基于密钥双同步的量子密钥通用服务模式研究

doi:10.3969/j.issn.1671-1122.2025.10.006

信息网络安全 ›› 2025, Vol. 25 ›› Issue (10): 1546-1553.doi: 10.3969/j.issn.1671-1122.2025.10.006

基于密钥双同步的量子密钥通用服务模式研究

谢四江¹^,²(), 冯雁¹^,², 阎亚龙¹^,², 宁飞³

1.中国科学技术大学网络空间安全学院，合肥 230026
2.北京电子科技学院网络空间安全系，北京 100070
3.长沙医学院信息工程学院，长沙 410219

收稿日期:2025-02-05 出版日期:2025-10-10 发布日期:2025-11-07
通讯作者: 谢四江 E-mail:xiesj@besti.edu.cn
作者简介:谢四江（1971—），男，湖北，正高级工程师，博士研究生，主要研究方向为密码系统、量子保密通信网络安全体系|冯雁（1979—），女，江西，副教授，博士研究生，主要研究方向为量子保密通信网络安全体系、后量子密码学|阎亚龙（1976—），男，青海，高级工程师，博士研究生，主要研究方向为量子保密通信网络安全体系、后量子密码学|宁飞（1981—），男，山东，高级工程师，博士，主要研究方向为量子保密通信网络安全体系、数据安全
基金资助:
科技创新2030—“量子通信与量子计算机”重大项目(2021ZD0301301);中央高校基本科研业务费专项资金(32820230057Z0114)

Research on Universal Service Mode of Quantum Key Based on Dual Key Synchronization

XIE Sijiang¹^,²(), FENG Yan¹^,², YAN Yalong¹^,², NING Fei³

1. School of Cyber Science and Technology, University of Science and Technology of China, Hefei 230026, China
2. Department of Cyberspace Security, Beijing Electronic Science and Technology Institute, Beijing 100070, China
3. College of Information Engineering, Changsha Medical University, Changsha 410219, China

Received:2025-02-05 Online:2025-10-10 Published:2025-11-07
Contact: XIE Sijiang E-mail:xiesj@besti.edu.cn

摘要/Abstract

摘要：

针对量子密钥分发网络中量子密钥服务通用性不足和服务质量保障不完善等问题，文章提出一种基于密钥双同步的量子密钥通用服务模式。该模式首先从抽象层面设计量子密钥分发网络应用模型，明确量子密钥分发网络服务于密码系统、密钥管理系统和用户应用系统的具体方式；其次，提出动态端到端、静态端到端、动态群组和静态群组4类量子密钥服务，实现对多种密码应用场景的更优适配；然后，引入基于双密钥池的密钥双同步机制，有效解决了量子密钥分发网络在端到端量子密钥分发过程中出现的密钥竞争使用和密钥服务可靠性保障等问题；最后，在量子密钥服务中实现上述4类量子密钥通用服务和密钥双同步机制。文章在实际量子密钥分发网络中对量子密钥服务进行测试，验证了该模式能够支持量子密钥分发技术与用户经典密码应用的有效融合，为量子密钥分发网络的大规模应用提供了技术支撑。

关键词: 量子密钥, 通用服务, 端到端密钥, 群组密钥, 密钥双同步

Abstract:

A universal service mode of quantum key based on dual key synchronization was proposed in order to address the problems of quantum key service of quantum key distribution network, such as limited universality and lack of service quality assurance. In this general service mode, the application model of quantum key distribution network was first designed abstractly, the concrete ways of quantum key distribution network serving cryptographic systems, key management systems and applications were given. Secondly, four types of universal quantum key services, namely dynamic end-to-end key service, static end-to-end key service, dynamic group key service and static group key service, were proposed to realize the optimal adaptation of quantum key service to multiple cryptographic application scenarios. Then, a dual key synchronization mechanism based on dual types of key pools was proposed, which effectively addressed the problems of competitive use of quantum key and reliability assurance of quantum key service for the end-to-end quantum key distribution in quantum key distribution network. Finally, the four types of universal quantum key services and the dual key synchronization mechanism were implemented in quantum key service. Through the testing of quantum key service in quantum key distribution network, it has been verified that the proposed universal service mode of quantum key can support the effective integration of quantum key distribution technology and classic cryptographic applications, and can provide support for the large-scale application of quantum key distribution network.

