阅读说明：本技术 一种基于光纤信道特征提取的混沌同步密钥分发方法及系统 (Chaotic synchronization key distribution method and system based on optical fiber channel feature extraction ) 是由 张�杰 郭宏 于 2021-06-09 设计创作，主要内容包括：本发明公开了一种基于光纤信道特征提取的混沌同步密钥分发方法及系统,所述方法包括：提取光纤信道特征并计算得到协商密钥；利用密钥后处理技术对协商密钥进行处理,得到一致的密钥；将一致的密钥作为高维混沌方程的同步初值,经高维混沌方程同步运行得到混沌序列；将混沌序列量化得到的0/1数字序列作为密钥分发得到的密钥。本发明采用动态密钥结合高维混沌方程的密钥分发方法,将提取光纤信道特征得到的一致性密钥作为混沌同步的初值,采用高维混沌方程实现基于混沌同步的高速密钥分发。根据算法确定性原理,基于相同硬件平台的混沌方程能够实现运行同步,密钥协商双方产生完全同步的混沌序列,用相同的混沌序列量化方法产生完全相同的密钥。(The invention discloses a chaos synchronization key distribution method and a chaos synchronization key distribution system based on optical fiber channel characteristic extraction, wherein the method comprises the following steps: extracting the optical fiber channel characteristics and calculating to obtain a negotiation key; processing the negotiation key by using a key post-processing technology to obtain a consistent key; taking the consistent key as a synchronous initial value of a high-dimensional chaotic equation, and synchronously operating the key through the high-dimensional chaotic equation to obtain a chaotic sequence; and the 0/1 digital sequence obtained by quantizing the chaotic sequence is used as a key obtained by key distribution. The invention adopts a key distribution method combining a dynamic key and a high-dimensional chaotic equation, takes a consistent key obtained by extracting the characteristics of an optical fiber channel as an initial value of chaotic synchronization, and adopts the high-dimensional chaotic equation to realize high-speed key distribution based on the chaotic synchronization. According to the algorithm certainty principle, the chaos equation based on the same hardware platform can realize the operation synchronization, the two key negotiation parties generate completely synchronous chaos sequences, and the same chaos sequence quantization method is used for generating completely same keys.)

1. A chaos synchronization key distribution method based on optical fiber channel feature extraction is characterized by comprising the following steps:

(1) extracting the optical fiber channel characteristics to obtain a negotiation key;

(2) processing the negotiation key by using a key post-processing technology to obtain a consistent key;

(3) taking the consistent key as a synchronous initial value of a high-dimensional chaotic equation, and synchronously operating the key through the high-dimensional chaotic equation to obtain a chaotic sequence;

(4) and the 0/1 digital sequence obtained by quantizing the chaotic sequence is used as a key obtained by key distribution.

2. The method for distributing the chaotic synchronization key based on the fiber channel feature extraction according to claim 1, wherein the step (1) of extracting the bit error rate feature of the fiber channel comprises the steps of:

a first client/a second client in the clients map locally and randomly generated negotiation data by using a randomly generated key base A/A' and then send the mapping data to the second client/the first client; the second client/the first client uses the randomly generated key base B/B 'to perform demapping on the data sent by the first client/the second client, and the data obtained through demapping is returned to the first client/the second client and attached to the randomly generated key base B/B'; the first client/the second client uses the key base A/A' to de-map the data sent by the second client/the first client; the first client/the second client obtains the positions where the key base A/A ' and the key base B/B ' have the same numerical value, and the first client/the second client compares the negotiation data at the positions where the key base numerical value is equal with the negotiation data at the positions where the key base B/B ' is locally randomly generated to calculate the error rate.

3. The method for distributing the chaotic synchronization key based on the fiber channel feature extraction according to claim 2, wherein in the step (1), the negotiation key is obtained based on the calculated consistent error rate, and the method comprises the following steps:

and calculating the average value of the error rate in a period of time according to the error rate value in the bidirectional loopback optical fiber channel in the period of time. If the currently calculated error rate is larger than the average value, quantizing the currently calculated error rate into 1 to obtain a negotiation key 1; otherwise, quantizing the currently calculated error rate into 0 to obtain a negotiation key 0.

4. The method for chaotic synchronization key distribution based on fiber channel feature extraction according to claim 1, wherein in the step (2),

and processing the negotiation key by using a Cascade key post-processing protocol to obtain a consistent key.

5. The method for chaotic synchronization key distribution based on fiber channel feature extraction according to claim 1, wherein in the step (3),

according to the algorithm certainty principle, the chaos equation based on the same hardware platform realizes operation synchronization, the chaos sequence generated by the chaos equation is determined by the chaos equation coefficient and the chaos initial value, and both sides of the key agreement generate a completely synchronous chaos sequence.

6. The method for chaotic synchronization key distribution based on fiber channel feature extraction according to claim 5, wherein in the step (3),

and the two parties of key agreement reserve part of data in the completely synchronous chaotic sequence as a subsequent chaotic synchronization initial value, and the part of data takes data at the same position in the chaotic sequence.

7. The method for chaotic synchronization key distribution based on fiber channel feature extraction according to claim 1, wherein in the step (4),

according to the property of the Logistic chaotic system, the Logistic chaotic system has a mean value, and the mean value of a chaotic sequence is calculated in advance;

if the numerical value of the current chaotic sequence is larger than the mean value of the chaotic sequence, quantizing the current chaotic sequence into 1 to obtain a distributed secret key 1; otherwise, quantizing the current chaotic sequence into 0 to obtain a distributed key 0.

