CN117997522A

CN117997522A - Quantum session key-based data interaction method, electronic equipment and medium

Info

Publication number: CN117997522A
Application number: CN202211391657.6A
Authority: CN
Inventors: 刘福文; 田野; 杜海涛; 粟栗; 何申
Original assignee: China Mobile Communications Group Co Ltd; China Mobile Communications Ltd Research Institute
Current assignee: China Mobile Communications Group Co Ltd; China Mobile Communications Ltd Research Institute
Priority date: 2022-11-07
Filing date: 2022-11-07
Publication date: 2024-05-07

Abstract

The application provides a data interaction method, electronic equipment and medium based on a quantum session key, wherein the method comprises the following steps: sending a quantum session key request to a quantum key server through a first secure channel; receiving a quantum session key sent by the quantum key server in response to the quantum session key request, wherein the quantum key server binds the quantum session key request and the quantum key locally and then stores the quantum key locally, and sends the quantum key to a second terminal through a second secure channel between the quantum key server and the second terminal; after the first terminal sends a session invitation to the second terminal, a quantum session key is generated based on the quantum key and a diffie-hellman DH key, and a session is performed with the second terminal based on the quantum session key. Compared with the encryption mode based on the asymmetric algorithm in the related technology, the data interaction method based on the quantum session key in the embodiment of the application has higher security.

Description

Quantum session key-based data interaction method, electronic equipment and medium

Technical Field

The application relates to the field of communication, and provides a data interaction method for a quantum session key, electronic equipment and a medium.

Background

Current VoLTE (Voice over LTE, LTE Voice service) encryption systems are not able to prevent quantum attacks because the establishment of session keys for these systems all relies on traditional asymmetric key algorithms, i.e. the session initiating mobile terminal locally generates a pseudo-random number as a session key and encrypts it by the asymmetric algorithm to the session receiving mobile terminal. And the session encrypted by the asymmetric algorithm has lower security.

There is currently no effective solution to the above-described problems in the related art.

Disclosure of Invention

The embodiment of the invention provides a data interaction method, electronic equipment and a medium based on a quantum session key, which are used for solving the problem that the security is lower when a session is encrypted based on an asymmetric key algorithm in the prior art.

In order to solve the technical problems, the invention is realized as follows:

In a first aspect, an embodiment of the present invention provides a data interaction method based on a quantum session key, applied to a first terminal, where the method includes: sending a quantum session key request to a quantum key server through a first secure channel; receiving a quantum session key sent by the quantum key server in response to the quantum session key request, wherein the quantum key server binds the quantum session key request and the quantum key locally and then stores the quantum key locally, and sends the quantum key to a second terminal through a second secure channel between the quantum key server and the second terminal; after the first terminal sends a session invitation to the second terminal, a quantum session key is generated based on the quantum key and a diffie-hellman DH key, and a session is performed with the second terminal based on the quantum session key.

In a second aspect, an embodiment of the present invention provides a data interaction method based on a quantum session key, applied to a second terminal, where the method includes: sending a quantum session key request to a quantum key server based on a second secure channel, wherein the quantum key server binds the quantum key request and the quantum key and stores the bound quantum key request and the bound quantum key in a local place; receiving the quantum key sent by the quantum key server through a second secure channel; and generating a quantum session key based on the quantum key and the diffie-hellman DH key, and carrying out session with the first terminal based on the quantum session key.

In a third aspect, the present invention provides a data interaction method based on a quantum session key, applied to a quantum key server, the method comprising: receiving a quantum session key request sent by a first terminal through a first secure channel between the first terminal and the quantum key server; responding to the quantum session key request, generating a quantum session key, binding the quantum session key request with the quantum key and then storing the bound quantum session key in a local place; and sending the quantum key to a second terminal through a second secure channel between the quantum key server and the second terminal, and sending the quantum key to the first terminal through the second secure channel, wherein the first terminal and the second terminal generate a quantum session key based on the quantum key and a diffie-hellman DH key.

In a fourth aspect, an embodiment of the present invention provides a terminal, including: the first sending module is used for sending a quantum session key request to the quantum key server through a first secure channel; the first receiving module is used for receiving a quantum session key sent by the quantum key server in response to the quantum session key request, wherein the quantum key server binds the quantum session key request with the quantum key locally and then stores the quantum key locally, and sends the quantum key to a second terminal through a second secure channel between the quantum key server and the second terminal; and the first interaction module is used for generating a quantum session key based on the quantum key and the diffie-hellman DH key after the first terminal sends the session invitation to the second terminal, and carrying out session with the second terminal based on the quantum session key.

In a fifth aspect, an embodiment of the present invention provides an electronic device, including a transceiver and a processor, where the transceiver is configured to send a quantum session key request to a quantum key server through a first secure channel, and receive a quantum session key sent by the quantum key server in response to the quantum session key request, where the quantum key server binds the quantum session key request and the quantum key locally, and stores the bound quantum session key request and the bound quantum key locally, and sends the quantum key to a second terminal through a second secure channel between the bound quantum key and the second terminal; the transceiver or the processor is used for generating a quantum session key based on the quantum key and a diffie-hellman DH key after the first terminal sends a session invitation to the second terminal, and carrying out a session with the second terminal based on the quantum session key.

In a sixth aspect, an embodiment of the present invention provides a terminal, including: the second sending module is used for sending a quantum session key request to the quantum key server based on a second secure channel, wherein the quantum key server binds the quantum key request and the quantum key and then stores the bound quantum key request and the bound quantum key in a local place; the second receiving module is used for receiving the quantum key sent by the quantum key server through a second secure channel; and the second interaction module is used for generating a quantum session key based on the quantum key and the diffie-hellman DH key and carrying out session with the first terminal based on the quantum session key.

In a seventh aspect, an embodiment of the present invention provides an electronic device, including a transceiver and a processor; the transceiver is configured to send a quantum session key request to a quantum key server based on a second secure channel, where the quantum key server binds the quantum key request and a quantum key and then stores the bound quantum key request and the bound quantum key in a local area, and receive the quantum key sent by the quantum key server through the second secure channel; the transceiver or processor is configured to generate a quantum session key based on the quantum key and a diffie-hellman DH key, and conduct a session with a first terminal based on the quantum session key.

In an eighth aspect, an embodiment of the present invention provides a quantum key server, including: the third receiving module is used for receiving a quantum session key request sent by a first terminal through a first secure channel between the first terminal and the quantum key server; the generation module is used for responding to the quantum session key request, generating a quantum session key and storing the quantum session key request and the quantum key in a local place after binding; and a fourth sending module, configured to send the quantum key to a second terminal through a second secure channel between the quantum key server and the second terminal, and send the quantum key to the first terminal through the second secure channel, where the first terminal and the second terminal generate a quantum session key based on the quantum key and a diffie-hellman DH key.

In a ninth aspect, an embodiment of the present invention provides an electronic device, including a transceiver and a processor; the transceiver is used for receiving a quantum session key request sent by a first terminal through a first secure channel between the first terminal and the quantum key server; the processor is used for responding to the quantum session key request, generating a quantum session key and storing the quantum session key request and the quantum key in a local place after binding; the transceiver is configured to send the quantum key to a second terminal through a second secure channel between the quantum key server and the second terminal, and send the quantum key to the first terminal through the second secure channel, where the first terminal and the second terminal generate a quantum session key based on the quantum key and a diffie-hellman DH key.

In a tenth aspect, an embodiment of the present invention provides an electronic device, including: a processor, a memory and a program stored on the memory and executable on the processor, which when executed by the processor implements the steps of the data processing method as described in the first aspect above; or the program when executed by the processor implements the steps of the data processing method as described in the second aspect above; or the computer program, when being executed by a processor, implements the method steps as described in the third aspect above.

In an eleventh aspect, embodiments of the present invention provide a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the method steps as described in the first aspect above; or the computer program, when being executed by a processor, implements the method steps as described in the second aspect above; or the computer program, when being executed by a processor, implements the method steps as described in the third aspect above.

In the embodiment of the invention, after the first terminal and the quantum key server establish the first secure channel, the quantum key sent by the quantum key server can be received, and the quantum key server can also send the quantum key to the second terminal so as to generate the quantum session key based on the quantum key and the DH key, so that the session between the first terminal and the second terminal can be carried out based on the DH key encrypted by the quantum session key.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the description of the embodiments of the present invention will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort to a person of ordinary skill in the art.

