针对恶意节点的量子密钥分发网络分布式信息理论安全协议

IF 4 2区 计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE Journal of Optical Communications and Networking Pub Date : 2024-09-17 DOI:10.1364/JOCN.530575
Yi Luo;Qiong Li;Hao-Kun Mao
{"title":"针对恶意节点的量子密钥分发网络分布式信息理论安全协议","authors":"Yi Luo;Qiong Li;Hao-Kun Mao","doi":"10.1364/JOCN.530575","DOIUrl":null,"url":null,"abstract":"Quantum key distribution (QKD) networks are expected to enable information-theoretical secure (ITS) communication over a large-scale network. Most research on relay-based QKD networks assumes all relays or nodes are completely trustworthy. However, this assumption is unreasonable because the malicious behavior of even a single node can undermine the security of the entire network. Currently, there is no method to directly distinguish between honest nodes and malicious nodes. Moreover, the status of nodes as honest or malicious can be dynamic. Therefore, a solution is needed that can withstand a certain proportion of malicious nodes in QKD networks. We propose a novel paradigm, inspired by distributed systems, to address the active and passive attacks by collaborating with malicious nodes in QKD networks. First, regarding security, we propose the ITS distributed authentication scheme, which additionally ensures two crucial security properties to QKD networks: identity unforgeability and non-repudiation. Second, concerning correctness, we propose an ITS fault-tolerant consensus scheme based on our ITS distributed authentication to ensure global consistency. This enables participating nodes to collaborate correctly and complete end-to-end key distribution within a constant number of communication rounds. Through our simulation, we have shown that our scheme exhibits a significantly lower growth trend in key consumption compared to the original end-to-end pre-shared keys scheme. For instance, in larger networks, such as when the number of nodes is 80, our scheme’s key consumption is only 13.1% of the pre-shared keys scheme.","PeriodicalId":50103,"journal":{"name":"Journal of Optical Communications and Networking","volume":"16 10","pages":"956-968"},"PeriodicalIF":4.0000,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Distributed information-theoretical secure protocols for quantum key distribution networks against malicious nodes\",\"authors\":\"Yi Luo;Qiong Li;Hao-Kun Mao\",\"doi\":\"10.1364/JOCN.530575\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Quantum key distribution (QKD) networks are expected to enable information-theoretical secure (ITS) communication over a large-scale network. Most research on relay-based QKD networks assumes all relays or nodes are completely trustworthy. However, this assumption is unreasonable because the malicious behavior of even a single node can undermine the security of the entire network. Currently, there is no method to directly distinguish between honest nodes and malicious nodes. Moreover, the status of nodes as honest or malicious can be dynamic. Therefore, a solution is needed that can withstand a certain proportion of malicious nodes in QKD networks. We propose a novel paradigm, inspired by distributed systems, to address the active and passive attacks by collaborating with malicious nodes in QKD networks. First, regarding security, we propose the ITS distributed authentication scheme, which additionally ensures two crucial security properties to QKD networks: identity unforgeability and non-repudiation. Second, concerning correctness, we propose an ITS fault-tolerant consensus scheme based on our ITS distributed authentication to ensure global consistency. This enables participating nodes to collaborate correctly and complete end-to-end key distribution within a constant number of communication rounds. Through our simulation, we have shown that our scheme exhibits a significantly lower growth trend in key consumption compared to the original end-to-end pre-shared keys scheme. For instance, in larger networks, such as when the number of nodes is 80, our scheme’s key consumption is only 13.1% of the pre-shared keys scheme.\",\"PeriodicalId\":50103,\"journal\":{\"name\":\"Journal of Optical Communications and Networking\",\"volume\":\"16 10\",\"pages\":\"956-968\"},\"PeriodicalIF\":4.0000,\"publicationDate\":\"2024-09-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Optical Communications and Networking\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10682116/\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Optical Communications and Networking","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10682116/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0

摘要

量子密钥分发(QKD)网络有望在大规模网络上实现信息理论安全(ITS)通信。关于基于中继的 QKD 网络的大多数研究都假设所有中继或节点都是完全可信的。然而,这种假设是不合理的,因为即使是单个节点的恶意行为也会破坏整个网络的安全性。目前,还没有直接区分诚实节点和恶意节点的方法。此外,节点的诚实或恶意状态可能是动态的。因此,我们需要一种能承受 QKD 网络中一定比例恶意节点的解决方案。受分布式系统的启发,我们提出了一种新的范例,通过与 QKD 网络中的恶意节点合作来解决主动和被动攻击问题。首先,在安全性方面,我们提出了 ITS 分布式验证方案,该方案还能确保 QKD 网络的两个关键安全属性:身份不可伪造性和不可抵赖性。其次,在正确性方面,我们提出了基于 ITS 分布式验证的 ITS 容错共识方案,以确保全局一致性。这使得参与节点能够正确协作,并在一定的通信轮数内完成端到端的密钥分发。通过仿真,我们发现与原始的端到端预共享密钥方案相比,我们的方案在密钥消耗方面的增长趋势要低得多。例如,在节点数为 80 个的大型网络中,我们方案的密钥消耗量仅为预共享密钥方案的 13.1%。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Distributed information-theoretical secure protocols for quantum key distribution networks against malicious nodes
Quantum key distribution (QKD) networks are expected to enable information-theoretical secure (ITS) communication over a large-scale network. Most research on relay-based QKD networks assumes all relays or nodes are completely trustworthy. However, this assumption is unreasonable because the malicious behavior of even a single node can undermine the security of the entire network. Currently, there is no method to directly distinguish between honest nodes and malicious nodes. Moreover, the status of nodes as honest or malicious can be dynamic. Therefore, a solution is needed that can withstand a certain proportion of malicious nodes in QKD networks. We propose a novel paradigm, inspired by distributed systems, to address the active and passive attacks by collaborating with malicious nodes in QKD networks. First, regarding security, we propose the ITS distributed authentication scheme, which additionally ensures two crucial security properties to QKD networks: identity unforgeability and non-repudiation. Second, concerning correctness, we propose an ITS fault-tolerant consensus scheme based on our ITS distributed authentication to ensure global consistency. This enables participating nodes to collaborate correctly and complete end-to-end key distribution within a constant number of communication rounds. Through our simulation, we have shown that our scheme exhibits a significantly lower growth trend in key consumption compared to the original end-to-end pre-shared keys scheme. For instance, in larger networks, such as when the number of nodes is 80, our scheme’s key consumption is only 13.1% of the pre-shared keys scheme.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
CiteScore
9.40
自引率
16.00%
发文量
104
审稿时长
4 months
期刊介绍: The scope of the Journal includes advances in the state-of-the-art of optical networking science, technology, and engineering. Both theoretical contributions (including new techniques, concepts, analyses, and economic studies) and practical contributions (including optical networking experiments, prototypes, and new applications) are encouraged. Subareas of interest include the architecture and design of optical networks, optical network survivability and security, software-defined optical networking, elastic optical networks, data and control plane advances, network management related innovation, and optical access networks. Enabling technologies and their applications are suitable topics only if the results are shown to directly impact optical networking beyond simple point-to-point networks.
期刊最新文献
Introduction to the Benchmarking in Optical Networks Special Issue Protocol-aware approach for mitigating radiation-induced errors in free-space optical downlinks Security enhancement for NOMA-PON with 2D cellular automata and Turing pattern cascading scramble aided fixed-point extended logistic chaotic encryption In-network stable radix sorter using many FPGAs with high-bandwidth photonics [Invited] Power-consumption analysis for different IPoWDM network architectures with ZR/ZR+ and long-haul muxponders
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1