A scheduling system and a unified key management device for a QOT networking system
By introducing a scheduling system and a unified key management device into the quantum secure communication network, the problems of high cost and inflexibility of QOT networking in the existing technology are solved, realizing multi-point, long-distance transmission and sharing of QOT keys, and improving the flexibility and application value of networking.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- QUANTUMCTEK CO LTD
- Filing Date
- 2024-12-30
- Publication Date
- 2026-06-30
AI Technical Summary
In existing technologies, QOT networking schemes based on quantum secure communication networks suffer from high costs and inflexibility in large-scale networking, and cannot share QOT keys among key application systems in multiple network nodes.
By employing a scheduling system and unified key management equipment, the QOT key application system can be accessed at any network node through a quantum secure communication network. QKD technology is used to realize multi-point, long-distance transmission and sharing of QOT keys, avoiding the need to add dedicated QOT equipment on nodes. Security is ensured by using hop-by-hop encrypted relay or XOR operation.
It enables multi-point, long-distance transmission and large-scale networking of QOT keys, improves networking flexibility, meets the needs of a wider range of business scenarios, and significantly enhances the application value of the QOT system.
Smart Images

Figure CN122316618A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the fields of quantum key distribution (QKD) and quantum inadvertent transmission (QOT), specifically to a scheduling system and unified key management device for QOT networking systems. Background Technology
[0002] Figure 1 This illustrates the working principle of an existing inadvertent quantum transmission scheme. To achieve inadvertent transmission based on quantum information, the transmitting end randomly selects a measurement basis (basis vector) sequence to modulate the first qubit sequence and sends the modulated photons to the receiving end. The receiving end selects a second measurement basis sequence to demodulate the received photons to obtain the second qubit sequence. The transmitting end then sends the first measurement basis sequence to the receiving end, which performs basis alignment and generates two position sets to return to the transmitting end. The two position sets include positions in the same part of the two measurement basis sets (hereinafter referred to as the "good" position set) and positions in the different parts of the two measurement basis sets (hereinafter referred to as the "bad" position set). The transmitting end generates two encryption keys based on the two position sets and sends a message encrypted with the encryption keys to the receiving end. The receiving end uses the position set of the same part of the two measurement basis sets to generate a decryption key and decrypts the encrypted message. Thus, in the quantum unintentional transmission scheme, the transmitting end publishes the modulated photon sequence, and the receiving end compares it with the base sequence and divides it into two position sets, "good" and "bad", and publishes the sequence numbers of the two position sets to the transmitting end. The transmitting end obtains the two position sets, "good" and "bad", but does not know which one is "good". Then the transmitting end and the receiving end generate encryption keys and decryption keys based on the position sets, respectively.
[0003] Building upon the aforementioned unintentional transmission scheme, existing technologies have further developed the method of sending the QOT encryption and decryption keys to upper-layer key application systems (such as multi-party computation systems) for use. These upper-layer key application systems then provide privacy data protection and other application scenarios. Figure 2 As shown.
[0004] To further expand application scenarios and achieve the goal of "any user can complete unintentional quantum transmission between users of any distance by deploying devices that support the QOT protocol," existing technologies have proposed... Figure 3The diagram illustrates a scheme for transmitting QOT encryption keys based on a quantum secure communication network. In this scheme, QOT devices (Alice, the sender) and Bob, the receiver, generate a QOT encryption key Qa (which includes two sets of encryption keys) and a QOT decryption key Qb based on the quantum inadvertent transmission QOT protocol. Alice, the sender, then sends the encryption key Qa to its directly connected QOT key application system A. Simultaneously, Bob, the receiver, transmits the decryption key Qb over a long distance to QOT key application system B via a quantum secure communication network using an encrypted relay method. This allows key application systems A and B to achieve inadvertent transmission between themselves based on the received encryption key Qa and decryption key Qb, respectively.
[0005] However, for example Figure 3 The existing QOT scheme based on quantum secure communication network shown has at least the following significant shortcomings: (1) When a new key application system needs a QOT key, a pair of dedicated QOT devices need to be deployed separately, which results in high cost and inflexibility for large-scale networking, and therefore its practical application value is small; (2) The scheme does not have the ability to share QOT keys among key application systems in multiple network nodes. Summary of the Invention
[0006] To address the aforementioned problems in existing technologies, this invention discloses a scheduling system and unified key management device for QOT networking systems. This system allows QOT key application systems to access any network node in a quantum secure communication network, relying on QKD technology and quantum secure communication networks. Simultaneously, it eliminates the need to add dedicated QOT devices to the access network node. This enables the QOT key application system to share QOT keys with any remote QOT key application system through its access network node, achieving multi-point, long-distance transmission and large-scale networking of QOT keys. This further improves the flexibility of QOT networking, meets the needs of a wider range of business scenarios, and significantly enhances the application value of the QOT system.
