CN111865589B - Quantum communication encryption system and method for realizing mobile communication quantum encryption transmission - Google Patents
Quantum communication encryption system and method for realizing mobile communication quantum encryption transmission Download PDFInfo
- Publication number
- CN111865589B CN111865589B CN202010820797.5A CN202010820797A CN111865589B CN 111865589 B CN111865589 B CN 111865589B CN 202010820797 A CN202010820797 A CN 202010820797A CN 111865589 B CN111865589 B CN 111865589B
- Authority
- CN
- China
- Prior art keywords
- quantum
- key
- encryption
- service platform
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The application provides a quantum communication encryption system for realizing mobile communication quantum encryption transmission and an application method thereof, wherein the quantum communication encryption system comprises: a quantum communications network; the quantum key filling machine and the quantum key distribution equipment at the quantum key filling machine end are arranged; the quantum encryption equipment is arranged at the business service platform end, the quantum security service platform and the quantum key distribution equipment at the service platform end; and the quantum terminal encryption module is arranged on the mobile terminal. The application does not change the existing encryption system and flow of mobile communication and does not increase the link of encryption of an information transmission link, and the security of the working key is enhanced and ensured by enhancing the fusion of the key distributed by the public and private key system and the key distributed by the quantum communication technology, thereby having the capability of resisting quantum computation.
Description
Technical Field
The application relates to the field of mobile communication security, in particular to a quantum communication encryption system and a method for realizing mobile communication quantum encryption transmission.
Background
Currently, mobile users use link encryption measures from the internet to a service center: the transmission encryption is mainly carried out by adopting a public-private key system and a symmetric key combination system.
The public and private key system is combined with the symmetric key, the link encryption adopts a symmetric encryption mode, and the working key is distributed on the public network through the public and private key system. And a pair of public and private keys are respectively shared between the central site and each mobile terminal, the central site generates a working key, encrypts the working key by adopting the public key and sends the working key to the mobile terminals, and the mobile terminals decrypt by adopting the paired private keys to obtain the working key. The link between the mobile terminal and the central site can encrypt and decrypt the working key as the key of the symmetric encryption algorithm to realize link encryption.
The security of the working key is based on the computational mathematic principle of an asymmetric key system, the public key system encryption algorithm based on the mathematical difficulty problem faces the challenges of improving the computing capability of a computer, particularly with the rapid development of quantum computer technology, particularly with the combination of a corresponding cracking algorithm (such as a shor algorithm), and the mathematical difficulty problem can be solved in polynomial time under a quantum computing model. This means that public key cryptographic algorithms based on the mathematical difficulty problem are no longer secure under quantum computing models. Thus, the working key protected based on the public-private key algorithm is unsafe, and the link encryption has security threat.
Disclosure of Invention
In order to solve the above technical problems, the present application provides a quantum communication encryption system for realizing mobile communication quantum encryption transmission, the quantum communication encryption system comprising: a quantum communications network; the quantum key filling machine and the quantum key distribution equipment at the quantum key filling machine end are arranged; the quantum encryption equipment is arranged at the business service platform end, the quantum security service platform and the quantum key distribution equipment at the service platform end; the quantum terminal encryption module is arranged on the mobile terminal; the quantum key filling machine is connected to a quantum communication network through quantum key distribution equipment at the quantum key filling machine end and service platform end through quantum key distribution equipment at the service platform end, the quantum security service platform uniformly manages quantum keys, and the quantum key filling machine obtains matched paired quantum keys according to requirements; at a service platform end, the quantum security service platform provides a quantum key for quantum encryption equipment; under unified management and scheduling of a quantum security service platform, a quantum key filling machine fills a quantum key for a quantum terminal encryption module of a mobile terminal; and the quantum encryption equipment is matched with the quantum terminal encryption module, and based on the quantum key, the quantum terminal encryption module and a key distributed by a public key system and a private key system of the mobile terminal and the business service platform are fused and enhanced to realize link encryption and decryption.
In one embodiment, the quantum security service platform realizes the release, filling, cancellation and loss reporting management of the quantum terminal encryption module, and realizes the full life cycle management of all filled quantum keys.
In one embodiment, after the quantum terminal encryption module is secondarily released and filled by the quantum security service platform, the quantum key is encrypted and securely stored in the quantum terminal encryption module, and an authentication information encryption and decryption operation function based on the quantum key is provided.
