IEC104 protocol communication method based on qrng and pqc fusion

By introducing the IEC104 protocol communication method that integrates QRNG and PQC into industrial control systems, and utilizing quantum key encryption and fragmented transmission, the problem of traditional IEC104 protocol being unable to transmit large-size PQC public keys and ciphertexts is solved, realizing low-cost post-quantization transformation and data transmission.

CN121619098BActive Publication Date: 2026-06-09ELECTRIC POWER RES INST OF STATE GRID ZHEJIANG ELECTRIC POWER COMAPNY

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
ELECTRIC POWER RES INST OF STATE GRID ZHEJIANG ELECTRIC POWER COMAPNY
Filing Date
2026-02-02
Publication Date
2026-06-09

AI Technical Summary

Technical Problem

In existing industrial control systems, the traditional IEC104 protocol is difficult to transmit large-sized PQC public keys and ciphertexts, and the cost of retrofitting existing equipment is high, its scalability is poor, and it cannot effectively resist the threat of quantum computers.

Method used

The IEC104 protocol communication method based on the integration of QRNG and PQC is adopted. By deploying a quantum random number generator at the main station, quantum key encryption and fragmented transmission are used to achieve low-intrusive expansion of PQC public key and ciphertext. Combined with adaptive transmission contract and security level strategy, data fragmented transmission is performed.

Benefits of technology

It enables efficient transmission of quantum keys and PQC public keys on existing equipment, reduces modification costs, enhances resilience against quantum computers, and reduces the burden of equipment modification and the probability of data packet loss.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN121619098B_ABST
    Figure CN121619098B_ABST
Patent Text Reader

Abstract

The application discloses an IEC104 protocol communication method based on QRNG and PQC fusion, and aims to solve how to realize post-quantum cryptography communication for a device group using IEC104 communication on the basis of QRNG and PQC fusion. A quantum random number generator (QRNG) service is only deployed at a master station, PQC key negotiation is performed between the master station and a slave station through an IEC protocol, a public key and ciphertext of a PQC key encapsulation mechanism are transmitted in fragments, so that both sides obtain a PQC session key, a quantum key is generated by a security adaptation layer of the master station and then transmitted to the slave station, and the slave station and the master station respectively use the quantum key to generate a service key for IEC104 communication encryption through a key derivation function. Through dynamic reloading of an existing IEC104 protocol, transmission of super-long data is realized, and post-quantum modification of an existing device is realized.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of communications, and more specifically, to a communication method based on the IEC104 protocol fusion of QRNG and PQC. Background Technology

[0002] Many widely deployed communication protocols, particularly in industrial control systems (ICS), the Internet of Things (IoT), and embedded systems, such as IEC 60870-5-104, Modbus, DNP3, and LoRaWAN, were designed to achieve high real-time performance and reliability in environments with severely limited computing power, memory, and network bandwidth. Therefore, the Application Protocol Data Units (APDUs) or equivalent data frames of these protocols typically have strict length limits, such as tens or hundreds of bytes, and cannot directly carry the large data blocks common in modern applications.

[0003] With technological advancements, the need to transmit large data blocks in these resource-constrained traditional networks is increasing. To counter the threat of future quantum computers, the public key and ciphertext sizes of PQC algorithms often far exceed the single-frame length limits of traditional protocols.

[0004] Existing technologies attempt to address this issue in several ways, but all have shortcomings. Updating DTU devices in a city one by one using storage media containing PQC public keys and ciphertext suffers from high maintenance costs, susceptibility to media loss and leakage, poor real-time update performance, and limited scalability.

[0005] Updating directly using the traditional IEC protocol is difficult to transmit due to its fixed length.

[0006] In summary, there is an urgent need for a communication method based on the IEC104 protocol that integrates QRNG and PQC, so as to enable integrated QRNG and PQC communication between existing master and slave stations using IEC104, thereby resisting the threat of future quantum computers. Summary of the Invention

[0007] This invention overcomes the difficulty of timely and efficient exchange of public keys and ciphertext between existing DTU terminals, which makes it difficult to apply the PQC algorithm. It provides an IEC104 protocol communication method based on the fusion of QRNG and PQC. It can utilize the existing IEC communication protocol with low intrusion to transmit longer bytes than the protocol constraints, thereby supporting the fusion of QRNG and PQC.

