CN112468287A - Key distribution method, system, mobile terminal and wearable device - Google Patents

Key distribution method, system, mobile terminal and wearable device Download PDF

Info

Publication number
CN112468287A
CN112468287A CN201910865926.XA CN201910865926A CN112468287A CN 112468287 A CN112468287 A CN 112468287A CN 201910865926 A CN201910865926 A CN 201910865926A CN 112468287 A CN112468287 A CN 112468287A
Authority
CN
China
Prior art keywords
key
mobile terminal
key distribution
wearable device
distribution network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910865926.XA
Other languages
Chinese (zh)
Other versions
CN112468287B (en
Inventor
赵勇
刘春华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Institute Of Quantum Science And Technology Co ltd
Quantumctek Co Ltd
Original Assignee
Shandong Institute Of Quantum Science And Technology Co ltd
Quantumctek Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Institute Of Quantum Science And Technology Co ltd, Quantumctek Co Ltd filed Critical Shandong Institute Of Quantum Science And Technology Co ltd
Priority to CN201910865926.XA priority Critical patent/CN112468287B/en
Priority to PCT/CN2020/113815 priority patent/WO2021047477A1/en
Publication of CN112468287A publication Critical patent/CN112468287A/en
Application granted granted Critical
Publication of CN112468287B publication Critical patent/CN112468287B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K17/00Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K17/00Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations
    • G06K17/0022Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations arrangements or provisions for transferring data to distant stations, e.g. from a sensing device
    • G06K17/0025Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations arrangements or provisions for transferring data to distant stations, e.g. from a sensing device the arrangement consisting of a wireless interrogation device in combination with a device for optically marking the record carrier
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • General Engineering & Computer Science (AREA)
  • Electromagnetism (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a key distribution method, a system, a mobile terminal and wearable equipment, wherein the mobile terminals to establish communication all store the same quantum key in advance, the quantum key is generated and stored by a key distribution network, and the method comprises the following steps: an initiator mobile terminal or a receiver mobile terminal to establish communication initiates a key distribution request to a key distribution network; the key distribution network receives the key distribution request and distributes the position mark of the service key of the communication to the mobile terminal in the quantum key; and the mobile terminal acquires the service key from the quantum key according to the position mark. The invention ensures the security of secret communication by pre-storing the quantum key in the mobile terminal to establish communication and distributing the position mark of the service key in the quantum key.

Description

Key distribution method, system, mobile terminal and wearable device
Technical Field
The invention belongs to the technical field of secret communication, and particularly relates to a secret key distribution method, a secret key distribution system, a mobile terminal and wearable equipment.
Background
The quantum secure communication network is generally set up for a specific client at present, and most of the quantum secure communication networks are office enterprises, for example, the quantum secure communication network is accessed to a certain fixed telephone in a unit. Although communication in most occasions in daily life does not need strict confidentiality, but has the requirement of confidential communication, for an individual user, if a special quantum encryption mobile phone is specially purchased for the confidentiality in only a few occasions, the cost is higher. It is therefore necessary to discuss how quantum keys are applied to mobile terminals of individual users.
Quantum keys are combined with one-time pad algorithm to guarantee unconditional safety of communication theoretically, but are still influenced by specific communication equipment and using modes in a specific practical stage. The mobile terminal has the characteristics of use flexibility and geographical mobility. If the quantum key is sent to the mobile terminal in a wired form before secret communication is performed, the mobile terminal loses the advantage of flexibility, and is not different from a fixed telephone, so that inconvenience is brought to use. If the quantum key is sent to the mobile terminal in a wireless mode before secret communication is carried out, the safety in the transmission process cannot be guaranteed, and the key has the risk of being intercepted; even if a two-stage key form is adopted, the second-stage key required by the communication service is encrypted by the first stage shared by the mobile terminal and then transmitted, the first-stage key needs to be stored in the mobile terminal in advance.