Fig. 1 is a flowchart of a data interaction method based on a quantum session key applied to a first terminal according to an embodiment of the present invention;

Fig. 2 is a flowchart of another data interaction method based on a quantum session key applied to a first terminal according to an embodiment of the present invention;

fig. 3 is a flowchart of a data interaction method based on a quantum session key applied to a second terminal according to an embodiment of the present invention;

fig. 4 is a flowchart of another data interaction method based on a quantum session key applied to a second terminal according to an embodiment of the present invention;

FIG. 5 is a flow chart of a data interaction method based on a quantum session key applied to a quantum key server according to an embodiment of the present invention;

FIG. 6 is a flow chart of another data interaction method based on quantum session keys applied to a quantum key server provided by an embodiment of the present invention;

FIG. 7 is a schematic flow chart of a session key confirmation performed on a media plane according to an embodiment of the present invention;

fig. 8 is a schematic flow chart of a session key confirmation performed on a signaling plane according to an embodiment of the present invention;

fig. 9 is a schematic diagram of another terminal according to an embodiment of the present invention;

fig. 10 is a schematic diagram of another terminal according to an embodiment of the present invention;

FIG. 11 is a schematic diagram of a quantum key server provided by an embodiment of the present invention;

FIG. 12 is a schematic diagram of an electronic device according to an embodiment of the present invention;

Fig. 13 is a schematic diagram of another electronic device according to an embodiment of the present invention.

Detailed Description

The following description of the embodiments of the present invention will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.

First, related terms in the present application are explained;

1) Session key

The session key is a symmetric key used to secure communications between two entities. The use of this key enables secure communications, such as VoLTE encryption, to ensure that the content of the communication is not eavesdropped or tampered with by an attacker. The session key can only be used in one session, and different session keys need to be used for different sessions.

2) Quantum random number

Quantum random numbers are very widely used in cryptography. In the classical cryptosystem, random numbers are required for the generation of keys in the AES (Advanced Encryption Standard ) encryption algorithm, primes in the RSA encryption algorithm, and their keys. In many cryptographic protocols, random numbers are used in most cases, such as DH (Diffie-Hellman ) key exchange protocols, where the private key corresponding to the public node of the exchange is the random number. Different applications have different requirements for random numbers. In some applications, a random bit sequence with imperfect entropy is sufficient, such as pseudo-random numbers. However, in some cryptographic applications, such as bit promise, secure encryption, it is difficult to secure these applications without using true random numbers.

Conventional random number generators are mostly based on complex mathematical algorithms and classical physical processes, pseudo-random numbers, not true random numbers. Quantum random number generators are the only theoretically demonstrable true random number generators to date, the nature of which is determined by the fundamental principles of quantum mechanics. Of these, the randomness of reflection and transmission when single photons are split through 50/50 light is most commonly exploited to generate random sequences. In addition, there are other quantum optical principles such as quantum vacuum state noise, quantum phase noise of spontaneous laser radiation, number of coherent photon, random time interval between adjacent photons, time domain randomness of collapse of coherent photon wave function, etc.

Currently, the cost of quantum random number generating devices is far higher than random number generators based on classical physical processes. The quantum random number generator has different equipment forms, is in the form of an organic frame device, is provided with a PCIe board card type and is provided with a USB interface, and the equipment size is far larger than that of the traditional random number generator. The quantum random number generating chip is rare at present and is high in price, and is not suitable for being used on mobile terminals such as mobile phones. In order to guarantee maximum security of applications on a mobile terminal, it is necessary to use a quantum random number on the mobile terminal. In view of cost, availability, mobile terminals currently do not have the capability of an embedded quantum random number generator. For this, the mobile terminal needs to acquire the quantum random number from the outside, and is generally obtained from a quantum random number service center (or a quantum key server) through a secure channel. Quantum random numbers are generated by quantum devices, which are commonly used for keys in key algorithms, so that the two words quantum random numbers and quantum keys can be used interchangeably, in the present application quantum keys are used to represent quantum random numbers.

Quantum computers are devices that utilize quantum mechanical phenomena to compute and process data. In quantum computers, units of information are called qubits. In addition to being in the "0" state or the "1" state, it may also be in the superimposed state. Due to the powerful parallel computing power of the quantum computer, the quantum computer can rapidly complete the computation which cannot be completed by the classical computer. The security of the currently popular cryptographic algorithms is based on some mathematical problem. Due to the inherent parallelism of quantum computers, some quantum algorithms can solve these mathematical problems more effectively than classical algorithms. This poses a serious and realistic security threat to modern cryptographic algorithms.

The Grover quantum algorithm provides square root acceleration for unstructured search problems. When the Grover algorithm is applied to symmetric cryptography, the n-bit key can be recovered by an O (2 n/2) quantum operation. Doubling the key length is sufficient to eliminate the threat of quantum computation to symmetric cryptographic algorithms.

By using a quantum computer, the Shor quantum algorithm can solve the problem of integer decomposition in polynomial time. The security of the RSA algorithm depends on the difficulty of decomposing large integers. Thus, quantum computers eventually break traditional asymmetric cryptographic algorithms. The Shor algorithm also enables quantum computers to solve discrete logarithm problems over finite fields and elliptic curves in polynomial time. This makes public key cryptographic algorithms on finite fields and elliptic curves no longer secure, including ECDSA and DH (Diffie-Hellman ).

Collisions are a measure of the security of the hash algorithm. For example, SHA-256 and SHA-3 with output lengths of at least 256 bits will be able to resist quantum computer attacks until 2050. This also means that hash-based message authentication codes, such as HMAC-SHA-256, are also not affected by quantum attacks.

Referring to fig. 1, fig. 1 is a flowchart of a data interaction method based on a quantum session key, provided by an embodiment of the present invention, for a first terminal, as shown in fig. 1, the method includes the following steps:

Step 101, sending a quantum session key request to a quantum key server through a first secure channel;

Step 102, receiving a quantum session key sent by a quantum key server in response to a quantum session key request, wherein the quantum key server binds the quantum session key request and the quantum session key locally and then stores the quantum session key locally, and sends the quantum session key to a second terminal through a second secure channel between the quantum key server and the second terminal;

And step 103, after the first terminal sends the session invitation to the second terminal, generating a quantum session key based on the quantum key and the diffie-hellman DH key, and carrying out session with the second terminal based on the quantum session key.

Through the steps 101 to 103, after the first terminal and the quantum key server establish the first secure channel, the quantum key sent by the quantum key server can be received, and the quantum key server also sends the quantum key to the second terminal, so that the quantum session key is generated based on the quantum key and the DH key, therefore, the session between the first terminal and the second terminal can be performed based on the DH key encrypted by the quantum session key, compared with the session encrypted based on the asymmetric key algorithm in the related art, the security is higher, and the problem that the session is encrypted based on the asymmetric key algorithm in the prior art and the security is lower is solved.

In an alternative implementation manner of the embodiment of the present application, before sending the quantum session key request through the secure channel vector subkey server, as shown in fig. 2, the method of the embodiment of the present application may further include:

Step 201, establishing a first secure channel with a quantum key server based on a shared key generated in GBA (Generic Bootstrapping Architecture ) or AKMA (Authentication AND KEY MANAGEMENT for Applications, application layer Authentication and key management) protocols.

For the above step 201, in a specific example, if the first terminal is accessing to the 4G network, a secure channel, such as a TLS (Transport Layer Security, secure transport layer protocol) channel, or a customized efficient secure channel, may be established based on the shared key generated in the GBA procedure with the quantum key server. The first terminal sends a quantum session key request To the quantum key server over the secure channel, which includes the temporary identity B-TIDA in its GBA, and SIP INVITE HEADER (at least To, from, call-ID should be included). Wherein, SIP INVITE fields of the header seed of the message: the From field (first field) is used To indicate the initiator of the session, the To field (second field) is used for the recipient of the session, and the Call-ID field (third field) is a session identification used To identify the global uniqueness of the session.

In addition, if the first terminal is accessed to the 5G network, a secure channel, such as a TLS channel or a customized efficient secure channel, is established based on the shared key generated in the AKMA flow with the quantum key server. Through the secure channel, the first terminal may send a quantum session key request To the quantum key server, which includes the temporary identity a-KIDA in its AKMA, and SIP INVITE HEADER (at least To, from, call-ID should be included). It should be noted that, based on the shared key generated in the GBA or AKMA protocol, the key length is preferably 256 bits or more.

It can be seen that, in the present application, a corresponding protocol may be selected to generate a corresponding secure channel based on different access networks, that is, the first terminal in the embodiment of the present application may perform a session with the second terminal based on the DH key encrypted by the quantum session key under different environments.

