Search

EP-4432598-B1 - BLOCKCHAIN NETWORK SECURITY COMMUNICATION METHOD BASED ON QUANTUM KEY

EP4432598B1EP 4432598 B1EP4432598 B1EP 4432598B1EP-4432598-B1

Inventors

  • ZHOU, FEI
  • GAO, JIE

Dates

Publication Date
20260506
Application Date
20220525

Claims (9)

  1. A secure communication method, applied to a quantum-secured blockchain network, wherein the blockchain network comprises a blockchain subnet and a quantum key distribution subnet, the blockchain subnet comprises a plurality of blockchain nodes, the quantum key distribution subnet comprises a plurality of quantum key distribution nodes deployed in the blockchain nodes and connected to the blockchain nodes respectively, and the secure communication method comprises: a quantum key distribution step for generating a shared quantum key between two of the quantum key distribution nodes; a connection information upload step for uploading correspondence of each of the blockchain nodes to a quantum key management device in the quantum key distribution node connected to the each of the blockchain nodes to the blockchain subnet; a quantum key acquisition step for acquiring the shared quantum key by each of the blockchain nodes in which each of the two of the quantum key distribution nodes is deployed the quantum key distribution node connected to the each of the blockchain nodes, based on a communication service; and a secure communication step for securely transmitting transmission data by the blockchain nodes in which the two of the quantum key distribution nodes are deployed using the shared quantum key, wherein the quantum key acquisition step comprises: acquiring by a sender, an identity of the quantum key management device in a receiver from the correspondence stored in the blockchain subnet, and acquiring the shared quantum key for the sender and the receiver based on the identity by the sender from the quantum key management device in the quantum key distribution node deployed in the sender; and acquiring the shared quantum key from the quantum key management device in the quantum key distribution node deployed in the receiver by the receiver based on the identity, wherein the sender and the receiver are the blockchain nodes in which the two of the quantum key distribution nodes are deployed.
  2. The secure communication method according to claim 1, wherein the blockchain nodes comprise a terminal device and a blockchain node server, and the quantum key acquisition step comprises: injecting, by the same quantum key distribution node, a quantum random number or a quantum key to the terminal device and the blockchain node server as the shared quantum key, in a case that the terminal device and the blockchain node server are connected to the same quantum key distribution node; or distributing the shared quantum key to the terminal device and the blockchain node server by quantum key management devices in the respective quantum key distribution nodes, in a case that the terminal device and the blockchain node server are connected to the different quantum key distribution nodes.
  3. The secure communication method according to claim 2, wherein the secure communication step comprises: encrypting the communication data using the shared quantum key for the blockchain node server to generate ciphertext data, and generating a message authentication code based on the shared quantum key and the communication data, by the terminal device; and decrypting the ciphertext data using the shared quantum key to obtain the communication data, generating a message authentication code based on the shared quantum key and the communication data, and comparing the generated message authentication code with the received message authentication code, by the blockchain node server.
  4. The secure communication method according to claim 1, wherein the secure communication step comprises: encrypting the communication data using the shared quantum key for the receiver to generate ciphertext data, and generating a message authentication code based on the shared quantum key and the communication data, by the sender; and decrypting the ciphertext data using the shared quantum key to obtain the communication data, generating a message authentication code based on the shared quantum key and the communication data, and comparing the generated message authentication code with the received message authentication code, by the receiver.
  5. The secure communication method according to claim 3 or 4, wherein the communication data is encrypted with one-time pad using an XOR encryption algorithm; and/or the message authentication code is generated using an HMAC algorithm or a CBC MAC algorithm; and/or the communication data comprises one or more of transaction information broadcast data, transaction information verification broadcast data, and shared data.
  6. The secure communication method according to claim 1, wherein the quantum key distribution subnet comprises: a user terminal node for providing the shared quantum key to a user device; a trusted relay node for relaying the shared quantum key between two quantum key distribution nodes that are not directly connected; and a centralized control node, wherein the centralized control node is a trusted relay node where a control server is deployed.
  7. The secure communication method according to claim 6, wherein the centralized control node and the trusted relay node are further for providing the shared quantum key to the user device; and/or at least two of the quantum key distribution nodes comprise a quantum satellite ground station for establishing a free space link with a quantum satellite.
  8. The secure communication method according to claim 1, wherein adjacent quantum key distribution nodes communicates with each other through an optical fiber link or a free space link.
  9. The secure communication method according to claim 1, wherein a quantum key distribution node comprising a mobile quantum satellite ground station is deployed in a mobile blockchain node.