A technical solution for prestoring a secret key to a mobile terminal is proposed in quantum wireless secure communication system and mobile terminal (application No. 201710245497.7): the service terminal pre-allocates the same quantum key for a preset mobile terminal needing secret communication so as to facilitate the mobile terminal to carry out secret communication in real time; if the at least two mobile terminals which are not pre-distributed with the same quantum key need to carry out secret communication temporarily, the service terminal encrypts the same quantum key and distributes the encrypted quantum key to the mobile terminals which need to carry out secret communication respectively in real time. This way, there is a risk that the handset itself is stolen, or that the key is stolen by trojan software.
Disclosure of Invention
In addition, before the key position mark is distributed, identity authentication is carried out based on biological identification information acquired by the wearable device, and the security of secret communication is ensured.
In order to achieve the above object, one or more embodiments of the present invention provide the following technical solutions:
a secret key distribution method is characterized in that mobile terminals to establish communication pre-store the same quantum secret key, and the quantum secret key is generated and stored by a secret key distribution network, and the method comprises the following steps:
an initiator mobile terminal or a receiver mobile terminal to establish communication initiates a key distribution request to a key distribution network through wearable equipment bound with the initiator mobile terminal or the receiver mobile terminal;
the key distribution network receives the key distribution request, and distributes the position mark of the service key of the communication to the mobile terminal in the quantum key through the wearable device;
and the mobile terminal acquires the service key from the quantum key according to the position mark.
Further, the initiating the key distribution request specifically includes:
the method comprises the steps that an initiator mobile terminal or a receiver mobile terminal of communication to be established sends a communication event to wearable equipment bound with the initiator mobile terminal or the receiver mobile terminal, wherein the communication event comprises communication initiator information and receiver information, and the initiator/receiver information comprises initiator/receiver equipment information and/or contact information;
the wearable device collects user biological identification information of a holder, generates a key distribution request based on the collected user biological identification information and a communication event, and sends the key distribution request to a key distribution network.
Further, the key distribution network stores a binding relationship table and a key distribution management table; the binding relation table records mobile terminal equipment information and/or contact information of a registered user and biological identification information of the user; the key distribution management table records the distribution condition of each part of the quantum key; the allocation case comprises:
the data is already distributed to the initiator and the receiver and is recorded as completely distributed;
only distributing to one of the initiator and the receiver, and recording as incomplete distribution;
unassigned to either party, denoted as unassigned.
Further, the allocating the location marker of the service key of the current communication in the quantum key includes:
the key distribution network firstly carries out identity authentication on a holder according to the user biological identification information and the binding relation table;
if the identity authentication is passed, searching whether a record with the initiator and receiver information consistent with the communication event exists in the incompletely distributed records in the key distribution management table:
if the communication event does not exist, acquiring a service key from the part of the quantum key which is not distributed, acquiring a position mark of the service key in the quantum key, sending the position mark to the wearable device, generating a new record in a key distribution management table, writing the information of the initiator, the receiver and the acquired position mark corresponding to the communication event, and marking the distribution condition as incomplete distribution;
if the position mark exists, the position mark in the record is sent to the wearable equipment, and meanwhile, the distribution condition is marked to be completely distributed;
the mobile terminal obtains the position mark from the wearable device.
Further, the identity authentication includes: and searching whether a record consistent with the received user biological identification information, the received mobile terminal equipment information and/or the received contact information exists in the binding relation table, if so, passing the authentication, otherwise, failing to pass the authentication.
Further, if the identity authentication fails, one or more of the following operations are performed:
(1) the key distribution network sends an alarm signal to the wearable device, and the wearable device receives the alarm signal and alarms the surrounding or a specific mechanism in a voice or other form;
(2) the key distribution network sends an alarm signal to the wearable device, and the wearable device collects the current position in real time after receiving the alarm signal and sends the current position to the key distribution network at set time intervals;
(3) the key distribution network sends an alarm signal to the wearable device, and after the wearable device receives the alarm signal, the wearable device deletes a pre-stored shared key between the wearable device and the key distribution network and deletes other stored sensitive information;
(4) and the key distribution network logs off or suspends the use authority of the wearable device.
Further, the method for the mobile terminal to obtain the position mark comprises the following steps:
the wearable device sends the position mark to the mobile terminal in a wireless or wired communication mode; or the wearable device displays the received position mark in a coding pattern form, and the mobile terminal scans the code to acquire the position mark.
Further, the coding pattern is in the form of a bar code or a two-dimensional code.
Further, the quantum key is stored in a continuous binary data mode, the service key is composed of a plurality of discontinuous key segments in the quantum key, and the position mark comprises a use sequence and a pointer interval; wherein the usage order represents an order of the plurality of discrete key segments in the traffic key, and the pointer interval represents a byte interval of each key segment in the quantum key.
Further, the quantum key is stored in a plurality of key segments, the service key is composed of a plurality of the key segments, and the position mark comprises a use sequence and a pointer interval; the usage order represents an order of the plurality of key segments in the traffic key, and the pointer interval represents a sequence number of each key segment in the quantum key.
Further, the communication event also comprises a communication type used for determining the length of the key to be distributed.
Further, the communication event also includes the key length required for the communication service.
Further, the wearable device prestores a shared quantum key with a key distribution network for encryption and decryption of communications with the key distribution network.
Further, the mobile terminal prestores a shared quantum key between wearable devices bound with the mobile terminal for encryption and decryption of the position marker.
One or more embodiments provide a key distribution system including:
a key distribution network for generating and storing quantum keys; and
receiving a key distribution request which is initiated by an initiator mobile terminal or a receiver mobile terminal and processed by wearable equipment bound with the initiator mobile terminal, and distributing a position mark of a service key of the communication to the mobile terminal in the quantum key through the wearable equipment;
the initiator mobile terminal and the receiver mobile terminal which are to establish communication pre-store the quantum key; and
respectively initiating a key distribution request to a key distribution network; and receiving a position mark distributed by a key distribution network, and acquiring the service key from the quantum key according to the position mark.
Further, the mobile terminal initiating a key distribution request to a key distribution network includes:
the method comprises the steps that an initiator mobile terminal or a receiver mobile terminal of communication to be established sends a communication event to wearable equipment bound with the initiator mobile terminal or the receiver mobile terminal, wherein the communication event comprises communication initiator information and receiver information, and the initiator/receiver information comprises initiator/receiver equipment information and/or contact information;
the wearable device collects user biological identification information of a holder, generates a key distribution request based on the collected user biological identification information and a communication event, and sends the key distribution request to a key distribution network.
Further, the key distribution network stores a binding relationship table and a key distribution management table; the binding relation table records mobile terminal equipment information and/or contact information of a registered user and biological identification information of the user; the key distribution management table records the distribution condition of each part of the quantum key; the allocation case comprises:
the data is already distributed to the initiator and the receiver and is recorded as completely distributed;
only distributing to one of the initiator and the receiver, and recording as incomplete distribution;
unassigned to either party, denoted as unassigned.
Further, the allocating the location marker of the service key of the current communication in the quantum key includes:
the key distribution network firstly carries out identity authentication on a holder according to the user biological identification information;
if the identity authentication is passed, searching whether a record with the initiator and receiver information consistent with the communication event exists in the incompletely distributed records in the key distribution management table:
if the communication event does not exist, acquiring a service key from the part of the quantum key which is not distributed, acquiring a position mark of the service key in the quantum key, sending the position mark to the wearable device, generating a new record in a key distribution management table, writing the information of the initiator, the receiver and the acquired position mark corresponding to the communication event, and marking the distribution condition as incomplete distribution;
if the position mark exists, the position mark in the record is sent to the wearable equipment, and meanwhile, the distribution condition is marked to be completely distributed;
the mobile terminal obtains the position mark from the wearable device.
Further, the identity authentication includes: and searching whether a record consistent with the received user biological identification information, the received mobile terminal equipment information and/or the received contact information exists in the binding relation table, if so, passing the authentication, otherwise, failing to pass the authentication.
Further, if the identity authentication fails, one or more of the following operations are performed:
(1) the key distribution network sends an alarm signal to the wearable device, and the wearable device receives the alarm signal and alarms the surrounding or a specific mechanism in a voice or other form;
(2) the key distribution network sends an alarm signal to the wearable device, and the wearable device collects the current position in real time after receiving the alarm signal and sends the current position to the key distribution network at set time intervals;
(3) the key distribution network sends an alarm signal to the wearable device, and after the wearable device receives the alarm signal, the wearable device deletes a pre-stored shared key between the wearable device and the key distribution network and deletes other stored sensitive information;
(4) and the key distribution network logs off or suspends the use authority of the wearable device.
Further, the method for the mobile terminal to obtain the position mark comprises the following steps:
the wearable device sends the position mark to the mobile terminal in a wireless or wired communication mode; or the wearable device displays the received position mark in a coding pattern form, and the mobile terminal scans the code to acquire the position mark.
Further, the coding pattern is in the form of a bar code or a two-dimensional code.
Further, the quantum key is stored in a continuous binary data mode, the service key is composed of a plurality of discontinuous key segments in the quantum key, and the position mark comprises a use sequence and a pointer interval; wherein the usage order represents an order of the plurality of discrete key segments in the traffic key, and the pointer interval represents a byte interval of each key segment in the quantum key.
Further, the quantum key is stored in a plurality of key segments, the service key is composed of a plurality of the key segments, and the position mark comprises a use sequence and a pointer interval; the usage order represents an order of the plurality of key segments in the traffic key, and the pointer interval represents a sequence number of each key segment in the quantum key.
Further, the communication event also comprises a communication type used for determining the length of the key to be distributed.
Further, the communication event also includes the key length required for the communication service.
Further, the wearable device prestores a shared quantum key with a key distribution network for encryption and decryption of communications with the key distribution network.
Further, the mobile terminal prestores a shared quantum key between wearable devices bound with the mobile terminal for encryption and decryption of the position marker.
One or more embodiments provide a key distribution network that generates and stores quantum keys that are stored in advance in a mobile terminal that is to establish communication;
and receiving a key distribution request initiated by an initiator mobile terminal or a receiver mobile terminal through a wearable device bound with the initiator mobile terminal, and distributing a position mark of the service key of the communication in the quantum key to the mobile terminal through the wearable device.
Further, the key distribution request includes the communication event and the user biometric information collected by the wearable device, the communication event includes communication initiator and receiver information, and the initiator/receiver information includes initiator/receiver device information and/or contact information.
Further, the key distribution network stores a binding relationship table and a key distribution management table; the binding relation table records mobile terminal equipment information and/or contact information of a registered user and biological identification information of the user; the key distribution management table records the distribution condition of each part of the quantum key; the allocation case comprises:
the data is already distributed to the initiator and the receiver and is recorded as completely distributed;
only distributing to one of the initiator and the receiver, and recording as incomplete distribution;
unassigned to either party, denoted as unassigned.
Further, the allocating the location marker of the service key of the current communication in the quantum key includes:
the key distribution network firstly carries out identity authentication on a holder according to the user biological identification information;
if the identity authentication is passed, searching whether a record with the initiator and receiver information consistent with the communication event exists in the incompletely distributed records in the key distribution management table:
if the communication event does not exist, acquiring a service key from the part of the quantum key which is not distributed, acquiring a position mark of the service key in the quantum key, sending the position mark to the wearable device, generating a new record in a key distribution management table, writing the information of the initiator, the receiver and the acquired position mark corresponding to the communication event, and marking the distribution condition as incomplete distribution;
if the position mark exists, the position mark in the record is sent to the wearable equipment, and meanwhile, the distribution condition is marked to be completely distributed; the location indicia is provided to the mobile terminal by the wearable device.
Further, the identity authentication includes: and searching whether a record consistent with the received user biological identification information, the received mobile terminal equipment information and/or the received contact information exists in the binding relation table, if so, passing the authentication, otherwise, failing to pass the authentication.
Further, the quantum key is stored in a continuous binary data mode, the service key is composed of a plurality of discontinuous key segments in the quantum key, and the position mark comprises a use sequence and a pointer interval; wherein the usage order represents an order of the plurality of discrete key segments in the traffic key, and the pointer interval represents a byte interval of each key segment in the quantum key.
Further, the quantum key is stored in a plurality of key segments, the service key is composed of a plurality of the key segments, and the position mark comprises a use sequence and a pointer interval; the usage order represents an order of the plurality of key segments in the traffic key, and the pointer interval represents a sequence number of each key segment in the quantum key.
Further, the communication event also comprises a communication type used for determining the size of the service key to be distributed.
Further, the communication event also includes the key length required for the communication service.
Further, the wearable device prestores a shared quantum key with a key distribution network for encryption and decryption of communications with the key distribution network.
One or more embodiments provide a mobile terminal that pre-stores the same quantum key with another mobile terminal that pre-establishes communication, the quantum key being generated and stored by a key distribution network;
the mobile terminal sends a communication event to the wearable device bound with the mobile terminal, and the wearable device further initiates a key distribution request to a key distribution network;
acquiring a position mark of a service key of the communication distributed by a key distribution network in the quantum key;
and acquiring the service key from the quantum key according to the position mark.
Further, the mobile terminal initiates a key distribution request to a key distribution network via the wearable device; and obtaining the location tag assigned by the key distribution network from the wearable device.
Further, the location of the key distribution network allocation from the wearable device is marked as:
the wearable device sends the position mark to the mobile terminal in a wireless or wired communication mode; or the wearable device displays the received position mark in a coding pattern form, and the mobile terminal scans the code to acquire the position mark.
Further, the mobile terminal prestores a shared quantum key between wearable devices bound with the mobile terminal for encryption and decryption of the position marker.
Further, the communication event includes communication initiator and recipient information.
Further, the communication event also includes the communication type or the key length required for the communication service.
One or more embodiments provide a wearable device bound to an initiator mobile terminal or a recipient mobile terminal, both of which pre-store a same quantum key;
the wearable device receives a communication event sent by the mobile terminal;
acquiring user biological identification information of a holder, generating a key distribution request based on the acquired user biological identification information and a communication event, and sending the key distribution request to a key distribution network;
and receiving the position mark of the service key distributed by the key distribution network in the quantum key, and providing the position mark to the mobile terminal.
Further, the method of providing the location mark to the mobile terminal includes: the wearable device sends the position mark to the mobile terminal in a wireless or wired communication mode; or, the wearable device displays the position mark in a coding pattern form for the mobile terminal to scan.
Further, the coding pattern is in the form of a bar code or a two-dimensional code.
Further, the wearable device prestores a shared quantum key between mobile terminals bound with the wearable device for encryption and decryption of the position mark.
One or more embodiments provide a secret communication method based on quantum key, and the secret communication method based on the service key obtained by the distribution method, the initiator mobile terminal and the receiver mobile terminal has the advantages of secret communication
1. The invention provides a method for distributing quantum keys to a mobile terminal, which stores the same quantum key into the mobile terminal in advance before secret communication, only distributes a position mark of a service key used for the current communication in the quantum key when a key distribution network distributes, and the mobile terminal obtains the service key according to the position mark and the prestored quantum key. Therefore, if data is intercepted in the transmission process, the intercepted data is only the position mark data, and a real service key cannot be acquired; if the mobile phone is stolen or the quantum key is stolen, the service key cannot be cracked due to the fact that no position marking information exists, and therefore safety of communication data is guaranteed.
2. The wearable device with the function of uploading the biological identification information is used as the isolator between the key distribution network and the mobile terminal which actually uses the quantum key for communication, so that the problem of dynamically distributing the quantum key for the legal mobile terminal is solved, the biological identification information uploaded by the wearable device is approved by the key distribution network, and the mobile terminal for distributing the key is the owner of the mobile terminal.
3. The invention uses the two-dimension code optical scanning mode to solve the last kilometer of quantum key transmission, and can effectively prevent the signal leakage problem of near-field wireless transmission modes such as Bluetooth and the like.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this application, illustrate embodiments of the application and, together with the description, serve to explain the application and are not intended to limit the application.
FIG. 1 is a flow chart of a method of key distribution;
fig. 2 is a flowchart of key distribution based on a wearable device.
Detailed Description
It should be noted that the following detailed description is exemplary and is intended to provide further explanation of the disclosure. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments according to the present application. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.
The embodiments and features of the embodiments in the present application may be combined with each other without conflict.
The mobile terminal referred to in the present invention includes, but is not limited to, a mobile phone and a tablet, and electronic devices capable of performing network connection are all suitable for the mobile terminal of the present invention.
The wearable device comprises small devices which are in contact with a human body and carried about, such as but not limited to an intelligent ring, an intelligent bracelet, an intelligent watch, an intelligent necklace and the like. The wearable device has a biological information identification function, a wireless networking data transmission function, a key storage function and a two-dimensional code display function.
The wearable equipment is connected to the network: namely, the wearable device is registered in the key distribution network in advance and stores the shared quantum key between the wearable device and the key distribution network in advance. The registration mode is as follows: the wearable device holder (which may be an individual, or a manufacturer, a seller, or a user of the wearable device) first goes to an operation organization of the key distribution network to handle procedures related to registering for network access, and the operation organization of the key distribution network is responsible for auditing network access applications of users, and if the auditing is passed, each wearable device applying for network access issues a unique quantum identity number within the whole network, which is distributed by the key distribution network, and the quantum identity number is stored in a permanent storage medium of the wearable device applying for network access. Since the number of bytes of the key or the biometric information transmitted each time is not large, even if the one-time pad is used, the shared key with the key distribution network, which is pre-stored at the time of registration on the wearable device, can be used for a long time. The shared key stored on the wearable device may be replaced periodically if security is to be improved. One method is that the key distribution network generates a new key, encrypts the new shared key with the old shared key, and sends the new shared key to the wearable device.
Before the wearable device is formally used, the user needs to provide the biometric information of the user to the key distribution network for the latter to identify and verify. The biological identification information can be one or more of heartbeat information, blood pressure information, fingerprint information, retina information, iris information, voiceprint information, vein information, face information and handwriting signature information, and is acquired through wearable equipment and submitted to a key distribution network.
Example one
The present embodiment discloses a key distribution method, as shown in fig. 1, where mobile terminals to establish communication all store the same quantum key in advance, where the quantum key is generated and stored by a key distribution network, and the generation manner may adopt a Quantum Key Distribution (QKD) technique or a quantum random number generator, and the method specifically includes:
step 1: an initiator mobile terminal or a receiver mobile terminal to establish communication initiates a key distribution request to a key distribution network through wearable equipment bound with the initiator mobile terminal or the receiver mobile terminal;
step 2: the key distribution network receives the key distribution request and distributes the position mark of the service key of the communication to the mobile terminal in the quantum key;
and step 3: and the mobile terminal acquires the service key from the quantum key according to the position mark.
In step 1, the key allocation request includes the communication event, where the communication event may include communication initiator and receiver information, where the initiator/receiver information includes, but is not limited to, initiator/receiver device information (e.g., a mobile terminal device ID), and also includes initiator/receiver contact information, such as a mobile phone number, a social media account, and other information that may be used to identify an initiator/receiver identity.