[0008] To solve the above-mentioned technical problems, the present invention adopts the following technical solution:

[0009] A communication method based on the IEC104 protocol, which integrates QRNG and PQC, is used for communication between the master station and the slave station. Only the master station has a quantum random number generator (QRNG) service deployed. Both the master station and the slave station have security adaptation layers deployed. The method includes the following steps:

[0010] Step 1: The master station and the sub-station negotiate the PQC key through the IEC protocol, including transmitting the public key and ciphertext of the PQC key encapsulation mechanism in fragments so that both parties can obtain the PQC session key.

[0011] Step 2: The main station's security adaptation layer calls the QRNG service to generate a quantum key;

[0012] Step 3: The main station security adaptation layer uses the PQC session key to encrypt the quantum key, and transmits the encrypted quantum key to the sub-station via the IEC protocol;

[0013] Step 4: The substation security adaptation layer uses the PQC session key to decrypt and obtain the quantum key;

[0014] Step 5: The master station and the sub-station respectively use quantum key generation function to generate business keys for IEC104 communication encryption;

[0015] In steps 1 and 3, the transmitted messages use a custom application service data unit type identifier (TypeID), and the custom information object address (IOA) field is overloaded to carry the sender identifier and transaction handle, thus achieving a low-intrusive extension to the IEC104 protocol.

[0016] QRNGs utilize the "uncertainty" of quantum mechanics (such as the random polarization direction of photons) to generate "truly random" numbers, thereby avoiding pseudo-random values ​​generated by algorithms and improving security. PQCs are a class of cryptographic algorithms specifically designed to resist quantum computer attacks, ensuring security even in the face of quantum computers. However, both the random numbers generated by QRNGs and the public and ciphertext of PQCs are very long, making them difficult to transmit via the IEC protocol. As mentioned in the background, conventional manual maintenance is costly, lacks scalability, and is prone to leakage, making it difficult to modify existing DTU equipment. This means that although the communication content of existing DTUs is encrypted, it can be cracked by storing the intercepted encrypted communication content in the quantum computer era, thus exposing the communication content to the post-quantum era. To solve this problem, this application uses the method described to transmit QRNG-generated random numbers, as well as the public and ciphertext of PQCs online. By modifying the existing IEC104 protocol, the encryption method is updated using the existing IEC104 communication protocol mechanism, thereby avoiding cracking in the post-quantum era.

[0017] Specifically, the public key and ciphertext are transmitted in fragmented form. A security adaptation layer is set up at both the master station and the substation. Each security adaptation layer communicates with the application layer of its respective master station or substation, reducing coupling with the application layer and minimizing protocol modifications to reduce intrusion. By setting a TypeID corresponding to the transmitted content in the message, a custom IOA field is dynamically reloaded after recognizing this identifier to carry the sender identifier and transaction handle. Thus, the IEC104 protocol is modified only when transmitting the aforementioned content (public key and ciphertext). When transmitting other content, the security adaptation layer does not react to other TypeIDs, maintaining the normal state of IEC104 and thus maintaining low intrusion.

[0018] When transmitting random numbers generated by QRNG or public keys and ciphertext of PQC, due to their extremely long length, a segmented transmission method is adopted. The corresponding data is divided into several segments and then transmitted one by one. The data is then spliced ​​together at the substation to achieve the transmission of large-volume data.

[0019] Preferably, the fragmented transmission includes:

[0020] Negotiate an adaptive transmission contract;

[0021] Based on the adaptive transmission contract, the main station's security adaptation layer will fragment and encapsulate the transmitted content before delivery;

[0022] The security adaptation layer of the substation receives and splices the various fragments and uploads them to the application layer of the substation.

[0023] The adaptive transmission contract includes fragment size, security level, and credit limit. The master station sends application service units with fragments until the credit limit is exhausted. Substations adjust the fragment transmission speed by actively sending credit limits to the master station. The negotiation mechanism includes the master station sending one or more recommended adaptive transmission contracts based on its own resource status, and the receiver selecting an acceptable adaptive transmission contract based on its own resource status; or, the receiver proposes a counter-suggested adaptive transmission contract and sends it to the sender's security adaptation layer, and the sender selects an acceptable adaptive transmission contract based on its own resource status; this process is repeated until the receiver and sender reach an agreed adaptive transmission contract, or the negotiation fails. The resource status includes the sender's current number of transactions, the size of the data payload being sent, the current network status, and the security requirements of the data payload being sent. An acceptable set of adaptive transmission contracts is determined by methods such as table lookup. The adaptive transmission contract includes fragment size, authentication method, and credit limit. Through the credit limit, the substation can control the master station's transmission speed in reverse, reducing handshake overhead.

