Search

CN-122027136-A - Secure communication method based on quantum key

CN122027136ACN 122027136 ACN122027136 ACN 122027136ACN-122027136-A

Abstract

The invention relates to the technical field of quantum communication and discloses a secure communication method based on a quantum key, which comprises the steps of providing a secure communication method based on a quantum key, and the method is characterized by comprising the following steps of carrying out standardized coding on initial quantum key data; the method comprises the steps of carrying out life cycle state marking on encoded key data to obtain manageable key data, carrying out state verification on the manageable key data based on the life cycle state to obtain a validity judging result, carrying out key rotation on the manageable key data based on the result to obtain usable key data, carrying out security parameter negotiation between two communication parties based on the usable key data to obtain session security parameters for communication encryption and authentication, carrying out cryptography encapsulation on the communication data to be transmitted by utilizing the session security parameters to obtain final ciphertext data, and improving the efficiency of secure communication based on quantum keys.

Inventors

  • WANG ZIXU
  • YANG XINGYU
  • WU PENG

Assignees

  • 长江大学

Dates

Publication Date
20260512
Application Date
20260214

Claims (10)

  1. 1. A method of secure communication based on quantum keys, the method comprising: s1, carrying out standardized coding on initial quantum key data to obtain coded key data of the initial quantum key data; S2, carrying out life cycle state marking on the encoded key data to obtain manageable key data of the encoded key data; s3, performing state verification on the manageable key data based on the life cycle state to obtain a validity judgment result of the manageable key data; S4, carrying out key rotation on the manageable key data based on the validity judgment result to obtain usable key data of the manageable key data; s5, based on the available key data, carrying out security parameter negotiation between the two communication parties to obtain session security parameters for communication encryption and authentication; s6, carrying out cryptographic packaging on the communication data to be transmitted to obtain final ciphertext data of the communication data.
  2. 2. The method for secure communication based on quantum key of claim 1, wherein the standardized encoding of the initial quantum key data to obtain encoded key data of the initial quantum key data comprises: Acquiring initial quantum key data in a quantum key distribution network to obtain an initial key sequence of the initial quantum key data; Based on a specific secure communication protocol, carrying out protocol adaptation packaging on the initial key sequence to obtain a formatted key sequence of the initial key sequence; and constructing a code block of the formatted key sequence based on a preset coding rule to obtain coded key data of the initial quantum key data.
  3. 3. The method for quantum key based secure communication of claim 1, wherein said performing a lifecycle status flag on said encoded key data to obtain manageable key data for said encoded key data comprises: creating a unique identity for the encoded key data to obtain identified key data of the encoded key data; Performing validity pre-verification on the identified key data to obtain key data to be marked of the identified key data; assigning an initial state label to the key data to be marked based on a predefined key life cycle strategy to obtain initial state key data of the key data to be marked; And storing the initial state key data, the identity identifier and the initial state tag in an associated mode to obtain manageable key data of the encoded key data.
  4. 4. A method of quantum key based secure communication as claimed in claim 3, wherein assigning an initial state tag to the key data to be signed based on a predefined key lifecycle policy, obtaining initial state key data for the key data to be signed, comprises: performing policy mapping on the key type of the key data to be marked based on the key life cycle policy to obtain a state definition rule of the key type; based on the state definition rule and the key type, carrying out feature analysis on the key data to be marked to obtain a generation time stamp and a preset validity period of the key data to be marked; Performing state transition point deduction on the key data to be marked to obtain a first state transition time point of the key data to be marked; and carrying out state label packaging on the key data to be marked based on the generated time stamp, the preset validity period and the first state transition time point to obtain initial state key data of the key data to be marked.
  5. 5. The method for secure communication based on quantum key according to claim 1, wherein said performing a state check on said manageable key data based on said life cycle state to obtain a validity judgment result of said manageable key data comprises: Extracting a life cycle state label of the manageable key data from the manageable key data to obtain current state information of the manageable key data; Carrying out structural analysis on the current state information to obtain a current state value and a state time attribute of the manageable key data; Based on a preset state validity rule, carrying out compliance comparison on the current state value and the state time attribute to obtain a state verification intermediate result of the manageable key data; and carrying out availability judgment on the manageable key data according to the state checking intermediate result to obtain a validity judgment result of the manageable key data.
  6. 6. The method for secure communication based on quantum key according to claim 1, wherein said performing key rotation on said manageable key data based on said validity judgment result to obtain usable key data of said manageable key data comprises: Calculating a round robin urgency index based on the validity judgment result, the historical state record of the manageable key data and the generation time of the manageable key data to obtain a quantized round robin decision parameter of the manageable key data; performing trigger condition evaluation on the quantized round trip decision parameters and a preset round trip trigger threshold value to obtain a round trip trigger decision of the manageable key data; Triggering a new quantum key supply based on the round-robin trigger decision to obtain candidate key data of the manageable key data; Performing availability verification on the candidate key data to obtain key data to be started, which passes the verification of the candidate key data; And replacing target key data in the manageable key data with the key data to be started, and updating the life cycle state of the target key data to obtain the usable key data of the manageable key data.
  7. 7. The method of claim 6, wherein calculating a round robin urgency index based on the validity determination, the historical state record of the manageable key data, and the generation time of the manageable key data to obtain the quantized round robin decision parameter of the manageable key data comprises: based on the manageable key data, performing Boolean conversion on the current validity judgment result to obtain the current validity value of the validity judgment result When the judgment result is valid =1, When not active =0; Acquiring the manageable key data in recent succession Historical validity judgment result sequence in each verification period Calculating historical invalidation frequency ; Based on the generation time stamp of the manageable key data, the surviving time is calculated Determining the survival time length, and acquiring the preset maximum survival time of the type of key based on the key life cycle strategy ; Based on preset weight coefficients 、 、 Calculating a wheel urgency index And obtaining the quantization rotation decision parameters of the manageable key data.
  8. 8. The method for secure communication based on quantum key according to claim 1, wherein the step of negotiating security parameters between two parties of communication based on the available key data to obtain session security parameters for encryption and authentication of communication comprises: Extracting key materials from the available key data to obtain session key materials of the available key data; based on the session key material, performing parameter negotiation interaction between the two communication parties to obtain original security parameters of the session key material; and carrying out cryptographic binding on the original security parameters to obtain session security parameters of the original security parameters.
  9. 9. The method for secure communication based on quantum key according to claim 1, wherein the performing parameter negotiation interaction between two parties of communication based on the session key material to obtain the original security parameters of the session key material comprises: Carrying out format conversion on the session key material to obtain a normalized key material of the session key material; The initiator of the two communication parties generates a first random number, and sends a negotiation request to the receiver of the two communication parties based on the normalized key material and the first random number; Performing verification analysis on the negotiation request, wherein the receiver generates a second random number, and returns a negotiation response to the initiator based on the normalized key material; And carrying out key negotiation on the first random number, the second random number and the normalized key material to obtain the original security parameters of the session key material.
  10. 10. The method for secure communication based on quantum key of claim 1, wherein cryptographically packaging the communication data to be transmitted to obtain final ciphertext data of the communication data, comprises: Extracting an encryption algorithm identifier and a session encryption key from the session security parameters to obtain communication encryption parameters of the session security parameters; based on the communication encryption parameters, carrying out data block formatting on communication data to be transmitted to obtain regular communication data to be encrypted of the communication data to be transmitted; Performing cryptographic transformation on the regular communication data to be encrypted to obtain initial ciphertext data of the regular communication data to be encrypted; and carrying out integrity packaging on the initial ciphertext data based on the integrity verification information of the session encryption key to obtain final ciphertext data of the initial ciphertext data.

