Communication control encryption system based on fusion of quantum key distribution and chaotic encryption
By generating fusion keys through quantum key-driven chaotic mapping and adjusting parameters in real time, the problems of insufficient key staticity and environmental adaptability in existing technologies are solved, and a highly secure and adaptive communication encryption system is realized.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- WUHU SIMBA NETWORK TECH CO LTD
- Filing Date
- 2026-03-16
- Publication Date
- 2026-06-19
AI Technical Summary
In existing technologies, the keys generated by quantum key distribution systems are directly used in traditional encryption algorithms and lack dynamic variability. The security of chaotic encryption systems depends on the randomness of initial parameters and is vulnerable to classical channel negotiation threats. Furthermore, encryption systems lack the ability to dynamically perceive the communication environment and are difficult to cope with channel interference or security threats in complex network environments.
Design a communication control encryption system based on the fusion of quantum key distribution and chaotic encryption. The system generates a fusion key by driving chaotic mapping iteration through quantum key distribution. The control module monitors the communication environment in real time and dynamically adjusts the chaotic mapping parameters and key update strategy to adapt to changes in the communication environment.
It achieves dynamic and unpredictable key generation process, enhances the security and adaptability of communication system, improves the robustness and flexibility of system in complex environments, and ensures high-security communication guarantee.
Smart Images

Figure CN122247583A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of information security technology, and more specifically, to a communication control encryption system based on the fusion of quantum key distribution and chaotic encryption. Background Technology
[0002] Quantum key distribution (QKD) technology, based on the principles of quantum mechanics, enables theoretically secure key distribution. In recent years, it has moved from the laboratory to practical pilot applications, becoming a cutting-edge direction in information security. Meanwhile, chaotic encryption technology, due to its extreme sensitivity to initial conditions and the near-randomness of generated sequences, has received continuous attention in classical secure communication. Combining the absolute security of quantum key distribution with the high complexity of chaotic systems to construct novel hybrid encryption schemes is an important development trend for improving the security level of future communication systems. However, existing technologies often simply link the two together or use them independently, failing to achieve a deep integration.
[0003] In existing technologies, keys generated by quantum key distribution systems are typically used directly in traditional symmetric encryption algorithms (such as AES). While the keys themselves are secure, the encryption process lacks dynamic variability. On the other hand, independent chaotic encryption systems, although complex in their encryption process, rely heavily on the randomness and secrecy of the initial parameters of the chaotic map for security. These parameters, if negotiated through classical channels, are at risk of being eavesdropped on. Furthermore, existing schemes lack dynamic awareness of the communication environment; key updates and encryption strategies are fixed, making it difficult to cope with sudden channel interference or security threats in complex network environments.
[0004] Therefore, a communication control encryption system based on the fusion of quantum key distribution and chaotic encryption is proposed to address the above-mentioned problems. The aim is to overcome the above-mentioned shortcomings, solve the problem of how to deeply couple quantum key distribution and chaotic encryption to enhance the overall security of the system, and solve the problem of insufficient adaptability of existing encryption systems in the face of dynamically changing communication environments. Summary of the Invention
[0005] To overcome the aforementioned deficiencies of the prior art, embodiments of the present invention provide a communication control encryption system based on the fusion of quantum key distribution and chaotic encryption, in order to solve the problems mentioned in the background art.
[0006] To achieve the above objectives, the present invention provides the following technical solution: a communication control encryption system based on the fusion of quantum key distribution and chaotic encryption, comprising a quantum key distribution module, a chaotic encryption module, a control module, and a communication interface module; The quantum key distribution module is configured to generate and distribute quantum keys through a quantum channel, and output the quantum keys to the control module; The chaotic encryption module is configured to generate a chaotic sequence based on a chaotic mapping and output the chaotic sequence to the control module; The control module is configured to receive the quantum key and the chaotic sequence, and generate a fusion key through fusion processing, wherein the fusion processing includes inputting the quantum key as an initial parameter or control parameter into the chaotic map for iterative calculation to enhance the randomness of the key; The control module is also configured to use the fusion key to encrypt or decrypt communication data transmitted through the communication interface module; The system dynamically adjusts the iterative parameters or system parameters of the chaotic mapping through the control module to adapt to changes in the communication environment.