[0024] Preferably, the security level is determined based on the type of transmitted content, and a security protection strategy is set according to the security level. The types of transmitted content include telemetry data, control commands, and key updates. Telemetry data is protected by integrity; control commands are protected by encryption; and key updates are protected by quantum key distribution. Using quantum key distribution involves significant performance overhead. To avoid unnecessary performance overhead by using quantum key distribution for all data, the transmitted data is categorized. The transmitted content can be distinguished through semantic recognition by assigning corresponding TypeIDs to the aforementioned content, thereby setting the appropriate security level.

[0025] Preferably, the TypeID includes a first subtype, a second subtype, and a third subtype, wherein the first subtype corresponds to PQC public key fragmentation transmission; the second subtype corresponds to PQC ciphertext fragmentation transmission; and the third subtype corresponds to encrypted quantum key transmission.

[0026] Preferably, the QRNG service is implemented using a true random number generator based on quantum optics principles, or a random number generator based on quantum noise.

[0027] Preferably, the PQC key encapsulation mechanism uses the ML-KEM-768 parameter set or the ML-KEM-1024 parameter set.

[0028] Preferably, when the QRNG service is unavailable, the system degrades to using only the PQC session key to derive the business key. When the QRNG fails, to avoid impacting the reliability of data transmission, only PQC is used to encrypt data in the absence of the QRNG service.

[0029] Preferably, the custom IOA field is also used to carry fragment index information, including the fragment index, the total number of fragments, and a verification code generated based on the fragment payload. This method increases the information density of each application service unit sent. By also loading the fragment index, the total number of fragments, and the verification code generated based on the fragment payload into the custom IOA, space is better freed up for the actual fragments to be transmitted, thus saving space.

[0030] Preferably, the transaction handle is a monotonically increasing sequence number. When the sequence number reaches its exhaustion range, a key update process is triggered to prevent replay attacks. Each transaction's temporary session key is derived from the master key and the local transaction handle, ensuring the uniqueness of the transaction ID throughout the lifespan of a master key. If the master key is not updated, a value of 0 for the wraparound local transaction handle could lead to key reuse and replay attack risks.

[0031] Preferably, a remote key revocation step is also included: when a substation terminal is detected to have been compromised or its key has been leaked, the master station can remotely revoke the key authorization of the substation via the IEC104 protocol.

[0032] Compared with the prior art, the beneficial effects of the present invention are:

[0033] (1) This application transmits the quantum key generated by the QRNG service and the public key and ciphertext generated by PQC to the relevant equipment online. Through fragmented transmission, it realizes the online transmission of ultra-long data and realizes the post-quantization transformation of existing equipment.

[0034] (2) Deploy the quantum random number generator (QRNG) service only on the main station to reduce the burden of modifying the substations.

[0035] (3) The credit limit is sent by the substation, and the sending speed of the main station is controlled according to the credit limit, thereby reducing the probability of packet loss. Attached Figure Description

[0036] Figure 1 This is a schematic diagram of the architecture of the present invention;

[0037] Figure 2 This is a schematic diagram illustrating the exchange of PQC public keys and ciphertext between the master station and the sub-station in this invention;

[0038] Figure 3 This is a schematic diagram of the master station sending quantum keys to the sub-station according to the present invention;

[0039] Figure 4 This is a schematic diagram of generating business keys based on PQC and QRNG. Detailed Implementation

[0040] The present disclosure will be further described below with reference to the accompanying drawings and embodiments.

[0041] It should be noted that the following detailed descriptions are illustrative and intended to provide further explanation of this application. Unless otherwise specified, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application pertains.

[0042] It should be noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to limit the exemplary embodiments according to this application. As used herein, the singular form is intended to include the plural form as well, unless the context clearly indicates otherwise. Furthermore, it should be understood that when the terms "comprising" and / or "including" are used in this specification, they indicate the presence of features, steps, operations, devices, components, and / or combinations thereof.

[0043] Figure 1This diagram demonstrates a communication architecture based on the IEC104 protocol, integrating QRNG and PQC, applied between a master station and slave stations. The master and slave stations communicate via the IEC104 protocol. Only the master station deploys a quantum random number generator (QRNG) service. Both the master and slave stations deploy security adaptation layers, which communicate with the application layer respectively. In this diagram, the master station's quantum random number generator receives instructions and generates corresponding quantum keys. The quantum random number generator can be hardware independent of the application layer. The application layer generates and provides quantum random number keys to the master station's security adaptation layer through communication with the quantum random number generator.

