量子密码实际安全性与应用研究

发布时间：2018-02-22 18:17

本文关键词： 量子密钥分配量子密钥分配网络安全性实用化电力通信　出处：《中国科学技术大学》2014年博士论文　论文类型：学位论文

【摘要】：量子密码分配技术为通信双方提供了一种获得无条件安全密钥的分发手段。量子密码的安全性和应用是其研究的核心内容。在安全性方面,目前,大部分量子密钥分配协议在最普适的相干攻击下,其安全性已经得到了完全的证明。但是这不代表实际系统也是安全的。实际量子密钥分配系统与理论协议存在一定的差异,比如,实际器件存在非理想特性,难以满足协议严格要求的条件,这些差异可能被窃听者利用来获取部分甚至全部的密钥信息。另外,有限的密钥长度与理想协议的假设条件也不同,需要对安全性分析进行修正。因此实际系统需要更严格的安全性分析和论证,这是当前的研究热点。在量子密钥分配系统的应用研究方面,经过几十年的发展,量子密钥分配技术已经能满足建立网络的要求,将量子密钥分配技术融合到经典网络中,更能充分发挥量子密码的优势,能更有效地保证数据的安全性。现实生活环境下的量子密钥分配应用受到了越来越多的关注。量子密码的应用需要结合具体的网络特点和用户需求进行设计。本文重点介绍了量子密钥分配系统的实际安全性和它的相关应用。这篇论文主要完成了以下几个工作。在实际安全性方面,论文首先研究了部分分束攻击下诱骗态BB84协议的安全性,详细分析了部分分束攻击策略,从光子概率分布的角度给出了部分分束攻击的模型,得到被攻击后到达接收端脉冲的光子数分布以及攻击后的计数率；分几种情况讨论了攻击参数的优化选择问题；通过比较单光子计数率的理论值和估计值,指出诱骗态BB84协议在该攻击下也是安全的。其次论文研究了诱骗态协议中用于态制备的随机数对安全性的影响,假设态制备随机数泄露的比例为p,结合部分分束攻击提出了两种不同的攻击策略并分析了攻击者获得的信息量；我们给出了随机数泄露比的下限,结果显示当攻击者利用策略二想获取全部的密钥信息时,它至少需要知道的随机数比例的下限随着传输距离的增加指数衰减。然后论文研究了系统设置死时间后的码率估算问题,利用蒙特卡洛的方法来模拟探测过程,能便捷地给出密钥率最大时的最优死时间；该数值方法能够充分考虑探测器的暗计数和后脉冲等的影响,为实际系统的研制和应用奠定了基础。在安全性方面,我们最后分析了真空态+单诱骗态协议下真空态的统计涨落对密钥率的影响,结果表明给定总脉冲数时,存在一个最优的真空态比例使得密钥率达到极大值。本文的第二部分主要侧重于研究量子密钥分配系统应用于电力通信网的可行性,结合电网的特殊环境(架空光纤等),本文从编码方式、同步模式等方面提出了适合电网的量子密钥分配方案。然后分析了电力通信网的安全需求,设计了将量子密码用在电网中的两个应用实例,第一个是利用量子密码来提高电网SSL VPN数据传输的安全性。论文分析了电网数据传输的特点,提出量子密码的四种应用模式,并设计了协议过程进行量子密钥的使用模式和相关控制信息的协商。第二个是利用量子密码来提高电网WiMAX无线通信的安全性。该应用中,量子密钥的存储和读取是按分段方式进行的。论文提出了双重加密的方法并设计了数据传输格式,先利用量子密钥加密数据,然后利用WiMAX无线通信传输该加密信息。
[Abstract]:Quantum cryptography technology provides a communication means for the two sides to obtain unconditionally secure keys. The security and application of quantum cryptography is the core of its research.
In terms of security, at present, most of the protocols of quantum key distribution in coherent attacks most pervasive, its safety has been fully proved. But this does not represent the actual system is safe. There are some differences in practical quantum key distribution system and the theory of agreement for example, actual devices are non ideal characteristics, it is difficult to to meet the stringent requirements of the agreement, these differences may be obtained even using all the key part of information eavesdropping. In addition, the limited length of the key assumptions and the ideal protocol is different, the need for safety analysis is corrected. So the actual needs of the system safety analysis and demonstration of the more strict, this is the current research focus.
In the aspect of the application of quantum key distribution system, after decades of development, quantum key distribution technology has established can meet the requirement of network integration technology to the classical quantum key distribution network, can give full play to the advantages of quantum cryptography, can more effectively ensure the safety of data. The application of quantum key distribution in real life the environment has attracted more and more attention. The application of quantum cryptography to design combined with the specific characteristics of the network and the needs of users.
This paper focuses on the practical security of the quantum key distribution system and its related applications. This paper has completed the following work.
In the security aspect, the thesis firstly studies the safety of decoy state BB84 protocol consists of beam under attack, a detailed analysis of some splitting attack strategy, given some splitting attack model from the perspective of the probability distribution of photons, get attacked after the arrival of the photon number distribution receiver and pulse counting after the attack. Rate; several cases discussed the optimization problem of attack parameters; through the comparison of the single photon counting rate of the theoretical value and the estimated value, pointed out that the BB84 decoy state protocol is secure in the attack.
Secondly, study the influence of random number states on the preparation of safety for decoy state protocol, assuming the state preparation of random number leakage ratio of P, combined with the beam splitting attack presents two different attack strategies and the analysis of the amount of information the attacker getting; we give a lower bound than the random number leaked the results show, when the attacker using two strategies to obtain all the key information, the lower it needs at least know the proportion of random number with increasing attenuation index of the transmission distance.
Then the paper studies the rate of system setting dead time after estimation, to simulate the detection process using the Monte Carlo method can easily give optimal key rate at maximum dead time; the numerical method can fully consider the detector counts and after pulse and so on, which provides a basis for the development and application of the system.
In terms of security, we finally analyze the influence of the statistical fluctuation of the vacuum state on the key rate under the vacuum state + single decoy protocol. The results show that when the total number of pulses is given, there is an optimal vacuum state ratio, so that the key rate reaches the maximum value.
The second part of this paper mainly focuses on the feasibility of applying quantum key distribution system to electric power communication network. Combined with the special environment of grid, such as overhead optical fiber, this paper proposes a QKD scheme suitable for power grid from aspects of coding mode and synchronization mode.
And then analyzes the security requirements of the electric power communication network, the design of the two application of quantum cryptography used in the power grid, the first one is to improve the safety of power grid SSL VPN data transmission using quantum cryptography. This paper analyzes the characteristics of network data transmission, put forward four kinds of application modes of quantum cryptography, usage patterns and related the control information and the design of the protocol of quantum key negotiation. The second is to improve the safety of power grid WiMAX wireless communication using quantum cryptography. The application of quantum key storage and reading is carried out according to section. This paper puts forward the methods of double encryption and the design of the data transmission format, using quantum the key to encrypt the data, then use WiMAX wireless communication to transmit the encrypted information.

【学位授予单位】：中国科学技术大学
【学位级别】：博士
【学位授予年份】：2014
【分类号】：TN918;O413

【参考文献】