In one embodiment, the quantum terminal encryption module completes the generation of the working key and the encryption and decryption of the transmission link.
In one embodiment, the quantum key distribution device is connected with the quantum communication network through a quantum channel and a classical communication channel, completes end-to-end symmetric key distribution under the unified configuration scheduling of the quantum communication network, provides a key output service interface, and exports a quantum key to the quantum key filling machine and the quantum security service platform.
In one embodiment, the present application provides a method for applying the quantum communication encryption system of the system, the method comprising the following steps: step 1: based on the quantum communication network, the quantum key is distributed, and the service platform end and the quantum key filling machine are respectively connected into the quantum communication network through quantum key filling machine end quantum key distribution equipment and service platform end quantum key distribution equipment; step 2: at a service platform end, a quantum security service platform provides a quantum key for quantum encryption equipment; step 3: under the unified management and scheduling of the quantum security service platform, the quantum key filling machine fills the quantum key for the quantum terminal encryption module at the mobile terminal; and step 4: and carrying out key negotiation between the quantum encryption equipment and the quantum terminal encryption module to form an encrypted working key.
In one embodiment, the step 4 includes the steps of: step 41: a pair of public and private keys are arranged between the quantum terminal encryption module and the quantum encryption equipment, the quantum encryption equipment generates a secret key K1, the secret key K1 is encrypted by the public key, ciphertext is sent to the quantum terminal encryption module through the Internet, and the quantum terminal encryption module decrypts the ciphertext by the private key to obtain the secret key K1; step 42: under the management negotiation of the quantum security service platform, the quantum terminal encryption module charges the quantum key through the quantum key charging machine; step 43: the quantum terminal encryption module and the quantum encryption equipment negotiate through a quantum security service platform to obtain a pair of shared quantum keys K2; step 44: the quantum terminal encryption module and the quantum encryption equipment both have keys K1 and K2, and the K1 and the K2 are subjected to heterogeneous processing in a heterogeneous mode which is negotiated in advance by the two parties to obtain a working key K; and step 45: the quantum terminal encryption module and the quantum encryption equipment encrypt and decrypt the communication link by adopting an original encryption algorithm and protocol between the mobile terminal and the service platform terminal based on the working key K.
The meaning of technical terms applied in the present application is explained as follows.
Symmetric encryption: the same key is used for encryption and decryption of information by adopting an encryption method of a single key cryptosystem.
Asymmetric cryptosystem: an asymmetric cryptosystem, also called a double key cryptosystem or a public key cryptosystem, means that encryption and decryption operations use two different keys (public key and private key), respectively, and it is not possible to derive a decryption key from an encryption key.
Key: key information or parameters controlling the operation of the cryptographic algorithm.
Quantum communication technology: quantum communication is an important branch of quantum information science, and is a communication technology for performing information interaction by using a quantum state as an information carrier, and quantum key distribution (Quantum Key Distribution, QKD) is a quantum information technology which is first put into practical use, and is an important direction of quantum communication. Quantum key distribution can share keys in an information theoretically secure manner between spatially separated users.
Quantum secret communication: the method is an encrypted communication security solution formed by taking QKD technology with information theory security certification as a key distribution functional component and combining proper key management, secure cryptographic algorithm and protocol.
Quantum encryption device/quantum terminal encryption module: encryption equipment based on quantum keys, such as IPSec VPN, SSL VPN, network encryptor and the like, wherein the keys are provided by a quantum communication network or a quantum key storage medium, the original cryptosystem such as a cryptographic algorithm and a cryptographic protocol is unchanged, and the point-to-point or point-to-multipoint link encryption function is realized.
The application has the following beneficial effects:
(1) The application does not change the existing encryption system and flow, does not increase the link of information transmission link encryption, and enhances the security of the working key by enhancing the fusion enhancement of the key distributed by the public and private key system and the key distributed by the quantum communication technology, thereby having the capability of resisting quantum computation.
(2) The quantum communication network is used for realizing wide-area symmetric key secure distribution, so that the problem of difficult key distribution and transmission in the traditional symmetric cryptographic technology application is solved, the links of manual participation are reduced, the system key updating frequency is improved, the safety is improved, and the system operation and maintenance cost is reduced.