8. The method for chaotic synchronization key distribution based on fiber channel feature extraction according to claim 7, wherein in the step (4),

the chaos sequences generated by the two parties of the key distribution are the same, and the keys generated by the same chaos sequence quantization method are completely the same according to the algorithm certainty principle.

9. A chaotic synchronization key distribution system based on optical fiber channel feature extraction is characterized by comprising an optical fiber channel feature extraction module, a key negotiation module, a key post-processing module, a chaotic synchronization initial value module and a chaotic sequence quantization module;

the optical fiber channel characteristic extraction module is used for extracting the error rate of the optical signal in the optical fiber channel;

the key negotiation module obtains a negotiation key according to the error rate of the optical signal in the optical fiber channel;

the key post-processing module is used for post-processing the negotiation key to generate a consistent key;

the chaotic synchronization module inputs the same chaotic equation to run and generate the same chaotic sequence by taking the consistent secret key as a chaotic initial value;

the chaotic synchronization initial value module is used for reserving partial data in the same chaotic sequence as a subsequent chaotic synchronization initial value by the two key negotiation parties;

and the chaotic sequence quantization module is used for distributing an 0/1 digital sequence obtained by quantizing the chaotic sequence as a key.

10. The chaotic synchronization key distribution system based on fiber channel feature extraction according to claim 9, wherein the fiber channel feature extraction module comprises a negotiation data generation module, a QNSC data mapping module, an optical transmission module, an optical add-drop multiplexing module, an optical reception module, a QNSC data demapping module, a key base generation module, and a bit error rate calculation module;

the negotiation data generating module is used for generating random negotiation data of the key negotiation between the two parties and transmitting the random negotiation data in the optical fiber channel in a loopback mode;

the QNSC data mapping module is used for mapping the negotiation data generated locally and randomly by using a key base A/A';

the optical transmission module is used for transmitting an optical signal to the optical fiber link;

the optical add-drop multiplexing module is used for adding or dropping the optical signal of the negotiation data to the optical fiber;

the optical receiving module is used for receiving optical signals from the optical fiber link;

and the QNSC data demapping module is used for demapping the data which is received by the optical receiving module, sent by the opposite terminal and subjected to negotiation loop back. The data sent by the opposite terminal is demapped by B/B ', and the data looped back through negotiation is demapped by A/A';

the key base generation module is used for generating a key base and outputting the key base to the QNSC data mapping module and the QNSC data demapping module;

and the error rate calculation module is used for comparing the negotiation data generated at random locally with the negotiation data looped back through the channel to calculate the error rate.

Technical Field

The invention belongs to the technical field of secret communication, and particularly relates to a chaotic synchronization key distribution method and system based on optical fiber channel characteristic extraction.

Background

In recent years, information technology is rapidly developed, unprecedented changes are brought to the development of human life and economy, and a large number of links of information and data generation, transmission, exchange, processing and the like exist in new technology and new application. The optical communication speed and distance are greatly improved, and the optical network opening capacity is obviously enhanced. Optical fiber communication systems and networks are the most important means for backbone networks and access networks, and are responsible for information transmission. The existing optical communication can not resist line or node eavesdropping attack, faces the risks of hijacking information by being tapped and hijacking information by being connected in series, and poses serious threat to the high-speed interconnection security of key information infrastructure. With the development of quantum computers with strong deciphering capacity, the data content of optical communication has the major hidden trouble of being intercepted, copied and tampered. Most widely used optical fiber channels have no security guarantee on a physical layer, and an attacker can easily eavesdrop the channels and destroy information confidentiality, integrity and the like. The optical fiber transmission process is basically in an un-fortifying state, and an optical signal can be directly intercepted from an optical cable or an optical amplifier to intercept carried data information.

Because the physical layer security threat and influence are increasingly prominent, and meanwhile, the traditional cryptosystem based on the computational complexity can not deal with the strong cracking capability from a quantum computer, the information content transmitted in the optical network faces the embarrassment of being transparent, copied and tampered. For this reason, we reconsider the intrinsic relationship between communication and security and explore the technical approach of physical layer encryption. The physical layer security means is adopted, the security degree of the physical layer security means is irrelevant to the content of data information, and the physical layer security means can implement security protection on all transmission signals on the optical fiber line. The physical layer safety communication technology can improve the interception resistance of line information and ensure the transmission performance of the system. Therefore, the method for improving the security of the communication system by using the physical layer security scheme becomes a new research hotspot and receives wide attention at home and abroad.

With the continuous increase of services such as data centers, cloud computing, big data and the like, the optical fiber communication technology is rapidly developed. In addition, the secure transmission of optical signal data is also a development target of future optical networks driven by internet services represented by telemedicine, financial data, and the like. The secure communication between two legitimate users is based on the premise that the used security key is only known by both communication parties, so in the secure communication system, secure key distribution is very important.

In order to solve the above problem, it is a conventional practice to use an encryption technique and an authentication technique. The theoretical basis of the existing safety system is a difficult problem in mathematics, such as the decomposition problem of large integers and the like. However, the classical encryption technology relies on the algorithm computation complexity to provide network security protection, and has the problems of high cost, large time delay, complex configuration and the like. The communication performance of the traditional encryption equipment is restricted by the computing processing capacity, and the requirement of the Gbps rate data encryption of the high-speed broadband network in the big data era is difficult to meet. The communication bandwidth loss and data delay introduced by the classical encryption technology also limit the security protection capability of key information infrastructure.