In an optional implementation manner of the embodiment of the present application, for the manner of sending the quantum session key request to the quantum key server through the first secure channel, which is referred to in step 101, the method may further include:

Step 11, generating a session invitation message, wherein the session invitation message comprises a first field for indicating that a session initiator is a first terminal, a second field for indicating that a session receiver is a second terminal and a third field for indicating a session identifier;

Step 12, sending a quantum session key request to a quantum key server via a first secure channel,

The quantum session key request carries a temporary identifier associated with the GBA or a temporary identifier associated with AKMA, and a session invite message.

For the above steps 11 and 12, the field in the session invite message may be a From field (first field) for indicating the initiator of the session, a To field (second field) for the receiver of the session, and a Call-ID field (third field) for identifying the global uniqueness of the session, so that the first terminal may send a quantum session key request through the first secure tunnel vector subkey server. The quantum session key request carries a temporary identifier associated with GBA or a temporary identifier associated with AKMA, that is to say, the corresponding temporary identifier can be selected according to different current network environments, so that the session of the DH key encrypted by the first terminal and the second terminal based on the quantum session key can be realized later.

In an optional implementation manner of the embodiment of the present application, for the manner of generating the quantum session key based on the quantum key and the diffie-hellman DH key and performing a session with the second terminal according to the quantum session key, the method may further include:

Step 21, receiving a SIP200 message sent by the second terminal and used for representing an acceptance session;

step 22, a SIP ACK message is sent to the second terminal in response to the SIP200 message;

Step 23, receiving an encrypted DH key exchange message sent by the second terminal, wherein the encrypted DH key exchange message comprises a session identifier and a first key obtained by encrypting a DH public key of the second terminal by using a quantum key;

Step 24, decrypting the first key based on the quantum key to obtain a DH public key of the second terminal;

Step 25, performing key operation by using the DH private Yue of the first terminal and the DH public Yue of the second terminal to generate a shared key between the first terminal and the second terminal;

Step 26, generating a quantum session key based on the quantum key and the shared key;

Step 27, sending an encrypted DH key exchange and quantum session key confirmation message to the second terminal, wherein the encrypted DH key exchange and quantum session key confirmation message comprises a temporary identifier associated with GBA or AKMA, a message verification code and a second key obtained by encrypting a DH public key of the first terminal by using the quantum key; the second terminal obtains a quantum session key based on the second key;

step 28, receiving a quantum session key confirmation message sent by the second terminal, wherein the quantum session key confirmation message comprises a temporary identifier, a message verification code and a quantum session key associated with the GBA or AKMA;

step 29, session with the second terminal based on the quantum session key.

As is clear from the above steps 21 to 29, the DH public key is encrypted using the quantum key associated with the session and transferred to the other party, and the DH shared key is generated after decryption. The quantum session key is generated based on the DH shared key and the quantum key, and finally, both sides confirm whether the same quantum session key is received or not, so that encrypted media communication can be normally decrypted by the other side, in other words, both sides are required to confirm whether the same quantum session key is received or not, so that encrypted media communication can be normally decrypted by the other side, and therefore, a session safer than the prior art can be achieved. The above-mentioned confirmation procedure of the quantum session key of step 21 to step 29 is performed in call signaling, and in the present application, the following steps 31 to 39 may be performed on the media plane.

Step 31, generating a session invitation message, wherein the session invitation message comprises a first field for indicating that a session initiator is a first terminal, a second field for indicating that a session receiver is a second terminal, and a third field for indicating a session identifier;

Step 32, a quantum session key request is sent to a quantum key server through a first secure channel, wherein the quantum session key request carries a temporary identifier associated with GBA or a temporary identifier associated with AKMA, a session invitation message and a second key obtained by encrypting a DH public key of a first terminal by the first terminal by using the quantum key; the second terminal decrypts the second key based on the quantum key to obtain a DH public key of the first terminal, generates a shared key based on the DH public key of the first terminal and a DH private key of the second terminal, and further generates a quantum session key according to the shared key and the quantum key.

In another optional implementation manner of the embodiment of the present application, for the manner of generating the quantum session key based on the quantum key and the DH key and performing the session with the second terminal according to the quantum session key in step 103, the method may further include:

Step 33, receiving a SIP200 message sent by the second terminal for accepting the session, where the SIP200 message includes a temporary identifier associated with GBA or AKMA, a message authentication code, and a first key obtained by encrypting a DH public key of the second terminal by the second terminal using the quantum key;

step 34, decrypting the first key based on the quantum key to obtain a DH public key of the second terminal;

step 35, performing key operation by using DH private Yue of the first terminal and DH public Yue of the second terminal to generate a shared key between the first terminal and the second terminal;

step 36, generating a quantum session key based on the quantum key and the shared key;

Step 37, sending an encrypted DH key exchange and quantum session key confirmation message to the second terminal, wherein the encrypted DH key exchange and quantum session key confirmation message comprises a temporary identifier associated with GBA or AKMA, a message verification code and a second key obtained by encrypting a DH public key of the first terminal by using the quantum key; the second terminal obtains a quantum session key based on the second key;

Step 38, receiving a quantum session key confirmation message sent by the second terminal, wherein the quantum session key confirmation message comprises a temporary identifier, a message verification code and a quantum session key associated with the GBA or AKMA;

step 39, session with the second terminal based on the quantum session key.

As can be seen from the above steps 31 to 39, the quantum session key can be generated based on the quantum key and the DH key, and the first terminal and the second terminal need to confirm whether the same quantum session key is received or not, and only the encrypted media communication can be normally decrypted by the counterpart if the same quantum session key is received, so that a session safer than the prior art can be realized.

It should be noted that, in the embodiment of the present application, the session based on the quantum session key may be implemented based on SRTP (Secure Real-time-time Transport Protoco).

The application is explained from the first terminal side in fig. 1, and the application is explained from the second terminal side in the following, as shown in fig. 3, the application also provides a data interaction method based on quantum session key, applied to the second terminal, the method comprises:

Step 301, a quantum session key request is sent to a quantum key server based on a second secure channel, wherein the quantum key server binds the quantum session key request and the quantum key and stores the bound quantum session key request and the bound quantum key in a local area;

Step 302, receiving a quantum key sent by a quantum key server through a second secure channel;

And step 303, generating a quantum session key based on the quantum key and the diffie-hellman DH key, and carrying out session with the first terminal based on the quantum session key.

Through the steps 301 to 303, after the second terminal and the quantum key server establish the second secure channel, the quantum key sent by the quantum key server may be received, and the quantum key server may also send the quantum key to the second terminal, so as to generate the quantum session key based on the quantum key and the DH key, so that the session between the first terminal and the second terminal may be performed based on the DH key encrypted by the quantum session key.

In an alternative implementation of the embodiment of the present application, before sending the quantum session key request to the quantum key server based on the second secure channel, as shown in fig. 4, the method may further include:

step 401, receiving a session invitation message sent by a first terminal;

Step 402, in response to the session invite message, establishes a second secure channel with the quantum key server based on the shared key generated in the generic bootstrapping architecture GBA or the application layer authentication and key management AKMA protocol.

It can be seen that, in the present application, a corresponding security channel may be generated based on a corresponding protocol selected by different access networks, GBA is selected when the access 4G network is accessed, AKMA is selected when the access 5G network is accessed, that is, the first terminal in the embodiment of the present application may perform a session with the second terminal based on the quantum session key under different environments.

In an optional implementation manner of the embodiment of the present application, for the manner of sending the quantum session key request to the quantum key server based on the second secure channel, which is referred to in step 302, the method may further include:

Step 41, receiving a session invitation message sent by a first terminal, wherein the session invitation message comprises a first field for indicating that a session initiator is the first terminal, a second field for indicating that a session receiver is the second terminal, and a third field for indicating a session identifier;

And step 42, sending a quantum session key request to the quantum key server through a second secure channel, wherein the quantum session key request carries a temporary identifier associated with the GBA or a temporary identifier associated with AKMA and a session invitation message.

Therefore, in the application, after the quantum session key request is sent by the first terminal to the quantum key server, the quantum key locally generated and stored by the quantum key server is also sent by the quantum server to the second terminal, so that the quantum session key obtained by the first terminal and the second terminal is identical, and the session security between the first terminal and the second terminal is improved.

In an optional implementation manner of the embodiment of the present application, for the manner of generating the quantum session key based on the quantum key and the diffie-hellman DH key and performing a session with the first terminal according to the quantum session key, which is referred to in step 303, the method may further include:

Step 51, sending a SIP 200 message for characterizing an accept session to the first terminal;

step 52, receiving a SIP ACK message fed back by the first terminal in response to the SIP200 message;

Step 53, sending an encrypted DH key exchange message to the first terminal, where the encrypted DH key exchange message includes the session identifier and a first key obtained by encrypting the DH public key of the second terminal using the quantum key; decrypting the first key by the first terminal based on the quantum key to obtain a DH public key of the second terminal, performing key operation by using a DH private Yue of the first terminal and a DH public Yue of the second terminal to generate a shared key between the first terminal and the second terminal, and generating a quantum session key based on the quantum key and the shared key;

Step 54, receiving an encrypted DH key exchange and quantum session key confirmation message sent by the first terminal, where the encrypted DH key exchange and quantum session key confirmation message includes a temporary identifier associated with GBA or AKMA, a message authentication code, and a second key after the first terminal encrypts the DH public key of the first terminal using the quantum key;

Step 55, decrypting the second key based on the quantum key to obtain a public key of the first terminal;

step 56, generating a shared key based on the private key of the second terminal and the public key of the first terminal;

step 57, obtaining a quantum session key based on the shared key and the quantum key;

Step 58, a quantum session key confirmation message is sent to the first terminal, wherein the quantum session key confirmation message comprises a temporary identifier, a message verification code and a quantum session key associated with the GBA or AKMA;

step 59, session with the second terminal based on the quantum session key.

As is clear from the above steps 51 to 59, the DH public key is encrypted using the quantum key associated with the session and transferred to the partner, and the DH shared key is generated after decryption. The quantum session key is generated based on the DH shared key and the quantum key, and finally, both sides confirm whether the same quantum session key is received or not, so that encrypted media communication can be normally decrypted by the other side, in other words, both sides are required to confirm whether the same quantum session key is received or not, so that encrypted media communication can be normally decrypted by the other side, and therefore, a session safer than the prior art can be achieved. The above-mentioned confirmation procedure of the quantum session key of step 51 to step 59 is performed in call signaling, and in the present application, the following steps 61 to 66 may be performed on the media plane.

Step 61, decrypting the second key based on the quantum key to obtain a DH public key of the first terminal, generating a shared key based on the DH public key of the first terminal and a DH private key of the second terminal, and generating the quantum session key according to the shared key and the quantum key; the session invitation message also comprises a second key obtained by encrypting the DH public key of the first terminal by using the quantum key;

Step 62, a SIP200 message for accepting a session is sent to a first terminal, where the SIP200 message includes a temporary identifier associated with the GBA or AKMA, a message authentication code, and a first key obtained by encrypting a DH public key of the second terminal with a quantum key by the second terminal;

Step 63, receiving an encrypted DH key exchange and quantum session key confirmation message sent by the first terminal, where the encrypted DH key exchange and quantum session key confirmation message includes a temporary identifier associated with the GBA or AKMA, a message authentication code, and a second key obtained by encrypting a DH public key of the first terminal by the first terminal using the quantum key;

Step 64, obtaining the quantum session key based on the second key;

step 65, a quantum session key confirmation message is sent to the first terminal, wherein the quantum session key confirmation message comprises a temporary identifier, a message verification code and the quantum session key associated with the GBA or AKMA;

Step 66, session with the first terminal based on the quantum session key.

As can be seen from the steps 61 to 66, the quantum session key can be generated based on the quantum key and the DH key, and the first terminal and the second terminal need to confirm whether the same quantum session key is received or not, and only the encrypted media communication can be normally decrypted by the counterpart if the same quantum session key is received, so that a session safer than the prior art can be realized.

The foregoing fig. 1 and fig. 3 illustrate the present application from a first terminal side and a second terminal side, and the following will illustrate the present application from a quantum server side, and as shown in fig. 5, an embodiment of the present application further provides a data interaction method based on a quantum session key, which is applied to a quantum key server, where the method includes:

Step 501, receiving a quantum session key request sent by a first terminal through a first secure channel between the first terminal and a quantum key server;

Step 502, responding to a quantum session key request, generating a quantum session key, binding the quantum session key request and the quantum session key, and storing the quantum session key and the quantum session key locally;

Step 503, sending a quantum session key to a second terminal through a second secure channel between the quantum key server and the second terminal, and sending the quantum key to the first terminal through the second secure channel, wherein the first terminal and the second terminal generate the quantum session key based on the quantum session key and the DH key.

Through the steps 501 to 503, the first terminal may establish a first secure channel with the quantum key server to send the quantum session key request to the quantum key server, and the second terminal may also establish a second secure channel with the quantum key server to receive the quantum key sent by the quantum key server, so that the session between the first terminal and the second terminal may be performed based on the quantum key and the quantum session key generated by the DH key.

In an alternative implementation manner of the embodiment of the present application, before receiving a quantum session key request sent by a first terminal through a secure channel between the first terminal and a quantum key server, as shown in fig. 6, the method further includes:

Step 601, establishing a first secure channel with a first terminal based on a shared key generated in a generic bootstrapping architecture GBA or an application layer authentication and key management AKMA protocol;

step 602, establishing a second secure channel with the second terminal based on the shared key generated in the generic bootstrapping architecture GBA or the application layer authentication and key management AKMA protocol.

The application is illustrated below in connection with a specific implementation of an embodiment of the application, which provides a method for generating an end-to-end quantum session key, where the method has the following concept: the session initiator (UE _A) establishes a secure channel with the quantum key service center based on the shared key generated in the GBA or AKMA protocol, and the UE _A transfers session information to the quantum key service center through the secure channel, and the quantum key service center generates a quantum key and transfers it to the UE _A through the secure channel, while binding and storing the session information locally with the quantum key. After receiving the call request, the session recipient (UE _B) establishes a secure channel based on the shared key generated by the quantum key service center in the GBA or AKMA protocol, and the quantum key service center delivers the quantum key associated with the session to the session recipient. Both the UE _A and the UE _B perform encrypted DH key exchange, that is, encrypt the DH public key using a quantum key related to session, transfer the encrypted DH public key to the other party, and decrypt the encrypted DH public key to generate a DH shared key. And generating a quantum session key based on the DH shared key and the quantum key, and finally, confirming whether the same quantum session key is received by both parties so that the encrypted media communication can be normally decrypted by the other party. The DH key exchange procedure and the quantum session key confirmation procedure may be performed in call signaling or in the media plane, so the following two schemes are proposed.

The DH key exchange in the present application is a generic term, and may be DH key exchange based on a discrete logarithm problem, or ECDH key exchange based on a discrete logarithm problem of an elliptic curve. The basic principle of DH key exchange is that two communication parties exchange their own DH public keys in the clear, and then use their own private keys and the public keys of the other parties to generate DH shared keys.

1) DH key exchange and session key validation procedures performed on media plane

After the quantum key service center transfers the quantum key to the session initiator (UE _A) and the session receiver (UE _B) through the secure channel established based on GBA or AKMA, respectively, the DH key exchange procedure and the quantum session key confirmation procedure are performed on the media plane. As shown in fig. 7, the process includes:

In step 701, the session initiator (UE _A) generates a session invite message SIP INVITE, the header (SIP INVITE HEADER) of which contains a plurality of fields, the most important of which are: the From field is used To indicate the initiator of the session, the To field is used for the recipient of the session, and the Call-ID field is a session identification used To identify the global uniqueness of the session.

In step 702, if the ue _A is connected to the 4G network, a secure channel, such as a TLS channel, or a customized efficient secure channel, is established based on the shared key generated in the GBA procedure with the quantum key server. Through the secure channel, the UEA sends a quantum key request To the quantum key server, which includes the temporary identity B-TIDA in its GBA, and SIP INVITE HEADER (at least To, from, call-ID should be included).

If the UE _A is connected to the 5G network, a secure channel, such as a TLS channel, or a customized efficient secure channel, is established based on the shared key generated in the AKMA procedure with the quantum key server. Through the secure channel, the UEA sends a quantum key request To the quantum key server, which includes the temporary identity a-KIDA in it AKMA, and SIP INVITE HEADER (at least To, from, call-ID should be contained).

In step 703, after the quantum key server receives the quantum key request, a quantum key Kq is generated, and is associated with SIP INVITE HEADER and stored in the server. And sends a reply message of the quantum key request, containing the quantum key Kq, to the UE _A over the secure channel.

In step 704, the ue _A sends a session invitation to the session receiver UEB via a SIP INVITE message.

In step 705, the UE _B sends a quantum key request To the quantum key server via a secure channel established with the quantum key server based on GBA or AKMA, which includes a-KID _B of temporary identity B-TID _B or AKMA in its GBA, and SIP INVITE HEADER (at least To, from, call-ID shall be included).

In step 706, the quantum server finds the corresponding quantum key Kq according to the received SIP INVITE HEADER, and returns it to the UE _B through the secure channel.

In step 707, the UE _B sends a SIP 200 message to the UE _A to indicate acceptance of the invitation.