(3) The application can be integrated with the traditional encryption equipment, is an optional safe value-added service for users with high safety requirements, and is convenient for the implementation of users and application service providers.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments described in the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram of a quantum communication encryption system for realizing mobile communication quantum encryption transmission;
FIG. 2 is a schematic diagram of a traffic flow of a quantum communication encryption system for implementing mobile communication quantum encryption transmission according to the present application; and
fig. 3 is a schematic flow chart of forming an encrypted working key between the quantum encryption device and the quantum terminal encryption module of the present application.
Detailed Description
In order that those skilled in the art will better understand the technical solutions of the present application, the present application will be further described with reference to examples, and it is apparent that the described examples are only some of the examples of the present application, not all the examples. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, shall fall within the scope of the application. The application will be further described with reference to the accompanying drawings and examples
As shown in fig. 1, the quantum communication encryption system for realizing mobile communication quantum encryption transmission of the application comprises a quantum communication network; the quantum key filling machine and the quantum key distribution equipment at the quantum key filling machine end are arranged; the quantum encryption equipment is arranged at the business service platform end, the quantum security service platform and the quantum key distribution equipment at the service platform end; and the quantum terminal encryption module is arranged on the mobile terminal.
Quantum security service platform: the method mainly realizes the management of issuing, filling, cancellation, loss reporting and the like of the quantum terminal encryption module, and realizes the full life cycle management of all filled quantum keys.
Quantum key filling machine: the quantum key distribution equipment is connected to the quantum communication network and then to the quantum security service platform, so that the local quantum terminal encryption module can be filled with the key under the control and dispatch of the quantum security service platform.
Quantum encryption device: and the link encryption and decryption is realized by combining the public key system with the quantum terminal encryption module and carrying out fusion enhancement on the key distributed by the public key system based on the quantum key.
Quantum terminal encryption module: the general intelligent cipher key which accords with the GM/T0016-2012 intelligent cipher key cipher application interface specification can be in the forms of USB key, TF card, software module and the like, can be used for encrypting and safely storing a quantum key in the module after being secondarily released and filled by a quantum safety service platform, and provides an authentication information encryption and decryption operation function based on the quantum key. Meanwhile, the quantum terminal encryption module completes the generation of a working key and the encryption and decryption of a transmission link.
Quantum key distribution device: the terminal device meets the requirements of a quantum communication network related system, is connected with the quantum communication network through a quantum channel and a classical communication channel, completes end-to-end symmetric key distribution under the unified configuration and scheduling of a quantum communication network management system, provides a key output service interface, and can export a quantum key to corresponding management and application equipment.
As shown in fig. 2, the present application is a schematic business flow diagram of a quantum communication encryption system for realizing mobile communication quantum encryption transmission. The application discloses a business flow of a quantum communication encryption system for realizing mobile communication quantum encryption transmission, which comprises the following steps.
Based on the quantum communication network, the quantum key is distributed, and the service platform end and the quantum key filling machine are respectively connected into the quantum communication network through quantum key filling machine end quantum key distribution equipment and service platform end quantum key distribution equipment;
at a service platform end, a quantum security service platform provides a quantum key for quantum encryption equipment;
under the unified management and scheduling of the quantum security service platform, the quantum key filling machine fills the quantum key for the quantum terminal encryption module at the mobile terminal;
key negotiation is carried out between the quantum encryption equipment and the quantum terminal encryption module to form an encrypted working key; the specific flow is shown in fig. 3.
The public and private key system is adopted to distribute the secret key K1: a pair of public and private keys are arranged between the quantum terminal encryption module and the quantum encryption equipment, the quantum encryption equipment generates a secret key K1, the secret key K1 is encrypted by the public key, ciphertext is sent to the quantum terminal encryption module through the Internet, and the quantum terminal encryption module decrypts the ciphertext by the private key to obtain the secret key K1.
Quantum key agreement distribution K2: under the management negotiation of the quantum security service platform, the quantum terminal encryption module charges the quantum key through the quantum key charging machine; the quantum terminal encryption module and the quantum encryption equipment obtain a pair of shared quantum keys K2 through negotiation of a quantum security service platform.
Generating a working key K: the quantum terminal encryption module and the quantum encryption equipment both have keys K1 and K2, and the work key K is obtained by carrying out heterogeneous processing on the K1 and the K2 in a heterogeneous mode which is negotiated in advance by the two parties. The safety of the working key K is jointly ensured by a key K1 distributed by a public and private key system and a key K2 distributed by a quantum communication technology, and the safety is improved.