Quantum Key Distribution (QKD) utilizes the fundamental principles of quantum mechanics to ensure unconditional security of a communication link, the security of which has been proven by various theories. However, quantum key distribution systems at present have limited performance in terms of key distribution rate and available transmission distance. Most of the currently publicly reported verifiable QKD networks have few users and are difficult to popularize on a large scale.

The new network information security technology represented by quantum key distribution still needs to be perfected, and a plurality of restriction factors exist at present. For example, in the present stage, the quantum key distribution system has limited performance in the aspects of key generation rate, available transmission distance and the like, and is difficult to popularize on a large scale. And multiple key technologies in key devices, quantum relays and satellite-to-ground quantum communication required by quantum key distribution need to be broken through. In addition, security holes may be caused by non-ideal characteristics of quantum key distribution devices and systems, and key relaying by using a trust node in long-distance transmission may also become a risk point of system security. Quantum Key Distribution (QKD) utilizes the fundamental principle of quantum mechanics to ensure unconditional security of a communication link, and at the present stage, a quantum key distribution system has limited performance in the aspects of key distribution rate, available transmission distance and the like, and is difficult to popularize on a large scale.

Chaotic optical communication is a technology for realizing signal hiding by methods such as chaotic keying, chaotic hiding, chaotic modulation and the like by utilizing the nonlinear dynamic characteristic of a laser system. The chaos becomes a potential secret communication technical means due to the unique sensitivity to an initial value, the randomness and the unpredictability, and the safety of a communication system can be effectively improved. However, the distribution of the chaotic synchronization key has potential safety hazard, and the eavesdropping party realizes synchronization with a legal communication party by changing the unidirectional coupling strength in a unidirectional coupling mode, samples and compares a threshold value of a time sequence signal to obtain the eavesdropping key with high correlation with the legal communication party, and can steal partial key information. In addition, the chaotic laser is expensive, the operation and maintenance costs such as optical fiber configuration and the like are high, and the large-scale application is limited due to the influence of parameter mismatch and chaotic laser system noise.

The quantum noise stream encryption (QNSC) optical communication technology is proved to be a high-safety physical layer encryption technology, can be deployed to the existing network at low operation and maintenance cost, and the safe transmission rate reaches 10 Tbit/s. A key distribution and data transmission combined strategy is realized by extracting optical fiber channel characteristics in a laboratory, namely, optical signal error rate characteristics are extracted for key negotiation distribution, and data are transmitted in a QNSC mode, so that the key distribution method is an important key distribution research direction. But the key distribution rate only stays at the Mbps level, and cannot meet the transmission rate of Gbps of the existing network.

The key distribution technology based on the optical fiber channel characteristic extraction is flexible in research, key extraction is carried out according to the characteristics of the phase, polarization, dispersion, bit error rate and the like of optical signals, the key distribution rate can reach the Mbps level, but the difference is far compared with the data transmission rate of the existing network Gbps, and high-speed key distribution cannot be realized.

In summary, the above techniques have problems of low speed or difficulty in large-scale deployment.

Disclosure of Invention

In order to solve the defects in the prior art, the invention aims to provide a chaotic synchronization key distribution method and system based on optical fiber channel characteristic extraction. The key extracted based on the characteristics of phase, polarization, dispersion, bit error rate and the like of the optical signal is considered to have good randomness, and can be used as a seed key of chaotic synchronization to realize high-speed key distribution of chaotic synchronization.

The invention adopts the following technical scheme.

A chaos synchronization key distribution method based on fiber channel feature extraction comprises the following steps:

(1) extracting the optical fiber channel characteristics to obtain a negotiation key;

(2) processing the negotiation key by using a key post-processing technology to obtain a consistent key;

(3) taking the consistent key as a synchronous initial value of a high-dimensional chaotic equation, and synchronously operating the key through the high-dimensional chaotic equation to obtain a chaotic sequence;

(4) and the 0/1 digital sequence obtained by quantizing the chaotic sequence is used as a key obtained by key distribution.

Further, in the step (1), extracting the characteristics of the bit error rate of the optical fiber channel includes the steps of:

a first client/a second client in the clients map locally and randomly generated negotiation data by using a randomly generated key base A/A' and then send the mapping data to the second client/the first client; the second client/the first client uses the randomly generated key base B/B 'to perform demapping on the data sent by the first client/the second client, and the data obtained through demapping is returned to the first client/the second client and attached to the randomly generated key base B/B'; the first client/the second client uses the key base A/A' to de-map the data sent by the second client/the first client; the first client/the second client obtains the positions where the key base A/A ' and the key base B/B ' have the same numerical value, and the first client/the second client compares the negotiation data at the positions where the key base numerical value is equal with the negotiation data at the positions where the key base B/B ' is locally randomly generated to calculate the error rate.

Further, in the step (1), obtaining a negotiation key based on the calculated consistent bit error rate includes the steps of:

and calculating the average value of the error rate in a period of time according to the error rate value in the bidirectional loopback optical fiber channel in the period of time. If the currently calculated error rate is larger than the average value, quantizing the currently calculated error rate into 1 to obtain a negotiation key 1; otherwise, quantizing the currently calculated error rate into 0 to obtain a negotiation key 0.

