Key distribution center for quantum cryptographic key distribution networks
First Claim
1. A method of distributing key information by securely transmitting light information in a network along a path comprised of a plurality of network devices, said network devices comprising a plurality of switching devices, said method comprising:
- specifying a plurality of user devices connected with the network, said user devices constituting a secure communication group;
setting up a plurality of paths through said network by sending at least one setup message from the respective user devices to said network devices, based on said setup message, configuring said network devices to direct said light information along a corresponding one of said paths, each of said paths being an end-to-end path between each of said user devices and a key distribution center device connected with the network using said switching devices;
establishing a plurality of user keys, each user key corresponding to a respective user device, by sending the light information using randomly selected quantum bases through said paths, each of said user keys being acquired by said respective user devices and the key distribution center device;
determining a shared secret key at the key distribution center device; and
notifying each of said user devices of the shared secret key by sending the result of a calculation based on the shared secret key and the corresponding user key for each respective user device through the network.
5 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems are provided for distributing key information by securely transmitting light information in a network along a path comprised of a plurality of network devices and by using a key distribution center (KDC) connected with the network. Three or more user devices connected with the network are specified as constituting a secure communication group. Each user device sets up an end-to-end path to the KDC by configuring at least one of the network devices to direct light information along the path. Thereafter, a user key is established between each user device and the KDC, by sending light information using randomly selected quantum bases through the path. The KDC determines a shared secret key, and notifies each user device of the shared secret key by sending the result of a calculation based on the shared secret key and each user key through the network.
162 Citations
23 Claims
-
1. A method of distributing key information by securely transmitting light information in a network along a path comprised of a plurality of network devices, said network devices comprising a plurality of switching devices, said method comprising:
-
specifying a plurality of user devices connected with the network, said user devices constituting a secure communication group; setting up a plurality of paths through said network by sending at least one setup message from the respective user devices to said network devices, based on said setup message, configuring said network devices to direct said light information along a corresponding one of said paths, each of said paths being an end-to-end path between each of said user devices and a key distribution center device connected with the network using said switching devices; establishing a plurality of user keys, each user key corresponding to a respective user device, by sending the light information using randomly selected quantum bases through said paths, each of said user keys being acquired by said respective user devices and the key distribution center device; determining a shared secret key at the key distribution center device; and notifying each of said user devices of the shared secret key by sending the result of a calculation based on the shared secret key and the corresponding user key for each respective user device through the network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. An apparatus for functioning as a key distribution center in a network in which key information is distributed by securely transmitting light information along a path comprised of a plurality of network devices, said network devices comprising a plurality of switching devices said apparatus comprising:
-
an electronic network interface for exchanging information other than the light information with the network; a computing module for specifying a plurality of user devices connected with the network, said user devices constituting a secure communication group, and for setting up a plurality of paths through said network by sending at least one setup message from the respective user devices to said network devices, based on said setup message, configuring said network devices to direct said light information along a corresponding one of said paths, each of said paths being an end-to-end path between each of said user devices and the apparatus using said switching devices; and a quantum cryptographic interface for establishing a plurality of user keys by light information transmitted through said paths using randomly selected quantum bases, each of said user keys corresponding to and being acquired by a respective user device and the apparatus, and wherein the computing module further determines a shared secret key, and notifies each of said user devices of the shared secret key by sending the result of a calculation based on the shared secret key and the user key corresponding to each respective user device through the electronic network interface. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. An apparatus for functioning as a user device communicating with a key distribution center in a network in which key information is distributed by securely transmitting light information along a path comprised of a plurality of network devices, said network devices comprising a plurality of switching devices, said apparatus comprising:
-
an electronic network interface for exchanging information other than the light information with the network; a computing module for specifying a plurality of user devices connected with the network, said user devices and the apparatus constituting a secure communication group, and for setting up a plurality of paths through the network, each of said paths being an end-to-end path through the network between the key distribution center and the apparatus by sending at least one setup message from the respective user devices to said network devices, based on said setup message, configuring said network devices to direct said light information along said end-to-end path using said switching devices and a quantum cryptographic interface for establishing a user key by light information transmitted through said path using randomly selected quantum bases, said user key being acquired by the key distribution center and the apparatus, and wherein the electronic network interface receives from the key distribution center the result of a calculation based on a shared secret key and said user key, and the computing module obtains the shared secret key by performing an operation on the result received using said user key. - View Dependent Claims (21)
-
-
22. A computer-usable medium containing instructions for causing a computer to perform a method of distributing key information by securely transmitting light information in a network along a path comprised of a plurality of network devices, said network devices comprising a plurality of switching devices, said method comprising:
-
specifying a plurality of user devices connected with the network, said user devices constituting a secure communication group; setting up a plurality of paths through said network by sending at least one setup message from the respective user devices to said network devices, based on said setup message, configuring said network devices to direct said light information along a corresponding one of said paths, each of said paths being an end-to-end path between each of said user devices and a key distribution center device connected with the network using said switching devices; establishing a plurality of user keys, each user key corresponding to a respective user device, by sending the light information using randomly selected quantum bases through said paths, each of said user keys being acquired by said respective user devices and the key distribution center device; determining a shared secret key at the key distribution center device; and notifying each of said user devices of the shared secret key by sending the result of a calculation based on the shared secret key and the corresponding user key for each respective user device through the network. - View Dependent Claims (23)
-
Specification