Description

Secure communication method based on quantum key Technical Field The invention relates to the technical field of quantum communication, in particular to a secure communication method based on a quantum key. Background In the quantum key secure communication technology, the key management lacks a standardized flow, and the coding suitability of initial key data is insufficient, so that the problem of incompatibility of formats of the key is easy to occur in the transmission and use processes, and the stability of a communication link and the continuity of data transmission are directly affected. Meanwhile, the key life cycle lacks an accurate state marking and dynamic checking mechanism, and a disabled or hidden-safety key cannot be timely identified, so that risks such as misuse and overdue use of the key exist in the communication encryption process, and the reliability of communication safety protection is reduced. In the link of key rotation and safety parameter negotiation, a scientific quantitative decision model is not established in the prior art, and a reasonable rotation strategy is difficult to formulate by combining the multi-dimensional factors such as the historical state, the survival time and the like of the key, so that the key is updated untimely or excessively rotated, the system resource is wasted, and the safety threat caused by key aging cannot be effectively resisted. In addition, the high-efficiency interactive verification mechanism is lacking in the safety parameter negotiation process, the safety and the integrity of parameter binding are insufficient, the protection effect of the quantum key in the communication encryption and authentication is further weakened, and the requirements of high-safety-level communication scenes are difficult to meet. Disclosure of Invention The invention provides a secure communication method based on a quantum key, which aims to solve the problems in the background technology. In order to achieve the above object, the present invention provides a secure communication method based on a quantum key, including: s1, carrying out standardized coding on initial quantum key data to obtain coded key data of the initial quantum key data; S2, carrying out life cycle state marking on the encoded key data to obtain manageable key data of the encoded key data; s3, performing state verification on the manageable key data based on the life cycle state to obtain a validity judgment result of the manageable key data; S4, carrying out key rotation on the manageable key data based on the validity judgment result to obtain usable key data of the manageable key data; s5, based on the available key data, carrying out security parameter negotiation between the two communication parties to obtain session security parameters for communication encryption and authentication; s6, carrying out cryptographic packaging on the communication data to be transmitted to obtain final ciphertext data of the communication data. In a preferred embodiment, the normalized encoding of the initial quantum key data to obtain encoded key data of the initial quantum key data includes: Acquiring initial quantum key data in a quantum key distribution network to obtain an initial key sequence of the initial quantum key data; Based on a specific secure communication protocol, carrying out protocol adaptation packaging on the initial key sequence to obtain a formatted key sequence of the initial key sequence; and constructing a code block of the formatted key sequence based on a preset coding rule to obtain coded key data of the initial quantum key data. In a preferred embodiment, the performing life cycle status marking on the encoded key data to obtain manageable key data of the encoded key data includes: creating a unique identity for the encoded key data to obtain identified key data of the encoded key data; Performing validity pre-verification on the identified key data to obtain key data to be marked of the identified key data; assigning an initial state label to the key data to be marked based on a predefined key life cycle strategy to obtain initial state key data of the key data to be marked; And storing the initial state key data, the identity identifier and the initial state tag in an associated mode to obtain manageable key data of the encoded key data. In a preferred embodiment, the assigning an initial state label to the key data to be marked based on the predefined key life cycle policy, to obtain initial state key data of the key data to be marked, includes: performing policy mapping on the key type of the key data to be marked based on the key life cycle policy to obtain a state definition rule of the key type; based on the state definition rule and the key type, carrying out feature analysis on the key data to be marked to obtain a generation time stamp and a preset validity period of the key data to be marked; Performing state transition point deduction on the key data to be marked