Further, in the step (2),

and processing the negotiation key by using a Cascade key post-processing protocol to obtain a consistent key.

Further, in the step (3),

according to the algorithm certainty principle, the chaos equation based on the same hardware platform realizes operation synchronization, the chaos sequence generated by the chaos equation is determined by the chaos equation coefficient and the chaos initial value, and both sides of the key agreement generate a completely synchronous chaos sequence.

Further, in the step (3),

and the two parties of key agreement reserve part of data in the completely synchronous chaotic sequence as a subsequent chaotic synchronization initial value, and the part of data takes data at the same position in the chaotic sequence.

Further, in the step (4),

according to the property of the Logistic chaotic system, the Logistic chaotic system has a mean value, and the mean value of a chaotic sequence is calculated in advance;

if the numerical value of the current chaotic sequence is larger than the mean value of the chaotic sequence, quantizing the current chaotic sequence into 1 to obtain a distributed secret key 1; otherwise, quantizing the current chaotic sequence into 0 to obtain a distributed key 0.

Further, in the step (4),

the chaos sequences generated by the two parties of the key distribution are the same, and the keys generated by the same chaos sequence quantization method are completely the same according to the algorithm certainty principle.

A chaos synchronization key distribution system based on optical fiber channel feature extraction comprises an optical fiber channel feature extraction module, a key negotiation module, a key post-processing module, a chaos synchronization initial value module and a chaos sequence quantization module;

the optical fiber channel characteristic extraction module is used for obtaining the error rate of the optical signal in the optical fiber channel;

the key negotiation module obtains a negotiation key according to the error rate of the optical signal in the optical fiber channel;

the key post-processing module is used for post-processing the negotiation key to generate a consistent key;

the chaotic synchronization module inputs the same chaotic equation to run and generate the same chaotic sequence by taking the consistent secret key as a chaotic initial value;

the chaotic synchronization initial value module is used for reserving partial data in the same chaotic sequence as a subsequent chaotic synchronization initial value by the two key negotiation parties;

and the chaotic sequence quantization module is used for distributing an 0/1 digital sequence obtained by quantizing the chaotic sequence as a key.

Furthermore, the optical fiber channel feature extraction module comprises a negotiation data generation module, a QNSC data mapping module, an optical transmission module, an optical add-drop multiplexing module, an optical reception module, a QNSC data demapping module, a key base generation module and a bit error rate calculation module;

the negotiation data generating module is used for generating random negotiation data of the key negotiation between the two parties and transmitting the random negotiation data in the optical fiber channel in a loopback mode;

the QNSC data mapping module is used for mapping the negotiation data generated locally and randomly by using a key base A/A';

the optical transmission module is used for transmitting an optical signal to the optical fiber link;

the optical add-drop multiplexing module is used for adding or dropping the optical signal of the negotiation data to the optical fiber;

the optical receiving module is used for receiving optical signals from the optical fiber link;

the QNSC data demapping module is used for demapping the data which is received by the optical receiving module, sent by the opposite terminal and looped back through negotiation; the data sent by the opposite terminal is demapped by B/B ', and the data looped back through negotiation is demapped by A/A';

the key base generation module is used for generating a key base and outputting the key base to the QNSC data mapping module and the QNSC data demapping module;

and the error rate calculation module is used for comparing the negotiation data generated at random locally with the negotiation data looped back through the channel to calculate the error rate.

The invention has the advantages that compared with the prior art,

the invention provides a key distribution method adopting a dynamic key plus a high-dimensional chaotic equation, which adopts a consistency key obtained by extracting the error rate characteristic of an optical fiber channel as an initial value of chaotic synchronization and adopts the high-dimensional chaotic equation to realize high-speed key distribution based on the chaotic synchronization. The invention relates to a key distribution technology with high key distribution rate.

The invention adopts a chaos synchronization key distribution method and a framework based on optical fiber channel characteristic extraction; extracting the initial value of the chaotic synchronization key based on the characteristics of the optical fiber channel; a key negotiation method based on an error rate; negotiating a key post-processing method; a chaotic synchronization method based on the same hardware platform; a chaotic sequence quantization method; a key distribution method based on the same hardware platform.

The chaotic synchronization key distribution method and the chaotic synchronization key distribution framework based on the optical fiber channel characteristic extraction simplify the structure of a key distribution system, do not use a chaotic laser and an extra optical fiber, and have lower extra cost for key distribution; the key distribution is mainly provided by a high-dimensional chaotic equation, so that the occupation of the key negotiation on fiber spectrum resources is reduced.

The algorithm certainty principle determines the complete synchronization of the chaotic equation operation of the same hardware platform, and an eavesdropper cannot eavesdrop chaotic synchronization control parameters, so that the security of key distribution is improved; therefore, the chaos synchronization key distribution method based on the fiber channel characteristic extraction can improve the key distribution rate and increase the security of key distribution.

Compared with the traditional key distribution system, the secret degree is higher, and the secret degree is difficult to be intercepted by an eavesdropper; compared with a classical chaotic key distribution method, chaotic synchronization is controlled by the initial value of a chaotic equation, and an eavesdropper cannot eavesdrop chaotic synchronization control parameters, so that the eavesdropper is prevented from negotiating a consistent key, and the key distribution safety is improved; compared with the existing quantum key distribution technology, no additional key distribution device is required, no line modification is required, and the operation and maintenance cost can be saved; in long-distance transmission, common optical signal relay can be used, and a special credit granting node is not needed for carrying out key relay, so that the risk point of system safety is avoided.

