Authentication method, device and system for quantum key distribution process
US-10313114-B2 · Jun 4, 2019 · US
Authentication method, device and system for quantum key distribution process
US10999068B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10999068-B2 |
| Application number | US-201916429949-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 3, 2019 |
| Priority date | Jul 31, 2015 |
| Publication date | May 4, 2021 |
| Grant date | May 4, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
An authentication method for a QKD process includes: a sender selects a basis for preparing authentication information according to an algorithm in an algorithms library, and respectively applies different wavelengths to send quantum states of control information and data information according to a preset information format; a receiver filters the received quantum states, employs a basis of measurement corresponding to the algorithm to measure the authentication information quantum state, sends reverse authentication information when the measurement result is in line with the algorithm, and terminates the distribution process otherwise. In addition, the sender terminates the distribution process when its local authentication information is inconsistent with the reverse authentication information.
First claim
Opening claim text (preview).
What is claimed is: 1. An authentication method for a quantum key distribution (QKD) process, wherein the method is implemented in a sender quantum communication device involved in the QKD process and comprises: selecting a preparation basis of authentication information based on an algorithm in a preset algorithms library, and respectively applying different wavelengths to send quantum states of control information and data information to an opposite-end device involved in the QKD process according to a preset information format, wherein the data information comprises authentication information and randomly generated key information; receiving reverse authentication information returned by the opposite-end device; generating local authentication information according to the received reverse authentication information and also according to sent local authentication information; and determining whether the local authentication information is consistent with the reverse authentication information; and when the local authentication information is not consistent with the reverse authentication information, then terminating the QKD process. 2. The authentication method for the QKD process according to claim 1 , wherein in addition to the reverse authentication information, the information returned by the opposite-end device further comprises: a measurement basis used for measuring a key information quantum state; and correspondingly, when determining that the local authentication information is consistent with the received reverse authentication information, the following operations are executed: determining a correct measurement basis of the key information quantum state, and screening an initial key; disclosing the correct measurement basis of the key information quantum state via a classical channel; and acquiring a final shared quantum key through error rate estimation, error correction and privacy amplification. 3. The authentication method for the QKD process according to claim 1 , wherein before the step of selecting the preparation basis of the authentication information according to the algorithm in the preset algorithms library, the following operation is executed: negotiating with the opposite-end device for an algorithm number via a classical channel; and correspondingly, the step of selecting the preparation basis of the authentication information according to the algorithm in the preset algorithms library comprises: selecting the algorithm in the preset algorithms library according to the negotiated algorithm number; and selecting the preparation basis of the authentication information based on the algorithm. 4. The authentication method for the QKD process according to claim 1 , wherein the preset information format comprises: the authentication information and key information respectively have their own control information as prefixes. 5. The authentication method for the QKD process according to claim 1 , wherein the preset information format comprises: the authentication information and the key information apply shared control information as prefixes; and correspondingly, before the step of selecting the preparation basis of the authentication information according to the algorithm in the preset algorithms library, the following operation is executed: negotiating with the opposite-end device for a length of the authentication information between the control information and the key information via a classical channel. 6. The authentication method for the QKD process according to claim 1 , wherein the received reverse authentication information comprises one of: location information of a receiver authentication key selected by the opposite-end device, the receiver authentication key, and a hash value of the receiver authentication key; and correspondingly, the step of generating the local authentication information according to the received reverse authentication information and the sent local authentication information comprises: selecting a corresponding sender authentication key from the sent local authentication information according to the received location information, and correspondingly taking either the sender authentication key or a hash value of the sender authentication key as the local authentication information. 7. The authentication method for the QKD process according to claim 1 , wherein the received reverse authentication information comprises: location information of a receiver authentication key selected by the opposite-end device, auxiliary authentication information ciphertext, and a hash value of the character string formed by splicing the auxiliary authentication information and the receiver authentication key; and correspondingly, the step of generating the local authentication information according to the received reverse authentication information and the sent local authentication information comprises: selecting a corresponding sender authentication key from the sent local authentication information according to the received location information; decrypting the received auxiliary authentication information ciphertext with the sender authentication key to acquire the auxiliary authentication information; and calculating the hash value of the character string formed by splicing the acquired auxiliary authentication information and the receiver authentication key, and then taking the calculated hash value as the local authentication information. 8. The authentication method for the QKD process according to claim 7 , wherein when determining that the local authentication information is consistent with the received reverse authentication information, the following operations are executed: applying the sender authentication key to encrypt a variant of the auxiliary authentication information acquired by decryption; and transmitting the encrypted ciphertext to the opposite-end device via a classical channel. 9. An authentication method for a quantum key distribution (QKD) process, wherein the method is implemented in a receiver quantum communication device involved in the QKD process and comprises: receiving a quantum state sent by an opposite-end device involved in the QKD process, and discriminating various received information quantum states according to pre-agreed different wavelengths and preset information formats; selecting a measurement basis according to an algorithm that is the same as the opposite-end device and selected from a preset algorithms library, and applying the measurement basis to measure the received authentication information quantum state; determining whether a measurement result is consistent with the selected algorithm; when the measurement result is consistent with the selected algorithm, then sending reverse authentication information that is obtained based on the measurement result and provided for the opposite-end device to authenticate an identity of the receiver quantum communication device to the opposite-end device; and when the measurement result is not consistent with the selected algorithm, then terminating the QKD process. 10. The authentication method for the QKD process according to claim 9 , wherein when determining that the measurement result is consistent with the algorithm, the following operations are further executed: disclosing the measurement basis for measuring key information quantum state via a classical channel; and correspondingly, the method further comprises: receiving a correct measurement basis of the key information quantum state sent by the opposite-end device via a classical channel; and screening an initial key, and acquiring a final shared quantum key through error rate estimation, e
Assignees
Inventors
Classifications
- H04L9/3242Primary
involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC · CPC title
using different networks or channels, e.g. using out of band channels (cryptographic mechanisms or cryptographic arrangements for key distribution involving distinctive intermediate devices or communication paths H04L9/0827; cryptographic mechanisms or cryptographic arrangements for authentication using a plurality of channels H04L9/3215) · CPC title
- H04L9/0852Primary
Quantum cryptography (transmission systems employing electromagnetic waves other than radio waves, e.g. light, infrared H04B10/00; wavelength-division multiplex systems H04J14/02; WDM arrangements H04J14/03) · CPC title
for key exchange, e.g. in peer-to-peer networks (cryptographic mechanisms or cryptographic arrangements for key agreement H04L9/0838) · CPC title
Details about key distillation or coding, e.g. reconciliation, error correction, privacy amplification, polarisation coding or phase coding · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10999068B2 cover?
- An authentication method for a QKD process includes: a sender selects a basis for preparing authentication information according to an algorithm in an algorithms library, and respectively applies different wavelengths to send quantum states of control information and data information according to a preset information format; a receiver filters the received quantum states, employs a basis of mea…
- Who is the assignee on this patent?
- Alibaba Group Holding Ltd
- What technology area does this patent fall under?
- Primary CPC classification H04L9/3242. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue May 04 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).