Key words: quantum key, universal service, end-to-end key, group key, dual key synchronization

中图分类号:

TP309

谢四江, 冯雁, 阎亚龙, 宁飞. 基于密钥双同步的量子密钥通用服务模式研究[J]. 信息网络安全, 2025, 25(10): 1546-1553.

XIE Sijiang, FENG Yan, YAN Yalong, NING Fei. Research on Universal Service Mode of Quantum Key Based on Dual Key Synchronization[J]. Netinfo Security, 2025, 25(10): 1546-1553.

图/表 10

图1

图2

图3

表1

图4

图5

图6

图7

图8

图9

参考文献 20

[1]	LO H K, CURTY M, QI Bing. Measurement-Device-Independent Quantum Key Distribution[EB/OL]. (2012-03-30)[2025-01-03]. https://journals.aps.org/prl/abstract/10.1103/PhysRevLett.108.130503.
[2]	LUCAMARINI M, YUAN Zhiliang, DYNES J F, et al. Overcoming the Rate-Distance Limit of Quantum Key Distribution without Quantum Repeaters[J]. Nature, 2018, 557(7705): 400-403. doi: 10.1038/s41586-018-0066-6
[3]	XIE Yuanmei, LU Yushuo, WENG Chenxun, et al. Breaking the Rate-Loss Bound of Quantum Key Distribution with Asynchronous Two-Photon Interference[EB/OL]. (2022-04-26)[2025-01-03]. https://arxiv.org/abs/2112.11635.
[4]	ZENG Pei, ZHOU Hongyi, WU Weijie, et al. Mode-Pairing Quantum Key Distribution[EB/OL]. (2022-07-07)[2025-01-03]. https://www.nature.com/articles/s41467-022-31534-7.
[5]	YANG Yuguang, LIU Bingxin, XU Guangbao, et al. High-Dimensional Quantum Key Distribution via Time-Bin Multiplexing and Applications[J]. Netinfo Security, 2024, 24(6): 879-892.
	杨宇光, 刘冰心, 徐光宝, 等. 基于时间仓复用的高维量子密钥分发及应用[J]. 信息网络安全, 2024, 24(6): 879-892.
[6]	SASAKI M, FUJIWARA M, ISHIZUKA H, et al. Field Test of Quantum Key Distribution in the Tokyo QKD Network[J]. Optics Express, 2011, 19(11): 10387-10409. doi: 10.1364/OE.19.010387 pmid: 21643295
[7]	PATTARANANTAKUL M, SANGUANNAM K, SANGWONGNGAM P, et al. Efficient Key Management Protocol for Secure RTMP Video Streaming toward Trusted Quantum Network[J]. ETRI Journal, 2015, 37(4): 696-706. doi: 10.4218/etrij.15.0114.0883 URL
[8]	TAJIMA A, KONDOH T, OCHI T, et al. Quantum Key Distribution Network for Multiple Applications[EB/OL]. (2017-07-06)[2025-01-03]. https://www.semanticscholar.org/paper/Quantum-key-distribution-network-for-multiple-Tajima-Kondoh/9bf9a246ba540c4fb6b222a57ad740382ab424b9.
[9]	TANIZAWA Y, TAKAHASHI R, SATO H, et al. An Approach to Integrate Quantum Key Distribution Technology into Standard Secure Communication Applications[C]// IEEE. 2017 Ninth International Conference on Ubiquitous and Future Networks (ICUFN). New York: IEEE, 2017: 880-886.
[10]	YD/T 4303-2023 Technical Specifications for Quantum Secure Communication Application Equipment Based on IPSec Protocol[S]. Beijing: Posts & Telecom Press, 2023.
	YD/T 4303-2023 基于IPSec协议的量子保密通信应用设备技术规范[S]. 北京: 人民邮电出版社, 2023.
[11]	ETSI GS QKD 004-2010 Quantum Key Distribution (QKD); Application Interface (V1.1.1)[S]. Nice: ETSI, 2010.
[12]	ETSI GS QKD 004-2020 Quantum Key Distribution (QKD); Application Interface (V2.1.1)[S]. Nice: ETSI, 2020.
[13]	ETSI GS QKD 014-2019 Quantum Key Distribution (QKD); Protocol and Data Format of REST-Based Key Delivery API (V1.1.1)[S]. Nice: ETSI, 2019.
[14]	AGUADO A, LOPEZ V, LOPEZ D, et al. The Engineering of Software-Defined Quantum Key Distribution Networks[J]. IEEE Communications Magazine, 2019, 57(7): 20-26. doi: 10.1109/MCOM.2019.1800763
[15]	YD/T 4410.1-2023 Quantum Key Distribution (QKD) Network Ak Interface Technical Requirements Part 1: Application Programming Interface (API)[S]. Beijing: China Communications Standards Association, 2023.
	YD/T 4410.1-2023 量子密钥分发(QKD)网络Ak接口技术要求第1部分:应用程序接口(API)[S]. 北京: 中国通信标准化协会, 2023.
[16]	YIN Hao, HAN Yang. Principle and Technology of Quantum Communication[M]. Beijing: Publishing House of Electronics Industry, 2013.
	尹浩, 韩阳. 量子通信原理与技术[M]. 北京: 电子工业出版社, 2013.
[17]	PEEV M, POPPE A, MAURHART O, et al. The SECOQC Quantum Key Distribution Network in Vienna[C]// IEEE. 2009 35th European Conference on Optical Communication. New York: IEEE, 2009: 1-4.
[18]	YANG Chao, ZHANG Hongqi, SU Jinhai, et al. Wide-Area Quantum Key Distribution Network Model Based on Trusted Relaying[J]. Advanced Engineering Sciences, 2018, 50(2): 152-162.
	杨超, 张红旗, 苏锦海, 等. 基于可信中继的广域量子密钥网络模型研究[J]. 工程科学与技术, 2018, 50(2): 152-162.
[19]	BENNET C H, BRASSARD G. Quantum Cryptography: Public Key Distribution and Coin Tossing[C]// IEEE. International Conference on Computers, Systems, and Signal Processing. New York: IEEE, 1984: 175-179.
[20]	FENG Yan, LIU Nian, XIE Sijiang, A Bi-Directional Use Scheme of Quantum Key Pool[J]. Netinfo Security, 2020, 20(12): 40-46.
	冯雁, 刘念, 谢四江. 一种量子密钥池的双向使用方案[J]. 信息网络安全, 2020, 20(12): 40-46.

