Apparatus and method for performing transport layer security on basis of quantum public key infrastructure in quantum communication system

Abstract

According to various embodiments of the present invention, a method performed by a first node is provided, the method comprising the steps of: transmitting, to a second node, a first hello message related to a quantum security system support of the first node; receiving, from the second node, a second hello message related to a quantum security system support of the second node; receiving, from the second node through a classical channel, a server certificate including a server public key of the second node; receiving, from the second node through a quantum channel, a quantum public key (QPK) packet including a QPK of the second node; transmitting, to the second node through the classical channel, a client key exchange message including information about a pre-master key of the first node; transmitting, to the second node through the quantum channel, a quantum key exchange message including quantum key information about the second node; and performing secure communication with the second node on the basis of a master key related to the quantum key information.

Description

Device and method for performing transport layer security based on quantum public key infrastructure in a quantum communication system

[0001] The present disclosure relates to an apparatus and method for a quantum communication system. Specifically, the present disclosure may provide an apparatus and method for performing Transport Layer Security based on Quantum Public Key Infrastructure in a quantum communication system.

[0002]

[0003] Systems using Public Key Encryption may face security threats due to advancements in Quantum Computers and Quantum Algorithms. It is theoretically known that encryption methods based on RSA (RIVEST-SHAMIR-ADLEMAN) or ECC (Elliptic Curve Cryptography), which are commonly used in asymmetric key-based security systems, can be decrypted within the validity period through the parallel operation of the Shor Algorithm. In the case of RSA 2048-bit integers, it is possible to factor them within 8 hours using 20 million noisy qubits ["How to factor 2048-bit RSA integers in 8 hours using 20 million noisy qubits" Quantum 5,433 (2021)], and a study analyzing that factoring is possible within 177 days using only 13,436 qubits based on multi-parallel quantum memory ["Factoring 2048-bit RSA Integers in 177 Days with 13,436 Qubits and a Multimode Memory" PRL, (2021)] has been published. The collapse of asymmetric key encryption systems by such Quantum Algorithms poses a serious threat to secure communication systems based on asymmetric key encryption.

[0004] To prevent such security threats, a method is required to address the threats posed by the Quantum Algorithm while maintaining an asymmetric key system. To this end, the problem of trapdoor leakage caused by the Quantum Algorithm can be adaptively prevented by periodically updating the Public Key. This ensures that real-time leakage does not occur even if a Plaintext Attack is launched by the Quantum Algorithm. However, even if real-time leakage does not occur, an attacker can still perform a Plaintext Attack later through a Harvest-Now-Decrypt-Later (HNDL) Attack. Consequently, limiting the validity period of the Public Key alone cannot achieve fundamental information security.

[0005] Furthermore, while Post-Quantum Cryptography (PQC) technology is emerging, all asymmetric key systems based on computational complexity inevitably face the risk of being threatened by the emergence of new Quantum Algorithms. Additionally, transitioning to a new security system can entail a significant technical burden to implement the new security technology across all devices. Similarly, as PQC is a security method based on computational complexity, it cannot achieve physical security. Therefore, even if real-time leakage does not occur, an attacker can subsequently perform a Plaintext Attack through a Harvest-Now-Decrypt-Later (HNDL) Attack.

[0006] The present disclosure proposes a Quantum Public Key Infrastructure (QPKI)-based Transport Layer Security (TLS) system that achieves physical information security by constructing a Quantum Public Key (QPK) based on the No-cloning Theorem and performing Quantum Public Key Encryption (QPKE).

[0007]

[0008] To solve the aforementioned problems, the present disclosure provides an apparatus and method for performing Transport Layer Security based on Quantum Public Key Infrastructure in a quantum communication system.

[0009] The technical problems to be solved in this disclosure are not limited to those mentioned above, and other technical problems not mentioned will be clearly understood by those skilled in the art to which this disclosure belongs from the description below.

[0010]

[0011] To solve the aforementioned problems, the present disclosure provides an apparatus and method for performing Transport Layer Security based on Quantum Public Key Infrastructure in a quantum communication system.

[0012] The technical problems to be solved in this disclosure are not limited to those mentioned above, and other technical problems not mentioned will be clearly understood by those skilled in the art to which this disclosure belongs from the description below.

[0013]

[0014] To solve the aforementioned problems, the present disclosure may provide an apparatus and method for performing Transport Layer Security based on Quantum Public Key Infrastructure in a quantum communication system.

[0015]

[0016] The drawings attached below are intended to aid in understanding the present disclosure and may provide embodiments of the present disclosure together with the detailed description. However, the technical features of the present disclosure are not limited to specific drawings, and the features disclosed in each drawing may be combined with one another to form new embodiments. Reference numerals in each drawing may denote structural elements.

[0017] Figure 1 is a diagram illustrating physical channels used in 3GPP systems and an example of typical signal transmission.

[0018] Figure 2 is a diagram illustrating the system structure of a New Generation Radio Access Network (NG-RAN).

[0019] Figure 3 is a diagram illustrating the functional division between NG-RAN and 5GC.

[0020] Figure 4 is a diagram illustrating an example of a 5G usage scenario.

[0021] Figure 5 is a diagram illustrating an example of a communication structure that can be provided in a 6G system.

[0022] Figure 6 is a schematic diagram illustrating an example of a perceptron structure.

[0023] Figure 7 is a schematic diagram illustrating an example of a multilayer perceptron structure.

[0024] Figure 8 is a schematic diagram illustrating an example of a deep neural network.

[0025] Figure 9 is a schematic diagram illustrating an example of a convolutional neural network.

[0026] Figure 10 is a schematic diagram illustrating an example of a filter operation in a convolutional neural network.

[0027] Figure 11 is a schematic diagram illustrating an example of a neural network structure in which a recurrent loop exists.

[0028] Figure 12 is a schematic diagram illustrating an example of the operational structure of a recurrent neural network.

[0029] Figure 13 is a diagram illustrating an example of an electromagnetic spectrum.

[0030] Figure 14 is a diagram illustrating an example of a THz communication application.

[0031] FIG. 15 is a diagram illustrating an example of an electronic device-based THz wireless communication transceiver.

[0032] FIG. 16 is a diagram illustrating an example of a method for generating a THz signal based on an optical element.

[0033] FIG. 17 is a diagram illustrating an example of a THz wireless communication transceiver based on an optical element.

[0034] Figure 18 is a diagram illustrating the structure of a photon source-based transmitter.

[0035] Figure 19 is a diagram illustrating the structure of an optical modulator.

[0036] Figure 20 is a diagram illustrating an example of a general scenario of quantum communication.

[0037] FIG. 21 is a diagram illustrating an example of quantum communication for classical bits and quantum communication for quantum bits in a system applicable to the present disclosure.

[0038] FIG. 22 is a diagram illustrating an example of three basic properties of quantum information that can be used for information communication in a system applicable to the present disclosure.

[0039] FIG. 23 is a diagram illustrating an example of the DL04 QSDC protocol in a system applicable to the present disclosure.

[0040] FIG. 24 is a diagram illustrating an example of a two-step QSDC protocol in a system applicable to the present disclosure.

[0041] FIG. 25 is a diagram illustrating an example of a Transport Layer Security (TLS) procedure in a system applicable to the present disclosure.

[0042] FIG. 26 is a diagram illustrating an example of an N32 protocol stack in a system applicable to the present disclosure.

[0043] FIG. 27 is a diagram illustrating an example of a procedure for performing Transport Layer Security based on Quantum Public Key Infrastructure (TLS based on QPKI) in a system applicable to the present disclosure.

[0044] FIG. 28 is a diagram illustrating an example of the structure of a server certificate in a system applicable to the present disclosure.

[0045] FIG. 29 is a diagram illustrating an example of the structure of a QPK packet in a system applicable to the present disclosure.

[0046] FIG. 30 is a diagram illustrating an example of the structure of a Client Key Exchange Packet in a system applicable to the present disclosure.

[0047] FIG. 31 is a diagram illustrating an example of the structure of a Quantum Key Exchange Packet in a system applicable to the present disclosure.

[0048] FIG. 32 is a diagram illustrating an example of qubit rotation in a system applicable to the present disclosure.

[0049] FIG. 33 is a diagram illustrating an example of a Pauli operator in a system applicable to the present disclosure.

[0050] FIG. 34 is a diagram illustrating an example of qubit rotation in a system applicable to the present disclosure.

[0051] FIG. 35 is a diagram illustrating an example of qubit rotation in a system applicable to the present disclosure.

[0052] FIG. 36 is a diagram illustrating an example of the operation process of a first node in a system applicable to the present disclosure.

[0053] FIG. 37 is a diagram illustrating an example of the operation process of a second node in a system applicable to the present disclosure.

[0054] FIG. 38 illustrates a communication system (1) applicable to various embodiments of the present disclosure.

[0055] FIG. 39 illustrates a wireless device that can be applied to various embodiments of the present disclosure.

[0056] FIG. 40 illustrates another example of a wireless device that can be applied to various embodiments of the present disclosure.

[0057] FIG. 41 illustrates a signal processing circuit for a transmission signal.

[0058] FIG. 42 shows another example of a wireless device applicable to various embodiments of the present disclosure.

[0059] FIG. 43 illustrates a portable device applicable to various embodiments of the present disclosure.

[0060] FIG. 44 illustrates a vehicle or autonomous vehicle applicable to various embodiments of the present disclosure.

[0061] FIG. 45 illustrates a vehicle applicable to various embodiments of the present disclosure.

[0062] FIG. 46 illustrates an XR device applied to various embodiments of the present disclosure.

[0063] FIG. 47 illustrates a robot applicable to various embodiments of the present disclosure.

[0064] FIG. 48 illustrates an AI device applied to various embodiments of the present disclosure.

[0065]

[0066] In various embodiments of the present disclosure, "A or B" may mean "only A," "only B," or "both A and B." Alternatively, in various embodiments of the present disclosure, "A or B" may be interpreted as "A and / or B." For example, in various embodiments of the present disclosure, "A, B or C" may mean "only A," "only B," "only C," or "any combination of A, B and C."

[0067] In various embodiments of the present disclosure, a slash ( / ) or a comma used may mean "and / or." For example, "A / B" may mean "A and / or B." Accordingly, "A / B" may mean "only A," "only B," or "both A and B." For example, "A, B, C" may mean "A, B or C."

[0068] In various embodiments of the present disclosure, "at least one of A and B" may mean "only A," "only B," or "both A and B." Additionally, in various embodiments of the present disclosure, the expressions "at least one of A or B" or "at least one of A and / or B" may be interpreted as synonymous with "at least one of A and B."

[0069] Additionally, in various embodiments of the present disclosure, “at least one of A, B and C” may mean “only A,” “only B,” “only C,” or “any combination of A, B and C.” Also, “at least one of A, B or C” or “at least one of A, B and / or C” may mean “at least one of A, B and C.”

[0070] Additionally, parentheses used in various embodiments of the present disclosure may mean "for example." Specifically, when indicated as "control information (PDCCH)," "PDCCH" may be proposed as an example of "control information." In other words, the "control information" of various embodiments of the present disclosure is not limited to "PDCCH," and "PDDCH" may be proposed as an example of "control information." Furthermore, even when indicated as "control information (i.e., PDCCH)," "PDCCH" may be proposed as an example of "control information."

[0071] Technical features described individually within one drawing in various embodiments of the present disclosure may be implemented individually or simultaneously.

[0072]

[0073] The following technologies can be used in various wireless access systems such as CDMA, FDMA, TDMA, OFDMA, and SC-FDMA. CDMA can be implemented using wireless technologies such as UTRA (Universal Terrestrial Radio Access) or CDMA2000. TDMA can be implemented using wireless technologies such as GSM (Global System for Mobile Communications), GPRS (General Packet Radio Service), and EDGE (Enhanced Data Rates for GSM Evolution). OFDMA can be implemented using wireless technologies such as IEEE 802.11 (Wi-Fi), IEEE 802.16 (WiMAX), IEEE 802-20, and E-UTRA (Evolved UTRA). UTRA is part of the UMTS (Universal Mobile Telecommunications System). 3GPP (3rd Generation Partnership Project) LTE (Long Term Evolution) is part of E-UMTS (Evolved UMTS) using E-UTRA, and LTE-A (Advanced) / LTE-A pro is an evolved version of 3GPP LTE. 3GPP NR (New Radio or New Radio Access Technology) is an evolved version of 3GPP LTE / LTE-A / LTE-A pro. 3GPP 6G may be an evolved version of 3GPP NR.

[0074]

[0075] For clarity of explanation, the description is based on 3GPP communication systems (e.g., LTE, NR, etc.), but the technical scope of this disclosure is not limited thereto. LTE refers to technology from 3GPP TS 36.xxx Release 8 onwards. Specifically, LTE technology from 3GPP TS 36.xxx Release 10 onwards is referred to as LTE-A, and LTE technology from 3GPP TS 36.xxx Release 13 onwards is referred to as LTE-A pro. 3GPP NR refers to technology from TS 38.xxx Release 15 onwards. 3GPP 6G may refer to technology from TS Release 17 and / or Release 18 onwards. "xxx" indicates a specific standard document number. LTE / NR / 6G may be collectively referred to as 3GPP systems. Regarding background technology, terms, abbreviations, etc. used in the description of this disclosure, reference may be made to matters described in standard documents published prior to this disclosure. For example, the following documents may be referenced.

[0076]

[0077] 3GPP LTE

[0078] - 36.211: Physical channels and modulation

[0079] - 36.212: Multiplexing and channel coding

[0080] - 36.213: Physical layer procedures

[0081] - 36.300: Overall description

[0082] - 36.331: Radio Resource Control (RRC)

[0083] 3GPP NR

[0084] - 38.211: Physical channels and modulation

[0085] - 38.212: Multiplexing and channel coding

[0086] - 38.213: Physical layer procedures for control

[0087] - 38.214: Physical layer procedures for data

[0088] - 38.300: NR and NG-RAN Overall Description

[0089] - 38.331: Radio Resource Control (RRC) protocol specification

[0090]

[0091] Physical Channel and Frame Structure

[0092] Physical channels and general signal transmission

[0093] Figure 1 is a diagram illustrating physical channels used in 3GPP systems and an example of typical signal transmission.

[0094] In a wireless communication system, a terminal receives information from a base station via a downlink (DL) and transmits information to the base station via an uplink (UL). The information transmitted and received by the base station and the terminal includes data and various control information, and various physical channels exist depending on the type and purpose of the information they transmit and receive.

[0095]

[0096] When the terminal is powered on or enters a new cell, it performs an initial cell search operation, such as synchronizing with the base station (S11). To do this, the terminal receives a Primary Synchronization Signal (PSS) and a Secondary Synchronization Signal (SSS) from the base station to synchronize with the base station and obtain information such as a cell ID. After that, the terminal receives a Physical Broadcast Channel (PBCH) from the base station to obtain broadcast information within the cell. Meanwhile, during the initial cell search phase, the terminal receives a Downlink Reference Signal (DL RS) to check the downlink channel status.

[0097]

[0098] A terminal that has completed initial cell search can obtain more specific system information by receiving a Physical Downlink Control Channel (PDCCH) and a Physical Downlink Control Channel (PDSCH) according to the information carried on the PDCCH (S12).

[0099]

[0100] Meanwhile, when connecting to a base station for the first time or when there are no wireless resources available for signal transmission, the terminal may perform a Random Access Procedure (RACH) with respect to the base station (S13 to S16). To this end, the terminal transmits a specific sequence as a preamble through a Physical Random Access Channel (PRACH) (S13 and S15), and may receive a response message (RAR (Random Access Response) message) for the preamble through a PDCCH and a corresponding PDSCH. In the case of a contention-based RACH, a Contention Resolution Procedure may additionally be performed (S16).

[0101]

[0102] A terminal that has performed the procedure described above may subsequently perform PDCCH / PDSCH reception (S17) and Physical Uplink Shared Channel (PUSCH) / Physical Uplink Control Channel (PUCCH) transmission (S18) as a general uplink / downlink signal transmission procedure. In particular, the terminal may receive Downlink Control Information (DCI) through the PDCCH. Here, the DCI includes control information such as resource allocation information for the terminal, and the format may be applied differently depending on the purpose of use.

[0103]

[0104] Meanwhile, control information transmitted by the terminal to the base station via the uplink or received by the terminal from the base station may include downlink / uplink ACK / NACK signals, CQI (Channel Quality Indicator), PMI (Precoding Matrix Index), RI (Rank Indicator), etc. The terminal may transmit the control information such as the above-mentioned CQI / PMI / RI via PUSCH and / or PUCCH.

[0105]

[0106] Structure of uplink and downlink channels

[0107] Downlink Channel Structure

[0108] The base station transmits a relevant signal to the terminal through the downlink channel described below, and the terminal receives the relevant signal from the base station through the downlink channel described below.

[0109]

[0110] (1) Physical Downlink Sharing Channel (PDSCH)

[0111] PDSCH carries downlink data (e.g., DL-shared channel transport block, DL-SCH TB), and modulation methods such as QPSK (Quadrature Phase Shift Keying), 16 QAM (Quadrature Amplitude Modulation), 64 QAM, and 256 QAM are applied. Codewords are generated by encoding the TB. PDSCH can carry multiple codewords. Scrambling and modulation mapping are performed for each codeword, and the modulation symbols generated from each codeword are mapped to one or more layers (Layer mapping). Each layer is mapped to a resource along with the DMRS (Demodulation Reference Signal) to generate an OFDM symbol signal, which is then transmitted through the corresponding antenna port.

[0112]

[0113] (2) Physical Downlink Control Channel (PDCCH)

[0114] A PDCCH carries downlink control information (DCI) and applies methods such as QPSK modulation. A single PDCCH consists of 1, 2, 4, 8, or 16 Control Channel Elements (CCEs) depending on the Aggregation Level (AL). A single CCE consists of 6 Resource Element Groups (REGs). A single REG is defined by one OFDM symbol and one (P)RB.

[0115] The terminal obtains the DCI transmitted over the PDCCH by performing decoding (also known as blind decoding) on ​​a set of PDCCH candidates. The set of PDCCH candidates decoded by the terminal is defined as the PDCCH Search Space set. The Search Space set may be a common search space or a UE-specific search space. The terminal may obtain the DCI by monitoring PDCCH candidates within one or more Search Space sets configured by the MIB or upper-layer signaling.

[0116]

[0117] Uplink Channel Structure

[0118] The terminal transmits a relevant signal to the base station through the uplink channel described below, and the base station receives the relevant signal from the terminal through the uplink channel described below.

[0119] (1) Physical uplink shared channel (PUSCH)

[0120] PUSCH carries uplink data (e.g., UL-shared channel transport block, UL-SCH TB) and / or uplink control information (UCI) and is transmitted based on a CP-OFDM (Cyclic Prefix - Orthogonal Frequency Division Multiplexing) waveform, DFT-s-OFDM (Discrete Fourier Transform - spread - Orthogonal Frequency Division Multiplexing) waveform, etc. When PUSCH is transmitted based on a DFT-s-OFDM waveform, the terminal applies transform precoding to transmit PUSCH. For example, if transform precoding is not possible (e.g., transform precoding is disabled), the terminal transmits PUSCH based on a CP-OFDM waveform, and if transform precoding is enabled (e.g., transform precoding is enabled), the terminal can transmit PUSCH based on a CP-OFDM waveform or a DFT-s-OFDM waveform. PUSCH transmissions can be dynamically scheduled by UL grants within DCI or semi-statically scheduled based on upper layer (e.g., RRC) signaling (and / or Layer 1 (L1) signaling (e.g., PDCCH)) configured grants. PUSCH transmissions can be performed in a codebook-based or non-codebook-based manner.

[0121] (2) Physical uplink control channel (PUCCH)

[0122] A PUCCH carries uplink control information, HARQ-ACK and / or scheduling request (SR), and can be divided into multiple PUCCHs depending on the PUCCH transmission length.

[0123]

[0124] The following describes new radio access technology (new RAT, NR).

[0125] As more communication devices require larger communication capacities, the need for enhanced mobile broadband communication compared to existing radio access technology (RAT) is emerging. Furthermore, Massive Machine Type Communications (MTC), which connects multiple devices and objects to provide various services anytime and anywhere, is also one of the major issues to be considered in next-generation communication. In addition, communication system designs that consider services / terminals sensitive to reliability and latency are being discussed. Thus, the introduction of next-generation radio access technology considering enhanced mobile broadband communication, massive MTC, and Ultra-Reliable and Low Latency Communication (URLLC) is being discussed, and for convenience in the various embodiments of this disclosure, such technology is referred to as new RAT or NR.

[0126]

[0127] Figure 2 is a diagram illustrating the system structure of a New Generation Radio Access Network (NG-RAN).

[0128] Referring to FIG. 2, the NG-RAN may include gNBs and / or eNBs that provide user plane and control plane protocol termination to terminals. FIG. 1 illustrates a case where only gNBs are included. The gNBs and eNBs are connected to each other via Xn interfaces. The gNBs and eNBs are connected to the 5G Core Network (5GC) via NG interfaces. More specifically, they are connected to the access and mobility management function (AMF) via NG-C interfaces and to the user plane function (UPF) via NG-U interfaces.

[0129]

[0130] Figure 3 is a diagram illustrating the functional division between NG-RAN and 5GC.

[0131] Referring to FIG. 3, the gNB can provide functions such as Inter Cell RRM, RB control, Connection Mobility Control, Radio Admission Control, Measurement Configuration & Provision, and Dynamic Resource Allocation. The AMF can provide functions such as NAS security and idle state mobility processing. The UPF can provide functions such as Mobility Anchoring and PDU processing. The SMF (Session Management Function) can provide functions such as terminal IP address allocation and PDU session control.

[0132]

[0133] Figure 4 is a diagram illustrating an example of a 5G usage scenario.

[0134] The 5G usage scenario illustrated in FIG. 4 is merely exemplary, and the technical features of various embodiments of the present disclosure may be applied to other 5G usage scenarios not illustrated in FIG. 4.

[0135] Referring to FIG. 4, the three major requirement areas of 5G include (1) enhanced mobile broadband (eMBB), (2) massive machine type communication (mMTC), and (3) ultra-reliable and low latency communications (URLLC). Some use cases may require multiple areas for optimization, while others may focus on only one key performance indicator (KPI). 5G supports these various use cases in a flexible and reliable manner.

[0136] eMBB focuses on overall improvements in data speed, latency, user density, and the capacity and coverage of mobile broadband access. eMBB aims for a throughput of approximately 10 Gbps. eMBB far surpasses basic mobile internet access and covers media and entertainment applications ranging from rich interactive tasks to cloud or augmented reality. Data is one of the core drivers of 5G, and dedicated voice services may not be seen for the first time in the 5G era. In 5G, voice is expected to be processed simply as an application using the data connection provided by the communication system. The main causes of the increased traffic volume are the growing size of content and the increase in the number of applications requiring high data transfer rates. Streaming services (audio and video), interactive video, and mobile internet connectivity will become more widely used as more devices connect to the internet. Many of these applications require always-on connectivity to push real-time information and notifications to users. Cloud storage and applications are growing rapidly on mobile communication platforms, applicable to both business and entertainment. Cloud storage is a specific use case driving the growth of uplink data transfer rates. 5G is also used for remote work in the cloud, requiring much lower end-to-end latency to maintain an excellent user experience when haptic interfaces are used. In entertainment, for example, cloud gaming and video streaming are another key factor increasing the demand for mobile broadband capabilities. Entertainment is essential on smartphones and tablets anywhere, including in highly mobile environments such as trains, cars, and airplanes. Other use cases include augmented reality for entertainment and information retrieval. Here, augmented reality requires very low latency and instantaneous data volumes.

