CN110535632A

CN110535632A - Based on unsymmetrical key pond to and DH agreement quantum communications service station AKA cryptographic key negotiation method and system

Info

Publication number: CN110535632A
Application number: CN201910591318.4A
Authority: CN
Inventors: 富尧; 钟一民; 余秋炜
Original assignee: Ruban Quantum Technology Co Ltd
Current assignee: Ruban Quantum Technology Co Ltd
Priority date: 2019-07-02
Filing date: 2019-07-02
Publication date: 2019-12-03
Anticipated expiration: 2039-07-02
Also published as: CN110535632B

Abstract

This application involves it is a kind of based on unsymmetrical key pond to and DH agreement quantum communications service station AKA cryptographic key negotiation method and system, in the application, customer end A, service station and customer end B are equipped with key card, key is stored using key card, a possibility that key card is independent hardware device, steals key by Malware or malicious operation substantially reduces.

Description

Based on unsymmetrical key pond to and DH agreement quantum communications service station AKA key assist Quotient's method and system

Technical field

This application involves safety communication technology field, more particularly to based on unsymmetrical key pond to and DH agreement quantum Communication service station AKA cryptographic key negotiation method and system.

Background technique

The Internet of rapid development brings huge convenience to people's lives, work, and people can be sitting in family It sent and received e-mail, made a phone call by Internet, carrying out the activities such as shopping online, bank transfer.Internet message safety simultaneously It is increasingly becoming a potential huge problem.In general internet message is faced with following several security risks: internet message It is stolen, message is tampered, attacker palms off message, malicious sabotage etc..

Wherein authentication is a kind of means of one of protection people's internet message.Authentication is also referred to as " identity Verifying " or " identity identification ", refer to the process of confirmation operation person's identity in computer and computer network system, so that it is determined that Whether the user has access and access right to certain resource, and then enables the access strategy of computer and networks system It reliably and efficiently executes, prevents attacker from palming off the access authority that legitimate user obtains resource, guarantee the peace of system and data Entirely, and authorization visitor legitimate interests.

And currently ensure that authentication successfully mainly relies on cryptographic technique, and in field of cryptography of today, it is main Will there are two types of cryptographic system, first is that symmetric key cryptosystem, i.e. encryption key and decruption key use it is same.The other is Public key cryptosystem, i.e. encryption key and decruption key difference, one of them can be disclosed.Current most identity is recognized Card relies primarily on public key cryptography system using algorithm.

The encryption key pair (public key) and decryption key (private key) that Public Key Cryptographic Systems uses are different.Due to encryption Key be it is disclosed, the distribution of key and management are just very simple, and Public Key Cryptographic Systems can also be easily carried out number Signature.

Since public key encryption comes out, scholars propose many kinds of public key encryption methods, their safety is all base In complicated difficult math question.Classified according to the difficult math question being based on, have following three classes system be presently believed to be safety and It is effective: big integer factorization system (representative to have RSA), Discrete log systems (representative to have DSA) and ellipse from It dissipates Logarithmic system (ECC).

But with the development of quantum computer, classical asymmetric-key encryption algorithm will be no longer safe, no matter encryption and decryption Or private key can be calculated in key exchange method, quantum computer by public key, therefore currently used asymmetric close Key will become cannot withstand a single blow in the quantum epoch.Quantum key distribution equipment QKD can ensure that the key of negotiation can not be acquired at present. But QKD is mainly used for quantum main line, ustomer premises access equipment to quantum communications service station is still classic network, therefore by non-right Claim algorithm it is difficult to ensure that authentication procedures safety.

At present in the AKA mechanism (full name " Authentication of one of the more commonly used method for authenticating of mobile communication field And Key Agreement ", i.e. authentication and key agreement.) can be achieved symmetric key negotiation and distribution.But recognize in calculating Key on syndrome vector is fixed, and there are certain risks, but if using a large amount of pool of symmetric keys again to quantum communications service There is biggish storage burden at station.

Problem of the existing technology:

1. using pool of symmetric keys between quantum communications service station and quantum key card, capacity is huge, to quantum communications The key storage in service station brings pressure；

2. quantum communications service station, which has to encrypt key, to be stored in commonly since pool of symmetric keys key capacity is huge In storage medium such as hard disk, and it can not be stored in the key card in quantum communications service station；

3. causing trouble to cipher key backup since pool of symmetric keys key capacity is huge.

Summary of the invention

Based on this, it is necessary in view of the above technical problems, provide based on unsymmetrical key pond to and DH agreement quantum it is logical Telecommunications services station AKA cryptographic key negotiation method and system.

This application discloses based on unsymmetrical key pond to and DH agreement the quantum communications service station key agreement side AKA Method is implemented in customer end A, and the quantum communications service station AKA cryptographic key negotiation method includes:

Acquisition generated after the first random parameter that customer end B generates the second random parameter, the first intermediate parameters and First key, the first key are generated using the first private key of customer end A and the first public key of service station according to DH agreement；Generate the One message, the first message include the first intermediate parameters, the device parameter of customer end A, the device parameter in service station and institute State the second random parameter；At least part content of the first message encrypts using first key and makes the first authentication code； The first message comprising first authentication code is sent to the customer end B；

The 4th message comprising network authentication token from customer end B is obtained, the network authentication token is by the clothes Business station is obtained using vector cipher key calculation, and the vector key is raw using first intermediate parameters and the first private key of service station At；It generates the vector key and the message authentication code in Ciphering Key is calculated, authenticate response, confidentiality key and complete Whole property key；After comparing message authentication code and the network authentication token and passing through, answered using the Integrity Key and certification Answer and generate the 4th authentication code, generate the 5th message, the certification response that the 5th message encrypt including the use of confidentiality key with 4th authentication code；The 5th message is sent to customer end B；

The 6th message from customer end B is obtained, the 6th message is recognized including the use of the 5th that confidentiality key encrypts Demonstrate,prove code and comparing result；5th authentication code is to be generated by customer end B using Integrity Key and comparing result, the comparison The result is that generating after the certification response of the response of customer end B comparative certification and customer end B storage, comparing result is decrypted and reads, If comparing result is that very, trusting confidentiality key is session key, trust Integrity Key is authentication key.