Drawings

FIG. 1 is a flow chart of a chaotic synchronization key distribution method based on fiber channel feature extraction;

FIG. 2 is a schematic diagram of a chaotic synchronization key distribution architecture based on fiber channel feature extraction;

fig. 3 is a block diagram of a chaotic synchronization key distribution system based on fiber channel feature extraction.

Detailed Description

The present application is further described below with reference to the accompanying drawings. The following examples are only for illustrating the technical solutions of the present invention more clearly, and the protection scope of the present application is not limited thereby.

As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.

All expressions using "first" and "second" in the embodiments of the present invention are used for distinguishing two entities with the same name but different names or different parameters, and it can be seen that "first" and "second" are only used for convenience of description and should not be understood as limitations to the embodiments of the present invention, which are not described in any more detail in the following embodiments.

The chaotic synchronization key distribution method based on the optical fiber channel characteristic extraction combines the true randomness of the optical fiber channel characteristic extraction and the high speed of chaotic synchronization key distribution, and realizes the high speed key distribution.

As shown in fig. 1, the chaos synchronization key distribution method based on fiber channel feature extraction is composed of steps of channel feature extraction, key negotiation post-processing, chaos synchronization, chaos sequence quantization, and the like.

The method specifically comprises the following steps:

(1) extracting the characteristics of the optical fiber channel, and further extracting to obtain a negotiation key;

the invention extracts the negotiation key according to the error rate characteristic of the optical fiber channel.

Because the short-time reciprocity of the optical fiber channel means that the error rate characteristics of the optical fiber channel are relatively stable in a short time, the error rate measurement is carried out on the optical fiber channel by both sides of the key negotiation, so that a consistent error rate can be obtained, and the negotiation key is generated according to the consistent error rate.

The eavesdropping party uses different channels, and the error rates of optical signals are different, so that the eavesdropping party is prevented from negotiating a consistent key, and the safety of the optical transmission system is improved.

In order to extract a key according to the characteristics of the optical signal in the optical fiber channel, the error rate in the bidirectional loopback optical fiber channel is calculated. And calculating the average value of the error rate in a period of time according to the error rate value in the bidirectional loopback optical fiber channel in the period of time. If the currently calculated error rate is larger than the average value, quantizing the currently calculated error rate into 1 to obtain a negotiation key 1; otherwise, quantizing the currently calculated error rate into 0 to obtain a negotiation key 0.

(2) Processing the negotiated key by using a negotiated key post-processing technology to obtain a consistent key;

due to noise interference, the keys obtained by the two sides of key agreement may not be completely the same, and the same key, i.e. the consistent key, needs to be negotiated by using the key post-processing technology, so as to provide the same initial value for chaos equation synchronization.

The invention uses a classic Cascade key post-processing protocol to process the negotiated key. And the Alice and the Bob key negotiation parties obtain consistent keys through a Cascade key post-processing method. Because the key information is not transmitted in the optical fiber channel, Eve can only eavesdrop the position where the keys of the two sides of the legal key agreement are inconsistent, and the eavesdropping party can not obtain the key consistent with the two sides of the legal key agreement because the eavesdropping party uses different channels and the error rate of optical signals is different.

The post-processing technique adopted for consistency processing of the negotiation key is exemplified by the Cascade protocol, and is not limited to the Cascade protocol.

(3) Taking the consistent key as an initial value of chaos equation synchronization, and synchronously operating through a high-dimensional chaos equation to obtain a chaos sequence;

alice and Bob negotiate a consistent secret key through a secret key post-processing technology, can provide an initial value for chaotic equation synchronization, and realize high-speed secret key distribution based on high-dimensional chaotic equation synchronization.

The high-dimensional chaos generally has more complex dynamic behaviors, and the generated chaos sequence has higher complexity, so that the chaos sequence generated based on the high-dimensional chaos system has better safety and randomness.

The key distribution framework and the method are explained by taking a Logistic high-dimensional discrete chaotic equation as an example, but the protection range of the chaotic synchronization key distribution method based on the optical fiber channel characteristic extraction is not limited to the Logistic high-dimensional chaotic equation but also comprises all chaotic equations.

The Logistic chaotic system is a nonlinear dynamics discrete chaotic mapping system which is widely applied, and can generate a random sequence which is sensitive to an initial value and difficult to predict. According to the invention, a high-dimensional Logistic chaotic system is obtained by coupling the Logistic chaotic equation, and key distribution based on high-dimensional chaotic equation synchronization is realized. The Logistic high-dimensional chaotic equation is as follows:

A_n+1＝α₁(B_n-A_n)+μ₁A_n(1-A_n(1+η₁ sin A_n))

B_n+1＝α₂(C_n-B_n)+μ₂B_n(1-B_n(1+η₂ sin B_n))

C_n+1＝α₃(D_n-C_n)+μ₃C_n(1-C_n(1+η₃ sin C_n))

D_n+1＝α₄(E_n-D_n)+μ₄D_n(1-D_n(1+η₄ sin D_n))

E_n+1＝α₅(F_n-E_n)+μ₅E_n(1-E_n(1+η₅ sin E_n))

F_n+1＝α₆(A_n-F_n)+μ₆F_n(1-F_n(1+η₆ sin F_n))

wherein n is 1,2,3 …; a, B, C, D, E, F epsilon (0, 1); alpha is alpha₁,α₂,α₃,α₄,α₅,α₆Is the coupling coefficient; b is_n-A_n,C_n-B_n,D_n-C_n,E_n-D_n,F_n-E_n,A_n-F_nIs a coupling term; eta₁,η₂,η₃,η₄,η₅,η₆Is a feedback coefficient; mu.s₁,μ₂,μ₃,μ₄,μ₅,μ₆Has a value range of (3.5699, 4)]。

According to the algorithm certainty principle, namely, the same input of the determined algorithm can only obtain the same output, for a chaotic system with determined operation steps and sequence, the same operation initial value is input, and the output chaotic sequence is determined.