[0044] The security adaptation layers of the main station and substations are symmetrically configured based on communication requirements. The security adaptation layer has several modules. Specifically, the security adaptation layer of the main station includes a PQC key negotiation unit, a quantum key encryption transmission unit, an IEC security encapsulation unit, and a business key derivation unit.

[0045] The PQC key negotiation unit provides post-quantum encryption resistant to quantum computing attacks. Specifically, the initiator generates a key pair (public key, private key) and sends the public key to the receiver; the receiver responds by encapsulating the shared key with the received public key, generating a shared key and corresponding ciphertext, and sending the ciphertext to the initiator; the initiator decapsulates the ciphertext with the private key to recover the same shared key. Thus, both parties possess the shared key. In this application, the substation sends the public key to the master station, and the master station subsequently sends the ciphertext to the substation. This exchange ensures that both parties possess the shared key. The PQC key negotiation unit thus has the key pair generation, encapsulation, and decapsulation functions described above. In some embodiments, the PQC key encapsulation mechanism uses the ML-KEM-768 parameter set or the ML-KEM-1024 parameter set.

[0046] The quantum key encryption and transmission unit is used to encrypt the acquired quantum key using the shared key of PQC and transmit it via the IEC104 protocol. This module is used for sharing the quantum key between the master station and the slave station.

[0047] The IEC 104 secure encapsulation unit implements fragmented encapsulation of the transmitted data payload and adaptive transport contract negotiation. After identifying the typeID, adaptive transport contract negotiation is first performed to communicate the subsequent data fragment size, fragment quantity, and security protection strategy for the fragmented data. After confirming the adaptive transport contract through a handshake, the payload is fragmented and encapsulated according to the adaptive transport contract, and the corresponding fragment assembly verification is performed.

[0048] The business key derivation unit maintains a monotonically increasing sequence number of integers with a specific step size. Each time a transaction is initiated, a sequence number is taken as a transaction handle. Based on the quantum key and this transaction handle, the corresponding business cryptography is derived.

[0049] The master station and the substation communicate using the IEC104 protocol, specifically the IEC60870-5-104 protocol.

[0050] Figure 2 This demonstrates the PQC key negotiation process between the master station and the sub-station. The sub-station generates a key pair (pk, sk), and after communicating an adaptive transmission contract, determines the transmission format, fragments the payload, and sends each PQC public key fragment to the master station's security adaptation layer. Upon receiving all public key fragments, the master station assembles and verifies them. Based on the obtained public key sk, it obtains the corresponding shared key and ciphertext, and then transmits the ciphertext, similar to the public key transmission process, sending each ciphertext fragment one by one via the IEC104 protocol. After receiving the ciphertext, the sub-station obtains the shared key based on its private key. At this point, both parties possess the shared key PQC_sessionkey (PQC_SS).

[0051] Next, refer to Figure 3 , Figure 3 This describes the process of the master station sharing the QRNG with the sub-station. The master station invokes the QRNG to generate a quantum key and transmits it to its security adaptation layer. In some embodiments, the QRNG service is implemented using a true random number generator based on quantum optics principles, or a random number generator based on quantum noise. Through the quantum key encryption transmission unit, a corresponding encrypted quantum key message is generated based on the random number Nonce, the quantum key QRNG_key, and the shared key PQC_SS of PQC. This message is transmitted in fragments, and its content includes the random number, the encrypted payload, and a verification code. For simplicity, only one instance is shown in the diagram. The sub-station's security adaptation layer concatenates the fragments, verifies their integrity based on the verification code, and then decrypts them using its own PQC_SS to obtain the corresponding quantum key.

[0052] Also refer to Figure 4This diagram illustrates the generation of service keys based on PQC and QRNG in this method. As mentioned above, both the master station and the substation hold PQC_SS and a quantum key QRNG_key. The QRNG_key is also transmitted via PQC and IEC104. Based on the transaction handle (used as the aforementioned random number) and the QRNG_key, encryption is performed using a key derivation function (based on PQC), and a TypeID is added to the message used to transmit this encrypted data. The message is then constructed and transmitted. Based on the aforementioned quantum key QRNG_key, a corresponding service encryption key, Final_Key, is generated using the corresponding transaction handle to encrypt the corresponding service data. In some embodiments, when the QRNG service is unavailable, the method downgrades to using only the PQC session key to derive the service key. PQC and QRNG are decoupled; to avoid affecting the reliability of data transmission, only PQC_SS is used to encrypt data when the QRNG service is unavailable.

