| 发明名称 | Quantum key management | ||
| 摘要 | Innovations for quantum key management harness quantum communications to form a cryptography system within a public key infrastructure framework. In example implementations, the quantum key management innovations combine quantum key distribution and a quantum identification protocol with a Merkle signature scheme (using Winternitz one-time digital signatures or other one-time digital signatures, and Merkle hash trees) to constitute a cryptography system. More generally, the quantum key management innovations combine quantum key distribution and a quantum identification protocol with a hash-based signature scheme. This provides a secure way to identify, authenticate, verify, and exchange secret cryptographic keys. Features of the quantum key management innovations further include secure enrollment of users with a registration authority, as well as credential checking and revocation with a certificate authority, where the registration authority and/or certificate authority can be part of the same system as a trusted authority for quantum key distribution. | ||
| 申请公布号 | US9509506(B2) | 申请公布日期 | 2016.11.29 |
| 申请号 | US201213599816 | 申请日期 | 2012.08.30 |
| 申请人 | LOS ALAMOS NATIONAL SECURITY, LLC | 发明人 | Hughes Richard John;Thrasher James Thomas;Nordholt Jane Elizabeth |
| 分类号 | H04L9/08;H04L9/32;G06F21/31 | 主分类号 | H04L9/08 |
| 代理机构 | Wilmer Cutler Pickering Hale and Dorr LLP | 代理人 | Wilmer Cutler Pickering Hale and Dorr LLP |
| 主权项 | 1. A method of establishing a public key infrastructure (PKI) using a trusted authority in communication with a plurality of user devices using quantum communications, the method comprising: at a receiving user device of the plurality of user devices: receiving, from a sending user device of the plurality of user devices, (i) a message and (ii) a sending user device digital signature based on the message and a one-time digital signature key associated with the sending user device;receiving, from the trusted authority, (i) verification information associated with the sending user device, and (ii) a trusted authority digital signature based on the verification information and a one-time digital signature key associated with a connection between the receiving user device and the trusted authority;checking the trusted authority digital signature using verification information associated with the trusted authority previously received from the trusted authority;if the trusted authority digital signature is valid, checking the sending user device digital signature using the verification information associated with the sending user device received from the trusted authority; andreplenishing a supply of one-time digital signature keys associated with the connection between the receiving user device and the trusted authority using a quantum communication session between the receiving user device and the trusted authority. | ||
| 地址 | Los Alamos NM US | ||