Method, apparatus, and system for cloud-based encryption machine key injection
First Claim
1. A cloud-based key injection system, comprising:
- at least one key injection sub-system including a key generation device and a quantum key distribution device connected with the key generation device; and
a cloud-based encryption machine hosting sub-system including an encryption machine and a quantum key distribution device connected with the encryption machine, wherein;
the encryption machine includes a virtual encryption device,the key injection sub-system and the encryption machine hosting sub-system are connected with each other through their respective quantum key distribution devices,the key generation device is configured to generate a root key component and to send the root key component via the quantum key distribution devices to the encryption machine, andthe encryption machine is configured to receive root key components from one or more key generation devices and to generate a root key of the virtual encryption device in accordance with the received root key components.
1 Assignment
0 Petitions
Accused Products
Abstract
A cloud-based encryption machine key injection system includes at least one key injection sub-system including a key generation device and a quantum key distribution device connected with the key generation device, and a cloud-based encryption machine hosting sub-system including an encryption machine carrying a virtual encryption device and a quantum key distribution device connected with the encryption machine. The key injection sub-system and the encryption machine hosting sub-system are connected with each other through their respective quantum key distribution devices. The key generation device may generate a root key component of the virtual encryption device and transmit the root key component to the encryption machine. The encryption machine may receive root key components from one or more key generation devices and synthesize a root key of the virtual encryption device in accordance with the received root key components.
145 Citations
33 Claims
-
1. A cloud-based key injection system, comprising:
-
at least one key injection sub-system including a key generation device and a quantum key distribution device connected with the key generation device; and a cloud-based encryption machine hosting sub-system including an encryption machine and a quantum key distribution device connected with the encryption machine, wherein; the encryption machine includes a virtual encryption device, the key injection sub-system and the encryption machine hosting sub-system are connected with each other through their respective quantum key distribution devices, the key generation device is configured to generate a root key component and to send the root key component via the quantum key distribution devices to the encryption machine, and the encryption machine is configured to receive root key components from one or more key generation devices and to generate a root key of the virtual encryption device in accordance with the received root key components. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A key injection method for an encryption machine comprising:
-
receiving, by the encryption machine, root key components from at least one key injection sub-system; and generating, by the encryption machine, a root key in accordance with the received root key components from the at least one key injection sub-system, wherein; the encryption machine is connected to a quantum key distribution device; each of the at least one key injection sub-system includes a quantum key distribution device; and receiving, by the encryption machine, the root key components from the at least one key injection sub-system comprises receiving, by the encryption machine, via the quantum key distribution devices, the root key components from the at least one key injection sub-system. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A key injection apparatus for an encryption machine, comprising:
-
a memory storing a set of instructions; and a processor configured to execute the set of instructions to cause the key injection apparatus for the encryption machine to perform; negotiating a shared key pair with at least one key injection sub-system; receiving root key components from the at least one key injection sub-system; generating a root key component for a virtual encryption device on the encryption machine; and generating a root key in accordance with the root key component for the virtual encryption device and the root key components received from the at least one key injection sub-system, wherein; the encryption machine is connected to a quantum key distribution device; each of the at least one key injection sub-system includes a quantum key distribution device; and receiving the root key components from the at least one key injection sub-system comprises receiving, via the quantum key distribution devices, the root key components from the at least one key injection sub-system. - View Dependent Claims (21, 22, 23)
-
-
24. A non-transitory computer readable medium that stores a set of instructions that is executable by at least one processor of an encryption machine to cause the encryption machine to perform a key injection method comprising:
-
receiving root key components from at least one key injection sub-system; and generating a root key in accordance with the received root key components from the at least one key injection sub-system, wherein; the encryption machine is connected to a quantum key distribution device; each of the at least one key injection sub-system includes a quantum key distribution device; and receiving root key components, from the at least one key injection sub-system comprises receiving, via the quantum key distribution devices, the root key components from the at least one key injection sub-system. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33)
-
Specification