本文關鍵詞： 量子密鑰分配 量子密鑰分配網絡 安全性 實用化 電力通信　出處：《中國科學技術大學》2014年博士論文　論文類型：學位論文

【摘要】：量子密碼分配技術為通信雙方提供了一種獲得無條件安全密鑰的分發(fā)手段。量子密碼的安全性和應用是其研究的核心內容。 在安全性方面,目前,大部分量子密鑰分配協議在最普適的相干攻擊下,其安全性已經得到了完全的證明。但是這不代表實際系統(tǒng)也是安全的。實際量子密鑰分配系統(tǒng)與理論協議存在一定的差異,比如,實際器件存在非理想特性,難以滿足協議嚴格要求的條件,這些差異可能被竊聽者利用來獲取部分甚至全部的密鑰信息。另外,有限的密鑰長度與理想協議的假設條件也不同,需要對安全性分析進行修正。因此實際系統(tǒng)需要更嚴格的安全性分析和論證,這是當前的研究熱點。 在量子密鑰分配系統(tǒng)的應用研究方面,經過幾十年的發(fā)展,量子密鑰分配技術已經能滿足建立網絡的要求,將量子密鑰分配技術融合到經典網絡中,更能充分發(fā)揮量子密碼的優(yōu)勢,能更有效地保證數據的安全性�，F實生活環(huán)境下的量子密鑰分配應用受到了越來越多的關注。量子密碼的應用需要結合具體的網絡特點和用戶需求進行設計。 本文重點介紹了量子密鑰分配系統(tǒng)的實際安全性和它的相關應用。這篇論文主要完成了以下幾個工作。 在實際安全性方面,論文首先研究了部分分束攻擊下誘騙態(tài)BB84協議的安全性,詳細分析了部分分束攻擊策略,從光子概率分布的角度給出了部分分束攻擊的模型,得到被攻擊后到達接收端脈沖的光子數分布以及攻擊后的計數率；分幾種情況討論了攻擊參數的優(yōu)化選擇問題；通過比較單光子計數率的理論值和估計值,指出誘騙態(tài)BB84協議在該攻擊下也是安全的。 其次論文研究了誘騙態(tài)協議中用于態(tài)制備的隨機數對安全性的影響,假設態(tài)制備隨機數泄露的比例為p,結合部分分束攻擊提出了兩種不同的攻擊策略并分析了攻擊者獲得的信息量；我們給出了隨機數泄露比的下限,結果顯示當攻擊者利用策略二想獲取全部的密鑰信息時,它至少需要知道的隨機數比例的下限隨著傳輸距離的增加指數衰減。 然后論文研究了系統(tǒng)設置死時間后的碼率估算問題,利用蒙特卡洛的方法來模擬探測過程,能便捷地給出密鑰率最大時的最優(yōu)死時間；該數值方法能夠充分考慮探測器的暗計數和后脈沖等的影響,為實際系統(tǒng)的研制和應用奠定了基礎。 在安全性方面,我們最后分析了真空態(tài)+單誘騙態(tài)協議下真空態(tài)的統(tǒng)計漲落對密鑰率的影響,結果表明給定總脈沖數時,存在一個最優(yōu)的真空態(tài)比例使得密鑰率達到極大值。 本文的第二部分主要側重于研究量子密鑰分配系統(tǒng)應用于電力通信網的可行性,結合電網的特殊環(huán)境(架空光纖等),本文從編碼方式、同步模式等方面提出了適合電網的量子密鑰分配方案。 然后分析了電力通信網的安全需求,設計了將量子密碼用在電網中的兩個應用實例,第一個是利用量子密碼來提高電網SSL VPN數據傳輸的安全性。論文分析了電網數據傳輸的特點,提出量子密碼的四種應用模式,并設計了協議過程進行量子密鑰的使用模式和相關控制信息的協商。第二個是利用量子密碼來提高電網WiMAX無線通信的安全性。該應用中,量子密鑰的存儲和讀取是按分段方式進行的。論文提出了雙重加密的方法并設計了數據傳輸格式,先利用量子密鑰加密數據,然后利用WiMAX無線通信傳輸該加密信息。
[Abstract]:Quantum cryptography technology provides a communication means for the two sides to obtain unconditionally secure keys. The security and application of quantum cryptography is the core of its research.
In terms of security, at present, most of the protocols of quantum key distribution in coherent attacks most pervasive, its safety has been fully proved. But this does not represent the actual system is safe. There are some differences in practical quantum key distribution system and the theory of agreement for example, actual devices are non ideal characteristics, it is difficult to to meet the stringent requirements of the agreement, these differences may be obtained even using all the key part of information eavesdropping. In addition, the limited length of the key assumptions and the ideal protocol is different, the need for safety analysis is corrected. So the actual needs of the system safety analysis and demonstration of the more strict, this is the current research focus.
In the aspect of the application of quantum key distribution system, after decades of development, quantum key distribution technology has established can meet the requirement of network integration technology to the classical quantum key distribution network, can give full play to the advantages of quantum cryptography, can more effectively ensure the safety of data. The application of quantum key distribution in real life the environment has attracted more and more attention. The application of quantum cryptography to design combined with the specific characteristics of the network and the needs of users.
This paper focuses on the practical security of the quantum key distribution system and its related applications. This paper has completed the following work.
In the security aspect, the thesis firstly studies the safety of decoy state BB84 protocol consists of beam under attack, a detailed analysis of some splitting attack strategy, given some splitting attack model from the perspective of the probability distribution of photons, get attacked after the arrival of the photon number distribution receiver and pulse counting after the attack. Rate; several cases discussed the optimization problem of attack parameters; through the comparison of the single photon counting rate of the theoretical value and the estimated value, pointed out that the BB84 decoy state protocol is secure in the attack.
Secondly, study the influence of random number states on the preparation of safety for decoy state protocol, assuming the state preparation of random number leakage ratio of P, combined with the beam splitting attack presents two different attack strategies and the analysis of the amount of information the attacker getting; we give a lower bound than the random number leaked the results show, when the attacker using two strategies to obtain all the key information, the lower it needs at least know the proportion of random number with increasing attenuation index of the transmission distance.
Then the paper studies the rate of system setting dead time after estimation, to simulate the detection process using the Monte Carlo method can easily give optimal key rate at maximum dead time; the numerical method can fully consider the detector counts and after pulse and so on, which provides a basis for the development and application of the system.
In terms of security, we finally analyze the influence of the statistical fluctuation of the vacuum state on the key rate under the vacuum state + single decoy protocol. The results show that when the total number of pulses is given, there is an optimal vacuum state ratio, so that the key rate reaches the maximum value.
The second part of this paper mainly focuses on the feasibility of applying quantum key distribution system to electric power communication network. Combined with the special environment of grid, such as overhead optical fiber, this paper proposes a QKD scheme suitable for power grid from aspects of coding mode and synchronization mode.
And then analyzes the security requirements of the electric power communication network, the design of the two application of quantum cryptography used in the power grid, the first one is to improve the safety of power grid SSL VPN data transmission using quantum cryptography. This paper analyzes the characteristics of network data transmission, put forward four kinds of application modes of quantum cryptography, usage patterns and related the control information and the design of the protocol of quantum key negotiation. The second is to improve the safety of power grid WiMAX wireless communication using quantum cryptography. The application of quantum key storage and reading is carried out according to section. This paper puts forward the methods of double encryption and the design of the data transmission format, using quantum the key to encrypt the data, then use WiMAX wireless communication to transmit the encrypted information.

