HK1229575A

HK1229575A - Identity authentication methods, devices and system applied to quantum key distribution process

Info

Publication number: HK1229575A
Application number: HK17103225.2A
Authority: HK
Filing date: 2017-03-29
Publication date: 2017-11-17

Description

Identity authentication method, device and system for quantum key distribution process

Technical Field

The application relates to an identity authentication technology, in particular to an identity authentication method for a quantum key distribution process. The application also relates to other two identity authentication methods and corresponding devices for the quantum key distribution process, and an identity authentication system for the quantum key distribution process.

Background

The quantum cryptography is a cross product of quantum mechanics and cryptography, the security of the quantum cryptography is guaranteed by the basic principle of quantum mechanics, and the quantum cryptography is unrelated to the computing capability and the storage capability of an attacker and is proved to have unconditional security and detectability to an eavesdropper. Originally proposed quantum key distribution protocols (such as BB84) were able to detect key theft by eavesdroppers, but these protocols did not provide an effective authentication mechanism.

Identity authentication is an important link for ensuring network security, and authenticity, message integrity and source reliability of both communication parties can be guaranteed through authentication so as to prevent information from being attacked by an illegal method, such as counterfeiting, modification, delay and the like. Because the conventional quantum key distribution protocol does not have an effective identity authentication mechanism, the conventional quantum key distribution protocol may be attacked by a man-in-the-middle attack or a distributed denial of Service (DDoS) attack in the quantum key distribution process.

In view of the above problems, the prior art proposes the following two solutions:

dusek et al think that not all classical information need be authenticated in the communication process, only need to influence the classical information of correctly judging quantum state error rate to authenticate, other classical information do not need to authenticate, even if these information are revised, also can not influence safety. Dusek proposes a quantum identity authentication protocol combined with a classical message authentication algorithm, which is essentially to authenticate as few classical messages as possible by using the classical authentication algorithm.

And (II) adopting a BB84 protocol with identity authentication. The main difference between the protocol and the original BB84 protocol is that some bits in the randomly transmitted qubit string are set as specific authentication key bits, one of every 4 bits in the qubit string is a specific authentication key bit, and the specific position is determined by the authentication key. The identity authentication of both communication parties is realized through the measurement basis vector represented by the bit of the authentication bit and the polarization state of the light quantum, the quantum state information of the authentication bit cannot be randomly sent but is determined by the authentication key shared by both parties according to a specific rule, and meanwhile, the absolute safe key distribution is ensured by the basic principle of quantum mechanics.

Because both the above two schemes adopt an identity authentication mechanism, the security of the quantum key distribution process can be enhanced to a certain extent, but each has certain defects:

in the M.Dusek scheme, the number of authentication keys shared by two communication parties in advance is limited, and the two communication parties are easy to suffer man-in-the-middle attack and DDOS attack; moreover, the scheme does not fully utilize the superiority of the quantum, the classical authentication technology is still adopted, and the risk of being cracked exists.

Although the BB84 protocol with identity authentication transmits the shared authentication key information in a quantum state form, the security of key distribution is improved, the technical scheme assumes that the quantum state of the authentication key at the transmitting end can be transmitted to the receiving end, the receiving end can select a corresponding measurement basis to detect according to a preset authentication key, the detection results pass if the detection results are consistent, otherwise, the opposite side is considered to be illegal, and the quantum key distribution process is terminated. The technical scheme does not consider the attenuation of photons in the actual transmission process (namely, the photons cannot be transmitted to the opposite side and the consistency of quantum states cannot be guaranteed naturally), that is, the technical scheme does not provide the fault-tolerant capability of channel attenuation, so that the identification rate and the quantum key distribution amount are reduced.

Disclosure of Invention

The identity authentication method for the quantum key distribution process not only provides a new idea for identity authentication in the quantum key distribution process, but also can effectively solve the problems that the existing identity authentication technology is easy to attack and the quantum key distribution quantity is reduced. The application also provides two identity authentication methods and devices for the quantum key distribution process and an identity authentication system for the quantum key distribution process.

The application provides an identity authentication method for a quantum key distribution process, which is implemented in quantum communication equipment of a transmitting party and a receiving party participating in the quantum key distribution process, and comprises the following steps:

a sender selects a preparation basis of an identity authentication bit string according to a preset basis vector selection rule and sends the identity authentication bit string and a quantum state of a randomly generated key bit string by adopting different wavelengths, wherein the identity authentication bit string is inserted in the key bit string at random positions and lengths;

the receiver measures the received quantum state according to the different wavelengths and the basis vector selection rule, when the identity authentication information obtained by measurement conforms to the basis vector selection rule, the receiver authentication key is selected from the identity authentication information, the position information of the key and the preset shared key encrypted by the key are sent, and if not, the quantum key distribution process is ended;

and the sender selects a corresponding sender authentication key according to the received position information, judges whether the information obtained by decrypting the received ciphertext by adopting the key is consistent with a local preset shared key or not, and ends the quantum key distribution process if the information is not consistent with the local preset shared key.

Optionally, when the identity authentication information measured by the receiving party conforms to the basis vector selection rule, the receiving party further performs the following operations:

disclosing a measurement basis for measuring quantum states of the key through a classical channel;

correspondingly, when the sender judges that the decrypted information is consistent with the local preset shared key, the sender executes the following operations:

determining a correct measurement basis of a quantum state of the key, and screening an original key;

publishing a correct measurement basis for the quantum state of the key over a classical channel;

accordingly, after the above step of publishing the correct measurement basis for the quantum state of the key, the following operations are performed:

the receiving party screens the original key; and the number of the first and second groups,

and the transmitting side and the receiving side obtain the final shared quantum key through the processes of error rate estimation, error correction and privacy amplification.

Optionally, before the sender sends the quantum state of the identity authentication bit string and the randomly generated key bit string, the following operations are performed:

and the receiving and sending parties perform mutual authentication with opposite-end equipment by using preset account information through a classical channel, and if any equipment fails the authentication, the quantum key distribution process is ended.

Optionally, the preset account information includes: identity information and certificates.

Optionally, the preset basis vector selection rule includes:

and selecting a corresponding preparation basis or a corresponding measurement basis according to the position of the identity verification bit in the quantum state information.

Optionally, the selecting a corresponding preparation basis or measurement basis according to the position of the authentication bit in the quantum state information specifically includes:

and selecting a corresponding horizontal polarization base, a vertical polarization base, a left-handed polarization base or a right-handed polarization base according to the position information of each identity verification bit in the quantum state information and the different result of the modulus 4.

Optionally, the receiving party measures the received quantum state according to the different wavelengths and the basis vector selection rule, including:

distinguishing identity authentication quantum state information and key quantum state information according to the different wavelengths;

selecting a measuring basis of the identity authentication quantum state information according to the preset basis vector selection rule;

and measuring the identity authentication quantum state information by using the selected measuring basis, and eliminating the part in which the photon is not detected to obtain the identity authentication information obtained by measuring.

Optionally, that the identity authentication information measured by the receiving party conforms to the basis vector selection rule means that a difference between the identity authentication information measured by the receiving party and expected information following the basis vector selection rule is smaller than a preset threshold.

Optionally, the receiving party selects a receiving party authentication key from the identity authentication information, including:

the receiver takes the identity authentication information as the receiver authentication key; alternatively, the first and second electrodes may be,

and the receiver randomly selects bits at different positions from the identity authentication information, and uses a bit string formed by the selected bits as the receiver authentication key.

Optionally, the information encrypted by the receiver using the receiver authentication key includes not only the preset shared key but also locally generated auxiliary authentication information;

correspondingly, the step that the sender decrypts the received ciphertext by using the sender authentication key means that the sender decrypts the received ciphertext by using the sender authentication key to obtain the decrypted preset shared key and the decrypted auxiliary authentication information;

correspondingly, the judgment of whether the decrypted information is consistent with the local preset shared key by the sender means that the judgment of whether the decrypted preset shared key is consistent with the local preset shared key by the sender.

Optionally, when the result that the sender determines whether the decrypted preset shared key is consistent with the local preset shared key is yes, the following operations are further performed:

the sender encrypts the variant of the auxiliary authentication information obtained through the decryption operation by adopting a preset strategy;

sending the ciphertext subjected to the encryption operation through a classical channel;

correspondingly, after receiving the correct measurement base and the ciphertext, the receiving side performs the following operations:

decrypting the received ciphertext in a manner corresponding to the preset strategy;

judging whether the information obtained after the decryption operation is executed is consistent with the variant of the locally generated auxiliary authentication information;

if the two measured values are consistent, the step of screening the original key is executed according to the received correct measuring base, and the measuring results of the quantum state of part of the key are published, otherwise, the quantum key distribution process is finished.

Optionally, the preset policy includes:

executing the encryption operation by adopting a local preset shared secret key; alternatively, the first and second electrodes may be,

and executing the encryption operation by adopting the sender authentication key.

Optionally, the variations of the auxiliary authentication information include:

the secondary authentication information itself; alternatively, the first and second electrodes may be,

and processing the result obtained by the auxiliary authentication information by adopting a preset mathematical transformation method.

Optionally, after estimating the bit error rate according to the measurement result of the quantum state of the partial key published by the receiver, the sender encrypts the bit error rate by using the sender authentication key, and sends the encrypted information to the receiver;

correspondingly, the receiver decrypts the received ciphertext by using the receiver authentication key to obtain the decrypted error rate.

In addition, the present application also provides another identity authentication method for a quantum key distribution process, where the method is implemented on a sender quantum communication device participating in the quantum key distribution process, and includes:

selecting a preparation basis of an identity authentication bit string according to a preset basis vector selection rule, and sending the identity authentication bit string and a quantum state of a randomly generated key bit string to opposite-end equipment participating in a quantum key distribution process by adopting preset different wavelengths, wherein the identity authentication bit string is inserted in the key bit string at random positions and lengths;

receiving authentication key position information and a ciphertext to be verified returned by the opposite terminal equipment;

selecting an authentication key according to the position information and the transmitted quantum state information, and decrypting the received ciphertext to be verified by adopting the authentication key;

judging whether the decrypted information is consistent with a local preset shared key or not; if not, the quantum key distribution process is ended.

Optionally, the information returned by the peer device includes not only: authenticating the key position information and the ciphertext to be verified, further comprising: measuring a measurement basis used for measuring the quantum state of the key;

correspondingly, when the result of judging whether the decrypted information is consistent with the local preset shared key is yes, the following operations are executed:

and obtaining the final shared quantum key through the processes of error rate estimation, error correction and privacy amplification.

Optionally, before the sending of the quantum state of the identity authentication bit string and the randomly generated secret key bit string, the following operations are performed:

sending a quantum key negotiation request to the opposite terminal equipment, wherein the request comprises account information of a sender;

receiving account information sent by the opposite terminal equipment;

and verifying the identity of the opposite terminal device according to the received account information, and if the verification fails, ending the quantum key distribution process.

Optionally, the preset basis vector selection rule includes:

and selecting a corresponding preparation base according to the position of the identity verification bit in the quantum state information.

Optionally, the selecting a corresponding preparation basis according to the position of the authentication bit in the quantum state information specifically includes:

Correspondingly, the present application also provides an identity authentication apparatus for a quantum key distribution process, where the apparatus is deployed on a sender quantum communication device participating in the quantum key distribution process, and the apparatus includes:

the quantum state sending unit is used for selecting a preparation basis of the identity authentication bit string according to a preset basis vector selection rule and sending the identity authentication bit string and the quantum state of the randomly generated key bit string to opposite-end equipment participating in a quantum key distribution process by adopting preset different wavelengths, wherein the identity authentication bit string is inserted in the key bit string at a random position and length;

the response information receiving unit is used for receiving the authentication key position information and the ciphertext to be verified returned by the opposite terminal equipment;

the information decryption unit is used for selecting an authentication key according to the position information and the transmitted quantum state information and decrypting the received ciphertext to be verified by adopting the authentication key;

the sender authentication judgment unit is used for judging whether the decrypted information is consistent with a local preset shared key; if not, the quantum key distribution process is ended.

Optionally, the information received by the response information receiving unit includes not only: authenticating the key position information and the ciphertext to be verified, further comprising: measuring a measurement basis used for measuring the quantum state of the key;

correspondingly, the device further comprises:

the original key screening unit is used for determining a correct measurement basis of a quantum state of the key and screening the original key when the output result of the authentication judgment unit is yes;

a correct measurement base publishing unit, configured to publish a correct measurement base of the key quantum state through a classical channel;

and the sender quantum key acquisition unit is used for acquiring the final shared quantum key through the processes of error rate estimation, error correction and privacy amplification.

Optionally, the apparatus further comprises:

a negotiation request sending unit, configured to send a quantum key negotiation request to the peer device, where the request includes account information of a sender;

an account information receiving unit, configured to receive account information sent by the peer device;

and the first identity authentication unit is used for verifying the identity of the opposite terminal device according to the account information, and if the verification fails, ending the quantum key distribution process.

Optionally, the preset basis vector selection rule adopted by the quantum state transmitting unit includes: and selecting a corresponding preparation base according to the position of the identity verification bit in the quantum state information.

Optionally, the preset basis vector selection rule adopted by the quantum state sending unit is to select a corresponding horizontal polarization basis, a vertical polarization basis, a left-handed polarization basis, or a right-handed polarization basis according to the position information of each authentication bit in the quantum state information and a result obtained by modulo 4.

In addition, the present application also provides a third identity authentication method for a quantum key distribution process, where the method is implemented on a receiving quantum communication device participating in the quantum key distribution process, and includes:

receiving a quantum state sent by opposite-end equipment participating in a quantum key distribution process;

measuring the received quantum state according to preset different wavelengths and basis vector selection rules, and acquiring identity authentication information according to the measured result;

judging whether the identity authentication information conforms to the basis vector selection rule or not;

if yes, selecting an authentication key from the identity authentication information, and sending the position information of the authentication key and a preset shared key encrypted by the authentication key to the opposite terminal equipment;

if not, ending the quantum key distribution process.

Optionally, when the result of determining whether the identity authentication information conforms to the basis vector selection rule is yes, the following operations are further performed:

a measurement basis adopted by a quantum state of a measurement key is disclosed through a classical channel;

correspondingly, the method further comprises the following steps:

receiving a correct measurement basis of the key quantum state sent by the opposite terminal device through a classical channel;

and screening the original secret key, and acquiring a final shared quantum secret key by acquiring the error rate, error correction and privacy amplification processes.

Optionally, before receiving the quantum state sent by the peer device participating in the quantum key distribution process, the following operations are performed:

receiving a key negotiation request sent by the opposite terminal equipment;

and verifying the identity of the opposite terminal equipment according to the account information contained in the request, if the verification fails, ending the quantum key distribution process, otherwise, sending the account information of the receiver to the opposite terminal equipment.

Optionally, the preset basis vector selection rule includes:

and selecting a corresponding measuring base according to the position of the identity authentication bit in the quantum state information.

Optionally, the selecting a corresponding measurement basis according to the position of the authentication bit in the quantum state information specifically includes:

Optionally, the measuring the received quantum state according to the preset different wavelengths and basis vector selection rules, and obtaining the identity authentication information according to the measured result includes:

distinguishing identity authentication quantum state information and secret key quantum state information according to the preset different wavelengths;

and measuring the identity authentication quantum state information by using the selected measuring basis, and rejecting the part in which the photon is not detected to obtain the identity authentication information.

Optionally, the selecting an authentication key from the identity authentication information includes:

selecting the identity authentication information as the authentication key; alternatively, the first and second electrodes may be,

randomly selecting bits at different positions from the identity authentication information, and using a bit string formed by the selected bits as the authentication key.

Correspondingly, the present application also provides an identity authentication apparatus for a quantum key distribution process, where the apparatus is deployed on a receiving quantum communication device participating in the quantum key distribution process, and the apparatus includes:

the quantum state receiving unit is used for receiving quantum states sent by opposite-end equipment participating in a quantum key distribution process;

the quantum state measuring unit is used for measuring the received quantum state according to preset different wavelengths and basis vector selection rules and acquiring identity authentication information according to the measured result;

the receiver authentication judgment unit is used for judging whether the identity authentication information conforms to the basis vector selection rule, and if not, the quantum key distribution process is ended;

and the information sending unit is used for selecting an authentication key from the identity authentication information and sending the position information of the authentication key and a preset shared key encrypted by the authentication key to the opposite terminal equipment when the output of the receiver authentication judging unit is yes.

Optionally, the apparatus further comprises:

a measurement base publishing unit, configured to disclose, when the output of the receiver authentication determining unit is yes, a measurement base adopted for measuring the quantum state of the key through a classical channel;

correspondingly, the device further comprises:

a correct measurement basis receiving unit, configured to receive a correct measurement basis of the key quantum state sent by the peer device through a classical channel;

and the receiver quantum key acquisition unit is used for screening the original key and acquiring the final shared quantum key through the processes of error rate estimation, error correction and privacy amplification.

Optionally, the apparatus further comprises:

a negotiation request receiving unit, configured to receive a key negotiation request sent by the peer device;

and the second identity authentication unit is used for verifying the identity of the opposite terminal equipment according to the account information contained in the request, if the verification fails, ending the quantum key distribution process, and otherwise, sending the account information of the receiver to the opposite terminal equipment.

Optionally, the preset basis vector selection rule adopted by the quantum state measurement unit includes: and selecting a corresponding preparation base according to the position of the identity authentication bit in the quantum state information.

Optionally, the preset basis vector selection rule adopted by the quantum state measurement unit is to select a corresponding horizontal polarization basis, a vertical polarization basis, a left-handed polarization basis, or a right-handed polarization basis according to the position information of each identity authentication bit in the quantum state information and a result obtained by modulo 4.

Optionally, the quantum state measurement unit includes:

the information distinguishing subunit is used for distinguishing the identity authentication quantum state information and the key quantum state information according to the preset different wavelengths;

the identity authentication measurement basis selection subunit is used for selecting the measurement basis of the identity authentication quantum state information according to the preset basis vector selection rule;

and the identity authentication information acquisition subunit is used for measuring the identity authentication quantum state information by using the selected measuring basis, eliminating the part in which the photons are not detected and acquiring the identity authentication information.

Optionally, the information sending unit includes:

the authentication key selecting subunit is used for selecting an authentication key from the identity authentication information;

the information sending subunit is configured to send, to the peer device, location information of the authentication key and a preset shared key encrypted with the authentication key;

wherein the authentication key selection subunit is specifically configured to,

In addition, the present application also provides an identity authentication system for a quantum key distribution process, comprising: the identity authentication device deployed on the quantum communication device of the sender and the identity authentication device deployed on the quantum communication device of the receiver are both described in any one of the above;

the identity authentication devices deployed in the quantum communication equipment of the both sides of the transmitter and the receiver preset the same basis vector selection rule and the same shared secret key, and adopt the same wavelength setting for distinguishing identity authentication information and secret key information.

Compared with the prior art, the method has the following advantages:

the method for authenticating the identity for the quantum key distribution process provided by the application adopts a mode of randomly inserting the quantum state of the identity authentication information in the quantum state of the key and distinguishing the quantum key information from the identity authentication information by using a specific wavelength, and when the quantum communication equipment participating in the quantum key distribution process detects that the identity authentication information does not accord with the preset basis vector selection rule of two parties or detects that the preset shared keys of the two parties do not accord, the quantum communication equipment judges that the opposite end equipment does not pass the identity authentication and finishes the quantum key distribution process. By the technical scheme, the identity authentication method of quantum state zero knowledge proof is realized, and identity authentication can be performed in real time in the quantum key distribution process, so that man-in-the-middle attacks and DDOS attacks are effectively prevented, the safety of the quantum key distribution process is guaranteed, and the identity recognition rate and the quantum key distribution amount are not reduced.

Drawings

FIG. 1 is a flow diagram of an embodiment of an identity authentication method for a quantum key distribution process of the present application;

fig. 2 is a flowchart of a process for verifying the identity of a sender by a receiver according to a measurement result provided in the present embodiment;

FIG. 3 is a flow diagram of another embodiment of an identity authentication method for a quantum key distribution process of the present application;

fig. 4 is a schematic diagram of an embodiment of an identity authentication apparatus for a quantum key distribution process according to the present application;

FIG. 5 is a flow chart of a third embodiment of an identity authentication method for a quantum key distribution process of the present application;

fig. 6 is a schematic diagram of an embodiment of an identity authentication apparatus for a quantum key distribution process according to the present application;

FIG. 7 is a schematic diagram of an embodiment of an identity authentication system for a quantum key distribution process according to the present application;

fig. 8 is a schematic view of an interaction processing flow of the identity authentication system provided in this embodiment.

Detailed Description

In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present application. This application is capable of implementation in many different ways than those herein set forth and of similar import by those skilled in the art without departing from the spirit of this application and is therefore not limited to the specific implementations disclosed below.

In the present application, an identity authentication method for a quantum key distribution process, another two identity authentication methods for a quantum key distribution process and corresponding devices, and an identity authentication system for a quantum key distribution process are provided, and detailed descriptions are made in the following embodiments one by one.

Please refer to fig. 1, which is a flowchart illustrating an embodiment of an identity authentication method for a quantum key distribution process, which is implemented in a quantum communication device of a transceiver participating in the quantum key distribution process. Before describing the specific steps of this embodiment in detail, a brief description will be given to the transmitting and receiving quantum communication device according to this embodiment.

The technical scheme dynamically verifies the identities of quantum communication equipment of two parties participating in the distribution process in the quantum key distribution process. The method comprises the steps that a device for sending quantum state information to opposite-end equipment by a preparation base is selected, namely the device of the Alice side is generally called as sender quantum communication equipment in the technical scheme, and is called as a sender for short; the device that selects the measurement basis to measure the received quantum state information, that is, the Bob party, is called a receiver quantum communication device, referred to as a receiver for short in this technical solution. The present embodiment will be described in detail below.

The identity authentication method for the quantum key distribution process comprises the following steps:

step 101: the method comprises the steps that a sender selects a preparation basis of an identity authentication bit string according to a preset basis vector selection rule, and sends the identity authentication bit string and the quantum state of a randomly generated key bit string by adopting different wavelengths, wherein the identity authentication bit string is inserted in the key bit string in a random position and length mode.

The technical solution provided by this embodiment can dynamically perform identity authentication in a quantum key distribution process (also referred to as a quantum key agreement process). Meanwhile, in order to avoid the quantum key distribution process performed between illegal quantum communication devices, the present embodiment provides a preferred implementation: before a sender starts a quantum key distribution process, the identity of the equipment of the other party is verified by the quantum communication equipment for receiving and sending double-sending through a classical channel, and the subsequent quantum key distribution process can be continued only if the equipment of the two parties passes the verification.

Specifically, an initiator of the quantum key agreement process, that is, the sender according to the present application, may first initiate a quantum key agreement request, where the request includes account information of the sender, and the account information may include identity information and a signature certificate of the sender. And the opposite terminal equipment participating in the quantum key negotiation process, namely the receiver verifies the certificate by using the identity information after receiving the account information, if the certificate passes the verification, response information is returned to the sender, wherein the response information comprises the account information of the receiver, and if the certificate does not pass the verification, the quantum key distribution process is ended.

In the same way, after the sender receives the account information from the receiver, the identity of the receiver can be verified in the same way, if the identity passes the verification, the subsequent quantum key distribution process can be executed, otherwise, the quantum key distribution process is ended.

And if the sender and the receiver pass the authentication process, continuing the subsequent quantum key distribution process. In order to dynamically perform identity verification in the quantum key distribution process, the transmitting side and the receiving side preset the same shared key, the sending side interpenetrates an identity authentication bit string with random length at any position of the key bit string, and distinguishes quantum states (key quantum state and identity authentication quantum state for short) of the two kinds of information by adopting preset different wavelengths, wherein a preparation basis corresponding to the identity authentication quantum state follows a basis vector selection rule preset in the transmitting side and the receiving side.

For example, the sender wants to be at the time point t₁、t₂...t_nAnd sending the quantum state of a binary bit string with the length of n, wherein the binary bit string comprises two parts, one part is a randomly generated classical binary bit string serving as a key bit string, and the other part is an identity authentication bit string corresponding to a preset basis vector selection rule. The sender can select a random number m smaller than n according to a certain strategy as the length of the identity authentication bit string, then randomly select a natural number i from natural numbers from 1 to n-m as the length of a key bit string positioned before the identity authentication bit string, that is, insert the identity authentication bit string from a position i +1, thereby obtaining a binary bit string as shown below, in which x is the bit string_i+1…x_i+mFor the identity authentication bit string, the rest are key bit string information:

x₁,x₂…x_i,x_i+1…x_i+m,x_i+m+1…x_n(x_i∈{0,1},＝1,…,n-)

the sender is at a point in time t₁、t₂...t_nTransmitting encoded quantum states of the binary bit stringTo the receiver, j₁,j₂,…j_i,j_i+1…j_i+m,j_i+m+1,…j_nIs a preparation base sequence adopted by a sender, wherein j₁,j₂,…j_iAnd j_i+m+1,…j_nIs a random quantum state preparation base, j, corresponding to the key bit string_i+1…j_i+mThe basis is prepared according to the quantum state of the identity authentication bit string selected according to the preset basis vector selection rule.

Accordingly, in the subsequent step 102, the receiver employs the measurement base sequence k₁,k₂…k_i,k_i+1…k_i+m,k_i+m+1…k_nMeasuring the received quantum state, wherein k₁,k₂,…k_iAnd k_i+m+1,…k_nIs a random quantum state measurement basis, k, corresponding to the quantum state of the key_i+1…k_i+mAnd the measurement basis is a measurement basis corresponding to the identity authentication quantum state and is also selected according to a preset basis vector selection rule.

In a specific implementation, different strategies may be adopted to set a basis vector selection rule that the devices of the transmitting and receiving parties follow, for example, a corresponding preparation basis or measurement basis may be selected according to a position of the authentication bit in the quantum state information, and in a specific example of this embodiment, the following rule is set: and selecting a corresponding horizontal polarization base, a vertical polarization base, a left-handed polarization base or a right-handed polarization base according to the position information of each identity verification bit in the quantum state information and the different result of the modulus 4.

Still following the above description of the binary bit string, let i + m be l, then in the specific example, the preparation basis and the measurement basis corresponding to the identity authentication quantum state satisfy the following conditions:

a specific example of the preset basis vector selection rule is given above, when the technical solution is implemented specifically, other basis vector selection rules different from the above rules may be preset for the two parties of the sending and receiving, for example, different algorithms may be adopted, and as long as the two parties of the sending and receiving select the preparation basis and the measurement basis in the identity authentication quantum state by using the same rule, the technical solution of the present application can be implemented, and all are within the protection scope of the present application.

In this step, the sending party selects a quantum state preparation basis of the identity authentication bit string according to a preset basis vector selection rule, then adopts preset different wavelengths to bear the quantum state of the identity authentication bit string and the quantum state of the randomly generated key bit string, and sends the quantum state to the opposite-end device participating in the quantum key distribution process. Because the identity authentication bit string is inserted in the key bit string at random positions and lengths, the interception of identity authentication information can be effectively avoided, and man-in-the-middle attacks and DDoS attacks in the quantum key distribution process are avoided.

Step 102: and the receiver measures the received quantum state according to the different wavelengths and the basis vector selection rule, selects a receiver authentication key from the identity authentication information and sends the position information of the key and a preset shared key encrypted by the key when the measured identity authentication information conforms to the basis vector selection rule, and otherwise, the quantum key distribution process is ended.

After the sender executes step 101 to send quantum state information, the two parties of the transceiver can complete the identity authentication process of the two parties of the transceiver through the interactive process according to the measurement result of the identity authentication quantum state and the verification of the preset shared key of the two parties, and then continue the subsequent key agreement process according to the quantum key distribution protocol. In order to improve the execution efficiency of key distribution and reduce the number of interactions, this embodiment provides a preferred implementation manner of interspersing identity authentication in each phase of key agreement.

In this step, the receiver not only completes the measurement of the conventional secret key quantum state, but also completes the verification of the identity of the sender according to the measurement result of the identity authentication quantum state information. The process includes sub-steps 102-1 to 102-7, as further described below in conjunction with fig. 2.

Step 102-1: and distinguishing identity authentication quantum state information and key quantum state information according to the different wavelengths.

Because the sender adopts different wavelengths to send the identity authentication quantum state and the key quantum state, the receiver can distinguish the two kinds of information from the received quantum state information according to the same wavelength setting as the sender.

Step 102-2: and randomly selecting a measuring basis of the quantum state information of the secret key, and selecting the measuring basis of the identity authentication quantum state information according to a preset basis vector selection rule.

For the key quantum state part, the measurement basis may still be randomly selected according to a quantum key distribution protocol (for example, BB84 protocol), and for the identity verification quantum state part, the corresponding measurement basis is selected according to a preset basis vector selection rule, and for this part, the relevant description has been already made in step 101, and details are not repeated here.

Step 102-3: and measuring the received quantum state information to obtain identity authentication information.

This step measures the quantum state of the key and obtains the original measurement result about the key information.

The step also uses the measurement basis selected according to the preset basis vector selection rule in the step 102-2 to measure the received identity authentication quantum state information, and considers that the quantum channel may have attenuation, so that the part in which the photon is not detected is removed, and the measured identity authentication information is obtained.

Step 102-4: and judging whether the identity authentication information obtained by measurement conforms to a preset basis vector selection rule, if so, executing the step 102-5, and if not, ending the quantum key distribution process.

Because the same basic vector selection rule is preset for the identity authentication information by the two parties participating in the quantum key distribution process, the sender selects the preparation base to send the quantum state of the identity authentication information according to the rule, and the receiver selects the measurement base measuring the corresponding quantum state according to the rule, the identity authentication information measured by the receiver is consistent with the corresponding expected information after the photons which are not detected due to attenuation are removed.

For the receiver, if the measured identity authentication information is consistent with the corresponding expected information, the base vector selection rule adopted by the sender for the identity authentication information can be considered to be the same as the base vector selection rule, and only the sender with a legal identity can know the rule, so that the sender can be judged to pass the identity authentication.

Considering that the measurement result of individual quantum state may not meet the expectation due to noise interference and other factors during the transmission process of the quantum channel, if the sender is determined not to pass the identity authentication in this case, and the quantum key distribution process is ended, the quantum key distribution amount is unnecessarily reduced. Considering the above situation, and considering the requirements of defending man-in-the-middle attacks and DDoS attacks at the same time, a mode of setting a threshold value can be adopted, that is: if the difference between the identity authentication information measured by the receiver and the expected information following the basis vector selection rule is smaller than a preset threshold value, for example, the number of bits of which the measurement result does not conform to the expected information is smaller than a preset upper limit value, the receiver may consider that the sender passes the identity authentication.

Step 102-5: and selecting a receiver authentication key from the identity authentication information.

In the above step 102-4, the receiver has already verified the identity of the sender, and then the receiver needs to prove the validity of its identity to the sender. The receiver can encrypt the locally preset shared key by using the identity authentication information obtained from the quantum state and provide the encrypted shared key for the sender to verify, that is, the identity authentication information is directly used as the receiver authentication key IDkey.

In order to avoid that malicious middleman or attacker also adopts the stolen identity authentication information to encrypt and transmit the stolen shared key in a mode similar to the mode, a receiver can randomly select bits at different positions from the identity authentication information without directly using the identity authentication information as the IDkey, and a bit string consisting of the selected bits is used as the IDkey of the receiver.

Step 102-6: and encrypting the locally preset shared secret key by adopting the receiver authentication secret key.

The receiver encrypts the locally preset shared key using the IDkey selected in step 102-5.

For other phases of subsequent quantum key distribution, for example: when a correct measurement base is published, the identity of an information publisher can still be verified, and the security of a key distribution process is further ensured, and the embodiment also provides an optimal implementation mode: the information encrypted by the receiver using the IDkey includes not only the preset shared key but also locally generated auxiliary authentication information m.

Step 102-7: and sending the position information of the authentication key of the receiving party and the encrypted ciphertext through a classical channel, and simultaneously disclosing a measurement basis of the quantum state information of the key.

And the receiving party sends the position information corresponding to the selected IDkey in the step 102-5 through the classical channel and executes the ciphertext obtained in the step 102-6.

Meanwhile, according to a quantum key distribution protocol, a measurement basis adopted by a key quantum state can be measured through a classical channel public receiving party.

Step 103: and the sender selects a corresponding sender authentication key according to the received position information, judges whether the information obtained by decrypting the received ciphertext by adopting the key is consistent with a local preset shared key or not, and ends the quantum key distribution process if the information is not consistent with the local preset shared key.

And the sender receives the measurement base disclosed by the receiver, the position information of the selected IDkey and the encrypted ciphertext through the classical channel.

The sender obtains a sender authentication key, i.e., the IDkey of the sender, according to the position information and the quantum state information sent by the sender in step 101. And decrypting the received ciphertext by adopting the IDkey to obtain the decrypted preset shared key and the auxiliary authentication information.

And then judging whether the decrypted preset shared key is consistent with the local preset shared key. For the sender, if the ciphertext sent by the receiver is decrypted by using the IDkey of the sender, and the obtained preset shared key information is consistent with the local preset shared key, on one hand, the preset shared key of the receiver is the same as the local preset shared key of the sender, and only the receiver with a legal identity may have the shared key, on the other hand, the receiver selects a measurement base according to the basis vector selection rule which is the same as the receiver and adopts the encryption operation executed by the correct IDkey, so that the sender can decrypt the preset shared key consistent with the local identity, and therefore, the receiver can be judged to pass the identity authentication. Otherwise, if the two are not consistent, the receiver may be considered as a man-in-the-middle or an attacker, and thus the quantum key distribution process is ended.

If the sender judges that the identity of the receiver is legal, the measurement base disclosed by the receiver can be compared with the preparation base used by the sender according to the flow of the quantum key distribution protocol, a correct measurement base is selected, the original key is screened out according to the correct measurement base, and the correct measurement base is disclosed to the receiver through a classical channel.

So far, through the steps 101 to 103, the receiver verifies the identity of the sender by judging whether the identity authentication quantum state information conforms to the basis vector selection rule; the sender verifies the identity of the receiver by comparing the preset shared key. If both the transmitter and the receiver pass the verification, the subsequent key distribution process can be continuously executed according to the flow of the quantum key distribution protocol.

In order to further ensure the security of the key distribution process, the embodiment also interposes the identity authentication and data encryption processing flows in the subsequent distribution process, and the following further describes this preferred embodiment.

1) The transmitting side encrypts the variant of the auxiliary authentication information and transmits the ciphertext.

In the step 103, the sender obtains the decrypted auxiliary authentication information, and after verifying that the identity of the receiver is legal, the sender may encrypt the variant of the decrypted auxiliary authentication information by using a preset policy, and then send the ciphertext information after performing the encryption operation when publishing the correct measurement basis of the quantum state of the key through the classical channel.

The preset strategy can be preset by the transmitting and receiving parties or determined through negotiation. The preset strategy comprises the following steps: executing encryption operation by adopting a preset shared key; alternatively, the encryption operation is performed using IDkey.

The modification of the auxiliary authentication information refers to information generated based on the auxiliary authentication information, and may be, for example, the auxiliary authentication information itself; or, the result obtained by processing the auxiliary authentication information by using a preset mathematical transformation method, for example: and m + 1. The same variant generation algorithm or function can be preset for the transmitting and receiving double-transmission, so that the variant information generated by the two parties is consistent for the same auxiliary authentication information m.

2) And after receiving the correct measuring base and the ciphertext, the receiver verifies the identity of the sender by decrypting the ciphertext.

Firstly, the receiver decrypts the received ciphertext by adopting a mode corresponding to a preset strategy adopted by the sender, for example, if the sender adopts the encryption operation executed by the IDkey, the receiver also adopts the own IDkey to execute the decryption operation; if the sender adopts the encryption operation executed by the local preset shared secret key, the receiver also adopts the local preset shared secret key to execute the decryption operation.

Then, it is determined whether the information obtained after performing the decryption operation is consistent with a variation of the locally generated auxiliary authentication information m. The auxiliary authentication information m is generated locally by the receiver initially and is sent to the sender in an encrypted form through classical information, after the sender decrypts and restores, the variant of the information is encrypted by adopting a preset strategy and is sent to the receiver, if the decrypted result of the receiver is consistent with the variant of the auxiliary authentication information originally generated locally by the receiver, the sender can successfully decrypt and restore the m, and the encryption mode and the variant generation algorithm or function adopted by the receiver are consistent with the receiver, so that the receiver verifies the identity of the sender again, and meanwhile, the correct measurement basis of the quantum state of the key published by the sender through the classical channel is credible.

Therefore, if the judgment result is 'yes', the receiver can screen the original key according to the correct measurement basis disclosed by the classical channel, and publish the measurement result of the quantum state of part of the key through the classical channel so as to carry out subsequent bit error rate estimation; if the judgment result is 'no', the sender identity is not trusted, so that the quantum key distribution process can be ended.

It should be noted that the sender may also use a dynamically changing algorithm or function to calculate a variant of the auxiliary authentication information obtained by decryption, and as long as the receiver knows a corresponding rule for calculating the variant, the technical solution may also be implemented, and the security may be further improved. For example, the sender calculates the variant for the first time in the following way: the receiver compares the decrypted information with the variation m +1 of the auxiliary authentication information m originally generated locally; the sender calculates the variant for the second time in the following way: and the receiver compares the decrypted information with the variation m +2 of the auxiliary authentication information m originally generated locally.

3) After the error rate is estimated by the sender, the error rate is encrypted by using the IDkey and sent to the receiver.

And the sender estimates the error rate according to the measurement result of the quantum state of the partial secret key published by the receiver, and if the error rate is within a certain threshold range, the sender utilizes an error correction technology to correct errors and then further performs privacy amplification on the missed quantum secret key, so that information leakage caused in the communication process and the error correction process is eliminated, and finally the unconditionally safe shared quantum secret key is extracted. And if the error rate exceeds a certain threshold, giving up the quantum key distribution process.

If the error rate does not exceed the threshold, the sender can send the error rate to the receiver for reference after completing the above operations, so as to ensure that the two parties make the same judgment, and perform subsequent processing operations such as privacy amplification and the like based on the same strategy, thereby obtaining the same shared quantum key. In order to avoid stealing the error rate information by a man-in-the-middle or an attacker, the sender can encrypt the error rate by using an IDkey and send the encrypted information to the receiver.

4) The receiving party decrypts the received information, obtains the error rate and executes corresponding processing.

After receiving the ciphertext of the error rate, the receiver decrypts the information by using the IDkey to obtain the error rate estimated by the sender, can execute the same operation as that of the sender according to the error rate, and can also compare the error rate estimated by the receiver with the error rate sent by the sender, if the difference between the error rate estimated by the receiver and the error rate sent by the sender is within a preset range, namely the judgment result of the receiver and the sender based on the error rate and the subsequent processing strategy are the same, the receiver can continue to execute the subsequent operation, and finally obtains the unconditionally safe shared quantum key which is the same as that of the sender.

So far, through the above-mentioned step 101-103, the identity authentication of the receiving and sending parties is realized in the quantum key distribution process. The technical scheme includes that secret key information and identity authentication information are distinguished by different wavelengths, the quantum state of the identity authentication information with variable length is randomly inserted in the secret key quantum state, and a transceiver and a receiver finish an identity authentication process by detecting whether opposite-end equipment follows the same basis vector selection rule when selecting a preparation basis or a measurement basis and whether the opposite-end equipment has the same preset shared secret key. The technical scheme fully utilizes the security of the quantum, carries out identity authentication through quantum state information, does not need to preset the same identity authentication information by a transmitting party and a receiving party, realizes the quantum state zero-knowledge proof identity authentication method, can effectively defend man-in-the-middle attack and DDoS attack, ensures the security of the distribution process of the quantum key, and can not cause the reduction of the distribution amount of the quantum key.

In addition, the application also provides another identity authentication method for the quantum key distribution process, and the method is implemented on the quantum communication equipment of a sender participating in the quantum key distribution process. Please refer to fig. 3, which is a flowchart illustrating another embodiment of an identity authentication method for a quantum key distribution process according to the present application, wherein the same steps as those in the first embodiment are not repeated, and the following description focuses on differences. The method comprises the following steps:

step 301: selecting a preparation basis of an identity authentication bit string according to a preset basis vector selection rule, and sending the identity authentication bit string and a quantum state of a randomly generated key bit string to opposite-end equipment participating in a quantum key distribution process by adopting preset different wavelengths, wherein the identity authentication bit string is inserted in the key bit string at a random position and length.

Before this step, a quantum key negotiation request may be sent to the peer device, where the request includes account information of a sender for the peer device to verify its identity, and then the request may receive the account information sent by the peer device, and verify the identity of the other party according to the account information, and if the verification fails, the quantum key distribution process is ended; if the verification is successful, the step can be executed to transmit the quantum state.

The preset basis vector selection rule comprises: selecting a corresponding preparation basis according to the position of the authentication bits in the quantum state information, for example, selecting a corresponding horizontal polarization basis, a vertical polarization basis, a left-handed polarization basis, or a right-handed polarization basis according to the difference result of modulo 4 of the position information of each authentication bit in the quantum state information.

Step 302: and receiving authentication key position information and a ciphertext to be verified returned by the opposite terminal equipment.

As a preferred embodiment, the method may be performed in a quantum key distribution process, in this way, the information returned by the peer device includes not only: authenticating the key position information and the ciphertext to be verified, further comprising: the measurement basis employed to measure the quantum state of the key.

Step 303: and selecting an authentication key according to the position information and the transmitted quantum state information, and decrypting the received ciphertext to be verified by adopting the authentication key.

Step 304: and judging whether the decrypted information is consistent with a local preset shared key or not, and if not, ending the quantum key distribution process.

If the judgment result in this step is yes, the following operations can be continuously executed according to the quantum key distribution protocol:

If the auxiliary authentication information sent by the receiving party is also received in step 302, if the determination result in this step is yes, the variant of the auxiliary authentication information may be encrypted, and the ciphertext of the variant of the auxiliary authentication information is sent while the correct measurement base is published for further verification by the receiving party; in addition, after estimating the bit error rate, the authentication key selected in step 303 may be used to encrypt the bit error rate and send it to the receiving party.

In the foregoing embodiment, another identity authentication method for a quantum key distribution process is provided, and correspondingly, an identity authentication apparatus for a quantum key distribution process is also provided, where the apparatus is disposed on a sender quantum communication device participating in the quantum key distribution process. Please refer to fig. 4, which is a schematic diagram of an embodiment of an identity authentication apparatus for a quantum key distribution process according to the present application. Since the apparatus embodiments are substantially similar to the method embodiments, they are described in a relatively simple manner, and reference may be made to some of the descriptions of the method embodiments for relevant points. The device embodiments described below are merely illustrative.

An identity authentication apparatus for a quantum key distribution process of this embodiment includes: a quantum state sending unit 401, configured to select a preparation basis of an identity authentication bit string according to a preset basis vector selection rule, and send the identity authentication bit string and a quantum state of a randomly generated key bit string to an opposite device participating in a quantum key distribution process by using preset different wavelengths, where the identity authentication bit string is interspersed in the key bit string at random positions and lengths; a response information receiving unit 402, configured to receive authentication key location information and a ciphertext to be verified, where the authentication key location information and the ciphertext are returned by the peer device; an information decryption unit 403, configured to select an authentication key according to the position information and the transmitted quantum state information, and decrypt the received ciphertext to be verified by using the authentication key; a sender authentication determining unit 404, configured to determine whether the decrypted information is consistent with a local preset shared key; if not, the quantum key distribution process is ended.

correspondingly, the device further comprises:

Optionally, the apparatus further comprises:

In addition, the application also provides a third identity authentication method for the quantum key distribution process, wherein the method is implemented on the quantum communication equipment of the receiving party participating in the quantum key distribution process. Please refer to fig. 5, which is a flowchart illustrating an embodiment of a third identity authentication method for a quantum key distribution process according to the present application, where the same steps as those in the first embodiment are not repeated, and the following description focuses on differences. The method comprises the following steps:

step 501: and receiving the quantum state sent by the opposite terminal equipment participating in the quantum key distribution process.

Before this step, a key agreement request sent by the opposite terminal device may be received, and the identity of the opposite side is verified according to the account information contained in the request, and if the verification fails, the quantum key distribution process is ended; and if the verification is successful, sending account information of the receiver to the opposite terminal equipment, and executing the step to receive the quantum state sent by the opposite terminal equipment.

Step 502: and measuring the received quantum state according to preset different wavelengths and basis vector selection rules, and acquiring identity authentication information according to the measured result.

The preset basis vector selection rule comprises: the corresponding measurement basis is selected based on the position of the authentication bits in the quantum state information, e.g., the corresponding horizontal polarization basis, vertical polarization basis, left-handed polarization basis, or right-handed polarization basis is selected based on the difference between the position information of each authentication bit in the quantum state information modulo 4.

Specifically, the method comprises the following steps: distinguishing identity authentication quantum state information and secret key quantum state information according to the preset different wavelengths; selecting a measuring basis of the identity authentication quantum state information according to the preset basis vector selection rule; and measuring the identity authentication quantum state information by using the selected measuring basis, and rejecting the part in which the photon is not detected to obtain the identity authentication information.

Step 503: and judging whether the identity authentication information conforms to the basis vector selection rule, if so, executing a step 504, and if not, ending the quantum key distribution process.

Step 504: and selecting an authentication key from the identity authentication information, and sending the position information of the authentication key and a preset shared key encrypted by the authentication key to the opposite terminal equipment.

The selecting an authentication key from the identity authentication information includes: selecting the identity authentication information as the authentication key; or randomly selecting bits at different positions from the identity authentication information, and using a bit string consisting of the selected bits as the authentication key.

In this step, the authentication key may be further used to encrypt auxiliary authentication information m generated locally, and the encrypted ciphertext, the location information, and the encrypted preset shared key are sent to the peer device.

The self-authentication method can be alternatively executed in the quantum key distribution process, so that the step can also be used for publicly measuring a measurement basis adopted by the quantum state of the key through a classical channel.

After this step, the following operations may also be performed:

1) and receiving a correct measurement basis of the quantum state of the key, which is sent by the opposite-end equipment through a classical channel.

And if the ciphertext of the variant of the auxiliary authentication information is received at the same time, executing decryption operation, verifying whether the variant of the auxiliary authentication information is consistent with the variant of the auxiliary authentication information originally generated locally, if so, executing subsequent operations of screening the original key and the like, otherwise, ending the quantum key distribution process.

2) And screening the original secret key, and acquiring a final shared quantum secret key by acquiring the error rate, error correction and privacy amplification processes.

If the error rate ciphertext sent by the sender is received after the original key is screened, the authentication key selected in step 504 may be used for decryption, and subsequent processes such as error correction and privacy amplification are performed according to the result to obtain the final shared quantum key.

In the foregoing embodiments, a third identity authentication method for a quantum key distribution process is provided, and correspondingly, an identity authentication apparatus for a quantum key distribution process is also provided, where the apparatus is disposed on a quantum communication device of a receiving party participating in the quantum key distribution process. Please refer to fig. 6, which is a schematic diagram of an embodiment of an identity authentication apparatus for a quantum key distribution process according to the present application. Since the apparatus embodiments are substantially similar to the method embodiments, they are described in a relatively simple manner, and reference may be made to some of the descriptions of the method embodiments for relevant points. The device embodiments described below are merely illustrative.

An identity authentication apparatus for a quantum key distribution process of this embodiment includes: a quantum state receiving unit 601, configured to receive a quantum state sent by an opposite device participating in a quantum key distribution process; a quantum state measurement unit 602, configured to measure the received quantum state according to preset different wavelengths and basis vector selection rules, and obtain identity authentication information according to a measured result; a receiver authentication determining unit 603, configured to determine whether the identity authentication information conforms to the basis vector selection rule, and if not, end the quantum key distribution process this time; an information sending unit 604, configured to select an authentication key from the identity authentication information and send location information of the authentication key and a preset shared key encrypted with the authentication key to the peer device when the output of the receiver authentication determining unit is yes.

Optionally, the apparatus further comprises:

correspondingly, the device further comprises:

Optionally, the apparatus further comprises:

Optionally, the quantum state measurement unit includes:

Optionally, the information sending unit includes:

wherein the authentication key selection subunit is specifically configured to,

In addition, an embodiment of the present application further provides an identity authentication system for a quantum key distribution process, as shown in fig. 7, the system includes: the identity authentication device 701 is deployed on the sender quantum communication device, and the identity authentication device 702 is deployed on the receiver quantum communication device; the identity authentication devices deployed in the quantum communication equipment of the both sides of the transmitter and the receiver preset the same basis vector selection rule and the same shared secret key, and adopt the same wavelength setting for distinguishing identity authentication information and secret key information.

The identity authentication devices respectively deployed in quantum communication equipment of the transmitter and the receiver realize dynamic verification of the identity of opposite-end equipment in the quantum key distribution process by adopting the identity authentication method provided by the application. The following briefly describes an interaction processing flow of the identity authentication system for the quantum key distribution process with reference to fig. 8. The identity authentication device deployed in the sender quantum communication device is referred to as a for short, and the identity authentication device deployed in the receiver quantum communication device is referred to as B for short.

1) A sends a key negotiation request to B, wherein the request carries account information of A;

2) b, verifying the validity of the identity A and sending account information of B to A;

3) a, verifying the validity of the identity B according to the received account information; a, selecting a preparation basis of an identity authentication bit string according to a preset basis vector selection rule, and sending the identity authentication bit string and a quantum state of a randomly generated key bit string by adopting different wavelengths, wherein the identity authentication bit string is inserted in the key bit string at random positions and lengths;

4) and B, measuring the received quantum state according to the different wavelengths and the basis vector selection rule, when the identity authentication information obtained by measurement conforms to the basis vector selection rule, selecting a receiver authentication key IDkey from the identity authentication information, sending the position information of the key, a preset shared key and local auxiliary authentication information m encrypted by adopting the key, and disclosing a measurement basis of the quantum state of the key, otherwise, ending the quantum key distribution process.

5) A, selecting a corresponding sender authentication key according to the received position information, judging whether a preset shared key obtained by decrypting a received ciphertext by using the key is consistent with a local preset shared key or not, screening an original key, a correct measurement base for publishing a key quantum state and a ciphertext of an acquired variant of auxiliary authentication information if the preset shared key is consistent with the local preset shared key, and finishing the quantum key distribution process if the preset shared key is inconsistent with the local preset shared key;

6) b, decrypting the ciphertext of the variant of the auxiliary authentication information, if the ciphertext is consistent with the variant of the auxiliary authentication information m originally generated locally, screening the original key according to the received correct measurement basis, and publishing the measurement result of the quantum state of part of the key, otherwise, ending the quantum key distribution process;

7) a, obtaining a final shared quantum key by calculating an error rate, correcting and amplifying privacy, and sending the error rate encrypted by IDkey to B; and B, decrypting the received error rate, and executing corresponding error correction and privacy amplification according to the error rate to obtain a final shared quantum key.

It should be noted that, what is shown above is a preferred embodiment of the present system, and in other embodiments, different interaction manners may be adopted, for example, an identity authentication link based on preset account information 1) and 2) may not be executed, during the process of performing identity authentication of B to a in link 4) and performing identity authentication of a to B in link 5), the auxiliary authentication information m may not be adopted, and identity authentication may not be continuously performed by using variant information of m in a subsequent link, or encryption and decryption operations may not be performed on the error rate by using IDkey. As long as the links 3), 4) and 5) utilize whether the identity authentication quantum state accords with the basis vector selection rule or not and whether the preset shared secret keys of the two parties are consistent or not, the mutual authentication between A and B is completed, the core of the application is not deviated, and the method is within the protection range of the application.

Although the present application has been described with reference to the preferred embodiments, it is not intended to limit the present application, and those skilled in the art can make variations and modifications without departing from the spirit and scope of the present application, therefore, the scope of the present application should be determined by the claims that follow.

In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.

1. Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, computer readable media does not include non-transitory computer readable media (transmyedia), such as modulated data signals and carrier waves.

2. As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

Claims

1. An identity authentication method for a quantum key distribution process, wherein the method is implemented in a quantum communication device of a transmitter and a receiver participating in the quantum key distribution process, and comprises:

2. The identity authentication method for the quantum key distribution process according to claim 1, wherein when the identity authentication information measured by the receiving party conforms to the basis vector selection rule, the receiving party further performs the following operations:

3. The identity authentication method for a quantum key distribution process of claim 2, wherein before the sender sends the quantum state of the identity authentication bit string and the randomly generated key bit string, the following operations are performed:

4. The identity authentication method for a quantum key distribution process according to claim 3, wherein the preset account information comprises: identity information and certificates.

5. The identity authentication method for the quantum key distribution process according to claim 2, wherein the preset basis vector selection rule comprises:

6. The identity authentication method for the quantum key distribution process according to claim 5, wherein the corresponding preparation basis or measurement basis is selected according to the position of the identity verification bit in the quantum state information, specifically:

7. The identity authentication method for the quantum key distribution process according to claim 2, wherein the receiver measures the received quantum state according to the different wavelengths and basis vector selection rules, and comprises:

8. The identity authentication method for the quantum key distribution process according to claim 7, wherein the identity authentication information measured by the receiver matches the basis vector selection rule, that is, the difference between the identity authentication information measured by the receiver and the expected information following the basis vector selection rule is smaller than a preset threshold.

9. The identity authentication method for the quantum key distribution process according to claim 2, wherein the recipient selects a recipient authentication key from the identity authentication information, comprising:

10. The identity authentication method for the quantum key distribution process according to any one of claims 2 to 9, wherein the information encrypted by the receiver using the receiver authentication key includes not only the preset shared key but also locally generated auxiliary authentication information;

11. The identity authentication method for the quantum key distribution process according to claim 10, wherein when the result that the sender determines whether the decrypted preset shared key is consistent with the local preset shared key is yes, the following operations are further performed:

12. The identity authentication method for the quantum key distribution process according to claim 11, wherein the preset policy comprises:

13. The identity authentication method for a quantum key distribution process of claim 11, wherein the variant of the secondary authentication information comprises:

14. The identity authentication method for the quantum key distribution process according to claim 11, wherein the sender adopts the sender authentication key to encrypt the bit error rate after estimating the bit error rate according to the measurement result of the quantum state of the partial key published by the receiver, and sends the encrypted information to the receiver;

15. An identity authentication method for a quantum key distribution process, the method being implemented on a sender quantum communication device participating in the quantum key distribution process, comprising:

16. The identity authentication method for the quantum key distribution process according to claim 15, wherein the information returned by the peer device not only includes: authenticating the key position information and the ciphertext to be verified, further comprising: measuring a measurement basis used for measuring the quantum state of the key;

17. The method of claim 16, wherein prior to the sending the quantum state of the string of authentication bits and the randomly generated string of key bits, performing the following operations:

receiving account information sent by the opposite terminal equipment;

18. The identity authentication method for the quantum key distribution process according to claim 16, wherein the preset basis vector selection rule comprises:

19. The identity authentication method for the quantum key distribution process according to claim 18, wherein the selecting the corresponding preparation basis according to the position of the identity verification bit in the quantum state information specifically means:

20. An identity authentication apparatus for a quantum key distribution process, the apparatus being deployed on a sender quantum communication device participating in a quantum key distribution process, comprising:

21. The apparatus according to claim 20, wherein the information received by the response information receiving unit includes not only: authenticating the key position information and the ciphertext to be verified, further comprising: measuring a measurement basis used for measuring the quantum state of the key;

correspondingly, the device further comprises:

22. The apparatus for identity authentication for a quantum key distribution process of claim 21, wherein the apparatus further comprises:

23. The identity authentication apparatus for a quantum key distribution process according to claim 21, wherein the preset basis vector selection rule adopted by the quantum state sending unit includes: and selecting a corresponding preparation base according to the position of the identity verification bit in the quantum state information.

24. The apparatus of claim 23, wherein the predetermined basis vector selection rule adopted by the quantum state sending unit is to select a corresponding horizontal polarization basis, a vertical polarization basis, a left-handed polarization basis, or a right-handed polarization basis according to a result that a position information of each authentication bit in the quantum state information is modulo 4.

25. An identity authentication method for a quantum key distribution process, the method being implemented on a recipient quantum communication device participating in the quantum key distribution process, comprising:

if not, ending the quantum key distribution process.

26. The identity authentication method for a quantum key distribution process according to claim 25, wherein when the result of determining whether the identity authentication information conforms to the basis vector selection rule is yes, the following operations are further performed:

correspondingly, the method further comprises the following steps:

27. The identity authentication method for the quantum key distribution process of claim 25, wherein before the receiving the quantum state sent by the peer device participating in the quantum key distribution process, the following operations are performed:

receiving a key negotiation request sent by the opposite terminal equipment;

28. The identity authentication method for the quantum key distribution process of claim 25, wherein the preset basis vector selection rule comprises:

29. The identity authentication method for the quantum key distribution process according to claim 28, wherein the selecting the corresponding measurement basis according to the position of the authentication bit in the quantum state information specifically means:

30. The identity authentication method for the quantum key distribution process according to claim 25, wherein the measuring the received quantum state according to the preset different wavelength and basis vector selection rules, and obtaining the identity authentication information according to the measured result comprises:

31. The identity authentication method for a quantum key distribution process of claim 25, wherein the selecting an authentication key from the identity authentication information comprises:

32. An identity authentication apparatus for a quantum key distribution process, the apparatus being deployed on a recipient quantum communication device participating in a quantum key distribution process, comprising:

33. The apparatus for identity authentication for a quantum key distribution process of claim 32, wherein the apparatus further comprises:

correspondingly, the device further comprises:

34. The apparatus for identity authentication for a quantum key distribution process of claim 32, wherein the apparatus further comprises:

35. The identity authentication device for the quantum key distribution process according to claim 32, wherein the preset basis vector selection rule adopted by the quantum state measurement unit comprises: and selecting a corresponding preparation base according to the position of the identity authentication bit in the quantum state information.

36. The apparatus of claim 35, wherein the predetermined basis vector selection rule adopted by the quantum state measurement unit is to select a corresponding horizontal polarization basis, a vertical polarization basis, a left-handed polarization basis, or a right-handed polarization basis according to a difference between position information of each authentication bit in the quantum state information and a modulo-4 result.

37. The identity authentication device for a quantum key distribution process of claim 32, wherein the quantum state measurement unit comprises:

38. The identity authentication device for a quantum key distribution process of claim 32, wherein the information sending unit comprises:

wherein the authentication key selection subunit is specifically configured to,

39. An identity authentication system for a quantum key distribution process, comprising: the identity authentication apparatus deployed in the sender quantum communication device as claimed in claim 20, and the identity authentication apparatus deployed in the receiver quantum communication device as claimed in claim 32;