本文關(guān)鍵詞： 量子密鑰分配 量子密鑰分配網(wǎng)絡(luò) 安全性 實(shí)用化 電力通信　出處：《中國科學(xué)技術(shù)大學(xué)》2014年博士論文　論文類型：學(xué)位論文

【摘要】：量子密碼分配技術(shù)為通信雙方提供了一種獲得無條件安全密鑰的分發(fā)手段。量子密碼的安全性和應(yīng)用是其研究的核心內(nèi)容。 在安全性方面,目前,大部分量子密鑰分配協(xié)議在最普適的相干攻擊下,其安全性已經(jīng)得到了完全的證明。但是這不代表實(shí)際系統(tǒng)也是安全的。實(shí)際量子密鑰分配系統(tǒng)與理論協(xié)議存在一定的差異,比如,實(shí)際器件存在非理想特性,難以滿足協(xié)議嚴(yán)格要求的條件,這些差異可能被竊聽者利用來獲取部分甚至全部的密鑰信息。另外,有限的密鑰長度與理想?yún)f(xié)議的假設(shè)條件也不同,需要對安全性分析進(jìn)行修正。因此實(shí)際系統(tǒng)需要更嚴(yán)格的安全性分析和論證,這是當(dāng)前的研究熱點(diǎn)。 在量子密鑰分配系統(tǒng)的應(yīng)用研究方面,經(jīng)過幾十年的發(fā)展,量子密鑰分配技術(shù)已經(jīng)能滿足建立網(wǎng)絡(luò)的要求,將量子密鑰分配技術(shù)融合到經(jīng)典網(wǎng)絡(luò)中,更能充分發(fā)揮量子密碼的優(yōu)勢,能更有效地保證數(shù)據(jù)的安全性�，F(xiàn)實(shí)生活環(huán)境下的量子密鑰分配應(yīng)用受到了越來越多的關(guān)注。量子密碼的應(yīng)用需要結(jié)合具體的網(wǎng)絡(luò)特點(diǎn)和用戶需求進(jìn)行設(shè)計(jì)。 本文重點(diǎn)介紹了量子密鑰分配系統(tǒng)的實(shí)際安全性和它的相關(guān)應(yīng)用。這篇論文主要完成了以下幾個(gè)工作。 在實(shí)際安全性方面,論文首先研究了部分分束攻擊下誘騙態(tài)BB84協(xié)議的安全性,詳細(xì)分析了部分分束攻擊策略,從光子概率分布的角度給出了部分分束攻擊的模型,得到被攻擊后到達(dá)接收端脈沖的光子數(shù)分布以及攻擊后的計(jì)數(shù)率；分幾種情況討論了攻擊參數(shù)的優(yōu)化選擇問題；通過比較單光子計(jì)數(shù)率的理論值和估計(jì)值,指出誘騙態(tài)BB84協(xié)議在該攻擊下也是安全的。 其次論文研究了誘騙態(tài)協(xié)議中用于態(tài)制備的隨機(jī)數(shù)對安全性的影響,假設(shè)態(tài)制備隨機(jī)數(shù)泄露的比例為p,結(jié)合部分分束攻擊提出了兩種不同的攻擊策略并分析了攻擊者獲得的信息量；我們給出了隨機(jī)數(shù)泄露比的下限,結(jié)果顯示當(dāng)攻擊者利用策略二想獲取全部的密鑰信息時(shí),它至少需要知道的隨機(jī)數(shù)比例的下限隨著傳輸距離的增加指數(shù)衰減。 然后論文研究了系統(tǒng)設(shè)置死時(shí)間后的碼率估算問題,利用蒙特卡洛的方法來模擬探測過程,能便捷地給出密鑰率最大時(shí)的最優(yōu)死時(shí)間；該數(shù)值方法能夠充分考慮探測器的暗計(jì)數(shù)和后脈沖等的影響,為實(shí)際系統(tǒng)的研制和應(yīng)用奠定了基礎(chǔ)。 在安全性方面,我們最后分析了真空態(tài)+單誘騙態(tài)協(xié)議下真空態(tài)的統(tǒng)計(jì)漲落對密鑰率的影響,結(jié)果表明給定總脈沖數(shù)時(shí),存在一個(gè)最優(yōu)的真空態(tài)比例使得密鑰率達(dá)到極大值。 本文的第二部分主要側(cè)重于研究量子密鑰分配系統(tǒng)應(yīng)用于電力通信網(wǎng)的可行性,結(jié)合電網(wǎng)的特殊環(huán)境(架空光纖等),本文從編碼方式、同步模式等方面提出了適合電網(wǎng)的量子密鑰分配方案。 然后分析了電力通信網(wǎng)的安全需求,設(shè)計(jì)了將量子密碼用在電網(wǎng)中的兩個(gè)應(yīng)用實(shí)例,第一個(gè)是利用量子密碼來提高電網(wǎng)SSL VPN數(shù)據(jù)傳輸?shù)陌踩�。論文分析了電網(wǎng)數(shù)據(jù)傳輸?shù)奶攸c(diǎn),提出量子密碼的四種應(yīng)用模式,并設(shè)計(jì)了協(xié)議過程進(jìn)行量子密鑰的使用模式和相關(guān)控制信息的協(xié)商。第二個(gè)是利用量子密碼來提高電網(wǎng)WiMAX無線通信的安全性。該應(yīng)用中,量子密鑰的存儲和讀取是按分段方式進(jìn)行的。論文提出了雙重加密的方法并設(shè)計(jì)了數(shù)據(jù)傳輸格式,先利用量子密鑰加密數(shù)據(jù),然后利用WiMAX無線通信傳輸該加密信息。
[Abstract]:Quantum cryptography technology provides a communication means for the two sides to obtain unconditionally secure keys. The security and application of quantum cryptography is the core of its research.
In terms of security, at present, most of the protocols of quantum key distribution in coherent attacks most pervasive, its safety has been fully proved. But this does not represent the actual system is safe. There are some differences in practical quantum key distribution system and the theory of agreement for example, actual devices are non ideal characteristics, it is difficult to to meet the stringent requirements of the agreement, these differences may be obtained even using all the key part of information eavesdropping. In addition, the limited length of the key assumptions and the ideal protocol is different, the need for safety analysis is corrected. So the actual needs of the system safety analysis and demonstration of the more strict, this is the current research focus.
In the aspect of the application of quantum key distribution system, after decades of development, quantum key distribution technology has established can meet the requirement of network integration technology to the classical quantum key distribution network, can give full play to the advantages of quantum cryptography, can more effectively ensure the safety of data. The application of quantum key distribution in real life the environment has attracted more and more attention. The application of quantum cryptography to design combined with the specific characteristics of the network and the needs of users.
This paper focuses on the practical security of the quantum key distribution system and its related applications. This paper has completed the following work.
In the security aspect, the thesis firstly studies the safety of decoy state BB84 protocol consists of beam under attack, a detailed analysis of some splitting attack strategy, given some splitting attack model from the perspective of the probability distribution of photons, get attacked after the arrival of the photon number distribution receiver and pulse counting after the attack. Rate; several cases discussed the optimization problem of attack parameters; through the comparison of the single photon counting rate of the theoretical value and the estimated value, pointed out that the BB84 decoy state protocol is secure in the attack.
Secondly, study the influence of random number states on the preparation of safety for decoy state protocol, assuming the state preparation of random number leakage ratio of P, combined with the beam splitting attack presents two different attack strategies and the analysis of the amount of information the attacker getting; we give a lower bound than the random number leaked the results show, when the attacker using two strategies to obtain all the key information, the lower it needs at least know the proportion of random number with increasing attenuation index of the transmission distance.
Then the paper studies the rate of system setting dead time after estimation, to simulate the detection process using the Monte Carlo method can easily give optimal key rate at maximum dead time; the numerical method can fully consider the detector counts and after pulse and so on, which provides a basis for the development and application of the system.
In terms of security, we finally analyze the influence of the statistical fluctuation of the vacuum state on the key rate under the vacuum state + single decoy protocol. The results show that when the total number of pulses is given, there is an optimal vacuum state ratio, so that the key rate reaches the maximum value.
The second part of this paper mainly focuses on the feasibility of applying quantum key distribution system to electric power communication network. Combined with the special environment of grid, such as overhead optical fiber, this paper proposes a QKD scheme suitable for power grid from aspects of coding mode and synchronization mode.
And then analyzes the security requirements of the electric power communication network, the design of the two application of quantum cryptography used in the power grid, the first one is to improve the safety of power grid SSL VPN data transmission using quantum cryptography. This paper analyzes the characteristics of network data transmission, put forward four kinds of application modes of quantum cryptography, usage patterns and related the control information and the design of the protocol of quantum key negotiation. The second is to improve the safety of power grid WiMAX wireless communication using quantum cryptography. The application of quantum key storage and reading is carried out according to section. This paper puts forward the methods of double encryption and the design of the data transmission format, using quantum the key to encrypt the data, then use WiMAX wireless communication to transmit the encrypted information.