【學位授予單位】：中國科學技術大學
【學位級別】：博士
【學位授予年份】：2014
【分類號】：TN918;O413

【參考文獻】

相關期刊論文 前10條

1 趙文清,王德文;PKI在電力系統(tǒng)信息網絡安全中的應用[J];電力科學與工程;2003年03期

2 宋磊,羅其亮,羅毅,涂光瑜;電力系統(tǒng)實時數據通信加密方案[J];電力系統(tǒng)自動化;2004年14期

3 孟建良,亢建波,龐春江,劉偉達,鮑琳麗;角色訪問控制模型在兩票管理系統(tǒng)中的應用[J];電力系統(tǒng)自動化;2004年23期

4 段斌;劉念;王鍵;黃生龍;;基于PKI／PMI的變電站自動化系統(tǒng)訪問安全管理[J];電力系統(tǒng)自動化;2005年23期

5 宋燕敏;楊爭林;曹榮章;胡俊;唐國慶;;電力市場運營系統(tǒng)中的安全訪問控制[J];電力系統(tǒng)自動化;2006年07期

6 皮建勇;劉心松;廖東穎;吳艾;;基于VPN的電力調度數據網絡安全方案[J];電力系統(tǒng)自動化;2007年14期

7 姚虹春;郭經紅;;WiMAX技術發(fā)展及其在配電網通信中的應用[J];電力系統(tǒng)通信;2007年01期

8 張嵐;;SSL VPN技術在電力企業(yè)移動辦公中的應用[J];電力系統(tǒng)通信;2008年01期

9 蒲建發(fā);李元九;王文發(fā);;基于MPLS VPN的泉州電力數據通信網的建設與應用[J];電力系統(tǒng)通信;2009年11期

10 李玉杰;李方軍;;MPLS-VPN在電力信息網中的應用[J];電力系統(tǒng)通信;2009年12期

相關博士學位論文 前1條

1 張濤;量子密鑰分配網絡研究[D];中國科學技術大學;2008年

，

本文編號：1524990