[0007] The first aspect of the present invention relates to a scheduling system for a QOT networking system, wherein the QOT networking system includes a quantum secure communication network having multiple network nodes, at least one of the multiple network nodes has a QOT system embedded therein, and at least two of the multiple network nodes are connected to a QOT key application system.
[0008] The scheduling system is configured to respond to a QOT key request by selecting one of the network nodes with the QOT system deployed as the key provider and determining the request key relay path from the key provider to the requester access network node and the destination key relay path from the key provider to the destination access network node.
[0009] The QOT key application includes an application message and the identifier of the network node accessed by the application end. The application message includes the QOT key length and the identifier of the QOT key application system as the destination.
[0010] Furthermore, the scheduling system of the present invention may include a correspondence between the identifier of the QOT key application system and the identifier of the network node to which the QOT key application system accesses, and is configured to determine the network node to which the QOT key application system accesses based on the identifier of the QOT key application system by means of the correspondence.
[0011] Furthermore, the key provider is determined based on at least one of the distance of the key relay path, the number of hops, and the amount of relay quantum key available.
[0012] Preferably, a network node is selected as the key provider, which has at least one of the following characteristics: shortest key relay path, fewest hops, and most available relay quantum keys.
[0013] Furthermore, the scheduling system of the present invention can be configured to relay the QOT key according to the key relay path in a hop-by-hop encrypted relay manner; or,
[0014] All intermediate relay nodes on the key relay path are controlled to send the result of the XOR operation between their uplink relay quantum key and their downlink relay quantum key to the destination network node of the key relay path, and the key provider is controlled to send the result of the XOR operation between its downlink relay quantum key and its QOT key to the destination network node of the key relay path.
[0015] Preferably, the application message includes identifiers of multiple destination QOT key application systems.
[0016] A second aspect of the present invention relates to a unified key management device for a QOT networking system, wherein the QOT networking system includes a quantum secure communication network having multiple network nodes, at least one of the multiple network nodes has a built-in QOT system for generating QOT keys, and at least two of the multiple network nodes are connected to a QOT key application system; and the unified key management device of the present invention is configured to control the QOT system to generate QOT keys in response to a QOT key request based on the control of the aforementioned scheduling system, wherein the QOT key request includes a QOT key length L1.
[0017] Furthermore, the unified key management device of the present invention is also configured to control the QKD device to switch to a QOT device to deploy a temporary QOT system.
[0018] Furthermore, after the temporary QOT system generates a QOT key of a preset length L2, the QOT device in the temporary QOT system is restored to a QKD device, where L2 = L1 * preset threshold.
[0019] Preferably, the preset threshold value is taken within the range [1.1, 2.0]. Attached Figure Description
[0020] The specific embodiments of the present invention will be described in further detail below with reference to the accompanying drawings.
[0021] To more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are only some embodiments of the present invention. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.
[0022] Figure 1 The working principle of an unintentional transmission scheme based on quantum information is illustrated schematically.
[0023] Figure 2 This schematically illustrates a QOT networking structure implemented in a point-to-point manner in the prior art;
[0024] Figure 3 This schematically illustrates a QOT networking structure based on a quantum secure communication network in the prior art;
[0025] Figure 4 A typical example of a QOT networking system based on a quantum secure communication network according to the present invention is illustrated schematically;
[0026] Figure 5 Another preferred example of a QOT networking system based on a quantum secure communication network according to the present invention is illustrated schematically;
[0027] Figure 6 Another preferred example of a QOT networking system based on a quantum secure communication network according to the present invention is illustrated schematically;
[0028] Figure 7 A preferred example of a QOT key request message and response message in the QOT networking scheme used in this invention is shown. Detailed Implementation
[0029] In the following description, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings. The following embodiments are provided by way of example in order to fully convey the spirit of the invention to those skilled in the art. Therefore, the invention is not limited to the embodiments disclosed herein.
[0030] Figure 4 The illustration schematically shows a typical example of a QOT networking system based on a quantum secure communication network according to the present invention. It allows a QOT key application system to be accessed at any network node of the quantum secure communication network without the need to add a dedicated QOT device to the access network node. This enables the QOT key application system to share QOT keys with any remote QOT key application system through its access network node, further improving the flexibility of QOT networking.
[0031] As shown in the figure, the QOT networking system of the present invention may include a quantum secure communication network, which includes a scheduling system (not shown) and multiple network nodes, such as network nodes 1, 2, ..., N. Each network node may be equipped with a QKD device and a unified key management device to allow the distribution of shared quantum keys between different network nodes using QKD, for example, as relay quantum keys or secure communication encryption keys.
[0032] In the QOT networking system of this invention, a QOT system can be deployed within any one or more network nodes of the quantum secure communication network, allowing the generation of QOT encryption keys and QOT decryption keys based on the QOT protocol under the control of their unified key management device. Simultaneously, a QOT key application system can be accessed on any two or more network nodes of the quantum secure communication network, thus enabling it to receive QOT keys from the accessed network nodes and apply them as needed.
[0033] The following will be Figure 4 Based on the network system structure shown, this paper describes in detail how to share QOT keys between any two or more QOT key application systems within the network system, in order to illustrate the functional configuration of the scheduling system and unified key management device for the QOT network system of the present invention.
[0034] exist Figure 4 Based on the QOT networking system shown, any QOT key application system in the QOT networking system (acting as the requesting end) can generate a QOT key request message and send it to the network node it is connected to (i.e., the requesting end access network node) in the QOT key request step according to the needs of, for example, the application scenario. Then, the network node sends the QOT key request to the scheduling system of the quantum secure communication network to request the sharing of the required QOT key among the specified QOT key application systems.
[0035] According to the present invention, the application message includes at least the QOT key length L1 (i.e. the length of each QOT encryption key) and the identifier of the QOT key application system as the destination.
[0036] When a requesting network node receives a request message, it can generate a QOT key request and send it to the scheduling system for submission. The QOT key request may include the request message and the network node's identifier.
[0037] For example, in Figure 4 In the example, QOT key application system A (as the requesting end) can generate a request message and send it to network node 3, to which QOT key application system A is connected, based on its need to share QOT keys with QOT key application system B (as the destination end). At this time, the request message includes at least the QOT key length L1 and the (device) identifier of the destination QOT key application system B.
[0038] Network node 3 can then generate a corresponding QOT key request based on the request message and its node identifier, and send it to the scheduling system of the quantum secure communication network.
[0039] When the scheduling system receives a QOT key request, it can use the node scheduling step to select and schedule an appropriate network node from the quantum secure communication network to serve as a key provider, so as to provide the required QOT key for subsequent distribution to the requester and destination specified in the QOT key request.
[0040] Specifically, in the node scheduling step of the present invention, the scheduling system can parse the identifier of the network node accessed by the requesting end and the identifier of the QOT key application system of the destination end from the QOT key application it receives, and determine the network node accessed by the destination end (i.e., the destination end access network node) based on the identifier of the destination end QOT key application system.
[0041] As an example, the scheduling system of the present invention can record and save the correspondence between the identifier of each QOT key application system and the identifier of the network node it accesses when the QOT key application system accesses the quantum secure communication network. Therefore, in the node scheduling step, the scheduling system can find the destination access network node based on the identifier of the destination QOT key application system according to the pre-recorded correspondence.
[0042] After determining the requesting network node and the destination network node based on the QOT key request, the scheduling system can calculate the key relay path between each network node with the QOT system and the requesting and destination network nodes, and determine, for example, the network node that can provide the best key relay path based on the calculated key relay path, to be used as the key provider.
[0043] As a preferred example, the scheduling system can determine the optimal key relay path from a plurality of calculated key relay paths based on at least one of the distance, hop count, and available relay quantum keys of the key relay path, and use the initial network node (which has a QOT system deployed) on the optimal key relay path as the key provider.
[0044] For example, among network nodes with a QOT system deployed, a network node with the shortest key relay path and the fewest hops can be selected as the key provider.
[0045] Furthermore, when multiple network nodes can provide key relay paths with the same shortest distance and fewest hops, the network node with the largest number of available relay quantum keys on its key relay path can be selected as the key provider.
[0046] For example, in Figure 4 In the example, the scheduling system can first find the network node, i.e. network node 7, that the destination QOT key application system B accesses by using the pre-recorded correspondence based on the QOT key application.
[0047] Then, the key relay paths from network node 1 and network node 5, which are equipped with the QOT system, to the requesting end access network node 3 and the destination end access network node 7 can be calculated respectively. It is found that among all the calculated key relay paths, the key relay paths from network node 5 to network nodes 3 and 7 have shorter distances and fewer hops. Therefore, network node 5 is determined to be used as the key provider corresponding to the current QOT key request.
[0048] After determining the network node to be used as the key provider, the QOT system in the key provider can be controlled to generate the required QOT keys, namely the QOT encryption key and the QOT decryption key, through the QOT key generation step.
[0049] Specifically, in the QOT key generation step, the scheduling system can control the QOT system (i.e., QOT device pair) under its management to enter the key generation state and start continuously generating QOT keys through the unified key management device in the key provider.
[0050] Subsequently, with the help of the QOT key relay transmission step, the unified key management device at the key provider end can relay the QOT encryption key to the applicant end access network node according to the key relay path at the applicant end, and relay the QOT decryption key to the destination end access network node according to the key relay path at the destination end.
[0051] For example in Figure 4In the example, the unified key management device in network node 5 can relay the QOT encryption key Qa and the QOT decryption key Qb to network node 3 and network node 7 respectively under the control of the scheduling system.
[0052] As an example, in the QOT key relay transmission step, the QOT key can be relayed using a conventional hop-by-hop encrypted relay method, that is, the relay quantum key is used to encrypt the transmission at each relay node in the key relay path.
[0053] Furthermore, considering that when the requesting end access network node and the destination end access network node are both located on the same side of the key provider, the use of hop-by-hop encrypted relay may pose a risk of QOT key leakage, this invention also proposes a preferred key relay transmission method.
[0054] In this preferred key relay transmission method, the scheduling system can control all intermediate relay nodes on the key relay path to send the XOR operation result of their uplink relay quantum key (i.e., the relay quantum key between themselves and the previous relay node on the key relay path) and their downlink relay quantum key (i.e., the relay quantum key between themselves and the next relay node on the key relay path) to the destination network node of the key relay path. Simultaneously, it controls the key provider to send the XOR operation result of its downlink relay quantum key and the QOT key to the destination network node of the key relay path. Finally, the destination network node performs an XOR operation on all the received XOR results and its uplink relay quantum key to achieve encrypted relay transmission of the QOT key. By using this method of directly transmitting the path key after XORing, secure key relay transmission can be achieved regardless of the location of the selected key provider.
[0055] For example, when the scheduling system selects network node 1 as the key provider, both the requesting network node 3 and the destination network node 7 are located on the same side. To transmit the QOT decryption key Qb generated by network node 1 to the destination network node 7, the scheduling system can control all intermediate relay nodes on the key relay path from network node 1 to network node 7, namely network nodes 2, 3, 4, 5, and 6, to XOR their respective uplink and downlink relay quantum keys and directly transmit them to network node 7. At this time, network node 7 will receive 5 sets of XOR operation results, i.e., K. 12 ⊕K 23 K 23 ⊕K 34 K 34 ⊕K 45 K 45 ⊕K 56 and K 56 ⊕K 67Meanwhile, under the control of the scheduling system, the unified key management device of network node 1 can use the QOT decryption key Qb generated by the QOT system and its downlink relay quantum key K to... 12 Perform an XOR operation to obtain the result Qb⊕K 12 The XOR operation result is then directly transmitted to network node 7. Network node 7 will then transmit all received XOR operation results K... 12 ⊕K 23 K 23 ⊕K 34 K 34 ⊕K 45 K 45 ⊕K 56 K 56 ⊕K 67 and Qb⊕K 12 And the locally stored uplink relay quantum key K 67 Perform an integrated XOR operation to obtain the QOT decryption key Qb = Qb⊕K 12 ⊕K 12 ⊕K 23 ⊕K 23 ⊕K 34 ⊕K 34 ⊕K 45 ⊕K 45 ⊕K 56 ⊕K 56 ⊕K 67 ⊕K 67 .
[0056] Finally, after the key provider transmits the QOT key to the requesting access network node and the destination access network node via key relay transmission, the requesting access network node can distribute the received QOT encryption key to the requesting party and the destination access network node can distribute the received QOT decryption key to the destination party in the QOT key distribution step.
[0057] For example, in Figure 4 In the example, after receiving the QOT encryption key Qa, network node 3 sends it to the QOT key application system A, and after receiving the QOT decryption key Qb, network node 7 sends it to the QOT key application system B.
[0058] According to the present invention, the unified key management device at the key provider end can control its QOT system to enter an idle state after the QOT system completes the QOT key generation task specified in the QOT key application, so as to allow it to serve other QOT key application systems, ensuring that a group of QOT devices can serve multiple groups of QOT key application systems, thereby allowing a more flexible networking architecture and lower networking costs in large-scale networking scenarios.
[0059] Figure 5 The illustration schematically shows another preferred example of a QOT networking system based on a quantum secure communication network according to the present invention, which allows for the dynamic control of temporarily switching a pair of QKD devices in a network node (which can reach both the requesting and destination access network nodes) to QOT devices as QOT devices when all dedicated QOT systems in the QOT networking system cannot meet the QOT key requests made by the QOT key application system. For example, when all QOT systems deployed in network nodes that can reach both the requesting and destination access network nodes are unavailable, a temporary QOT system can be deployed in that network node to provide QOT key services for the QOT key application system.
[0060] For example, in Figure 5 In the example, when the scheduling system of the quantum secure communication network determines, based on the QOT key request, that the requesting end access network node and the destination end access network node are network node 3 and network node 7 respectively, and finds that there is no idle QOT system in the current quantum secure communication network or that there is no idle QOT system on any network node that can reach network nodes 3 and 7, the scheduling system can, with the help of the above node scheduling steps, determine network node 5 as the key provider based on the principle of optimal key relay path, and, with the help of the unified key management device within network node 5, control a pair of QKD devices (e.g., QKD devices A2 and B2) managed by it to run the QOT protocol to switch to QOT devices, thereby establishing a temporary QOT system in network node 5. At this time, the temporary QOT system can be controlled to generate the corresponding number of QOT keys according to the QOT key request and transmit them to network nodes 3 and 7 via key relay transmission.
[0061] In this example, after the temporary QOT system generates a QOT key of a preset length L2 based on the QOT key application, the unified key management device can restore the QOT device in the temporary QOT system to a QKD device, so as to allow it to continue to provide QKD services.
[0062] To ensure the overall smooth operation of the network, a threshold can be preset to determine the amount of QOT keys that the temporary QOT system needs to generate based on the QOT key application: L2 = L1 * preset threshold.
[0063] According to the present invention, the preset threshold can preferably be taken in the range [1.1, 2.0]. By setting the lower limit of the value range to 1.1, it can be ensured that even in the event of network packet loss, the length of the generated QOT key can meet the usage requirements of the QOT key application system; while setting the upper limit of the value range to 2.0 can minimize the impact on QKD services.
[0064] Furthermore, with the help of the QOT networking system of the present invention, it is also possible to simultaneously set the identifiers of one or more destination QOT key application systems in the QOT key application message, thereby realizing the function of sharing QOT keys among QOT key application systems of any number of network nodes.
[0065] Figure 6 A preferred example of a QOT networking system based on a quantum secure communication network according to the present invention is illustrated, showing an application scenario in which QOT keys are shared simultaneously among more than two QOT key application systems A, B, C, ..., N.
[0066] Unlike Figure 4 ,exist Figure 6 In the example, the application message generated by the applicant can contain the identifiers of N destination QOT key application systems, such as: QOT key application system B, QOT key application system C, ..., QOT key application system N, etc.
[0067] Accordingly, the key provider selected through the node scheduling steps described above should be able to reach all destination access network nodes. Therefore, after the key provider generates the required QOT key through the QOT key generation step, the QOT key is distributed to the designated QOT key application system through the QOT key relay transmission step and the QOT key distribution step.
[0068] In this invention, to provide reliability verification of QOT key transmission, the QOT key can be transmitted via key relay in the form of a response message.
[0069] Figure 7 A preferred example of the QOT key request message and response message of the present invention is illustrated schematically.
[0070] like Figure 7 As shown, the application message may include a message sequence number, QOT key length, and the (device) identifier of one or more destination QOT key application systems.
[0071] The message sequence number is used as an identifier for the application message. It can use a universally unique identifier to ensure its global uniqueness with the help of UUID.
[0072] The QOT key length is used to identify the length of the QOT key that needs to be transmitted in this application.
[0073] The identifier of the destination QOT key application system is used to specify which destination QOT key application system(s) the QOT key should be sent to in this application.
[0074] See also Figure 7 The response message may include the message sequence number, QOT key, QOT key number, and QOT key hash value.
[0075] The message sequence number is used as an identifier for the response message. It can also use a universally unique identifier to ensure its global uniqueness with the help of UUID.
[0076] The QOT key is the QOT key itself to be transmitted, and the QOT key number is the unique number of the QOT key.
[0077] The QOT key hash value is the hash value of the QOT key to be transmitted, which is used to ensure the integrity of the transmitted message.
[0078] In summary, by utilizing the scheduling system and unified key management device of this invention, a QOT key application system can be accessed at any network node of the quantum secure communication network, relying on QKD technology and the quantum secure communication network. Simultaneously, without the need to add dedicated QOT devices to the access network node, the QOT key application system can share QOT keys with any remote QOT key application system through its access network node. This enables multi-point, long-distance transmission of QOT keys and large-scale networking, further improving the flexibility of QOT networking, meeting the needs of a wider range of business scenarios, and significantly enhancing the application value of the QOT system.
[0079] Although the present invention has been described above with reference to the accompanying drawings and specific embodiments, those skilled in the art will readily recognize that the above embodiments are merely exemplary and used to illustrate the principles of the present invention. They do not limit the scope of the present invention. Those skilled in the art can make various combinations, modifications and equivalent substitutions to the above embodiments without departing from the spirit and scope of the present invention.
Claims
1. A scheduling system for a QOT networking system, wherein, The QOT networking system includes a quantum secure communication network with multiple network nodes, at least one of the multiple network nodes has a built-in QOT system, and at least two of the multiple network nodes are connected to a QOT key application system; The scheduling system is configured to respond to a QOT key request by selecting one of the network nodes with the QOT system deployed as the key provider and determining the request key relay path from the key provider to the requester access network node and the destination key relay path from the key provider to the destination access network node. The QOT key application includes an application message and the identifier of the network node accessed by the application end. The application message includes the QOT key length and the identifier of the QOT key application system as the destination.
2. The scheduling system as described in claim 1, comprising a correspondence between the identifier of the QOT key application system and the identifier of the network node to which the QOT key application system accesses, and configured to determine the network node to which the QOT key application system accesses based on the identifier of the QOT key application system using the correspondence.
3. The dispatch system of claim 1, wherein, The key provider is determined based on at least one of the distance of the key relay path, the number of hops, and the amount of relay quantum keys available.
4. The dispatch system of claim 3, wherein, The network node that provides the key is selected as the key provider, having at least one of the following characteristics: shortest key relay path, fewest hops, and most available relay quantum keys.
5. The scheduling system as described in claim 1, wherein it is configured to: The QOT key is relayed according to the key relay path using a hop-by-hop encrypted relay method; or... All intermediate relay nodes on the key relay path are controlled to send the result of the XOR operation between their uplink relay quantum key and their downlink relay quantum key to the destination network node of the key relay path, and the key provider is controlled to send the result of the XOR operation between its downlink relay quantum key and its QOT key to the destination network node of the key relay path.
6. The dispatch system of any one of claims 1-5, wherein, The application message includes the identifiers of multiple destination QOT key application systems.
7. A unified key management device for a QOT networking system, wherein, The QOT networking system includes a quantum secure communication network with multiple network nodes. At least one of the multiple network nodes has a built-in QOT system for generating QOT keys, and at least two of the multiple network nodes are connected to a QOT key application system. The unified key management device is configured to control the scheduling system based on any one of claims 1-6, and in response to a QOT key request, control the QOT system to generate a QOT key, wherein the QOT key request includes a QOT key length L1.
8. The unified key management device as described in claim 7, further configured to control the QKD device to switch to a QOT device to deploy a temporary QOT system.
9. The unified key management device of claim 8, wherein, After the temporary QOT system generates a QOT key of a preset length L2, the QOT device in the temporary QOT system is restored to a QKD device, where L2 = L1 * preset threshold.
10. The unified key management device of claim 9, wherein, The preset threshold value is taken within the range [1.1, 2.0].