Link encryption and decryption are carried out based on the working key: the quantum terminal encryption module and the quantum encryption equipment encrypt and decrypt the communication link by adopting an original encryption algorithm and protocol between the mobile terminal and the service platform terminal based on the working key K.
(4) And carrying out key negotiation between the quantum encryption equipment of the service platform and the quantum terminal encryption module of the mobile terminal to form an encrypted working key, wherein the specific flow is shown in fig. 3.
A pair of public and private keys are arranged between a quantum terminal encryption module of a mobile user and quantum encryption equipment of a service platform, the quantum encryption equipment of the service platform generates a secret key K1, the secret key K1 is encrypted by the public key, ciphertext is sent to the quantum terminal encryption module of the mobile user through the Internet, and the quantum terminal encryption module decrypts the ciphertext by the private key to obtain the secret key K1.
Under the management negotiation of the quantum security service platform, the quantum terminal encryption module charges the quantum key through the quantum key charging machine. The quantum terminal encryption module of the mobile user and the quantum encryption equipment of the business service platform are negotiated through the quantum security service platform to obtain a pair of shared quantum keys K2.
The quantum terminal encryption module of the mobile user and the quantum encryption equipment of the service center both have keys K1 and K2, and the K1 and the K2 are subjected to heterogeneous processing in a heterogeneous mode which is negotiated in advance by the two parties, so that a working key K is obtained. The safety of the working key K is jointly ensured by a key K1 distributed by a public and private key system and a key K2 distributed by a quantum communication technology, and the safety is improved.
The quantum terminal encryption module of the mobile user and the quantum encryption equipment of the service center encrypt and decrypt the communication link by adopting the original encryption algorithm and protocol based on the working key K.
It will be readily appreciated by those skilled in the art that the above advantageous ways can be freely combined and superimposed without conflict.
The foregoing description of the preferred embodiments of the application is not intended to be limiting, but rather is intended to cover all modifications, equivalents, and alternatives falling within the spirit and principles of the application. The foregoing is merely a preferred embodiment of the present application, and it should be noted that it will be apparent to those skilled in the art that modifications and variations can be made without departing from the technical principles of the present application, and these modifications and variations should also be regarded as the scope of the application.
Claims (7)
1. The quantum communication encryption system for realizing mobile communication quantum encryption transmission is characterized by comprising the following components: a quantum communications network; the device comprises a quantum key filling machine and quantum key distribution equipment arranged at the quantum key filling machine end; the quantum encryption equipment is arranged at the business service platform end, the quantum security service platform and the quantum key distribution equipment at the quantum security service platform end; the quantum terminal encryption module is arranged on the mobile terminal;
the quantum key filling machine is connected to a quantum communication network through quantum key filling machine side quantum key distribution equipment and connected to the quantum communication network through quantum security service platform side quantum key distribution equipment, the quantum security service platform uniformly manages quantum keys, and the quantum key filling machine obtains matched paired quantum keys according to requirements;
at a service platform end, the quantum security service platform provides a quantum key for quantum encryption equipment;
under unified management and scheduling of a quantum security service platform, a quantum key filling machine fills a quantum key for a quantum terminal encryption module of a mobile terminal; and
the quantum encryption equipment is matched with the quantum terminal encryption module, and based on a quantum key, the quantum encryption equipment and a key distributed by a public key system and a private key system of the mobile terminal and the service platform are fused and enhanced to realize link encryption and decryption;
a pair of public and private keys are arranged between the quantum terminal encryption module and the quantum encryption equipment, the quantum encryption equipment generates a secret key K1, the secret key K1 is encrypted by the public key, ciphertext is sent to the quantum terminal encryption module through the Internet, and the quantum terminal encryption module decrypts the ciphertext by the private key to obtain the secret key K1;
under the management negotiation of the quantum security service platform, the quantum terminal encryption module charges the quantum key through the quantum key charging machine; the quantum terminal encryption module and the quantum encryption equipment negotiate through a quantum security service platform to obtain a pair of shared quantum keys K2;
the quantum terminal encryption module and the quantum encryption equipment both have keys K1 and K2, and the work key K is obtained by carrying out heterogeneous processing on the K1 and the K2 in a heterogeneous mode which is negotiated in advance by the two parties.
2. The quantum communication encryption system of claim 1, wherein the quantum security service platform enables issuance, filling, cancellation, loss reporting management of quantum terminal encryption modules and full lifecycle management of all filled quantum keys.
3. The quantum communication encryption system according to claim 1, wherein the quantum terminal encryption module encrypts and securely stores a quantum key in the module after secondary issuing and filling by the quantum security service platform, and provides an authentication information encryption and decryption operation function based on the quantum key.
4. The quantum communication encryption system of claim 3, wherein the quantum terminal encryption module performs the generation of the working key and the encryption and decryption of the transmission link.
5. The quantum communication encryption system of claim 1 wherein the quantum key distribution device is connected to the quantum communication network through a quantum channel and a classical communication channel, performs end-to-end symmetric key distribution under a unified configuration schedule of the quantum communication network, and provides a key output service interface to export the quantum key to the quantum key charger and the quantum security service platform.
6. A method of using a quantum communication encryption system according to any one of claims 1 to 5, characterized in that the method comprises the steps of:
step 1: based on the quantum communication network, the quantum key is distributed, and the service platform end and the quantum key filling machine are respectively connected into the quantum communication network through quantum key filling machine end quantum key distribution equipment and service platform end quantum key distribution equipment;
step 2: at a service platform end, a quantum security service platform provides a quantum key for quantum encryption equipment;
step 3: under the unified management and scheduling of the quantum security service platform, the quantum key filling machine fills the quantum key for the quantum terminal encryption module at the mobile terminal; and
step 4: and carrying out key negotiation between the quantum encryption equipment and the quantum terminal encryption module to form an encrypted working key.
7. The application method according to claim 6, wherein the step 4 comprises the steps of:
step 41: a pair of public and private keys are arranged between the quantum terminal encryption module and the quantum encryption equipment, the quantum encryption equipment generates a secret key K1, the secret key K1 is encrypted by the public key, ciphertext is sent to the quantum terminal encryption module through the Internet, and the quantum terminal encryption module decrypts the ciphertext by the private key to obtain the secret key K1;
step 42: under the management negotiation of the quantum security service platform, the quantum terminal encryption module charges the quantum key through the quantum key charging machine;
step 43: the quantum terminal encryption module and the quantum encryption equipment negotiate through a quantum security service platform to obtain a pair of shared quantum keys K2;
step 44: the quantum terminal encryption module and the quantum encryption equipment both have keys K1 and K2, and the K1 and the K2 are subjected to heterogeneous processing in a heterogeneous mode which is negotiated in advance by the two parties to obtain a working key K; and
step 45: the quantum terminal encryption module and the quantum encryption equipment encrypt and decrypt the communication link by adopting an original encryption algorithm and protocol between the mobile terminal and the service platform terminal based on the working key K.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010820797.5A CN111865589B (en) | 2020-08-14 | 2020-08-14 | Quantum communication encryption system and method for realizing mobile communication quantum encryption transmission |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010820797.5A CN111865589B (en) | 2020-08-14 | 2020-08-14 | Quantum communication encryption system and method for realizing mobile communication quantum encryption transmission |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111865589A CN111865589A (en) | 2020-10-30 |
| CN111865589B true CN111865589B (en) | 2023-09-08 |
Family
ID=72968982
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010820797.5A Active CN111865589B (en) | 2020-08-14 | 2020-08-14 | Quantum communication encryption system and method for realizing mobile communication quantum encryption transmission |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111865589B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114697008B (en) * | 2020-12-30 | 2024-03-12 | 科大国盾量子技术股份有限公司 | Communication system and method based on quantum security SIM card, quantum security SIM card and key service platform |
| CN113612608B (en) * | 2021-08-13 | 2024-04-19 | ***量子科技有限公司 | Method and system for realizing cluster encryption of dual-mode interphone based on public network |
| CN114095167A (en) * | 2021-11-24 | 2022-02-25 | 安徽国盾量子云数据技术有限公司 | Quantum key filling method of communication terminal |
| CN114079563B (en) * | 2022-01-06 | 2022-04-12 | 天津市城市规划设计研究总院有限公司 | Data security disaster recovery method and system based on quantum key distribution |