In step 708, the UE _A sends a SIP ACK message to the UE _B to indicate that the communication partner may initiate media plane communication in response to the SIP 200 message.

In step 709, before media plane encryption communication, both sides need to perform encrypted DH key exchange and confirm consistency of the generated quantum session key. The UE _B encrypts the DH public-leg PuK _B of the UE _B, i.e., { PuK _B } Kq, using the quantum key Kq, and sends an encrypted DH key exchange message to the UE _A, which includes the CALL-ID and { PuK _B } Kq.

In step 710, after receiving the encrypted DH key exchange message, the UE _A decrypts the encrypted DH key exchange message using the quantum key Kq associated with the CALL-ID to obtain the DH public node PuK _B.UE_A of the UE _B, and performs key operation with the DH public node PuK _B of the UE _B using its own DH private node to generate the shared key Kg between the UE _A and the UE _B. Based on quantum key Kq and shared key Kg, UEA computes a quantum session key Kqs as follows:

Kqs = KDF (Kq, kg, "quantum session key")

It should be noted that the KDF is a key derivation function, such as HMAC-SHA256.

The UE _A generates an encrypted DH key exchange and quantum session key confirmation message, including B-TID _A or a-KID _A, SIP INVITE HEADER, message authentication code MAC _A, and { PuK _A } Kq. The calculation of MACA is based on a hash of the quantum session key Kqs on B-TID _A or a-KID _A, SIP INVITE HEADER. { PuK _A } Kq indicates that the UEA encrypts its own DH male PuK _A with the quantum key Kq.

After receiving the encrypted DH key exchange and quantum session key confirmation message, UE _B decrypts { PuK _A } Kq using quantum key Kq associated with CALL-ID in SIP INVITE HEADER to obtain DH male Yue PuK _A of UE _A. The shared key Kg between the UE _A and the UE _B is generated by performing key operation based on the DH private Yue of the user and the DH male Yue PuK _A of the UE _A. Based on quantum key Kq and shared key Kg, UE _B calculates quantum session key Kqs as follows:

Kqs = KDF (Kq, kg, "quantum session key")

The UE _B verifies the MACA based on the quantum session key Kqs.

In step 711, the ue _B generates a quantum session key confirmation message and sends it to the UEA, which includes B-TID _B or a-KID _B, SIP INVITE HEADER, and the calculation of the message authentication code MAC _B.MAC_B is based on the hash of the quantum session key Kqs to B-TID _B or a-KID _B, SIP INVITE HEADER.

It can be seen that both parties (UE _A and UE _B) use the quantum session key Kqs to encrypt and integrity protect the media plane information and to prevent replay attacks. This may be implemented using Secure Real-time transport protocol (SRTP) based on session key Kqs.

2) DH key exchange and session key validation procedures performed at signaling plane

The solution of DH key exchange and session key confirmation at the signalling plane is basically the same as the solution of DH key exchange and session key confirmation at the media plane, the only difference being that DH key exchange and session key confirmation are performed at the signalling plane. As shown in fig. 8, the process includes:

In step 801, the session initiator (UE _A) generates a session invite message SIP INVITE, the header (SIP INVITE HEADER) of which contains a plurality of fields, the most important of which are: the From field is used To indicate the initiator of the session, the To field is used for the recipient of the session, and the Call-ID field is a session identification used To identify the global uniqueness of the session.

In step 802, if the ue _A is connected to the 4G network, a secure channel, such as a TLS channel, or a customized efficient secure channel, is established based on the shared key generated in the GBA procedure with the quantum key server. Through the secure channel, the UEA sends a quantum key request To the quantum key server, which includes the temporary identity B-TIDA in its GBA, and SIP INVITE HEADER (at least To, from, call-ID should be included).

In step 803, after the quantum key server receives the quantum key request, a quantum key Kq is generated, and is associated with SIP INVITE HEADER and stored in the server. And sends a reply message of the quantum key request, containing the quantum key Kq, to the UE _A over the secure channel.

In step 804, the UE _A sends a session invitation to the session recipient UE _B via a SIP INVITE message. The SIP INVITE message body contains an information element { PuK _A } Kq obtained by encrypting its own DH male Yue PuK _A with the quantum key Kq by the UEA.

In step 805, the UE _B sends a quantum key request To the quantum key server via a secure channel established with the quantum key server based on GBA or AKMA, the UE _B including a-KID _B of temporary identity B-TID _B or AKMA in its GBA, and SIP INVITE HEADER (at least To, from, call-ID should be included).

In step 806, the quantum server finds the corresponding quantum key Kq according to the received SIP INVITE HEADER, and returns it to the UE _B through the secure channel.

Step 807, UEB decrypts { PuKA } Kq using quantum key Kq associated with CALL-ID in SIP INVITE HEADER to obtain DH male Yue PuKA of UEA. And (3) performing key operation based on the DH private Yue of the user and the DH male Yue PuKA of the UE A to generate a shared key Kg between the UE A and the UE B. Based on quantum key Kq and shared key Kg, UEB computes a quantum sub-session key Kqs as follows:

Kqs = KDF (Kq, kg, "quantum session key")

The UE _B sends a SIP 200 message to the UE _A to indicate acceptance of the invitation. The 200 message body carries encrypted DH key exchange and quantum session key validation information, which includes B-TID _B or A-KID _B, SIP INVITE HEADER, message authentication code MAC _B,{PuK_B } Kq. MACB is based on a hash of the quantum session key Kqs to either the B-TID _B or a-KID _B, SIP INVITE HEADER. { PuK _B } Kq means that the UE _B encrypts its DH male PuK _B with the quantum key Kq

In step 808, after receiving the SIP 200 message, UE _A decrypts { PuK _B } Kq using the quantum key Kq associated with the CALL-ID to obtain DH public corollary PuK _B of UE _B. The UE a uses its DH private node and UE _B DH public node PuK _B to perform a key operation to generate a shared key Kg between UE _A and UE _B. Based on quantum key Kq and shared key Kg, UEA computes a quantum session key Kqs as follows:

Kqs = KDF (Kq, kg, "quantum session key")

The UE _A verifies the MAC _B using the quantum session key Kqs. After verification, UE _A sends a SIP ACK message to UE _B to indicate a reply to the SIP 200 message that both parties can initiate media plane communications. The calculation of the SIP ACK message body containing B-TID _A or a-KID _A, SIP INVITE HEADER, and message authentication code MAC _A.MAC_A is based on a hash of B-TID _A or a-KID _A, SIPINVITE HEADER by quantum session key Kqs. After the UE _B receives the quantum session key confirmation message, the MAC _A is authenticated using the quantum session key Kqs. After the verification is passed, the two parties communicate securely using the quantum session key Kqs.

It can be seen that both parties (UE _A and UE _B) use the quantum session key Kqs to encrypt and integrity protect the media plane information and to prevent replay attacks. This may be implemented using SRTP based on session key Kqs.

Corresponding to fig. 1, the embodiment of the present application further provides a terminal, as shown in fig. 9, where the terminal includes:

a first sending module 92, configured to send a quantum session key request to a quantum key server through a first secure channel;

The first receiving module 94 is configured to receive a quantum session key sent by a quantum key server in response to a quantum session key request, where the quantum key server binds the quantum session key request and the quantum key locally and then stores the quantum key locally, and sends the quantum key to the second terminal through a second secure channel between the quantum key server and the second terminal;

The first interaction module 96 is configured to generate a quantum session key based on the quantum key and the diffie-hellman DH key after the first terminal sends the session invitation to the second terminal, and perform a session with the second terminal based on the quantum session key.

Optionally, before sending the quantum session key request through the secure channel vector subkey server, the apparatus in the embodiment of the present application may further include: a first establishing module, configured to establish a first secure channel with the quantum key server based on a shared key generated in the generic bootstrapping architecture GBA or the application layer authentication and key management AKMA protocol.

Optionally, the first sending module 92 in the embodiment of the present application may further include: a first generation unit, configured to generate a session invite message, where the session invite message includes a first field for indicating that a session initiator is a first terminal, a second field for indicating that a session receiver is a second terminal, and a third field for indicating a session identifier; the first sending unit is configured to send a quantum session key request to the quantum key server through a first secure channel, where the quantum session key request carries a temporary identifier associated with GBA or a temporary identifier associated with AKMA, and a session invite message.

Optionally, the first interaction module 96 in the embodiment of the present application may further include:

a first receiving unit, configured to receive a SIP200 message sent by a second terminal and used for characterizing an acceptance session;

A second transmitting unit, configured to transmit a SIP ACK message to a second terminal in response to the SIP200 message;

the second receiving unit is used for receiving an encrypted DH key exchange message sent by the second terminal, wherein the encrypted DH key exchange message comprises a session identifier and a first key obtained by encrypting a DH public key of the second terminal by using a quantum key;

the first decryption unit is used for decrypting the first key based on the quantum key to obtain a DH public key of the second terminal;

a second generation unit for generating a shared key between the first terminal and the second terminal by using DH private Yue of the first terminal and DH male Yue of the second terminal;

a third generation unit configured to generate a quantum session key based on the quantum key and the shared key;

A third sending unit, configured to send an encrypted DH key exchange and quantum session key confirmation message to the second terminal, where the encrypted DH key exchange and quantum session key confirmation message includes a temporary identifier associated with GBA or AKMA, a message authentication code, and a second key obtained by encrypting a DH public key of the first terminal using the quantum key by the first terminal; the second terminal obtains a quantum session key based on the second key;

The third receiving unit is used for receiving a quantum session key confirmation message sent by the second terminal, wherein the quantum session key confirmation message comprises a temporary identifier, a message verification code and a quantum session key which are associated with GBA or AKMA;

And the first interaction unit is used for carrying out session with the second terminal based on the quantum session key.

Optionally, the first sending module 92 in the embodiment of the present application may further include:

A fourth generating unit, configured to generate a session invite message, where the session invite message includes a first field for indicating that a session initiator is a first terminal, a second field for indicating that a session receiver is a second terminal, and a third field for indicating a session identifier;

A fourth sending unit, configured to send a quantum session key request to the quantum key server through the first secure channel, where the quantum session key request carries a temporary identifier associated with GBA or a temporary identifier associated with AKMA, a session invite message, and a second key obtained by encrypting a DH public key of the first terminal with the quantum key by the first terminal; the second terminal decrypts the second key based on the quantum key to obtain a DH public key of the first terminal, generates a shared key based on the DH public key of the first terminal and a DH private key of the second terminal, and further generates a quantum session key according to the shared key and the quantum key.

a fourth receiving unit, configured to receive a SIP200 message sent by the second terminal and used for accepting the session, where the SIP200 message includes a temporary identifier associated with GBA or AKMA, a message authentication code, and a first key obtained by encrypting, by the second terminal, a DH public key of the second terminal using a quantum key;

The second decryption unit is used for decrypting the first key based on the quantum key to obtain a DH public key of the second terminal;

A fifth generation unit for generating a shared key between the first terminal and the second terminal by performing a key operation using the DH private Yue of the first terminal and the DH male Yue of the second terminal;

A sixth generation unit configured to generate a quantum session key based on the quantum key and the shared key;

A fifth sending unit, configured to send an encrypted DH key exchange and quantum session key confirmation message to the second terminal, where the encrypted DH key exchange and quantum session key confirmation message includes a temporary identifier associated with GBA or AKMA, a message authentication code, and a second key obtained by encrypting a DH public key of the first terminal using the quantum key by the first terminal; the second terminal obtains a quantum session key based on the second key;

A fifth receiving unit, configured to receive a quantum session key confirmation message sent by the second terminal, where the quantum session key confirmation message includes a temporary identifier associated with GBA or AKMA, a message authentication code, and a quantum session key;

and the second interaction unit is used for carrying out session with the second terminal based on the quantum session key.

Corresponding to fig. 3, the present application also provides a terminal, as shown in fig. 10, including:

a second sending module 102, configured to send a quantum session key request to a quantum key server based on a second secure channel, where the quantum key server binds the quantum key request and the quantum key and stores the bound quantum key request locally;

A second receiving module 104, configured to receive, through a second secure channel, the quantum key sent by the quantum key server;

the second interaction module 106 is configured to generate a quantum session key based on the quantum key and the diffie-hellman DH key, and conduct a session with the first terminal based on the quantum session key.

In an alternative implementation of the embodiment of the present application, before sending the quantum session key request to the quantum key server based on the second secure channel, the apparatus may further include:

a third receiving module, configured to receive a session invite message sent by the first terminal;

a second establishing module, configured to establish a second secure channel with the quantum key server based on the shared key generated in the generic bootstrapping architecture GBA or the application layer authentication and key management AKMA protocol in response to the session invite message.

In an alternative implementation manner of the embodiment of the present application, the second sending module 102 may further include:

A sixth receiving unit, configured to receive a session invite message sent by the first terminal, where the session invite message includes a first field for indicating that a session initiator is the first terminal, a second field for indicating that a session receiver is the second terminal, and a third field for indicating a session identifier;

And a sixth sending unit, configured to send a quantum session key request to the quantum key server through the second secure channel, where the quantum session key request carries a temporary identifier associated with GBA or a temporary identifier associated with AKMA, and a session invite message.

In an alternative implementation of the embodiment of the present application, the second interaction module 106 may further include:

A seventh sending unit, configured to send a SIP200 message for characterizing an acceptance session to the first terminal;

A seventh receiving unit, configured to receive a SIP ACK message fed back by the first terminal in response to the SIP200 message;

An eighth sending unit, configured to send an encrypted DH key exchange message to the first terminal, where the encrypted DH key exchange message includes a session identifier and a first key obtained by encrypting a DH public key of the second terminal using the quantum key; decrypting the first key by the first terminal based on the quantum key to obtain a DH public key of the second terminal, performing key operation by using a DH private Yue of the first terminal and a DH public Yue of the second terminal to generate a shared key between the first terminal and the second terminal, and generating a quantum session key based on the quantum key and the shared key;

An eighth receiving unit, configured to receive an encrypted DH key exchange and quantum session key confirmation message sent by the first terminal, where the encrypted DH key exchange and quantum session key confirmation message includes a temporary identifier associated with GBA or AKMA, a message authentication code, and a second key obtained by encrypting, by the first terminal, a DH public key of the first terminal using the quantum key;

The third decryption unit is used for decrypting the second key based on the quantum key to obtain a public key of the first terminal;

A seventh generation unit configured to generate a shared key based on the private key of the second terminal and the public key of the first terminal;

an eighth generation unit for obtaining a quantum session key based on the shared key and the quantum key;

A ninth sending unit, configured to send a quantum session key confirmation message to the first terminal, where the quantum session key confirmation message includes a temporary identifier associated with GBA or AKMA, a message authentication code, and a quantum session key;

And the third interaction unit is used for carrying out session with the second terminal based on the quantum session key.

A fourth decryption unit, configured to decrypt the second key based on the quantum key to obtain a DH public key of the first terminal, generate a shared key based on the DH public key of the first terminal and a DH private key of the second terminal, and generate a quantum session key according to the shared key and the quantum key; the session invitation message also comprises a second key obtained by encrypting the DH public key of the first terminal by using the quantum key;

A tenth sending unit, configured to send, to the first terminal, a SIP 200 message for accepting the session, where the SIP 200 message includes a temporary identifier associated with GBA or AKMA, a message authentication code, and a first key obtained by encrypting, by the second terminal, a DH public key of the second terminal using the quantum key;

A ninth receiving unit, configured to receive an encrypted DH key exchange and quantum session key confirmation message sent by the first terminal, where the encrypted DH key exchange and quantum session key confirmation message includes a temporary identifier associated with GBA or AKMA, a message authentication code, and a second key after the first terminal encrypts a DH public key of the first terminal using the quantum key;

A ninth generation unit, configured to obtain a quantum session key based on the second key;

An eleventh sending unit, configured to send a quantum session key confirmation message to the first terminal, where the quantum session key confirmation message includes a temporary identifier associated with GBA or AKMA, a message authentication code, and a quantum session key;

And the fourth interaction unit is used for carrying out session with the first terminal based on the quantum session key.

Corresponding to fig. 5, the embodiment of the present application further provides a quantum key server, as shown in fig. 11, including:

A third receiving module 112, configured to receive a quantum session key request sent by the first terminal through a first secure channel between the first terminal and the quantum key server;

a processing module 114, configured to generate a quantum session key in response to the quantum session key request and store the quantum session key request and the quantum key in a local area after binding;

And a third sending module 116, configured to send the quantum key to the second terminal through a second secure channel between the quantum key server and the second terminal, and send the quantum key to the first terminal through the second secure channel, where the first terminal and the second terminal generate a quantum session key based on the quantum key and the diffie-hellman DH key.

In an alternative implementation of the embodiment of the present application, before receiving a quantum session key request sent by a first terminal through a secure channel between the first terminal and a quantum key server, the quantum key server further includes:

A third establishing module, configured to establish a first secure channel with the first terminal based on a shared key generated in the generic bootstrapping architecture GBA or the application layer authentication and key management AKMA protocol;

and a fourth establishing module, configured to establish a second secure channel with the second terminal based on the generic bootstrapping architecture GBA or the shared key generated in the application layer authentication and key management AKMA protocol.

In particular, referring to fig. 12, an embodiment of the present invention further provides an electronic device including a bus 1201, a transceiver 1202, an antenna 1203, a bus interface 1204, a processor 1205, and a memory 1206.

A transceiver 1202 for sending a quantum session key request to a quantum key server over a first secure channel; the quantum key server receives a quantum session key sent by the quantum key server in response to the quantum session key request, wherein the quantum key server binds the quantum session key request and the quantum key locally and then stores the quantum key locally, and sends the quantum key to a second terminal through a second secure channel between the quantum key server and the second terminal;

A transceiver 1202 or a processor 1205 for generating a quantum session key based on the quantum key and a diffie-hellman DH key after the first terminal sends a session invitation to the second terminal, and for conducting a session with the second terminal based on the quantum session key.

In fig. 12, a bus architecture (represented by bus 1201), the bus 1201 may include any number of interconnected buses and bridges, with the bus 1201 linking together various circuits, including one or more processors, represented by processor 1205, and memory, represented by memory 1206. The bus 1201 may also link together various other circuits such as peripheral devices, voltage regulators, power management circuits, etc., which are well known in the art and, therefore, will not be described further herein. Bus interface 1204 provides an interface between bus 1201 and transceiver 1202. The transceiver 1202 may be one element or may be multiple elements, such as multiple receivers and transmitters, providing a means for communicating with various other apparatus over a transmission medium. The data processed by the processor 1205 is transmitted over a wireless medium via an antenna 1203, and further, the antenna 1203 receives the data and transmits the data to the processor 1205.

The processor 1205 is responsible for managing the bus 1201 and general processing, and may provide various functions including timing, peripheral interfaces, voltage regulation, power management, and other control functions. And memory 1206 may be used to store data used by processor 1205 in performing operations.

Alternatively, the processor 1205 may be CPU, ASIC, FPGA or a CPLD.

It should be noted that, the electronic device provided in the embodiment of the present invention is a device capable of executing the data interaction method based on the quantum session key in the embodiment of fig. 1, and all the implementation manners in the data interaction method embodiment based on the quantum session key are applicable to the electronic device, and the same or similar beneficial effects can be achieved.

Specifically, referring to fig. 13, an embodiment of the present invention further provides an electronic device, including a bus 1301, a transceiver 1302, an antenna 1303, a bus interface 1304, a processor 1305, and a memory 1306.

A transceiver 1302 configured to send a quantum session key request to a quantum key server based on a second secure channel, where the quantum key server binds the quantum key request and a quantum key and stores the quantum key locally, and receive the quantum key sent by the quantum key server through the second secure channel;

A processor 130 for generating a quantum session key based on the quantum key and a diffie-hellman DH key, and conducting a session with the first terminal based on the quantum session key.

In fig. 13, a bus architecture (represented by bus 1301), the bus 1301 may include any number of interconnected buses and bridges, with the bus 1301 linking together various circuits, including one or more processors, represented by processor 1305, and memory, represented by memory 1306. Bus 1301 may also link together various other circuits such as peripheral devices, voltage regulators, power management circuits, etc., which are well known in the art and, therefore, will not be described further herein. Bus interface 1304 provides an interface between bus 1301 and transceiver 1302. The transceiver 1302 may be one element or a plurality of elements, such as a plurality of receivers and transmitters, providing a means for communicating with various other apparatus over a transmission medium. The data processed by the processor 1305 is transmitted over a wireless medium via the antenna 1303, and further, the antenna 1303 also receives data and transmits the data to the processor 1305.

The processor 1305 is responsible for managing the bus 1301 and general processing and may also provide various functions including timing, peripheral interfaces, voltage regulation, power management, and other control functions. And memory 1306 may be used to store data used by the processor 1305 in performing operations.

Alternatively, the processor 1305 may be CPU, ASIC, FPGA or a CPLD.

The embodiment of the invention also provides electronic equipment, which comprises: the program is executed by the processor to implement each process of the data interaction method embodiment based on the quantum session key shown in fig. 1 or 3 or 5, and the same technical effects can be achieved, so that repetition is avoided and no further description is provided herein.

The embodiment of the invention also provides a computer readable storage medium, on which a computer program is stored, which when executed by a processor, implements the processes of the data interaction method embodiment based on quantum session key shown in the foregoing 1, 3 or 5, and can achieve the same technical effects, so that repetition is avoided and no further description is given here. Wherein the computer readable storage medium is selected from Read-Only Memory (ROM), random access Memory (Random Access Memory, RAM), magnetic disk or optical disk.

It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) comprising instructions for causing a terminal (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to perform the method according to the embodiments of the present invention.

The embodiments of the present invention have been described above with reference to the accompanying drawings, but the present invention is not limited to the above-described embodiments, which are merely illustrative and not restrictive, and many forms may be made by those having ordinary skill in the art without departing from the spirit of the present invention and the scope of the claims, which are to be protected by the present invention.

Claims

1. The data interaction method based on the quantum session key is applied to a first terminal and is characterized by comprising the following steps of:

sending a quantum session key request to a quantum key server through a first secure channel;

receiving a quantum session key sent by the quantum key server in response to the quantum session key request, wherein the quantum key server binds the quantum session key request and the quantum key locally and then stores the quantum key locally, and sends the quantum key to a second terminal through a second secure channel between the quantum key server and the second terminal;

After the first terminal sends a session invitation to the second terminal, a quantum session key is generated based on the quantum key and a diffie-hellman DH key, and a session is performed with the second terminal based on the quantum session key.

2. The method of claim 1, further comprising, prior to sending the quantum session key request through the secure channel vector subkey server:

The first secure channel is established with the quantum key server based on a shared key generated in a generic bootstrapping architecture GBA or an application layer authentication and key management AKMA protocol.

3. The method of claim 2, wherein the sending the quantum session key request to the quantum key server over the first secure channel comprises:

Generating a session invitation message, wherein the session invitation message comprises a first field for indicating that a session initiator is a first terminal, a second field for indicating that a session receiver is a second terminal and a third field for indicating a session identifier;

And sending a quantum session key request to the quantum key server through the first secure channel, wherein the quantum session key request carries a temporary identifier associated with the GBA or a temporary identifier associated with the AKMA and the session invitation message.

4. A method according to claim 3, wherein generating a quantum session key based on the quantum key and diffie-hellman DH key, and conducting a session with the second terminal based on the quantum session key, comprises:

Receiving an SIP 200 message which is sent by the second terminal and used for representing an acceptance session;

transmitting a SIP ACK message to the second terminal in response to the SIP200 message;

Receiving an encrypted DH key exchange message sent by a second terminal, wherein the encrypted DH key exchange message comprises the session identifier and a first key obtained by encrypting a DH public key of the second terminal by using a quantum key;

Decrypting the first key based on the quantum key to obtain a DH public key of the second terminal;

performing key operation by using the DH private Yue of the first terminal and the DH public Yue of the second terminal to generate a shared key between the first terminal and the second terminal;

Generating a quantum session key based on the quantum key and the shared key;

Sending an encrypted DH key exchange and quantum session key confirmation message to a second terminal, wherein the encrypted DH key exchange and quantum session key confirmation message comprises a temporary identifier associated with the GBA or AKMA, a message authentication code and a second key obtained by encrypting a DH public key of the first terminal by using the quantum key; the second terminal obtains the quantum session key based on the second key;

receiving a quantum session key confirmation message sent by the second terminal, wherein the quantum session key confirmation message comprises a temporary identifier, a message verification code and the quantum session key which are associated with the GBA or AKMA;

and session with the second terminal based on the quantum session key.

5. The method of claim 2, wherein the sending the quantum session key request to the quantum key server over the first secure channel comprises:

Sending a quantum session key request to the quantum key server through the first secure channel, wherein the quantum session key request carries a temporary identifier associated with the GBA or a temporary identifier associated with the AKMA, the session invitation message and a second key obtained by encrypting a DH public key of the first terminal by using the quantum key; and the second terminal decrypts the second key based on the quantum key to obtain the DH public key of the first terminal, generates a shared key based on the DH public key of the first terminal and the DH private key of the second terminal, and further generates the quantum session key according to the shared key and the quantum key.

6. The method of claim 5, wherein the generating a quantum session key based on the quantum key and a diffie-hellman DH key and conducting a session with the second terminal based on the quantum session key comprises:

Receiving a SIP200 message sent by the second terminal and used for accepting the session, wherein the SIP200 message includes a temporary identifier associated with the GBA or AKMA, a message authentication code, and a first key obtained by encrypting a DH public key of the second terminal by the second terminal using a quantum key;

Generating a quantum session key based on the quantum key and the shared key;

Sending an encrypted DH key exchange and quantum session key confirmation message to the second terminal, wherein the encrypted DH key exchange and quantum session key confirmation message comprises a temporary identifier associated with the GBA or AKMA, a message authentication code and a second key obtained by encrypting a DH public key of the first terminal by using the quantum key; the second terminal obtains the quantum session key based on the second key;

and session with the second terminal based on the quantum session key.

7. A data interaction method based on a quantum session key, applied to a second terminal, characterized in that the method comprises the following steps:

Sending a quantum session key request to a quantum key server based on a second secure channel, wherein the quantum key server binds the quantum key request and the quantum key and stores the bound quantum key request and the bound quantum key in a local place;

Receiving the quantum key sent by the quantum key server through a second secure channel;

And generating a quantum session key based on the quantum key and the diffie-hellman DH key, and carrying out session with the first terminal based on the quantum session key.

8. The method of claim 7, wherein prior to sending the quantum-session key request to the quantum-key server based on the second secure channel, the method further comprises:

The second secure channel is established with the quantum key server based on a shared key generated in a generic bootstrapping architecture GBA or an application layer authentication and key management AKMA protocol.

9. The method of claim 8, wherein the sending the quantum session key request to the quantum key server via the second secure channel comprises:

Receiving a session invitation message sent by a first terminal, wherein the session invitation message comprises a first field for indicating that a session initiator is the first terminal, a second field for indicating that a session receiver is the second terminal and a third field for indicating a session identifier;

And sending a quantum session key request to the quantum key server through the second secure channel, wherein the quantum session key request carries a temporary identifier associated with the GBA or a temporary identifier associated with the AKMA and the session invitation message.

10. The method of claim 9, wherein the generating a quantum session key based on the quantum key and a diffie-hellman DH key and conducting a session with a first terminal based on the quantum session key, comprises:

Sending a SIP 200 message characterizing an acceptance session to the first terminal;

Receiving an SIP ACK message fed back by the first terminal in response to the SIP200 message;

Sending an encrypted DH key exchange message to the first terminal, wherein the encrypted DH key exchange message comprises the session identifier and a first key obtained by encrypting a DH public key of the second terminal by using a quantum key; decrypting the first key by the first terminal based on the quantum key to obtain a DH public key of the second terminal, performing key operation by using a DH private part of the first terminal and a DH public part of the second terminal to generate a shared key between the first terminal and the second terminal, and generating a quantum session key based on the quantum key and the shared key;

receiving an encrypted DH key exchange and quantum session key confirmation message sent by the first terminal, wherein the encrypted DH key exchange and quantum session key confirmation message comprises a temporary identifier associated with the GBA or AKMA, a message verification code and a second key obtained by encrypting a DH public key of the first terminal by using the quantum key;

decrypting the second key based on the quantum key to obtain a public key of the first terminal;

Generating a shared key based on the private key of the second terminal and the public key of the first terminal;

Obtaining a quantum session key based on the shared key and the quantum key;

Sending a quantum session key confirmation message to the first terminal, wherein the quantum session key confirmation message comprises a temporary identifier, a message verification code and the quantum session key associated with the GBA or AKMA;

and session with the second terminal based on the quantum session key.

11. The method of claim 9, wherein the generating a quantum session key based on the quantum key and a diffie-hellman DH key and conducting a session with a first terminal based on the quantum session key, comprises:

Decrypting the second key based on the quantum key to obtain a DH public key of the first terminal, generating a shared key based on the DH public key of the first terminal and a DH private key of the second terminal, and generating the quantum session key according to the shared key and the quantum key; the session invitation message further comprises a second key obtained by encrypting the DH public key of the first terminal by using the quantum key;

Sending a SIP 200 message for accepting a session to a first terminal, wherein the SIP 200 message includes a temporary identifier associated with the GBA or AKMA, a message authentication code, and a first key obtained by encrypting a DH public key of the second terminal with a quantum key by the second terminal;

obtaining the quantum session key based on the second key;

session with the first terminal based on the quantum session key.

12. A data interaction method based on a quantum session key, applied to a quantum key server, characterized in that the method comprises the following steps:

Receiving a quantum session key request sent by a first terminal through a first secure channel between the first terminal and the quantum key server;

responding to the quantum session key request, generating a quantum session key, binding the quantum session key request with the quantum key and then storing the bound quantum session key in a local place;

And sending the quantum key to a second terminal through a second secure channel between the quantum key server and the second terminal, and sending the quantum key to the first terminal through the second secure channel, wherein the first terminal and the second terminal generate a quantum session key based on the quantum key and a diffie-hellman DH key.

13. The method of claim 12, comprising, prior to receiving a quantum session key request sent by a first terminal over a secure channel between the first terminal and the quantum key server:

establishing the first secure channel with the first terminal based on a shared key generated in a generic bootstrapping architecture GBA or an application layer authentication and key management AKMA protocol;

The second secure channel is established with the second terminal based on a shared key generated in a generic bootstrapping architecture GBA or an application layer authentication and key management AKMA protocol.

14. A terminal, comprising:

the first sending module is used for sending a quantum session key request to the quantum key server through a first secure channel;

The first receiving module is used for receiving a quantum session key sent by the quantum key server in response to the quantum session key request, wherein the quantum key server binds the quantum session key request with the quantum key locally and then stores the quantum key locally, and sends the quantum key to a second terminal through a second secure channel between the quantum key server and the second terminal;

And the first interaction module is used for generating a quantum session key based on the quantum key and the diffie-hellman DH key after sending the session invitation to the second terminal, and carrying out session with the second terminal based on the quantum session key.

15. An electronic device comprising a transceiver and a processor,

The transceiver is used for sending a quantum session key request to the quantum key server through a first secure channel and receiving a quantum session key sent by the quantum key server in response to the quantum session key request, wherein the quantum key server binds the quantum session key request and the quantum key locally and then stores the quantum key locally and sends the quantum key to a second terminal through a second secure channel between the quantum key server and the second terminal;

The transceiver or processor is configured to generate a quantum session key based on the quantum key and a diffie-hellman DH key after sending a session invitation to the second terminal, and perform a session with the second terminal based on the quantum session key.

16. A terminal, comprising:

the second sending module is used for sending a quantum session key request to the quantum key server based on a second secure channel, wherein the quantum key server binds the quantum key request and the quantum key and then stores the bound quantum key request and the bound quantum key in a local place;

the second receiving module is used for receiving the quantum key sent by the quantum key server through a second secure channel;

And the second interaction module is used for generating a quantum session key based on the quantum key and the diffie-hellman DH key and carrying out session with the first terminal based on the quantum session key.

17. An electronic device comprising a transceiver and a processor;

The transceiver is configured to send a quantum session key request to a quantum key server based on a second secure channel, where the quantum key server binds the quantum key request and a quantum key and then stores the bound quantum key request and the bound quantum key in a local area, and receive the quantum key sent by the quantum key server through the second secure channel;

the transceiver or processor is configured to generate a quantum session key based on the quantum key and a diffie-hellman DH key, and conduct a session with a first terminal based on the quantum session key.

18. A quantum key server, comprising:

The third receiving module is used for receiving a quantum session key request sent by a first terminal through a first secure channel between the first terminal and the quantum key server;

the generation module is used for responding to the quantum session key request, generating a quantum session key and storing the quantum session key request and the quantum key in a local place after binding;

and a fourth sending module, configured to send the quantum key to a second terminal through a second secure channel between the quantum key server and the second terminal, and send the quantum key to the first terminal through the second secure channel, where the first terminal and the second terminal generate a quantum session key based on the quantum key and a diffie-hellman DH key.

19. An electronic device comprising a transceiver and a processor;

The transceiver is used for receiving a quantum session key request sent by a first terminal through a first secure channel between the first terminal and the quantum key server;

the processor is used for responding to the quantum session key request, generating a quantum session key and storing the quantum session key request and the quantum key in a local place after binding;

The transceiver is configured to send the quantum key to a second terminal through a second secure channel between the quantum key server and the second terminal, and send the quantum key to the first terminal through the second secure channel, where the first terminal and the second terminal generate a quantum session key based on the quantum key and a diffie-hellman DH key.

20. An electronic device, comprising: a processor, a memory and a program stored on the memory and executable on the processor, which when executed by the processor performs the method steps of any one of claims 1 to 6, or claims 7 to 11, or claims 12 to 13.

21. A computer-readable storage medium, on which a computer program is stored, which computer program, when being executed by a processor, carries out the method steps of any one of claims 1 to 6, or claims 7 to 11, or claims 12 to 13.