服务功能	密码系统			密钥管理系统		应用系统
服务功能	会话密钥	报文密钥	…	预置密钥	工作密钥	敏感信息
安全传输	√	√	…	√	√	√
密钥生成	√	√	…	—	√	—

基于密钥双同步的量子密钥通用服务模式研究

Research on Universal Service Mode of Quantum Key Based on Dual Key Synchronization

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 10

参考文献 20

相关文章 11

编辑推荐

Metrics

本文评价

[1]	杨雯, 王天一, 杜俊男, 王成. 基于离散极化调制与离散有界探测的CVQKD安全性分析[J]. 信息网络安全, 2025, 25(5): 806-816.
[2]	何业锋, 蔡明月, 梁熙媛. 基于逻辑$\chi $态的三方半量子密钥协商协议[J]. 信息网络安全, 2025, 25(1): 27-35.
[3]	杨宇光, 刘冰心, 徐光宝, 姜东焕. 基于时间仓复用的高维量子密钥分发及应用[J]. 信息网络安全, 2024, 24(6): 879-892.
[4]	白峻林, 尹华磊. 测量设备无关量子密钥分发中的改进型诱骗态方法[J]. 信息网络安全, 2024, 24(6): 926-936.
[5]	沈延, 姚萌萌. 基于事件的群组密钥协商协议形式化分析研究[J]. 信息网络安全, 2022, 22(5): 30-36.
[6]	谢四江, 高琼, 冯雁. 基于可信中继量子密钥分发网络的最少公共节点多路径路由方案[J]. 信息网络安全, 2021, 21(7): 35-42.
[7]	冯雁, 刘念, 谢四江. 一种量子密钥池的双向使用方案[J]. 信息网络安全, 2020, 20(12): 40-46.
[8]	刘利娟, 李志慧, 支丹利. 可实现身份认证的多方量子密钥分发协议[J]. 信息网络安全, 2020, 20(11): 59-66.
[9]	石金晶, 程佳婧, 陈慧, 周芳. 基于Bell测量与三粒子纠缠态的量子密钥协商协议[J]. 信息网络安全, 2017, 17(6): 56-61.
[10]	黄鹏, 曾贵华. 连续变量量子密钥分发实际安全性研究进展[J]. 信息网络安全, 2017, 17(11): 7-12.
[11]	王勇. 基于QKD的低密钥可信度密码算法[J]. , 2010, (4): 0-0.