[0007] Preferably, the quantum key distribution module generates the quantum key using a decoy state quantum key distribution protocol, wherein the quantum key comprises a series of random bit sequences and is transmitted to a legitimate receiver via a quantum channel; the quantum key distribution module is also configured to perform basis vector comparison and bit error rate estimation operations during the key generation process to ensure the security of the key; the generated quantum key is temporarily stored inside the control module or in an associated secure storage buffer, and is called by the control module as needed for subsequent fusion processing.
[0008] Preferably, the chaotic encryption module uses a Logistic mapping as the chaotic mapping to generate the chaotic sequence, and the iterative formula of the Logistic mapping is: ,in Let μ be the state value of the k-th iteration, and μ be the branch parameter; the initial value of the chaotic mapping. A portion of the quantum key is dynamically set, thereby introducing quantum randomness into the chaotic system; the chaotic encryption module is also configured to adjust the branch parameter μ, iteration step size or initial conditions of the chaotic map in real time according to the instructions of the control module, so as to control the complexity and periodicity of the generated chaotic sequence.
[0009] Preferably, the fusion processing of the control module specifically includes a key mixing stage and a key expansion stage; in the key mixing stage, the control module divides the quantum key into multiple segments and inputs each segment as a seed value into the chaotic mapping, generating an intermediate key sequence S through a preset number of iterative operations; in the key expansion stage, the control module fuses the intermediate key sequence S with the original chaotic sequence C generated by the chaotic encryption module to generate the fused key. The fusion operation is performed using the formula The control module is further configured to dynamically select the number of iterations or the arithmetic logic operation method used in the fusion processing process based on the amount of communication data, real-time security level requirements, or channel status.
[0010] Preferably, the control module is further configured to monitor the noise level, bit error rate, or potential attack threat indicators of the communication channel in real time or periodically, and adaptively adjust the update frequency or strength of the fusion key based on the monitoring results; when the noise level exceeds a preset threshold, the bit error rate is higher than a specific threshold, or an abnormal access pattern is detected, the control module automatically increases the number of iterations of the chaotic mapping, switches to a more complex chaotic mapping model, or triggers a quantum key redistribution process to improve the freshness and security of the fusion key; the adaptive adjustment is achieved through a closed-loop feedback mechanism, wherein the control module continuously obtains channel state information from the communication interface module or the dedicated channel monitoring unit.
[0011] Preferably, the communication interface module is configured to process the framing, modulation, and transmission of plaintext or ciphertext data, and supports multiple standard communication protocols including TCP / IP and UDP. The communication interface module interacts with the control module to group, pad, or encode the communication data before encryption to adapt to the bit length or structure requirements of the fusion key. During decryption, the communication interface module is also configured to verify and validate the received ciphertext data, and use the fusion key through the control module to perform corresponding decryption algorithm operations to recover the original data. Each module of the system is implemented in a software-defined manner and integrated and communicates through an application programming interface, without relying on specific hardware encryption / decryption chips or physical security modules.
[0012] Preferably, the system further includes a policy management unit connected to the control module; the policy management unit predefines a variety of key fusion policies and security policies, including specific chaotic mapping types, fusion processing procedures, or key update rules adopted for communication sessions of different data types and security levels; the control module loads and applies the corresponding policies from the policy management unit according to the attributes of the current communication session or external instructions to achieve differentiated encryption control; the policies of the policy management unit can be dynamically updated or switched based on the input of the system administrator or pre-configured rules.
[0013] The technical effects and advantages of this invention are as follows: Compared to existing technologies, this invention achieves dynamic and unpredictable key generation by designing a deep fusion mechanism that uses quantum keys as initial or control parameters of a chaotic system. Specifically, this scheme utilizes a truly random key generated by a quantum key distribution module to directly drive or modulate the iterative process of the chaotic mapping. This ensures that the generated fused key not only possesses quantum security but also inherits the initial value sensitivity and long-term unpredictability of the chaotic system. This approach effectively overcomes the security risks that parameter negotiation may bring in traditional chaotic encryption and breaks the limitation of directly using quantum keys for static encryption. It significantly enhances the cryptographic strength of the final session key, providing a more reliable guarantee for high-security communication.
[0014] Compared to existing technologies, this invention improves the robustness and flexibility of the system in complex communication environments by introducing an adaptive key update and policy switching mechanism based on channel state monitoring. This scheme enables the control module to monitor indicators such as channel noise and bit error rate in real time, and dynamically adjust the iterative parameters of the chaotic map, the update frequency of the fused key, or switch preset security policies accordingly. This mechanism achieves intelligent matching between the encryption policy and the communication environment. When channel degradation or potential attacks are detected, the system can automatically increase the encryption strength to ensure security; when channel conditions are good, it can optimize efficiency, thus achieving an optimal balance between communication performance and resource consumption while ensuring security. Attached Figure Description
[0015] Figure 1 This is a system overall framework diagram of the present invention.
[0016] Figure 2 This is a flowchart of the key generation and fusion process of the present invention.
[0017] Figure 3 This is the adaptive control flowchart of the present invention. Detailed Implementation
[0018] The technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, and not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.
[0019] Example 1 As attached Figures 1 to 3 The complete implementation process of the communication control encryption system based on the fusion of quantum key distribution and chaotic encryption, as shown below, is as follows: Phase 1: System Initialization and Parameter Pre-configuration Before the communication system can begin operation, system initialization and parameter pre-configuration must be performed. This stage is the foundation for all subsequent secure communication. First, the system administrator needs to set basic security policies for the system through the management interface. These policies include, but are not limited to: selecting the specific chaotic mapping type used (e.g., Logistic mapping, Chebyshev mapping, etc.), setting the initial value of the chaotic mapping branch parameter μ and the allowed dynamic adjustment range (e.g., setting the initial value μ0=3.9, allowing variation between 3.7 and 4.0), setting the initial number of chaotic iterations M (e.g., M=1000 times), and defining the length L of the fusion key (e.g., L=256 bits). Simultaneously, thresholds for channel state monitoring need to be set, including a high bit error rate threshold T_high (e.g., 10) to trigger a high-level security response. -3 ) and the low bit error rate threshold T_low (e.g., 10) that triggers normal efficiency mode -5 In addition, the operating parameters of the quantum key distribution module need to be configured, such as the protocol used (e.g., the decoy BB84 protocol), the laser pulse frequency, and the key synchronization period. These pre-configured parameters are securely stored in the system's policy management unit. The control module loads these parameters upon startup, completes its own logic initialization, and establishes a secure communication link with the quantum key distribution module, the chaotic encryption module, and the communication interface module. After initialization, the system enters a standby state, waiting for the initiation of a communication session.
[0020] Phase Two: Quantum Key Generation and Synchronization When secure communication is required, such as when terminal A needs to send encrypted data to terminal B, the system's quantum key distribution module is activated first. At terminal A, the laser within the quantum key distribution module generates a series of single-photon pulses. The polarization state of each photon is encoded according to randomly selected basis vectors (such as Rectilinear or Diagonal basis vectors), and this random sequence serves as the carrier of the original key. These photon pulses are transmitted to the communicating partner, terminal B, via a quantum channel (usually a dedicated optical fiber). Terminal B's quantum key distribution module measures the received photons using the randomly selected basis vectors. Subsequently, both parties compare basis vectors through a classical authentication channel, publicly discussing which moments used the same basis vectors, and the corresponding bits are preserved to form the original quantum key string. Next, both parties estimate the bit error rate of the quantum channel by sampling a portion of the key bits. If the bit error rate is below a security threshold (indicating no serious eavesdropping), key error correction and privacy amplification algorithms are executed, ultimately generating a completely identical and secure shared quantum key Q. This quantum key Q is temporarily stored in a secure buffer associated with the control module, and its status is marked as "available." This process ensures that both communicating parties have a shared secret foundation that is secure in terms of information theory.
[0021] Phase 3: Real-time generation and initialization of chaotic sequences Almost in parallel with, or immediately after, the quantum key synchronization process, the chaotic cryptographic module begins operation. At its core is one or more chaotic systems. Taking the most typical Logistic map as an example, its dynamic behavior is described by the following iterative formula: in, It is the state value of the chaotic system in the kth iteration. The variable is denoted by μ, whose value range is typically within the interval (0,1); μ is the branch parameter (μ is a parameter), and when μ is in the interval [3.57,4], the system exhibits a chaotic state. The chaotic encryption module first needs to set the initial value for the iteration. The key innovation of this invention lies in this initial value. The random number is not generated by a pseudo-random number generator, but rather by the control module extracting a subset of bits from the newly generated quantum key Q and converting them. For example, the control module takes the first 32 bits of Q, converts them into a floating-point number within the (0,1) range, and assigns it to... This makes the initial conditions of the chaotic system truly random. At the same time, the initial value of the branch parameter μ is pre-configured. Subsequently, the chaotic encryption module... Starting from this point, the system undergoes a sufficient number of iterations (e.g., M=1000 as previously set) according to the aforementioned iterative formula to eliminate transient effects and ensure that the system enters a stable chaotic state. Afterward, the chaotic encryption module begins to continuously output the iterative value sequence. This sequence is the original chaotic sequence. It exhibits characteristics such as sensitivity to initial conditions, quasi-randomness, and long-term unpredictability.
[0022] Phase 4: Deep Synthesis of the Fusion Key The control module obtains the available quantum key Q and the real-time original chaotic sequence. Then, the core fusion key synthesis process is initiated. This process aims to generate a session key that combines quantum security and chaotic complexity. This process typically involves two core steps: key mixing and key expansion.
[0023] In the key mixing step, the control module divides the complete quantum key Q (assuming a length of L bits) into several equal-length sub-segments, i.e. For each sub-segment The control module converts its value into a suitable initial value (similar to the processing in the third stage). The method involves inputting the data into a chaotic map. The branch parameter μ of the chaotic map can be a pre-configured value or fine-tuned according to the strategy. The chaotic system starts with the initial value corresponding to this sub-segment, performs N iterations, and records the result of the last iteration. (or several consecutive values). After all segments have been processed, a set of intermediate key values generated from the quantum key "seed" is obtained. This process is equivalent to repeatedly "washing" the chaotic system with quantum keys, so that the final generated S is deeply imprinted with the characteristics of quantum randomness.
[0024] In the subsequent key expansion step, the control module normalizes the intermediate key set S (e.g., converts floating-point numbers). Convert to a fixed-length binary string and concatenate them into a longer binary sequence. Meanwhile, the original chaotic sequence is output in real time from the chaotic encryption module. Take from the middle and The equal-length portions are also converted into binary sequences. Finally, the final fusion key is generated through specific fusion operations. A typical and efficient fusion operation is bitwise XOR plus modulo operation, which can be expressed as: in, This indicates the final generated fusion key ( (for variables) This shows the intermediate key binary sequence generated by chaotic iteration driven by quantum key distribution. (for variables) The binary representation of the original chaotic sequence directly generated by the chaotic encryption module. (As variables). In this way, not only is the randomness of the quantum key Q (via S) included, but also independent chaotic sequences are incorporated. The complexity of the algorithm enables deep cryptographic integration. The generated results are then fed into the encryption engine for later use.
[0025] Phase 5: Data Encryption and Secure Transmission The communication interface module receives the plaintext data (Data_plain) to be sent at the application layer. The control module then calls an encryption algorithm (such as one based on a fused key). Data_plain is encrypted using a stream cipher or block cipher algorithm. If using stream cipher mode, it is typically... As a seed for a keystream generator (which can itself be a chaotic system), a keystream of the same length as the plaintext is generated. This keystream is then XORed bit-by-bit with the plaintext to produce the ciphertext `Data_cipher`. If a block cipher mode (such as AES) is used, then... The data is encrypted in blocks using a symmetric key. After encryption, the Data_cipher is encapsulated into standard data packets (such as TCP / IP packets) via the communication interface module and transmitted to the receiving terminal B via a classic data channel. Throughout the transmission, the communication interface module continuously monitors the channel status, including metrics such as bit error rate (BER) and signal-to-noise ratio (SNR), and transmits this real-time data. Feedback is sent to the control module.
[0026] Phase 6: Adaptive Security Control and Key Update This is the core element demonstrating the dynamic adaptability of this invention. An adaptive strategy decision-making algorithm runs internally within the control module, continuously analyzing the channel state information fed back from the communication interface module. And security logs (such as whether abnormal connection attempts D_attack were detected). This decision logic can be expressed as: If channel state parameters High threshold or attack flag ==TRUE This is then classified as a high-risk environment. The control module immediately executes: 1) Increase the branch parameters of the chaotic map to... (For example, increase to 3.99), increasing chaotic complexity; 2) increase the number of iterations in the key mixing stage to 3) It may immediately trigger a quantum key redistribution (QKDRekeying) to obtain a new quantum key seed. This is intended to maximize encryption strength.
[0027] Otherwise, if the channel state parameters Low threshold This is then determined to be a low-risk environment with excellent channel performance. The control module can appropriately reduce the security load to improve efficiency, for example, by adjusting the branch parameters to... The number of iterations is set to .
[0028] Otherwise, maintain the standard security configuration and use the default parameters. and .
[0029] This decision-making process is a dynamic loop; once the parameters are adjusted, the subsequent generated chaotic sequence... and fusion key The characteristics of the system will change accordingly. The system may, based on a timer or after the amount of encrypted data reaches a certain threshold, proactively initiate a new round of fusion key synthesis (starting from the end of the third stage or the fourth stage), even if the channel conditions are stable, using the latest quantum key and chaotic parameters to generate a new key. This enables regular updates to the session key, further enhancing forward security.
[0030] Phase 7: Decryption at the receiving end and process closure At the receiving terminal B, its system architecture is completely symmetrical to that of terminal A. It also possesses the shared quantum key Q obtained through quantum key distribution, and based on the same pre-configuration strategy and adaptive adjustment parameters synchronized securely from terminal A (or self-calculated under the same decision logic), under the coordination of the control module, it generates a chaotic sequence and a fusion key that are completely synchronized with the transmitting end. Upon receiving the ciphertext Data_cipher, the communication interface module sends it to the decryption engine. The control module uses a locally generated ciphertext, identical to that of the sender. By performing the inverse operation corresponding to the encryption process (such as XOR decryption in stream ciphers or decryption algorithms in block ciphers), the original plaintext data Data_plain can be recovered and delivered to the upper-layer application. After successful decryption, the receiving end will also perform channel state monitoring and participate in an adaptive key update cycle to ensure that the security states of both communicating parties remain synchronized.
[0031] In summary, this invention deeply couples quantum security with chaotic encryption through an algorithm and achieves dynamic optimization through closed-loop feedback, thereby constructing a high-strength, highly adaptive end-to-end encrypted communication system.
[0032] Finally, the following points should be noted: First, in the description of this application, it should be noted that, unless otherwise specified and limited, the terms "installation", "connection", and "linkage" should be interpreted broadly, and can be mechanical or electrical connections, or internal connections between two components, or direct connections. "Up", "down", "left", "right", etc. are only used to indicate relative positional relationships. When the absolute position of the described object changes, the relative positional relationship may change. Secondly: The accompanying drawings of the embodiments disclosed in this invention only involve the structures involved in the embodiments disclosed in this invention. Other structures can refer to the general design. In the absence of conflict, the same embodiment and different embodiments of this invention can be combined with each other. In conclusion, the above description is only a preferred embodiment of the present invention and is not intended to limit the present invention. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and principles of the present invention should be included within the protection scope of the present invention.
Claims
1. A communication control encryption system based on the fusion of quantum key distribution and chaotic encryption, characterized in that, It includes a quantum key distribution module, a chaotic encryption module, a control module, and a communication interface module; The quantum key distribution module is configured to generate and distribute quantum keys through a quantum channel, and output the quantum keys to the control module; The chaotic encryption module is configured to generate a chaotic sequence based on a chaotic mapping and output the chaotic sequence to the control module; The control module is configured to receive the quantum key and the chaotic sequence, and generate a fusion key through fusion processing, wherein the fusion processing includes inputting the quantum key as an initial parameter or control parameter into the chaotic map for iterative calculation to enhance the randomness of the key; The control module is also configured to use the fusion key to encrypt or decrypt communication data transmitted through the communication interface module; The system dynamically adjusts the iterative parameters or system parameters of the chaotic mapping through the control module to adapt to changes in the communication environment.
2. The communication control encryption system based on the fusion of quantum key distribution and chaos encryption according to claim 1, characterized in that, The quantum key distribution module generates the quantum key using a decoy state quantum key distribution protocol. The quantum key includes a series of random bit sequences and is transmitted to a legitimate receiver via a quantum channel. The quantum key distribution module is also configured to perform basis vector comparison and bit error rate estimation operations during the key generation process to ensure the security of the key. The generated quantum key is temporarily stored inside the control module or in an associated secure storage buffer and is called by the control module as needed for subsequent fusion processing.
3. The communication control encryption system based on the fusion of quantum key distribution and chaos encryption according to claim 1, characterized in that, The chaotic encryption module adopts a Logistic map as the chaotic map to generate the chaotic sequence, and an iterative formula of the Logistic map is wherein is a state value of the kth iteration, μ is a branch parameter; an initial value of the chaotic map is dynamically set by a part of the quantum key, so as to introduce quantum randomness into the chaotic system; and the chaotic encryption module is further configured to adjust the branch parameter μ, the iteration step or the initial condition of the chaotic map in real time according to an instruction of the control module, so as to control the complexity and periodicity of the generated chaotic sequence.
4. The communication control encryption system based on the fusion of quantum key distribution and chaos encryption according to claim 1, characterized in that, The fusion processing of the control module specifically includes a key mixing stage and a key expansion stage; in the key mixing stage, the control module divides the quantum key into multiple segments and inputs each segment as a seed value into the chaotic mapping, and generates an intermediate key sequence S through a preset number of iterative operations; In the key expansion phase, the control module performs a fusion operation on the intermediate key sequence S and the original chaotic sequence C generated by the chaotic encryption module to generate the fusion key , wherein the fusion operation is implemented by the formula ; the control module is further configured to dynamically select the number of iterations or the arithmetic logic operation mode in the fusion process according to the communication data volume, the real-time security level requirement or the channel state.
5. The communication control encryption system based on the fusion of quantum key distribution and chaos encryption according to claim 4, characterized in that, The control module is also configured to monitor the noise level, bit error rate, or potential attack threat indicators of the communication channel in real time or periodically, and adaptively adjust the update frequency or strength of the fusion key based on the monitoring results. When the noise level exceeds a preset threshold, the bit error rate is higher than a specific threshold, or an abnormal access pattern is detected, the control module automatically increases the iteration number of the chaotic mapping, switches to a more complex chaotic mapping model, or triggers a quantum key redistribution process to improve the freshness and security of the fusion key. The adaptive adjustment is achieved through a closed-loop feedback mechanism, wherein the control module continuously obtains channel state information from the communication interface module or a dedicated channel monitoring unit.
6. The communication control encryption system based on the fusion of quantum key distribution and chaos encryption according to claim 1, characterized in that, The communication interface module is configured to process the framing, modulation, and transmission of plaintext or ciphertext data, and supports multiple standard communication protocols including TCP / IP and UDP. The communication interface module interacts with the control module, grouping, padding, or encoding the communication data before encryption to adapt to the bit length or structure requirements of the fusion key. During decryption, the communication interface module is also configured to verify and validate the received ciphertext data, and use the fusion key through the control module to perform corresponding decryption algorithm operations to recover the original data. Each module of the system is implemented in a software-defined manner and integrated and communicates through an application programming interface, without relying on specific hardware encryption / decryption chips or physical security modules.
7. The communication control encryption system based on the fusion of quantum key distribution and chaos encryption according to claim 1, characterized in that, The system also includes a policy management unit connected to the control module; the policy management unit predefines a variety of key fusion policies and security policies, including specific chaotic mapping types, fusion processing procedures, or key update rules for communication sessions of different data types and security levels; the control module loads and applies the corresponding policies from the policy management unit according to the attributes of the current communication session or external instructions to achieve differentiated encryption control; the policies of the policy management unit can be dynamically updated or switched based on the system administrator's input or pre-configured rules.