Search

CN-122027134-A - Secure communication method, electronic device, and computer program product

CN122027134ACN 122027134 ACN122027134 ACN 122027134ACN-122027134-A

Abstract

The application discloses a secure communication method, electronic equipment and a computer program product, and relates to the technical field of communication, wherein the method comprises the steps of obtaining a secure verification result generated by a target QKD system in a quantum key distribution process; and under the condition that the abnormality exists in the target optical fiber link is determined based on the link scanning result, determining that the security risk exists in the quantum key distributed by the target QKD system, and terminating the quantum key distribution of the target QKD system. The method and the device can improve the identification accuracy of the security risk in the quantum key distribution process.

Inventors

  • ZHANG DONGCHEN
  • ZHU XI
  • LIANG DAPENG

Assignees

  • 中兴通讯股份有限公司

Dates

Publication Date
20260512
Application Date
20260213

Claims (13)

  1. 1. A secure communication method, comprising: The method comprises the steps of obtaining a security verification result generated by a target QKD system in a quantum key distribution process; Under the condition that the quantum key distributed by the target QKD system is determined to be abnormal based on the security verification result, carrying out link scanning on a target optical fiber link through OTDR to obtain a link scanning result of the target optical fiber link, wherein the target optical fiber link is an optical fiber link used by the target QKD system; And in the case that the abnormality exists in the target optical fiber link based on the link scanning result, determining that the security risk exists in the quantum key distributed by the target QKD system, and terminating the quantum key distribution of the target QKD system.
  2. 2. The method for secure communication according to claim 1, wherein after the step of performing link scanning on the target optical fiber link by OTDR to obtain a link scanning result of the target optical fiber link, the method further comprises: And in the case that the target optical fiber link is determined to be not abnormal based on the link scanning result, determining that the quantum key distributed by the target QKD system is not at security risk, and returning to the step of executing the security verification result generated by the target QKD system in the quantum key distribution process.
  3. 3. The secure communication method of claim 1, wherein the method further comprises: And under the condition that the technical route of the target QKD system is DV-QKD, carrying out signal isolation on the quantum signal light of the target QKD system and the classical detection light of the OTDR based on the coding mode of the target QKD system.
  4. 4. A method of secure communications as recited in claim 3, wherein said step of signal isolating quantum signal light of said target QKD system from classical probe light of said OTDR based on the encoding scheme of said target QKD system comprises: In the case that the encoding mode of the target QKD system is polarization encoding, the quantum signal light of the target QKD system and the classical probe light of the OTDR are subjected to frequency isolation and time isolation, or And under the condition that the encoding mode of the target QKD system is phase encoding, frequency isolation, time isolation and polarization isolation are carried out on the quantum signal light of the target QKD system and the classical detection light of the OTDR.
  5. 5. The secure communication method of claim 1, wherein the method further comprises: And in the case that the technical route of the target QKD system is CV-QKD, signal isolation is carried out on quantum signal light of the target QKD system and classical detection light of the OTDR based on the light source type of the target QKD system.
  6. 6. The secure communications method of claim 5, wherein the step of signal isolating quantum signal light of the target QKD system from classical probe light of the OTDR based on a light source type of the target QKD system, comprises: in the case that the light source type of the target QKD system is a pulsed light source, frequency isolation, time isolation and polarization isolation are performed on the quantum signal light of the target QKD system and the classical probe light of the OTDR, or In the case where the light source type of the target QKD system is a continuous light source, frequency isolation and polarization isolation are performed on the quantum signal light of the target QKD system and the classical probe light of the OTDR.
  7. 7. The secure communication method of any of claims 3-6, wherein the step of obtaining the secure authentication result generated by the target QKD system during quantum key distribution is preceded by the method further comprising: Acquiring QKD reference parameters corresponding to pre-calibrated target signal isolation, and writing the QKD reference parameters into a target QKD system; Wherein the target signal isolation is a signal isolation between the quantum signal light and the classical probe light, the QKD reference parameters are used to assist the target QKD system in generating a security validation result, and the QKD reference parameters include a quantum bit error rate reference value and/or a security key rate reference value.
  8. 8. A method of secure communications according to any one of claims 3 to 6, wherein after the step of performing a link scan on a target fibre link by OTDR to obtain a link scan result for the target fibre link, the method further comprises: Acquiring an OTDR reference curve corresponding to pre-calibrated target signal isolation; The target signal isolation is the signal isolation between the quantum signal light and the classical probe light, and the OTDR reference curve is used for assisting in determining whether the target optical fiber link is abnormal.
  9. 9. The secure communication method according to any one of claims 1 to 6, characterized in that the method further comprises: And switching the business encrypted by using the quantum key distributed by the target QKD system to be encrypted by using the quantum keys distributed by other QKD systems under the condition that the quantum key distributed by the target QKD system is determined to have security risk.
  10. 10. The secure communication method according to any one of claims 1 to 6, characterized in that the method further comprises: and under the condition that the quantum key distributed by the target QKD system is determined to have a security risk, determining an abnormal position of an abnormality in the target optical fiber link according to the link scanning result, and outputting the abnormal position.
  11. 11. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the computer program implementing the steps of the secure communication method according to any one of claims 1 to 10 when executed by the processor.
  12. 12. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored thereon a computer program which, when executed by a processor, implements the steps of the secure communication method according to any of claims 1 to 10.
  13. 13. A computer program product, characterized in that the computer program product comprises a computer program which, when executed by a processor, implements the steps of the secure communication method according to any of claims 1 to 10.