【學(xué)位授予單位】：中國科學(xué)技術(shù)大學(xué)
【學(xué)位級別】：博士
【學(xué)位授予年份】：2014
【分類號】：TN918;O413

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 趙文清,王德文;PKI在電力系統(tǒng)信息網(wǎng)絡(luò)安全中的應(yīng)用[J];電力科學(xué)與工程;2003年03期

2 宋磊,羅其亮,羅毅,涂光瑜;電力系統(tǒng)實(shí)時(shí)數(shù)據(jù)通信加密方案[J];電力系統(tǒng)自動化;2004年14期

3 孟建良,亢建波,龐春江,劉偉達(dá),鮑琳麗;角色訪問控制模型在兩票管理系統(tǒng)中的應(yīng)用[J];電力系統(tǒng)自動化;2004年23期

4 段斌;劉念;王鍵;黃生龍;;基于PKI／PMI的變電站自動化系統(tǒng)訪問安全管理[J];電力系統(tǒng)自動化;2005年23期

5 宋燕敏;楊爭林;曹榮章;胡俊;唐國慶;;電力市場運(yùn)營系統(tǒng)中的安全訪問控制[J];電力系統(tǒng)自動化;2006年07期

6 皮建勇;劉心松;廖東穎;吳艾;;基于VPN的電力調(diào)度數(shù)據(jù)網(wǎng)絡(luò)安全方案[J];電力系統(tǒng)自動化;2007年14期

7 姚虹春;郭經(jīng)紅;;WiMAX技術(shù)發(fā)展及其在配電網(wǎng)通信中的應(yīng)用[J];電力系統(tǒng)通信;2007年01期

8 張嵐;;SSL VPN技術(shù)在電力企業(yè)移動辦公中的應(yīng)用[J];電力系統(tǒng)通信;2008年01期

9 蒲建發(fā);李元九;王文發(fā);;基于MPLS VPN的泉州電力數(shù)據(jù)通信網(wǎng)的建設(shè)與應(yīng)用[J];電力系統(tǒng)通信;2009年11期

10 李玉杰;李方軍;;MPLS-VPN在電力信息網(wǎng)中的應(yīng)用[J];電力系統(tǒng)通信;2009年12期

相關(guān)博士學(xué)位論文 前1條

1 張濤;量子密鑰分配網(wǎng)絡(luò)研究[D];中國科學(xué)技術(shù)大學(xué);2008年

，

本文編號：1524990