摘要
基于虚拟专用网(virtual private networks,VPN)技术的电力系统调度数据网使用对称加密技术来保护通信数据的安全性,加密密钥的分配和使用都存在不安全因素。为此,提出将量子密钥分配网络与电网相融合的方案,利用量子密钥分配技术解决密钥安全分配的问题,使通信双方之间能共享无条件安全的密钥。两网融合方案是通过使用量子服务器和VPN服务器来实现的,服务器能完成量子密钥从量子网络到电网应用的调度。通过对安全套接层(secure sockets layer,SSL)协议进行详细分析,从认证密钥、主密钥和会话密钥3个层次给出了量子密码的应用形式。在通信协议方面,为减少对现有协议的修改,通过附加的协商过程来协商量子密码的应用形式,实现密钥的获取和替换。该方法降低了整个融合方案的复杂性,提高了其可用性。
Based on the technology of virtual private networks (VPN), the symmetric cryptographic technique is utilized in the data network for power dispatching to ensure the security of communication data. However, there are potential insecurity factors in both distribution and usage of encryption keys. Thus a scheme to merge the quantum key distribution network with power grid dispatching data network is proposed to achieve secure key distribution by quantum key distribution (QKD) and make both sides of communication enable to share unconditional security keys. The merging of the two networks is implemented by using the quantum server and the VPN server, which can transmit the quantum key from the quantum network to power dispatching data network. Through the detailed analysis on secure sockets layer (SSL) protocol, the application forms of quantum key in three hierarchies, namely authentication key, master key and session key, is given. In the aspect of communication protocol, to decrease the modification of existing protocols the acquisition and replacement of keys are implemented by additional negotiation process to determine the application form of quantum keys. The proposed method reduces the complexity of the whole merging scheme and improves its usability.
出处
《电网技术》
EI
CSCD
北大核心
2014年第2期544-548,共5页
Power System Technology
基金
国家电网公司科技项目(17201200028)
中国博士后科学基金(2012M511419)
作者简介
刘东(1986-),女,博士研究生,研究方向为量子密码应用;
王双(1983-),男,副研究员,研宄方向为量子密码系统设计、量子密码应用,E—mail:wshuang@ustc.edu.cn
周静(1980-),女,高级工程师,研究方向为电力系统通信、光网络规划设计、量子保密通信;
许曼莉(1990-),女,硕士研究生,研究方向为电子学控制;
陈巍(1977-),男,副教授,研究方向为量子密码方案、系统控制及其应用;
韩正甫(1962-),男,教授,研宄方向为量子光学、量子信息、量子密码。