Description

FIELD The present disclosure relates to the technical field of quantum information, and in particular to a secure communication method applied to a quantum-secured blockchain network. BACKGROUND Blockchain is an innovative application mode of computer technologies such as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithm in the Internet era. The blockchain has been widely applied in various fields such as Internet of things, intelligent manufacturing, supply chain management, and digital asset trading. Figure 1 is a schematic diagram illustrating a typical blockchain network. As shown in Figure 1, the blockchain network includes multiple blockchain nodes connected through optical fiber links. Secure data transmission between blockchain nodes is underpinned by cryptography. At present, the data is generally encrypted using a symmetric cryptographic algorithm that performs fast in encryption and decryption. However, a symmetric key applied to the symmetric cryptographic algorithm is distributed by an asymmetric cryptographic system. A data sender randomly generates the symmetric key using a classical random number generator first, then encrypts the symmetric key using a private key of the sender and finally transmits the encrypted symmetric key to a receiver. The receiver decrypts the symmetric key using a public key of the sender, to obtain plaintext of the symmetric key, and then performs the secure data transmission with the sender using the symmetric key. Therefore, security of data transmission in the current blockchain network depends on security of the symmetric key. A leak of the key may cause data theft or data corruption. In related art, ETSI GS QKD 004 V2.1.1 - Quantum Key Distribution(QKD) Application Interface", August 2020 (2020-08-01), discloses an application programming interface between QKD Key managers and applications, which includes multiples cases 1 to 5 relating to a single QKD link or a QKD network. WO 2021/090027A1 discloses quantum-safe networking, which specifically disclose a QS system 180 as shown in FIG. 1k thereof. The QS system 180 includes a plurality of QS servers 103 a - 103l associated with the QS system 180, a plurality of QS servers operated by users 104 a - 104 c, a QS security gateway/registration server 182, and a distributed ledger 167, and a plurality of satellites 171a - 172c. CN 112073182 A discloses a quantum key management method and a system based on a block chain, and accordingly the use process of the key is recorded by using the block chain, so that the correctness, the integrity, the timeliness and the traceability of the operation track recording are ensured, and the supervision and the traceability in the whole life cycle of the quantum key are realized. As described above, the symmetric key is randomly generated by a random number generator at one end, encrypted using the asymmetric key and transmitted to a node at an opposite end nowadays. However, the asymmetric key dependent on computational complexity is prone to decipherment as the computing capability advances, exposing the symmetric key to a risk of leakage. In addition, the symmetric key is generated by a classical random number generator. Based on the certainty principle of the classical physics, the generated data sequence is predictable once all conditions are known. The symmetric key will be leaked if the random number is deciphered, and consequently the entire blockchain network is insecure. SUMMARY The invention is defined by independent claim 1. Preferred embodiments are defined by the dependent claims. In view of the above technical problem existing in the blockchain network, a secure communication method employing a quantum key is provided according to the present disclosure, applied a blockchain network combining the QKD technology and the blockchain technology. With the proposed secure communication method, the quantum key can be distributed, acquired and securely transmitted through a few more steps, thereby securely performing communication services across the blockchain network. A secure communication method applied to a quantum-secured blockchain network is provided according to the present disclosure. The blockchain network includes a blockchain subnet and a quantum key distribution subnet. The blockchain subnet includes multiple blockchain nodes, and the quantum key distribution subnet includes multiple quantum key distribution nodes. The multiple quantum key distribution nodes are deployed in the blockchain nodes and connected to the blockchain nodes respectively. The secure communication method includes: a quantum key distribution step for generating a shared quantum key between two of the quantum key distribution nodes; a connection information upload step for uploading correspondence of each of the blockchain nodes to a quantum key management device in the quantum key distribution node connected to each of the blockchain nodes