[0053] The IEC104 protocol communication method based on the integration of QRNG and PQC includes the following steps:

[0054] Step 1: The master station and the sub-station negotiate the PQC key through the IEC protocol, including transmitting the public key and ciphertext of the PQC key encapsulation mechanism in fragments so that both parties can obtain the PQC session key.

[0055] Step 2: The main station's security adaptation layer calls the QRNG service to generate a quantum key;

[0056] Step 3: The main station security adaptation layer uses the PQC session key to encrypt the quantum key, and transmits the encrypted quantum key in fragments to the sub-stations through the IEC protocol;

[0057] Step 4: The substation security adaptation layer uses the PQC session key to decrypt and obtain the quantum key;

[0058] Step 5: The master station and the sub-station respectively use the quantum key to generate the service key for IEC104 communication encryption through the key derivation function.

[0059] Here, we elaborate on the details. Messages transmitting public keys, ciphertext, and quantum keys use a custom Application Service Data Unit Type Identifier (TypeID). When a dedicated TypeID defined by the security adaptation layer is detected, the IOA field is reloaded. The identified TypeID includes a first subtype, a second subtype, and a third subtype. The first subtype corresponds to PQC public key fragmentation transmission; the second subtype corresponds to PQC ciphertext fragmentation transmission; and the third subtype corresponds to encrypted quantum key transmission. Traditional devices in the network that do not understand this new type can ignore this type identifier value to maintain compatibility. Conversely, when the above TypeID is detected, reconstruction is performed. For TypeIDs corresponding to excessively long data, data is fragmented using the IEC104 protocol. The encapsulation process also includes reloading the custom Information Object Address (IOA) field to carry the sender identifier and transaction handle, achieving a low-intrusive extension to the IEC104 protocol. The above-mentioned behavior of modifying the IOA field after identifying the TypeID is called dynamic reloading. Specifically, for very long data such as PQC public keys and ciphertext, this application adopts fragmented transmission, while for ordinary data, the IEC104 standard is maintained.

[0060] The reconstructed IOA field is divided into two subfields to carry the sender's identifier and the local transaction handle. Fixed-length subfields are set according to the selected fields and the device's own specifications. In this embodiment, the subfield carrying the sender's identifier is 8 bits, and the field carrying the local transaction handle is set to 16 bits. In some embodiments, in addition to the sender's identifier and transaction handle, the message header also includes fragment index information, and fields to hold the fragment index, total number of fragments, and a verification code generated based on the fragment payload. This method increases the information density of each application service unit sent. By also loading the fragment index, total number of fragments, and verification code generated based on the fragment payload into the custom IOA, more space is freed up for the actual fragments to be transmitted, enabling the transmission of information through the delivery of application service units. The verification code stores a MAC value (such as AES-CMAC or HMAC-SHA256) calculated based on the transaction key of this transmission, used to verify the fragment payload and ensure the integrity of the fragment.

[0061] The fragmented transmission includes:

[0062] Negotiate an adaptive transmission contract;

[0063] Based on the adaptive transmission contract, the transmitted content is fragmented, encapsulated, and delivered.

[0064] The security adaptation layer of the substation receives and splices the various fragments and uploads them to the application layer of the substation.

[0065] The adaptive transmission contract includes fragment size, security level, and credit limit. The master station sends fragmented application service units until the credit limit is exhausted. Substations adjust the fragment transmission speed by actively sending credit limit back to the master station. Each transmission by the master station consumes one share of credit. When all credit is consumed, transmission stops, waiting for the substation to send credit limit again. The credit limit allows the receiver to control the sender's data transmission rate, thus preventing data transmission failure due to insufficient credit. This mechanism allows the receiver to dynamically adjust the data reception rate based on its real-time load. The adaptive transmission contract negotiation includes setting a security level, which is determined based on the type of transmitted content. Security protection strategies are set according to the security level. Telemetry data uses integrity protection; control commands use encryption protection; and key updates use quantum key protection. Using quantum key protection incurs significant performance overhead. To avoid unnecessary performance overhead by using quantum key protection for all data, semantic recognition is used to classify the transmitted data according to its content.