The high-dimensional chaotic system adopts a successive iteration operation mode, so that the operation steps and the sequence of the high-dimensional chaotic equation are determined, and the output chaotic sequence is determined by an initial value. Because the same initial value extracted by the optical fiber channel characteristics is applied, the chaos equations running on the same hardware platform can generate the same chaos sequence.

Furthermore, part of the chaotic sequence is reserved as an initial value of the chaotic equation and is used for operating the chaotic equation. And the key negotiation parties reserve part of data in the completely synchronous chaotic sequence as a subsequent chaotic synchronization initial value, and the part of data takes data at the same position in the chaotic sequence to generate the same chaotic synchronization initial value.

By applying the true randomness of the key obtained by the extraction of the optical fiber channel characteristics and the algorithm certainty principle, the high-dimensional chaotic system is accurately synchronized and the high randomness of the chaotic sequence is realized based on the chaotic synchronization strategy of the same hardware platform and the sensitivity of the high-dimensional chaotic equation synchronization to the initial value.

(4) And the 0/1 digital sequence obtained by quantizing the chaotic sequence is used as a key obtained by key distribution. And a random sequence which can be used for stream encryption is obtained, and rapid and efficient key distribution is realized.

According to the algorithm certainty principle, the chaotic equation based on the same hardware platform can realize complete synchronization of operation, and protocols such as staggered stop and go are not needed to transmit chaotic control parameters to control chaotic synchronization. The operation and synchronization of the chaotic equation are determined by the chaotic initial value, and both sides of the key agreement can generate completely same chaotic sequences at high speed. The two parties of the key distribution convert the generated real value chaotic sequence into 0 and 1 sequences through corresponding algorithms to obtain a random sequence which can be used for stream encryption, thereby realizing fast and efficient key distribution.

According to the property of the Logistic chaotic system, the Logistic chaotic system has an average value, which provides a basis for the quantification of the chaotic sequence. And the mean value of the chaotic sequence is fixed for a determined chaotic equation. In Logistic high-dimensional chaotic equation,. mu.₁,μ₂,μ₃,μ₄,μ₅,μ₆The value of (2) is fixed, and the chaos equation takes different chaos initial values to obtain the same chaos sequence mean value. The mean value of the chaotic sequence generated by the logistic chaotic equation is obtained by a method of calculating the arithmetic mean value of the chaotic sequence by numerical values in advance.

If the numerical value of the current chaotic sequence is larger than the mean value of the chaotic sequence, quantizing the current chaotic sequence into 1 to obtain a distributed secret key 1; otherwise, quantizing the current chaotic sequence into 0 to obtain a distributed key 0. Because the chaotic sequences generated by the two parties of the key distribution are the same, the keys generated by the same chaotic sequence quantization method are completely the same according to the algorithm certainty principle. Because the judgment threshold value of the chaos sequence quantization is calculated in advance, the judgment threshold value is not calculated in the chaos sequence quantization process, the quantization speed of the chaos sequence is improved, and the high-speed chaos synchronization key distribution based on the same hardware platform is realized.

As shown in fig. 2, the method for distributing chaotic synchronization keys based on fiber channel feature extraction specifically includes the steps of:

step 1, selecting a high-dimensional chaotic equation, and calculating the mean value of a chaotic sequence generated by the high-dimensional chaotic equation;

for a deterministic chaos equation, the mean of the chaos sequence is fixed.

Step 2, a first client/a second client in the clients maps locally randomly generated negotiation data by using a randomly generated key base A/A' and then sends the mapped negotiation data to the second client/the first client;

step 3, the second client/the first client uses the randomly generated key base B/B 'to de-map the data sent by the first client/the second client, and the data obtained by de-mapping is returned to the first client/the second client, and is accompanied by the randomly generated key base B/B';

step 4, the first/second client uses the key base A/A' to demap the data sent by the second/first client;

and 5, the first client/the second client obtains the positions where the key base A/A 'and the key base B/B' have the same numerical value, and the first client/the second client compares the negotiation data at the positions where the key base has the same numerical value with the negotiation data at the positions where the key base has the same numerical value and are generated locally at random to calculate the error rate.

Step 6, the first client/the second client obtains a negotiation key based on the calculated consistency error rate;

for a first client, mapping locally and randomly generated negotiation data by using a randomly generated key base A and then sending the mapping to a second client; the second client uses the randomly generated key base B to perform demapping on the data sent by the first client, and returns the data obtained through demapping to the first client, and the data is accompanied by the randomly generated key base B; the first client uses the key base A to demap the data sent by the second client; the first client obtains the positions of the key base A and the key base B with the same value, and compares the negotiation data of the key base with the same value with the negotiation data of the local random generated position to calculate the error rate. And the first client obtains a negotiation key based on the calculated consistency error rate.