[0137] mMTC is designed to enable communication between a large number of low-cost, battery-powered devices and is intended to support applications such as smart metering, logistics, field, and body sensors. mMTC aims for approximately 10 years of battery life and / or one million devices per square kilometer. mMTC enables seamless connectivity of embedded sensors across all sectors and is one of the most anticipated use cases for 5G. Potentially, the number of IoT devices is projected to reach 20.4 billion by 2020. Industrial IoT is one of the areas where 5G plays a key role in enabling smart cities, asset tracking, smart utilities, agriculture, and security infrastructure.

[0138] URLLC is ideal for automotive communications, industrial control, factory automation, remote operation, smart grids, and public safety applications by enabling devices and machines to communicate with high reliability, very low latency, and high availability. URLLC aims for a latency of approximately 1ms. URLLC encompasses new services that will transform industries through ultra-reliable / low-latency links, such as remote control of critical infrastructure and autonomous vehicles. Levels of reliability and latency are essential for smart grid control, industrial automation, robotics, and drone control and coordination.

[0139] Next, we will examine in more detail the multiple usage examples included within the triangle of Fig. 4.

[0140] 5G can complement Fiber-to-the-Home (FTTH) and cable-based broadband (or Docsis) as a means of providing streams rated at hundreds of megabits per second to gigabits per second. These high speeds may be required for virtual reality (VR) and augmented reality (AR), as well as for delivering TV at resolutions of 4K or higher (6K, 8K, and above). VR and AR applications include near-immersive sports matches. Certain applications may require special network configurations. For example, in the case of VR games, game companies may need to integrate core servers with the network operator's edge network servers to minimize latency.

[0141] The automotive sector is expected to become a significant new driving force for 5G, with numerous use cases for mobile communications within vehicles. For example, passenger entertainment requires both high capacity and high mobile broadband simultaneously. This is because future users will continue to expect high-quality connectivity regardless of their location or speed. Another use case in the automotive sector is the augmented reality dashboard. Through an augmented reality contrast board, drivers can identify objects in the dark overlaid on what they are seeing through the windshield. The augmented reality dashboard overlays information to inform the driver about the distance and movement of objects. In the future, wireless modules will enable communication between vehicles, information exchange between vehicles and supporting infrastructure, and information exchange between vehicles and other connected devices (e.g., devices accompanying pedestrians). Safety systems will allow drivers to drive more safely by guiding them to alternative courses of action, thereby reducing the risk of accidents. The next step will be remotely controlled vehicles or autonomous vehicles. This requires highly reliable and very fast communication between different autonomous vehicles and / or between vehicles and infrastructure. In the future, autonomous vehicles will perform all driving activities, allowing drivers to focus only on traffic anomalies that the vehicle itself cannot identify. The technical requirements for autonomous vehicles demand ultra-low latency and ultra-high reliability to increase traffic safety to a level that is unattainable by humans.

[0142] Smart cities and smart homes, referred to as a smart society, will be embedded with high-density wireless sensor networks. Distributed networks of intelligent sensors will identify conditions for maintaining the cost-effective and energy-efficient maintenance of the city or home. A similar setup can be implemented for each household. Temperature sensors, window and heating controllers, burglar alarms, and home appliances are all wirelessly connected. Many of these sensors typically require low data transmission rates, low power consumption, and low cost. However, for example, real-time HD video may be required by certain types of devices for surveillance.

[0143] The consumption and distribution of energy, including heat or gas, are becoming highly decentralized, requiring automated control of distributed sensor networks. Smart grids interconnect these sensors using digital information and communication technologies to collect information and act accordingly. Since this information may include the behavior of suppliers and consumers, smart grids can improve efficiency, reliability, economic viability, production sustainability, and the automated distribution of fuels such as electricity. Smart grids can also be viewed as other sensor networks with low latency.

[0144] The health sector possesses numerous applications that can benefit from mobile communications. Communication systems can support telemedicine, providing clinical care from remote locations. This helps reduce distance barriers and improves access to medical services that are not consistently available in remote rural areas. It is also used to save lives during critical medical care and emergencies. Mobile communication-based wireless sensor networks can provide remote monitoring and sensors for parameters such as heart rate and blood pressure.

[0145] Wireless and mobile communications are becoming increasingly important in industrial applications. Wiring involves high installation and maintenance costs. Therefore, the potential to replace cables with reconfigurable wireless links presents an attractive opportunity for many industries. However, achieving this requires wireless connections to operate with latency, reliability, and capacity comparable to cables, while also simplifying their management. Low latency and a very low probability of error are new requirements that 5G needs to meet.

[0146] Logistics and cargo tracking are important use cases for mobile communications that use location-based information systems to enable the tracking of inventory and packages anywhere. Use cases for logistics and cargo tracking typically require low data rates but may require wide coverage and reliable location information.

[0147] Hereinafter, examples of next-generation communication (e.g., 6G) that can be applied to the embodiments of various embodiments of the present disclosure will be described.

[0148]

[0149] 6G System General

[0150] The 6G (wireless communication) system aims for (i) very high data rates per device, (ii) a very large number of connected devices, (iii) global connectivity, (iv) very low latency, (v) reduced energy consumption of battery-free IoT devices, (vi) ultra-reliable connectivity, and (vii) connected intelligence with machine learning capabilities. The vision of the 6G system can be seen in four aspects: intelligent connectivity, deep connectivity, holographic connectivity, and ubiquitous connectivity, and the 6G system can satisfy the requirements shown in Table 1 below. In other words, Table 1 is a table representing an example of the requirements for a 6G system.

[0151]

[0152] Per device peak data rate1TbpsE2E latency1msMaximum spectral efficiency100bps / HzMobility supportUp to 1000km / hrSatellite integrationFullyAIFullyAutonomous vehicleFullyXRFullyHaptic CommunicationFully

[0153] 6G systems can have key factors such as enhanced mobile broadband (eMBB), ultra-reliable low latency communications (URLLC), massive machine-type communication (mMTC), AI integrated communication, tactile internet, high throughput, high network capacity, high energy efficiency, low backhaul and access network congestion, and enhanced data security.

[0154]

[0155] Figure 5 is a diagram illustrating an example of a communication structure that can be provided in a 6G system.

[0156] 6G systems are expected to have 50 times higher simultaneous wireless connectivity than 5G wireless communication systems. URLLC, a key feature of 5G, will become an even more dominant technology in 6G communication by providing end-to-end latency of less than 1ms. Unlike the frequently used area spectrum efficiency, 6G systems will exhibit significantly superior volume spectrum efficiency. 6G systems can provide very long battery life and advanced battery technologies for energy harvesting, meaning mobile devices in 6G systems will not require separate charging. New network characteristics in 6G may include the following.

[0157] - Satellite Integrated Network: 6G is expected to be integrated with satellites to provide a global mobile population. Integrating terrestrial, satellite, and airborne networks into a single wireless communication system is crucial for 6G.

[0158] - Connected Intelligence: Unlike previous generations of wireless communication systems, 6G is innovative and will update wireless evolution from "connected things" to "connected intelligence." AI can be applied at each stage of the communication process (or at each step of the signal processing described below).

[0159] - Seamless integration of wireless information and energy transfer: 6G wireless networks will transfer power to charge the batteries of devices such as smartphones and sensors. Therefore, wireless information and energy transfer (WIET) will be integrated.

[0160] - Ubiquitous Super 3D Connectivity: Connectivity to the network and core network functions of drones and very low Earth orbit satellites will create Super 3D connectivity in 6G ubiquitous.

[0161] Some general requirements regarding the new network characteristics of 6G mentioned above may be as follows.

[0162] - Small cell networks: The idea of ​​small cell networks was introduced to improve the quality of received signals in cellular systems as a result of increased throughput, energy efficiency, and spectrum efficiency. Consequently, small cell networks are an essential feature of communication systems for 5G and beyond 5G (5GB). Therefore, 6G communication systems also adopt the characteristics of small cell networks.

[0163] - Ultra-dense heterogeneous network: Ultra-dense heterogeneous networks will be another important characteristic of 6G communication systems. Multi-tier networks composed of heterogeneous networks improve overall QoS and reduce costs.

[0164] - High-capacity backhaul: Backhaul connections are characterized as high-capacity backhaul networks to support high-volume traffic. High-speed fiber optics and free-space optics (FSO) systems can be possible solutions to this problem.

[0165] - Radar technology integrated with mobile technology: High-precision localization (or location-based services) through communication is one of the functions of 6G wireless communication systems. Therefore, radar systems will be integrated with 6G networks.

[0166] - Softwarization and virtualization: Softwarization and virtualization are two important features that form the basis of the design process in 5GB networks to ensure flexibility, reconfigurability, and programmability. Additionally, billions of devices can be shared across a shared physical infrastructure.

[0167]

[0168] Core implementation technology of 6G systems

[0169]

[0170] Artificial Intelligence

[0171] The most critical and newly introduced technology for 6G systems is AI. AI was not involved in 4G systems. 5G systems will support AI partially or to a very limited extent. However, 6G systems will be supported by AI for complete automation. Advancements in machine learning will create more intelligent networks for real-time communication in 6G. Introducing AI into communications can streamline and enhance real-time data transmission. AI can determine how complex target tasks are performed using numerous analyses. In other words, AI can increase efficiency and reduce processing latency.

[0172] Time-consuming tasks such as handover, network selection, and resource scheduling can be performed instantly by using AI. AI can also play a significant role in M2M, machine-to-human, and human-to-machine communication. Furthermore, AI can enable rapid communication in Brain-Computer Interfaces (BCI). AI-based communication systems can be supported by metamaterials, intelligent structures, intelligent networks, intelligent devices, intelligent cognitive radios, self-sustaining wireless networks, and machine learning.

[0173] Recently, attempts to integrate AI with wireless communication systems have emerged, but these have primarily focused on the application layer and network layer, particularly deep learning in the field of wireless resource management and allocation. However, such research is increasingly advancing toward the MAC layer and physical layer, with attempts to combine deep learning with wireless transmission, particularly at the physical layer. AI-based physical layer transmission refers to the application of signal processing and communication mechanisms based on AI drivers rather than traditional communication frameworks in terms of fundamental signal processing and communication mechanisms. Examples include deep learning-based channel coding and decoding, deep learning-based signal estimation and detection, deep learning-based MIMO mechanisms, and AI-based resource scheduling and allocation.

[0174] Machine learning can be used for channel estimation and channel tracking, and for power allocation and interference cancellation in the physical layer of the downlink (DL). In addition, machine learning can be used for antenna selection, power control, and symbol detection in MIMO systems.

[0175] However, the application of DNNs for transmission at the physical layer may have the following problems.

[0176] Deep learning-based AI algorithms require a vast amount of training data to optimize training parameters. However, due to limitations in acquiring training data from specific channel environments, a large amount of offline training data is used. Consequently, static training on training data in specific channel environments can lead to contradictions between the dynamic characteristics and diversity of wireless channels.

[0177] Furthermore, current deep learning primarily targets real signals. However, signals at the physical layer of wireless communication are complex signals. Further research is needed on neural networks that detect complex domain signals to match the characteristics of wireless communication signals.

[0178] Below, we will take a closer look at machine learning.

[0179] Machine learning refers to a series of operations for training machines to create machines capable of performing tasks that humans can or find difficult to do. Machine learning requires data and learning models. Data learning methods in machine learning can be broadly classified into three types: supervised learning, unsupervised learning, and reinforcement learning.

[0180] The purpose of neural network training is to minimize output errors. It is a process that repeatedly inputs training data into a neural network, calculates the error between the network's output and the target for the training data, and updates the weights of each node by backpropagating the error from the output layer to the input layer in a direction that reduces the error.

[0181] Supervised learning uses training data with correct answers labeled, whereas unsupervised learning may not have correct answers labeled. That is, for example, in the case of supervised learning regarding data classification, the training data may consist of data where each training data point is labeled with a category. Labeled training data is input into a neural network, and an error can be calculated by comparing the network's output (category) with the labels of the training data. The calculated error is backpropagated within the neural network (i.e., from the output layer to the input layer), and through backpropagation, the connection weights of each node in each layer of the neural network can be updated. The amount of change in the connection weights of each node being updated can be determined by the learning rate. The neural network's calculations on the input data and the backpropagation of the error can constitute a learning cycle (epoch). The learning rate can be applied differently depending on the number of iterations of the neural network's learning cycle. For example, efficiency can be increased by using a high learning rate in the early stages of neural network training to enable the network to quickly achieve a certain level of performance, and accuracy can be improved by using a low learning rate in the later stages of training.

[0182] The learning method may vary depending on the characteristics of the data. For example, if the goal is to accurately predict data transmitted from the transmitting end at the receiving end in a communication system, it is desirable to perform learning using supervised learning rather than unsupervised learning or reinforcement learning.

[0183] Learning models correspond to the human brain, and while the most basic linear model can be considered, a machine learning paradigm that uses highly complex neural network structures, such as artificial neural networks, as learning models is called deep learning.

[0184] The neural network cores used for learning methods are broadly classified into deep neural networks (DNN), convolutional deep neural networks (CNN), and recurrent Boltzmann machines (RNN).

[0185] An artificial neural network is an example of connecting multiple perceptrons.

[0186]

[0187] Figure 6 is a schematic diagram illustrating an example of a perceptron structure.

[0188] Referring to Fig. 6, the entire process of inputting an input vector x=(x1,x2,...,xd), multiplying each component by a weight (W1,W2,...,Wd), summing all the results, and then applying an activation function σ(·) is called a perceptron. A large artificial neural network structure can also apply input vectors to different multi-dimensional perceptrons by extending the simplified perceptron structure illustrated in Fig. 6. For convenience of explanation, input or output values ​​are referred to as nodes.

[0189] Meanwhile, the perceptron structure illustrated in Fig. 6 can be described as consisting of a total of three layers based on input and output values. An artificial neural network can be represented as shown in Fig. 7, in which there are H (d+1) dimensional perceptrons between the 1st layer and the 2nd layer, and K (H+1) dimensional perceptrons between the 2nd layer and the 3rd layer.

[0190]

[0191] Figure 7 is a schematic diagram illustrating an example of a multilayer perceptron structure.

[0192] The layer where the input vector is located is called the input layer, the layer where the final output value is located is called the output layer, and all layers located between the input and output layers are called hidden layers. Although the example in Fig. 7 shows three layers, the input layer is excluded when counting the actual number of layers in an artificial neural network, so it can be viewed as having a total of two layers. An artificial neural network is constructed by connecting perceptrons of basic blocks in a two-dimensional manner.

[0193] The aforementioned input layer, hidden layer, and output layer can be applied not only to multilayer perceptrons but also to various artificial neural network structures such as CNNs and RNNs, which will be described later. As the number of hidden layers increases, the artificial neural network becomes deeper, and the machine learning paradigm that uses a sufficiently deep artificial neural network as a learning model is called Deep Learning. In addition, the artificial neural network used for Deep Learning is called a Deep Neural Network (DNN).

[0194]

[0195] Figure 8 is a schematic diagram illustrating an example of a deep neural network.

[0196] The deep neural network illustrated in Fig. 8 is a multilayer perceptron composed of eight hidden layers plus eight output layers. The structure of the multilayer perceptron is referred to as a fully-connected neural network. In a fully-connected neural network, there are no connections between nodes located in the same layer, and connections exist only between nodes located in adjacent layers. A DNN has a fully-connected neural network structure and is composed of a combination of multiple hidden layers and activation functions, which can be usefully applied to identify correlation characteristics between inputs and outputs. Here, correlation characteristics may refer to the joint probability of the input and output.

[0197] Meanwhile, depending on how multiple perceptrons are connected to each other, various artificial neural network structures different from the aforementioned DNN can be formed.

[0198]

[0199] Figure 9 is a schematic diagram illustrating an example of a convolutional neural network.

[0200] In a DNN, nodes located within a single layer are arranged in a one-dimensional vertical direction. However, Figure 9 assumes a case where nodes are arranged two-dimensionally, with w nodes horizontally and h nodes vertically (the convolutional neural network structure of Figure 9). In this case, since a weight is applied for each connection during the connection process from a single input node to a hidden layer, a total of hYw weights must be considered. Since there are hYw nodes in the input layer, a total of h2w2 weights are required between two adjacent layers.

[0201] The convolutional neural network of Fig. 9 has a problem in which the number of weights increases exponentially with the number of connections. Therefore, instead of considering all mode connections between adjacent layers, it is assumed that there are small filters, and weighted sum and activation function operations are performed on the parts where filters overlap, as shown in Fig. 10.

[0202]

[0203] Figure 10 is a schematic diagram illustrating an example of a filter operation in a convolutional neural network.

[0204] A single filter has weights corresponding to its size, and the weights can be trained to extract and output specific features on an image as factors. In Fig. 10, a filter of size 3Y3 is applied to the top-left 3Y3 region of the input layer, and the output value resulting from the weighted sum and activation function operation for the corresponding node is stored in z22.

[0205] The above filter performs weighted sum and activation function operations while scanning the input layer and moving by a fixed interval horizontally and vertically, and places the output value at the current filter position. This method of operation is similar to the convolution operation on images in the field of computer vision, so a deep neural network with this structure is called a convolutional neural network (CNN), and the hidden layer generated as a result of the convolution operation is called a convolutional layer. In addition, a neural network having multiple convolutional layers is called a deep convolutional neural network (DCNN).

[0206] In the convolution layer, the number of weights can be reduced by calculating a weighted sum that includes only the nodes located within the area covered by the filter, starting from the node where the current filter is located. As a result, a single filter can be utilized to focus on features of a local area. Accordingly, CNNs can be effectively applied to image data processing where physical distance in a 2D area serves as an important judgment criterion. Meanwhile, multiple filters can be applied immediately before the convolution layer in a CNN, and multiple output results can be generated through the convolution operation of each filter.

[0207] Meanwhile, depending on the data attributes, there may be data where sequence characteristics are important. A structure that applies a method to an artificial neural network in which elements of the data sequence are input one by one at each timestep, taking into account the length variability and sequence relationships of such sequence data, and the output vector (hidden vector) of the hidden layer output at a specific timestep is input along with the next element in the sequence is called a recurrent neural network structure.

[0208]

[0209] Figure 11 is a schematic diagram illustrating an example of a neural network structure in which a recurrent loop exists.

[0210] Referring to Fig. 11, the recurrent neural network (RNN) is structured such that, in the process of inputting elements (x1(t), x2(t), ..., xd(t)) of a time point t in a data sequence into a fully connected neural network, the previous time point t-1 is input along with the hidden vector (z1(t-1), z2(t-1), ..., zH(t-1)), and a weighted sum and activation function are applied. The reason for passing the hidden vector to the next time point in this manner is that the information in the input vectors from previous time points is considered to be accumulated in the hidden vector of the current time point.

[0211]

[0212] Figure 12 is a schematic diagram illustrating an example of the operational structure of a recurrent neural network.

[0213] Referring to Fig. 12, the recurrent neural network operates on the input data sequence in a predetermined time sequence.

[0214] When the input vector (x1(t), x2(t), ..., xd(t)) at time point 1 is input into the recurrent neural network, the hidden vector (z1(1), z2(1), ..., zH(1)) is input together with the input vector (x1(2), x2(2), ..., xd(2)) at time point 2, and the vector (z1(2), z2(2), ..., zH(2)) of the hidden layer is determined through a weighted sum and activation function. This process is performed repeatedly up to time point 2, time point 3, ..., time point T.

[0215] Meanwhile, when multiple hidden layers are placed within a recurrent neural network, it is called a deep recurrent neural network (DRNN). Recurrent neural networks are designed to be usefully applied to sequence data (e.g., natural language processing).

[0216] In addition to DNN, CNN, and RNN, it includes various deep learning techniques such as Restricted Boltzmann Machine (RBM), Deep Belief Networks (DBN), and Deep Q-Network as neural network cores used for learning, and can be applied in fields such as computer vision, speech recognition, natural language processing, and speech / signal processing.

[0217] Recently, attempts to integrate AI with wireless communication systems have emerged, but these have primarily focused on the application layer and network layer, particularly deep learning in the field of wireless resource management and allocation. However, such research is increasingly advancing toward the MAC layer and physical layer, with attempts to combine deep learning with wireless transmission, particularly at the physical layer. AI-based physical layer transmission refers to the application of signal processing and communication mechanisms based on AI drivers rather than traditional communication frameworks in terms of fundamental signal processing and communication mechanisms. Examples include deep learning-based channel coding and decoding, deep learning-based signal estimation and detection, deep learning-based MIMO mechanisms, and AI-based resource scheduling and allocation.

[0218] THz (Terahertz) communication

[0219] Data transmission rates can be increased by expanding bandwidth. This can be achieved by using sub-THz communication with wide bandwidth and applying advanced large-scale MIMO technology. THz waves, also known as sub-millimeter radiation, generally refer to a frequency band between 0.1 THz and 10 THz with corresponding wavelengths ranging from 0.03 mm to 3 mm. The 100 GHz–300 GHz band range (Sub-THz band) is considered the primary portion of the THz band for cellular communication. Adding the Sub-THz band to the mmWave band increases 6G cellular communication capacity. Among the defined THz bands, the 300 GHz–3 THz band is located in the far-infrared (IR) frequency band. Although the 300 GHz–3 THz band is part of the broadband, it lies at the boundary of the broadband and immediately following the RF band. Therefore, this 300 GHz–3 THz band exhibits similarities to RF.

[0220]

[0221] Figure 13 is a diagram illustrating an example of an electromagnetic spectrum.

[0222] Key characteristics of THz communication include (i) widely available bandwidth to support very high data transmission rates, and (ii) high path loss occurring at high frequencies (highly directional antennas are indispensable). The narrow beam width generated by highly directional antennas reduces interference. The small wavelength of THz signals allows a much larger number of antenna elements to be integrated into devices and BSs operating in this band. This enables the use of advanced adaptive array technologies that can overcome range limitations.

[0223] Optical wireless technology

[0224] OWC technology has been planned for 6G communication in addition to RF-based communication for all possible device-to-access networks. These networks connect to network-to-backhaul / fronthaul network connections. Although OWC technology has already been in use since 4G communication systems, it will be used more widely to meet the demands of 6G communication systems. OWC technologies such as light fidelity, visible light communication, optical camera communication, and broadband-based FSO communication are already well-known technologies. Communication based on optical radio technology can provide very high data rates, low latency, and secure communication. LiDAR can also be utilized for ultra-high resolution 4D mapping in 6G communication based on broadband.

[0225] FSO Backhaul Network

[0226] The transmitter and receiver characteristics of an FSO system are similar to those of a fiber optic network. Therefore, data transmission in an FSO system is similar to that of a fiber optic system. Consequently, FSO can be a good technology for providing backhaul connectivity in 6G systems in conjunction with fiber optic networks. Using FSO enables very long-distance communication over distances of more than 10,000 km. FSO supports high-capacity backhaul connectivity for remote and non-remote areas such as the ocean, space, underwater, and isolated islands. FSO also supports cellular backhaul connectivity.

[0227] Massive MIMO technology

[0228] One of the key technologies for improving spectrum efficiency is the application of MIMO technology. As MIMO technology improves, spectrum efficiency also improves. Therefore, large-scale MIMO technology will be important in 6G systems. Since MIMO technology utilizes multiple paths, multiplexing technology and beam generation and operation technology suitable for the THz band must also be given important consideration to enable data signals to be transmitted through one or more paths.

[0229] blockchain

[0230] Blockchain will become a critical technology for managing massive amounts of data in future communication systems. As a form of distributed ledger technology, a distributed ledger is a database distributed across numerous nodes or computing devices. Each node replicates and stores an identical copy of the ledger. Blockchain is managed via a peer-to-peer (P2P) network and can exist without being managed by a centralized authority or server. Data in a blockchain is collected together and organized into blocks. These blocks are linked together and protected using encryption. Blockchain inherently complements large-scale IoT perfectly through enhanced interoperability, security, privacy, stability, and scalability. Therefore, blockchain technology provides various capabilities such as inter-device interoperability, large-scale data traceability, autonomous interaction with other IoT systems, and the large-scale connectivity stability of 6G communication systems.

[0231] 3D Networking

[0232] 6G systems integrate terrestrial and air networks to support vertically scalable user communications. 3D BS will be provided via low-orbit satellites and UAVs. By adding new dimensions in terms of altitude and associated degrees of freedom, 3D connectivity differs significantly from existing 2D networks.

[0233] Quantum communication

[0234] Unsupervised reinforcement learning of networks is promising in the context of 6G networks. Supervised learning methods cannot label the vast amount of data generated in 6G. Unsupervised learning does not require labeling. Therefore, this technology can be used to autonomously construct representations of complex networks. Combining reinforcement learning and unsupervised learning enables the operation of networks in a truly autonomous manner.

[0235] unmanned aerial vehicles

[0236] Unmanned Aerial Vehicles (UAVs) or drones will become a critical element in 6G wireless communication. In most cases, high-speed data wireless connectivity is provided using UAV technology. BS entities are installed on UAVs to provide cellular connectivity. UAVs possess specific capabilities not found in fixed BS infrastructure, such as easy deployment, robust line-of-sight links, and controlled degrees of freedom for mobility. During emergencies, such as natural disasters, the deployment of ground communication infrastructure is not economically feasible, and sometimes services cannot be provided in volatile environments. UAVs can easily handle these situations. UAVs will become a new paradigm in the field of wireless communication. This technology facilitates the three fundamental requirements of wireless networks: eMBB, URLLC, and mMTC. UAVs can also support various purposes, such as enhancing network connectivity, fire detection, disaster emergency services, security and surveillance, pollution monitoring, parking monitoring, and accident monitoring. Therefore, UAV technology is recognized as one of the most critical technologies for 6G communication.

[0237] Cell-free Communication

[0238] The tight integration of multiple frequencies and heterogeneous communication technologies is critical to 6G systems. Consequently, users can seamlessly move from one network to another without the need for any manual configuration on their devices. The best network among available communication technologies is automatically selected. This will break the limitations of the cellular concept in wireless communication. Currently, user movement from one cell to another in high-density networks causes excessive handovers, leading to handover failures, delays, data loss, and the "ping-pong" effect. 6G cell-free communication will overcome all of these issues and provide better QoS. Cell-free communication will be achieved through multi-connectivity and multi-tier hybrid technologies, as well as different heterogeneous radios on devices.

[0239] Wireless Information and Energy Transmission Integration

[0240] WIET uses the same fields and waves as wireless communication systems. In particular, sensors and smartphones will be charged using wireless power transmission during communication. WIET is a promising technology for extending the lifespan of wireless battery charging systems. Therefore, devices without batteries will be supported in 6G communication.

[0241] Integration of Sensing and Communication

[0242] Autonomous wireless networks are capable of continuously detecting dynamically changing environmental conditions and exchanging information between different nodes. In 6G, sensing will be tightly integrated with communication to support autonomous systems.

[0243] Integration of access backhaul networks

[0244] In 6G, the density of access networks will be enormous. Each access network will be connected via backhaul connections such as fiber optics and FSO networks. To cope with a very large number of access networks, there will be tight integration between access and backhaul networks.

[0245] Holographic beam forming

[0246] Beamforming is a signal processing procedure that adjusts an antenna array to transmit wireless signals in a specific direction. It is a subset of smart antennas or advanced antenna systems. Beamforming technology offers several advantages, such as a high call-to-noise ratio, interference prevention and rejection, and high network efficiency. Holographic Beamforming (HBF) is a new beamforming method that differs significantly from MIMO systems because it utilizes software-defined antennas. HBF will be a highly effective approach for the efficient and flexible transmission and reception of signals in multi-antenna communication devices in 6G.

[0247] Big data analysis

[0248] Big data analysis is a complex process for analyzing various large-scale data sets or big data. This process ensures perfect data management by uncovering information such as hidden data, unknown correlations, and customer preferences. Big data is collected from various sources, such as video, social networks, images, and sensors. This technology is widely used to process vast amounts of data in 6G systems.

[0249] Large Intelligent Surface (LIS)

[0250] THz band signals exhibit strong directivity, which can lead to numerous dead zones caused by obstacles. Consequently, LIS technology becomes important as it allows for the expansion of communication coverage, enhanced communication stability, and the provision of additional value-added services by installing LIS near these dead zones. An LIS is an artificial surface made of electromagnetic materials capable of altering the propagation of incoming and outgoing radio waves. While LIS can be viewed as an extension of massive MIMO, it differs from massive MIMO in its array structure and operational mechanism. Furthermore, LIS offers the advantage of low power consumption because it operates as a reconfigurable reflector with passive elements—that is, by passively reflecting signals without using an active RF chain. Additionally, since each passive reflector in an LIS must independently adjust the phase shift of the incident signal, this can be advantageous for wireless communication channels. By appropriately adjusting the phase shift through the LIS controller, the reflected signal can be collected at the target receiver to boost the received signal power.

[0251]

[0252] Terahertz (THz) wireless communication general

[0253]

[0254] THz wireless communication utilizes THz waves with a frequency of approximately 0.1 to 10 THz (1 THz = 10¹² Hz) for wireless communication, and can refer to terahertz (THz) band wireless communication using very high carrier frequencies of 100 GHz or higher. THz waves are located between the RF (Radio Frequency) / millimeter (mm) and infrared bands, and (i) they penetrate non-metallic / non-polar materials well compared to visible light / infrared light, and because their wavelengths are shorter than RF / millimeter waves, they have high directivity and can be beam focused. In addition, since the photon energy of THz waves is only a few meV, they have the characteristic of being harmless to the human body. The frequency bands expected to be used for THz wireless communication may be the D-band (110 GHz–170 GHz) or H-band (220 GHz–325 GHz) bands, which have low propagation loss due to molecular absorption in the air. Standardization discussions regarding THz wireless communication are being conducted primarily by the IEEE 802.15 THz working group in addition to 3GPP, and standard documents published by the IEEE 802.15 Task Group (TG3d, TG3e) may elaborate on or supplement the contents described in the various embodiments of this disclosure. THz wireless communication can be applied to wireless cognition, sensing, imaging, wireless communication, THz navigation, etc.

[0255]

[0256] Figure 14 is a diagram illustrating an example of a THz communication application.

[0257] As illustrated in FIG. 14, THz wireless communication scenarios can be classified into macro networks, micro networks, and nanoscale networks. In macro networks, THz wireless communication can be applied to vehicle-to-vehicle connections and backhaul / fronthaul connections. In micro networks, THz wireless communication can be applied to fixed point-to-point or multi-point connections, such as indoor small cells and wireless connections in data centers, and near-field communication, such as kiosk downloading.

[0258] Table 2 below shows an example of a technology that can be used in THz waves.

[0259] Transceivers DeviceAvailable immature: UTC-PD, RTD and SBDModulation and CodingLow order modulation techniques (OOK, QPSK), LDPC, Reed Soloman, Hamming, Polar, TurboAntennaOmni and Directional, phased array with low number of antenna elementsBandwidth69GHz (or 23 GHz) at 300GHzChannel modelsPartiallyData rate100GbpsOutdoor deploymentNoFree space lossHighCoverageLowRadio Measurements300GHz indoorDevice sizeFew micrometers

[0260]

[0261] THz wireless communication can be classified based on the methods for generating and receiving THz. THz generation methods can be classified into optical or electronic device-based technologies.

[0262]

[0263] FIG. 15 is a diagram illustrating an example of an electronic device-based THz wireless communication transceiver.

[0264] Methods for generating THz using electronic components include using semiconductor devices such as Resonant Tunneling Diodes (RTDs), using local oscillators and multipliers, using Monolithic Microwave Integrated Circuits (MMICs) based on compound semiconductor High Electron Mobility Transistors (HEMTs), and using Si-CMOS based integrated circuits. In the case of Fig. 15, a doubler, tripler, or multiplier is applied to increase the frequency, and the signal passes through a subharmonic mixer and is radiated by the antenna. Since the THz band forms high frequencies, a multiplier is essential. Here, the multiplier is a circuit that produces an output frequency N times that of the input, matches it to the desired harmonic frequency, and filters out all other frequencies. Additionally, beamforming may be implemented by applying an array antenna or similar device to the antenna in Fig. 15. In Fig. 15, IF represents the intermediate frequency, tripler and multipler represent multipliers, PA represents the power amplifier, LNA represents the low noise amplifier, and PLL represents the phase-locked loop.

[0265]

[0266] FIG. 16 is a diagram illustrating an example of a method for generating a THz signal based on an optical element.

[0267] FIG. 17 is a diagram illustrating an example of a THz wireless communication transceiver based on an optical element.

[0268] Optical device-based THz wireless communication technology refers to a method of generating and modulating THz signals using optical devices. Optical device-based THz signal generation technology is a technique that generates ultra-high-speed optical signals using lasers and optical modulators, and converts them into THz signals using ultra-high-speed photodetectors. Compared to technology that uses only electronic devices, this technology makes it easier to increase the frequency, enables the generation of high-power signals, and allows for flat response characteristics over a wide frequency band. To generate optical device-based THz signals, a laser diode, a broadband optical modulator, and an ultra-high-speed photodetector are required, as shown in Fig. 16. In the case of Fig. 16, light signals from two lasers with different wavelengths are combined to generate a THz signal corresponding to the wavelength difference between the lasers. In FIG. 16, an optical coupler refers to a semiconductor device that uses light waves to transmit electrical signals in order to provide coupling with electrical isolation between circuits or systems, and a Uni-Travelling Carrier Photo-Detector (UTC-PD) is a type of photodetector that uses electrons as active carriers and reduces the electron travel time through bandgap grading. The UTC-PD is capable of photodetect at 150 GHz or higher. In FIG. 17, an Erbium-Doped Fiber Amplifier (EDFA) represents an erbium-doped fiber amplifier, a Photo Detector (PD) represents a semiconductor device capable of converting optical signals into electrical signals, an Optical Sub Assembly (OSA) represents an optical module that modularizes various optical communication functions (photoelectric conversion, electro-optical conversion, etc.) into a single component, and a Digital Storage Oscilloscope (DSO) represents a digital storage oscilloscope.

[0269]

[0270] The structure of a photoelectric converter (or photoelectric converter) is described with reference to FIGS. 18 and 19.

[0271] FIG. 18 is a diagram illustrating the structure of a photonic source-based transmitter.

[0272] Figure 19 is a diagram illustrating the structure of an optical modulator.

[0273] Generally, the phase of a signal can be changed by passing an optical source of a laser through an optical wave guide. At this time, data is carried by changing electrical characteristics through a microwave contact, etc. Therefore, the optical modulator output is formed as a modulated waveform. An O / E converter can generate THz pulses based on optical rectification by a nonlinear crystal, O / E conversion by a photoconductive antenna, and emission from a bundle of relativistic electrons. Terahertz pulses generated in the above manner can have lengths ranging from femtoseconds to picoseconds. The photoelectric converter (O / E converter) performs down-conversion by utilizing the non-linearity of the device.

[0274] When considering the usage of the terahertz spectrum, it is highly likely that multiple contiguous GHz bands will be used for fixed or mobile service applications for terahertz systems. According to outdoor scenario criteria, available bandwidth can be classified based on an oxygen attenuation of 10^2 dB / km in the spectrum up to 1 THz. Accordingly, a framework in which the available bandwidth is composed of multiple band chunks can be considered. As an example of the above framework, if the length of a terahertz pulse (THz pulse) for a single carrier is set to 50 ps, ​​the bandwidth (BW) becomes approximately 20 GHz.

[0275] Effective down-conversion from the infrared (IR) band to the terahertz (THz) band depends on how the nonlinearity of the photoelectric converter (O / E converter) is utilized. In other words, to achieve down-conversion to the desired terahertz band, it is required to design an O / E converter with the most ideal nonlinearity for transferring to that specific band. If an O / E converter that does not match the target frequency band is used, there is a high probability of errors occurring regarding the amplitude and phase of the corresponding pulse.

[0276] In a single-carrier system, a terahertz transceiver system can be implemented using a single photoelectric converter. Depending on the channel environment, in a multi-carrier system, as many photoelectric converters as there are carriers may be required. This phenomenon will be particularly pronounced in multi-carrier systems utilizing multiple broadbands according to the plans related to the aforementioned spectrum applications. In this regard, a frame structure for the multi-carrier system may be considered. A signal down-frequency converted based on a photoelectric converter can be transmitted in a specific resource region (e.g., a specific frame). The frequency domain of the specific resource region may include multiple chunks. Each chunk may consist of at least one component carrier (CC).

[0277]

[0278] Detailed description of various embodiments of the present disclosure

[0279] Various embodiments of the present disclosure will be described in more detail below.

[0280] The present disclosure relates to an apparatus and method for performing transport layer security based on a quantum public key infrastructure in a quantum communication system.

[0281]

[0282] Background art for various embodiments of the present disclosure

[0283] Quantum Communication

[0284] Quantum communication is a next-generation communication technology that applies quantum mechanical properties to the field of information and communications to overcome the limitations of existing technologies, such as security and ultra-high-speed computing. Quantum communication provides a means to generate, transmit, process, and store information that cannot be represented in the form of 0 and 1 based on binary bits used in conventional communication technologies, or that is difficult to represent. While conventional communication technologies utilize wavelength or amplitude for information transmission between a transmitter and a receiver, quantum communication, in contrast, utilizes photons—the smallest unit of light—for this purpose. In particular, since quantum uncertainty and quantum irreversibility can be applied to the polarization or phase difference of photons (light), quantum communication possesses the characteristic of enabling communication with guaranteed perfect security. Furthermore, under specific conditions, quantum communication may enable ultra-high-speed communication by utilizing quantum entanglement.

[0285] Quantum Communication (QC) is defined as a communication system capable of exchanging information by utilizing the quantum properties of Quantum Physics. A QC system uses wired or wireless communication environments to transmit the intended quantum information to a receiver via a quantum channel. As a foundational technology constituting the Quantum Internet, QC is utilized to transmit quantum information between quantum nodes.

[0286]

[0287] Figure 20 is a diagram illustrating an example of a general scenario of quantum communication.

[0288] In FIG. 20, the Quantum Channel can be configured via wired connections through fiber optics or wireless connections through free space, and transmits Qubit information through the direct transmission of Single / Multiple Photons formed at the transmitting end or through Quantum Teleportation between Nodes that share Entanglement Resources. The Quantum Channel can be configured as a single hop or multiple hops as a medium for transmitting Qubit information in a Quantum Network composed of multiple Quantum Processors.

[0289] The technology group of Quantum Communication can be divided into Quantum Communication for Classical Bit (QC4Cbit) and Quantum Communication for Quantum Bit (QC4Qbit), which correspond to the information exchange technology group of Quantum Communication, and Quantum Network, which corresponds to the Infra Network support technology group for supporting Quantum Communication.

[0290] Information in QC includes both Bit information, the basic unit of Classical Information, and Qubit information (Quantum Bit), the basic unit of Quantum Information.

[0291]

[0292] FIG. 21 is a diagram illustrating an example of quantum communication for classical bits and quantum communication for quantum bits in a system applicable to the present disclosure.

[0293] QC can be classified into Quantum Communication for Classical Bit (QC4Cbit) and Quantum Communication for Quantum Bit (QC4Qbit) depending on the type of information to be transmitted. QC4Cbit converts the Classical Bit information to be transmitted (with or without applying reliability enhancement technologies such as Channel Encoder) into Qubit Basis (or Computation Basis) using a Quantum Encoder. In this process, the Classical Bit information 0 or 1 is Qubit Basis or It is converted into. The above Qubit Basis is logical information about the Quantum state and can be formed by a physical Quantum Basis. For example, at the transmitting and receiving ends, the Qubit Basis is formed from Horizontal Polarization and Vertical Polarization as the Quantum Basis. class It is possible to agree upon them in correspondence. The Qubit Basis generated at the transmitting end is transmitted to the receiving end via a Quantum Channel, and the Quantum Decoder at the receiving end decrypts the Qubit Basis by performing a measurement using the pre-agreed Quantum Basis. The measured Qubit Basis is then corresponded to Classical Bit information (with or without applying reliability enhancement techniques such as Channel Decoder), thereby obtaining the desired information. Assuming that the Qubit state is determined based on multiple Qubit Basis, the receiving end can obtain information deterministically or probabilistically depending on which Qubit Basis is used for the measurement. Based on these characteristics, technology groups such as Quantum Key Distribution in quantum cryptography and Quantum Secure Direct Communication in quantum direct communication can provide security between the transmitting and receiving ends.

[0294] QC4Qbit is a Qubit State generated by the transmitting end's Quantum Processor. It refers to a method in which it is transmitted to the receiver via a Quantum Channel, and the receiver uses the received Qubit State according to its purpose. In QC4Qbit, the Qubit State received by the receiver When using in a Quantum Processor, Qubit State without Measurement It can be used depending on the purpose. The Qubit State transmitted at this time It is a superposition state of Qubit Basis and generally It can be expressed as. In this case, the Qubit Basis is class and α and β are Probability Amplitudes, and It has a relationship. The method of transmitting Qubit State generated in a Quantum Processor can be done by converting it into Photon and transmitting it directly, or by performing quantum teleportation based on an Entanglement Source shared between the transmitting and receiving ends in advance.

[0295] A Quantum Network is a medium that enables the exchange of quantum states between two physically separated quantum processors. The components constituting a Quantum Network include Quantum Channels, where quantum states are exchanged; Quantum Repeaters, which connect these channels; and Quantum Processors, which serve as the entities responsible for information exchange. Quantum Channels can be constructed through physical channels that transmit target Qubits based on Photons, and through Entanglements shared by two nodes. In this process, intermediate nodes, such as Quantum Repeaters or Trusted Nodes, may be introduced to transmit quantum information between nodes that do not directly share an Entanglement. The group of Quantum Network technologies, serving as infrastructure support technologies for Quantum Communication, includes Quantum Resource Allocation (QRA) technologies for forming Quantum Channels, as well as user authentication (e.g., Quantum Authentication) and data authentication (Quantum Signature) technologies that provide security between transmitting and receiving nodes.

[0296] Here, quantum cryptography refers to a communication method in which the exchange of secret cryptographic keys is securely performed between spatially separated senders and receivers, and encrypted communication is conducted between the senders and receivers using the exchanged secret keys. Additionally, direct quantum communication refers to a communication method in which classical message information to be transmitted is securely shared directly through a quantum channel. Furthermore, quantum teleportation refers to a communication method in which quantum information itself is shared through a quantum entanglement channel.

[0297] Below, we will explain the characteristics of quantum information that form the basis of quantum communication, quantum cryptography, direct quantum communication, quantum teleportation, and other technologies related to quantum communication.

[0298]

[0299] Characteristics of quantum information

[0300] Since quantum communication is a means of transmitting quantum information, this section examines the characteristics of quantum information. The quantum bit, or qubit, is used as the basic unit of information in quantum information systems. A quantum system is a linear system defined in Hilbert space, and a qubit can be represented using state vectors in Hilbert space.

[0301] (1) Superposition

[0302] A characteristic of quantum information compared to conventional digital information is that information can be superimposed. In conventional digital systems, the bit, the smallest unit for processing information, holds a value of one of two different states: '0' or '1'. On the other hand, a qubit can have multiple different states in Hilbert space and can exist in a superposition state where these different states overlap. A qubit is an orthogonally normalized basis state vector existing in Hilbert space. class It can be expressed as [Mathematical Formula 1] below using [...].

[0303]

[0304] Here, and In each case, when the qubits associated with a and b are measured, the qubit states after the measurement are respectively and It represents the probability of this occurring. As shown in the formula above, the state of information in a quantum system exists probabilistically, and even if two pieces of quantum information existing in two quantum systems of the same state are measured using the exact same method, the results may differ. In other words, since quantum information in a quantum system is composed of probabilities, the result of a measurement cannot be accurately predicted. The moment a qubit is measured, it collapses into one of its superposition states. That is, before a qubit is measured, it exists in a superposition of 0 and 1, but the moment it is measured, the qubit's state becomes fixed as either 0 or 1. Furthermore, once a qubit is measured, its state cannot return to the state prior to the measurement.

[0305] (2) Entanglement

[0306] Another characteristic of quantum information is entanglement, a property that plays a crucial role in differentiating quantum systems from classical information. Entanglement refers to a state where the results of different observations are closely related to one another. The entangled state in a quantum system acts more strongly than any correlation existing in classical mechanics. Two qubits can be represented in Hilbert space as a superposition of four fundamental quantum states. Here, the aforementioned four fundamental quantum states are It includes. The fundamental quantum states of two qubits can be represented through tensor operations on the fundamental states of individual qubits. When the states of two qubits cannot be represented by the tensor product of a single qubit, such qubit states are called entangled states. As representative examples of entangled qubits, there are four cases referred to as EPR (Einstein-Podolsky-Rosen) states, which are as shown in [Equation 2] below.

[0307]

[0308] The above EPR state is also called the Bell state, and in each qubit, the measurement result of the preceding qubit always affects the measurement of the following qubit. Furthermore, each Bell state is orthogonal to other Bell states.

[0309] (3) Non-cloning property

[0310] The non-copyable characteristic means that qubit information cannot be copied in a closed quantum information system. For example, assuming two memories capable of storing bit information in a conventional information system, the first memory stores arbitrary bit information 'a' having a value of either 0 or 1, and the second memory is initialized to '0'. In the case of a conventional information system, the state of the two memories can be changed from 'a0' to 'aa' through a copy operation. Conversely, assuming two memories capable of storing qubit information in a quantum information system, the first memory is It is initialized to, and the second memory is It is initialized to. In the case of a quantum information system, the memory state is ' 'at ' It cannot be copied. Due to this characteristic, it is impossible to implement copy-based iteration codes for error correction code design in quantum information systems.

[0311] (4) Continuity of errors

[0312] In conventional information systems, information consists of '0' and '1', and errors are represented when '0' changes to '1' or '1' changes to '0'. Qubit It can be thought of as a single point existing on the surface of a Bloch sphere; when an error occurs in a qubit in a conventional information system, it is called a bit flip error. Such an error means that the value of 'a' changes to the value of 'b', which implies that when measuring a qubit, the measurement probability has changed from the initial value due to the error. Other forms of errors different from those in conventional information systems include class There is a phase flip error in which the phase between them changes by 180 degrees. Since all points on the sphere where qubits exist exist continuously, errors in quantum information systems have a continuous nature, which means that in addition to bit flip errors and phase flip errors, the quantum state can change to any point on the sphere.

[0313] FIG. 22 is a diagram illustrating an example of three basic properties of quantum information that can be used for information communication in a system applicable to the present disclosure.

[0314] Among the characteristics of quantum information described above, the three properties of quantum information that can be used in information communication can be summarized as shown in Fig. 22.

[0315] (5) Decay of quantum information by measurement

[0316] Quantum information exists probabilistically, and at the moment of measurement, it decays into the ground state and cannot be restored to the state prior to measurement. FIG. 22 is a diagram illustrating the process of measuring quantum information by a measurement operator. In FIG. 22, the quantum information after measurement is the probability |a| 2 and |b| 2 Depending on this, it decays into one of the base states that constitute the information. The decayed information does not contain the information of 'a' or 'b' and cannot return to the state prior to measurement. From the perspective of quantum error correction codes, in order to apply quantum error correction codes in a quantum information system, codewords must be generated without measuring the information during the process of encoding and restoring the information, or without measurements that would alter the information, and the information must be restored from errors that occurred in the channel.

[0317]

[0318] quantum cryptography communication

[0319] As previously explained, quantum cryptography communication refers to a method in which secret cryptographic keys are exchanged between spatially separated senders and receivers, and encrypted communication is performed between them using the exchanged secret keys. In next-generation communication technologies, the security of information may be treated as more important than the transmission speed or efficiency of information transmission. Information protection aims to ensure that the original information cannot be identified even if it is exposed; to achieve this objective, encryption and decryption technologies, represented by encryption key generation and management technologies, are utilized, and quantum cryptography can be applied to these encryption and decryption processes. More specifically, quantum communication refers to the process of transmitting information contained in a quantum state from a sender to a receiver. In this case, the information contained in the quantum state may be binary digital information consisting of 0 or 1, or information in which 0 and 1 are superimposed. In particular, in the case of quantum communication where binary information of 0 and 1 is transmitted in a quantum state, if someone intercepts the binary information transmitted from the sender to the receiver, the receiver immediately recognizes the presence of the interceptor, and based on this immediate recognition of the interceptor, the receiver can stop the communication and take appropriate measures to avoid interception. Quantum cryptography is the application of these characteristics of quantum communication to the transmission of cryptographic keys, and reflecting the characteristic that the sender and receiver share the cryptographic key generated by applying the characteristics of quantum communication to the transmission of cryptographic keys, the above method can be referred to as Quantum Key Distribution (QKD).

[0320] Below, we will examine the protocol for quantum cryptographic key distribution and the post-processing steps for quantum key distribution.

[0321] (1) Quantum Key Distribution Protocol (QKD protocol)

[0322] Conventional cryptographic systems are based on the computational complexity of prime factorization algorithms; therefore, if an eavesdropper using a quantum computing device—which offers significantly faster processing speeds than conventional computing devices—is present, there is a risk of cryptographic keys being exposed due to eavesdropping during the key distribution process. Since quantum key distribution methods are based on the quantum uncertainty principle, the risk of cryptographic keys being intercepted by an eavesdropper can be completely eliminated. In the case of quantum information, quantum bits (qubits) are used as the unit of information, and when implementing quantum key distribution, qubits for distribution are realized using single photons. Photons have the advantage of being highly suitable for long-distance communication as they interact almost exclusively with each other.

[0323] The BB84 protocol, one of the representative quantum cryptography key distribution protocols, is constructed based on the uncertainty principle. Therefore, according to the BB84 protocol, if the information transmitted by the sender (Alice) to the receiver (Bob) during the key distribution process is intercepted by an eavesdropper (Eve), traces of the interception will remain in the information received by the receiver (Bob), and through this, the receiver (Bob) can know that the information has been intercepted.

[0324] The general operation of the BB84 protocol is as follows.

[0325] 1) The transmitting end (Alice) determines two random bit sequences related to bit information and polarizer information, respectively. At this time, the polarization results of the bits according to the polarizer are as shown in Table 3 below, and the correspondence relationship of the types of polarizers for the bits constituting the random bit sequence related to the polarizer information is as shown in Table 4. That is, referring to Table 4, when the bit at a specific position constituting the random bit sequence related to the polarizer information is 1, among the bits constituting the random bit sequence related to the bit information, the specific bit included in the random bit sequence related to the bit information corresponding to the bit at the specific position can be polarized by a diagonal polarizer.

[0326] Cross diagonal 0- / 1|\

[0327] 0 cross shape 1 diagonal

[0328] 2) Based on two determined random bit sequences, the transmitting end polarizes the bit sequence related to the bit information onto a polarizing plate determined based on the bit sequence related to the polarizing plate information, and transmits the acquired polarized photons to the receiving end (Bob).

[0329] 3) The receiver (Bob) measures photons transmitted from the transmitter (Alice) using an arbitrary polarizing plate. At this time, some of the photons transmitted by the transmitter (Alice) may be lost due to factors such as noise in the quantum channel, and consequently, the receiver (Bob) may not be able to receive some of the photons.

[0330] As described above, after the process of transmitting quantum information through the quantum channel is completed, the sender (Alice) and the receiver (Bob) perform a post-processing step to share the same secret key through the public channel.

[0331] 4) The receiver (Bob) transmits information to the transmitter (Alice) about which photon it has received and also provides information about the polarizing plate at that location. At this time, the transmitter (Alice) also provides information about the polarizing plate at the location corresponding to the photon received by the receiver (Bob).

[0332] 5) Based on the polarizing plate information exchanged between them, the transmitter (Alice) and the receiver (Bob) obtain bit values ​​corresponding to bit positions where the same polarizing plate is used. The receiver (Bob) discloses only some of the obtained bit values ​​to the transmitter (Alice). If the sequence disclosed by the receiver (Bob) is the same as the bit value transmitted by the transmitter (Alice), the remaining sequence not disclosed by the receiver (Bob) is used as a secret key. Here, if the same polarizing plate is used for photon transmission by the transmitter (Alice) and photon reception by the receiver (Bob), respectively, the information transmitted by the transmitter (Alice) and the information received by the receiver (Bob) will be the same. If the information transmitted by the transmitting end (Alice) and the information received by the receiving end (Bob) differ even though the same polarizer was used for photon transmission by the transmitting end (Alice) and photon reception by the receiving end (Bob), it can be determined that eavesdropping has occurred based on the ratio of the information with different values ​​among all information for which the same polarizer was used.

[0333] (2) Post-processing of quantum key distribution

[0334] The post-processing of quantum key distribution is a process that resolves discrepancies between the sender and receiver's cryptographic keys caused by eavesdropping attacks or imperfections in the quantum channel and quantum detection device. Through this post-processing, identical key information between the sender and receiver is guaranteed, while simultaneously minimizing the correlation between exposed information and key information to prevent eavesdroppers from inferring key information from the exposed data. This post-processing consists of information reconciliation, privacy amplification, and authentication.

[0335] 1) Information correction

[0336] Information correction is a process that resolves discrepancies between a sender and receiver caused by various factors, ensuring that they possess identical information. In other words, it is identical to the error correction process in mobile communications that rectifies errors in receiver information. However, unlike conventional mobile communications where information is pre-encoded for error correction, correction is performed through additional information transmission after the encryption key transmission between the sender and receiver is completed. Since this additional information transmission takes place via a public channel with a zero error rate—similar to a typical internet environment—a problem may arise where a certain amount of information is exposed to eavesdroppers; therefore, protocols exist to address this issue. A representative example of an information correction protocol is the Cascade protocol, which consists of binary search and traceback algorithms and is characterized by being executed iteratively over multiple stages.

[0337] 2) Amplification of secrecy

[0338] Confidentiality amplification is a process that reduces the correlation between the information possessed by an eavesdropper and the cryptographic key information. As previously explained, a certain amount of information is exposed to the eavesdropper during the information correction process used to rectify errors in the cryptographic key. In other words, since an eavesdropper can obtain a certain amount of information regarding the cryptographic key, the amount of exposed information is removed from the key data to ensure perfect security. Because the additional information used to correct errors during the information correction process for the cryptographic key shared between the sender and receiver is exposed to the eavesdropper, only a portion of the key retains perfect secrecy. Therefore, confidentiality amplification can also be understood as a process of refining information so that the cryptographic key shared between the sender and receiver can maintain perfect secrecy. A representative example of confidentiality amplification is Universal Hashing, which operates based on the property that for any two different input values ​​x and y, the probability g(x) = g(y) is maximized (where m is the size of the hash function range). The characteristics of universal hashing can significantly reduce the probability that an eavesdropper can guess the encryption key.

[0339] 3) Certification

[0340] Authentication is not a process unique to quantum key distribution, but is necessary to counter man-in-the-middle attacks by eavesdroppers. A man-in-the-middle attack occurs when an eavesdropper intercepts information transmitted by a sender, alters it, and re-transmits the altered information to the receiver. Due to man-in-the-middle attacks, the receiver must verify that the received information was sent from the correct sender. To this end, a hash function is predefined between the sender and receiver, and the sender uses this hash function to generate a hash tag for the cryptographic key and transmits it to the receiver along with the key. Subsequently, the receiver inputs the received cryptographic key into its own hash function and checks if the generated hash tag matches the hash tag transmitted by the sender, thereby confirming that the sender is the legitimate sender. The authentication process is performed concurrently with all post-processing steps of key distribution; specifically, information transmission between the sender and receiver proceeds alongside authentication during the information correction and secret amplification processes.

[0341]

[0342] Quantum Direct Communication (QDC)

[0343] Quantum Direct Communication shares similarities with Quantum Key Distribution (QKD), which is used as a 4 / 5G secure communication technology, in that it is a technique for securely transmitting classical message information. However, while QKD is a method of sharing symmetric secret key information, which is necessary to securely transmit message information sent over a classical channel, between the sender and receiver via a quantum channel using the quantum mechanical property of being unclonable, QDC differs in that it is a method of sharing classical message information to be transmitted directly via a quantum channel, rather than a secret key.

[0344] Quantum secure direct communication (QSDC) is a group of QDC technologies that has the advantage of ensuring high security by not generating leakage information related to transmitted information, and can be broadly classified into DL04 QSDC and Two-step QSDC techniques that use a single photon light source and an entangled light source, respectively.

[0345] (1) DL04 QSDC protocol

[0346] FIG. 23 is a diagram illustrating an example of the DL04 QSDC protocol in a system applicable to the present disclosure.

[0347] Specifically, FIG. 23 is a diagram showing an example of the protocol of a single-photon-based DL04 QSDC technique and the overall process of operations performed in said protocol.

[0348] The single-photon-based DL04 QSDC technique is a method for directly transmitting a message (information) to be transmitted through a quantum channel, and 1 bit of classical information per photon can be transmitted. Referring to Fig. 23, the DL04 QSDC protocol in which the DL04 QSDC technique is performed can be composed of a transmitting and receiving end (Alice, Bob), a quantum channel, and a classical channel.

[0349] 1) The receiver (Bob) constructs a single-photon train based on polarization information. Each single photon included in the constructed single-photon train is It can be generated randomly as one of the four states.

[0350] Here, the generated single-photon train is used by the receiver (Bob) to transmit information about the initial quantum state to the transmitter (Alice).

[0351] 2) Next, the receiver (Bob) transmits information about the initial quantum state based on the generated single-photon train to the transmitter (Alice). At this time, some of the information about the initial quantum state can be used to estimate the Quantum bit error rate (QBER).

[0352] 3) Subsequently, the receiver (Bob) transmits position information to the transmitter (Alice) via a classical channel to be used for QBER estimation, and the transmitter (Alice) performs measurements by randomly selecting an orthogonal or diagonal basis for some of the information used for QBER estimation based on the position information among the single photons included in the received single photon train. At this time, the transmitter (Alice) transmits measurement information regarding the basis used for measurement and the value of the measured information to the receiver (Bob), and the receiver (Bob) calculates the QBER by comparing the received information with the information it initially generated, and determines whether eavesdropping has occurred, only for the information among the received information where the same basis is used. If the QBER value is higher than the threshold value for determining eavesdropping, the receiver (Bob) determines that the quantum channel is unsafe and stops communication. Conversely, the receiver (Bob) can perform subsequent operations.

[0353] 4)-5) If the transmitting end (Alice) determines, based on the QBER estimation result, that there is no eavesdropper, it encodes the message (information) to be transmitted based on the remaining single-photon sequence, excluding the single-photon used for QBER estimation from the total single-photon sequence received in step 2). Here, the encoding can be performed through an identity operation denoted by I, which causes no change, when the information contained in the message is 0, and through a unitary operation defined by U when the information is 1. The unitary operation It may include.

[0354] 6) Next, the transmitter (Alice) transmits the encoded single-photon sequence to the receiver (Bob). Here, the receiver (Bob) measures each single photon using the same basis information as the initial measurement basis to read a message (information) from the transmitted single-photon sequence. Some of the information from the same basis information as the initial measurement basis is used for QBER estimation, and the receiver (Bob) can receive the position of the photon and the value of the encoding bit to be used for QBER estimation from the transmitter (Alice) over a public channel.

[0355] 7)-8) The receiver (Bob) can determine the values ​​of parameters to be used for decoding based on the measured QBER value and perform decoding on the received message.

[0356] Through steps 1) to 8) above, the QSDC technique can safely transmit message information generated at the transmitting end to the receiving end through a quantum channel. That is, the transmitting end performs QBER estimation on the initial state generated by the receiving end, and based on the QBER estimation, can verify whether the initial state is safe from eavesdroppers; thus, message information can be encoded in an initial state that is guaranteed to be safe from eavesdroppers. Therefore, even if an eavesdropper exists in the backward quantum channel, an eavesdropper who does not know the value of the initial state cannot obtain meaningful message information from the encoded message even if they intercept it, and thus security can be guaranteed.

[0357] The single-photon-based QSDC technique described in Fig. 23 can enable communication with high security without using a quantum secret key, but it has limitations in that it only allows the transmission of classical information at a rate of 1 bit per photon, and the maximum data rate cannot exceed the maximum detection speed of the single photon detector (SPD) due to the dead time of the SPD. In a quantum information transmission system, the transmitter typically generates a quantum state to be transmitted based on the properties (characteristics) of the photon, attenuates the signal to the single-photon level through a signal attenuator (VOA), and transmits it to the receiver over a quantum channel. Here, the properties (characteristics) of the photon may include polarization, phase, time information, etc. The receiver detects the signal transmitted by the transmitter using a single-photon detector. At this time, information transmitted via photons may not be fully detected at the receiver due to various factors, and loss may occur. These various factors may include channel-related losses and the low measurement accuracy of the SPD. In particular, if the signal generation rate from the light source (LD) exceeds the maximum signal detection rate from the detector, the loss of the received signal may increase further. Such loss of the received signal may be caused by dead time, which is the time required for the SPD to return to a ready state to detect the next signal (photon) after detecting a signal at a specific point in time. More specifically, the dead time refers to the time during which no signal is detected by the SPD while the detector is turned off and recharged, following the occurrence of avalanche breakdown based on the generation and emission of numerous electrons and holes caused by the influx of light.

[0358] (2) Two-step QSDC protocol

[0359] FIG. 24 is a diagram illustrating an example of a two-step QSDC protocol in a system applicable to the present disclosure.

[0360] Two-step QSDC is a technique derived from super dense coding as shown in Fig. 24, which uses four types of single entangled photons (EPR-pairs) of [Equation 3] below to safely transmit 2 bits of classical information.

[0361]

[0362] Superdensity coding is a technique that enables the transmission of classical information using quantum communication. When using superdensity coding, a transmitter can send 2 bits of classical information to a distant receiver via a quantum channel using a single qubit. When using superdensity coding, it is assumed that the transmitter possesses the first qubit in the entangled state, and the receiver possesses the second qubit in the entangled state. There are four possible cases for the qubit that the transmitter intends to transmit: '00', '01', '10', and '11'. For these four cases, the transmitter performs qubit operations (expressed in the form of I, Z, X, and iY) corresponding to each of the four cases on the entangled qubit it possesses, and then transmits the information through the quantum channel. Each operation performed by the transmitter can be understood as serving to transform the entangled state shared by the transmitter and receiver into a different basis that is orthogonal to each other. The receiving end measures the received qubit and the qubit it owns (the second qubit in the entangled state) to recover the 2 bits of information transmitted by the transmitting end.

[0363] In FIG. 24, SR (Storage lines) 1 to 4 are optical delay lines that serve as quantum memory, CE (Checking Eavesdropping) 1 and 2 check for the presence of an eavesdropper, CM (Coding Message) encodes classical message information to be transmitted from the transmitter (Alice) to the receiver (Bob), EPR- source generates an entangled light source, and Bell state measurement measures entangled photon pairs.

[0364] In two-step QSDC, unlike super dense coding, entangled photon pairs are not transmitted all at once to ensure security, but are divided into two stages and transmitted through an upper quantum channel and a down quantum channel. Since eavesdropping on an entangled light source requires knowing the information from both sides of the entangled photon pair to determine the transmitted information through measurement, the two-step technique uses a method in which one side of the entangled photon pair is sent first to verify security against eavesdropping, and only when security is guaranteed is the message information to be sent coded into the remaining part of the photon pair and transmitted.

[0365]

[0366] Transport Layer Security (TLS)

[0367] FIG. 25 is a diagram illustrating an example of a Transport Layer Security (TLS) procedure in a system applicable to the present disclosure.

[0368] Transport Layer Security (TLS), formerly known as Secure Sockets Layer (SSL), is a protocol used to enable applications to communicate securely over a network, preventing the alteration of information through eavesdropping on email, web browsing, messaging, and other protocols. Both SSL and TLS are client / server protocols that guarantee communication privacy by providing security to the network using encryption protocols that offer security over the network. When a server and a client communicate via TLS, it ensures that no third party can alter or eavesdrop on messages. TLS 1.0 and 1.1 are currently not supported; TLS 1.2 was drafted in RFC 5246 under the IEFT in 2008, and TLS 1.3 was drafted in RFC 8446 in 2018.

[0369] The TLS procedures of RFC5246 and RFC8446 are summarized as shown in Figure 25.

[0370] Referring to Fig. 25, the client sends a client hello message to the server.

[0371] The client receives a Server Hello message from the server.

[0372] The client receives a server certificate message from the server.

[0373] The client receives a server key exchange message from the server.

[0374] The client receives a certificate request message from the server.

[0375] The client receives a Server hello done message from the server.

[0376] The client sends a certificate message to the server.

[0377] The client sends a client key exchange message to the server.

[0378] The client sends a certificate verify message to the server.

[0379] The client sends a Change cipher spec message to the server.

[0380] The client sends a finished message to the server.

[0381] The client receives a Change cipher spec message from the server.

[0382] The client receives a finished message from the server.

[0383] The client communicates with the server.

[0384]

[0385] - RSA-based TLS 1.2 Handshake Process

[0386] 1. The Client transmits to the Server the encryption algorithm, protocol version, and Client Random Data corresponding to the supported Cipher Suite.

[0387] 2. Based on the list of Cipher Suits received from the Client, the Server transmits the selected encryption algorithm, protocol version, certificate, and Server Random Data to the Client.

[0388] 3. The Client verifies the certificate received from the Server, combines Client Random Data and Server Random Data in a pre-agreed manner to generate a "Pre Master Secret" value, encrypts it using the Server's public key received from the Server (RSA public key encryption method), and transmits it to the Server.

[0389] 4. The Server decrypts the received encrypted data using its private key to obtain the "Pre Master Secret" value. Subsequently, the Cline and the Server convert the "Pre Master Secret" value into a "Master Secret" value in a pre-agreed manner and generate a "Session Key" using that information.

[0390] 5. The authenticated Client and Server begin transmitting and receiving data using symmetric key encryption with the "Session Key".

[0391]

[0392] - DHE-based TLS 1.3 Handshake Process

[0393] 1. The Client generates a secret key and a public key using the encryption algorithm, protocol version, and Client Random Data corresponding to the supported Cipher Suite, and the Diffie-Hellman Key Exchange algorithm, and then transmits the public key to the Server.

[0394] 2. Based on the list of Cipher Suits received from the Client, the Server generates a secret key and a public key using the selected encryption algorithm, protocol version, Server Random Data, and the Diffie-Hellman Key Exchange algorithm, and then transmits the public key to the Client.

[0395] 3. The Client and Server generate a "Pre Master Secret" value using their respective private keys and the other party's public key, and convert the "Pre Master Secret" value into a "Master Secret" value using the exchanged Random Data. Then, a Session Key is generated using a hash function such as HMAC-SHA256 or HMAC-SHA384.

[0396] 4. The authenticated Client and Server begin transmitting and receiving data using symmetric key encryption with the "Session Key".

[0397]

[0398] Hypertext Transfer Protocol

[0399] Hypertext Transfer Protocol (HTTP) is an abbreviation for a protocol that transmits documents that can be linked to other documents via hypertext links. It is used on the Web as a protocol that allows clients to exchange information with servers. HTTP / 2 (HTTP Version 2) enables header compression and parallel transmission over a single TCP connection, and it is a protocol that improves network resource efficiency through binary protocols. It was released as RFC 7540, established by the International Internet Standardization Organization (IETF). HTTP / 2 connections are established based on TLS, and TLS 1.2 or TLS 1.3 is used.

[0400]

[0401] The symbols / abbreviations / terms used in this disclosure are as follows.

[0402] - TLS: Transport Layer Security

[0403] - PRINS: Protocol for N32 Interconnect Security

[0404] - SBI: Service based Interfaces

[0405] - SEPP: Security Edge Protection Proxy

[0406] - NF: Network Function

[0407] - IPX: IP Exchange

[0408] - JSON: JavaScript Object Notation

[0409] - QPKI: Quantum Public Key Infrastructure

[0410] - QSDC: Quantum Secure Direct Communication

[0411] - QBER: Quantum Bit Error Rate

[0412]

[0413] Technical problem to be solved in the present disclosure

[0414] FIG. 26 is a diagram illustrating an example of an N32 protocol stack in a system applicable to the present disclosure.

[0415] In 5G, SEPP functions are newly defined to protect signaling messages between network functions of mobile communication networks in a roaming environment. SEPP provides an application layer protection scheme to ensure the integrity and confidentiality of messages. Generally, when the SEPPs of each mobile communication network are directly connected without a separate IPX (Interconnect Provider) between the two networks, messages between SEPPs are protected using the TLS protocol. However, when the two mobile communication networks are connected via IPX, an application layer integrity protection and encryption scheme for the N32 interface is applied to prevent data leakage or tampering while passing through the IPX between the SEPPs of the two networks. SEPP uses JSON Web Encryption (RFC 7516) to protect messages on the N32 interface, while IPX uses JSON Web Signatures (RFC 7515) to verify integrity during data transmission. The Protocol Stack for the N32 Interface can be represented as shown in Fig. 26 according to 3GPP TS 29.573. Figure 26 shows the 3GPP TS 29.573 Figure 4.3.1-1: N32 Protocol Stack.

[0416] The N32 interfaces (N32-c and N32-f) use the HTTP / 2 protocol (TS 29.573 clauses 4.2.2 and 4.2.3, respectively) with JSON (TS 29.573 clause 4.2.4) as the application layer serialization protocol. For the security protection at the transport layer, the SEPPs shall support TLS as specified in clause 13.1.2 of 3GPP TS 33.501.

[0417] For the N32-f interface, the application layer (i.e., the JSON content) encapsulates the complete HTTP / 2 message between the NF service consumer and the NF service producer by transforming the HTTP / 2 headers and the body into specific JSON attributes as specified in TS 29.573 clause 6.2. For scenarios where there are RIs between SEPPs, refer to TS 29.573 clause 4.3.2 for TLS / PRINS usage.

[0418] As mentioned above, security for the Transport Layer is established in TLS (Transport Layer Security), and the procedure is described as follows in 3GPP TS 33.501 clause 13.1.

[0419]

[0420] 13.1 Protection at the network or transport layer

[0421] 13.1.0 General (13.1.0 General)

[0422] All network functions shall support mutually authenticated TLS and HTTPS as specified in RFC 7540

[0047] and RFC 2818

[0090] . The identities in the end entity certificates shall be used for authentication and policy checks. Network functions shall support both server-side and client-side certificates. TLS client and server certificates shall be compliant with the SBA certificate profile specified in clause 6.1.3c of TS 33.310 [5].

[0423] The TLS profile shall follow the profile given in clause 6.2 of TS 33.210 [3] with the restriction that it shall be compliant with the profile given by HTTP / 2 as defined in RFC 7540

[0047] . TLS clients shall include the SNI extension as specified in RFC 7540

[0047] .

[0424] TLS shall be used for transport protection within a PLMN unless network security is provided by other means.

[0425] Note 1: Regardless of whether TLS is used or not, NDS / IP as specified in TS 33.210 [3] and TS 33.310 [5] can be used for network layer protection.

[0426] Note 2: If interfaces are trusted (e.g., physically protected), the PLMN operator must decide whether to use cryptographic protection.

[0427] Note 3: How the SNI extension is used in TLS servers is a vendor implementation decision.

[0428]

[0429] 13.1.1 TLS protection between NF and SEPP

[0430] 13.1.1.0 General (13.1.1.0 General)

[0431] To allow for TLS protection between the SEPP and Network Functions or SCPs within a PLMN, the SEPP shall support:

[0432]

[0433] TLS wildcard certificate for its domain name and generation of telescopic FQDN based on an FQDN obtained from the received N32-f message as specified in clause 13.1.1.1.

[0434] Using the custom HTTP header 3gpp-Sbi-Target-apiRoot, defined in clause 5.2.3.2.4 of TS 29.500

[0074] , in the HTTP request originated by the NF within the SEPP's PLMN, to forward the protected HTTP Request message towards the remote PLMN as specified in clause 13.1.1.2.

[0435] Note: Whether the SEPP and NFs within the SEPP's PLMN use telescopic FQDN or the custom HTTP header depends on the PLMN operator's policy.

[0436] 13.1.1.1 TLS protection based on telescopic FQDN and wildcard certificate

[0437] A telescopic FQDN is an FQDN with a single label as the first element and the SEPP's domain as the trailer component. The label uniquely represents the original FQDN.

[0438] Note 3: The structure of telescopic FQDN is defined in 3GPP TS 23.003

[0019] , clause 28.5.2.

[0439] The SEPP shall generate a telescopic FQDN for the following messages received over N32-f:

[0440]

[0441] The Nnrf_NFDiscovery_Get response HTTP message contains FQDNs of a set of the discovered NF or NF service instances (see TS 29.510

[0068] ). The cSEPP generates a telescopic FQDN for each target Network Function FQDN in the Discovery response, rewrites the original FQDN with the telescopic FQDN, and forwards the modified Discovery response to the NRF.

[0442] Subscription message with the Callback URI in the payload of the message (see TS 29.501

[0094] ). The pSEPP generates a telescopic FQDN from the Callback URI in the Subscription message, rewrites the original FQDN in the callback URI, and forwards the modified Subscription message to the producer Network Function.

[0443] An Nsmf_PDUSession_POST HTTP message from a V-SMF with PduSessionCreateData containing the URI representing the PDU session in the V-SMF (see TS 29.502

[0095] ). The pSEPP generates a telescopic FQDN from the callback URI in the message, rewrites the original FQDN in the callback URI, and forwards the modified message to the target H-SMF.

[0444] The following procedure illustrates how SEPPs use a telescopic FQDN and a wildcard certificate to establish a TLS connection between a Network Function or a SCP and the SEPP.

[0445] When a network function or SCP that received a telescopic FQDN in Step 1 is ready to communicate with a target network function or SCP of another PLMN, it uses the telescopic FQDN in the request URI of the HTTP request. If communication between the network function or SCP and the SEPP that generated the telescopic FQDN uses the 3gpp-Sbi-Target-apiRoot custom HTTP header as specified in Section 5.2.3.2.4 of TS 29.500

[0074] , the network function or SCP uses the telescopic FQDN in the 3gpp-Sbi-Target-apiRoot custom HTTP header of the HTTP request. During TLS setup between the network function and the SEPP, the SEPP must authenticate the network function or SCP using a wildcard certificate. (When the Network Function or SCP that received the telescopic FQDN in step 1 is ready to communicate with the target Network Function or SCP in another PLMN, it uses the telescopic FQDN in the Request URI of the HTTP Request. When communication between the Network Function or SCP and the SEPP that generated the telescopic FQDN is based on using the 3gpp-Sbi-Target-apiRoot custom HTTP header as specified in TS 29.500

[0074] , clause 5.2.3.2.4, the Network Function or SCP uses the telescopic FQDN in the 3gpp-Sbi-Target-apiRoot custom HTTP header of the HTTP Request.During TLS setup between the Network Function and the SEPP, the SEPP shall authenticate towards the Network Function or SCP using the wildcard certificate.).

[0446] When the SEPP receives an HTTP request from the Network Function or SCP, the SEPP shall rewrite the telescopic FQDN with the original FQDN by replacing the unique delimiter in the label with the period character and removing its own suffix part.

[0447]

[0448] 13.1.1.2 3gpp-Sbi-Target-apiRoot HTTP header-based TLS protection

[0449] The NF uses the 3gpp-Sbi-Target-apiRoot HTTP header in the HTTP request to convey the target FQDN to the SEPPs.

[0450] If PRINS is used on the N32-f interface, the following applies: The sending SEPP shall use the 3gpp-Sbi-Target-apiRoot header to obtain the apiRoot to be used in the request URI of the protected HTTP Request. It removes the 3gpp-Sbi-Target-apiRoot header before forwarding the protected HTTP Request on the N32-f interface.

[0451] If TLS is used on the N32 interface, the following applies: The sending SEPP shall replace the authority header in the HTTP Request with the FQDN of the receiving SEPP before forwarding the protected HTTP Request on the N32 interface. The sending SEPP shall not change the 3gpp-Sbi-Target-apiRoot header.

[0452] Note: This solution does not require the SEPP to support a TLS wildcard certificate for its domain name during TLS setup, nor the SEPP to generate a telescopic FQDN for the target FQDN.

[0453]

[0454] 13.1.2 Protection between SEPPs

[0455] TLS shall be used for N32-c connections between the SEPPs.

[0456] The SEPP must maintain a set of trust anchors, each consisting of a list of trusted root certificates and a corresponding list of PLMN-IDs. A given PLMN-ID must appear in at most one trust anchor. During N32-c connection setup, the SEPP must map the PLMN-IDs of the remote SEPP leaf (server or client) certificate to the associated trust anchors for certificate chain verification. During certificate chain verification, only the root certificates in the associated list are treated as trusted. If a remote SEPP certificate contains multiple PLMN-IDs mapped to different trust anchors, the certificate is rejected. (The SEPP shall maintain a set of trust anchors, each consisting of a list of trusted root certificates and a list of corresponding PLMN-IDs. Any given PLMN-ID shall appear in at most one trust anchor. During N32-c connection setup, the SEPP shall map the PLMN-ID of the remote SEPP leaf (server or client) certificate to the associated trust anchor for the purposes of certificate chain verification. Only the root certificates in the associated list shall be treated as trusted during certificate chain verification. If the remote SEPP certificate contains multiple PLMN-IDs that are mapped to different trust anchors, then that certificate shall be rejected.)

[0457] Operator Group Roaming Hubs SEPPs are equivalent to a network operator SEPP when they are in the same security domain and are not considered IPX providers as detailed in this clause. The communication between a group network operator's SBA network border element and the Operator Group Roaming Hub SEPP is outside the scope of this document.

[0458] If there are no IPX providers between the SEPPs, TLS must be used for N32-f connections between the SEPPs. Different TLS connections are used for N32-c and N32-f. If there are IPX providers between the SEPPs that only offer IP routing services, either TLS or PRINS (Application Layer Security) must be used to protect N32-f connections between the SEPPs. PRINS is specified in clause 5.9.3 (requirements) and clause 13.2 (procedures).

[0459] If TLS is selected, SEPP correlates the N32-f TLS connection with the N32-c connection. If the peer network is a PLMN, SEPP compares the PLMN-IDs included in the SEPP TLS certificates used to establish the N32-c and N32-f connections. Specifically, if the certificate used for N32-f contains one or more PLMN-IDs that are not included in the TLS certificate used for the corresponding N32-c, the N32-f certificate is rejected. If the peer network is an SNPN, SEPP compares the SNPN-IDs included in the SEPP TLS certificates used to establish the N32-c and N32-f connections. (If TLS is selected, the SEPP shall correlate the N32-f TLS connection with the N32-c connection. If the peer network is a PLMN, the SEPP compares the PLMN-IDs contained in the SEPP TLS certificates used to establish the N32-c and N32-f connections. Specifically, if the certificate used for N32-f contains one or more PLMN-IDs that are not contained in the TLS certificate used for the corresponding N32-c, the N32-f certificate shall be rejected. If the peer network is an SNPN, the SEPP compares the SNPN-ID contained in the SEPP TLS certificates used to establish the N32-c and N32-f connections.)

[0460] If there are IPX providers which, in addition to IP routing, offer other services that require modification or observation of the information and / or additions to the information sent between the SEPPs, PRINS shall be used for protection of N32-f connections between the SEPPs.

[0461] Note 1a: The procedure specified in clause 13.5 for security mechanism selection between SEPPs allows SEPPs to negotiate which security mechanism to use for protecting NF service-related signaling over N32, and provides robustness and future-proofness, e.g., in case new algorithms are introduced in the future.

[0462] If PRINS is used on the N32-f interface, one of the following additional transport protection methods should be applied between the SEPP and IPX provider for confidentiality and integrity protection.

[0463]

[0464] NDS / IP as specified in TS 33.210 [3] and TS 33.310 [5], or

[0465] A TLS VPN with mutual authentication following the profile specified in clause 6.2 of TS 33.210 [3] and clause 6.1.3a of TS 33.310 [5]. The identities in the end entity certificates shall be used for authentication and policy checks, with the restriction that it shall be compliant with the profile given by HTTP / 2 as defined in RFC 7540

[0047] .

[0466] Note 1: Void

[0467] Note 2: Void

[0468]

[0469] In the above, for a TLS connection between NF and SEPP or between SEPP and SEPP, a TLS 1.2 or TLS 1.3 connection is required, and the TLS connection uses a Certificate based on a trusted node and an Asymmetric Key-based security system through the Certificate. At this time, the Asymmetric Key-based security system guarantees the validity of the Public Key through the Public Key and Private Key, and guarantees the security of information through Public Key Encryption, thereby generating a Session Key by creating secure shared information between the two ends, which can then be used for secure communication.

[0470] However, due to advancements in Quantum Computers and Quantum Algorithms, systems using the aforementioned Public Key Encryption may be threatened in terms of security. It is theoretically known that encryption methods based on RSA (RIVEST-SHAMIR-ADLEMAN) or ECC (Elliptic Curve Cryptography), which are generally used in asymmetric key-based security systems, can be deciphered within the validity period through parallel computation of the Shor Algorithm. In the case of RSA 2048-bit integers, it is possible to factor them within 8 hours using 20 million noisy qubits ["How to factor 2048-bit RSA integers in 8 hours using 20 million noisy qubits" Quantum 5,433 (2021)], and a study analyzing that factoring is possible within 177 days using only 13,436 qubits based on multi-parallel quantum memory ["Factoring 2048-bit RSA Integers in 177 Days with 13,436 Qubits and a Multimode Memory" PRL, (2021)] has been published. The collapse of asymmetric key encryption systems by such Quantum Algorithms poses a serious threat to secure communication systems based on asymmetric key encryption.

[0471] To prevent such security threats, a method is required to address the threats posed by the Quantum Algorithm while maintaining an asymmetric key system. To this end, the problem of trapdoor leakage caused by the Quantum Algorithm can be adaptively prevented by periodically updating the Public Key. This ensures that real-time leakage does not occur even if a Plaintext Attack is launched by the Quantum Algorithm. However, even if real-time leakage does not occur, an attacker can still perform a Plaintext Attack later through a Harvest-Now-Decrypt-Later (HNDL) Attack. Consequently, limiting the validity period of the Public Key alone cannot achieve fundamental information security.

[0472] Furthermore, while Post-Quantum Cryptography (PQC) technology is emerging, all asymmetric key systems based on computational complexity inevitably face the risk of being threatened by the emergence of new Quantum Algorithms. Additionally, transitioning to a new security system can entail a significant technical burden to implement the new security technology across all devices. Similarly, as PQC is a security method based on computational complexity, it cannot achieve physical security. Therefore, even if real-time leakage does not occur, an attacker can subsequently perform a Plaintext Attack through a Harvest-Now-Decrypt-Later (HNDL) Attack.

[0473] The present disclosure proposes a Quantum Public Key Infrastructure (QPKI)-based Transport Layer Security (TLS) system that achieves physical information security by constructing a Quantum Public Key (QPK) based on the No-cloning Theorem and performing Quantum Public Key Encryption (QPKE).

[0474]

[0475] Composition of various embodiments of the present disclosure

[0476] Proposed technology 2.1. Transport Layer Security based on Quantum Public Key Infrastructure (TLS based on QPKI)

[0477] FIG. 27 is a diagram illustrating an example of a procedure for performing Transport Layer Security based on Quantum Public Key Infrastructure (TLS based on QPKI) in a system applicable to the present disclosure.

[0478] The present disclosure proposes a Transport Layer Security system that enables physical security based on quantum properties when performing a secure connection between any nodes.

[0479] The purpose of the proposed technology is to 1. ensure that there is no leakage of transmitted messages by configuring security information based on a Quantum Public Key so that repeated measurement is impossible, and 2. make it impossible for a subsequent Plaintext Attack to be performed even against an attacker's Harvest-Now-Decrypt-Later (HNDL) Attack based on the coherence time characteristics of the quantum.

[0480] The proposed technology assumes the following.

[0481] 1) It is assumed that the Classical PKI system shares the Classical Public Key through a trusted method. Here, the initial sharing of the Classical Public Key through a trusted method generally means obtaining the Classical Public Key via a Certificate. For example, in a 3GPP telecommunications system, one can obtain the Public Key contained in a Certificate that is verifiable as the Public Key of a trusted node, such as a PLMN CA or a Vendor Root CA. In this case, it is assumed that the CA's Public Key has been shared in advance. It is also assumed that the CA's Public Key is periodically updated through a trusted method or that the Trapdoor has not been leaked for a long time by PQCs, etc.

[0482] 2) Assume that the minimum required time for a trapdoor of a specific Classical Public Key K of a specific Classical PKI system to be leaked by a quantum algorithm, etc. is X. At this time, it is also assumed that the minimum required time for a trapdoor of the CA's Public Key to be leaked is X.

[0483] 3) It is assumed that a server capable of connecting to a CA sends a Certificate Signing Request (CSR) containing its domain and public key information to the CA, thereby obtaining authentication for the server's public key and possessing a certificate in advance. This process may take place in real time when establishing a secure connection with the client.

[0484] 4) Assume that the quantum coherence time of the quantum state is maintained for a maximum of Y time.

[0485]

[0486] Referring to Fig. 27, the overall procedure of the proposed technology is summarized as follows.

[0487] (1) (Client → Server) Client Hello Message

[0488] (1-1) When the Client initially connects to the Server, which is the target of the TLS connection, it sends a Client Hello Message, which is control information.

[0489] (1-2) The Client Hello Message contains Client Random Value, Session ID, Cipher Suite, and Quantum Security Indicator information.

[0490] (1-2-1) Client Random Value: The Client sends a 32-byte random value to the Server.

[0491] (1-2-1-1) This information is used to generate the Pre-master Secret Key.

[0492] (1-2-2) Session ID: The Client sends the value corresponding to the Session ID to the Server.

[0493] (1-2-2-1) Send a Null Value when the session is first created.

[0494] (1-2-2-2) If a session already exists, send the corresponding Session ID.

[0495] (1-2-3) Cipher Suite: The Client sends a list of supported key exchange algorithms, symmetric key encryption algorithms, and hash algorithms to the Server. For example, the Cipher Suite list is as follows.

[0496] (1-2-3-1) TLS_AES_128_CCM_8_SHA256 (TLS_ Key Exchange Algorithm_ Symmetric Encryption Algorithm_ Message Authentication Code Algorithm의 구조를 가짐)

[0497] (1-2-3-2) TLS_AES_128_CCM_SHA256

[0498] (1-2-3-3) TLS_ECCPWD_WITH_AES_128_CCM_SHA256

[0499] (1-2-3-4) TLS_ECCPWD_WITH_AES_256_CCM_SHA384

[0500] (1-2-3-5) TLS_ECDHE_ECDSA_WITH_AES_128_CCM

[0501] (1-2-3-6) TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8

[0502] (1-2-3-7) TLS_ECDHE_ECDSA_WITH_AES_256_CCM

[0503] (1-2-3-8) TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8

[0504] (1-2-3-9) TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256

[0505] (1-2-3-10) TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256

[0506] (1-2-3-11) TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

[0507] (1-2-3-12) TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

[0508] (1-2-3-13) TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256

[0509] (1-2-3-14) TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384

[0510] (1-2-3-15) TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256

[0511] (1-2-3-16) TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384

[0512] (1-2-3-17) TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

[0513] (1-2-4) Quantum Security Indicator: The Client transmits to the Server whether the quantum security system is supported. For example, as follows. (The following information may also be displayed as a 1-bit indicator.)

[0514] (1-2-4-1) Unavailable (Quantum security system is not supported)

[0515] (1-2-4-2) Quantum_PKI (Quantum Public Key System supported)

[0516] (1-2-5) In addition to the information above, information for existing TLS procedures may be included.

[0517] (1-2-5-1) For example, information such as the TLS Version and the Server Name (SNI) of the TLS connection target may be included.

[0518] (2) (Server → Client) Server Hello Message

[0519] (2-1) The Server sends a Server Hello Message to the Client, which is the target of the TLS connection, as response control information for the Client Hello Message.

[0520] (2-2) The Server Hello Message contains Server Random Value, Session ID, Cipher Suite, and Quantum Security Indicator information.

[0521] (2-2-1) Server Random Value: The Server sends a 32-byte random value to the Client.

[0522] (2-2-1-1) This information is used to generate the Pre-master Secret Key.

[0523] (2-2-2) Session ID: The Server sends the value corresponding to the Session ID to the Client.

[0524] (2-2-2-1) When a session is created for the first time, the Server can generate and send a Session ID.

[0525] (2-2-2-2) If a session already exists, send the corresponding Session ID.

[0526] (2-2-3) Cipher Suite: Determines a Cipher Suite based on the list of supported Cipher Suites received from the Client and delivers it to the Client.

[0527] (2-2-3-1) The Server determines the optimal Cipher Suite that is commonly supported by both the Server and the Client.

[0528] (2-2-4) Quantum Security Indicator: Transmits whether to apply a quantum security system based on whether the client supports a quantum security system. For example, as follows. (The following information may also be displayed as a 1-bit indicator.)

[0529] (2-2-4-1) Unavailable (Quantum security system is not supported)

[0530] (2-2-4-2) Quantum_PKI (Quantum Public Key System supported)

[0531] (3) (Server → Client) Server Certificate

[0532] (3-1) The Server provides trust in the Server by delivering the Server Certificate to the Client, which is the target of the TLS connection.

[0533] (3-2) A Server Certificate includes a Synchronization Header, information about the Certificate Authority (CA) that authenticated the Certificate, the Certificate Authority's Signature, and the Server's Public Key.

[0534] (3-2-1) The Synchronization Header is used for synchronization with the Quantum Public Key Packet when a quantum security system is supported.

[0535] (3-2-1-1) The Synchronization Header is synchronization information for linking the information of the Server Certificate Packet transmitted over the classical channel and the QPKE Packet transmitted over the quantum channel.

[0536] (3-2-2) CA Information is information about the authority that issued the certificate. It may include the validity period of the certificate.

[0537] (3-2-3) A CA Signature is signature information encrypted by a CA using its Private Key, which can be verified by decrypting it with the CA's Public Key.

[0538] (3-2-4) The Server's Public Key is information generated from the Server's Private Key and is information authenticated by a CA.

[0539] (3-2-4-1) For example, the Server's Public Key can be generated as an Asymmetric Key such as RSA or PQC.

[0540] FIG. 28 is a diagram illustrating an example of the structure of a server certificate in a system applicable to the present disclosure.

[0541] (3-2-5) For example, the Server Certificate structure may be as shown in Fig. 28 and is transmitted over a classical channel.

[0542] (3-3) If the Quantum Security Indicator in the Server Hello Message is displayed as Unavailable, the Synchronization Header in the Server Certificate may not be used.

[0543] (4) (Server → Client) Quantum Public Key (QPK)

[0544] (4-1) The Server sends the Quantum Public Key to the Client, the target of the TLS connection, via the Quantum Channel. Transmits.

[0545] (4-1-1) Here, Represents the Quantum Public Key Set transmitted to, where L is the length of the Quantum Public Key transmitted.

[0546] (4-1-2) At this time, the i-th Quantum Public Key can be the first particle of a Single Qubit-based Public Key or an Entanglement-based Public Key.

[0547] (4-1-2-1) Single Qubit-based Public Key or Entanglement-based Public Key is explained separately below.

[0548] (4-1-3) Quantum Public Key transmission may be performed with the Quantum Public Key length set to a unit of length predefined by the system. Here, the predefined unit of length may be transmitted as header information along with the signal transmitting the Quantum Public Key.

[0549] (4-1-4) The Quantum Public Key is transmitted to the Client via the quantum channel as a QPK Packet.

[0550] (4-1-4-1) A QPK packet consists of a Synchronization Header and a Quantum Public Key.

[0551] FIG. 29 is a diagram illustrating an example of the structure of a QPK packet in a system applicable to the present disclosure.

[0552] (4-1-4-2) For example, the QPK packet structure can be as shown in Fig. 29 and is transmitted through a quantum channel.

[0553] (4-1-4-3) All QPKE packets are generated in Quantum State, and the Synchronization Header may consist of an Optical Signal. In this case, the Optical Signal may be a single-photon level Optical Signal or a field composed of multiple photons.

[0554] (4-1-4-3-1) A Synchronization Header composed of an Optical Signal is not information requiring security, and the signal can be configured in a manner agreed upon in advance between the transmitting and receiving ends.

[0555] (4-1-4-3-2) For example, ON / Off Keying (OOK) or Phase / Amplitude / Polarization Modulation methods may be used.

[0556] (4-1-4-4) The Synchronization Header is synchronization information for synchronizing the Server Certificate transmitted over the classical channel and the QPK Packet transmitted over the quantum channel.

[0557] (4-1-4-4-1) The Synchronization Header of a Server Certificate transmitted over a classical channel and the Synchronization Header of a QPK Packet transmitted over a quantum channel consist of the same information.

[0558] (4-1-4-4-2) The Synchronization Header can be a Synchronization Code agreed upon in a predefined way.

[0559] (4-1-4-4-2-1) For example, the Synchronization Code may be an index indicating the order of QPK packets, and the Synchronization Code may be defined as a sequence structure that can be detected at the receiver.

[0560] (4-1-4-4-2-2) Even if the Synchronization Code above is an index representing the order of QPK packets, it is defined as a sequence structure with a length sufficient to perform information separation among multiple users.

[0561] (4-1-4-4-3) The Synchronization Header can be a randomly generated Synchronization Code.

[0562] (4-1-4-4-3-1) For example, it can be a sequence of random numbers generated through QRNG, etc.

[0563] The length of the sequence consisting of random numbers corresponding to the (4-1-4-4-3-2) Synchronization Code is agreed upon in advance between the transmitting and receiving ends.

[0564] (4-2) If the Quantum Security Indicator in the Server Hello Message is displayed as Unavailable, the QPK Packet is not delivered to the Client.

[0565] (5) (Client → Server) Client Key Exchange

[0566] (5-1) The Client encrypts the Synchronization Header and Pre-master Key information using the Server's Public Key and sends them to the Server, the target of the TLS connection, over the classical channel.

[0567] (5-2) The Synchronization Header is used for synchronization with the Quantum Key Exchange Packet when a quantum security system is supported.

[0568] (5-2-1) The Synchronization Header is synchronization information for linking the information of the Client Key Exchange Packet transmitted over the classical channel and the Quantum Key Exchange Packet transmitted over the quantum channel.

[0569] (5-2-2) If the Quantum Security Indicator of the Server Hello Message is displayed as Unavailable, the Synchronization Header in the Client Key Exchange Packet may not be used.

[0570] FIG. 30 is a diagram illustrating an example of the structure of a Client Key Exchange Packet in a system applicable to the present disclosure.

[0571] (5-2-3) For example, the Client Key Exchange Packet structure may be as shown in Fig. 30 and is transmitted over a classical channel.

[0572] (5-3) Pre-master Key information is Secret Key information generated based on Client Random Value and Server Random Value information.

[0573] (5-3-1) For example, Pre-master Key information may be 48-byte information obtained by combining 32-byte information corresponding to Client Random Value and 32-byte information corresponding to Server Random Value and passing it through a Pseudorandom Function.

[0574] (5-3-2) The Pre-master Key information described above may consist of temporarily generated information independent of the Client Random Value and Server Random Value. For example, the Client may generate and use it as an Ephemeral Key for a specified length.

[0575] (5-4) Pre-master Key information is encrypted with the Server Public Key contained in the Server Certificate according to the encryption method of the Cipher Suite determined by the Server and transmitted.

[0576] (5-4-1) The Client can obtain the Server's Public Key by verifying the integrity and authenticating the Server Certificate through the verification of the CA Signature using the CA's Public Key that it possesses in advance.

[0577] (5-4-2) For example, Pre-master Key R={r1,...,r L It can be expressed as}, and the state encrypted with the Server's Public Key can be expressed as P_key {R}.

[0578] Here, L is the length of the Pre-master Key being transmitted.

[0579] (6) (Client → Server) Quantum Key Exchange

[0580] (6-1) The Client sends Synchronization Header and Quantum Key information to the Server, the TLS connection target, via the quantum channel Transmits.

[0581] (6-2) The Synchronization Header is used for synchronization with the Quantum Key Exchange Packet when a quantum security system is supported.

[0582] (6-2-1) The Synchronization Header of a Client Key Exchange Packet transmitted over a classical channel and the Synchronization Header of a Quantum Key Exchange Packet transmitted over a quantum channel are composed of the same information.

[0583] (6-2-2) The Synchronization Header may be a Synchronization Code agreed upon in a predefined manner.

[0584] (6-2-2-1) For example, the Synchronization Code may be an index indicating the order of QPK packets, and the Synchronization Code may be defined as a sequence structure that can be detected at the receiver.

[0585] (6-2-2-2) Even if the Synchronization Code above is an index representing the order of QPK packets, it is defined as a sequence structure with a length sufficient to perform information separation among multiple users.

[0586] (6-2-3) The Synchronization Header may be a randomly generated Synchronization Code.

[0587] (6-2-3-1) For example, it may be a sequence of random numbers generated through QRNG, etc.

[0588] (6-2-3-2) The length of the sequence consisting of random numbers corresponding to the Synchronization Code is agreed upon in advance between the transmitting and receiving ends.

[0589] (6-3) Quantum Key Information It is transmitted to the Server via the quantum channel as a Quantum Key Exchange Packet.

[0590] (6-3-1) Quantum Key Information is the Quantum Public Key of the QPK Packet received from the Server The Secret Key S, which is the secret information to be transmitted to the corresponding quantum state, is encoded and generated by encapsulating it with the Pre-master Key R.

[0591] (6-3-1-1) Here, Represents the Quantum Key Set transmitted to, where L is the length of the Quantum Key transmitted.

[0592] (6-3-1-2) Quantum Key It is generated as, It refers to the unitary operation for Qubit Rotation with respect to the quantum state.

[0593] The above Unitary operation is explained separately below.

[0594] (6-3-1-3) The above Unitary operation is performed for each individual Quantum State. For example, the i-th Quantum Key is Quantum Public Key and Pre-master Key r i And it is generated by Secret Key s1:

[0595] (6-3-1-4) Here, Secret Key S={s1,...,s L It can be expressed as}, and L is the length of the Secret Key being transmitted.

[0596] (6-3-1-5) A secret key is secret information used by the client and server as a symmetric key.

[0597] (6-3-1-6) Here, the Secret Key, which is secret information, is encoded in the Quantum Public Key. However, since the Secret Key is the Desired Data and the Quantum Public Key protects the Data, it can be interpreted that the Data is encrypted by the Quantum Public Key.

[0598] (6-3-2) Quantum Key transmission may be performed by setting the Quantum Key length in units of length predefined by the system. Here, the predefined units of length may be transmitted as header information along with the signal transmitting the Quantum Key.

[0599] FIG. 31 is a diagram illustrating an example of the structure of a Quantum Key Exchange Packet in a system applicable to the present disclosure.

[0600] (6-3-3) For example, the Quantum Key Exchange Packet structure may be as shown in Fig. 31 and is transmitted over a quantum channel.

[0601] (6-4) If the Quantum Security Indicator in the Server Hello Message is displayed as Unavailable, the Quantum Key Exchange is not delivered to the Server.

[0602] (7) (Client) Master Key Acquisition

[0603] (7-1) If a quantum security system is not supported,

[0604] (7-1-1) The Client generates a Master Key to be used as the Session Key based on the Pre-master Key information R.

[0605] (7-1-1-1) The Pre-master Key information is converted into Master Key information from the Server using the MAC Algorithm configured in the Cipher Suite or a pre-agreed hash method. For example, a hash algorithm such as SHA may be used.

[0606] (7-2) Where a quantum security system is supported,

[0607] (7-2-1) The Client generates a Master Key to be used as the Session Key based on the Secret Key information S.

[0608] (7-2-1-1) The server converts the Secret Key information into Master Key information using the MAC Algorithm configured in the Cipher Suite or a pre-agreed hash method. For example, a hash algorithm such as SHA may be used.

[0609] (8) (Server) Master Key Acquisition

[0610] (8-1) If a quantum security system is not supported,

[0611] (8-1-1) The Server obtains Pre-master Key information R by decrypting the Encrypted Pre-master Key information P_key {R} from the Client Key Exchange received from the Client using the Server's Private Key.

[0612] (8-1-2) Generate a Master Key to be used as the Session Key based on the acquired Pre-master Key information R.

[0613] (8-1-2-1) The Pre-master Key information is converted into Master Key information using a MAC Algorithm configured in advance as a Cipher Suite or a pre-agreed hash method. For example, a hash algorithm such as SHA may be used.

[0614] (8-2) Where a quantum security system is supported,

[0615] (8-2-1) The Server obtains Pre-master Key information R by decrypting the Encrypted Pre-master Key information P_key {R} from the Client Key Exchange received from the Client using the Server's Private Key.

[0616] (8-2-2) The Server receives the Quantum Key corresponding to the Encapsulated & Encrypted Key information within the Quantum Key Exchange from the Client. Regarding this, perform decapsulation with Pre-master Key information R, and compensate with Quantum Public Key generation information P. Acquires the quantum state for.

[0617] (8-2-2-1) The above Decapsulation method and the method for compensating the Quantum Public Key are explained separately below.

[0618] (8-2-3) By measuring the quantum state of , obtain Secret Key S.

[0619] (8-2-4) Generate a Master Key to be used as the Session Key based on the acquired Secret Key information S.

[0620] (8-2-4-1) The Pre-master Key information is converted into Master Key information using a MAC Algorithm configured in advance as a Cipher Suite or a pre-agreed hash method. For example, a hash algorithm such as SHA may be used.

[0621] (9) (Client ↔ Server) Finished

[0622] (9-1) Unless there are additional procedures such as changing the Cipher Spec, the Session Key sharing via the TLS procedure is terminated.

[0623] (9-2) In the subsequent procedures, secure communication is performed using the Session Key shared through the TLS procedure.

[0624]

[0625] It is evident that information necessary to perform existing TLS procedures as described above may be additionally included in each Message. For example, Server Hello Done Message, Server Key Exchange Message, Client Certificate Request Message, Client Certificate Message, Change Cipher Spec, etc., may be additionally included and operated. It is evident that the content indicated in this disclosure remains valid even if information necessary to perform existing TLS procedures is added to the procedure to which the quantum security technology proposed in this disclosure is applied.

[0626] As mentioned above, the Synchronization Header required to utilize the quantum security procedure can be composed of identical information, such as a Session ID. In this case, the contents of the Synchronization Header for all Signals can be configured identically.

[0627]

[0628] In the above, the Quantum Public Key (QPK) can refer to a Quantum State generated in two types as follows.

[0629] (1) Single Qubit based Public Key

[0630] (1-1) The QPK generator creates a single qubit with an initial quantum state.

[0631] (1-1-1) For example, Initial Quantum State or It can be set to.

[0632] (1-2) The QPK generator holds the Logical Information generated through the Random Number Generator as the Private Key. This information is secret information that is not disclosed externally.

[0633] (1-2-1) For example, any natural number n can be chosen, where n is a number smaller than a specific predefined threshold N.

[0634] (1-2-2) As described above, the Random Number Generator can generate a Pure Random Number through a Quantum Random Number Generator, etc.

[0635] FIG. 32 is a diagram illustrating an example of qubit rotation in a system applicable to the present disclosure.

[0636] (1-3) The QPK generator modifies the Initial Quantum State based on an arbitrary natural number n to create the Quantum Public Key Creates.

[0637] (1-3-1) For example, Initial Quantum State is When, modulate the Qubit Rotation corresponding to the natural number n: .

[0638] (1-3-1-1) Here, This refers to the unitary operation for Qubit Rotation.

[0639] (1-3-1-2) Qubit Rotation is Initial Quantum State and Orthogonal Quantum State It refers to the Phase Rotation between.

[0640] (1-3-1-3) Here, Qubit Rotation is Initial Quantum State class This means that z-axis phase rotation occurs between them. In this case, the axes that can be used are x, y, and z. However, Initial Quantum State class If it is on the z-axis, you can also use only the x-axis or y-axis rotation.

[0641] (1-4) Public Key modified by Private Key n Save to UDM.

[0642] (1-5) Multiple Private Keys n in the same way i and Public Key Creates and saves.

[0643] (1-5-1) Here, i is the index of the key.

[0644] (2) Entanglement based Public Key

[0645] (2-1) The QPK constructor creates an Entanglement State with an Initial Bell State.

[0646] (2-1-1) For example, the Initial Bell State can be set to one of four Bell States.

[0647] (2-1-1-1)

[0648] (2-1-1-2)

[0649] (2-1-1-3)

[0650] (2-1-1-4)

[0651] (2-1-2) In the above, A represents the first particle of the Qubit Pair (or Bell Pair) that constitutes the Bell State, and B represents the second particle.

[0652] (2-2) The QPK generator holds the Logical Information generated through the Random Number Generator as the Private Key. This information is secret information that is not disclosed externally.

[0653] (2-2-1) For example, any natural number n can be chosen, where n is a number smaller than a specific predefined threshold N.

[0654] (2-2-2) As described above, the Random Number Generator can generate a Pure Random Number through a Quantum Random Number Generator, etc.

[0655] (2-3) The QPK generator generates a Quantum Public Key by modifying the Initial Bell State based on an arbitrary natural number n.

[0656] (2-3-1) For example, Initial Bell State is When, a unitary operation corresponding to a natural number n is applied to a single particle.

[0657] (2-3-1-1) For example, if the particle intended to be used as the Public Key is the first particle, the unitary operation U is performed only on the first particle. P (n) is applied.

[0658] (2-3-1-2) Here, the Unitary operation can be a Pauli operation. The Pauli operation is an operation represented by Pauli X, Y, Z, I, and signifies the modulation of a quantum state.

[0659] FIG. 33 is a diagram illustrating an example of a Pauli operator in a system applicable to the present disclosure.

[0660] (2-3-1-3) The Pauli operators X, Y, and Z correspond to the measured spin values ​​along the x, y, and z axes, and are represented as shown in the table below. Each operator has the following properties: the X operator performs a classical not operation (bit flip), Z performs a phase-changing operation, and Y (=XZ) performs a combination of the two.

[0661] (2-3-1-3-1)

[0662] (2-3-2) or, for example, one Initial Bell State and another Initial Bell State is When, apply a permutation operation corresponding to the natural number n to two or more Initial Bell State operations.

[0663] (2-4) Key modified by Private Key n Save to UDM.

[0664] (2-4-1) Here, I stands for Pauli I. Initial Bell State Is and It can be used by distinguishing it, represents the first particle of the Initial Bell State, and here, represents the second particle of the Initial Bell State.

[0665] (2-4-2) Here, is the first particle of the modulated Bell State and is the Quantum Public Key, and is the Quantum Secret Key as the second unaltered particle.

[0666] (2-5) Multiple Quantum Secret Key and Quantum Public Key Pairs in the same way Creates and saves.

[0667] (2-5-1) Here, i is the index of the key.

[0668] In the above, the QPK generator can be the Server from the perspective of the TLS procedure.

[0669] As mentioned above, the generation of the QPK can be performed at the time the Client Hello Message is received from the Client.

[0670] As mentioned above, the QPK may be generated in advance on the server and stored in Quantum Memory, regardless of when the Client Hello Message is received from the client.

[0671]

[0672] The Unitary operations applied to the Quantum Public Key (QPK) mentioned above are explained as follows.

[0673] (1) Quantum Public Key received from the QPK creator Encoding or encapsulation is performed by modifying it.

[0674] FIG. 34 is a diagram illustrating an example of qubit rotation in a system applicable to the present disclosure.

[0675] (1-1) For example, Quantum Public Key When, modulate the Qubit Rotation corresponding to Data d: .

[0676] (1-1-1) Here, This refers to the unitary operation for Qubit Rotation.

[0677] (1-1-2) Here, Qubit Rotation is Quantum Public Key With respect to the z-axis, if d is 0, no rotation occurs, and if d is 1, π rotation occurs.

[0678] (1-1-3) Here, d is assumed to be bit information, either 0 or 1.

[0679] (1-1-4) In the above, Qubit Rotation is a Quantum Public Key It may be a Pauli operation for . Here, if d is 0, it means that a Pauli operation does not occur, and if d is 1, it means that a Pauli operation occurs.

[0680] (1-1-5) In the above, Pauli Operation can be agreed upon in advance between the transmitting and receiving ends as one of X, Y, or Z.

[0681] All Quantum Public Keys in the same way For each Data d i It can be tampered with. Here, i is the index of the Data Index and the Quantum Public Key.

[0682] Here, the encoding or encapsulation of the data can be set differently in a pre-agreed manner.

[0683] Here, the encoding or encapsulation of the data can be set differently depending on the type of the Quantum Public Key in a pre-agreed manner.

[0684] Although data encoding or encapsulation is explained above from a bit perspective, it is self-evident that it can also be performed from a scalar value perspective. For example, when an arbitrary natural number b is smaller than a specific predefined threshold B, It can be agreed between the transmitting and receiving ends to perform unitary operations on Qubit Rotation.

[0685]

[0686] The method for decapsulating the encapsulation b applied to the Quantum Public Key above is explained as follows.

[0687] FIG. 35 is a diagram illustrating an example of qubit rotation in a system applicable to the present disclosure.

[0688] If the encapsulation information b applied to the QPK is known, the encapsulated and encrypted quantum states received via the quantum channel It can be decapsulated. For example, if the pre-master key information b used for encapsulation is known through separate classical decryption, the encapsulated and encrypted quantum states Decapsulation Performs.

[0689] For example, if the protection scheme for encapsulation is the Qubit Rotation method, It can be expressed as. Therefore, reception information to If you perform, It can be used as, Decapsulation can be performed as follows. That is, Encrypted Data, which is in a state where Data d is encrypted in the Quantum Public Key as a Decapsulated quantum state. You can obtain.

[0690] All Encapsulated & Encoded Quantum States in the same way For each Pre-master Key b_i, decapsulation can be performed. Here, i is the index of the Data Index and the Pre-master Key.

[0691]

[0692] The method for compensating the Quantum Public Key and acquiring data when data encoding is applied to the Quantum Public Key as described above is explained as follows.

[0693] The QPK generator compensates for the Public Key information of the encoded quantum state based on the information P (or Private Key information) used to generate the QPK. When the Quantum Public Key ID is i, the i-th Quantum Public Key Creation information (or Private Key) n i Since we know Compensation for Performs.

[0694] For example, if the Protection Scheme is the Qubit Rotation method, It can be expressed as. Therefore, reception information to If you perform, It can be used as, In addition, in the case of the Qubit Rotation method, since the commutative law holds for the same axis, it can be expressed by the following [Equation 4].

[0695]

[0696] In other words, as a decrypted quantum state, the initial state Regarding the i-th data information can be obtained. Therefore, by measuring the Decrypted quantum state, Decrypted Data d i In the same way, if decryption and quantum state measurement are performed on the Encrypted Data, which is the Decapsulated quantum state of the entire Encapsulated & Encrypted Data, the entire Data can be obtained.

[0697] As mentioned above, when a client receives a QPK packet from a server, QBER (Quantum Bit Error Rate) estimation may be performed to check whether there has been an attack by an attacker on the QPK packet. It is self-evident that this can enhance the security of the Quantum Public Key. Furthermore, it is evident that the signaling for QBER estimation can be encrypted using a Classical Public Key to further strengthen security.

[0698] In the above, the Client may be an NF within any PLMN for the TLS connection. In this case, the Server may be a SEPP within the same PLMN that is the target of the TLS connection.

[0699] In the above, the Client may be a SEPP (or cSEPP) within any PLMN for the TLS connection. In this case, the Server may be a SEPP (or pSEPP) within another PLMN that is the target of the TLS connection.

[0700] Although the TLS method mentioned above was explained in terms of the relationship between a Client and a Server, it is evident that the same method can be applied between nodes of equal standing. For example, with Node A as the Client and Node B as the Server, Encapsulated and Encrypted Data can be exchanged by constructing Quantum Public Key Packets using the same method.

[0701] All general signal information transmitted via the classical channel mentioned above can also be transmitted via the quantum channel. However, unlike information transmitted via the quantum channel, information that can be transmitted via the classical channel may not have requirements for physical security.

[0702] The Classical Public Key System in the TLS based on QPKI System proposed above is not limited to encryption methods based on Public Key Encryption such as RSA (RIVEST-SHAMIR-ADLEMAN) or ECC (Elliptic Curve Cryptography). It is self-evident that the Classical Public Key System in the proposed Quantum Public Key Infrastructure System can correspond to any encryption method utilizing asymmetric keys. For example, it is self-evident that the same method can be applied to encryption methods of Post Quantum Cryptography (PQC), which were developed to counter quantum algorithms.

[0703]

[0704] Effects of various embodiments of the present disclosure

[0705] The expected effects of the various embodiments of the present disclosure are as follows.

[0706] (1) Through a TLS security connection procedure based on QPKI, security information can be configured to be impossible to repeat based on Quantum Public Key, thereby enabling secure communication without leakage of the transmitted message.

[0707] (2) Through the TLS security connection procedure based on QPKI, it is possible to prevent future Plaintext Attacks even against Harvest-Now-Decrypt-Later (HNDL) Attacks by attackers based on the coherence time characteristics of the two.

[0708] (2-1) Even if existing security procedures collapse, there is no leakage of information that has already been communicated due to quantum security.

[0709] (3) Through the TLS security connection procedure based on QPKI, the existing TLS security procedure and the quantum security procedure can be compatible.

[0710]

[0711] The characteristic configurations of various embodiments of the present disclosure are as follows.

[0712] (1) The entire procedure that performs quantum security in addition to the existing TLS security procedure.

[0713] (1-1) A procedure that enables existing TLS and quantum security-based TLS to operate as a single procedure using the Quantum Security Indicator.

[0714] (1-2) Method to Tie Existing TLS Messages and Quantum Security Messages via Synchronization Header

[0715] (1-3) Method for encoding and encapsulating secret information to obtain a master key based on a quantum public key

[0716] (1-4) Method to reward with a Quantum Public Key for Secret Information and Decapsulate a Pre-master Key

[0717] (2) Signal Flow and Packet Design for Each Method

[0718]

[0719] [Explanation regarding the 1st node claim]

[0720] The embodiments described above will be explained in detail below with reference to FIG. 36 regarding the operation of the first node. The methods described below are distinguished only for convenience of explanation, and it is understood that, as long as they are not mutually exclusive, a part of one method may be substituted with a part of another method or combined with one another and applied.

[0721] FIG. 36 is a diagram illustrating an example of the operation process of a first node in a system applicable to the present disclosure.

[0722] According to various embodiments of the present disclosure, a method performed by a first node in a communication system is provided.

[0723] According to various embodiments of the present disclosure, each of the first node and the second node may correspond to either a terminal or a base station in a wireless communication system. According to various embodiments of the present disclosure, the first node may correspond to a client, and the second node may correspond to a server.

[0724] The embodiment of FIG. 36 may further include, prior to step S3601, one or more of the steps of: the first node transmitting one or more synchronization signals to the second node; the first node transmitting system information to the second node; the first node transmitting configuration information to the second node; and the first node transmitting control information to the second node.

[0725] The embodiment of FIG. 36 may further include, prior to step S3601, one or more of the steps of: the first node receiving a random access preamble from the second node; the first node transmitting a random access response (RAR) to the second node; the first node receiving a random access message 3 from the second node; and the first node transmitting a contention resolution message to the second node. Message 3 is the first PUSCH transmission scheduled by the RAR with a RAR UL grant.

[0726] In step S3601, the first node transmits a first hello message to the second node related to the first node's quantum security system support.

[0727] In step S3602, the first node receives a second hello message from the second node related to the second node's quantum security system support.

[0728] In step S3603, the first node receives a server certificate containing the server public key of the second node from the second node via a classical channel.

[0729] In step S3604, the first node receives a QPK packet containing the quantum public key (QPK) of the second node from the second node via a quantum channel.

[0730] In step S3605, the first node transmits a client key exchange message to the second node via the classical channel, the message containing information of the first node's pre-master key.

[0731] In step S3606, the first node transmits a quantum key exchange message containing the quantum key information of the second node to the second node through the quantum channel.

[0732] In step S3607, the first node performs secure communication with the second node based on the master key associated with the quantum key information.

[0733]

[0734] According to various embodiments of the present disclosure, the pre-master key in the client key exchange message may be encrypted based on the server public key.

[0735] According to various embodiments of the present disclosure, the master key may be based on secret key information. The quantum key information may be encoded with respect to a quantum state associated with the quantum public key.

[0736] According to various embodiments of the present disclosure, the quantum key information may be encapsulated based on the pre-master key.

[0737] According to various embodiments of the present disclosure, the server certificate and the QPK packet may include the same synchronization header.

[0738] According to various embodiments of the present disclosure, the QPK packet may be received based on the quantum security system support of the second node indicated by the second hello message. The quantum key exchange message may be transmitted based on the quantum security system support of the second node indicated by the second hello message.

[0739] According to various embodiments of the present disclosure, the quantum security system support of the second node may be based on the quantum security system support of the first node indicated by the first hello message.

[0740]

[0741] According to various embodiments of the present disclosure, a first node is provided in a communication system. The first node includes a transceiver and at least one processor, and the at least one processor may be configured to perform a method of operation of the first node according to FIG. 36.

[0742]

[0743] According to various embodiments of the present disclosure, an apparatus for controlling a first node in a communication system is provided. The apparatus comprises at least one processor and at least one memory operably connected to the at least one processor. The at least one memory may be configured to store instructions for performing a method of operation of the first node according to FIG. 36 based on execution by the at least one processor.

[0744]

[0745] According to various embodiments of the present disclosure, one or more non-transitory computer readable media (CRMs) storing one or more instructions are provided. The one or more instructions perform operations based on execution by one or more processors, and the operations may include a method of operation of a first node according to FIG. 36.

[0746]

[0747] [Explanation regarding the 2nd node claim]

[0748] The embodiments described above will be explained in detail below with reference to FIG. 37 regarding the operation of the second node. The methods described below are distinguished only for convenience of explanation, and it is obvious that as long as they are not mutually excluded, a part of one method may be substituted with a part of another method or combined with one another and applied.

[0749] FIG. 37 is a diagram illustrating an example of the operation process of a second node in a system applicable to the present disclosure.

[0750] According to various embodiments of the present disclosure, a method performed by a second node in a communication system is provided.

[0751] According to various embodiments of the present disclosure, each of the first node and the second node may correspond to either a terminal or a base station in a wireless communication system. According to various embodiments of the present disclosure, the first node may correspond to a client, and the second node may correspond to a server.

[0752] The embodiment of FIG. 37 may further include, prior to step S3701, one or more of the steps of: the second node receiving one or more synchronization signals from the first node; the second node receiving system information from the first node; the second node receiving configuration information from the first node; and the second node receiving control information from the first node.

[0753] The embodiment of FIG. 37 may further include, prior to step S3701, one or more of the steps of: the second node transmitting a random access preamble to the first node; the second node receiving a random access response (RAR) from the first node; the second node transmitting a random access message 3 to the first node; and the second node receiving a contention resolution message from the first node. Message 3 is the first PUSCH transmission scheduled by the RAR with a RAR UL grant.

[0754] In step S3701, the second node receives a first hello message from the first node related to the quantum security system support of the first node.

[0755] In step S3702, the second node transmits a second hello message to the second node related to the second node's quantum security system support.

[0756] In step S3703, the second node transmits a server certificate containing the second node's server public key to the first node via a classical channel.

[0757] In step S3704, the second node transmits a QPK packet containing the second node's quantum public key (QPK) to the first node via a quantum channel.

[0758] In step S3705, the second node receives a client key exchange message from the first node via the classical channel containing information of the first node's pre-master key.

[0759] In step S3706, the second node receives a quantum key exchange message from the first node through the quantum channel that includes the quantum key information of the second node.

[0760] In step S3707, the second node performs secure communication with the first node based on the master key associated with the quantum key information.

[0761]

[0762] According to various embodiments of the present disclosure, the pre-master key in the client key exchange message may be encrypted based on the server public key.

[0763] According to various embodiments of the present disclosure, the master key may be based on secret key information. The quantum key information may be encoded with respect to a quantum state associated with the quantum public key.

[0764] According to various embodiments of the present disclosure, the quantum key information may be encapsulated based on the pre-master key.

[0765] According to various embodiments of the present disclosure, the server certificate and the QPK packet may include the same synchronization header.

[0766] According to various embodiments of the present disclosure, the QPK packet may be transmitted based on the quantum security system support of the second node indicated by the second hello message. The quantum key exchange message may be received based on the quantum security system support of the second node indicated by the second hello message.

[0767] According to various embodiments of the present disclosure, the quantum security system support of the second node may be based on the quantum security system support of the first node indicated by the first hello message.

[0768]

[0769] According to various embodiments of the present disclosure, a second node is provided in a communication system. The second node includes a transceiver and at least one processor, and the at least one processor may be configured to perform the operation method of the second node according to FIG. 37.

[0770]

[0771] According to various embodiments of the present disclosure, an apparatus for controlling a first node in a communication system is provided. The apparatus comprises at least one processor and at least one memory operably connected to the at least one processor. The at least one memory may be configured to store instructions for performing a method of operation of a second node according to FIG. 37 based on execution by the at least one processor.

[0772]

[0773] According to various embodiments of the present disclosure, one or more non-transitory computer-readable media (CRMs) storing one or more instructions are provided. The one or more instructions perform operations based on execution by one or more processors, and the operations may include a method of operation of a second node according to FIG. 37.

[0774]

[0775] Communication systems applicable to the present disclosure

[0776] FIG. 38 illustrates a communication system (1) applicable to various embodiments of the present disclosure.

[0777] Referring to FIG. 38, a communication system (1) applicable to various embodiments of the present disclosure includes a wireless device, a base station, and a network. Here, the wireless device refers to a device that performs communication using wireless access technology (e.g., 5G NR (New RAT), LTE (Long Term Evolution), 6G wireless communication) and may be referred to as a communication / wireless / 5G device / 6G device. Although not limited thereto, the wireless device may include a robot (100a), a vehicle (100b-1, 100b-2), an XR (eXtended Reality) device (100c), a hand-held device (100d), a home appliance (100e), an IoT (Internet of Thing) device (100f), and an AI device / server (400). For example, the vehicle may include a vehicle equipped with wireless communication capabilities, an autonomous vehicle, a vehicle capable of performing inter-vehicle communication, etc. Here, the vehicle may include an Unmanned Aerial Vehicle (UAV) (e.g., a drone). XR devices include AR (Augmented Reality) / VR (Virtual Reality) / MR (Mixed Reality) devices and can be implemented in the form of HMDs (Head-Mounted Devices), HUDs (Head-Up Displays) equipped in vehicles, televisions, smartphones, computers, wearable devices, home appliances, digital signage, vehicles, robots, etc. Portable devices may include smartphones, smartpads, wearable devices (e.g., smartwatches, smart glasses), computers (e.g., laptops, etc.). Home appliances may include TVs, refrigerators, washing machines, etc. IoT devices may include sensors, smart meters, etc. For example, base stations and networks may be implemented as wireless devices, and a specific wireless device (200a) may operate as a base station / network node to other wireless devices.

[0778] Wireless devices (100a to 100f) can be connected to a network (300) through a base station (200). Artificial Intelligence (AI) technology may be applied to the wireless devices (100a to 100f), and the wireless devices (100a to 100f) can be connected to an AI server (400) through the network (300). The network (300) can be configured using a 3G network, a 4G (e.g., LTE) network, a 5G (e.g., NR) network, or a 6G network. The wireless devices (100a to 100f) may communicate with each other through the base station (200) / network (300), but they may also communicate directly (e.g., sidelink communication) without going through the base station / network. For example, vehicles (100b-1, 100b-2) can communicate directly (e.g., V2V (Vehicle to Vehicle) / V2X (Vehicle to everything) communication). Also, IoT devices (e.g., sensors) can communicate directly with other IoT devices (e.g., sensors) or other wireless devices (100a to 100f).

[0779] Wireless communication / connection (150a, 150b, 150c) can be established between wireless devices (100a~100f) / base station (200) and base station (200) / base station (200). Here, wireless communication / connection can be achieved through various wireless access technologies (e.g., 5G NR), such as uplink / downlink communication (150a), sidelink communication (150b) (or D2D communication), and inter-base station communication (150c) (e.g., relay, IAB (Integrated Access Backhaul)). Through wireless communication / connection (150a, 150b, 150c), wireless devices and base stations / wireless devices, and base stations and base stations can transmit / receive wireless signals to / from each other. For example, wireless communication / connection (150a, 150b, 150c) can transmit / receive signals through various physical channels. To this end, based on various proposals of various embodiments of the present disclosure, at least some of the following may be performed: various configuration information setting processes for transmitting / receiving wireless signals, various signal processing processes (e.g., channel encoding / decoding, modulation / demodulation, resource mapping / demapping, etc.), resource allocation processes, etc.

[0780] Meanwhile, NR supports multiple numerologies (or subcarrier spacing (SCS)) to support various 5G services. For example, when the SCS is 15 kHz, it supports a wide area in traditional cellular bands; when the SCS is 30 kHz / 60 kHz, it supports dense-urban, lower latency, and wider carrier bandwidth; and when the SCS is 60 kHz or higher, it supports a bandwidth greater than 24.25 GHz to overcome phase noise.

[0781] The NR frequency band can be defined by two types of frequency ranges (FR1, FR2). The numerical values ​​of the frequency ranges may change, for example, the frequency ranges of the two types (FR1, FR2) may be as shown in Table 5 below. For convenience of explanation, among the frequency ranges used in the NR system, FR1 may mean "sub 6GHz range" and FR2 may mean "above 6GHz range" and may be referred to as millimeter wave (mmW).

[0782]

[0783] Frequency Range designationCorresponding frequency rangeSubcarrier SpacingFR1450MHz-6000MHz15, 30, 60kHzFR224250MHz-52600MHz60, 120, 240kHz

[0784]

[0785] As described above, the numerical value of the frequency range of the NR system may change. For example, FR1 may include a band of 410 MHz to 7125 MHz as shown in Table 6 below. That is, FR1 may include a frequency band of 6 GHz (or 5850, 5900, 5925 MHz, etc.) or higher. For example, the frequency band of 6 GHz (or 5850, 5900, 5925 MHz, etc.) or higher included within FR1 may include an unlicensed band. The unlicensed band may be used for various purposes, for example, for communication for vehicles (e.g., autonomous driving).

[0786] Frequency Range designationCorresponding frequency rangeSubcarrier SpacingFR141MHz-7125MHz15, 30, 60kHzFR224250MHz-52600MHz60, 120, 240kHz

[0787] According to various embodiments of the present disclosure, the communication system (1) may support terahertz (THz) wireless communication. THz wireless communication is wireless communication using THz waves having a frequency of approximately 0.1 to 10 THz (1 THz = 10¹² Hz), and may refer to terahertz (THz) band wireless communication using a very high carrier frequency of 100 GHz or higher. The frequency band expected to be used for THz wireless communication may be a D-band (110 GHz to 170 GHz) or H-band (220 GHz to 325 GHz) band, which has low propagation loss due to molecular absorption in the air.

[0788]

[0789] Wireless devices applicable to the present disclosure

[0790] Hereinafter, examples of wireless devices to which various embodiments of the present disclosure are applied will be described.

[0791] FIG. 39 illustrates a wireless device that can be applied to various embodiments of the present disclosure.

[0792] Referring to FIG. 39, the first wireless device (100) and the second wireless device (200) can transmit and receive wireless signals through various wireless access technologies (e.g., LTE, NR). Here, {the first wireless device (100), the second wireless device (200)} may correspond to {wireless device (100x), base station (200)} and / or {wireless device (100x), wireless device (100x)} of FIG. 38.

[0793] The first wireless device (100) includes one or more processors (102) and one or more memories (104), and may additionally include one or more transceivers (106) and / or one or more antennas (108). The processor (102) controls the memory (104) and / or transceivers (106) and may be configured to implement the descriptions, functions, procedures, proposals, methods and / or operation sequences disclosed herein. For example, the processor (102) may process information within the memory (104) to generate a first information / signal and then transmit a wireless signal containing the first information / signal through the transceiver (106). Additionally, the processor (102) may receive a wireless signal containing a second information / signal through the transceiver (106) and then store information obtained from the signal processing of the second information / signal in the memory (104). The memory (104) may be connected to the processor (102) and may store various information related to the operation of the processor (102). For example, the memory (104) may store software code containing instructions for performing some or all of the processes controlled by the processor (102) or for performing the descriptions, functions, procedures, proposals, methods, and / or operation sequence diagrams disclosed in this document. Here, the processor (102) and the memory (104) may be part of a communication modem / circuit / chip designed to implement wireless communication technology (e.g., LTE, NR). The transceiver (106) may be connected to the processor (102) and may transmit and / or receive wireless signals through one or more antennas (108). The transceiver (106) may include a transmitter and / or receiver. The transceiver (106) may be combined with an RF (Radio Frequency) unit. In various embodiments of the present disclosure, the wireless device may refer to a communication modem / circuit / chip.

[0794] The second wireless device (200) includes one or more processors (202) and one or more memories (204), and may additionally include one or more transceivers (206) and / or one or more antennas (208). The processor (202) controls the memory (204) and / or transceivers (206) and may be configured to implement the descriptions, functions, procedures, proposals, methods and / or operation sequences disclosed in this document. For example, the processor (202) may process information within the memory (204) to generate a third information / signal and then transmit a wireless signal containing the third information / signal through the transceiver (206). Additionally, the processor (202) may receive a wireless signal containing a fourth information / signal through the transceiver (206) and then store information obtained from the signal processing of the fourth information / signal in the memory (204). Memory (204) may be connected to the processor (202) and may store various information related to the operation of the processor (202). For example, memory (204) may store software code containing instructions for performing some or all of the processes controlled by the processor (202) or for performing the descriptions, functions, procedures, proposals, methods, and / or sequences of operation disclosed in this document. Here, the processor (202) and memory (204) may be part of a communication modem / circuit / chip designed to implement wireless communication technology (e.g., LTE, NR). A transceiver (206) may be connected to the processor (202) and may transmit and / or receive wireless signals through one or more antennas (208). The transceiver (206) may include a transmitter and / or receiver. The transceiver (206) may be interchangeable with an RF unit. In various embodiments of this disclosure, a wireless device may refer to a communication modem / circuit / chip.

[0795] Hereinafter, hardware elements of the wireless device (100, 200) will be described in more detail. Although not limited thereto, one or more protocol layers may be implemented by one or more processors (102, 202). For example, one or more processors (102, 202) may implement one or more layers (e.g., functional layers such as PHY, MAC, RLC, PDCP, RRC, SDAP). One or more processors (102, 202) may generate one or more Protocol Data Units (PDUs) and / or Service Data Units (SDUs) according to the descriptions, functions, procedures, proposals, methods, and / or flowcharts of operation disclosed in this document. One or more processors (102, 202) may generate messages, control information, data, or information according to the descriptions, functions, procedures, proposals, methods, and / or flowcharts of operation disclosed in this document. One or more processors (102, 202) may generate a signal (e.g., baseband signal) containing a PDU, SDU, message, control information, data, or information according to the functions, procedures, proposals, and / or methods disclosed in this document and provide it to one or more transceivers (106, 206). One or more processors (102, 202) may receive a signal (e.g., baseband signal) from one or more transceivers (106, 206) and may obtain a PDU, SDU, message, control information, data, or information according to the descriptions, functions, procedures, proposals, methods, and / or flowcharts disclosed in this document.

[0796] One or more processors (102, 202) may be referred to as a controller, microcontroller, microprocessor, or microcomputer. One or more processors (102, 202) may be implemented by hardware, firmware, software, or a combination thereof. For example, one or more Application Specific Integrated Circuits (ASICs), one or more Digital Signal Processors (DSPs), one or more Digital Signal Processing Devices (DSPDs), one or more Programmable Logic Devices (PLDs), or one or more Field Programmable Gate Arrays (FPGAs) may be included in one or more processors (102, 202). The descriptions, functions, procedures, proposals, methods, and / or flowcharts disclosed in this document may be implemented using firmware or software, and the firmware or software may be implemented to include modules, procedures, functions, etc. Firmware or software configured to perform the descriptions, functions, procedures, proposals, methods, and / or operation sequences disclosed in this document may be contained in one or more processors (102, 202) or stored in one or more memories (104, 204) and driven by one or more processors (102, 202). The descriptions, functions, procedures, proposals, methods, and / or operation sequences disclosed in this document may be implemented using firmware or software in the form of code, instructions, and / or sets of instructions.

[0797] One or more memories (104, 204) may be connected to one or more processors (102, 202) and may store various forms of data, signals, messages, information, programs, codes, instructions, and / or commands. One or more memories (104, 204) may be composed of ROM, RAM, EPROM, flash memory, hard drive, registers, cache memory, computer read storage media, and / or combinations thereof. One or more memories (104, 204) may be located inside and / or outside of one or more processors (102, 202). Additionally, one or more memories (104, 204) may be connected to one or more processors (102, 202) through various technologies such as wired or wireless connections.

[0798] One or more transceivers (106, 206) may transmit user data, control information, wireless signals / channels, etc., as mentioned in the methods and / or operation flowcharts, etc., of this document to one or more other devices. One or more transceivers (106, 206) may receive user data, control information, wireless signals / channels, etc., as mentioned in the descriptions, functions, procedures, proposals, methods and / or operation flowcharts, etc., disclosed in this document from one or more other devices. For example, one or more transceivers (106, 206) may be connected to one or more processors (102, 202) and may transmit and receive wireless signals. For example, one or more processors (102, 202) may control one or more transceivers (106, 206) to transmit user data, control information, or wireless signals to one or more other devices. Additionally, one or more processors (102, 202) may control one or more transceivers (106, 206) to receive user data, control information, or wireless signals from one or more other devices. Additionally, one or more transceivers (106, 206) may be connected to one or more antennas (108, 208), and one or more transceivers (106, 206) may be configured to transmit and receive user data, control information, wireless signals / channels, etc., as described in the descriptions, functions, procedures, proposals, methods, and / or flowcharts of operation disclosed in this document through one or more antennas (108, 208). In this document, one or more antennas may be multiple physical antennas or multiple logical antennas (e.g., antenna ports). One or more transceivers (106, 206) can convert the received wireless signal / channel, etc. from an RF band signal to a baseband signal in order to process the received user data, control information, wireless signal / channel, etc. using one or more processors (102, 202).One or more transceivers (106, 206) can convert user data, control information, wireless signals / channels, etc. processed using one or more processors (102, 202) from baseband signals to RF band signals. To this end, one or more transceivers (106, 206) may include (analog) oscillators and / or filters.

[0799] FIG. 40 illustrates another example of a wireless device that can be applied to various embodiments of the present disclosure.

[0800] According to FIG. 40, the wireless device may include at least one processor (102, 202), at least one memory (104, 204), at least one transceiver (106, 206), and one or more antennas (108, 208).

[0801] The difference between the example of the wireless device described in FIG. 39 and the example of the wireless device in FIG. 40 is that in FIG. 39, the processor (102, 202) and the memory (104, 204) are separated, whereas in the example of FIG. 40, the memory (104, 204) is included in the processor (102, 202).

[0802] Here, since the specific descriptions of the processor (102, 202), memory (104, 204), transceiver (106, 206), and one or more antennas (108, 208) are as described above, the descriptions of the repeated descriptions will be omitted to avoid unnecessary repetition of descriptions.

[0803] Hereinafter, examples of signal processing circuits to which various embodiments of the present disclosure are applied are described.

[0804] FIG. 41 illustrates a signal processing circuit for a transmission signal.

[0805] Referring to FIG. 41, the signal processing circuit (1000) may include a scrambler (1010), a modulator (1020), a layer mapper (1030), a precoder (1040), a resource mapper (1050), and a signal generator (1060). Although not limited thereto, the operation / function of FIG. 41 may be performed in the processor (102, 202) and / or transceiver (106, 206) of FIG. 39. The hardware elements of FIG. 41 may be implemented in the processor (102, 202) and / or transceiver (106, 206) of FIG. 39. For example, blocks 1010 through 1060 may be implemented in the processor (102, 202) of FIG. 39. Additionally, blocks 1010 to 1050 may be implemented in the processor (102, 202) of FIG. 39, and block 1060 may be implemented in the transceiver (106, 206) of FIG. 39.

[0806] The codeword can be converted into a wireless signal through the signal processing circuit (1000) of FIG. 41. Here, the codeword is an encoded bit sequence of an information block. The information block may include a transmission block (e.g., UL-SCH transmission block, DL-SCH transmission block). The wireless signal can be transmitted through various physical channels (e.g., PUSCH, PDSCH).

[0807] Specifically, a codeword can be converted into a scrambled bit sequence by a scrambler (1010). The scrambled sequence used for scrambling is generated based on an initialization value, which may include ID information of a wireless device, etc. The scrambled bit sequence can be modulated into a modulation symbol sequence by a modulator (1020). The modulation method may include pi / 2-BPSK (pi / 2-Binary Phase Shift Keying), m-PSK (m-Phase Shift Keying), m-QAM (m-Quadrature Amplitude Modulation), etc. The complex modulation symbol sequence can be mapped to one or more transmission layers by a layer mapper (1030). The modulation symbols of each transmission layer can be mapped to the corresponding antenna port(s) by a precoder (1040) (precoding). The output z of the precoder (1040) can be obtained by multiplying the output y of the layer mapper (1030) by an N*M precoding matrix W. Here, N is the number of antenna ports and M is the number of transmission layers. Here, the precoder (1040) can perform precoding after performing transform precoding (e.g., DFT transform) on the complex modulation symbols. Additionally, the precoder (1040) can perform precoding without performing transform precoding.

[0808] A resource mapper (1050) can map the modulation symbols of each antenna port to a time-frequency resource. The time-frequency resource may include multiple symbols (e.g., CP-OFDMA symbols, DFT-s-OFDMA symbols) in the time domain and multiple subcarriers in the frequency domain. A signal generator (1060) generates a radio signal from the mapped modulation symbols, and the generated radio signal can be transmitted to another device through each antenna. To this end, the signal generator (1060) may include an Inverse Fast Fourier Transform (IFFT) module, a Cyclic Prefix (CP) inserter, a Digital-to-Analog Converter (DAC), a frequency uplink converter, etc.

[0809] The signal processing process for a received signal in a wireless device can be configured as the inverse of the signal processing process (1010–1060) of FIG. 41. For example, a wireless device (e.g., 100, 200 in FIG. 39) can receive a wireless signal from the outside through an antenna port / transceiver. The received wireless signal can be converted into a baseband signal through a signal restorer. To this end, the signal restorer may include a frequency downlink converter, an analog-to-digital converter (ADC), a CP remover, and a Fast Fourier Transform (FFT) module. Subsequently, the baseband signal can be restored into a codeword through a resource de-mapper process, a postcoding process, a demodulation process, and a de-scrambling process. The codeword can be restored into the original information block through decoding. Accordingly, a signal processing circuit (not shown) for a received signal may include a signal restorer, a resource de-mapper, a postcoder, a demodulator, a de-scrambler, and a decoder.

[0810] Hereinafter, examples of wireless device applications to which various embodiments of the present disclosure are applied will be described.

[0811] FIG. 42 illustrates another example of a wireless device applicable to various embodiments of the present disclosure. The wireless device may be implemented in various forms depending on the use-example / service (see FIG. 38).

[0812] Referring to FIG. 42, the wireless device (100, 200) corresponds to the wireless device (100, 200) of FIG. 39 and may be composed of various elements, components, units / parts, and / or modules. For example, the wireless device (100, 200) may include a communication unit (110), a control unit (120), a memory unit (130), and additional elements (140). The communication unit may include a communication circuit (112) and transceiver(s) (114). For example, the communication circuit (112) may include one or more processors (102, 202) and / or one or more memories (104, 204) of FIG. 39. For example, the transceiver(s) (114) may include one or more transceivers (106, 206) and / or one or more antennas (108, 208) of FIG. 39. The control unit (120) is electrically connected to the communication unit (110), the memory unit (130), and additional elements (140) and controls the general operation of the wireless device. For example, the control unit (120) may control the electrical / mechanical operation of the wireless device based on a program / code / command / information stored in the memory unit (130). Additionally, the control unit (120) may transmit information stored in the memory unit (130) to an external (e.g., another communication device) via a wireless / wired interface through the communication unit (110), or store information received from an external (e.g., another communication device) via a wireless / wired interface through the communication unit (110) in the memory unit (130).

[0813] The additional element (140) can be configured in various ways depending on the type of wireless device. For example, the additional element (140) may include at least one of a power unit / battery, an input / output unit (I / O unit), a driving unit, and a computing unit. Although not limited thereto, the wireless device may be implemented in the form of a robot (Fig. 38, 100a), a vehicle (Fig. 38, 100b-1, 100b-2), an XR device (Fig. 38, 100c), a portable device (Fig. 38, 100d), a home appliance (Fig. 38, 100e), an IoT device (Fig. 38, 100f), a digital broadcasting terminal, a hologram device, a public safety device, an MTC device, a medical device, a fintech device (or financial device), a security device, a climate / environment device, an AI server / device (Fig. 38, 400), a base station (Fig. 38, 200), a network node, etc. Wireless devices can be used in a movable or fixed location depending on the use—e.g., service.

[0814] In FIG. 42, various elements, components, units / parts, and / or modules within the wireless device (100, 200) may be entirely interconnected via a wired interface, or at least partially connected via a communication unit (110). For example, within the wireless device (100, 200), the control unit (120) and the communication unit (110) may be connected via a wire, and the control unit (120) and the first unit (e.g., 130, 140) may be connected wirelessly via the communication unit (110). Additionally, each element, component, unit / part, and / or module within the wireless device (100, 200) may include one or more additional elements. For example, the control unit (120) may be composed of one or more sets of processors. For example, the control unit (120) may be composed of a set of a communication control processor, an application processor, an Electronic Control Unit (ECU), a graphics processing processor, a memory control processor, etc. As another example, the memory unit (130) may be composed of RAM (Random Access Memory), DRAM (Dynamic RAM), ROM (Read Only Memory), flash memory, volatile memory, non-volatile memory and / or a combination thereof.

[0815] Hereinafter, an implementation example of FIG. 42 will be described in more detail with reference to the drawings.

[0816] FIG. 43 illustrates a portable device applicable to various embodiments of the present disclosure. The portable device may include a smartphone, a smartpad, a wearable device (e.g., a smartwatch, smart glasses), a portable computer (e.g., a laptop, etc.). The portable device may be referred to as an MS (Mobile Station), UT (user terminal), MSS (Mobile Subscriber Station), SS (Subscriber Station), AMS (Advanced Mobile Station), or WT (Wireless terminal).

[0817] Referring to FIG. 43, the portable device (100) may include an antenna unit (108), a communication unit (110), a control unit (120), a memory unit (130), a power supply unit (140a), an interface unit (140b), and an input / output unit (140c). The antenna unit (108) may be configured as part of the communication unit (110). Blocks 110 to 130 / 140a to 140c each correspond to blocks 110 to 130 / 140 of FIG. 42.

[0818] The communication unit (110) can transmit and receive signals (e.g., data, control signals, etc.) with other wireless devices and base stations. The control unit (120) can control the components of the portable device (100) to perform various operations. The control unit (120) may include an AP (Application Processor). The memory unit (130) can store data / parameters / programs / code / commands required for the operation of the portable device (100). Additionally, the memory unit (130) can store input / output data / information, etc. The power supply unit (140a) supplies power to the portable device (100) and may include wired / wireless charging circuits, batteries, etc. The interface unit (140b) can support the connection between the portable device (100) and other external devices. The interface unit (140b) may include various ports (e.g., audio input / output ports, video input / output ports) for connection with external devices. The input / output unit (140c) can receive or output video information / signals, audio information / signals, data, and / or information input by a user. The input / output unit (140c) may include a camera, a microphone, a user input unit, a display unit (140d), a speaker and / or a haptic module, etc.

[0819] For example, in the case of data communication, the input / output unit (140c) acquires information / signals (e.g., touch, text, voice, image, video) input from the user, and the acquired information / signals can be stored in the memory unit (130). The communication unit (110) converts the information / signals stored in the memory into wireless signals and can directly transmit the converted wireless signals to another wireless device or to a base station. Additionally, the communication unit (110) can receive wireless signals from another wireless device or base station and then restore the received wireless signals to their original information / signals. The restored information / signals can be stored in the memory unit (130) and then output in various forms (e.g., text, voice, image, video, haptic) through the input / output unit (140c).

[0820] FIG. 44 illustrates a vehicle or autonomous vehicle applicable to various embodiments of the present disclosure.

[0821] Vehicles or autonomous vehicles can be implemented as mobile robots, vehicles, trains, manned or unmanned aerial vehicles (AVs), ships, etc.

[0822] Referring to FIG. 44, a vehicle or autonomous vehicle (100) may include an antenna unit (108), a communication unit (110), a control unit (120), a driving unit (140a), a power supply unit (140b), a sensor unit (140c), and an autonomous driving unit (140d). The antenna unit (108) may be configured as part of the communication unit (110). Blocks 110 / 130 / 140a to 140d correspond to blocks 110 / 130 / 140 of FIG. 42, respectively.

[0823] The communication unit (110) can transmit and receive signals (e.g., data, control signals, etc.) with external devices such as other vehicles, base stations (e.g., base stations, roadside base stations (Roadside units), etc.), and servers. The control unit (120) can perform various operations by controlling elements of the vehicle or autonomous vehicle (100). The control unit (120) may include an Electronic Control Unit (ECU). The driving unit (140a) can drive the vehicle or autonomous vehicle (100) on the ground. The driving unit (140a) may include an engine, motor, power train, wheels, brakes, steering device, etc. The power supply unit (140b) supplies power to the vehicle or autonomous vehicle (100) and may include wired / wireless charging circuits, batteries, etc. The sensor unit (140c) can obtain vehicle status, surrounding environment information, user information, etc. The sensor unit (140c) may include an IMU (inertial measurement unit) sensor, a collision sensor, a wheel sensor, a speed sensor, an inclination sensor, a weight detection sensor, a heading sensor, a position module, a vehicle forward / reverse sensor, a battery sensor, a fuel sensor, a tire sensor, a steering sensor, a temperature sensor, a humidity sensor, an ultrasonic sensor, an illuminance sensor, a pedal position sensor, etc. The autonomous driving unit (140d) may implement technologies such as maintaining the driving lane, technologies for automatically adjusting speed such as adaptive cruise control, technologies for automatically driving along a predetermined path, and technologies for automatically setting a path and driving when a destination is set.

[0824] For example, the communication unit (110) can receive map data, traffic information data, etc. from an external server. The autonomous driving unit (140d) can generate an autonomous driving path and a driving plan based on the acquired data. The control unit (120) can control the drive unit (140a) so that the vehicle or the autonomous vehicle (100) moves along the autonomous driving path according to the driving plan (e.g., speed / direction control). During autonomous driving, the communication unit (110) can acquire the latest traffic information data from an external server non-periodically and can acquire surrounding traffic information data from surrounding vehicles. Additionally, during autonomous driving, the sensor unit (140c) can acquire vehicle status and surrounding environment information. The autonomous driving unit (140d) can update the autonomous driving path and the driving plan based on the newly acquired data / information. The communication unit (110) can transmit information regarding the vehicle location, autonomous driving path, driving plan, etc. to an external server. An external server can predict traffic information data in advance using AI technology, etc., based on information collected from vehicles or autonomous vehicles, and can provide the predicted traffic information data to vehicles or autonomous vehicles.

[0825] FIG. 45 illustrates a vehicle applicable to various embodiments of the present disclosure. The vehicle may also be implemented as a means of transport, a train, an aircraft, a ship, etc.

[0826] Referring to FIG. 45, the vehicle (100) may include a communication unit (110), a control unit (120), a memory unit (130), an input / output unit (140a), and a position measuring unit (140b). Here, blocks 110 to 130 / 140a to 140b correspond to blocks 110 to 130 / 140 of FIG. 42, respectively.

[0827] The communication unit (110) can transmit and receive signals (e.g., data, control signals, etc.) with external devices such as other vehicles or base stations. The control unit (120) can control the components of the vehicle (100) to perform various operations. The memory unit (130) can store data / parameters / programs / codes / commands that support various functions of the vehicle (100). The input / output unit (140a) can output AR / VR objects based on information within the memory unit (130). The input / output unit (140a) may include a HUD. The position measurement unit (140b) can acquire position information of the vehicle (100). The position information may include absolute position information of the vehicle (100), position information within the driving line, acceleration information, position information relative to surrounding vehicles, etc. The position measurement unit (140b) may include GPS and various sensors.

[0828] For example, the communication unit (110) of the vehicle (100) can receive map information, traffic information, etc. from an external server and store it in the memory unit (130). The location measurement unit (140b) can acquire vehicle location information through GPS and various sensors and store it in the memory unit (130). The control unit (120) creates a virtual object based on map information, traffic information, and vehicle location information, etc., and the input / output unit (140a) can display the created virtual object on the glass window inside the vehicle (1410, 1420). In addition, the control unit (120) can determine whether the vehicle (100) is operating normally within the driving line based on the vehicle location information. If the vehicle (100) deviates abnormally from the driving line, the control unit (120) can display a warning on the glass window inside the vehicle through the input / output unit (140a). Additionally, the control unit (120) can broadcast a warning message regarding a driving abnormality to surrounding vehicles through the communication unit (110). Depending on the situation, the control unit (120) can transmit the vehicle's location information and information regarding the driving / vehicle abnormality to relevant authorities through the communication unit (110).

[0829] FIG. 46 illustrates an XR device applicable to various embodiments of the present disclosure. The XR device may be implemented as an HMD, a Head-Up Display (HUD) equipped in a vehicle, a television, a smartphone, a computer, a wearable device, a home appliance, digital signage, a vehicle, a robot, etc.

[0830] Referring to FIG. 46, the XR device (100a) may include a communication unit (110), a control unit (120), a memory unit (130), an input / output unit (140a), a sensor unit (140b), and a power supply unit (140c). Here, blocks 110 to 130 / 140a to 140c correspond to blocks 110 to 130 / 140 of FIG. 42, respectively.

[0831] The communication unit (110) can transmit and receive signals (e.g., media data, control signals, etc.) with external devices such as other wireless devices, mobile devices, or media servers. The media data may include video, images, sound, etc. The control unit (120) can perform various operations by controlling the components of the XR device (100a). For example, the control unit (120) may be configured to control and / or perform procedures such as video / image acquisition, (video / image) encoding, metadata generation, and processing. The memory unit (130) may store data / parameters / programs / codes / commands required for driving the XR device (100a) or creating an XR object. The input / output unit (140a) acquires control information, data, etc. from the outside and can output the created XR object. The input / output unit (140a) may include a camera, microphone, user input unit, display unit, speaker and / or haptic module, etc. The sensor unit (140b) can obtain XR device status, surrounding environment information, user information, etc. The sensor unit (140b) may include a proximity sensor, an illuminance sensor, an accelerometer, a magnetic sensor, a gyroscope, an inertial sensor, an RGB sensor, an IR sensor, a fingerprint recognition sensor, an ultrasonic sensor, a light sensor, a microphone and / or radar, etc. The power supply unit (140c) supplies power to the XR device (100a) and may include a wired / wireless charging circuit, a battery, etc.

[0832] For example, the memory unit (130) of the XR device (100a) may contain information (e.g., data, etc.) necessary for creating an XR object (e.g., AR / VR / MR object). The input / output unit (140a) may receive a command to operate the XR device (100a) from the user, and the control unit (120) may operate the XR device (100a) according to the user's operation command. For example, if the user intends to watch movies, news, etc. through the XR device (100a), the control unit (120) may transmit content request information to another device (e.g., mobile device (100b)) or a media server through the communication unit (130). The communication unit (130) may download / stream content such as movies, news, etc. from another device (e.g., mobile device (100b)) or a media server to the memory unit (130). The control unit (120) controls and / or performs procedures such as video / image acquisition, (video / image) encoding, and metadata generation / processing for the content, and can generate / output an XR object based on information about the surrounding space or real object acquired through the input / output unit (140a) / sensor unit (140b).

[0833] Additionally, the XR device (100a) is wirelessly connected to the mobile device (100b) through the communication unit (110), and the operation of the XR device (100a) can be controlled by the mobile device (100b). For example, the mobile device (100b) can act as a controller for the XR device (100a). To this end, the XR device (100a) can acquire three-dimensional position information of the mobile device (100b), and then generate and output an XR object corresponding to the mobile device (100b).

[0834] FIG. 47 illustrates a robot applicable to various embodiments of the present disclosure. Robots may be classified into industrial, medical, domestic, military, etc., depending on the purpose or field of use.

[0835] Referring to FIG. 47, the robot (100) may include a communication unit (110), a control unit (120), a memory unit (130), an input / output unit (140a), a sensor unit (140b), and a driving unit (140c). Here, blocks 110 to 130 / 140a to 140c correspond to blocks 110 to 130 / 140 of FIG. 42, respectively.

[0836] The communication unit (110) can transmit and receive signals (e.g., driving information, control signals, etc.) with external devices such as other wireless devices, other robots, or control servers. The control unit (120) can control the components of the robot (100) to perform various operations. The memory unit (130) can store data / parameters / programs / codes / commands that support various functions of the robot (100). The input / output unit (140a) can acquire information from outside the robot (100) and output information to outside the robot (100). The input / output unit (140a) may include a camera, microphone, user input unit, display unit, speaker and / or haptic module, etc. The sensor unit (140b) can obtain internal information of the robot (100), surrounding environment information, user information, etc. The sensor unit (140b) may include a proximity sensor, an illuminance sensor, an accelerometer, a magnetic sensor, a gyroscope, an inertial sensor, an IR sensor, a fingerprint recognition sensor, an ultrasonic sensor, a light sensor, a microphone, a radar, etc. The driving unit (140c) may perform various physical movements, such as moving robot joints. Additionally, the driving unit (140c) may enable the robot (100) to travel on the ground or fly in the air. The driving unit (140c) may include an actuator, a motor, a wheel, a brake, a propeller, etc.

[0837] FIG. 48 illustrates an AI device applied to various embodiments of the present disclosure.

[0838] AI devices can be implemented as stationary devices or mobile devices, such as TVs, projectors, smartphones, PCs, laptops, digital broadcasting terminals, tablet PCs, wearable devices, set-top boxes (STBs), radios, washing machines, refrigerators, digital signage, robots, vehicles, etc.

[0839] Referring to FIG. 48, the AI ​​device (100) may include a communication unit (110), a control unit (120), a memory unit (130), an input / output unit (140a / 140b), a learning processor unit (140c), and a sensor unit (140d). Blocks 110 to 130 / 140a to 140d correspond to blocks 110 to 130 / 140 of FIG. 42, respectively.

[0840] The communication unit (110) can transmit and receive wired and wireless signals (e.g., sensor information, user input, learning model, control signal, etc.) with external devices such as other AI devices (e.g., f. W1, 100x, 200, 400) or an AI server (200) using wired and wireless communication technology. To do this, the communication unit (110) can transmit information within the memory unit (130) to an external device or transmit signals received from an external device to the memory unit (130).

[0841] The control unit (120) can determine at least one executable operation of the AI ​​device (100) based on information determined or generated using a data analysis algorithm or a machine learning algorithm. The control unit (120) can perform the determined operation by controlling the components of the AI ​​device (100). For example, the control unit (120) can request, search, receive, or utilize data from the learning processor unit (140c) or the memory unit (130), and can control the components of the AI ​​device (100) to execute a predicted operation or an operation determined to be desirable among at least one executable operation. Additionally, the control unit (120) can collect historical information, including the operation content of the AI ​​device (100) or user feedback regarding the operation, and store it in the memory unit (130) or the learning processor unit (140c), or transmit it to an external device such as an AI server (Fig. W1, 400). The collected historical information can be used to update the learning model.

[0842] The memory unit (130) can store data that supports various functions of the AI ​​device (100). For example, the memory unit (130) can store data obtained from the input unit (140a), data obtained from the communication unit (110), output data from the learning processor unit (140c), and data obtained from the sensing unit (140). Additionally, the memory unit (130) can store control information and / or software code required for the operation / execution of the control unit (120).

[0843] The input unit (140a) can acquire various types of data from outside the AI ​​device (100). For example, the input unit (120) can acquire training data for model training and input data to which the training model is applied. The input unit (140a) may include a camera, a microphone and / or a user input unit, etc. The output unit (140b) can generate output related to visual, auditory, or tactile senses, etc. The output unit (140b) may include a display unit, a speaker and / or a haptic module, etc. The sensing unit (140) can obtain at least one of internal information of the AI ​​device (100), surrounding environment information of the AI ​​device (100), and user information using various sensors. The sensing unit (140) may include a proximity sensor, an illuminance sensor, an accelerometer, a magnetic sensor, a gyroscope, an inertial sensor, an RGB sensor, an IR sensor, a fingerprint recognition sensor, an ultrasonic sensor, a light sensor, a microphone and / or radar, etc.

[0844] The learning processor unit (140c) can train a model composed of an artificial neural network using training data. The learning processor unit (140c) can perform AI processing together with the learning processor unit of the AI ​​server (Fig. W1, 400). The learning processor unit (140c) can process information received from an external device through the communication unit (110) and / or information stored in the memory unit (130). Additionally, the output value of the learning processor unit (140c) can be transmitted to an external device through the communication unit (110) and / or stored in the memory unit (130).

[0845] The claims described in various embodiments of the present disclosure may be combined in various ways. For example, the technical features of the method claims of various embodiments of the present disclosure may be combined to be implemented as a device, and the technical features of the device claims of various embodiments of the present disclosure may be combined to be implemented as a method. Furthermore, the technical features of the method claims and the technical features of the device claims of various embodiments of the present disclosure may be combined to be implemented as a device, and the technical features of the method claims and the technical features of the device claims of various embodiments of the present disclosure may be combined to be implemented as a method.

Claims

1. In a method performed by the first node, A step of transmitting a first hello message to a second node related to the quantum security system support of the first node; A step of receiving a second hello message from the second node related to the quantum security system support of the second node; A step of receiving a server certificate containing the server public key of the second node from the second node via a classical channel; A step of receiving a QPK packet (QPK packet) containing the quantum public key (QPK) of the second node from the second node via a quantum channel; A step of transmitting a client key exchange message containing information of the pre-master key of the first node to the second node through the classical channel; A step of transmitting a quantum key exchange message containing the quantum key information of the second node to the second node through the quantum channel; A method comprising the step of performing secure communication with the second node based on a master key associated with the above quantum key information. method.

2. In Paragraph 1, The pre-master key in the above client key exchange message is encrypted based on the server public key, method.

3. In Paragraph 1, The above master key is based on secret key information, and The above quantum key information is encoded with respect to the quantum state associated with the above quantum public key, method.

4. In Paragraph 3, The above quantum key information is encapsulated based on the above pre-master key, method.

5. In Paragraph 1, The above server certificate and the above QPK packet include the same synchronization header, method.

6. In Paragraph 1, The above QPK packet is received based on the quantum security system support of the second node indicated by the second hello message, and The above quantum key exchange message is transmitted based on the quantum security system support of the second node indicated by the second hello message, method.

7. In Paragraph 1, The quantum security system support of the second node is based on the quantum security system support of the first node directed by the first hello message, method.

8. In a method performed by the second node, A step of receiving a first hello message from a first node related to the quantum security system support of the first node; A step of transmitting a second hello message to the second node related to the quantum security system support of the second node; A step of transmitting a server certificate containing the server public key of the second node to the first node via a classical channel; A step of transmitting a QPK packet containing the quantum public key (QPK) of the second node to the first node via a quantum channel; A step of receiving a client key exchange message containing information of the pre-master key of the first node from the first node through the classical channel; A step of receiving a quantum key exchange message containing quantum key information of the second node from the first node through the quantum channel; A step comprising performing secure communication with the first node based on a master key associated with the above quantum key information, method.

9. In Paragraph 8, The pre-master key in the above client key exchange message is encrypted based on the server public key, method.

10. In Paragraph 8, The above master key is based on secret key information, and The above quantum key information is encoded with respect to the quantum state associated with the above quantum public key, method.

11. In Paragraph 10, The above quantum key information is encapsulated based on the above pre-master key, method.

12. In Paragraph 8, The above server certificate and the above QPK packet include the same synchronization header, method.

13. In Paragraph 8, The above QPK packet is transmitted based on the quantum security system support of the second node indicated by the second hello message, and The above quantum key exchange message is received based on the quantum security system support of the second node indicated by the second hello message, method.

14. In Paragraph 8, The quantum security system support of the second node is based on the quantum security system support of the first node directed by the first hello message, method.

15. In the first node, Transmitter / Receiver; At least one processor; and It includes at least one memory that is operablely connectable to the at least one processor and stores instructions for performing operations when executed by the at least one processor. The above operations are, Comprising all steps of the method according to any one of claims 1 to 7, Node 1.

16. In the second node, Transmitter / Receiver; At least one processor; and It includes at least one memory that is operablely connectable to the at least one processor and stores instructions for performing operations when executed by the at least one processor. The above operations are, Comprising all steps of the method according to any one of claims 8 through 14, Node 2.

17. In a control device for controlling a first node, At least one processor; and It includes at least one memory operably connected to the above at least one processor, and The above at least one memory stores instructions for performing operations based on execution by the above at least one processor, and The above operations are, Comprising all steps of the method according to any one of claims 1 to 7, controller.

18. In a control device for controlling a second node, At least one processor; and It includes at least one memory operably connected to the above at least one processor, and The above at least one memory stores instructions for performing operations based on execution by the above at least one processor, and The above operations are, Comprising all steps of the method according to any one of claims 8 through 14, controller.

19. In one or more non-transitory computer-readable media storing one or more instructions, The above one or more instructions perform operations based on being executed by one or more processors, and The above operations are, Comprising all steps of the method according to any one of claims 1 to 7, Computer-readable media.

20. In one or more non-transitory computer-readable media storing one or more instructions, The above one or more instructions perform operations based on being executed by one or more processors, and The above operations are, Comprising all steps of the method according to any one of claims 8 through 14, Computer-readable media.

Images