【作者】 温浩；

【导师】 韩正甫； 洪佩琳； 郭光灿；

【作者基本信息】 中国科学技术大学 ， 通信与信息系统， 2008， 博士

【摘要】 量子密钥分配(Quantum Key Distribution,QKD)能够在两个远程实体Alice、Bob之间绝对安全的共享密钥,这个过程依靠的是量子力学的物理定律而不是通常密钥分配所依赖的计算复杂度,从而让密码系统的安全性提高到了一个新的高度。迄今为止,QKD在理论上和实验上都取得了很大的进展,世界上众多研究小组研制的实际系统无论密钥传输速率、传输距离还是系统稳定性方面都有了大的突破,而少数公司也开始提供商业的点到点QKD设备。QKD网络是未来QKD向多用户、高速率、长距离发展的必然趋势。正因为其重要性,近年来美欧日等国家都不约而同的加大了对QKD网络的投入和研究,近年来也提出了不少的网络方案。然而,QKD网络在理论架构上一直没有系统的研究,从而影响了其进一步的发展。本文首次系统的研究QKD网络的特点,其主要内容如下:1.将目前已经提出的各种QKD网络方案进行分类研究,首次按照实现的不同特点将其明确的划分为信任中继网络(TRN-QKD)、无源光器件网络(PON-QKD)和量子纠缠网络(QEN-QKD),分别进行讨论。2.针对信任中继网络中信任节点可能会被攻击而使得网络不可靠的情形,我们提出了节点安全概率模型,在此基础上采用多路径秘密共享以及随机路由的方案在很大概率上可以保证网络在该情形下的安全性,计算结果也证明了该方案的明显效果;针对密钥生成速率与加密数据的速率可能不同步,建立了信任中继网络排队模型,采用预缓冲策略改善其延时性能;最后参考经典网络编码的理论,我们也对信任中继网的多用户密钥共享情况下的网络编码进行了移植。3.归纳总结了采用各种无源光器件构成的网络,包括了分束器网络、光开关网络和波分复用网络、波长总线网络、波长路由网络等。关于这类网络已经有很多实验方案,但尚没有统一的评价标准和分析方法。本文第一次给出了对一般无源光器件网络具有普适性的网络评价指标体系的初级模型,提出包括网络容量、网络连通度、网络成本模型包括终端用户成本和网络路由的成本等指标。以此对五种常见PON-QKD的性价比进行了横向比较。4.针对以一般纠缠态为基础的量子纠缠网络,我们着重考虑任意两个用户之间由一般纠缠态转换到最大纠缠态的概率(Singlet Conversion Probability,SCP),这个概率也代表了密钥建立的成功概率。在单个量子复发器(QuantumRepeater)的情况下,给出纠缠保留的最佳策略,并将其推广到1维量子纠缠链。对于2维量子纠缠网络,在两用户相隔距离不是太远的情况下,采用多路径纠缠方案可以很好的提高最终SCP概率。而在距离比较远的情况下,我们应用经典渝渗理论的概念,利用量子渝渗过程,让SCP基本等于渝渗概率的平方,从而不受距离的影响。我们也提出了量子纠缠网络的渐进性渝渗和各向异性渝渗概念。5.分析了在经典光网络下,经典噪声给QBER带来的影响。在QKD与经典网络的结合方面,针对当前广泛使用的Internet和虚拟专用网(Vitual PrivateNetwork,VPN)技术,首次明确给出了QKD在PPP隧道技术和IPSec协议中的应用展示。6.针对现实中对网络需求的多样性,提出QKD骨干网和接入网的分级制度来实现各种不同类型QKD网络的融合以更好的符合现实需求。受到OSI参考模型的启发,首次提出了一个通用的QKD网络层次模型,兼容了上述各种网络,同时将下层的具体物理链路、网络方案和上层的密钥提取协议、密钥管理等功能分开,以简化整个网络的设计。这个层次模型具有前瞻性和广泛性,为今后复杂的QKD网络研究奠定了原理性的基础。更多还原

【Abstract】 Quantum key distribution (QKD), based on the laws of quantum physics rather than the mathematical computational complexity, can distribute key between two distant entities Alice and Bob, with the unconditional security, which brings security of cryptography into a higher level. The rapid progress in theory and experiment of QKD techniques has been reflected by a number of successful demonstrations in the last few years, including both the high key generation rate and long transmission distance. Many groups all over the world have put forward QKD setups operating in the standard point-to-point modus, some of which are already commercial available.To fulfill the requirements of multiple users’ secure communications, QKD network becomes the trend towards distributing the secret keys on many-to-many nodes over potentially unlimited distances in the near future. Work toward the QKD network which supports multi-user, high rate and long distance with compatibility and robustness will allow QKD to achieve widespread usage in practical environments. Though many schemes of QKD networks have been presented, a systematic theoretic research is still absent. This paper studies the characteristics of QKD network, trying to propose protocols and mechanisms on various networks. The main contents include:1. According to the construction principle, three main types of QKD networks are discussed, which are trusted-relay based QKD network (TRN-QKD), passive-optical-element based QKD network (PON-QKD), quantum entanglement based QKD network (QEN-QKD),2. TRN-QKD can conveniently adopt many different point-to-point QKD schemes with low cost. However TRN-QKD may have security loophole when some trusted nodes become untrusted due to Eve’s attack. In chapter 3, based on our safe probability model, we propose the multi-path secrecy sharing and stochastic routing scheme to avoid this problem with probability close to 1. Similar to the classical one, we utilize the queuing model to analyze the key delay, and propose a pre-buffer strategy to improve the delay performance, hence the Quality of Service (QoS) on TRN-QKD. Finally, the classical network coding can be seamlessly applied to TRN-QKD in the case of multi-user key sharing.3. Various PON-QKDs are introduced, which are constructed by beam-splitter, optical-switch and wavelength divided multiplexer (WDM) etc. We firstly set up the concepts of network capacity and connectivity on behalf of PON-QKD’s performance. On the other hand, network cost including end user’s cost and routing cost can reflects the economic feature of PON-QKD. Combining these two parameters, we can get the performance price ratio to describe PON-QKD synthetically. The comparison results of five PON-QKDs are given in chapter 4.4. QEN-QKD is consist of many nodes with the identical pure entanglement state between two adjacent nodes. What we focus on is the conversion probability of a general entanglement into the perfect entanglement, or singlet conversion probability (SCP). Based on the one repeater’s result, we deduce the 1-dimentional chain strategy. In the case of small size of 2-d QEN-QKD, we may use multi-path scheme to increase SCP. While in the case of large size, no matter what distance, SCP mainly equals to the percolation probability’s square using percolation theory. Finally we also propose asymptotic and anisotropic percolation effect.5. We study the compatibility between QKD and classical optical communication network in chapter 2, by analyzing the classical noise’s influence to QBER. To apply QKD in Virtual Private Network (VPN), we give two demonstrations on PPP channel and IPSec protocol respectively.6. Finally in chapter 6, we present the idea of backbone and access networks. The QKD network layer model is also described in detail, which contains quantum link layer, quantum network layer, key extraction layer and key management layer. This architecture can be used in further QKD networks’ research and implementations.更多还原