For the second client, the negotiation data generated locally and randomly is sent to the first client after being mapped by using a randomly generated key base A'; the first client uses the randomly generated key base B 'to de-map the data sent by the second client, and returns the data obtained by de-mapping to the second client, and attaches the randomly generated key base B'; the second client uses the key base A' to demap the data sent by the first client; the second client obtains the positions where the key base A 'and the key base B' have the same value, and compares the negotiation data at the positions where the key base A 'and the key base B' have the same value with the negotiation data at the positions where the key base A 'and the key base B' have the same value and are generated locally at random to calculate the error rate. And the second client obtains the negotiation key based on the calculated consistency error rate.

Step 7, the first/second client uses a Cascade key post-processing protocol to process the negotiation key to obtain a consistent key;

step 8, the first/second client uses the key in accordance with the negotiation as an initial value of the high-dimensional chaotic equation, and operates the high-dimensional chaotic equation;

step 9, the first client/the second client generates the same chaotic sequence due to the fact that the first client/the second client have the same operating environment and control parameters;

and reserving part of the chaotic sequence as an initial value of the chaotic equation for operating the chaotic equation. And the two key negotiation parties reserve part of data in the completely synchronous chaotic sequence generated by the chaotic synchronization module as chaotic synchronization initial values to generate the same chaotic synchronization initial values.

And step 10, the first client/the second client quantizes the chaotic sequence signal into digital 1 or 0 through the mean value of the chaotic sequence, takes the digital sequence obtained through quantization as a key obtained through key distribution, and then turns to step 9.

As shown in fig. 3, the chaotic synchronization key distribution system based on fiber channel feature extraction includes a fiber channel feature extraction module, a key negotiation module, a key post-processing module, a chaotic synchronization module, and a chaotic sequence quantization module.

The optical fiber channel characteristic extraction module is used for obtaining the error rate of the optical signal in the optical fiber channel; the device comprises a negotiation data generation module, a QNSC data mapping module, an optical transmission module, an optical add-drop multiplexing module, an optical receiving module, a QNSC data demapping module, a key base generation module and a bit error rate calculation module.

And the negotiation data generation module is used for generating random negotiation data of the key negotiation between the two parties and transmitting the random negotiation data in the optical fiber channel in a loopback mode.

And the QNSC data mapping module is used for performing data mapping on locally randomly generated negotiation data by using the key base A/A'.

The optical transmission module is used for transmitting the optical signal to the optical fiber link and comprises a digital-to-analog conversion unit and an optical transmitter.

And the optical add-drop multiplexing module is used for adding or dropping the optical signals of the negotiation data to the optical fiber.

The optical receiving module is used for receiving optical signals from the optical fiber link and comprises an optical receiver and an analog-to-digital conversion unit.

The QNSC data demapping module is used for demapping the data which is received by the optical receiving module, sent by the opposite terminal and looped back through negotiation; the data sent by the opposite terminal is demapped by B/B ', and the data looped back through negotiation is demapped by A/A'. The data sent by the opposite terminal is the data obtained by mapping the locally randomly generated negotiation data by the opposite terminal by using the key base A/A'. And the data looped back by the opposite end negotiation is the data obtained by the opposite end by using the key base B/B' to perform demapping on the received data.

And the key base generation module is used for generating a key base and outputting the key base to the QNSC data mapping module and the QNSC data demapping module.

And the error rate calculation module is used for measuring the error rate of the channel by both sides of the key distribution. The method is particularly used for comparing negotiation data generated locally and randomly with negotiation data looped back through a channel to calculate the error rate.

And the key negotiation module is used for obtaining a negotiation key based on the measured error rate. The method is specifically used for judging whether the local key base A/A 'is consistent with the opposite terminal key base B/B' or not; the negotiation key is generated based on the same key base as the peer.

And the key post-processing module is used for performing post-processing on the negotiated key by the two key negotiation parties to generate a consistent key. The method specifically comprises the following steps that two key agreement parties use a Cascade key post-processing protocol to process an agreement key to obtain a consistent key. The key post-processing module does not directly transmit the key, the key information is not transmitted in a fiber channel, and effective key information cannot be intercepted by Eve.

And the chaotic synchronization module is used for generating a completely synchronous chaotic sequence. Specifically, according to the deterministic principle of software testing, the two key negotiation parties input the same key initial value to the same chaotic equation to generate the same chaotic real value sequence.

And the chaotic synchronization initial value module is used for generating the same chaotic synchronization initial value according to the completely synchronous chaotic sequence generated by the chaotic synchronization module by the two key negotiation parties. The method specifically comprises the following steps that two key agreement parties reserve a chaotic synchronization initial value according to partial data in a fully synchronous chaotic sequence generated by a chaotic synchronization module. And part of data takes data at the same position of the chaotic sequence.

And the chaotic sequence quantization module is used for generating completely equal sequences of '0' and '1'. Specifically, the method comprises the step of quantizing the chaotic sequence to obtain a secret key. And (3) quantizing the chaotic sequence signal into digital '1' if the numerical value of the chaotic sequence is larger than the average value of the chaotic sequence, and otherwise quantizing the chaotic sequence signal into digital '0'. And taking the digital sequence obtained by quantization as a key for key distribution.

