Quantum cryptography is a cross product of quantum mechanics and cryptography. The security of quantum cryptography is guaranteed by quantum mechanics principles. An operation with an attempt of intercepting or measuring the quantum key will change the quantum state. A receiving end may determine whether there is an eavesdropper in the communication process by detecting the change of quantum state so as to determine whether to abandon the key, thus providing guarantee of unconditional security to the communication. The quantum key negotiation protocols such as BB84, which is currently used, may realize an end-to-end Quantum Key Distribution (QKD).
With the development of end-to-end quantum key distribution technology, people begins to pay more attention to the QKD network, and some companies and research institutions have started to establish the QKD network in different mechanisms, including: the QKD network based on optical devices, the QKD network based on trusted relays, and a pure-quantum network based on quantum relays. The QKD network based on trusted relays may meet the requirements of multi-user and long-range transmission, and may even provide a global key distribution network theoretically. Under current technology, this network is easy to be implemented, and therefore, the trusted relay mechanism becomes an effective means for realizing a large-scale QKD network architecture. For example, the SECOQC quantum secured communication network established in Europe, the Tokyo high-speed quantum network established in Japan, and the quantum government affairs network established in China all use the trusted relay mechanism.
FIG. 1 shows a schematic diagram of a trusted relay quantum key transmission model, under which Alice and Bob can have a secured communication. There are three trusted relay nodes altogether in a key negotiation path between the two. First, a key distribution link is established between the sender Alice and a trusted relay node 1 for performing quantum key negotiation to generate a key K1; subsequently, a key distribution link is established between the trusted relay node 1 and a trusted relay node 2 for performing quantum key negotiation to generate a shared key K2, and key K1 is encrypted by using key K2 and then transferred to the trusted relay node 2; . . . and so on, finally, Bob receives key K1 encrypted by using a key K4, and Bob decrypts key K1 by utilizing key K4 to obtain key K1, so that the secured communication can be performed between Alice and Bob by using key K1.
As can be seen from the above description of the key relay process, a QKD network based on trusted relay requires that the relay nodes must be secure. If any one of the relay nodes is broken, the whole path will become insecure, and the security and stability of data communication will be greatly affected. By adopting the above key relay mechanism, the key code generating amount (i.e.: key distribution amount) is also relatively low, and cannot meet the requirements of certain application scenarios (such as cloud computing), which use relatively large key amount.