Description

Secure communication method, electronic device, and computer program product Technical Field The present application relates to the field of communications technologies, and in particular, to a secure communication method, an electronic device, and a computer program product. Background In the key stage of the accelerated landing of the quantum communication technology, quantum key distribution (Quantum Key Distribution, QKD) is used as a key generation means capable of proving safety theoretically, and is a core support for constructing a communication security system in the high-sensitivity fields of national key information infrastructure, finance, government affairs and the like. The security of the method not only depends on the rigor of the quantum physical principle, but also depends on the accurate identification and dynamic response capability of the whole key distribution process to potential threats, and any misjudgment or misjudgment to abnormal states can possibly cause key leakage risks, so that the upper communication security is directly endangered. The security verification mechanism of the current QKD system mainly relies on parameter statistical analysis of a quantum signal layer, and an output result can only represent statistical abnormality in a key distribution process, but association confidence between the abnormality and a real security risk is limited. When the verification result prompts abnormality, the system lacks reliable quantitative basis for risk level, so that security decision faces two difficulties, namely, a conservative strategy is adopted for avoiding potential risks, non-threat fluctuation such as environmental disturbance is easily misjudged as a high-risk event, frequent misinterruption is caused, system availability and service continuity are damaged, if a judgment threshold value is relaxed for guaranteeing communication efficiency, real threat is possibly omitted due to insufficient risk perception sensitivity, and secret key security is buried. Therefore, how to improve the identification accuracy of the security risk in the quantum key distribution process has become a key technical bottleneck to be broken through in the current quantum communication security field. Disclosure of Invention The application mainly aims to provide a secure communication method, electronic equipment and a computer program product, which aim to solve the technical problem of how to improve the identification accuracy of security risks in the quantum key distribution process. To achieve the above object, the present application provides a secure communication method, the method comprising: The method comprises the steps of obtaining a security verification result generated by a target QKD system in a quantum key distribution process; Under the condition that the quantum key distributed by the target QKD system is abnormal based on the security verification result, carrying out link scanning on a target Optical fiber link through an OTDR (Optical Time-Domain Reflectometer, optical Time domain reflectometer) to obtain a link scanning result of the target Optical fiber link, wherein the target Optical fiber link is an Optical fiber link used by the target QKD system; And in the case that the abnormality exists in the target optical fiber link based on the link scanning result, determining that the security risk exists in the quantum key distributed by the target QKD system, and terminating the quantum key distribution of the target QKD system. In addition, in order to achieve the above object, the present application also provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the computer program implementing the steps of the secure communication method as described above when being executed by the processor. In addition, to achieve the above object, the present application also provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the secure communication method as described above. Furthermore, to achieve the above object, the present application provides a computer program product comprising a computer program which, when executed by a processor, implements the steps of a secure communication method as described above. The embodiment of the application provides a secure communication method, electronic equipment and a computer program product, wherein the secure communication method comprises the steps of obtaining a secure verification result generated by a target QKD system in a quantum key distribution process, carrying out link scanning on a target optical fiber link through an OTDR (optical time domain reflectometer) to obtain a link scanning result of the target optical fiber link when the secure verification result indicates that the quantum key distributed by the target QKD system is abnormal, determi