[0066] The negotiation mechanism includes the master station sending one or more recommended adaptive transport contracts based on its own resource conditions, and the receiver selecting an acceptable adaptive transport contract based on its own resource conditions; alternatively, the receiver proposes a counter-suggested adaptive transport contract and sends it to the sender's security adaptation layer, and the sender selects an acceptable adaptive transport contract based on its own resource conditions; this process is repeated until the receiver and sender reach an agreement on an adaptive transport contract, or the negotiation fails. The resource conditions include the sender's current number of transactions, the size of the transmitted data payload, the current network status, and the security requirements of the transmitted data payload. A set of acceptable adaptive transport contracts is determined through methods such as table lookup. The adaptive transport contract includes fragment size, authentication method, and credit limit. Through the credit limit, the substation can control the master station's transmission speed.

[0067] The process by which the master station and the sub-station negotiate and determine the adaptive transmission contract is as follows:

[0068] Based on one or more recommended adaptive transport contracts sent by the sender's security adaptation layer, the receiver selects an acceptable adaptive transport contract according to its own resource conditions.

[0069] Alternatively, the receiver proposes a counter-adaptive transport contract and sends it to the sender's security adaptation layer, allowing the sender to select an acceptable adaptive transport contract based on its own resource situation.

[0070] The above process is repeated until the receiver and sender reach an agreement on an adaptive transmission contract, or the negotiation fails.

[0071] Resource status includes the number of current transactions by the sender, the size of the data payload being sent, the current network status, and the security requirements of the data payload being sent. An acceptable set of adaptive transport contracts is determined through methods such as table lookup.

[0072] As mentioned earlier, each transaction's encryption uses a master key combined with the transaction handle to generate a temporary session key, allowing for key changes and preventing replay attacks. A temporary session key is generated using the local transaction handle and the master key (PQC_SS or QRNG_key) shared by the sender and receiver to verify the application service data unit. Subsequent encryption of the application service data unit's information body is performed using this temporary session key. The local transaction handle is generated by the sender and has a monotonically increasing sequence number.

[0073] After the local transaction handle is generated, it is updated to non-volatile memory (such as Flash or EEPROM); or, the sender caches a handle segment consisting of a continuous range of handle values ​​(such as 1-100, with a length of 100) in volatile memory (RAM), and stores the starting value and maintenance watermark of the next handle segment in non-volatile memory. The sender periodically updates the current handle value as the maintenance watermark and writes it to non-volatile memory. When the sender loses power and restarts, resulting in the loss of data in RAM, it caches the handle segment again in volatile memory based on the sum of the watermark and the preset safety margin, and stores the starting value and maintenance watermark of the next handle segment in non-volatile memory. The value of the safety margin should be greater than the length of the handle segment.

[0074] The former approach has the advantage of extremely high reliability and simple logic. Storing data in non-volatile memory ensures data integrity even during power outages. However, the high frequency of read / write operations causes significant wear and tear on the non-volatile memory, impacting device reliability and lifespan. Based on this, a latter approach is proposed, employing a combined logic of non-volatile and volatile memory handle storage. The volatile memory generates a continuous handle segment comprising N local transaction handles with a step size of 1. The non-volatile memory records the starting value of the next handle segment and optionally includes a watermark mechanism. The watermark is updated via a time loop or a counting loop. Every time interval t or after n local transaction handles are used, the current value of the local transaction handle is assigned to the updated watermark. When the handle segment is exhausted, a new handle segment is generated in the volatile memory using the starting value of the next handle segment recorded in the non-volatile memory, thus updating the starting value of the next handle segment in the non-volatile memory. When the device loses power and the data in the volatile memory is lost, a safety margin is added to the value indicated by the watermark. The value of the safety margin should be greater than the number of handle segments, thereby bypassing the value of the currently used local transaction handle and preventing handle reuse.

[0075] When the sequence number value of the local transaction handle reaches its exhaustion range, for enhanced security, this exhaustion range is controlled near the upper limit of the local transaction handle's data, with a certain amount of space reserved for redundancy. The sender and potential receiver then negotiate to update PQC_SS. After updating the master key, the local transaction handle is allowed to wrap around to 0. Each transaction's temporary session key is derived from the master key and the local transaction handle, ensuring the uniqueness of the transaction ID throughout the lifespan of a master key. Without updating PQC_SS, a wraparound value of 0 for the local transaction handle would create risks of key reuse and replay attacks.