| CN114419928B (en) * | 2022-01-27 | 2022-09-30 | 合肥工业大学 | Vehicle road cloud cooperative control system and method based on quantum communication |
| CN114531238B (en) * | 2022-04-24 | 2022-07-19 | ***量子科技有限公司 | Secret key safe filling method and system based on quantum secret key distribution |
| CN114726523B (en) * | 2022-05-18 | 2022-09-13 | 北京国科量子共创通信科技研究院有限公司 | Password application service system and quantum security capability open platform |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN201830272U (en) * | 2010-09-17 | 2011-05-11 | 安徽问天量子科技股份有限公司 | Network encryption machine based on quantum keys |
| CN105357001A (en) * | 2015-12-10 | 2016-02-24 | 安徽问天量子科技股份有限公司 | Quantum secrete key dynamic distribution management method and system |
| CN107070642A (en) * | 2016-12-26 | 2017-08-18 | 贵州银行股份有限公司 | Multi-brand cipher machine heterogeneous resource pond multiplexing technology |
| CN109639407A (en) * | 2018-12-28 | 2019-04-16 | 浙江神州量子通信技术有限公司 | A method of information is encrypted and decrypted based on quantum network |
| CN110098922A (en) * | 2019-03-29 | 2019-08-06 | 国家电网有限公司信息通信分公司 | A kind of quantum key merges encryption device and method with the integral type of classic key |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106161402B (en) * | 2015-04-22 | 2019-07-16 | 阿里巴巴集团控股有限公司 | Encryption equipment key injected system, method and device based on cloud environment |
-
2020
- 2020-08-14 CN CN202010820797.5A patent/CN111865589B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN201830272U (en) * | 2010-09-17 | 2011-05-11 | 安徽问天量子科技股份有限公司 | Network encryption machine based on quantum keys |
| CN105357001A (en) * | 2015-12-10 | 2016-02-24 | 安徽问天量子科技股份有限公司 | Quantum secrete key dynamic distribution management method and system |
| CN107070642A (en) * | 2016-12-26 | 2017-08-18 | 贵州银行股份有限公司 | Multi-brand cipher machine heterogeneous resource pond multiplexing technology |
| CN109639407A (en) * | 2018-12-28 | 2019-04-16 | 浙江神州量子通信技术有限公司 | A method of information is encrypted and decrypted based on quantum network |
| CN110098922A (en) * | 2019-03-29 | 2019-08-06 | 国家电网有限公司信息通信分公司 | A kind of quantum key merges encryption device and method with the integral type of classic key |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111865589A (en) | 2020-10-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111865589B (en) | Quantum communication encryption system and method for realizing mobile communication quantum encryption transmission | |
| CN111865590B (en) | Working key distribution system based on quantum secret communication technology in financial field and application method thereof | |
| CN103475464B (en) | A kind of power special quantum encryption gateway system | |
| CN110581763B (en) | Quantum key service block chain network system | |
| CN109412794B (en) | Quantum key automatic charging method and system suitable for power business | |
| CN112887338B (en) | Identity authentication method and system based on IBC identification password | |
| CN108880800B (en) | Power distribution and utilization communication system and method based on quantum secret communication | |
| CN103957109A (en) | Cloud data privacy protection security re-encryption method | |
| US20140325225A1 (en) | Self-authenticated method with timestamp | |
| CN108432205A (en) | Use the system and method for the multi-party communication of the safety of agency | |
| CN101340443A (en) | Session key negotiating method, system and server in communication network | |
| CN103763099A (en) | Electric power security communication network based on quantum key distribution technology | |
| CN112104453B (en) | Anti-quantum computation digital signature system and signature method based on digital certificate | |
| WO2023082599A1 (en) | Blockchain network security communication method based on quantum key | |
| CN110601825B (en) | Ciphertext processing method and device, storage medium and electronic device | |
| CN104219217A (en) | SA (security association) negotiation method, device and system | |
| CN111953492A (en) | ERP networking monitoring system based on quantum key encryption and application method thereof | |
| CN104158880A (en) | User-end cloud data sharing solution | |
| CN203851153U (en) | Electric power security communication network based on quantum key distribution technology | |
| CN113572607B (en) | Secure communication method adopting unbalanced SM2 key exchange algorithm | |
| CN108234114A (en) | A kind of implementation method of the SSL based on hardware encryption algorithm | |
| CN104901803A (en) | Data interaction safety protection method based on CPK identity authentication technology | |
| CN101931623B (en) | Safety communication method suitable for remote control with limited capability at controlled end | |
| CN109756325A (en) | A method of mobile office system safety is promoted using quantum key | |
| CN110098922A (en) | A kind of quantum key merges encryption device and method with the integral type of classic key |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |