English

应用科学学报 >

2023 , Vol. 41 >Issue 1: 170 - 182

DOI: https://doi.org/10.3969/j.issn.0255-8297.2023.01.013

计算机应用专辑

基于区块链的量子密钥全生命周期管理

展开
  • 1. 成都信息工程大学 网络空间安全学院, 四川 成都 610225;
    2. 先进密码技术与系统安全四川省重点实验室, 四川 成都 610225

收稿日期: 2021-11-12

  网络出版日期: 2023-02-03

基金资助

成都市重点研发支撑计划基金(No.2019-YF05-02028-GX);国家自然科学基金(No.62076042);四川省重点研发计划项目基金(No.2021YFSY0012)资助

收起

Quantum Key Lifecycle Management Based on Blockchain

Expand
  • 1. College of Cyberspace Security, Chengdu University of Information Technology, Chengdu 610225, Sichuan, China;
    2. Sichuan Provincial Key Laboratory of Advanced Cryptography and System Security, Chengdu 610225, Sichuan, China

Received date: 2021-11-12

  Online published: 2023-02-03

Fold

摘要

为确保量子密钥从生成、分发、存储、使用、更新到销毁的安全性更高,提出一种基于区块链的量子密钥全生命周期管理方案。首先有保密通信需求的两方机构通过量子密钥分发设备产生真随机对称量子协商密钥,并将其分别存储在两方机构的量子设备管理员处;然后两方量子设备管理员协商量子密钥编号规则生成量子密钥文件;最后两方机构用户分别向各自量子设备管理员申请量子密钥用于通信。在通信过程中,与量子密钥生成、分发、使用、更新、销毁的相关日志信息上传到区块链,由量子设备管理员、通信用户协同区块链管理员完成量子密钥全生命周期的管理与追溯。理论分析表明:该方案能解决量子密钥在通信系统中无法有效追溯和管理的问题,可以实现对量子密钥全生命周期管理和追溯过程的透明可信。

关键词: 区块链; 保密通信; 量子密钥; 量子密钥管理

本文引用格式

林雨生, 昌燕, 陈天肃, 喻世鹏, 张仕斌 . 基于区块链的量子密钥全生命周期管理[J]. 应用科学学报, 2023 , 41(1) : 170 -182 . DOI: 10.3969/j.issn.0255-8297.2023.01.013

Abstract

In order to ensure a higher security of quantum key from generation, distribution, storage, use, update and destruction, this paper proposes a quantum key lifecycle management scheme based on blockchain. The two-party which has the requirement of confidential communication generates a truly random symmetric quantum negotiation key pool through quantum key distribution devices, and stores it in the quantum device administrator of each party. Then the quantum device administrators of two parties generate quantum key files according to negotiated numbering rules of quantum keys. Users of the two parties respectively apply for quantum keys from their quantum device administrators for communication. In the process of communication, the log information related to the generation, distribution, use, update and destruction of quantum keys is uploaded to a blockchain, and the quantum device administrators and communication users cooperate with the blockchain administrator to complete the management and traceability of the full lifecycle of quantum keys. Theoretical analysis shows that this scheme can solve the problem that quantum key cannot be effectively traced and managed in communication system, and realize the transparency and reliability of management and traceability of quantum key in whole lifecycle.

Key words: blockchain; secure communication; quantum key; quantum key management

参考文献

[1] Bennett C H, Brassard G. Quantum cryptography:public key distribution and coin tossing[C]//IEEE International Conference on Computers Systems and Signal Processing, Baialore, India, 1984:175-179.
[2] Elkouss D, Martinez-Mateo J, Ciurana A, et al. Secure optical networks based on quantum key distribution and weakly trusted repeaters[J]. Journal of Optical Communications & Networking, 2013, 5(4):316-328.
[3] Lo H K, Chau H F. Unconditional security of quantum key distribution over arbitrarily long distances[J]. Science, 1999, 283(5410):2050-2056.
[4] 谭政, 单欣, 孙献平, 等. 利用量子密钥的加密/解密实现身份认证[J]. 量子光学学报, 2006, 12(B8):9. Tan Z, Shan X, Sun X P, et al. Identity authentication using encryption/decryption of quantum key[J]. Acta Sinica Quantum Optica, 2006, 12(B8):9. (in Chinese)
[5] 陈金熠, 王龙. 一种基于医疗区块链的医疗数据管理系统:中国, CN109947844A[P]. 2019.
[6] 高峰, 张鹏飞, 刘念. 量子通信城域网设备部署及应用的研究[J]. 通信电源技术, 2020, 37(1):163-165. Gao F, Zhang P F, Liu N. Research on deployment and application of quantum communication metropolitan area network equipment[J]. Communication Power Supply Technology, 2020, 37(1):163-165. (in Chinese)
[7] 郑祎能. QKD网络量子信道管理关键技术研究[J]. 计算机科学, 2018, 45(增刊1):369-376, 404. Zheng Y N. Research on key technologies of QKD network quantum channel management[J]. Computer Science, 2018, 45(Suppl.1):369-376, 404. (in Chinese)
[8] 王贺. 量子通信网络密钥管理及业务性能仿真研究[D]. 西安:西安电子科技大学.
[9] 查振兴, 高泉, 李强, 等. 基于量子密钥分发的IPSec VPN密码机:中国, CN 108173652A[P]. 2018.
[10] 吴佳楠, 唐祁, 贺曼丽, 等. 融合量子密钥的内网文件加密系统[J]. 重庆大学学报, 2020, 43(11):45-55. Wu J N, Tang Q, He M L, et al. Intranet file encryption system fused with quantum key[J]. Journal of Chongqing University, 2020, 43(11):45-55. (in Chinese)
[11] 熊英, 唐小康, 陈娟. 一种利用量子密钥提升移动办公系统安全性的方法:中国, CN109756325A[P]. 2019.
[12] 郑涛, 昌燕, 张仕斌. 基于信任评估的量子区块链网络匿名选举协议[J]. 计算机应用研究, 2020, 37(12):3708-3711. Zheng T, Chang Y, Zhang S B. Quantum blockchain network anonymous election protocol based on trust evaluation[J]. Application Research of Computers, 2020, 37(12):3708-3711. (in Chinese)
[13] 姚英英, 常晓林, 甄平. 基于区块链的去中心化身份认证及密钥管理方案[J]. 网络空间安全, 2019, 10(6):33-39. Yao Y Y, Chang X L, Zhen P. Decentralized identity authentication and key management scheme based on blockchain[J]. Cyberspace Security, 2019, 10(6):33-39. (in Chinese)
[14] 李晓星, 孟坤. 保障内容安全的量子密钥应用综述[J]. 计算机工程, 2019, 45(12):19-25, 37. Li X X, Meng K. A review of quantum key applications for content security[J]. Computer Engineering, 2019, 45(12):19-25, 37. (in Chinese)
[15] 石润华, 苟湘淋, 石泽, 等. 一种基于区块链的量子密钥分配方法:中国, CN110932855A[P]. 2020.
[16] 石润华, 石泽. 基于区块链技术的物联网密钥管理方案[J]. 信息网络安全, 2020, 20(8):1-8. Shi R H, Shi Z. IoT key management scheme based on blockchain technology[J]. Information Network Security, 2020, 20(8):1-8. (in Chinese)
Options
文章导航

/