In order to ensure a higher security of quantum key from generation, distribution, storage, use, update and destruction, this paper proposes a quantum key lifecycle management scheme based on blockchain. The two-party which has the requirement of confidential communication generates a truly random symmetric quantum negotiation key pool through quantum key distribution devices, and stores it in the quantum device administrator of each party. Then the quantum device administrators of two parties generate quantum key files according to negotiated numbering rules of quantum keys. Users of the two parties respectively apply for quantum keys from their quantum device administrators for communication. In the process of communication, the log information related to the generation, distribution, use, update and destruction of quantum keys is uploaded to a blockchain, and the quantum device administrators and communication users cooperate with the blockchain administrator to complete the management and traceability of the full lifecycle of quantum keys. Theoretical analysis shows that this scheme can solve the problem that quantum key cannot be effectively traced and managed in communication system, and realize the transparency and reliability of management and traceability of quantum key in whole lifecycle.
LIN Yusheng, CHANG Yan, CHEN Tiansu, YU Shipeng, ZHANG Shibin
. Quantum Key Lifecycle Management Based on Blockchain[J]. Journal of Applied Sciences, 2023
, 41(1)
: 170
-182
.
DOI: 10.3969/j.issn.0255-8297.2023.01.013
[1] Bennett C H, Brassard G. Quantum cryptography:public key distribution and coin tossing[C]//IEEE International Conference on Computers Systems and Signal Processing, Baialore, India, 1984:175-179.
[2] Elkouss D, Martinez-Mateo J, Ciurana A, et al. Secure optical networks based on quantum key distribution and weakly trusted repeaters[J]. Journal of Optical Communications & Networking, 2013, 5(4):316-328.
[3] Lo H K, Chau H F. Unconditional security of quantum key distribution over arbitrarily long distances[J]. Science, 1999, 283(5410):2050-2056.
[4] 谭政, 单欣, 孙献平, 等. 利用量子密钥的加密/解密实现身份认证[J]. 量子光学学报, 2006, 12(B8):9. Tan Z, Shan X, Sun X P, et al. Identity authentication using encryption/decryption of quantum key[J]. Acta Sinica Quantum Optica, 2006, 12(B8):9. (in Chinese)
[5] 陈金熠, 王龙. 一种基于医疗区块链的医疗数据管理系统:中国, CN109947844A[P]. 2019.
[6] 高峰, 张鹏飞, 刘念. 量子通信城域网设备部署及应用的研究[J]. 通信电源技术, 2020, 37(1):163-165. Gao F, Zhang P F, Liu N. Research on deployment and application of quantum communication metropolitan area network equipment[J]. Communication Power Supply Technology, 2020, 37(1):163-165. (in Chinese)
[7] 郑祎能. QKD网络量子信道管理关键技术研究[J]. 计算机科学, 2018, 45(增刊1):369-376, 404. Zheng Y N. Research on key technologies of QKD network quantum channel management[J]. Computer Science, 2018, 45(Suppl.1):369-376, 404. (in Chinese)
[8] 王贺. 量子通信网络密钥管理及业务性能仿真研究[D]. 西安:西安电子科技大学.
[9] 查振兴, 高泉, 李强, 等. 基于量子密钥分发的IPSec VPN密码机:中国, CN 108173652A[P]. 2018.
[10] 吴佳楠, 唐祁, 贺曼丽, 等. 融合量子密钥的内网文件加密系统[J]. 重庆大学学报, 2020, 43(11):45-55. Wu J N, Tang Q, He M L, et al. Intranet file encryption system fused with quantum key[J]. Journal of Chongqing University, 2020, 43(11):45-55. (in Chinese)
[11] 熊英, 唐小康, 陈娟. 一种利用量子密钥提升移动办公系统安全性的方法:中国, CN109756325A[P]. 2019.
[12] 郑涛, 昌燕, 张仕斌. 基于信任评估的量子区块链网络匿名选举协议[J]. 计算机应用研究, 2020, 37(12):3708-3711. Zheng T, Chang Y, Zhang S B. Quantum blockchain network anonymous election protocol based on trust evaluation[J]. Application Research of Computers, 2020, 37(12):3708-3711. (in Chinese)
[13] 姚英英, 常晓林, 甄平. 基于区块链的去中心化身份认证及密钥管理方案[J]. 网络空间安全, 2019, 10(6):33-39. Yao Y Y, Chang X L, Zhen P. Decentralized identity authentication and key management scheme based on blockchain[J]. Cyberspace Security, 2019, 10(6):33-39. (in Chinese)
[14] 李晓星, 孟坤. 保障内容安全的量子密钥应用综述[J]. 计算机工程, 2019, 45(12):19-25, 37. Li X X, Meng K. A review of quantum key applications for content security[J]. Computer Engineering, 2019, 45(12):19-25, 37. (in Chinese)
[15] 石润华, 苟湘淋, 石泽, 等. 一种基于区块链的量子密钥分配方法:中国, CN110932855A[P]. 2020.
[16] 石润华, 石泽. 基于区块链技术的物联网密钥管理方案[J]. 信息网络安全, 2020, 20(8):1-8. Shi R H, Shi Z. IoT key management scheme based on blockchain technology[J]. Information Network Security, 2020, 20(8):1-8. (in Chinese)