Disclosed herein as well is based on unsymmetrical key pond to and DH agreement the quantum communications service station key agreement side AKA Method is implemented in service station, and the quantum communications service station AKA cryptographic key negotiation method includes:

The second message from customer end B is obtained, the second message includes first message, the device parameter of customer end B, First random parameter, the second intermediate parameters and third random parameter；At least part content of the second message utilizes the Two keys encrypt and make the second authentication code；The first message includes the first intermediate parameters, the device parameter of customer end A, clothes The device parameter and the second random parameter at business station；At least part content of the first message is encrypted simultaneously using first key Make the first authentication code；Wherein, second random parameter, the first intermediate parameters are generated by the customer end A, and described first is close Key is generated using the first private key of customer end A and the first public key of service station according to DH agreement by customer end A, and second key utilizes The first private key of customer end B and the second public key of service station are generated according to DH agreement, second random parameter and the first intermediate parameters It is generated by the customer end A, the third random parameter, the first random parameter and the second intermediate parameters are by the customer end B It generates；

Decrypt and successively verify second authentication code, after the first authentication code, generation vector key, the 4th random parameter with And third key, the vector key are generated using first intermediate parameters and the first private key of service station, the third key It is generated using the second private key of service station and second intermediate parameters according to DH agreement；Using the vector key generate certification to Amount, the Ciphering Key include message authentication code, authenticate response, confidentiality key, Integrity Key and network authentication token； Third message is generated, the third message includes the 4th random parameter, Ciphering Key；In at least part of the third message Hold and encrypts using third key and make third authentication code；The third comprising third authentication code is sent to the customer end B Message；

The Ciphering Key is used to complete AKA authentication for the customer end A and customer end B.

Disclosed herein as well is based on unsymmetrical key pond to and DH agreement the quantum communications service station key agreement side AKA Method is implemented in customer end B, and the quantum communications service station AKA cryptographic key negotiation method includes:

The first random parameter is generated, and first random parameter is sent to customer end A；

The first message from the customer end A is obtained, the first message includes the first intermediate parameters, customer end A Device parameter, the device parameter in service station and the second random parameter；At least part content of the first message utilizes the One key encrypts and makes the first authentication code；Wherein, second random parameter, the first intermediate parameters are given birth to by the customer end A At the first key is generated using the first private key of customer end A and the first public key of service station according to DH agreement by customer end A；Solution The second intermediate parameters, third random parameter and the second key are generated after close, second key is private using customer end B first Key and the second public key of service station are generated according to DH agreement, generate second message, and the second message includes the first message, visitor The device parameter of family end B, first random parameter, the second intermediate parameters and third random parameter；The second message At least part content encrypts using the second key and makes the second authentication code；Send to service station includes second authentication code The second message；

The third message from service station is obtained, the third message includes the 4th random parameter, Ciphering Key；Described At least part content of three message encrypts using third key and makes third authentication code；The third key is by the service It stands and is generated using the second private key of service station and second intermediate parameters according to DH agreement, the Ciphering Key is by the service station It is generated using vector key and includes message authentication code, authenticate response, confidentiality key, Integrity Key and network authentication enable Board；The vector key is generated using first intermediate parameters and the first private key of service station；It decrypts and verifies third authentication code After parse and store the Ciphering Key, generate the 4th message comprising network authentication token and be simultaneously sent to the 4th message Customer end A；

The 5th message from customer end A is obtained, the 5th message is answered including the use of the certification that confidentiality key encrypts It answers, the 4th authentication code；Wherein the 4th authentication code is generated by customer end A using Integrity Key and certification response, wherein certification is answered It answers, confidentiality key, Integrity Key is generated by customer end A using vector key；Comparative certification response and storage after decryption Certification response simultaneously generates comparing result, and trusting confidentiality key if the certification response of certification response sum is equal is session key, Trust Integrity Key is authentication key；The 5th authentication code is generated using comparing result and Integrity Key；The 6th message is generated, The 5th authentication code and comparing result that 6th message is encrypted including the use of confidentiality key；6th message is sent to Customer end A.

Disclosed herein as well is based on unsymmetrical key pond to and DH agreement the quantum communications service station key agreement side AKA Method, the quantum communications service station AKA cryptographic key negotiation method include:

Customer end B generates the first random parameter, and first random parameter is sent to customer end A；

Customer end A acquisition generates the second random parameter, the first centre ginseng after the first random parameter that customer end B generates Several and first key, the first key are generated using the first private key of customer end A and the first public key of service station according to DH agreement； Generate first message, the first message include the first intermediate parameters, the device parameter of customer end A, service station device parameter And second random parameter；At least part content of the first message, which is encrypted using first key and makes first, recognizes Demonstrate,prove code；The first message comprising first authentication code is sent to the customer end B；

Customer end B obtains the first message, and the second intermediate parameters, third random parameter and second are generated after decryption Key, second key are generated according to DH agreement using the first private key of customer end B and the second public key of service station, generate second and disappear Breath, the second message include the first message, the device parameter of customer end B, first random parameter, the second centre ginseng Several and third random parameter；At least part content of the second message encrypts using the second key and makes the second certification Code；The second message comprising second authentication code is sent to service station；

Service station obtains second message, and decryption simultaneously successively verifies second authentication code, after the first authentication code, generates vector Key, the 4th random parameter and third key, the vector key are private using first intermediate parameters and service station first Key generates, and the third key is generated using the second private key of service station and second intermediate parameters according to DH agreement；Using institute It states vector key and generates Ciphering Key, the Ciphering Key includes message authentication code, authenticates response, confidentiality key, integrality Key and network authentication token；Third message is generated, the third message includes the 4th random parameter, Ciphering Key；It is described At least part content of third message encrypts using third key and makes third authentication code；It sends and wraps to the customer end B The third message of the authentication code containing third；

Customer end B obtains the third message, decrypts and parse and store after verifying third authentication code the Ciphering Key, It generates the 4th message comprising network authentication token and the 4th message is sent to customer end A；

Customer end A obtains the 4th message, generates the vector key and disappearing in Ciphering Key is calculated Authentication code is ceased, response, confidentiality key and Integrity Key are authenticated；Compare message authentication code and the network authentication token simultaneously By rear, the 4th authentication code is generated using the Integrity Key and certification response, generates the 5th message, the 5th message package Include the certification response using the encryption of confidentiality key and the 4th authentication code；The 5th message is sent to customer end B；

Customer end B obtains the 5th message, the certification response of comparative certification response and storage and generates comparison after decryption As a result, trusting confidentiality key if the certification response of certification response sum is equal is session key, trusting Integrity Key is to recognize Demonstrate,prove key；The 5th authentication code is generated using comparing result and Integrity Key；The 6th message is generated, the 6th message includes benefit The 5th authentication code and comparing result encrypted with confidentiality key；6th message is sent to customer end A；

Customer end A obtains the 6th message, decrypts and read comparing result, if comparing result is very, to trust secrecy Property key be session key, trusts Integrity Key be authentication key.

Preferably, the service station includes service station Qa and service station Qb, and the customer end A is the son of the service station Qa Equipment, the customer end B are the sub- equipment of the service station Qb；

The service station Qb obtains the second message from customer end B, wherein the second key utilizes visitor by the customer end B Family end the first private key of B and the first public key of service station Qb are generated according to DH agreement；The first message further includes setting for service station Qa Standby parameter, the first key are raw according to DH agreement using the first private key of customer end A and the first public key of service station Qa by customer end A At；Decrypt and verify after the second authentication code first stop is obtained the service station Qa coded communication between key, generate between first stop Message, message includes the device parameter of service station Qb, the first message and the first random parameter between the first stop；It utilizes Message encryption between the first stop is sent to service station Qa by key between the first stop；

After service station Qa is obtained, decrypted and verify first authentication code, the first intermediate parameters and service station Qa are utilized First private key generates vector key, and the vector key is for generating the Ciphering Key, with the service station Qb coded communication Key between second station is obtained, message between the second station comprising the Ciphering Key is generated, using key between second station by described the Message encryption is sent to the service station Qb between two stations；

After service station Qb is obtained, decrypted and verify, the 4th random parameter is generated, the second intermediate parameters, service station Qb are utilized First private key generates the 5th key, generates the 7th message, and the 7th message includes disappearing between the 4th random parameter and second station Breath, wherein at least part of the 7th message is encrypted using the 5th key；The 7th message is sent to the customer end B；

7th message is used to complete AKA authentication for the customer end A and customer end B.

Preferably, the customer end A and customer end B are configured with client key card, storage in the client key card There is service station public key pond, itself client public key and client private key；The service station is configured with service station key card, described Client public key pond and service station private key pond including each client public key are stored in the key card of service station.

Disclosed herein as well is a kind of client device, including memory and processor, the memory is stored with calculating Machine program, the processor realize quantum communications service station AKA described in above-mentioned technical proposal when executing the computer program The step of cryptographic key negotiation method.

Disclosed herein as well is a kind of service station equipment, including memory and processor, the memory is stored with calculating Machine program, the processor realize quantum communications service station AKA described in above-mentioned technical proposal when executing the computer program The step of cryptographic key negotiation method.

Disclosed herein as well is based on unsymmetrical key pond to and DH agreement quantum communications service station AKA key agreement system System, including memory and processor, the memory are stored with computer program, and the processor executes the computer program The step of quantum communications service station AKA cryptographic key negotiation method described in Shi Shixian above-mentioned technical proposal；The customer end A and client Hold B to be configured with client key card, be stored with service station public key pond in the client key card, the client public key of itself and Client private key；The service station is configured with service station key card, is stored in the service station key card including each client The client public key pond and service station private key pond of public key.

This application discloses based on unsymmetrical key pond to and DH agreement quantum communications service station AKA key agreement system System, including memory and processor, the memory are stored with computer program, and the processor executes the computer journey The step of quantum communications service station AKA cryptographic key negotiation method described in above-mentioned technical proposal is realized when sequence；The customer end A and visitor Family end B is configured with client key card, is stored with service station public key pond, the client public key of itself in the client key card And client private key；The service station is configured with service station key card, is stored in the service station key card including each client Hold the client public key pond and service station private key pond of public key.

Key card in the application is combined with cryptological technique, hardware security isolation technology, quantum physics technology and (takes Carry quantum random number generator in the case where) authentication and encryption and decryption product.The embedded chip and operating system of key card The functions such as secure storage and the cryptographic algorithm of key can be provided.Since it is with independent data-handling capacity and good peace Quan Xing, key card become the safety barrier of private key and pool of keys.Each key card can have hardware PIN code protection, PIN code and Hardware constitutes two necessary factors that user uses key card, i.e., so-called " double factor authentication ", and user only has while obtaining guarantor The key card and user's PIN code for having deposited relevant authentication information, just can be with login system.Even if the PIN code of user is leaked, as long as The key card that user holds is not stolen, and the identity of legitimate user would not be counterfeit；If the key card of user is lost, pick up Person also cannot counterfeit the identity of legitimate user due to not knowing user's PIN code.In short, key card makes the top-secret information such as key It is not appeared in the disk and memory of host with plaintext version, so as to which the safety of top-secret information is effectively ensured.

Each member is equipped with key card, stores key using key card, and key card is independent hardware device, by malice A possibility that software or malicious operation steal key substantially reduces.Meanwhile each member utilizes random number in conjunction with described non-right The public key of each member needed for claiming pool of keys to extract, and the public key of each member is stored in key card, guarantees that quantum computer can not Client public key is obtained, and then is unable to get corresponding private key, therefore reduces and risk is cracked by quantum computer.

Quantum communications service station as message center is without storing multiple large capacity pool of symmetric keys, it is only necessary to store client Public key pond is held, the memory space in quantum communications service station is greatly saved, is also provided convenience for cipher key backup.

Detailed description of the invention

Fig. 1 is the pool of keys distribution schematic diagram of service station key card in the application；

Fig. 2 is the pool of keys distribution schematic diagram of client key card in the application；

Fig. 3 is that customer end A and customer end B are located at the AKA authorizing procedure figure under the same service station Q in embodiment 1；

Fig. 4 is that customer end A and customer end B are located at the authentication stream of the AKA under service station QA and service station QB in embodiment 2 Cheng Tu.

Specific embodiment

It is with reference to the accompanying drawings and embodiments, right in order to which the objects, technical solutions and advantages of the application are more clearly understood The application is further elaborated.It should be appreciated that specific embodiment described herein is only used to explain the application, not For limiting the application.Wherein the service station in the application is quantum communications service station in the case where not doing specified otherwise, Each title in the application is subject to letter and number and is combined, such as device parameter IDA, facility information IDA, identification parameters IDA, IDA indicates same meaning, i.e. device parameter IDA below；Such as authentication key AK2, message authentication key AK2, information are recognized again Key A K2 is demonstrate,proved, AK2 hereinafter indicates same meaning, and authentication authorization and accounting key A K2, remaining title is similarly.

In one embodiment, the service station includes service station Qa and service station Qb, and the customer end A is the service station The sub- equipment of Qa, the customer end B are the sub- equipment of the service station Qb；

In one embodiment, the customer end A and customer end B are configured with client key card, the client key card It is inside stored with service station public key pond, itself client public key and client private key；The service station is configured with service station key Block, is stored with client public key pond and service station private key pond including each client public key in the service station key card.

In the specific implementation scenario, each parameter has various actual expression ways.Such as first random parameter can be expressed as True random number R0, the second random parameter can be expressed as true random number R1, and so on；First intermediate parameters can be expressed as truly random Number xa, the second conscientious parameter can be expressed as true random number xb；First key can be expressed as key K1, and the second key can be expressed as close Key K2, analogized with secondary；Parameters are substantially the character string that equipment generates, and different works are only played during AKA With being distinguish in order to facilitate understanding.

It is illustrated below according to implementation process specific in usage scenario:

1 customer end A of embodiment and customer end B are located under the same service station Q

System explanation

The scene of the present embodiment is as shown in figure 4, in this figure, including customer end A, customer end B and quantum communications service station Q, Referred to as service station Q.Customer end A and customer end B are equipped with client key card, and quantum communications service station Q is close equipped with service station Key card.Above-mentioned key card is same a batch of key card that the same Key Management server is issued.If the ID of customer end A is IDA, corresponding public key are PKA, and corresponding private key is SKA；If the ID of customer end B is IDB, corresponding public key is PKB, corresponding Private key is SKB.

Client and the process of quantum communications service station arranging key are as follows:

Client or quantum communications service station combine specific unsymmetrical key pointer according to key indicator random number rand Function Fp obtains corresponding unsymmetrical key pointer P, by unsymmetrical key pond pointer P from the service station public key pond in key card Or it is extracted in the private key pond of service station and obtains corresponding public and private key.

Step 1: customer end B initiates the ID authentication request with customer end A

Customer end B generates a true random number R0 according to the randomizer in local key card.If M0=R0, client Hold B by M0 as ID authentication request is sent to customer end A.

Step 2: customer end A responds request

After customer end A receives, it is truly random that random number generation two is generated according to the randomizer in local key card Number xa and R1, wherein the size of xa is in range [1, p-1].Xa=g is obtained by calculation in customer end A^xamod p.Customer end A Public key PKQ1 is taken out from the service station public key pond of local key card by R1, this process please refers to cipher key agreement process above. Customer end A takes out own private key SKA and public key PKQ1 carries out that K1=PKQ1 is calculated^SKAmod p.Customer end A splits K1 For encryption key EK1 and message authentication key AK1.If M1_0=Xa, customer end A is using message authentication key AK1 to M1_0 | | R0 carries out message authentication and MAC (M1_0 | | R0, AK1) is calculated.MAC (m, k) is indicated using m as message, using k as the message of key Authentication code.Customer end A is using encryption key EK1 to M1_0 | | MAC (M1_0 | | R0, AK1) encryption obtain M1_0 | | MAC (M1_0 ||R0,AK1)}EK1。

Customer end A is packaged message and obtains M1, is represented by M1=IDA | | IDQ | | R1 | | M1_0 | | MAC (M1_0 | | R0, AK1)}EK1.M1 is sent to customer end B by customer end A.

Step 3: customer end B requests Ciphering Key to quantum communication service station Q

Customer end B receives and parses to obtain IDA, IDQ, R1 and { M1_0 | | MAC (M1_0 | | R0, AK1) } to message after message EK1.Customer end B generates random number according to the randomizer in local key card and generates two true random numbers xb and R2, The size of middle xb is in range [1, p-1].Customer end B takes out public key from the service station public key pond of local key card by R2 PKQ2, this process please refer to cipher key agreement process above.Customer end B takes out own private key SKB and public key PKQ2 calculate To K2=PKQ2^SKBmod p.K2 is split as encryption key EK2 and message authentication key AK2 by customer end B.Customer end B calculates Obtain Xb=g^xbmod p.If M2_0=M1 | | IDB | | R0 | | Xb, customer end B carry out M2_0 using message authentication key AK2 MAC (M2_0, AK2) is calculated in message authentication.Customer end B is using encryption key EK2 to M2_0 | | MAC (M2_0, AK2) is encrypted Obtain M2_0 | | MAC (M2_0, AK2) } EK2.

Customer end B is packaged message and obtains M2, is represented by M2=IDB | | R2 | | M2_0 | | and MAC (M2_0, AK2) } EK2. Ciphering Key request M2 is sent to quantum service station Q by customer end B.

Step 4: quantum communications service station Q return authentication vector

Service station Q receives parsing after message and obtains IDB, R2 and { M2_0 | | MAC (M2_0, AK2) } EK2.Service station Q according to R2 takes out private key SKQ2 from local key card service station private key pond, this process please refers to cipher key agreement process above.Service station Q The corresponding public key PKB of customer end B is taken out from client public key pond according to IDB.K2=PKB is calculated in service station Q^SKQ2 mod p.K2 is split as encryption key EK2 and message authentication key AK2 by service station Q.

Service station Q decrypts to obtain M2_0 and MAC (M2_ using encryption key EK2 to { M2_0 | | MAC (M2_0, AK2) } EK2 0, AK2) it and using message authentication key to message authentication code verifies.If the verification passes, then it carries out in next step, otherwise, AKA failed authentication.

After being verified, service station Q parsing M2_0 obtains M1 | | IDB | | R0 | | Xb.Service station Q is according to the IDA in M2_0 Obtaining customer end A with IDQ information is the device end in itself group.

Service station Q parsing M1 obtains IDA, IDQ, R1, R0 and { M1_0 | | MAC (M1_0 | | R0, AK1) } EK1.Service station Q Private key SKQ1 is taken out from local key card service station private key pond according to R1, this process please refers to cipher key agreement process above, and The corresponding public key PKA of customer end A is taken out from local key card client public key pond according to IDA.K1=is calculated in service station Q PKA^SKQ1mod p.K1 is split as encryption key EK1 and message authentication key AK1 by service station Q.Service station Q utilizes EK1 pairs { M1_0 | | MAC (M1_0 | | R0, AK1) } EK1 decrypts to obtain M1_0 and MAC (M1_0 | | R0, AK1), and using AK1 to MAC (M1_0 | | R0, AK1) carry out information authentication.

After being verified, service station Q generates a true random number Ra, root according to the randomizer in local key card Private key SKQa is taken out from local key card service station private key pond according to Ra.Key K=Xa is calculated in service station Q^SKQa mod p。 Key K is calculated for vector below.The calculating of following Ciphering Key refers to AKA authentication techniques.

Calculate message authentication code (MAC): MAC=F1_K(Xa||Ra||AMF)；

Calculate desired certification response (XRES): XRES=F2_K(Xa||Ra)；

Computational security key (CK): CK=F3_K(Xa||Ra)；

Calculation of integrity key (IK): IK=F4_K(Xa||Ra)；

Network authentication token (AUTN): AUTN=Ra | | AMF | | MAC；

Integration obtains Ciphering Key AV=XRES | | CK | | IK | | AUTN.

Service station Q generates random number according to the randomizer in local key card and generates a true random number R3.Clothes Business station Q takes out private key SKQ3 according to R3 from local key card service station private key pond, this process please refers to key agreement mistake above Journey.K3=Xb is obtained by calculation in service station Q^SKQ3mod p.K3 is split as encryption key EK3 and message authentication by service station Q Key A K3.

Service station Q carries out message authentication algorithm to Ciphering Key AV and obtains message authentication code MAC (AV, AK3).Service station Q Using encryption key EK3 to AV | | MAC (AV, AK3) encryption obtains { AV | | MAC (AV, AK3) } EK3 and by M3=R3 | | AV | | MAC (AV, AK3) } EK3 is sent to customer end B.

Step 5: customer end B initiates authentication challenge

After customer end B receives, public key PKQ3 is taken out from local key card service station public key pond according to R3, this process please join It is admitted to literary cipher key agreement process.K3=PKQ3 is obtained by calculation in customer end B^xbmod p.K3 is split as encrypting close by customer end B Key EK3 and message authentication key AK3.Customer end B decrypts to obtain AV using EK3 to { AV | | MAC (AV, AK3) } EK3 | | MAC (AV, AK3), and message authentication code MAC (AV, AK3) is verified using AK3.After being verified, customer end B parsing AV is obtained To XRES | | CK | | IK | | AUTN, and by XRES | | CK | | IK is retained in local secure storage region.If M4=AUTN, and by M4 It is sent to customer end A.

Step 6: customer end A return authentication response

After customer end A receives, public key PKQa is taken out from local key card service station public key pond according to Ra, this process please join It is admitted to literary cipher key agreement process.K=PKQa is calculated in customer end A^xamod p.Customer end A carries out calculating below using K.

XMAC=F1_K(Xa||Ra||AMF)；

RES=F2_K(Xa||Ra)；

CK=F3_K(Xa||Ra)；

IK=F4_K(Xa||Ra)；

Customer end A compares the MAC in XMAC and AUTN, if identical, carries out in next step；Otherwise, authentication is lost It loses.After verification passes through, customer end A carries out message authentication algorithm to RES using IK and obtains message authentication code MAC (RES, IK), and Using CK to RES | | MAC (RES, IK) encryption obtains { RES | | MAC (RES, IK) } CK.If M5=RES | | MAC (RES, IK) } CK.M5 is sent to customer end B by customer end A.

Step 7: the certification response of customer end B verifying customer end A

After customer end B receives, RES is obtained using CK decryption M5 | | MAC (RES, IK), and using IK to message authentication code MAC (RES, IK) is verified.If the verification passes, whether customer end B verifying RES and local XRES are equal.If verifying Pass through, then REP=OK；Conversely, then REP=FAIL.

Customer end B carries out message authentication algorithm to REP using IK and obtains message authentication code MAC (REP, IK), and utilizes CK To REP | | MAC (REP, IK) encryption obtains M6, is represented by M6={ REP | | MAC (REP, IK) } CK.Customer end B sends M6 To customer end A.Customer end A parses authenticating result REP after decrypting and authenticate using CK and IK.

Authentication terminates, and customer end A and customer end B obtain session key i.e. encryption key CK and message authentication key IK.

2 customer end A of embodiment and customer end B are located under service station QA and service station QB

System explanation

The scene of the present embodiment as shown in figure 3, in this figure, including customer end A, customer end B, quantum communications service station QA and Quantum communications service station QB, referred to as service station QA and service station QB.Customer end A and customer end B are equipped with client key card, Quantum communications service station QA and quantum communications service station QB is furnished with service station key card.Above-mentioned customer end A belongs to quantum communications Service station QA, customer end B belong to quantum communications service station QB.If the ID of customer end A is IDA, corresponding public key is PKA, right The private key answered is SKA；If the ID of customer end B is IDB, corresponding public key is PKB, and corresponding private key is SKB.

Client or quantum communications service station combine specific unsymmetrical key pointer according to key indicator random number rand Function Fp obtains corresponding unsymmetrical key pointer P, by unsymmetrical key pond pointer P from the service station public key pond in key card Or it is extracted in the private key pond of service station and obtains corresponding public key or private key.

Customer end B generates random number according to the randomizer in local key card and generates a true random number R0.If M0=R0, customer end B is by M0 as ID authentication request is sent to customer end A.

Step 2: customer end A responds request

After customer end A receives, two true random numbers xa and R1 are generated according to the randomizer in local key card, The size of middle xa is in range [1, p-1].Xa=g is obtained by calculation in customer end A^xamod p.Customer end A passes through R1 from local Public key PKQA1 is taken out in the service station public key pond of key card, this process please refers to cipher key agreement process above.Customer end A is taken out Own private key SKA and public key PKQA1 carry out that K1=PKQA1 is calculated^SKAmod p.K1 is split as encryption key by customer end A EK1 and message authentication key AK1.If M1_0=Xa, customer end A is using message authentication key AK1 to M1_0 | | R0 carries out message Authentication calculations obtain MAC (M1_0 | | R0, AK1).MAC (m, k) is indicated using m as message, using k as the message authentication code of key.Visitor Family end A is using encryption key EK1 to M1_0 | | MAC (M1_0 | | R0, AK1) encryption obtain M1_0 | | MAC (M1_0 | | R0, AK1)}EK1。

Customer end A is packaged message and obtains M1, is represented by M1=IDA | | IDQA | | R1 | | M1_0 | | MAC (M1_0 | | R0, AK1)}EK1.M1 is sent to customer end B by customer end A.

Step 3: customer end B requests Ciphering Key to quantum communication service station QB

Customer end B receives and parses to obtain IDA, IDQA, R1 and { M1_0 | | MAC (M1_0 | | R0, AK1) } to message after message EK1.Customer end B generates random number according to the randomizer in local key card and generates two true random numbers xb and R2, The size of middle xb is in range [1, p-1].Customer end B takes out public key from the service station public key pond of local key card by R2 PKQB2, this process please refer to cipher key agreement process above.Customer end B is taken out own private key SKB and public key PKQB2 and is calculated Obtain K2=PKQB2^SKBmod p.K2 is split as encryption key EK2 and message authentication key AK2 by customer end B.Customer end B meter Calculation obtains Xb=g^xbmod p.If M2_0=M1 | | IDB | | R0 | | Xb, customer end B using message authentication key AK2 to M2_0 into MAC (M2_0, AK2) is calculated in row message authentication.Customer end B is using encryption key EK2 to M2_0 | | MAC (M2_0, AK2) adds It is close to obtain { M2_0 | | MAC (M2_0, AK2) } EK2.

Customer end B is packaged message and obtains M2, is represented by M2=IDB | | R2 | | M2_0 | | and MAC (M2_0, AK2) } EK2. Ciphering Key request M2 is sent to quantum service station QB by customer end B.

Step 4: quantum communications service station QB requests quantum communication service station QA

Service station QB receives parsing after message and obtains IDB, R2 and { M2_0 | | MAC (M2_0, AK2) } EK2.Service station QB root Private key SKQB2 is taken out from local key card service station private key pond according to R2, this process please refers to cipher key agreement process above.Service The QB that stands takes out the corresponding public key PKB of customer end B according to IDB from client public key pond.K2=is calculated in service station QB PKB^SKQB2mod p.K2 is split as encryption key EK2 and message authentication key AK2 by service station QB.

Service station QB decrypts to obtain M2_0 and MAC using encryption key EK2 to { M2_0 | | MAC (M2_0, AK2) } EK2 (M2_0, AK2) and message authentication code is verified using message authentication key.If the verification passes, then it carries out in next step, it is no Then, AKA failed authentication.

After being verified, service station QB parsing M2_0 obtains M1 | | IDB | | R0 | | Xb.Service station QB passes through with service station QA Quantum key distribution negotiates to obtain encryption key EK3 ' and message authentication key AK3 '.If M3 '=IDQB | | M1 | | R0, service station QB utilizes AK3 ' to carry out message authentication to M3 ' and MAC (M3 ', AK3 ') is calculated.Service station QB is right using encryption key EK3 ' M3 ' | | MAC (M3 ', AK3 ') encryption obtains { M3 ' | | MAC (M3 ', AK3 ') } EK3 '.

{ M3 ' | | MAC (M3 ', AK3 ') } EK3 ' is sent to service station QA according to the IDQA information in M2_0 by service station QB.

Step 5: quantum communications service station QA return authentication vector

After service station QA is received, { M3 ' | | MAC (M3 ', AK3 ') } EK3 ' decryption is obtained using obtained EK3 ' is negotiated M3 ' | | MAC (M3 ', AK3 '), and utilize AK3 ' verifying message authentication code MAC (M3 ', AK3 ').After being verified, service station QA Parsing M3 ' obtains IDQB, IDA, IDQA, R1, R0 and { M1_0 | | MAC (M1_0 | | R0, AK1) } EK1.Service station QA according to R1 from Private key SKQA1 is taken out in local key card service station private key pond, this process please refers to cipher key agreement process above, and according to IDA The corresponding public key PKA of customer end A is taken out from local key card client public key pond.K1=PKA is calculated in service station QA^SKQA1 mod p.K1 is split as encryption key EK1 and message authentication key AK1 by service station QA.Service station QA using EK1 to M1_0 | | MAC (M1_0 | | R0, AK1) } EK1 decrypts to obtain M1_0 and MAC (M1_0 | | R0, AK1), and using AK1 to MAC (M1_0 | | R0, AK1 information authentication) is carried out.

After being verified, service station QA generates a true random number Ra according to the randomizer in local key card, Private key SKQAa is taken out from local key card service station private key pond according to Ra.Key K=Xa is calculated in service station QA^SKQAa mod p.Key K is calculated for vector below.The calculating of following Ciphering Key refers to AKA authentication techniques.

Calculate message authentication code (MAC): MAC=F1_K(Xa||Ra||AMF)；

Calculate desired certification response (XRES): XRES=F2_K(Xa||Ra)；

Computational security key (CK): CK=F3_K(Xa||Ra)；

Calculation of integrity key (IK): IK=F4_K(Xa||Ra)；

Network authentication token (AUTN): AUTN=Ra | | AMF | | MAC；

Integration obtains Ciphering Key AV=M4 '=XRES | | CK | | IK | | AUTN.Service station QA and service station QB negotiate To encryption key EK4 ' and message authentication key AK4 '.Service station QA carries out message authentication algorithm to M4 ' and obtains message authentication code MAC (M4 ', AK4 ').Service station QA is using encryption key EK4 ' to M4 ' | | MAC (M4 ', AK4 ') encryption obtain M4 ' | | MAC (M4 ', AK4 ') } EK4 ' and it is sent to service station QB.

Step 6: quantum communications service station QB forwards Ciphering Key

After service station QB is received, EK4 ' is utilized to obtain M4 ' to { M4 ' | | MAC (M4 ', AK4 ') } EK4 ' decryption | | MAC (M4 ', AK4 '), and message authentication code MAC (M4 ', AK4 ') is verified using AK4 '.After being verified, service station QB root Random number, which is generated, according to the randomizer in local key card generates a true random number R3.Service station QB is according to R3 from local Private key SKQB3 is taken out in the private key pond of key card service station, this process please refers to cipher key agreement process above.Service station QB passes through meter Calculation obtains K5=Xb^SKQB3mod p.K5 is split as encryption key EK5 and message authentication key AK5 by service station QB.

Service station QB carries out message authentication algorithm to M4 ' and obtains message authentication code MAC (M4 ', AK5).Service station QB is utilized Encryption key EK5 is to M4 ' | | MAC (M4 ', AK5) encryption obtains { M4 ' | | MAC (M4 ', AK5) } EK5 and by M5 '=R3 | | { M4 ' | | MAC (M4 ', AK5) } EK5 is sent to customer end B.

Step 7: customer end B initiates authentication challenge

After customer end B receives, public key PKQB3 is taken out from local key card service station public key pond according to R3, this process is asked With reference to cipher key agreement process above.K5=PKQB3 is obtained by calculation in customer end B^xbmod p.K5 is split as adding by customer end B Key EK5 and message authentication key AK5.Customer end B decrypts to obtain M4 ' using EK5 to { M4 ' | | MAC (M4 ', AK5) } EK5 | | MAC (M4 ', AK5), and message authentication code MAC (M4 ', AK5) is verified using AK5.After being verified, customer end B solution Analysis M4 ' obtains XRES | | CK | | IK | | AUTN, and by XRES | | CK | | IK is retained in local secure storage region.If M6 '= AUTN, and customer end A is sent by M6 '.

Step 8: customer end A return authentication response

After customer end A receives, public key PKQAa is taken out from local key card service station public key pond according to Ra, this process is asked With reference to cipher key agreement process above.K=PKQAa is calculated in customer end A^xamod p.Customer end A carries out meter below using K It calculates.

XMAC=F1_K(Xa||Ra||AMF)；

RES=F2_K(Xa||Ra)；

CK=F3_K(Xa||Ra)；

IK=F4_K(Xa||Ra)；

Customer end A compares the MAC in XMAC and AUTN, if identical, carries out in next step；Otherwise, authentication is lost It loses.After verification passes through, customer end A carries out message authentication algorithm to RES using IK and obtains message authentication code MAC (RES, IK), and Using CK to RES | | MAC (RES, IK) encryption obtains { RES | | MAC (RES, IK) } CK.If M7=RES | | MAC (RES, IK) } CK.M7 is sent to customer end B by customer end A.

Step 9: the certification response of customer end B verifying customer end A

After customer end B receives, RES is obtained using CK decryption M7 | | MAC (RES, IK), and using IK to message authentication code MAC (RES, IK) is verified.If the verification passes, whether customer end B verifying RES and local XRES are equal.If verifying Pass through, then REP=OK；Conversely, then REP=FAIL.

Customer end B carries out message authentication algorithm to REP using IK and obtains message authentication code MAC (REP, IK), and utilizes CK To REP | | MAC (REP, IK) encryption obtains M8, is represented by M8={ REP | | MAC (REP, IK) } CK.Customer end B sends M8 To customer end A.Customer end A parses authenticating result REP after decrypting and authenticate using CK and IK.

Specific restriction about customer end A equipment, customer end B equipment, service station Q equipment and system may refer to above In restriction for quantum communications service station authentication method, details are not described herein.Modules in above-mentioned each equipment can be complete Portion or part are realized by software, hardware and combinations thereof.Above-mentioned each module can be embedded in the form of hardware or independently of calculating In processor in machine equipment, it can also be stored in a software form in the memory in computer equipment, in order to processor It calls and executes the corresponding operation of the above modules.

In one embodiment, a kind of computer equipment is provided, which can be service station Q, inside Structure chart can be as shown in Figure 1.The computer equipment includes processor, the memory, network interface connected by system bus And database.Wherein, the processor of the computer equipment is for providing calculating and control ability.The memory of the computer equipment Including non-volatile memory medium, built-in storage.The non-volatile memory medium is stored with operating system, computer program sum number According to library.The built-in storage provides environment for the operation of operating system and computer program in non-volatile memory medium.The meter The database for calculating machine equipment is used to store the related data of authentication.The network interface of the computer equipment is used for and outside Terminal passes through network connection communication.When the computer program is executed by processor with realize it is a kind of based on unsymmetrical key pond to The quantum communications service station AKA cryptographic key negotiation method of DH agreement.

Wherein implement according in the available claim of conclusion of the specific steps of technical solution disclosed above in visitor Family end A based on unsymmetrical key pond to and DH agreement quantum communications service station AKA cryptographic key negotiation method, implement in service station Based on unsymmetrical key pond to and DH agreement quantum communications service station AKA cryptographic key negotiation method and implement in customer end B Based on unsymmetrical key pond to and DH agreement quantum communications service station AKA cryptographic key negotiation method, therefore repeat no more.

It will be understood by those skilled in the art that structure shown in Fig. 1, only part relevant to application scheme is tied The block diagram of structure does not constitute the restriction for the computer equipment being applied thereon to application scheme, specific computer equipment It may include perhaps combining certain components or with different component layouts than more or fewer components as shown in the figure.

Those of ordinary skill in the art will appreciate that realizing all or part of the process in above-described embodiment method, being can be with Relevant hardware is instructed to complete by computer program, the computer program can be stored in a non-volatile computer In read/write memory medium, the computer program is when being executed, it may include such as the process of the embodiment of above-mentioned each method.Wherein, To any reference of memory, storage, database or other media used in each embodiment provided herein, Including non-volatile and/or volatile memory.Nonvolatile memory may include read-only memory (ROM), programming ROM (PROM), electrically programmable ROM (EPROM), electrically erasable ROM (EEPROM) or flash memory.Volatile memory may include Random access memory (RAM) or external cache.By way of illustration and not limitation, RAM is available in many forms, Such as static state RAM (SRAM), dynamic ram (DRAM), synchronous dram (SDRAM), double data rate sdram (DDRSDRAM), enhancing Type SDRAM (ESDRAM), synchronization link (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic ram (DRDRAM) and memory bus dynamic ram (RDRAM) etc..

Each technical characteristic of above embodiments can be combined arbitrarily, for simplicity of description, not to above-described embodiment In each technical characteristic it is all possible combination be all described, as long as however, the combination of these technical characteristics be not present lance Shield all should be considered as described in this specification.

The several embodiments of the application above described embodiment only expresses, the description thereof is more specific and detailed, but simultaneously It cannot therefore be construed as limiting the scope of the patent.It should be pointed out that coming for those of ordinary skill in the art It says, without departing from the concept of this application, various modifications and improvements can be made, these belong to the protection of the application Range.Therefore, the scope of protection shall be subject to the appended claims for the application patent.

Claims

1. based on unsymmetrical key pond to and DH agreement quantum communications service station AKA cryptographic key negotiation method, implement in client A, which is characterized in that the quantum communications service station AKA cryptographic key negotiation method includes:

Acquisition generates the second random parameter, the first intermediate parameters and first after the first random parameter that customer end B generates Key, the first key are generated using the first private key of customer end A and the first public key of service station according to DH agreement；First is generated to disappear Breath, the first message include the first intermediate parameters, the device parameter of customer end A, the device parameter in service station and described the Two random parameters；At least part content of the first message encrypts using first key and makes the first authentication code；To institute It states customer end B and sends the first message comprising first authentication code；

The 4th message comprising network authentication token from customer end B is obtained, the network authentication token is by the service station It is obtained using vector cipher key calculation, the vector key is generated using first intermediate parameters and the first private key of service station；It is raw At the vector key and the message authentication code in Ciphering Key is calculated, authenticates response, confidentiality key and integrality Key；After comparing message authentication code and the network authentication token and passing through, utilize the Integrity Key and certification response raw At the 4th authentication code, the 5th message, the certification response and the 4th that the 5th message is encrypted including the use of confidentiality key are generated Authentication code；The 5th message is sent to customer end B；

Obtain the 6th message from customer end B, the 5th authentication code that the 6th message is encrypted including the use of confidentiality key And comparing result；5th authentication code is to be generated by customer end B using Integrity Key and comparing result, the comparing result It is the certification response generation later of the response of customer end B comparative certification and customer end B storage, comparing result is decrypted and read, if right It is that very, then trusting confidentiality key is session key than result, trust Integrity Key is authentication key.

2. based on unsymmetrical key pond to and DH agreement quantum communications service station AKA cryptographic key negotiation method, implement in service station, It is characterized in that, the quantum communications service station AKA cryptographic key negotiation method includes:

The second message from customer end B is obtained, the second message includes first message, the device parameter of customer end B, and first Random parameter, the second intermediate parameters and third random parameter；At least part content of the second message is close using second Key encrypts and makes the second authentication code；The first message includes the first intermediate parameters, the device parameter of customer end A, service station Device parameter and the second random parameter；At least part content of the first message is encrypted and is made using first key First authentication code；Wherein, second random parameter, the first intermediate parameters are generated by the customer end A, the first key by Customer end A is generated using the first private key of customer end A and the first public key of service station according to DH agreement, and second key utilizes client The first private key of B and the second public key of service station is held to be generated according to DH agreement, second random parameter and the first intermediate parameters are by institute Customer end A generation is stated, the third random parameter, the first random parameter and the second intermediate parameters are generated by the customer end B；

It decrypts and successively verifies second authentication code, after the first authentication code, generation vector key, the 4th random parameter and the Three keys, the vector key are generated using first intermediate parameters and the first private key of service station, and the third key utilizes The second private key of service station and second intermediate parameters are generated according to DH agreement；Ciphering Key is generated using the vector key, The Ciphering Key includes message authentication code, authenticates response, confidentiality key, Integrity Key and network authentication token；It is raw At third message, the third message includes the 4th random parameter, Ciphering Key；At least part content of the third message It is encrypted using third key and makes third authentication code；The third comprising third authentication code is sent to the customer end B to disappear Breath；

3. based on unsymmetrical key pond to and DH agreement quantum communications service station AKA cryptographic key negotiation method, implement in client B, which is characterized in that the quantum communications service station AKA cryptographic key negotiation method includes:

The first message from the customer end A is obtained, the first message includes the first intermediate parameters, the equipment of customer end A Parameter, the device parameter in service station and the second random parameter；At least part content of the first message is close using first Key encrypts and makes the first authentication code；Wherein, second random parameter, the first intermediate parameters are generated by the customer end A, institute It states first key and is generated using the first private key of customer end A and the first public key of service station according to DH agreement by customer end A；It is raw after decryption At the second intermediate parameters, third random parameter and the second key, second key utilize the first private key of customer end B and clothes Business the second public key of station is generated according to DH agreement, generates second message, the second message includes the first message, customer end B Device parameter, first random parameter, the second intermediate parameters and third random parameter；At least the one of the second message Partial content encrypts using the second key and makes the second authentication code；It sends to service station comprising described in second authentication code Second message；

The third message from service station is obtained, the third message includes the 4th random parameter, Ciphering Key；The third disappears At least part content of breath encrypts using third key and makes third authentication code；The third key is by the service station benefit It is generated with the second private key of service station and second intermediate parameters according to DH agreement, the Ciphering Key is utilized by the service station Vector key generates and includes message authentication code, authenticates response, confidentiality key, Integrity Key and network authentication token； The vector key is generated using first intermediate parameters and the first private key of service station；It decrypts and is solved after verifying third authentication code The Ciphering Key is analysed and stored, the 4th message comprising network authentication token is generated and the 4th message is sent to client Hold A；

Fiveth message of the acquisition from customer end A, the certification response that the 5th message is encrypted including the use of confidentiality key, the Four authentication codes；Wherein the 4th authentication code is generated by customer end A using Integrity Key and certification response, wherein authenticating response, is protected Close property key, Integrity Key are generated by customer end A using vector key；The certification of comparative certification response and storage is answered after decryption Comparing result is answered and generates, trusting confidentiality key if the certification response of certification response sum is equal is session key, has been trusted Whole property key is authentication key；The 5th authentication code is generated using comparing result and Integrity Key；Generate the 6th message, described The 5th authentication code and comparing result that six message are encrypted including the use of confidentiality key；6th message is sent to client A。

4. based on unsymmetrical key pond to and DH agreement quantum communications service station AKA cryptographic key negotiation method, which is characterized in that institute Stating quantum communications service station AKA cryptographic key negotiation method includes:

Customer end A acquisition generated after the first random parameter that customer end B generates the second random parameter, the first intermediate parameters with And first key, the first key are generated using the first private key of customer end A and the first public key of service station according to DH agreement；It generates First message, the first message include the first intermediate parameters, the device parameter of customer end A, service station device parameter and Second random parameter；At least part content of the first message encrypts using first key and makes the first certification Code；The first message comprising first authentication code is sent to the customer end B；

Customer end B obtains the first message, and the second intermediate parameters, third random parameter and the second key are generated after decryption, Second key is generated using the first private key of customer end B and the second public key of service station according to DH agreement, and second message, institute are generated Stating second message includes the first message, the device parameter of customer end B, first random parameter, the second intermediate parameters with And third random parameter；At least part content of the second message encrypts using the second key and makes the second authentication code； The second message comprising second authentication code is sent to service station；

Service station obtains second message, and decryption simultaneously successively verifies second authentication code, after the first authentication code, it is close to generate vector Key, the 4th random parameter and third key, the vector key utilize the first private key of first intermediate parameters and service station It generates, the third key is generated using the second private key of service station and second intermediate parameters according to DH agreement；Using described Vector key generates Ciphering Key, and the Ciphering Key includes message authentication code, authenticates response, confidentiality key, integrality is close Key and network authentication token；Third message is generated, the third message includes the 4th random parameter, Ciphering Key；Described At least part content of three message encrypts using third key and makes third authentication code；Include to customer end B transmission The third message of third authentication code；

Customer end B obtains the third message, decrypts and parse and store after verifying third authentication code the Ciphering Key, generates 4th message is simultaneously sent to customer end A by the 4th message comprising network authentication token；

Customer end A obtains the 4th message, generates the vector key and the message in Ciphering Key is calculated and recognize Code is demonstrate,proved, response, confidentiality key and Integrity Key are authenticated；Comparison message authentication code and the network authentication token simultaneously passes through Afterwards, the 4th authentication code is generated using the Integrity Key and certification response, generates the 5th message, the 5th message includes benefit The certification response encrypted with confidentiality key and the 4th authentication code；The 5th message is sent to customer end B；

Customer end B obtains the 5th message, the certification response of comparative certification response and storage and generates comparing result after decryption, Trusting confidentiality key if the certification response of certification response sum is equal is session key, and trusting Integrity Key is that certification is close Key；The 5th authentication code is generated using comparing result and Integrity Key；The 6th message is generated, the 6th message is including the use of guarantor The 5th authentication code and comparing result of close property key encryption；6th message is sent to customer end A；

Customer end A obtains the 6th message, decrypts and read comparing result, if comparing result is very, it is close to trust confidentiality Key is session key, and trust Integrity Key is authentication key.

5. such as the described in any item quantum communications service station AKA cryptographic key negotiation methods of Claims 1-4, which is characterized in that described Service station includes service station Qa and service station Qb, and the customer end A is the sub- equipment of the service station Qa, and the customer end B is The sub- equipment of the service station Qb；

The service station Qb obtains the second message from customer end B, wherein the second key utilizes client by the customer end B The first private key of B and the first public key of service station Qb are generated according to DH agreement；The first message further includes the equipment ginseng of service station Qa Number, the first key are generated using the first private key of customer end A and the first public key of service station Qa according to DH agreement by customer end A； Decrypt and verify after the second authentication code first stop is obtained the service station Qa coded communication between key, generate and disappear between first stop It ceases, message includes the device parameter of service station Qb, the first message and the first random parameter between the first stop；Using institute It states between first stop key and message encryption between the first stop is sent to service station Qa；

After service station Qa is obtained, decrypted and verify first authentication code, the first intermediate parameters and service station Qa first are utilized Private key generates vector key, and the vector key is obtained for generating the Ciphering Key with the service station Qb coded communication Key between second station generates message between the second station comprising the Ciphering Key, using key between second station by the second station Between message encryption be sent to the service station Qb；

After service station Qb is obtained, decrypted and verify, the 4th random parameter is generated, the second intermediate parameters, service station Qb first are utilized Private key generates the 5th key, generates the 7th message, and the 7th message includes message between the 4th random parameter and second station, Described in the 7th message at least part utilize the 5th key encryption；The 7th message is sent to the customer end B；

6. such as the described in any item quantum communications service station AKA cryptographic key negotiation methods of Claims 1-4, which is characterized in that described Customer end A and customer end B are configured with client key card, are stored with service station public key pond in the client key card, itself Client public key and client private key；The service station is configured with service station key card, storage in the service station key card There are client public key pond and service station private key pond including each client public key.

7. a kind of client device, including memory and processor, the memory are stored with computer program, feature exists In the processor realizes quantum communications service station AKA key agreement described in claim 1 when executing the computer program The step of method.

8. a kind of service station equipment, including memory and processor, the memory are stored with computer program, feature exists In the processor realizes quantum communications service station AKA key agreement described in claim 2 when executing the computer program The step of method.

9. a kind of client device, including memory and processor, the memory are stored with computer program, feature exists In the processor realizes quantum communications service station AKA key agreement described in claim 3 when executing the computer program The step of method.

10. based on unsymmetrical key pond to and DH agreement quantum communications service station AKA key agreement system, including memory and Processor, the memory are stored with computer program, which is characterized in that the processor executes real when the computer program The step of quantum communications service station AKA cryptographic key negotiation method described in existing claim 4；The customer end A and customer end B configuration There is client key card, service station public key pond is stored in the client key card, itself client public key and client Private key；The service station is configured with service station key card, is stored in the service station key card including each client public key Client public key pond and service station private key pond.