HK1229575B - Identity authentication methods, devices and system applied to quantum key distribution process - Google Patents
Identity authentication methods, devices and system applied to quantum key distribution process Download PDFInfo
- Publication number
- HK1229575B HK1229575B HK17103225.2A HK17103225A HK1229575B HK 1229575 B HK1229575 B HK 1229575B HK 17103225 A HK17103225 A HK 17103225A HK 1229575 B HK1229575 B HK 1229575B
- Authority
- HK
- Hong Kong
- Prior art keywords
- authentication
- key
- quantum
- information
- basis
- Prior art date
Links
Description
技术领域Technical Field
本申请涉及身份认证技术,具体涉及一种用于量子密钥分发过程的身份认证方法。本申请同时涉及另外两种用于量子密钥分发过程的身份认证方法及相应装置,以及一种用于量子密钥分发过程的身份认证系统。This application relates to identity authentication technology, specifically to an identity authentication method for use in a quantum key distribution process. This application also relates to two other identity authentication methods and corresponding devices for use in a quantum key distribution process, as well as an identity authentication system for use in a quantum key distribution process.
背景技术Background Art
量子密码作为量子力学和密码学的交叉产物,其安全性由量子力学基本原理保证,与攻击者的计算能力和存储能力无关,被证明具有无条件安全性和对窃听者的可检测性。最初提出的量子密钥分配协议(如BB84)虽然能够检测出窃听者对密钥的窃取操作,但是这些协议没有提供有效的身份认证机制。Quantum cryptography, a cross between quantum mechanics and cryptography, is secure thanks to the fundamental principles of quantum mechanics. It is independent of the attacker's computing and storage capabilities, and has been proven to be unconditionally secure and detectable against eavesdroppers. Initially proposed quantum key distribution protocols (such as BB84) can detect eavesdroppers attempting to steal keys, but they lack effective authentication mechanisms.
身份认证是保证网络安全的一个重要环节,通过认证可以保障通信双方的真实性、消息的完整性和来源可靠性,以防止非法方对信息进行伪造、修改和延迟等攻击。由于传统的量子密钥分配协议不具备有效的身份认证机制,因此可能在量子密钥分发过程中受到中间人攻击或者分布式拒绝服务(Distributed Denial of Service—DDoS)攻击。Identity authentication is a crucial component of network security. It ensures the authenticity of both communicating parties, the integrity of messages, and the reliability of their origins, preventing unauthorized parties from forging, modifying, or delaying information. Because traditional quantum key distribution protocols lack effective identity authentication mechanisms, they can be vulnerable to man-in-the-middle attacks or distributed denial of service (DDoS) attacks during the quantum key distribution process.
针对上述问题,现有技术提出了如下两种解决方案:To address the above problems, the prior art proposes the following two solutions:
(一)M.Dusek等认为在通信过程中不需要认证全部的经典信息,仅需要对影响正确判断量子态错误率的经典信息进行认证,其他的经典信息不需要认证,即使这些信息被修改也不会影响到安全。因此M.Dusek提出了结合经典消息认证算法的量子身份认证协议,其实质就是用经典的认证算法对尽量少的经典消息进行认证。(1) M. Dusek et al. believe that it is not necessary to authenticate all classical information during communication. Only the classical information that affects the error rate of correctly judging the quantum state needs to be authenticated. Other classical information does not need to be authenticated, and even if this information is modified, it will not affect security. Therefore, M. Dusek proposed a quantum identity authentication protocol that combines a classical message authentication algorithm. Its essence is to use a classical authentication algorithm to authenticate as few classical messages as possible.
(二)采用带身份认证的BB84协议。该协议与原BB84协议的主要不同点是将随机发送的量子比特串中某些比特位设定为特定的认证密钥位,量子比特串中每4个比特位中有一个是特定的认证密钥位,其具体的位置由认证密钥决定。通过此认证位的比特所代表的测量基矢以及光量子的偏振态来实现通信双方的身份认证,认证位的量子态信息不可随机发送,而应根据特定的规则由双方共享的认证密钥决定,同时量子力学基本原理又保证了绝对安全的密钥分配。(2) Adopting the BB84 protocol with identity authentication. The main difference between this protocol and the original BB84 protocol is that certain bits in the randomly transmitted quantum bit string are set as specific authentication key bits. One of every four bits in the quantum bit string is a specific authentication key bit, and its specific position is determined by the authentication key. The identity of the communicating parties is authenticated by the measurement basis vector represented by the bit and the polarization state of the light quantum. The quantum state information of the authentication bit cannot be sent randomly, but is determined by the authentication key shared by both parties according to specific rules. At the same time, the basic principles of quantum mechanics ensure absolutely secure key distribution.
上述两种方案由于都采用了身份认证机制,在一定程度上可以加强量子密钥分发过程的安全性,但是各自都存在一定的缺陷:Since both of the above two solutions use identity authentication mechanisms, they can enhance the security of the quantum key distribution process to a certain extent. However, each has certain drawbacks:
(一)M.Dusek方案,通信双方事先共享的认证密钥数量有限,易遭受中间人攻击和DDOS攻击;而且该方案没有充分利用量子的优越性,依然采用的是经典认证技术,存在被破解的风险。(1) The M.Dusek scheme has a limited number of authentication keys shared in advance by both communicating parties, making it vulnerable to man-in-the-middle attacks and DDOS attacks. Moreover, this scheme does not fully utilize quantum superiority and still uses classical authentication technology, which poses a risk of being cracked.
(二)带身份认证的BB84协议虽然将共享认证密钥信息以量子态形式发送,提高了密钥分发的安全性,但是由于该技术方案假设发送端的认证密钥量子态都能传输到接收端,接收端能按预设的认证密钥选择相应测量基去探测,探测结果一致就通过,否则认为对方是不合法的,终止量子密钥分发过程。该方案没有考虑光子在实际传输过程中的衰减(即:光子不一定能传输到对方,自然无法保证量子态的一致性),也就是说该技术方案没有提供对信道衰减的容错能力,导致身份识别率以及量子密钥分发量的降低。(2) Although the BB84 protocol with identity authentication transmits the shared authentication key information in the form of a quantum state, improving the security of key distribution, this technical solution assumes that the authentication key quantum state of the sender can be transmitted to the receiver. The receiver can select the corresponding measurement basis according to the preset authentication key to detect. If the detection results are consistent, the other party is passed; otherwise, the other party is considered to be illegitimate and the quantum key distribution process is terminated. This solution does not consider the attenuation of photons during actual transmission (i.e., photons may not be transmitted to the other party, so the consistency of the quantum state cannot be guaranteed). In other words, this technical solution does not provide fault tolerance for channel attenuation, resulting in a decrease in identity recognition rate and quantum key distribution.
发明内容Summary of the Invention
本申请的一种用于量子密钥分发过程的身份认证方法,不仅提供了一种在量子密钥分发过程中进行身份认证的新思路,而且可以有效解决现有身份认证技术易遭受攻击、以及导致量子密钥分发量降低的问题。本申请另外提供两种用于量子密钥分发过程的身份认证方法及装置,以及一种用于量子密钥分发过程的身份认证系统。The present application proposes an identity authentication method for use in a quantum key distribution process. This method not only provides a new approach to identity authentication during the quantum key distribution process, but also effectively addresses the vulnerability of existing identity authentication technologies to attacks and the resulting reduction in quantum key distribution throughput. The present application also provides two identity authentication methods and devices for use in a quantum key distribution process, as well as an identity authentication system for use in a quantum key distribution process.
本申请提供一种用于量子密钥分发过程的身份认证方法,所述方法在参与量子密钥分发过程的收发双方量子通信设备中实施,包括:The present application provides an identity authentication method for a quantum key distribution process, which is implemented in quantum communication devices of both the sender and receiver participating in the quantum key distribution process, and includes:
发送方根据预先设定的基矢选择规则选择身份认证比特串的制备基、并采用不同波长发送身份认证比特串和随机生成的密钥比特串的量子态,所述身份认证比特串以随机的位置和长度穿插在所述密钥比特串中;The sender selects a preparation basis for the identity authentication bit string according to a pre-set basis selection rule, and transmits the quantum states of the identity authentication bit string and the randomly generated key bit string using different wavelengths, with the identity authentication bit string interspersed with the key bit string at random positions and lengths.
接收方根据所述不同波长和基矢选择规则,对接收的量子态进行测量,当测量得到的身份认证信息与所述基矢选择规则相符时,从所述身份认证信息中选取接收方认证密钥、并发送所述密钥的位置信息以及采用所述密钥加密的预置共享密钥,否则结束本次量子密钥分发过程;The receiver measures the received quantum state according to the different wavelengths and basis vector selection rules. When the identity authentication information obtained by the measurement is consistent with the basis vector selection rule, the receiver selects the receiver authentication key from the identity authentication information and sends the location information of the key and the pre-set shared key encrypted with the key. Otherwise, the quantum key distribution process ends.
发送方根据接收的所述位置信息选取相应的发送方认证密钥,并判断采用所述密钥对接收的密文进行解密后的信息是否与本地的预置共享密钥一致,若不一致则结束本次量子密钥分发过程。The sender selects the corresponding sender authentication key based on the received location information, and determines whether the information after decrypting the received ciphertext using the key is consistent with the local preset shared key. If not, the quantum key distribution process is terminated.
可选的,当所述接收方测量得到的身份认证信息与所述基矢选择规则相符时,所述接收方还执行下述操作:Optionally, when the identity authentication information measured by the receiving party is consistent with the basis vector selection rule, the receiving party further performs the following operations:
通过经典信道公开用于测量密钥量子态的测量基;Publicizing a measurement basis for measuring a key quantum state through a classical channel;
相应的,当所述发送方判断解密后的信息与本地的预置共享密钥一致时,所述发送方执行下述操作:Accordingly, when the sender determines that the decrypted information is consistent with the local preset shared key, the sender performs the following operations:
确定密钥量子态的正确测量基,筛选原始密钥;Determine the correct measurement basis of the key quantum state and screen the original key;
通过经典信道公布所述密钥量子态的正确测量基;Publishing a correct measurement basis of the key quantum state through a classical channel;
相应的,在上述公布所述密钥量子态的正确测量基的步骤之后,执行下述操作:Accordingly, after the above step of publishing the correct measurement basis of the key quantum state, the following operations are performed:
接收方筛选原始密钥;以及,The receiver filters the original key; and,
收发双方通过误码率估算、纠错和隐私放大过程,获取最终的共享量子密钥。The sender and receiver obtain the final shared quantum key through bit error rate estimation, error correction and privacy amplification processes.
可选的,在发送方发送身份认证比特串和随机生成的密钥比特串的量子态之前,执行下述操作:Optionally, before the sender sends the quantum state of the identity authentication bit string and the randomly generated key bit string, the following operations are performed:
收发双方通过经典信道,利用预置的账户信息与对端设备相互进行身份验证,若其中任一设备未通过所述身份验证,则结束本次量子密钥分发过程。The sender and receiver use preset account information to authenticate each other with the other device through a classical channel. If either device fails the authentication, the quantum key distribution process ends.
可选的,所述预置的账户信息包括:身份信息和证书。Optionally, the preset account information includes: identity information and certificate.
可选的,所述预先设定的基矢选择规则包括:Optionally, the preset basis vector selection rule includes:
根据身份验证比特在量子态信息中的位置,选择相应的制备基或者测量基。According to the position of the authentication bit in the quantum state information, the corresponding preparation basis or measurement basis is selected.
可选的,所述根据身份验证比特在量子态信息中的位置,选择相应的制备基或者测量基,具体是指:Optionally, selecting a corresponding preparation basis or measurement basis according to the position of the identity verification bit in the quantum state information specifically refers to:
根据每个身份验证比特在量子态信息中的位置信息与4取模的不同结果,选择相应的水平偏振基、垂直偏振基、左旋偏振基、或者右旋偏振基。According to the position information of each authentication bit in the quantum state information and the different results of modulo 4, the corresponding horizontal polarization basis, vertical polarization basis, left-hand polarization basis, or right-hand polarization basis is selected.
可选的,所述接收方根据所述不同波长和基矢选择规则,对接收的量子态进行测量,包括:Optionally, the receiver measures the received quantum state according to the different wavelengths and basis vector selection rules, including:
根据所述不同波长,区分身份认证量子态信息和密钥量子态信息;Distinguishing identity authentication quantum state information from key quantum state information according to the different wavelengths;
按照所述预先设定的基矢选择规则选择身份认证量子态信息的测量基;Selecting a measurement basis for identity authentication quantum state information according to the preset basis vector selection rule;
使用所选测量基测量所述身份认证量子态信息,并剔除其中未探测到光子的部分,获取所述测量得到的身份认证信息。The identity authentication quantum state information is measured using the selected measurement basis, and the portion in which no photons are detected is eliminated to obtain the identity authentication information obtained by the measurement.
可选的,所述接收方测量得到的身份认证信息与所述基矢选择规则相符是指,所述接收方测量得到的身份认证信息与遵循所述基矢选择规则的预期信息的差异,小于预先设定的阈值。Optionally, the identity authentication information measured by the receiver is consistent with the basis vector selection rule, which means that the difference between the identity authentication information measured by the receiver and the expected information following the basis vector selection rule is less than a preset threshold.
可选的,所述接收方从所述身份认证信息中选取接收方认证密钥,包括:Optionally, the recipient selects a recipient authentication key from the identity authentication information, including:
所述接收方将所述身份认证信息作为所述接收方认证密钥;或者,The receiver uses the identity authentication information as the receiver authentication key; or,
所述接收方从所述身份认证信息中随机选择处于不同位置的比特,并将所选比特组成的比特串作为所述接收方认证密钥。The receiver randomly selects bits at different positions from the identity authentication information, and uses a bit string composed of the selected bits as the receiver authentication key.