[0076] The following section presents an example of a protocol adaptation profile. To ensure the implementability, standardization, and compatibility of the embodiments in specific applications (such as critical infrastructure like power grids), the embodiments further propose and define a detailed "protocol adaptation profile." It precisely maps the upper-level abstract mechanisms to the specific syntactic elements of a particular protocol (taking IEC 104 as an example), serving as a bridge connecting theory and practice.

[0077] A standard IEC 104 adaptation profile should include at least the following definitions:

[0078] Type ID specification: Explicitly specify a series of ASDU type ID values ​​that are not used in the application specifications of the target system or are reserved for vendor-defined purposes. For example, in IEC 104, the following can be specified:

[0079] TypeID = 240 (GENERAL_DATA_FRAGMENT): Used to mark the data fragments of this invention.

[0080] TypeID = 241 (ATC_NEGOTIATE_REQUEST): Used to carry ATC negotiation request messages.

[0081] TypeID = 242 (ATC_NEGOTIATE_RESPONSE): Used to carry ATC negotiation response messages.

[0082] TypeID = 243 (CREDIT_UPDATE): Used to carry credit update messages.

[0083] Information Object Address (IOA) reuse protocol:

[0084] (1) It is explicitly stipulated that a 3-byte IOA field should be used as the carrier of the transaction ID within the domain.

[0085] (2) Explicitly define the bit width division within the IOA field. For example, for a typical power grid system, it can be defined as:

[0086] The high 8 bits (bits 17-24) are used as the source station address, which directly corresponds to the public address in the IEC104 network.

[0087] The lower 16 bits (bits 1-16) are used as local transaction handles, providing 65,536 handle spaces, which is sufficient to meet the needs of most application scenarios.

[0088] Mapping between control and data channels:

[0089] (1) Logical channel definition: In order to achieve clear and unambiguous communication, this embodiment defines dedicated control plane and data plane channels in logic and distinguishes them by dedicated message types to avoid compatibility issues that may arise from reusing existing standard commands.

[0090] (2) Control plane: A dedicated request-response model is used for ATC negotiation, which can be initiated by either the main station or the substation.

[0091] ATC Negotiation Request Message: Define a new, dedicated TypeID (e.g., TypeID=241, named ATC_NEGOTIATE_REQUEST), encapsulated in an I-format frame.

[0092] ATC negotiation response message: Define a new, dedicated TypeID (e.g., TypeID=242, named ATC_NEGOTIATE_RESPONSE), encapsulated in an I-format frame.

[0093] This design ensures the logical symmetry and clarity of the negotiation process.

[0094] (3) Data plane: All data fragments, regardless of the transmission direction, are carried using a unified, newly defined GENERAL_DATA_FRAGMENT (TypeID=240) message. This design completely eliminates the reuse of standard messages, avoids any potential compatibility risks and logical ambiguities, and ensures the complete logical isolation of the virtual channels defined in this embodiment.

[0095] In this embodiment, the protocol mapping adaptation is not sensitive to the communication direction. See Table 1 for details:

[0096]

[0097] Table 1 Protocol Mapping Adaptation Table

[0098] Enumeration values ​​for data payload semantic types: Define a standard enumeration list used to declare data payload semantic types during negotiation. For example: 0x01: PQC_PublicKey, 0x02: PQC_Ciphertext, 0x03: Firmware_Image, 0x04: General_Confidential_Data.

[0099] By defining such a standardized profile, it is possible to ensure that the adaptation layers implemented by different manufacturers can be interconnected, thereby improving the practicality of the solution and providing a technical foundation for its future inclusion in industry standards.

[0100] Implementation Considerations and Cost Analysis: While achieving its technical objectives, this invention introduces certain system overhead, mainly reflected in the following aspects:

[0101] (1) Communication overhead: The ATC negotiation process adds message interaction during the initial transmission establishment; each data fragment is attached with a fixed-length message authentication code (f_mac), which occupies part of the transmission bandwidth.

[0102] (2) Computational overhead: Both communicating parties need to independently calculate and verify the MAC for each fragment, which consumes the device's CPU computing resources.

[0103] (3) Storage overhead: To ensure the uniqueness of the transaction handle (tx_handle) after power failure, it is necessary to perform write operations on it in non-volatile memory (NVM), which may affect the memory lifespan.

