsequently being obtained from the sequence of quantum keys from the first QKD device as being currently used to decrypt data in the first terminal;
A fourth quantum key is obtained from the quantum key sequence from the second QKD device according to the other index position as a quantum key currently used to encrypt data in the second terminal in response to receiving the other local quantum key synchronization message from the first terminal, and then another local quantum key synchronization response message is sent to the first terminal.
8. An apparatus for synchronizing quantum keys, comprising:
A quantum key receiving unit for receiving a quantum key sequence from the first QKD device;
a first message sending unit configured to send a quantum key cache synchronization message to a second terminal in response to receiving a quantum key sequence from a first QKD device, the quantum key cache synchronization message including an identification of the quantum key sequence, such that the second terminal obtains the quantum key sequence with the identification from the second QKD device in response to receiving the quantum key cache synchronization message from the first terminal, and then sends a quantum key cache synchronization response message to the first terminal in response to obtaining the quantum key sequence with the identification from the second QKD device;
the first response receiving unit is used for receiving the quantum key cache synchronous response message from the second terminal;
A second message transmitting unit configured to transmit a local quantum key synchronization message to the second terminal in response to receiving the quantum key cache synchronization response message from the second terminal, so that the second terminal backs up a quantum key currently used for decrypting data in the second terminal in response to receiving the local quantum key synchronization message from the first terminal, and then acquires the first quantum key from the quantum key sequence from the second QKD device as a quantum key currently used for decrypting data in the second terminal and transmits a local quantum key synchronization response message to the first terminal, the local quantum key synchronization response message including an index position corresponding to the first quantum key in the quantum key sequence from the second QKD device;
the second response receiving unit is used for receiving the local quantum key synchronous response message from the second terminal;
A quantum key acquisition unit for acquiring a second quantum key from a quantum key sequence from the first QKD device according to the index position as a quantum key currently used to encrypt data in the first terminal in response to receiving a local quantum key synchronization response message from the second terminal,
Wherein the first terminal is connected to a first QKD device and the second terminal is connected to a second QKD device, the quantum key sequence being generated by quantum key distribution of the first and second QKD devices via free space and/or optical fibers.
9. An apparatus for synchronizing quantum keys, comprising:
A first message receiving unit, configured to receive a quantum key cache synchronization message from a first terminal, where the quantum key cache synchronization message includes an identifier of a quantum key sequence received by the first terminal from a first QKD device;
a quantum key synchronization unit for obtaining a quantum key sequence with the identity from the second QKD device in response to receiving a quantum key cache synchronization message from the first terminal;
A first response transmitting unit for transmitting a quantum key cache synchronization response message to the first terminal in response to acquiring the quantum key sequence with the identification from the second QKD device, such that the first terminal transmits a local quantum key synchronization message to the second terminal in response to receiving the quantum key cache synchronization response message from the second terminal;
a second message receiving unit, configured to receive a local quantum key synchronization message from the first terminal;
A local key backup unit for backing up a quantum key currently used for decrypting data in the second terminal in response to receiving a local quantum key synchronization message from the first terminal;
A quantum key acquisition unit for acquiring a first quantum key from a quantum key sequence from the second QKD device as a quantum key currently used to decrypt data in the second terminal;
A second response transmitting unit configured to transmit a local quantum key synchronization response message to the first terminal, the local quantum key synchronization response message including an index position corresponding to the first quantum key in a quantum key sequence from the second QKD device, so that the first terminal acquires the second quantum key from the quantum key sequence from the first QKD device as a quantum key currently used for encrypting data in the first terminal according to the index position in response to receiving the local quantum key synchronization response message from the second terminal,
Wherein the first terminal is connected to a first QKD device and the second terminal is connected to a second QKD device, the quantum key sequence being generated by quantum key distribution of the first and second QKD devices via free space and/or optical fibers.
10. A computer readable storage medium storing a computer program, wherein the computer program, when executed by a processor, implements the method for synchronizing quantum keys of any one of claims 1 to 7.
11. A computing device, comprising:
A processor;
a memory storing a computer program which, when executed by a processor, implements the method for synchronizing quantum keys of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202510133610.7A CN119561687B (en) | 2025-02-06 | 2025-02-06 | Method, device, medium and apparatus for synchronizing quantum keys |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202510133610.7A CN119561687B (en) | 2025-02-06 | 2025-02-06 | Method, device, medium and apparatus for synchronizing quantum keys |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN119561687A true CN119561687A (en) | 2025-03-04 |
| CN119561687B CN119561687B (en) | 2025-05-23 |
Family
ID=94766724
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202510133610.7A Active CN119561687B (en) | 2025-02-06 | 2025-02-06 | Method, device, medium and apparatus for synchronizing quantum keys |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN119561687B (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107086907A (en) * | 2016-02-15 | 2017-08-22 | 阿里巴巴集团控股有限公司 | Key synchronization, encapsulation transmission method and device for quantum key distribution process |
| CN108616357A (en) * | 2018-05-04 | 2018-10-02 | 北京邮电大学 | A method of being suitable for key management and the Fast synchronization of quantum key distribution system |
| US20230014894A1 (en) * | 2021-07-08 | 2023-01-19 | Cisco Technology, Inc. | Quantum resistant secure key distribution in various protocols and technologies |
| RU2792414C1 (en) * | 2022-06-28 | 2023-03-22 | Общество с ограниченной ответственностью научно-техническое предприятие "Криптософт" ООО НТП "Криптософт" | Method of information transmission between end communication nodes through intermediate nodes without re-encryption |
| CN116192278A (en) * | 2023-03-30 | 2023-05-30 | 国开启科量子技术(北京)有限公司 | Optimizing method, device, medium and equipment for quantum communication system |
| CN117176346A (en) * | 2023-11-01 | 2023-12-05 | 中电信量子科技有限公司 | Distributed quantum key link control method and key management system |
| CN117375812A (en) * | 2023-10-11 | 2024-01-09 | 山西省信息产业技术研究院有限公司 | Network security encryption system and method based on quantum key |
| CN118631424A (en) * | 2023-03-07 | 2024-09-10 | 中国移动通信有限公司研究院 | A communication method, device, communication node and storage medium |
| CN118802123A (en) * | 2023-12-26 | 2024-10-18 | 中国移动通信有限公司研究院 | Key updating method, device, related equipment and readable storage medium |
-
2025
- 2025-02-06 CN CN202510133610.7A patent/CN119561687B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107086907A (en) * | 2016-02-15 | 2017-08-22 | 阿里巴巴集团控股有限公司 | Key synchronization, encapsulation transmission method and device for quantum key distribution process |
| CN108616357A (en) * | 2018-05-04 | 2018-10-02 | 北京邮电大学 | A method of being suitable for key management and the Fast synchronization of quantum key distribution system |
| US20230014894A1 (en) * | 2021-07-08 | 2023-01-19 | Cisco Technology, Inc. | Quantum resistant secure key distribution in various protocols and technologies |
| RU2792414C1 (en) * | 2022-06-28 | 2023-03-22 | Общество с ограниченной ответственностью научно-техническое предприятие "Криптософт" ООО НТП "Криптософт" | Method of information transmission between end communication nodes through intermediate nodes without re-encryption |
| CN118631424A (en) * | 2023-03-07 | 2024-09-10 | 中国移动通信有限公司研究院 | A communication method, device, communication node and storage medium |
| CN116192278A (en) * | 2023-03-30 | 2023-05-30 | 国开启科量子技术(北京)有限公司 | Optimizing method, device, medium and equipment for quantum communication system |
| CN117375812A (en) * | 2023-10-11 | 2024-01-09 | 山西省信息产业技术研究院有限公司 | Network security encryption system and method based on quantum key |
| CN117176346A (en) * | 2023-11-01 | 2023-12-05 | 中电信量子科技有限公司 | Distributed quantum key link control method and key management system |
| CN118802123A (en) * | 2023-12-26 | 2024-10-18 | 中国移动通信有限公司研究院 | Key updating method, device, related equipment and readable storage medium |
Non-Patent Citations (2)
| Title |
|---|
| YE CHEN等: "Qubit-based distributed frame synchronization for quantum key distribution", JOURNAL OF LATEX CLASS FILES, vol. 14, no. 8, 31 August 2021 (2021-08-31) * |
| 刘爱萍: "集成量子密钥分发的光接入网中的同步技术研究", CNKI, no. 4, 15 April 2024 (2024-04-15) * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN119561687B (en) | 2025-05-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11316677B2 (en) | Quantum key distribution node apparatus and method for quantum key distribution thereof | |
| CN107370546B (en) | Eavesdropping detection method, data sending method, device and system | |
| US9032208B2 (en) | Communication terminal, communication system, communication method and communication program | |
| US10171238B2 (en) | Secure data transmission using quantum communication | |
| EP2555466A1 (en) | System for distributing cryptographic keys | |
| KR20210124368A (en) | End-to-end double ratchet encryption using epoch key exchange | |
| JP2011521581A (en) | Quantum key distribution with movable key devices | |
| US20220294618A1 (en) | Improvements to qkd methods | |
| CN114499857B (en) | Method for realizing data correctness and consistency in encryption and decryption of large data quanta | |
| US10756891B2 (en) | Secure data communication | |
| CN109462471A (en) | The method of information transmission encryption based on national secret algorithm in conjunction with Technique on Quantum Communication | |
| CN108616357A (en) | A method of being suitable for key management and the Fast synchronization of quantum key distribution system | |
| KR101424972B1 (en) | Method of using content using mobile card, host device, and mobile card | |
| CN111510282A (en) | Information encryption algorithm and device, information decryption algorithm and device and communication method | |
| CN108206738B (en) | Quantum key output method and system | |
| CN114257562B (en) | Instant messaging method, device, electronic equipment and computer readable storage medium | |
| CN119561687B (en) | Method, device, medium and apparatus for synchronizing quantum keys | |
| US20250233736A1 (en) | Methods and systems for performing secure transactions | |
| GB2586235A (en) | Improvements to QKD methods | |
| CN116866902A (en) | Data protection method based on interactive data | |
| KR101609095B1 (en) | Apparatus and method for data security in content delivery network | |
| CN114157488A (en) | Key acquisition method and device, electronic equipment and storage medium | |
| CN119483958B (en) | Quantum key synchronization storage method, device, medium and equipment for QKD | |
| CN119483959B (en) | Quantum key synchronization acquisition method, device, medium and apparatus for QKD | |
| CN111901101B (en) | Key updating method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |