Field
The present invention relates to the technical field of web interface management and, in particular, relates to a method and system for efficiently managing quantum key distribution in a distributed environment.
Related Art
With the rapid development of the Internet, contents of a web environment, such as an e-commerce website, are becoming richer. To facilitate secure access to the contents the users are interested in, such websites can ensure the contents and transactions are secured with distributed keys. Quantum Key Distribution (QKD) is an efficient way of facilitating secure communication. QKD allows communicating users to detect the presence of an entity trying to gain knowledge of a key obtained based on QKD. Since measuring a quantum system, in principal, disturbs the system, the entity eavesdropping on the key introduces detectable anomalies through its measurement. In this way, using QKD, a communication system can be implemented that detects eavesdropping by transmitting information in quantum states. Typically, the QKD process uses key screening, error code correction, and a privacy amplification algorithm to securely provide keys to the entities involved in communication. However, network data transmission can be lossy, and as a result, the probability of encountering an error in the key synchronization remains significant. If such an error occurs when the key sequences are processed, the keys stored at the entities may become unsynchronized.
With existing technologies, if two applications use keys to ensure secure communication, the applications may share a tag to obtain the keys. When needed, the applications provide the tag and a length of key to the local system. The system obtains a key block with the corresponding length from the start of a key pool and initiates a synchronization request with the remote system. The system sends the length parameters and the hash values of the selected key to the remote system. Upon receiving the synchronization request, the remote system also obtains a key block with the corresponding length from its key pool, calculates the hash value, and compares the hash value with the received hash value. However, if the hash values do not match, the systems notify each other regarding a failed synchronization and discard the corresponding key. The applications then again request another key from the corresponding key pool.
While such key management brings many desirable features to a distributed environment, some issues remain unsolved in the synchronization of keys in a multi-party distributed environment.