[0104] However, it is important to emphasize that the aforementioned overhead is a necessary price to pay for achieving secure high-payload transmission capabilities. Compared to the enormous costs, high complexity, and disruptive changes to the existing network architecture required to replace the entire protocol or deploy heavyweight tunneling protocols (such as IPsec / TLS), the overhead introduced by this invention is moderate and manageable. This solution, through a refined adaptive mechanism, ensures that the corresponding overhead is incurred only when needed, thereby achieving an effective balance between functionality, security, and cost.

[0105] The embodiments described above are merely preferred embodiments of the present invention and are not intended to limit the present invention in any way. Other variations and modifications may be made without departing from the technical solutions described in the claims.

Claims

1. A communication method based on the IEC104 protocol, integrating QRNG and PQC, for communication between a master station and a slave station, characterized by: Only the main station has the QRNG (Quantum Random Number Generator) service deployed. Both the main station and the sub-stations have security adaptation layers deployed, including the following steps: Step 1: The master station and the sub-station negotiate the PQC key through the IEC protocol, including transmitting the public key and ciphertext of the PQC key encapsulation mechanism in fragments so that both parties can obtain the PQC session key. Step 2: The main station's security adaptation layer calls the QRNG service to generate a quantum key; Step 3: The main station security adaptation layer uses the PQC session key to encrypt the quantum key, and transmits the encrypted quantum key to the sub-station via the IEC protocol; Step 4: The substation security adaptation layer uses the PQC session key to decrypt and obtain the quantum key; Step 5: The master station and the sub-station respectively use quantum key derivation function to generate service keys for IEC104 communication encryption; In steps 1 and 3, the transmitted messages use a custom application service data unit type identifier (TypeID), and the custom information object address (IOA) field is overloaded to carry the sender identifier and transaction handle, thus achieving a low-intrusive extension to the IEC104 protocol.

2. The IEC104 protocol communication method based on the integration of QRNG and PQC as described in claim 1, characterized in that, The fragmented transmission includes: Negotiate an adaptive transmission contract; Based on the adaptive transmission contract, the main station's security adaptation layer will fragment and encapsulate the transmitted content before delivery; The security adaptation layer of the substation receives and splices the various fragments and uploads them to the application layer of the substation. The adaptive transmission contract includes fragment size, security level, and credit limit. The master station sends application service units with fragments until the credit limit is exhausted, and the sub-station adjusts the fragment transmission speed by actively sending credit limit to the master station.

3. The IEC104 protocol communication method based on the integration of QRNG and PQC according to claim 2, characterized in that, Security levels are determined based on the type of transmitted content, and security protection strategies are set according to the security levels. The types of transmitted content include telemetry data, control commands, and key updates. Among them, telemetry data is protected by integrity; control commands are protected by encryption; and key updates are protected by quantum key distribution.

4. The IEC104 protocol communication method based on the integration of QRNG and PQC according to claim 1, characterized in that, The TypeID includes a first subtype, a second subtype, and a third subtype, wherein the first subtype corresponds to PQC public key fragmentation transmission; the second subtype corresponds to PQC ciphertext fragmentation transmission; and the third subtype corresponds to encrypted quantum key transmission.

5. The IEC104 protocol communication method based on the integration of QRNG and PQC according to claim 1, characterized in that, The QRNG service can be implemented using either a true random number generator based on quantum optics principles or a random number generator based on quantum noise.

6. The IEC104 protocol communication method based on the integration of QRNG and PQC according to claim 1 or 5, characterized in that, The PQC key encapsulation mechanism uses either the ML-KEM-768 parameter set or the ML-KEM-1024 parameter set.

7. The IEC104 protocol communication method based on the integration of QRNG and PQC according to claim 1, characterized in that, When the QRNG service is unavailable, it is downgraded to using only the PQC session key to derive the business key.

8. The IEC104 protocol communication method based on the integration of QRNG and PQC according to claim 1, characterized in that, The custom IOA field is also used to carry shard index information, which includes the shard index, the total number of shards, and the CAPTCHA generated based on the shard payload.

9. The IEC104 protocol communication method based on the integration of QRNG and PQC according to claim 1, characterized in that, The transaction handle is a monotonically increasing sequence number. When the sequence number value reaches the exhaustion range, a key update process is triggered to prevent replay attacks.

10. The IEC104 protocol communication method based on the integration of QRNG and PQC according to claim 1, characterized in that, It also includes a remote key revocation step: when a substation terminal is detected to have been compromised or its key has been leaked, the master station remotely revokes the key authorization of the substation via the IEC104 protocol.