可选的,所述接收方采用所述接收方认证密钥加密的信息不仅包括所述预置共享密钥,还包括本地生成的辅助认证信息;Optionally, the information encrypted by the receiver using the receiver authentication key includes not only the preset shared key but also locally generated auxiliary authentication information;
相应的,发送方采用发送方认证密钥对接收的密文进行解密是指,所述发送方采用所述发送方认证密钥解密接收到的密文,获取解密后的预置共享密钥和解密后的辅助认证信息;Correspondingly, the sender decrypting the received ciphertext using the sender authentication key means that the sender decrypts the received ciphertext using the sender authentication key to obtain the decrypted preset shared key and the decrypted auxiliary authentication information;
相应的,所述发送方判断解密后的信息是否与本地的预置共享密钥一致是指,所述发送方判断解密后的预置共享密钥是否与本地的预置共享密钥一致。Correspondingly, the sender judging whether the decrypted information is consistent with the local preset shared key means that the sender judges whether the decrypted preset shared key is consistent with the local preset shared key.
可选的,当所述发送方判断解密后的预置共享密钥是否与本地的预置共享密钥一致的结果为是时,还执行下述操作:Optionally, when the sender determines whether the decrypted preset shared key is consistent with the local preset shared key, and the result is yes, the following operation is further performed:
所述发送方采用预设策略加密所述通过解密操作获取的辅助认证信息的变体;The sender encrypts the variant of the auxiliary authentication information obtained through the decryption operation using a preset strategy;
并通过经典信道发送执行上述加密操作后的密文;And send the ciphertext after performing the above encryption operation through the classical channel;
相应的,所述接收方在接收所述正确测量基和所述密文后,执行下述操作:Accordingly, after receiving the correct measurement basis and the ciphertext, the receiver performs the following operations:
采用与所述预设策略对应的方式,解密接收到的密文;Decrypting the received ciphertext in a manner corresponding to the preset policy;
判断执行所述解密操作后得到的信息是否与所述本地生成的辅助认证信息的变体一致;determining whether information obtained after performing the decryption operation is consistent with the variant of the locally generated auxiliary authentication information;
若一致,则根据接收到的所述正确测量基执行所述筛选原始密钥的步骤,并公布部分密钥量子态的测量结果,否则结束本次量子密钥分发过程。If they are consistent, the step of screening the original key is performed according to the received correct measurement basis, and the measurement results of the partial key quantum state are announced; otherwise, the quantum key distribution process is terminated.
可选的,所述预设策略包括:Optionally, the preset strategy includes:
采用本地的预置共享密钥执行所述加密操作;或者,Using a local preset shared key to perform the encryption operation; or,
采用所述发送方认证密钥执行所述加密操作。The encryption operation is performed using the sender authentication key.
可选的,所述辅助认证信息的变体包括:Optionally, variants of the auxiliary authentication information include:
所述辅助认证信息本身;或者,The auxiliary authentication information itself; or
采用预设的数学变换方法处理所述辅助认证信息得到的结果。A result obtained by processing the auxiliary authentication information using a preset mathematical transformation method.
可选的,所述发送方根据所述接收方公布的部分密钥量子态的测量结果估算误码率后,采用所述发送方认证密钥加密所述误码率,并将加密后的信息发送给所述接收方;Optionally, after estimating a bit error rate based on a measurement result of a partial key quantum state published by the receiver, the sender encrypts the bit error rate using the sender authentication key, and sends the encrypted information to the receiver;
相应的,所述接收方采用所述接收方认证密钥解密接收到的密文,获取解密后的误码率。Correspondingly, the receiver uses the receiver authentication key to decrypt the received ciphertext and obtain the decrypted bit error rate.
此外,本申请还提供另一种用于量子密钥分发过程的身份认证方法,所述方法在参与量子密钥分发过程的发送方量子通信设备上实施,包括:In addition, the present application also provides another identity authentication method for a quantum key distribution process, which is implemented on a sender quantum communication device participating in the quantum key distribution process, comprising:
根据预先设定的基矢选择规则选择身份认证比特串的制备基、并采用预先设定的不同波长向参与量子密钥分发过程的对端设备发送身份认证比特串和随机生成的密钥比特串的量子态,所述身份认证比特串以随机的位置和长度穿插在所述密钥比特串中;Selecting a preparation basis for the identity authentication bit string according to a pre-set basis vector selection rule, and transmitting the quantum states of the identity authentication bit string and the randomly generated key bit string to a peer device participating in the quantum key distribution process using pre-set different wavelengths, wherein the identity authentication bit string is interspersed with the key bit string at random positions and lengths;
接收所述对端设备返回的认证密钥位置信息和待验证密文;Receiving the authentication key location information and the ciphertext to be verified returned by the peer device;
根据所述位置信息和已发送的量子态信息,选取认证密钥,并采用所述认证密钥对接收的待验证密文进行解密;Selecting an authentication key based on the position information and the transmitted quantum state information, and using the authentication key to decrypt the received ciphertext to be verified;
判断解密后的信息是否与本地的预置共享密钥一致;若否,则结束本次量子密钥分发过程。Determine whether the decrypted information is consistent with the local preset shared key; if not, end the quantum key distribution process.
可选的,所述对端设备返回的信息不仅包括:认证密钥位置信息和待验证密文,还包括:测量密钥量子态所采用的测量基;Optionally, the information returned by the peer device includes not only the authentication key location information and the ciphertext to be verified, but also the measurement basis used to measure the quantum state of the key;
相应的,当所述判断解密后的信息是否与本地的预置共享密钥一致的结果为是时,执行下述操作:Accordingly, when the result of determining whether the decrypted information is consistent with the local preset shared key is yes, the following operations are performed:
确定密钥量子态的正确测量基,并筛选原始密钥;Determine the correct measurement basis of the key quantum state and screen the original key;
通过经典信道公布所述密钥量子态的正确测量基;Publishing a correct measurement basis of the key quantum state through a classical channel;
通过误码率估算、纠错和隐私放大过程,获取最终的共享量子密钥。The final shared quantum key is obtained through bit error rate estimation, error correction and privacy amplification processes.
可选的,在所述发送身份认证比特串和随机生成的密钥密特串的量子态之前,执行下述操作:Optionally, before sending the quantum state of the identity authentication bit string and the randomly generated key secret string, the following operations are performed:
向所述对端设备发送量子密钥协商请求,所述请求中包含发送方的账户信息;Sending a quantum key agreement request to the peer device, where the request includes the sender's account information;
接收所述对端设备发送的账户信息;Receiving account information sent by the peer device;
根据接收到的所述账户信息验证所述对端设备的身份,若验证失败,结束本次量子密钥分发过程。The identity of the peer device is verified based on the received account information. If the verification fails, the quantum key distribution process is terminated.
可选的,所述预先设定的基矢选择规则包括:Optionally, the preset basis vector selection rule includes:
根据身份验证比特在量子态信息中的位置,选择相应的制备基。According to the position of the authentication bit in the quantum state information, the corresponding preparation basis is selected.
可选的,所述根据身份验证比特在量子态信息中的位置,选择相应的制备基,具体是指:Optionally, selecting a corresponding preparation base according to the position of the authentication bit in the quantum state information specifically refers to:
根据每个身份验证比特在量子态信息中的位置信息与4取模的不同结果,选择相应的水平偏振基、垂直偏振基、左旋偏振基、或者右旋偏振基。According to the position information of each authentication bit in the quantum state information and the different results of modulo 4, the corresponding horizontal polarization basis, vertical polarization basis, left-hand polarization basis, or right-hand polarization basis is selected.
相应的,本申请还提供一种用于量子密钥分发过程的身份认证装置,所述装置部署在参与量子密钥分发过程的发送方量子通信设备上,包括:Accordingly, the present application also provides an identity authentication device for a quantum key distribution process, which is deployed on a sender quantum communication device participating in the quantum key distribution process, and includes:
量子态发送单元,用于根据预先设定的基矢选择规则选择身份认证比特串的制备基、并采用预先设定的不同波长向参与量子密钥分发过程的对端设备发送身份认证比特串和随机生成的密钥比特串的量子态,所述身份认证比特串以随机的位置和长度穿插在所述密钥比特串中;a quantum state sending unit, configured to select a preparation basis for the identity authentication bit string according to a preset basis vector selection rule, and to send the quantum states of the identity authentication bit string and the randomly generated key bit string to a peer device participating in the quantum key distribution process using preset different wavelengths, wherein the identity authentication bit string is interspersed with the key bit string at random positions and lengths;
响应信息接收单元,用于接收所述对端设备返回的认证密钥位置信息和待验证密文;a response information receiving unit, configured to receive the authentication key location information and the ciphertext to be verified returned by the peer device;
信息解密单元,用于根据所述位置信息和已发送的量子态信息,选取认证密钥,并采用所述认证密钥对接收的待验证密文进行解密;An information decryption unit, configured to select an authentication key based on the position information and the transmitted quantum state information, and decrypt the received ciphertext to be verified using the authentication key;
发送方认证判断单元,用于判断解密后的信息是否与本地的预置共享密钥一致;若否,则结束本次量子密钥分发过程。The sender authentication judgment unit is used to determine whether the decrypted information is consistent with the local preset shared key; if not, the quantum key distribution process is terminated.
可选的,所述响应信息接收单元接收到的信息不仅包括:认证密钥位置信息和待验证密文,还包括:测量密钥量子态所采用的测量基;Optionally, the information received by the response information receiving unit includes not only the authentication key location information and the ciphertext to be verified, but also the measurement basis used to measure the quantum state of the key;
相应的,所述装置还包括:Accordingly, the device further includes:
原始密钥筛选单元,用于当所述认证判断单元的输出结果为是时,确定密钥量子态的正确测量基,并筛选原始密钥;an original key screening unit, configured to determine a correct measurement basis of the key quantum state and screen the original key when the output result of the authentication judgment unit is yes;
正确测量基公布单元,用于通过经典信道公布所述密钥量子态的正确测量基;a correct measurement basis publishing unit, configured to publish the correct measurement basis of the key quantum state via a classical channel;
发送方量子密钥获取单元,用于通过误码率估算、纠错和隐私放大过程,获取最终的共享量子密钥。The sender's quantum key acquisition unit is used to obtain the final shared quantum key through bit error rate estimation, error correction and privacy amplification processes.
可选的,所述装置还包括:Optionally, the device further includes:
协商请求发送单元,用于向所述对端设备发送量子密钥协商请求,所述请求中包含发送方的账户信息;a negotiation request sending unit, configured to send a quantum key negotiation request to the peer device, wherein the request includes the sender's account information;
账户信息接收单元,用于接收所述对端设备发送的账户信息;An account information receiving unit, configured to receive the account information sent by the peer device;
第一身份认证单元,用于根据所述账户信息验证所述对端设备的身份,若验证失败,结束本次量子密钥分发过程。The first identity authentication unit is used to verify the identity of the peer device based on the account information. If the verification fails, the quantum key distribution process is terminated.
可选的,所述量子态发送单元采用的预先设定的基矢选择规则包括:根据身份验证比特在量子态信息中的位置,选择相应的制备基。Optionally, the preset basis vector selection rule adopted by the quantum state sending unit includes: selecting a corresponding preparation basis according to the position of the identity authentication bit in the quantum state information.
可选的,所述量子态发送单元采用的预先设定的基矢选择规则是指,根据每个身份验证比特在量子态信息中的位置信息与4取模的不同结果,选择相应的水平偏振基、垂直偏振基、左旋偏振基、或者右旋偏振基。Optionally, the pre-set basis vector selection rule adopted by the quantum state sending unit is to select the corresponding horizontal polarization basis, vertical polarization basis, left-handed polarization basis, or right-handed polarization basis according to the position information of each authentication bit in the quantum state information and the different results of modulo 4.
此外,本申请还提供第三种用于量子密钥分发过程的身份认证方法,所述方法在参与量子密钥分发过程的接收方量子通信设备上实施,包括:In addition, the present application also provides a third identity authentication method for a quantum key distribution process, which is implemented on a receiving quantum communication device participating in the quantum key distribution process, comprising:
接收参与量子密钥分发过程的对端设备发送的量子态;Receive the quantum state sent by the peer device participating in the quantum key distribution process;
按照预先设定的不同波长和基矢选择规则,对接收的量子态进行测量,并根据测量出的结果获取身份认证信息;According to the pre-set different wavelength and basis vector selection rules, the received quantum state is measured, and the identity authentication information is obtained based on the measurement results;
判断所述身份认证信息与所述基矢选择规则是否相符;Determining whether the identity authentication information is consistent with the basis vector selection rule;
若是,从所述身份认证信息中选取认证密钥、并向所述对端设备发送所述认证密钥的位置信息以及采用所述认证密钥加密的预置共享密钥;If so, selecting an authentication key from the identity authentication information, and sending the location information of the authentication key and a preset shared key encrypted with the authentication key to the peer device;
若否,结束本次量子密钥分发过程。If not, end the quantum key distribution process.
可选的,当所述判断所述身份认证信息与所述基矢选择规则是否相符的结果为是时,还执行下述操作:Optionally, when the result of determining whether the identity authentication information is consistent with the basis vector selection rule is yes, further performing the following operations:
通过经典信道公开测量密钥量子态所采用的测量基;The measurement basis used to publicly measure the key quantum state through a classical channel;
相应的,所述方法还包括:Accordingly, the method further includes:
接收所述对端设备通过经典信道发送的所述密钥量子态的正确测量基;Receiving a correct measurement basis of the key quantum state sent by the opposite device through a classical channel;
筛选原始密钥,并通过获取误码率、纠错和隐私放大过程,获取最终的共享量子密钥。The original key is screened and the final shared quantum key is obtained through the bit error rate, error correction and privacy amplification processes.
可选的,在所述接收参与量子密钥分发过程的对端设备发送的量子态之前,执行下述操作:Optionally, before receiving the quantum state sent by the opposite-end device participating in the quantum key distribution process, the following operations are performed:
接收所述对端设备发送的密钥协商请求;receiving a key negotiation request sent by the peer device;
根据所述请求中包含的账户信息验证所述对端设备的身份,若验证失败,结束本次量子密钥分发过程,否则向所述对端设备发送接收方的账户信息。The identity of the peer device is verified according to the account information included in the request. If the verification fails, the quantum key distribution process is terminated. Otherwise, the recipient's account information is sent to the peer device.
可选的,所述预先设定的基矢选择规则包括:Optionally, the preset basis vector selection rule includes:
根据身份认证比特在量子态信息中的位置,选择相应的测量基。According to the position of the identity authentication bit in the quantum state information, the corresponding measurement basis is selected.
可选的,所述根据身份验证比特在量子态信息中的位置,选择相应的测量基,具体是指:Optionally, selecting a corresponding measurement basis according to the position of the authentication bit in the quantum state information specifically refers to:
根据每个身份验证比特在量子态信息中的位置信息与4取模的不同结果,选择相应的水平偏振基、垂直偏振基、左旋偏振基、或者右旋偏振基。According to the position information of each authentication bit in the quantum state information and the different results of modulo 4, the corresponding horizontal polarization basis, vertical polarization basis, left-hand polarization basis, or right-hand polarization basis is selected.
可选的,所述按照预先设定的不同波长和基矢选择规则,对接收的量子态进行测量,并根据测量出的结果获取身份认证信息,包括:Optionally, measuring the received quantum state according to pre-set different wavelength and basis vector selection rules, and obtaining identity authentication information based on the measurement results, includes:
根据所述预先设定的不同波长,区分身份认证量子态信息和密钥量子态信息;Distinguishing identity authentication quantum state information from key quantum state information according to the preset different wavelengths;
按照所述预先设定的基矢选择规则选择身份认证量子态信息的测量基;Selecting a measurement basis for identity authentication quantum state information according to the preset basis vector selection rule;
使用所选测量基测量所述身份认证量子态信息,并剔除其中未探测到光子的部分,获取所述身份认证信息。The identity authentication quantum state information is measured using the selected measurement basis, and the portion in which no photons are detected is eliminated to obtain the identity authentication information.
可选的,所述从所述身份认证信息中选取认证密钥,包括:Optionally, selecting an authentication key from the identity authentication information includes:
选取所述身份认证信息作为所述认证密钥;或者,Selecting the identity authentication information as the authentication key; or,
从所述身份认证信息中随机选择处于不同位置的比特,并将所选比特组成的比特串作为所述认证密钥。Bits at different positions are randomly selected from the identity authentication information, and a bit string composed of the selected bits is used as the authentication key.
相应的,本申请还提供一种用于量子密钥分发过程的身份认证装置,所述装置部署在参与量子密钥分发过程的接收方量子通信设备上,包括:Accordingly, the present application also provides an identity authentication device for a quantum key distribution process, which is deployed on a receiving quantum communication device participating in the quantum key distribution process, and includes:
量子态接收单元,用于接收参与量子密钥分发过程的对端设备发送的量子态;A quantum state receiving unit, configured to receive the quantum state sent by a peer device participating in the quantum key distribution process;
量子态测量单元,用于按照预先设定的不同波长和基矢选择规则,对接收的量子态进行测量,并根据测量出的结果获取身份认证信息;The quantum state measurement unit is used to measure the received quantum state according to the pre-set different wavelength and basis vector selection rules, and obtain identity authentication information based on the measurement results;
接收方认证判断单元,用于判断所述身份认证信息与所述基矢选择规则是否相符,若否,则结束本次量子密钥分发过程;The receiving party authentication judgment unit is used to judge whether the identity authentication information is consistent with the basis vector selection rule, and if not, end the quantum key distribution process;
信息发送单元,用于当所述接收方认证判断单元的输出为是时,从所述身份认证信息中选取认证密钥、并向所述对端设备发送所述认证密钥的位置信息以及采用所述认证密钥加密的预置共享密钥。The information sending unit is used to select an authentication key from the identity authentication information when the output of the receiver authentication judgment unit is yes, and send the location information of the authentication key and the preset shared key encrypted with the authentication key to the opposite device.
可选的,所述装置还包括:Optionally, the device further includes:
测量基公布单元,用于当所述接收方认证判断单元的输出为是时,通过经典信道公开测量密钥量子态所采用的测量基;a measurement basis publishing unit, configured to publicly disclose the measurement basis used for measuring the quantum state of the key through a classical channel when the output of the receiver authentication judgment unit is yes;
相应的,所述装置还包括:Accordingly, the device further includes:
正确测量基接收单元,用于接收所述对端设备通过经典信道发送的所述密钥量子态的正确测量基;a correct measurement basis receiving unit, configured to receive the correct measurement basis of the key quantum state sent by the opposite device via a classical channel;
接收方量子密钥获取单元,用于筛选原始密钥,并通过误码率估算、纠错和隐私放大过程,获取最终的共享量子密钥。The receiving party's quantum key acquisition unit is used to screen the original key and obtain the final shared quantum key through bit error rate estimation, error correction and privacy amplification processes.
可选的,所述装置还包括:Optionally, the device further includes:
协商请求接收单元,用于接收所述对端设备发送的密钥协商请求;A negotiation request receiving unit, configured to receive a key negotiation request sent by the peer device;
第二身份认证单元,用于根据所述请求中包含的账户信息验证所述对端设备的身份,若验证失败,结束本次量子密钥分发过程,否则向所述对端设备发送接收方的账户信息。The second identity authentication unit is used to verify the identity of the peer device according to the account information included in the request. If the verification fails, the quantum key distribution process is terminated; otherwise, the account information of the recipient is sent to the peer device.
可选的,所述量子态测量单元采用的预先设定的基矢选择规则包括:根据身份认证比特在量子态信息中的位置,选择相应的制备基。Optionally, the pre-set basis vector selection rule adopted by the quantum state measurement unit includes: selecting a corresponding preparation basis according to the position of the identity authentication bit in the quantum state information.
可选的,所述量子态测量单元采用的预先设定的基矢选择规则是指,根据每个身份认证比特在量子态信息中的位置信息与4取模的不同结果,选择相应的水平偏振基、垂直偏振基、左旋偏振基、或者右旋偏振基。Optionally, the pre-set basis vector selection rule adopted by the quantum state measurement unit is to select the corresponding horizontal polarization basis, vertical polarization basis, left-handed polarization basis, or right-handed polarization basis according to the position information of each identity authentication bit in the quantum state information and the different results of modulo 4.
可选的,所述量子态测量单元包括:Optionally, the quantum state measurement unit includes:
信息区分子单元,用于根据所述预先设定的不同波长,区分身份认证量子态信息和密钥量子态信息;An information differentiation subunit, configured to differentiate between identity authentication quantum state information and key quantum state information according to the preset different wavelengths;
身份认证测量基选择子单元,用于按照所述预先设定的基矢选择规则选择身份认证量子态信息的测量基;An identity authentication measurement basis selection subunit, configured to select a measurement basis for identity authentication quantum state information according to the preset basis vector selection rule;
身份认证信息获取子单元,用于使用所选测量基测量所述身份认证量子态信息,并剔除其中未探测到光子的部分,获取所述身份认证信息。The identity authentication information acquisition subunit is used to measure the identity authentication quantum state information using the selected measurement basis and eliminate the part in which no photons are detected to obtain the identity authentication information.
可选的,所述信息发送单元包括:Optionally, the information sending unit includes:
认证密钥选取子单元,用于从所述身份认证信息中选取认证密钥;an authentication key selection subunit, configured to select an authentication key from the identity authentication information;
信息发送子单元,用于向所述对端设备发送所述认证密钥的位置信息以及采用所述认证密钥加密的预置共享密钥;An information sending subunit, configured to send the location information of the authentication key and a preset shared key encrypted with the authentication key to the peer device;
其中,所述认证密钥选取子单元具体用于,The authentication key selection subunit is specifically used to:
选取所述身份认证信息作为所述认证密钥;或者,Selecting the identity authentication information as the authentication key; or,
从所述身份认证信息中随机选择处于不同位置的比特,并将所选比特组成的比特串作为所述认证密钥。Bits at different positions are randomly selected from the identity authentication information, and a bit string composed of the selected bits is used as the authentication key.
此外,本申请还提供一种用于量子密钥分发过程的身份认证系统,包括:如上述任一项所述的部署于发送方量子通信设备的身份认证装置、以及如上述任一项所述的部署于接收方量子通信设备的身份认证装置;In addition, the present application also provides an identity authentication system for a quantum key distribution process, comprising: an identity authentication device as described in any one of the above items deployed on a quantum communication device of a sender, and an identity authentication device as described in any one of the above items deployed on a quantum communication device of a receiver;
所述部署于收发双方量子通信设备的身份认证装置,预置了相同的基矢选择规则、相同的共享密钥,并采用相同的、用于区分身份认证信息和密钥信息的波长设置。The identity authentication device deployed in the quantum communication equipment of the transmitter and receiver is preset with the same basis vector selection rule and the same shared key, and adopts the same wavelength setting for distinguishing identity authentication information from key information.
与现有技术相比,本申请具有以下优点:Compared with the prior art, this application has the following advantages:
本申请提供的一种用于量子密钥分发过程的身份认证方法,采用在密钥量子态中随机穿插身份认证信息量子态、以及利用特定波长来区分量子密钥信息和身份认证信息的方式,当参与量子密钥分发过程的量子通信设备检测到身份认证信息与双方预先设定的基矢选择规则不相符、或者检测到双方的预置共享密钥不一致时,则判定对端设备未通过身份认证并结束本次的量子密钥分发过程。上述技术方案,实现了量子态零知识证明的身份验证方法,可以在量子密钥分发过程中实时地进行身份验证,从而有效防御中间人攻击和DDOS攻击,保障了量子密钥分发过程的安全性,而且不会造成身份识别率及量子密钥分发量的降低。This application provides an identity authentication method for the quantum key distribution process. It uses a method that randomly intersperses the quantum state of identity authentication information with the quantum state of the key, and uses a specific wavelength to distinguish quantum key information from identity authentication information. When the quantum communication device participating in the quantum key distribution process detects that the identity authentication information does not conform to the basis vector selection rules pre-set by both parties, or detects that the preset shared keys of both parties are inconsistent, it determines that the peer device has failed identity authentication and ends the quantum key distribution process. The above technical solution implements an identity authentication method based on zero-knowledge proof of quantum state. It can perform identity authentication in real time during the quantum key distribution process, thereby effectively defending against man-in-the-middle attacks and DDOS attacks, ensuring the security of the quantum key distribution process, and will not cause a decrease in identity recognition rate and quantum key distribution volume.
附图说明BRIEF DESCRIPTION OF THE DRAWINGS
图1是本申请的一种用于量子密钥分发过程的身份认证方法的实施例的流程图;FIG1 is a flow chart of an embodiment of an identity authentication method for a quantum key distribution process of the present application;
图2是本实施例提供的接收方根据测量结果验证发送方身份的处理流程图;2 is a flowchart of a process in which a receiver verifies the identity of a sender based on measurement results provided by this embodiment;
图3是本申请的另一种用于量子密钥分发过程的身份认证方法的实施例的流程图;FIG3 is a flow chart of another embodiment of an identity authentication method for a quantum key distribution process of the present application;
图4是本申请的一种用于量子密钥分发过程的身份认证装置的实施例示意图;FIG4 is a schematic diagram of an embodiment of an identity authentication device for a quantum key distribution process of the present application;
图5是本申请的第三种用于量子密钥分发过程的身份认证方法的实施例的流程图;FIG5 is a flowchart of an embodiment of a third identity authentication method for a quantum key distribution process of the present application;
图6是本申请的一种用于量子密钥分发过程的身份认证装置的实施例示意图;FIG6 is a schematic diagram of an embodiment of an identity authentication device for a quantum key distribution process of the present application;
图7是本申请的一种用于量子密钥分发过程的身份认证系统的实施例示意图;FIG7 is a schematic diagram of an embodiment of an identity authentication system for a quantum key distribution process of the present application;
图8是本实施例提供的身份认证系统的交互处理流程示意图。FIG8 is a schematic diagram of the interactive processing flow of the identity authentication system provided in this embodiment.
具体实施方式DETAILED DESCRIPTION
在下面的描述中阐述了很多具体细节以便于充分理解本申请。但是本申请能够以很多不同于在此描述的其它方式来实施,本领域技术人员可以在不违背本申请内涵的情况下做类似推广,因此本申请不受下面公开的具体实施的限制。The following description sets forth many specific details to facilitate a thorough understanding of the present application. However, the present application can be implemented in many other ways than those described herein, and those skilled in the art can make similar generalizations without violating the scope of the present application. Therefore, the present application is not limited to the specific implementations disclosed below.
在本申请中,分别提供了一种用于量子密钥分发过程的身份认证方法、另外两种用于量子密钥分发过程的身份认证方法以及相应的装置、以及一种用于量子密钥分发过程的身份认证系统,在下面的实施例中逐一进行详细说明。In this application, an identity authentication method for a quantum key distribution process, two other identity authentication methods for a quantum key distribution process and corresponding devices, and an identity authentication system for a quantum key distribution process are provided, which are described in detail one by one in the following embodiments.
请参考图1,其为本申请的一种用于量子密钥分发过程的身份认证方法的实施例的流程图,所述方法在参与量子密钥分发过程的收发双方量子通信设备中实施。在详细描述本实施例的具体步骤之前,先对本技术方案涉及的收发双方量子通信设备作简要说明。Please refer to Figure 1, which is a flowchart of an embodiment of an identity authentication method for a quantum key distribution process of the present application. This method is implemented in quantum communication devices on both the sender and receiver sides of the quantum key distribution process. Before describing the specific steps of this embodiment in detail, a brief description of the quantum communication devices involved in this technical solution will be provided.
本技术方案在量子密钥分发过程中动态地对参与分发过程的双方量子通信设备的身份进行验证。其中,选取制备基向对端设备发送量子态信息的设备,即通常所述的Alice一方,在本技术方案中称为发送方量子通信设备,简称发送方;选取测量基对接收到的量子态信息进行测量的设备,即通常所述的Bob一方,在本技术方案中称为接收方量子通信设备,简称接收方。下面对本实施例作详细说明。This technical solution dynamically verifies the identities of both participating quantum communication devices during quantum key distribution. The device that selects a preparation base to send quantum state information to the other device, typically Alice, is referred to as the sending quantum communication device in this technical solution, or simply the sender. The device that selects a measurement base to measure the received quantum state information, typically Bob, is referred to as the receiving quantum communication device in this technical solution, or simply the receiver. This embodiment is described in detail below.
所述用于量子密钥分发过程的身份认证方法包括如下步骤:The identity authentication method for the quantum key distribution process comprises the following steps:
步骤101:发送方根据预先设定的基矢选择规则选择身份认证比特串的制备基、并采用不同波长发送身份认证比特串和随机生成的密钥比特串的量子态,所述身份认证比特串以随机的位置和长度穿插在所述密钥比特串中。Step 101: The sender selects a preparation basis for the identity authentication bit string according to a pre-set basis selection rule, and uses different wavelengths to send the quantum states of the identity authentication bit string and the randomly generated key bit string, where the identity authentication bit string is interspersed in the key bit string with random positions and lengths.
本实施例提供的技术方案,可以在量子密钥分发过程(也称为量子密钥协商过程)中动态地进行身份认证。同时为了避免在不合法的量子通信设备之间执行量子密钥分发过程,本实施例提供了一种优选实施方式:在发送方启动量子密钥分发过程之前,收发双发的量子通信设备先通过经典信道对对方设备的身份进行验证,只有双方设备都通过验证,才能够继续后续的量子密钥分发过程。The technical solution provided in this embodiment enables dynamic identity authentication during the quantum key distribution process (also known as quantum key agreement). To prevent the quantum key distribution process from being executed between illegitimate quantum communication devices, this embodiment provides a preferred implementation: before the sender initiates the quantum key distribution process, both the sending and receiving quantum communication devices verify the identity of the other device via a classical channel. Only when both devices pass verification can the subsequent quantum key distribution process proceed.
具体说,量子密钥协商过程的发起方,即本申请所述的发送方,可以首先发起量子密钥协商请求,所述请求中包含所述发送方的账户信息,所述账户信息可以包含发送方的身份信息和签名证书。参与量子密钥协商过程的对端设备,即本申请所述的接收方收到上述账户信息后,用其中的身份信息对所述证书进行验证,若通过验证,则向发送方返回响应信息,其中包含接收方的账户信息,若未通过验证,则结束本次量子密钥分发过程。Specifically, the initiator of the quantum key agreement process, referred to herein as the sender, may first initiate a quantum key agreement request. The request includes the sender's account information, which may include the sender's identity information and signature certificate. Upon receiving the account information, the peer device participating in the quantum key agreement process, referred to herein as the receiver, verifies the certificate using the identity information contained therein. If verification is successful, a response message containing the receiver's account information is returned to the sender. If verification fails, the quantum key distribution process ends.
同样的道理,所述发送方接受来自所述接收方的账户信息后,可以采用上述同样的方式对接收方身份进行验证,若通过验证,则可以执行后续的量子密钥分发过程,否则,结束本次量子密钥分发过程。By the same token, after the sender receives the account information from the receiver, it can verify the receiver's identity in the same way as above. If the verification is successful, the subsequent quantum key distribution process can be executed; otherwise, the quantum key distribution process is terminated.
若发送方和接收方都通过了上述身份验证过程,则继续后续的量子密钥分发过程。本技术方案为了在量子密钥分发过程中动态地进行身份验证,收发双方预置了相同的共享密钥,发送方在密钥比特串的任意位置穿插长度随机的身份认证比特串,并且采用预先设定的不同波长区分上述两种信息的量子态(简称密钥量子态和身份认证量子态),其中,身份认证量子态对应的制备基遵循收发双发预置的基矢选择规则。If both the sender and receiver pass the aforementioned identity verification process, the subsequent quantum key distribution process continues. To dynamically authenticate during quantum key distribution, this technical solution pre-sets the same shared key between the sender and receiver. The sender inserts a random-length identity authentication bit string at any position within the key bit string, and uses pre-set wavelengths to distinguish the quantum states of the two types of information (referred to as the key quantum state and the identity authentication quantum state). The preparation basis for the identity authentication quantum state follows the basis vector selection rules pre-set by both the sender and receiver.
例如,发送方要在时间点t1、t2...tn发送长度为n的二进制比特串的量子态,该二进制比特串包含两部分,一部分是随机生成的经典二进制比特串,作为密钥比特串,另外一部分是与预先设定的基矢选择规则对应的身份认证比特串。发送方可以按照一定的策略选择小于n的随机数m,作为身份认证比特串的长度,然后再从1到n-m的自然数中随机选择自然数i,作为位于身份认证比特串之前的密钥比特串的长度,即,从位置i+1开始插入身份认证比特串,从而得到如下所示的二进制比特串,在该比特串中,xi+1…xi+m为身份认证比特串,其余的为密钥比特串信息:For example, the sender wants to send the quantum state of a binary bit string of length n at time points t 1 , t 2 , ... t n . This binary bit string consists of two parts: a randomly generated classical binary bit string, which serves as the key bit string, and an identity authentication bit string corresponding to a pre-set basis vector selection rule. The sender can select a random number m less than n according to a certain strategy as the length of the identity authentication bit string. Then, the sender randomly selects a natural number i from 1 to nm as the length of the key bit string that precedes the identity authentication bit string. That is, the identity authentication bit string is inserted starting from position i+1, resulting in the following binary bit string. In this bit string, x i+1 ...x i+m are the identity authentication bit strings, and the rest are the key bit string information:
x1,x2…xi,xi+1…xi+m,xi+m+1…xn(xi∈{0,1},=1,…,n-)x 1 ,x 2 …x i ,x i+1 …x i+m ,x i+m+1 …x n (x i ∈{0,1},=1,…,n-)
发送方在时间点t1、t2...tn发送上述二进制比特串的编码量子态给接收方,j1,j2,…ji,ji+1…ji+m,ji+m+1,…jn是发送方采用的制备基序列,其中,j1,j2,…ji和ji+m+1,…jn是密钥比特串所对应的随机量子态制备基,ji+1…ji+m是按照预先设定的基矢选择规则选取的身份认证比特串的量子态制备基。The sender sends the encoded quantum state of the above binary bit string to the receiver at time points t 1 , t 2 ...t n , where j 1 , j 2 , ... j i , j i+1 ... j i+m , j i+m+1 , ... j n is the preparation basis sequence used by the sender, where j 1 , j 2 , ... j i and j i+m+1 , ... j n are the random quantum state preparation bases corresponding to the key bit string, and j i+1 ... j i+m is the quantum state preparation basis of the identity authentication bit string selected according to a preset basis vector selection rule.
相应的,在后续步骤102中,接收方采用测量基序列k1,k2…ki,ki+1…ki+m,ki+m+1…kn对接收的量子态进行测量,其中,k1,k2,…ki和ki+m+1,…kn为密钥量子态对应的随机量子态测量基,ki+1…ki+m为身份认证量子态对应的测量基,该测量基也是按照预先设定的基矢选择规则选取的。Correspondingly, in the subsequent step 102, the receiver uses the measurement basis sequence k1 , k2 … ki ,ki +1 …ki +m ,ki +m+1 … kn to measure the received quantum state, where k1 , k2 ,… ki and ki +m+1 ,… kn are the random quantum state measurement bases corresponding to the key quantum state, and ki +1 …ki +m is the measurement basis corresponding to the identity authentication quantum state, and the measurement basis is also selected according to a preset basis vector selection rule.
在具体实施中,可以采用不同的策略设定收发双方设备遵循的基矢选择规则,例如,可以根据身份验证比特在量子态信息中的位置,选择相应的制备基或者测量基,在本实施例的一个具体例子中,设定了如下规则:根据每个身份验证比特在量子态信息中的位置信息与4取模的不同结果,选择相应的水平偏振基、垂直偏振基、左旋偏振基、或者右旋偏振基。In a specific implementation, different strategies can be used to set the basis selection rules followed by the sending and receiving devices. For example, the corresponding preparation basis or measurement basis can be selected according to the position of the authentication bit in the quantum state information. In a specific example of this embodiment, the following rules are set: according to the position information of each authentication bit in the quantum state information and the different results of modulo 4, the corresponding horizontal polarization basis, vertical polarization basis, left-handed polarization basis, or right-handed polarization basis is selected.
仍沿用上述对二进制比特串的描述方式,令i+m=l,那么在所述具体例子中,身份认证量子态所对应的制备基和测量基满足如下条件:Still using the above description of the binary bit string, let i + m = l. Then in the specific example, the preparation basis and measurement basis corresponding to the identity authentication quantum state meet the following conditions:
上面给出了预先设定的基矢选择规则的一个具体例子,在具体实施本技术方案时,可以为收发双方预置不同于上述规则的其他基矢选择规则,例如可以采用不同算法,只要收发双方采用同样的规则选择身份认证量子态的制备基和测量基,就都可以实现本申请的技术方案,都在本申请的保护范围之内。A specific example of a pre-set basis vector selection rule is given above. When implementing this technical solution, other basis vector selection rules different from the above rules can be preset for the sender and receiver. For example, different algorithms can be used. As long as the sender and receiver use the same rules to select the preparation basis and measurement basis of the identity authentication quantum state, the technical solution of this application can be implemented and is within the scope of protection of this application.
在本步骤中,发送方根据预先设定的基矢选择规则选择身份认证比特串的量子态制备基,然后采用预先设定的不同波长承载身份认证比特串的量子态、以及随机生成的密钥比特串的量子态,并将上述量子态发送给参与量子密钥分发过程的对端设备。由于身份认证比特串以随机的位置和长度穿插在所述密钥比特串中,从而可以有效避免身份认证信息被窃听,避免量子密钥分发过程中的中间人攻击和DDoS攻击。In this step, the sender selects the quantum state of the authentication bit string according to a pre-set basis selection rule to prepare a basis. It then uses pre-set wavelengths to carry the quantum state of the authentication bit string and the randomly generated quantum state of the key bit string. These quantum states are then transmitted to the peer device participating in the quantum key distribution process. Because the authentication bit string is interspersed with the key bit string at random positions and lengths, this effectively prevents eavesdropping on the authentication information and mitigates man-in-the-middle and DDoS attacks during the quantum key distribution process.
步骤102:接收方根据所述不同波长和基矢选择规则,对接收的量子态进行测量,当测量得到的身份认证信息与所述基矢选择规则相符时,从所述身份认证信息中选取接收方认证密钥、并发送所述密钥的位置信息以及采用所述密钥加密的预置共享密钥,否则结束本次量子密钥分发过程。Step 102: The receiver measures the received quantum state according to the different wavelengths and basis vector selection rules. When the identity authentication information obtained by the measurement is consistent with the basis vector selection rule, the receiver selects the receiver authentication key from the identity authentication information, and sends the location information of the key and the preset shared key encrypted with the key. Otherwise, the quantum key distribution process ends.
在发送方执行步骤101发送量子态信息后,收发双方可以通过交互过程根据身份验证量子态的测量结果以及双方预置的共享密钥的验证,完成收发双方的身份认证过程,然后再按照量子密钥分配协议继续后续的密钥协商过程。为了提高密钥分发的执行效率,减少交互次数,本实施例提供一种在密钥协商各阶段穿插进行身份认证的优选实施方式。After the sender executes step 101 and sends the quantum state information, the sender and receiver can complete the identity authentication process through an interactive process based on the measurement results of the identity verification quantum state and the verification of the shared key preset by both parties. The sender and receiver can then continue the subsequent key negotiation process according to the quantum key distribution protocol. To improve the execution efficiency of key distribution and reduce the number of interactions, this embodiment provides a preferred implementation method for interleaving identity authentication at each stage of key negotiation.
在本步骤中,接收方不仅完成常规的密钥量子态的测量,并且根据身份认证量子态信息的测量结果完成对发送方身份的验证。该处理过程包括子步骤102-1至102-7,下面结合图2作进一步说明。In this step, the receiver not only completes the conventional key quantum state measurement, but also verifies the sender's identity based on the measurement results of the identity authentication quantum state information. This process includes sub-steps 102-1 to 102-7, which are further explained below in conjunction with Figure 2.
步骤102-1:根据所述不同波长,区分身份认证量子态信息和密钥量子态信息。Step 102-1: Distinguish identity authentication quantum state information and key quantum state information according to the different wavelengths.
由于发送方采用不同的波长发送身份认证量子态和密钥量子态,因此接收方可以按照与发送方同样的波长设置,从接收到的量子态信息中区分上述两种信息。Since the sender uses different wavelengths to send the identity authentication quantum state and the key quantum state, the receiver can distinguish the above two types of information from the received quantum state information according to the same wavelength setting as the sender.
步骤102-2:随机选择密钥量子态信息的测量基,并按照预先设定的基矢选择规则选择身份认证量子态信息的测量基。Step 102-2: Randomly select a measurement basis for the key quantum state information, and select a measurement basis for the identity authentication quantum state information according to a pre-set basis vector selection rule.
对于密钥量子态部分,可以依然按照量子密钥分配协议(例如BB84协议)随机选择测量基,对于身份验证量子态部分,则按照预先设定的基矢选择规则选择相应的测量基,关于这部分内容,在步骤101中已经进行了相关说明,此处不再赘述。For the key quantum state part, the measurement basis can still be randomly selected according to the quantum key distribution protocol (such as the BB84 protocol). For the identity authentication quantum state part, the corresponding measurement basis is selected according to the pre-set basis vector selection rule. This part has been explained in step 101 and will not be repeated here.
步骤102-3:测量接收到的量子态信息,获取身份认证信息。Step 102-3: Measure the received quantum state information and obtain identity authentication information.
本步骤测量密钥量子态,获取关于密钥信息的原始测量结果。This step measures the key quantum state and obtains the original measurement results about the key information.
本步骤还使用在步骤102-2中按照预先设定的基矢选择规则选择的测量基,测量接收的身份认证量子态信息,考虑到量子信道可能存在衰减,因此将其中未探测到光子的部分剔除,获取测量得到的身份认证信息。This step also uses the measurement basis selected in step 102-2 according to the pre-set basis vector selection rule to measure the received identity authentication quantum state information. Considering that the quantum channel may be attenuated, the part where no photons are detected is eliminated to obtain the measured identity authentication information.
步骤102-4:判断测量得到的身份认证信息与预先设定的基矢选择规则是否相符,若相符执行步骤102-5,否则结束本次量子密钥分发过程。Step 102-4: Determine whether the measured identity authentication information is consistent with the pre-set basis vector selection rule. If it is consistent, execute step 102-5; otherwise, end the quantum key distribution process.
由于参与量子密钥分发过程的收发双方,针对身份认证信息预置了相同的基矢选择规则,发送方遵循该规则选取制备基发送身份认证信息的量子态,接收方也遵循该规则选择测量相应量子态的测量基,因此,在剔除因为衰减而未探测到的光子后,接收方测量得到的身份认证信息应该与对应的预期信息是一致的。Since the sender and receiver involved in the quantum key distribution process have preset the same basis vector selection rule for identity authentication information, the sender follows this rule to select the quantum state for preparing the basis to send the identity authentication information, and the receiver also follows this rule to select the measurement basis for measuring the corresponding quantum state. Therefore, after eliminating photons that are not detected due to attenuation, the identity authentication information measured by the receiver should be consistent with the corresponding expected information.
对于接收方来说,如果测量得到的身份认证信息与对应的预期信息一致,可以认为发送方针对身份认证信息采用的基矢选择规则与自己是相同的,而只有身份合法的发送方才可能获知该规则,因此可以判定发送方通过身份认证。For the receiver, if the measured identity authentication information is consistent with the corresponding expected information, it can be considered that the basis vector selection rule adopted by the sender for the identity authentication information is the same as its own. Only the sender with a legitimate identity can know this rule, so it can be determined that the sender has passed the identity authentication.
考虑到在量子信道传输过程中,可能因为噪声干扰等因素,导致个别量子态的测量结果与预期不符,如果在这种情况下,认为发送方未通过身份认证,并结束本次量子密钥分发过程,那么会造成量子密钥分发量的无谓减少。考虑上述情况,同时也兼顾防御中间人攻击和DDoS攻击的需求,可以采取设定阈值的方式,即:如果接收方测量得到的身份认证信息与遵循所述基矢选择规则的预期信息的差异小于预先设定的阈值,例如,测量结果与预期信息不相符的比特位的个数小于预先设定的上限值,则接收方可以认为发送方通过身份认证。Considering that during quantum channel transmission, the measurement results of individual quantum states may not match expectations due to factors such as noise interference, if in this case, the sender is deemed to have failed identity authentication and the quantum key distribution process is terminated, this will result in a pointless reduction in the amount of quantum key distribution. Taking the above situation into consideration, while also taking into account the need to defend against man-in-the-middle attacks and DDoS attacks, a threshold setting method can be adopted. That is, if the difference between the identity authentication information measured by the receiver and the expected information following the basis vector selection rule is less than a pre-set threshold, for example, the number of bits where the measurement result does not match the expected information is less than a pre-set upper limit, then the receiver can assume that the sender has passed identity authentication.
步骤102-5:从身份认证信息中选取接收方认证密钥。Step 102-5: Select a recipient authentication key from the identity authentication information.
在上面的步骤102-4中,接收方已经验证了发送方的身份,接下来接收方需要向发送方证明自己身份的合法性,本技术方案采用了由发送方比对预置共享密钥的方式实现上述验证功能。接收方可以采用从量子态中获取的身份认证信息加密本地预置的共享密钥,并提供给发送方进行验证,也就是说直接采用身份认证信息作为所述接收方认证密钥IDkey。In step 102-4 above, the receiver has verified the sender's identity. Next, the receiver needs to prove the legitimacy of its identity to the sender. This technical solution implements this verification function by having the sender compare the pre-set shared key. The receiver can use the identity authentication information obtained from the quantum state to encrypt the locally pre-set shared key and provide it to the sender for verification. In other words, the identity authentication information is directly used as the receiver authentication key IDkey.
为了避免恶意中间人或者攻击者也仿照上述方式采用窃取的身份认证信息对窃取的共享密钥进行加密传输,因此接收方可以不直接使用所述身份认证信息作为IDkey,而是从所述身份认证信息中随机选择处于不同位置的比特,并将所选比特组成的比特串作为所述接收方认证密钥IDkey。In order to prevent a malicious middleman or attacker from using stolen identity authentication information to encrypt and transmit the stolen shared key in the same way as above, the recipient may not directly use the identity authentication information as IDkey, but may randomly select bits at different positions from the identity authentication information and use the bit string composed of the selected bits as the recipient authentication key IDkey.
步骤102-6:采用接收方认证密钥加密本地预置的共享密钥。Step 102-6: Use the receiver authentication key to encrypt the locally preset shared key.
接收方采用在步骤102-5中选取的IDkey,加密本地预置的共享密钥。The receiver uses the IDkey selected in step 102-5 to encrypt the locally preset shared key.
为了在后续的量子密钥分发的其他阶段,例如:公布正确测量基时,依然能够对信息发布者的身份进行验证,进一步保证密钥分发过程的安全性,本实施例还提供一种优选实施方式:接收方采用IDkey加密的信息不仅包括所述预置共享密钥,还包括本地生成的辅助认证信息m。In order to verify the identity of the information publisher in other subsequent stages of quantum key distribution, such as when publishing the correct measurement basis, and to further ensure the security of the key distribution process, this embodiment also provides a preferred implementation method: the information encrypted by the receiver using IDkey includes not only the preset shared key, but also the locally generated auxiliary authentication information m.
步骤102-7:通过经典信道发送所述接收方认证密钥的位置信息,以及加密后的密文,同时公开密钥量子态信息的测量基。Step 102-7: Send the location information of the receiver authentication key and the encrypted ciphertext through the classical channel, and at the same time disclose the measurement basis of the key quantum state information.
接收方通过经典信道发送在步骤102-5中选取IDkey所对应的位置信息,以及执行步骤102-6得到的密文。The receiver sends the location information corresponding to the IDkey selected in step 102-5 and the ciphertext obtained by executing step 102-6 through the classical channel.
同时按照量子密钥分配协议,还可以通过经典信道公开接收方测量密钥量子态所采用的测量基。At the same time, according to the quantum key distribution protocol, the measurement basis used by the receiver to measure the key quantum state can also be made public through the classical channel.
步骤103:发送方根据接收的所述位置信息选取相应的发送方认证密钥,并判断采用所述密钥对接收的密文进行解密后的信息是否与本地的预置共享密钥一致,若不一致则结束本次量子密钥分发过程。Step 103: The sender selects a corresponding sender authentication key based on the received location information, and determines whether the information obtained by decrypting the received ciphertext using the key is consistent with the local preset shared key. If not, the quantum key distribution process is terminated.
发送方通过经典信道接收到了接收方公开的测量基、选取IDkey的位置信息以及加密后的密文。The sender receives the receiver's public measurement basis, the location information of the selected IDkey, and the encrypted ciphertext through the classical channel.
发送方根据所述位置信息、以及自己在步骤101中发送的量子态信息,获得发送方认证密钥,即,发送方的IDkey。并采用所述IDkey解密接收到的密文,获取解密后的预置共享密钥和辅助认证信息。The sender obtains the sender authentication key, i.e., the sender's IDkey, based on the location information and the quantum state information sent in step 101. The sender uses the IDkey to decrypt the received ciphertext to obtain the decrypted preset shared key and auxiliary authentication information.
然后判断解密后的预置共享密钥是否与本地的预置共享密钥一致。对于发送方来说,如果用自己的IDkey解密接收方发送的密文、所得到的预置共享密钥信息与本地的预置共享密钥一致,一方面说明接收方的预置共享密钥与自己本地的预置共享密钥是相同的,而只有身份合法的接收方才可能具有该共享密钥,另一方面说明接收方遵循与自己相同的基矢选择规则选择测量基,并采用正确的IDkey执行的加密操作,从而发送方才能够解密出与本地一致的预置共享密钥,因此可以判定接收方通过身份认证。反之,如果两者不一致,则可以认为接收方可能是中间人或者攻击者,因此结束本次量子密钥分发过程。Then, it is determined whether the decrypted pre-shared key is consistent with the local pre-shared key. For the sender, if the pre-shared key information obtained by decrypting the ciphertext sent by the receiver with its own IDkey is consistent with the local pre-shared key, on the one hand, it means that the receiver's pre-shared key is the same as its own local pre-shared key, and only a legitimate receiver can have this shared key. On the other hand, it means that the receiver follows the same basis selection rules as itself to select the measurement basis and uses the correct IDkey to perform encryption operations. Therefore, the sender can decrypt the pre-shared key that is consistent with the local one, and therefore it can be determined that the receiver has passed the identity authentication. On the contrary, if the two are inconsistent, it can be considered that the receiver may be a middleman or an attacker, and the quantum key distribution process ends.
如果发送方判定接收方身份合法,则可以按照量子密钥分配协议的流程,将接收方公开的测量基与自己使用的制备基进行比较,从中选出正确的测量基,根据正确的测量基筛选出原始密钥,并通过经典信道向接收方公开正确的测量基。If the sender determines that the identity of the receiver is legitimate, it can compare the measurement basis disclosed by the receiver with the preparation basis used by itself according to the process of the quantum key distribution protocol, select the correct measurement basis, filter out the original key based on the correct measurement basis, and disclose the correct measurement basis to the receiver through the classical channel.
至此,通过上述步骤101-步骤103,接收方通过判断身份认证量子态信息是否符合基矢选择规则,验证了发送方的身份;发送方则通过预置共享密钥的比对,验证了接收方的身份。如果收发双方都通过了上述验证,那么后续就可以按照量子密钥分配协议的流程继续执行后续的密钥分发过程。At this point, through steps 101-103, the receiver verifies the sender's identity by determining whether the identity authentication quantum state information complies with the basis vector selection rules. The sender verifies the receiver's identity by comparing the pre-set shared key. If both the sender and the receiver pass this verification, the subsequent key distribution process can proceed according to the quantum key distribution protocol process.
为了进一步保证密钥分发过程的安全性,本实施例在后续分发过程中也穿插了身份认证以及数据加密处理流程,下面对这种优选实施方式作进一步说明。In order to further ensure the security of the key distribution process, this embodiment also intersperses identity authentication and data encryption processing processes in the subsequent distribution process. This preferred implementation method is further explained below.
1)发送方加密辅助认证信息的变体,并发送密文。1) The sender encrypts a variant of the auxiliary authentication information and sends the ciphertext.
在上述步骤103中发送方获取了解密后的辅助认证信息,当发送方验证接收方的身份合法后,可以先采用预设策略加密所述解密后的辅助认证信息的变体,然后在通过经典信道公布密钥量子态的正确测量基时,一并发送执行上述加密操作后的密文信息。In the above step 103, the sender obtains the decrypted auxiliary authentication information. After verifying the legitimacy of the recipient's identity, the sender can first use a preset strategy to encrypt a variant of the decrypted auxiliary authentication information, and then send the ciphertext information after performing the above encryption operation together when publishing the correct measurement basis of the key quantum state through the classical channel.
所述预设策略可以是收发双方预置的,也可以是通过协商确定的。所述预设策略包括:采用预置共享密钥执行加密操作;或者,采用IDkey执行加密操作。The preset strategy can be preset by the sender and receiver, or determined through negotiation. The preset strategy includes: using a preset shared key to perform encryption operations; or using an IDkey to perform encryption operations.
所述辅助认证信息的变体,是指基于所述辅助认证信息生成的信息,例如,可以是所述辅助认证信息本身;或者,是采用预设的数学变换方法处理所述辅助认证信息得到的结果,例如:m+1。收发双发可以预置相同的变体生成算法或者函数,从而保证针对相同的辅助认证信息m,双方生成的变体信息是一致的。The variant of the auxiliary authentication information refers to information generated based on the auxiliary authentication information. For example, it can be the auxiliary authentication information itself, or the result of processing the auxiliary authentication information using a preset mathematical transformation method, such as m+1. The sender and receiver can preset the same variant generation algorithm or function to ensure that the variant information generated by both parties for the same auxiliary authentication information m is consistent.
2)接收方接收所述正确测量基和所述密文后,通过解密密文验证发送方身份。2) After receiving the correct measurement basis and the ciphertext, the receiver verifies the identity of the sender by decrypting the ciphertext.
首先,接收方采用与发送方所采用的预设策略对应的方式,解密接收到的密文,例如,发送方采用IDkey执行的加密操作,则接收方也采用自己的IDkey执行解密操作;若发送方采用本地的预置共享密钥执行的加密操作,则接收方也采用本地的预置共享密钥执行解密操作。First, the receiver decrypts the received ciphertext using a method corresponding to the preset strategy adopted by the sender. For example, if the sender uses IDkey to perform the encryption operation, the receiver also uses its own IDkey to perform the decryption operation; if the sender uses the local preset shared key to perform the encryption operation, the receiver also uses the local preset shared key to perform the decryption operation.
然后,判断执行所述解密操作后得到的信息是否与本地生成的辅助认证信息m的变体一致。所述辅助认证信息m最初是接收方本地生成的,通过经典信息以加密形式发送给发送方,发送方解密还原后,又采用预设策略加密该信息的变体,并发送给接收方,那么如果接收方解密后的结果与其本地原始生成的辅助认证信息的变体一致,说明发送方不仅能够成功地解密还原m,而且其采用的加密方式以及变体生成算法或者函数与接收方是相符的,从而接收方再次验证了发送方的身份,同时也说明发送方通过经典信道公布的密钥量子态的正确测量基是可信的。Then, a determination is made as to whether the information obtained after the decryption operation is consistent with a locally generated variant of the auxiliary authentication information m. The auxiliary authentication information m was originally generated locally by the receiver and sent to the sender in encrypted form via classical information. After decryption and restoration, the sender then encrypted the variant of the information using a preset strategy and sent it to the receiver. If the receiver's decrypted result is consistent with the variant of the original locally generated auxiliary authentication information, this indicates that the sender was not only able to successfully decrypt and restore m, but also that the encryption method and variant generation algorithm or function used by the sender are consistent with those of the receiver. This reaffirms the sender's identity and confirms that the correct measurement basis of the key quantum state published by the sender via the classical channel is credible.
因此,如果上述判断结果为“是”,接收方可以根据经典信道公开的正确测量基,筛选原始密钥,并通过经典信道公布部分密钥量子态的测量结果,以便进行后续的误码率估算;如果上述判断结果为“否”,则说明发送方身份不可信,因此可以结束本次的量子密钥分发过程。Therefore, if the above judgment result is "yes", the receiver can screen the original key according to the correct measurement basis disclosed by the classical channel, and publish the measurement results of part of the key quantum state through the classical channel for subsequent bit error rate estimation; if the above judgment result is "no", it means that the sender's identity is untrustworthy, so the quantum key distribution process can be ended.
需要说明的是,发送方也可以采用动态变化的算法或者函数计算解密得到的辅助认证信息的变体,只要接收方知道计算所述变体的相应规则即可,同样可以实现本技术方案,而且能够进一步提高安全性。例如,发送方第一次采用如下方式计算所述变体:辅助认证信息+1,接收方则将解密后的信息与本地原始生成的辅助认证信息m的变体m+1进行比较;发送方第二次采用如下方式计算所述变体:辅助认证信息+2,接收方则将解密后的信息与本地原始生成的辅助认证信息m的变体m+2进行比较。It should be noted that the sender may also use a dynamically changing algorithm or function to calculate a variant of the decrypted auxiliary authentication information. As long as the receiver knows the corresponding rules for calculating the variant, this technical solution can still be implemented, and security can be further improved. For example, the sender may first calculate the variant using the following method: Auxiliary Authentication Information + 1, and the receiver may compare the decrypted information with the variant m+1 of the locally generated auxiliary authentication information m. The sender may then calculate the variant using the following method: Auxiliary Authentication Information + 2, and the receiver may compare the decrypted information with the variant m+2 of the locally generated auxiliary authentication information m.
3)发送方估算误码率后,用IDkey加密误码率并发送给接收方。3) After the sender estimates the bit error rate, it encrypts the bit error rate with the IDkey and sends it to the receiver.
所述发送方根据所述接收方公布的部分密钥量子态的测量结果,估算误码率,若误码率在一定的阈值范围内,就利用纠错技术进行纠错,然后进一步对纠错过的量子密钥进行隐私放大,从而消除通信过程和纠错过程中导致的信息泄露,最后提取到无条件安全的共享量子密钥。若误码率超过一定阈值,则放弃本次量子密钥分发过程。The sender estimates the bit error rate (BER) based on the measurement results of the partial key quantum state published by the receiver. If the BER is within a certain threshold, it uses error correction technology to correct the errors. It then further amplifies the privacy of the corrected quantum key, eliminating information leakage caused by the communication and error correction processes. Finally, it extracts the unconditionally secure shared quantum key. If the BER exceeds a certain threshold, the quantum key distribution process is abandoned.
如果误码率没有超出阈值,那么发送方在完成上述操作后,可以将误码率发送给接收方,供接收方参考,以保证双方做出相同的判断、以及基于相同的策略执行后续的隐私放大等处理操作,从而获取相同的共享量子密钥。为了避免中间人或者攻击者窃取误码率信息,发送方可以采用IDkey加密所述误码率,并将加密后的信息发送给所述接收方。If the bit error rate does not exceed the threshold, then after completing the above operations, the sender can send the bit error rate to the receiver for reference, ensuring that both parties make the same judgment and perform subsequent privacy amplification and other processing operations based on the same strategy, thereby obtaining the same shared quantum key. To prevent middlemen or attackers from eavesdropping on the bit error rate information, the sender can encrypt the bit error rate using the IDkey and send the encrypted information to the receiver.
4)接收方解密接收到的信息,获取误码率,并执行相应的处理。4) The receiver decrypts the received information, obtains the bit error rate, and performs corresponding processing.
接收方收到误码率的密文后,采用IDkey解密该信息,获取发送方估算的误码率,接收方可以根据该误码率执行与发送方同样的操作,也可以将自己估算的误码率与发送方发送的误码率进行比较,如果两者的差异在预先设定的范围内,也就说收发双方基于误码率的判断结果和后续处理策略都是相同的,则接收方可以继续执行后续操作,最终获取与发送方相同的无条件安全的共享量子密钥。After the receiver receives the ciphertext of the bit error rate, it uses the IDkey to decrypt the information and obtain the bit error rate estimated by the sender. The receiver can perform the same operation as the sender based on the bit error rate, or compare its own estimated bit error rate with the bit error rate sent by the sender. If the difference between the two is within a pre-set range, that is, the judgment results and subsequent processing strategies based on the bit error rate of the sender and receiver are the same, then the receiver can continue to perform subsequent operations and ultimately obtain the same unconditionally secure shared quantum key as the sender.
至此,通过上述步骤101-103,在量子密钥分发过程中实现了对收发双方的身份认证。本技术方案采用不同波长区分密钥信息和身份认证信息,在密钥量子态中随机穿插长度可变的身份认证信息的量子态,收发双方通过检测对端设备在选择制备基或测量基时是否遵循同样的基矢选择规则,以及对端设备是否具有相同的预置共享密钥,从而完成身份认证过程。由于本技术方案充分利用了量子的安全性、通过量子态信息进行身份认证,而且不需要收发双方预置相同的身份认证信息,实现了量子态零知识证明身份验证方法,不仅可以有效防御中间人攻击和DDoS攻击,保障了量子密钥分发过程的安全性,而且不会造成量子密钥分发量的降低。At this point, through steps 101-103 above, identity authentication of both the sender and the receiver has been achieved during the quantum key distribution process. This technical solution uses different wavelengths to distinguish between key information and identity authentication information, randomly interspersing quantum states of identity authentication information of variable length within the key quantum state. The sender and receiver complete the identity authentication process by detecting whether the other device follows the same basis vector selection rules when selecting the preparation basis or measurement basis, and whether the other device has the same preset shared key. Because this technical solution fully utilizes quantum security, performs identity authentication through quantum state information, and does not require the sender and receiver to preset the same identity authentication information, it implements a quantum state zero-knowledge proof authentication method. This not only effectively defends against man-in-the-middle attacks and DDoS attacks, ensuring the security of the quantum key distribution process, but also does not reduce the amount of quantum key distribution.
此外,本申请还提供了另一种用于量子密钥分发过程的身份认证方法,所述方法在参与量子密钥分发过程的发送方量子通信设备上实施。请参考图3,其为本申请的另一种用于量子密钥分发过程的身份认证方法的实施例的流程图,本实施例与上面第一实施例步骤相同的部分不再赘述,下面重点描述不同之处。所述方法包括如下步骤:In addition, this application also provides another identity authentication method for a quantum key distribution process, which is implemented on a quantum communication device that sends a message during the quantum key distribution process. Please refer to Figure 3, which is a flowchart of another embodiment of this application's identity authentication method for a quantum key distribution process. The steps of this embodiment that are identical to the first embodiment above are not repeated here, and the differences are described below. The method includes the following steps:
步骤301:根据预先设定的基矢选择规则选择身份认证比特串的制备基、并采用预先设定的不同波长向参与量子密钥分发过程的对端设备发送身份认证比特串和随机生成的密钥比特串的量子态,所述身份认证比特串以随机的位置和长度穿插在所述密钥比特串中。Step 301: Select a preparation basis for the identity authentication bit string according to a pre-set basis selection rule, and use pre-set different wavelengths to send the quantum state of the identity authentication bit string and the randomly generated key bit string to the opposite device participating in the quantum key distribution process, where the identity authentication bit string is interspersed in the key bit string with random positions and lengths.
在本步骤之前,可以先向所述对端设备发送量子密钥协商请求,所述请求中包含发送方的账户信息,供对端设备验证自己的身份,随后可以接收所述对端设备发送的账户信息,并根据所述账户信息验证对方的身份,若验证失败,则结束本次量子密钥分发过程;若验证成功,则可以执行本步骤进行量子态的发送。Before this step, a quantum key agreement request can be sent to the peer device. The request contains the sender's account information for the peer device to verify its own identity. Then, the account information sent by the peer device can be received and the identity of the other party can be verified based on the account information. If the verification fails, the quantum key distribution process is terminated; if the verification is successful, this step can be executed to send the quantum state.
所述预先设定的基矢选择规则包括:根据身份验证比特在量子态信息中的位置,选择相应的制备基,例如,根据每个身份验证比特在量子态信息中的位置信息与4取模的不同结果,选择相应的水平偏振基、垂直偏振基、左旋偏振基、或者右旋偏振基。The pre-set basis vector selection rule includes: selecting a corresponding preparation basis according to the position of the authentication bit in the quantum state information, for example, selecting a corresponding horizontal polarization basis, vertical polarization basis, left-handed polarization basis, or right-handed polarization basis according to the position information of each authentication bit in the quantum state information and the different results of modulo 4.
步骤302:接收所述对端设备返回的认证密钥位置信息和待验证密文。Step 302: Receive the authentication key location information and the ciphertext to be verified returned by the peer device.
作为一种优选实施方式,本方法可以在量子密钥分发过程中穿插执行,在这种方式下,所述对端设备返回的信息不仅包括:认证密钥位置信息和待验证密文,还包括:测量密钥量子态所采用的测量基。As a preferred embodiment, this method can be executed intermittently during the quantum key distribution process. In this way, the information returned by the peer device includes not only the authentication key location information and the ciphertext to be verified, but also the measurement basis used to measure the quantum state of the key.
步骤303:根据所述位置信息和已发送的量子态信息,选取认证密钥,并采用所述认证密钥对接收的待验证密文进行解密。Step 303: Select an authentication key based on the position information and the sent quantum state information, and use the authentication key to decrypt the received ciphertext to be verified.
步骤304:判断解密后的信息是否与本地的预置共享密钥一致,若不一致,则结束本次量子密钥分发过程。Step 304: Determine whether the decrypted information is consistent with the local preset shared key. If not, end the quantum key distribution process.
如果本步骤的判断结果为是,则可以按照量子密钥分配协议继续执行后续的操作:If the result of this step is yes, you can continue to perform subsequent operations according to the quantum key distribution protocol:
确定密钥量子态的正确测量基,筛选原始密钥;Determine the correct measurement basis of the key quantum state and screen the original key;
通过经典信道公布所述密钥量子态的正确测量基;Publishing a correct measurement basis of the key quantum state through a classical channel;
通过误码率估算、纠错和隐私放大过程,获取最终的共享量子密钥。The final shared quantum key is obtained through bit error rate estimation, error correction and privacy amplification processes.
如果在步骤302中还接收到了接收方发送的辅助认证信息,那么在本步骤的判断结果为“是”时,还可以加密所述辅助认证信息的变体,在上述公布正确测量基的同时,发送所述辅助认证信息的变体的密文,供接收方做进一步的验证;此外,在估算误码率后,还可以采用步骤303选取的认证密钥加密所述误码率,并将其发送给接收方。If auxiliary authentication information sent by the recipient is also received in step 302, then when the judgment result of this step is "yes", a variant of the auxiliary authentication information can also be encrypted. At the same time as the correct measurement base is published as mentioned above, the ciphertext of the variant of the auxiliary authentication information is sent for further verification by the recipient; in addition, after estimating the bit error rate, the bit error rate can also be encrypted using the authentication key selected in step 303 and sent to the recipient.
在上述的实施例中,提供了另一种用于量子密钥分发过程的身份认证方法,与之相对应的,本申请还提供一种用于量子密钥分发过程的身份认证装置,所述装置部署在参与量子密钥分发过程的发送方量子通信设备上。请参看图4,其为本申请的一种用于量子密钥分发过程的身份认证装置的实施例示意图。由于装置实施例基本相似于方法实施例,所以描述得比较简单,相关之处参见方法实施例的部分说明即可。下述描述的装置实施例仅仅是示意性的。In the above-mentioned embodiment, another identity authentication method for use in a quantum key distribution process is provided. Correspondingly, this application also provides an identity authentication device for use in a quantum key distribution process, which is deployed on a sending quantum communication device participating in the quantum key distribution process. Please refer to Figure 4, which is a schematic diagram of an embodiment of an identity authentication device for use in a quantum key distribution process of this application. Since the device embodiment is substantially similar to the method embodiment, the description is relatively simple. For relevant details, please refer to the description of the method embodiment. The device embodiment described below is merely illustrative.
本实施例的一种用于量子密钥分发过程的身份认证装置,包括:量子态发送单元401,用于根据预先设定的基矢选择规则选择身份认证比特串的制备基、并采用预先设定的不同波长向参与量子密钥分发过程的对端设备发送身份认证比特串和随机生成的密钥比特串的量子态,所述身份认证比特串以随机的位置和长度穿插在所述密钥比特串中;响应信息接收单元402,用于接收所述对端设备返回的认证密钥位置信息和待验证密文;信息解密单元403,用于根据所述位置信息和已发送的量子态信息,选取认证密钥,并采用所述认证密钥对接收的待验证密文进行解密;发送方认证判断单元404,用于判断解密后的信息是否与本地的预置共享密钥一致;若否,则结束本次量子密钥分发过程。An identity authentication device for a quantum key distribution process according to this embodiment includes: a quantum state sending unit 401, configured to select a preparation basis for an identity authentication bit string according to a preset basis vector selection rule, and to send the identity authentication bit string and the quantum state of a randomly generated key bit string to a peer device participating in the quantum key distribution process using preset different wavelengths, wherein the identity authentication bit string is interspersed with the key bit string at random positions and lengths; a response information receiving unit 402, configured to receive authentication key location information and a ciphertext to be verified returned by the peer device; an information decryption unit 403, configured to select an authentication key based on the location information and the sent quantum state information, and to decrypt the received ciphertext to be verified using the authentication key; and a sender authentication determination unit 404, configured to determine whether the decrypted information is consistent with a locally preset shared key; if not, terminating the quantum key distribution process.
可选的,所述响应信息接收单元接收到的信息不仅包括:认证密钥位置信息和待验证密文,还包括:测量密钥量子态所采用的测量基;Optionally, the information received by the response information receiving unit includes not only the authentication key location information and the ciphertext to be verified, but also the measurement basis used to measure the quantum state of the key;
相应的,所述装置还包括:Accordingly, the device further includes:
原始密钥筛选单元,用于当所述认证判断单元的输出结果为是时,确定密钥量子态的正确测量基,并筛选原始密钥;an original key screening unit, configured to determine a correct measurement basis of the key quantum state and screen the original key when the output result of the authentication judgment unit is yes;
正确测量基公布单元,用于通过经典信道公布所述密钥量子态的正确测量基;a correct measurement basis publishing unit, configured to publish the correct measurement basis of the key quantum state via a classical channel;
发送方量子密钥获取单元,用于通过误码率估算、纠错和隐私放大过程,获取最终的共享量子密钥。The sender's quantum key acquisition unit is used to obtain the final shared quantum key through bit error rate estimation, error correction and privacy amplification processes.
可选的,所述装置还包括:Optionally, the device further includes:
协商请求发送单元,用于向所述对端设备发送量子密钥协商请求,所述请求中包含发送方的账户信息;a negotiation request sending unit, configured to send a quantum key negotiation request to the peer device, wherein the request includes the sender's account information;
账户信息接收单元,用于接收所述对端设备发送的账户信息;An account information receiving unit, configured to receive the account information sent by the peer device;
第一身份认证单元,用于根据所述账户信息验证所述对端设备的身份,若验证失败,结束本次量子密钥分发过程。The first identity authentication unit is used to verify the identity of the peer device based on the account information. If the verification fails, the quantum key distribution process is terminated.
可选的,所述量子态发送单元采用的预先设定的基矢选择规则包括:根据身份验证比特在量子态信息中的位置,选择相应的制备基。Optionally, the preset basis vector selection rule adopted by the quantum state sending unit includes: selecting a corresponding preparation basis according to the position of the identity authentication bit in the quantum state information.
可选的,所述量子态发送单元采用的预先设定的基矢选择规则是指,根据每个身份验证比特在量子态信息中的位置信息与4取模的不同结果,选择相应的水平偏振基、垂直偏振基、左旋偏振基、或者右旋偏振基。Optionally, the pre-set basis vector selection rule adopted by the quantum state sending unit is to select the corresponding horizontal polarization basis, vertical polarization basis, left-handed polarization basis, or right-handed polarization basis according to the position information of each authentication bit in the quantum state information and the different results of modulo 4.
此外,本申请还提供了第三种用于量子密钥分发过程的身份认证方法,所述方法在参与量子密钥分发过程的接收方量子通信设备上实施。请参考图5,其为本申请的第三种用于量子密钥分发过程的身份认证方法的实施例的流程图,本实施例与上面第一实施例步骤相同的部分不再赘述,下面重点描述不同之处。所述方法包括如下步骤:In addition, this application also provides a third identity authentication method for a quantum key distribution process, which is implemented on a receiving quantum communication device participating in the quantum key distribution process. Please refer to Figure 5, which is a flowchart of an embodiment of the third identity authentication method for a quantum key distribution process of this application. The steps of this embodiment that are identical to the first embodiment above are not repeated here, and the differences are described below. The method includes the following steps:
步骤501:接收参与量子密钥分发过程的对端设备发送的量子态。Step 501: Receive a quantum state sent by a peer device participating in a quantum key distribution process.
在本步骤之前,可以接收所述对端设备发送的密钥协商请求,并根据所述请求中包含的账户信息验证对方的身份,若验证失败,则结束本次量子密钥分发过程;若验证成功,向所述对端设备发送接收方的账户信息,并可以执行本步骤接收所述对端设备发送的量子态。Before this step, a key agreement request sent by the peer device can be received, and the identity of the other party can be verified based on the account information contained in the request. If the verification fails, the quantum key distribution process is terminated; if the verification is successful, the recipient's account information is sent to the peer device, and this step can be performed to receive the quantum state sent by the peer device.
步骤502:按照预先设定的不同波长和基矢选择规则,对接收的量子态进行测量,并根据测量出的结果获取身份认证信息。Step 502: Measure the received quantum state according to the pre-set different wavelength and basis vector selection rules, and obtain identity authentication information based on the measurement results.
所述预先设定的基矢选择规则包括:根据身份验证比特在量子态信息中的位置,选择相应的测量基,例如,根据每个身份验证比特在量子态信息中的位置信息与4取模的不同结果,选择相应的水平偏振基、垂直偏振基、左旋偏振基、或者右旋偏振基。The pre-set basis vector selection rule includes: selecting a corresponding measurement basis according to the position of the authentication bit in the quantum state information, for example, selecting a corresponding horizontal polarization basis, vertical polarization basis, left-hand polarization basis, or right-hand polarization basis according to the position information of each authentication bit in the quantum state information and the different results of modulo 4.
具体说,本步骤包括以下处理过程:根据所述预先设定的不同波长,区分身份认证量子态信息和密钥量子态信息;按照所述预先设定的基矢选择规则选择身份认证量子态信息的测量基;使用所选测量基测量所述身份认证量子态信息,并剔除其中未探测到光子的部分,获取所述身份认证信息。Specifically, this step includes the following processing procedures: distinguishing identity authentication quantum state information and key quantum state information according to the pre-set different wavelengths; selecting a measurement basis for the identity authentication quantum state information according to the pre-set basis vector selection rule; using the selected measurement basis to measure the identity authentication quantum state information, and eliminating the part in which no photons are detected to obtain the identity authentication information.
步骤503:判断所述身份认证信息与所述基矢选择规则是否相符,若相符,执行步骤504,否则,结束本次的量子密钥分发过程。Step 503: Determine whether the identity authentication information is consistent with the basis vector selection rule. If so, execute step 504; otherwise, end the quantum key distribution process.
步骤504:从所述身份认证信息中选取认证密钥、并向所述对端设备发送所述认证密钥的位置信息以及采用所述认证密钥加密的预置共享密钥。Step 504: Select an authentication key from the identity authentication information, and send the location information of the authentication key and the preset shared key encrypted with the authentication key to the peer device.
所述从所述身份认证信息中选取认证密钥,包括:选取所述身份认证信息作为所述认证密钥;或者,从所述身份认证信息中随机选择处于不同位置的比特,并将所选比特组成的比特串作为所述认证密钥。The selecting an authentication key from the identity authentication information includes: selecting the identity authentication information as the authentication key; or randomly selecting bits at different positions from the identity authentication information, and using a bit string composed of the selected bits as the authentication key.
在本步骤中,还可以用所述认证密钥加密本地生成的辅助认证信息m,并将加密后的密文与所述位置信息和加密后的预置共享密钥一起发送给所述对端设备。In this step, the locally generated auxiliary authentication information m may also be encrypted with the authentication key, and the encrypted ciphertext, the location information, and the encrypted preset shared key are sent to the peer device.
本身份认证方法可以在量子密钥分发过程中穿插执行,因此本步骤还可以通过经典信道公开测量密钥量子态所采用的测量基。This identity authentication method can be interspersed in the quantum key distribution process, so this step can also publicly measure the measurement basis used for the key quantum state through the classical channel.
在本步骤之后,还可以执行下述操作:After this step, you can also perform the following operations:
1)接收所述对端设备通过经典信道发送的所述密钥量子态的正确测量基。1) Receiving a correct measurement basis of the key quantum state sent by the opposite device through a classical channel.
如果同时还接收到了辅助认证信息的变体的密文,则执行解密操作,并验证所述辅助认证信息的变体是否与本地原始生成的辅助认证信息的变体一致,若一致,执行后续筛选原始密钥等操作,否则,结束本次量子密钥分发过程。If the ciphertext of the variant of the auxiliary authentication information is also received at the same time, the decryption operation is performed, and it is verified whether the variant of the auxiliary authentication information is consistent with the variant of the auxiliary authentication information originally generated locally. If they are consistent, subsequent operations such as screening the original key are performed. Otherwise, the quantum key distribution process is terminated.
2)筛选原始密钥,并通过获取误码率、纠错和隐私放大过程,获取最终的共享量子密钥。2) Screen the original key and obtain the final shared quantum key by obtaining the bit error rate, error correction and privacy amplification process.
如果在筛选原始密钥后,接收到发送方发送的误码率密文,则可以采用步骤504选取的认证密钥解密,并根据该结果,执行后续的纠错、隐私放大等过程,获取最终的共享量子密钥。If the bit error rate ciphertext sent by the sender is received after screening the original key, the authentication key selected in step 504 can be used for decryption, and based on the result, subsequent error correction, privacy amplification and other processes are performed to obtain the final shared quantum key.
在上述的实施例中,提供了第三种用于量子密钥分发过程的身份认证方法,与之相对应的,本申请还提供一种用于量子密钥分发过程的身份认证装置,所述装置部署在参与量子密钥分发过程的接收方量子通信设备上。请参看图6,其为本申请的一种用于量子密钥分发过程的身份认证装置的实施例示意图。由于装置实施例基本相似于方法实施例,所以描述得比较简单,相关之处参见方法实施例的部分说明即可。下述描述的装置实施例仅仅是示意性的。In the above-mentioned embodiment, a third identity authentication method for use in a quantum key distribution process is provided. Correspondingly, this application also provides an identity authentication device for use in a quantum key distribution process, which is deployed on a receiving quantum communication device participating in the quantum key distribution process. Please refer to Figure 6, which is a schematic diagram of an embodiment of an identity authentication device for use in a quantum key distribution process of this application. Since the device embodiment is substantially similar to the method embodiment, the description is relatively simple. For relevant details, please refer to the description of the method embodiment. The device embodiment described below is merely illustrative.
本实施例的一种用于量子密钥分发过程的身份认证装置,包括:量子态接收单元601,用于接收参与量子密钥分发过程的对端设备发送的量子态;量子态测量单元602,用于按照预先设定的不同波长和基矢选择规则,对接收的量子态进行测量,并根据测量出的结果获取身份认证信息;接收方认证判断单元603,用于判断所述身份认证信息与所述基矢选择规则是否相符,若否,则结束本次量子密钥分发过程;信息发送单元604,用于当所述接收方认证判断单元的输出为是时,从所述身份认证信息中选取认证密钥、并向所述对端设备发送所述认证密钥的位置信息以及采用所述认证密钥加密的预置共享密钥。An identity authentication device for a quantum key distribution process according to this embodiment includes: a quantum state receiving unit 601, configured to receive a quantum state sent by a peer device participating in the quantum key distribution process; a quantum state measuring unit 602, configured to measure the received quantum state according to preset different wavelengths and basis vector selection rules, and obtain identity authentication information based on the measurement results; a receiving party authentication judgment unit 603, configured to judge whether the identity authentication information is consistent with the basis vector selection rules, and if not, terminate the quantum key distribution process; and an information sending unit 604, configured to select an authentication key from the identity authentication information when the output of the receiving party authentication judgment unit is yes, and to send location information of the authentication key and a pre-set shared key encrypted with the authentication key to the peer device.
可选的,所述装置还包括:Optionally, the device further includes:
测量基公布单元,用于当所述接收方认证判断单元的输出为是时,通过经典信道公开测量密钥量子态所采用的测量基;a measurement basis publishing unit, configured to publicly disclose the measurement basis used for measuring the quantum state of the key through a classical channel when the output of the receiver authentication judgment unit is yes;
相应的,所述装置还包括:Accordingly, the device further includes:
正确测量基接收单元,用于接收所述对端设备通过经典信道发送的所述密钥量子态的正确测量基;a correct measurement basis receiving unit, configured to receive the correct measurement basis of the key quantum state sent by the opposite device via a classical channel;
接收方量子密钥获取单元,用于筛选原始密钥,并通过误码率估算、纠错和隐私放大过程,获取最终的共享量子密钥。The receiving party's quantum key acquisition unit is used to screen the original key and obtain the final shared quantum key through bit error rate estimation, error correction and privacy amplification processes.
可选的,所述装置还包括:Optionally, the device further includes:
协商请求接收单元,用于接收所述对端设备发送的密钥协商请求;A negotiation request receiving unit, configured to receive a key negotiation request sent by the peer device;
第二身份认证单元,用于根据所述请求中包含的账户信息验证所述对端设备的身份,若验证失败,结束本次量子密钥分发过程,否则向所述对端设备发送接收方的账户信息。The second identity authentication unit is used to verify the identity of the peer device according to the account information included in the request. If the verification fails, the quantum key distribution process is terminated; otherwise, the account information of the recipient is sent to the peer device.
可选的,所述量子态测量单元采用的预先设定的基矢选择规则包括:根据身份认证比特在量子态信息中的位置,选择相应的制备基。Optionally, the pre-set basis vector selection rule adopted by the quantum state measurement unit includes: selecting a corresponding preparation basis according to the position of the identity authentication bit in the quantum state information.
可选的,所述量子态测量单元采用的预先设定的基矢选择规则是指,根据每个身份认证比特在量子态信息中的位置信息与4取模的不同结果,选择相应的水平偏振基、垂直偏振基、左旋偏振基、或者右旋偏振基。Optionally, the pre-set basis vector selection rule adopted by the quantum state measurement unit is to select the corresponding horizontal polarization basis, vertical polarization basis, left-handed polarization basis, or right-handed polarization basis according to the position information of each identity authentication bit in the quantum state information and the different results of modulo 4.
可选的,所述量子态测量单元包括:Optionally, the quantum state measurement unit includes:
信息区分子单元,用于根据所述预先设定的不同波长,区分身份认证量子态信息和密钥量子态信息;An information differentiation subunit, configured to differentiate between identity authentication quantum state information and key quantum state information according to the preset different wavelengths;
身份认证测量基选择子单元,用于按照所述预先设定的基矢选择规则选择身份认证量子态信息的测量基;An identity authentication measurement basis selection subunit, configured to select a measurement basis for identity authentication quantum state information according to the preset basis vector selection rule;
身份认证信息获取子单元,用于使用所选测量基测量所述身份认证量子态信息,并剔除其中未探测到光子的部分,获取所述身份认证信息。The identity authentication information acquisition subunit is used to measure the identity authentication quantum state information using the selected measurement basis and eliminate the part in which no photons are detected to obtain the identity authentication information.
可选的,所述信息发送单元包括:Optionally, the information sending unit includes:
认证密钥选取子单元,用于从所述身份认证信息中选取认证密钥;an authentication key selection subunit, configured to select an authentication key from the identity authentication information;
信息发送子单元,用于向所述对端设备发送所述认证密钥的位置信息以及采用所述认证密钥加密的预置共享密钥;An information sending subunit, configured to send the location information of the authentication key and a preset shared key encrypted with the authentication key to the peer device;
其中,所述认证密钥选取子单元具体用于,The authentication key selection subunit is specifically used to:
选取所述身份认证信息作为所述认证密钥;或者,Selecting the identity authentication information as the authentication key; or,
从所述身份认证信息中随机选择处于不同位置的比特,并将所选比特组成的比特串作为所述认证密钥。Bits at different positions are randomly selected from the identity authentication information, and a bit string composed of the selected bits is used as the authentication key.
此外,本申请实施例还提供了一种用于量子密钥分发过程的身份认证系统,如图7所示,该系统包括:部署于发送方量子通信设备的身份认证装置701,以及部署于接收方量子通信设备的身份认证装置702;所述部署于收发双方量子通信设备的身份认证装置,预置了相同的基矢选择规则、相同的共享密钥,并采用相同的、用于区分身份认证信息和密钥信息的波长设置。In addition, an embodiment of the present application also provides an identity authentication system for a quantum key distribution process, as shown in FIG7 , the system includes: an identity authentication device 701 deployed on a quantum communication device of a sender, and an identity authentication device 702 deployed on a quantum communication device of a receiver; the identity authentication devices deployed on quantum communication devices of both the sender and the receiver are pre-set with the same basis vector selection rules, the same shared key, and use the same wavelength setting for distinguishing identity authentication information from key information.
分别部署于收发双方量子通信设备的身份认证装置,采用本申请提供的身份认证方法,在量子密钥分发过程中实现对对端设备身份的动态验证。下面结合附图8,对所述用于量子密钥分发过程的身份认证系统的交互处理流程作简要说明。其中,部署于发送方量子通信设备的身份认证装置,简称为A,部署于接收方量子通信设备的身份认证装置,简称为B。Identity authentication devices deployed on both the sending and receiving quantum communication devices use the identity authentication method provided in this application to dynamically verify the identity of the peer device during the quantum key distribution process. The interactive processing flow of the identity authentication system used in the quantum key distribution process is briefly described below, in conjunction with Figure 8. The identity authentication device deployed on the sending quantum communication device is referred to as A, and the identity authentication device deployed on the receiving quantum communication device is referred to as B.
1)A向B发送密钥协商请求,请求中携带A的账户信息;1) A sends a key negotiation request to B, which includes A's account information.
2)B验证A身份的合法性,向A发送B的账户信息;2) B verifies the legitimacy of A's identity and sends B's account information to A;
3)A据接收到的账户信息验证B身份的合法性;A按照预先设定的基矢选择规则选择身份认证比特串的制备基、并采用不同波长发送身份认证比特串和随机生成的密钥比特串的量子态,所述身份认证比特串以随机的位置和长度穿插在所述密钥比特串中;3) A verifies the legitimacy of B's identity based on the received account information; A selects a basis for preparing the identity authentication bit string according to a pre-set basis selection rule, and transmits the quantum states of the identity authentication bit string and the randomly generated key bit string using different wavelengths, with the identity authentication bit string interspersed with the key bit string at random positions and lengths;
4)B根据所述不同波长和基矢选择规则,对接收的量子态进行测量,当测量得到的身份认证信息与所述基矢选择规则相符时,从所述身份认证信息中选取接收方认证密钥IDkey、发送所述密钥的位置信息以及采用所述密钥加密的预置共享密钥和本地辅助认证信息m、并公开密钥量子态的测量基,否则结束本次量子密钥分发过程。4) B measures the received quantum state according to the different wavelengths and basis vector selection rules. When the identity authentication information obtained by the measurement is consistent with the basis vector selection rule, the receiver authentication key IDkey, the location information of sending the key, the preset shared key encrypted with the key, and the local auxiliary authentication information m are selected from the identity authentication information, and the measurement basis of the key quantum state is made public. Otherwise, the quantum key distribution process is terminated.
5)A根据接收的所述位置信息选取相应的发送方认证密钥,并判断采用所述密钥对接收的密文进行解密后的预置共享密钥是否与本地的预置共享密钥一致,若一致,筛选原始密钥、公布密钥量子态的正确测量基、以及获取的辅助认证信息的变体的密文,若不一致则结束本次量子密钥分发过程;5) A selects a corresponding sender authentication key based on the received location information, and determines whether the preset shared key after decrypting the received ciphertext using the key is consistent with the local preset shared key. If they are consistent, the original key, the correct measurement basis of the published key quantum state, and the ciphertext of the obtained variant of the auxiliary authentication information are screened. If they are inconsistent, the quantum key distribution process is terminated.
6)B解密辅助认证信息的变体的密文,若与本地原始生成的辅助认证信息m的变体一致,则根据接收的正确测量基筛选原始密钥、并公布部分密钥量子态的测量结果,否则结束本次量子密钥分发过程;6) B decrypts the ciphertext of the auxiliary authentication information variant. If it is consistent with the locally generated variant of the auxiliary authentication information m, B filters the original key according to the received correct measurement basis and publishes the measurement results of the partial key quantum state. Otherwise, the quantum key distribution process ends.
7)A通过计算误码率、纠错、隐私放大,获取最终的共享量子密钥,并将用IDkey加密的误码率发送给B;B解密接收到的误码率,并根据该误码率执行相应的纠错、隐私放大,获取最终的共享量子密钥。7) A obtains the final shared quantum key by calculating the bit error rate, error correction, and privacy amplification, and sends the bit error rate encrypted with IDkey to B; B decrypts the received bit error rate and performs corresponding error correction and privacy amplification based on the bit error rate to obtain the final shared quantum key.
需要说明的是,上述示出的是本系统的一种优选实施方式,在其他实施方式中可以采用不同的交互方式,例如,可以不执行其中1)、2)的基于预置账户信息的身份认证环节,在环节4)进行B对A的身份认证、以及环节5)进行A对B的身份认证的过程中,可以不采用辅助认证信息m,也不在后续环节继续利用m的变体信息进行身份认证,也可以不利用IDkey对误码率进行加、解密操作等。只要在3)、4)、5)环节利用身份认证量子态是否符合基矢选择规则,以及双方预置的共享密钥是否一致,完成A与B之间的相互认证,就不偏离本申请的核心,都在本申请的保护范围之内。It should be noted that what is shown above is a preferred embodiment of the present system. In other embodiments, different interaction methods may be used. For example, the identity authentication steps based on preset account information in steps 1) and 2) may not be performed. In the process of B's identity authentication of A in step 4) and A's identity authentication of B in step 5), the auxiliary authentication information m may not be used, nor may the variant information of m be used for identity authentication in subsequent steps. The IDkey may not be used for encryption and decryption operations on the bit error rate, etc. As long as the mutual authentication between A and B is completed by using the identity authentication quantum state to determine whether it conforms to the basis vector selection rule in steps 3), 4), and 5), and whether the preset shared keys of both parties are consistent, it does not deviate from the core of this application and is within the scope of protection of this application.
本申请虽然以较佳实施例公开如上,但其并不是用来限定本申请,任何本领域技术人员在不脱离本申请的精神和范围内,都可以做出可能的变动和修改,因此本申请的保护范围应当以本申请权利要求所界定的范围为准。Although the present application is disclosed as above with the preferred embodiments, it is not intended to limit the present application. Any person skilled in the art may make possible changes and modifications without departing from the spirit and scope of the present application. Therefore, the scope of protection of the present application shall be based on the scope defined by the claims of the present application.
在一个典型的配置中,计算设备包括一个或多个处理器(CPU)、输入/输出接口、网络接口和内存。In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
内存可能包括计算机可读介质中的非永久性存储器,随机存取存储器(RAM)和/或非易失性内存等形式,如只读存储器(ROM)或闪存(flash RAM)。内存是计算机可读介质的示例。Memory may include non-permanent storage in a computer-readable medium, random access memory (RAM) and/or non-volatile memory in the form of read-only memory (ROM) or flash RAM. Memory is an example of a computer-readable medium.
1、计算机可读介质包括永久性和非永久性、可移动和非可移动媒体可以由任何方法或技术来实现信息存储。信息可以是计算机可读指令、数据结构、程序的模块或其他数据。计算机的存储介质的例子包括,但不限于相变内存(PRAM)、静态随机存取存储器(SRAM)、动态随机存取存储器(DRAM)、其他类型的随机存取存储器(RAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、快闪记忆体或其他内存技术、只读光盘只读存储器(CD-ROM)、数字多功能光盘(DVD)或其他光学存储、磁盒式磁带,磁带磁磁盘存储或其他磁性存储设备或任何其他非传输介质,可用于存储可以被计算设备访问的信息。按照本文中的界定,计算机可读介质不包括非暂存电脑可读媒体(transitory media),如调制的数据信号和载波。1. Computer-readable media includes permanent and non-permanent, removable and non-removable media that can be implemented by any method or technology to store information. Information can be computer-readable instructions, data structures, program modules, or other data. Examples of computer storage media include, but are not limited to, phase-change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technologies, compact disc read-only memory (CD-ROM), digital versatile disc (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other non-transmission media that can be used to store information that can be accessed by a computing device. As defined herein, computer-readable media does not include non-transitory media such as modulated data signals and carrier waves.
2、本领域技术人员应明白,本申请的实施例可提供为方法、系统或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。2. Those skilled in the art will appreciate that the embodiments of the present application may be provided as methods, systems, or computer program products. Therefore, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware. Furthermore, the present application may take the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to magnetic disk storage, CD-ROM, optical storage, etc.) containing computer-usable program code.
Claims (39)
Publications (3)
| Publication Number | Publication Date |
|---|---|
| HK1229575A HK1229575A (en) | 2017-11-17 |
| HK1229575A1 HK1229575A1 (en) | 2017-11-17 |
| HK1229575B true HK1229575B (en) | 2020-07-31 |
Family
ID=
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI689837B (en) | Identity authentication method, device and system for quantum key distribution process | |
| US10999068B2 (en) | Authentication method, device and system for quantum key distribution process | |
| TWI709870B (en) | Identity authentication method, device and system for quantum key distribution process | |
| HK1229575B (en) | Identity authentication methods, devices and system applied to quantum key distribution process | |
| HK1229575A1 (en) | Identity authentication methods, devices and system applied to quantum key distribution process | |
| HK1229575A (en) | Identity authentication methods, devices and system applied to quantum key distribution process | |
| HK1233792B (en) | Authentication method, device and system for quantum key distribution process | |
| HK1234915B (en) | Authentication method, apparatus and system used in quantum key distribution process | |
| HK1233792A (en) | Authentication method, device and system for quantum key distribution process | |
| HK1233792A1 (en) | Authentication method, device and system for quantum key distribution process | |
| HK1234915A (en) | Authentication method, apparatus and system used in quantum key distribution process | |
| HK1234915A1 (en) | Authentication method, apparatus and system used in quantum key distribution process | |
| BR112017017488B1 (en) | IDENTITY AUTHENTICATION METHOD FOR A QUANTUM KEY DISTRIBUTION PROCESS, IDENTITY AUTHENTICATION DEVICE FOR A QUANTUM KEY DISTRIBUTION PROCESS, AND NON-TRAINER COMPUTER READABLE STORAGE MEDIUM |