The method for the chaotic synchronization key distribution system based on the optical fiber channel characteristic extraction comprises the following implementation steps:

step 1, calculating an average value of a chaos sequence generated by a high-dimensional logistic chaos equation;

step 2, the first/second client maps the negotiation data randomly generated by the negotiation data generation module by using the key base A/A' randomly generated by the key base generation module through the QNSC data mapping module, and an optical data signal obtained by mapping is transmitted by the optical transmission module, is added to the optical fiber through the optical add-drop multiplexing module and is transmitted to the second/first client through the optical fiber;

and 3, the second/first client sends the optical signal of the negotiation data down to the optical receiving module through the optical add-drop multiplexing module. The QNSC data demapping module uses the key base B/B 'randomly generated by the key base generating module to demap the data sent by the first client/the second client, returns the data obtained through demapping to the first client/the second client through the light emitting module, and attaches the key base B/B' generated by the player;

step 4, the first/second client end takes off the optical signal of the loopback negotiation data through the optical add-drop multiplexing module, and the first/second client end uses the key base A/A' to demapp the negotiation data looped back by the second/first client end through the QNSC data demapping module;

and 5, the first client/the second client obtains the positions where the key base A/A 'and the key base B/B' have the same numerical value, and the first client/the second client compares the negotiation data at the positions where the key base has the same numerical value with the negotiation data at the positions where the key base has the same numerical value and are generated locally at random to calculate the error rate.

And 6, the first client/the second client obtains a negotiation key by the key negotiation module. The method specifically comprises the following steps: and calculating the error rate in the loopback optical fiber channel. Calculating the average value of the error rate in a period of time according to the error rate change curve in the period of time; if the currently calculated error rate is larger than the average value, quantizing the currently calculated error rate into 1 to obtain a negotiation key 1; otherwise, quantizing the currently calculated error rate into 0 to obtain a negotiation key 0;

step 7, the first/second client uses a Cascade key post-processing protocol to process the negotiation key to obtain a consistent key;

step 8, the chaotic synchronization module of the first/second client uses the key in accordance with the negotiation as an initial value of a chaotic equation, and the chaotic equation is operated;

and 9, the chaotic synchronization modules of the first client and the second client have the same operating environment and control parameters, so that the chaotic equations generate the same chaotic sequences. Reserving part of the chaotic sequence as an initial value for subsequent operation of the chaotic equation and using the initial value as an operation chaotic equation;

and the chaotic synchronization initial value module reserves partial data in a completely synchronous chaotic sequence generated by the key negotiation parties according to the chaotic synchronization module as an initial value of a subsequent operation chaotic equation.

Step 10, the chaos sequence quantization modules of the first client and the second client quantize the chaos sequence signal into a digital "1" or "0" through the mean value of the chaos sequence, and turn to step 9 by using the digital sequence obtained by quantization as a key obtained by key distribution.

Step 9, using a consistent secret key as an initial value of a first chaotic equation; in step 10, part of data in the chaotic sequence obtained by the operation of the chaotic equation is used as an initial value of the chaotic equation.

The invention has the advantages that compared with the prior art,

the invention provides a key distribution method combining a dynamic key and a high-dimensional chaotic equation, wherein a consistent key obtained by extracting the error rate characteristic of an optical fiber channel is used as an initial value of chaotic synchronization, and the high-speed key distribution of the chaotic synchronization is realized. The invention relates to a key distribution technology with high key distribution rate.

The invention adopts a chaos synchronization key distribution method and a framework based on optical fiber channel characteristic extraction; extracting the initial value of the chaotic synchronization key based on the characteristics of the optical fiber channel; a key negotiation method based on an error rate; negotiating a key post-processing method; a chaotic synchronization method based on the same hardware platform; a chaotic sequence quantization method; a key distribution method based on the same hardware platform.

The chaotic synchronization key distribution method and the chaotic synchronization key distribution framework based on the optical fiber channel characteristic extraction simplify the structure of a key distribution system, do not use a chaotic laser and an extra optical fiber, and have lower extra cost for key distribution; the key distribution is mainly provided by a high-dimensional chaotic equation, so that the occupation of the key negotiation on fiber spectrum resources is reduced.

The algorithm certainty principle determines the complete synchronization of the chaotic equation operation of the same hardware platform, and an eavesdropper cannot eavesdrop chaotic synchronization control parameters, so that the security of key distribution is improved; therefore, the chaos synchronization key distribution method based on the fiber channel characteristic extraction can improve the key distribution rate and increase the security of key distribution.

Compared with the traditional key distribution system, the secret degree is higher, and the secret degree is difficult to be intercepted by an eavesdropper; compared with a classical chaotic key distribution method, chaotic synchronization is controlled by the initial value of a chaotic equation, and an eavesdropper cannot eavesdrop chaotic synchronization control parameters, so that the eavesdropper is prevented from negotiating a consistent key, and the key distribution safety is improved; compared with the existing quantum key distribution technology, no additional key distribution device is required, no line modification is required, and the operation and maintenance cost can be saved; and in long-distance transmission, a special credit granting node is not needed for carrying out key relay, so that the risk point of system safety is avoided.

The present applicant has described and illustrated embodiments of the present invention in detail with reference to the accompanying drawings, but it should be understood by those skilled in the art that the above embodiments are merely preferred embodiments of the present invention, and the detailed description is only for the purpose of helping the reader to better understand the spirit of the present invention, and not for limiting the scope of the present invention, and on the contrary, any improvement or modification made based on the spirit of the present invention should fall within the scope of the present invention.