LIN Yusheng,CHANG Yan,HOU Qiyu,et al.Full Life Cycle Management of Quantum Keys based on State Secret Blockchain Platform[J].Journal of Chengdu University of Information Technology,2022,37(05):515-519.[doi:10.16836/j.cnki.jcuit.2022.05.005]
基于国密化区块链平台的量子密钥全生命周期管理系统
- Title:
- Full Life Cycle Management of Quantum Keys based on State Secret Blockchain Platform
- 文章编号:
- 2096-1618(2022)05-0515-05
- 关键词:
- 量子密钥; 国密化Fabric联盟链; 保密通信; 管理及追溯系统
- Keywords:
- quantum key; state secret fabric alliance chain; confidential communication; management and traceability system
- 分类号:
- P751.1
- 文献标志码:
- A
- 摘要:
- 针对传统通信系统中密钥存在的密钥易泄露、密钥管理可信度低等安全性问题,提出一个基于国密化区块链平台的量子密钥全生命周期管理及追溯系统。有保密通信需求的两个机构,将量子密钥替换传统通信系统中的主密钥,在通信过程中,量子密钥生成、分发、使用、更新和销毁的相关操作信息由两个机构管理员及用户实时上传至区块链平台。对Fabric联盟链进行国密化改造,保证算法的自主可控,并用于量子密钥的全生命周期管理。当联盟链管理员对保密通信过程中发生的安全事件进行追溯追责时,利用联盟链去中心化、不可篡改、身份验证等特点,可以实现量子密钥全生命周期管理和追溯过程的透明可信,保证量子密钥在通信系统中的安全使用与有效监管。
- Abstract:
- Aiming at the security problems such as easy key leakage and low management reliability in traditional communication systems, this paper proposes a quantum key full life cycle management and traceability system based on the state secret blockchain platform. Two institutions with a need for secure communication replace the master key in traditional communication systems with quantum keys. During the communication process, the relevant operation information of quantum key generation, distribution, use, update and destruction is uploaded to the blockchain platform in real time by the administrators and users of the two institutions. In this paper, the state secret transformation of the Fabric alliance chain is carried out to ensure that the algorithm is autonomous and controllable, and it is used for the full life cycle management of quantum keys. When the consortium chain administrator traces the security incidents that occur in the confidential communication process, the use of the consortium chain’s features of decentralization, non-tampering, and identity verification can realize the transparency and reliability of the quantum key full life cycle management and traceability process. It ensures the safe use and effective supervision of quantum keys in communication systems.
参考文献/References:
[1] BENNETT CH,BRASSARD G.Quantum Cryptography: Public Key Distribution and Coin Tbssing[C].IEEE.International Conference on Computers Systems and Signal Processing,September 12,1984,Baialore,India.NewYork:IEEE,1984:175-179.
[2] ELKOUSS D,MARTINEZ-MATEO J,CIURANA A,et al.Secure Optical Networks Based on Quantum Key Distribution and Weakly Trusted Repeaters[J].Journal of Optical Communications & Networking,2013,5(4):316-328.
[3] LO HK,CHAU HF.Unconditional Security of Quantum Key Distribution over Arbitrarily Long Distances[J].Science,1999,283(5410):2050-2056.
[4] 赖俊森,赵文玉,张海懿.量子保密通信技术进展及应用趋势分析[J].信息通信技术与政策,2020(12):64-69.
[5] 曹原,赵永利.量子通信网络研究进展[J].激光杂志,2019,40(9):1-7.
[6] 郑祎能.QKD网络量子信道管理关键技术研究[J].计算机科学,2018,45(S1):369-376+404.
[7] 查振兴,高泉,李强,等. 基于量子密钥分发的IPSec VPN密码机:CN 108173652 A[P].2018.
[8] 吴佳楠,唐祁,贺曼丽,等. 融合量子密钥的内网文件加密系统[J].重庆大学学报,2020,43(11):45-55.
[9] 熊英,唐小康,陈娟.一种利用量子密钥提升移动办公系统安全性的方法:CN 109756325A[P].2019.
[10] Linux.Hyperledger Fabric[EB/OL].https://www.hyperledger.org/.2020-09-15.
[11] 姚英英,常晓林,甄平.基于区块链的去中心化身份认证及密钥管理方案[J].信息安全与技术,2019,010(6):33-39.
[12] 石润华,石泽.基于区块链技术的物联网密钥管理方案[J].信息网络安全,2020,20(8)1-8.
[13] hyperledger-fabricdocs documentation[EB/OL].https://hyperledger-fabric.readthedocs.io/zh_CN/latest/.2020-01-29.
[14] 曹琪,阮树骅,陈兴蜀,等.Hyperledger Fabric平台的国密算法嵌入研究[J].网络与信息安全学报,2021,7(1):65-75.
备注/Memo
收稿日期:2022-02-21
基金项目:国家自然科学基金面上资助项目(62076042)