The key distribution network manages the distribution condition of each part of the quantum key; the allocation case comprises: the data is already distributed to the initiator and the receiver and is recorded as completely distributed; only distributing to one of the initiator and the receiver, and recording as incomplete distribution; unassigned to either party, denoted as unassigned.
In one or more embodiments, the key distribution network manages distribution of the quantum key parts through a key distribution management table. The key distribution management table comprises fields of an initiator, a receiver, a quantum key position mark, distribution conditions and the like, wherein the distribution conditions comprise: the data is already distributed to the initiator and the receiver and is recorded as completely distributed; only distributing to one of the initiator and the receiver, and recording as incomplete distribution; and the record is not allocated to any party and is marked as unallocated, namely the initial values of the fields of the initiator and the receiver corresponding to the unallocated record are null under the allocation condition.
The step 2 specifically comprises:
the key distribution network first looks up from the incompletely distributed records if there is a record for which the originator and recipient information is consistent with the communication event:
if the quantum key does not exist, acquiring a service key from the part of the quantum key which is not distributed, acquiring a position mark of the service key in the quantum key, distributing the position mark to the mobile terminal, and simultaneously marking the part of the key as not-completely-distributed;
if the key exists, the position mark corresponding to the partial key is sent to the mobile terminal, and meanwhile, the partial key is marked to be completely distributed.
In one or more embodiments, in order to improve security and ensure that the device holder himself initiates secure communication, a key distribution method based on wearable devices is provided, wherein an initiator mobile terminal and a receiver mobile terminal respectively initiate a key distribution request to a key distribution network via the respective bound wearable devices. In particular, the amount of the solvent to be used,
the step 1 comprises the following steps:
the initiator mobile terminal initiates a secret communication request to the receiver mobile terminal;
the receiving party mobile terminal executes access operation and sends the communication event to receiving party wearable equipment; the wearable device of the receiving party acquires the biological identification information of the user of the receiving party, generates a key distribution request based on the biological identification information and the communication event and sends the key distribution request to a key distribution network;
after receiving the message accessed by the receiver mobile terminal, the initiator mobile terminal sends the communication event to the initiator wearable device; the initiator wearable device collects biometric information of an initiator user, generates a key distribution request based on the biometric information and a communication event, and sends the key distribution request to a key distribution network.
The key distribution network stores a binding relationship table and a key distribution management table. The binding relationship table records mobile terminal device information and/or contact information of a registered user and biological identification information of the user. And the key distribution management table is used for managing the distribution condition of each part of the quantum key.
In one or more embodiments, the key distribution management table includes fields of an initiator, a receiver, a quantum key location flag, and a distribution case, where the distribution case includes: the data is already distributed to the initiator and the receiver and is recorded as completely distributed; only distributing to one of the initiator and the receiver, and recording as incomplete distribution; and the record is not allocated to any party and is marked as unallocated, namely the initial values of the fields of the initiator and the receiver corresponding to the unallocated record are null under the allocation condition.
The key distribution network receives the user biological identification information and the communication event sent by the wearable device and distributes the position mark to the wearable device. The step 2 comprises the following steps:
step 2.1: the key distribution network firstly carries out identity authentication on a holder according to the user biological identification information and the binding relation table; if the identity authentication is passed, executing the step 2.2; if the identity authentication fails, executing the step 2.3;
step 2.2: searching whether a record with initiator and receiver information consistent with the communication event exists in the incompletely distributed records in the key distribution management table:
if the communication event does not exist, acquiring a service key from the part of the quantum key which is not distributed, acquiring a position mark of the service key in the quantum key, sending the position mark to the wearable device, generating a new record in a key distribution management table, writing the information of the initiator, the receiver and the acquired position mark corresponding to the communication event, and marking the distribution condition as incomplete distribution;
if so, sending the position mark in the record to the wearable device, and simultaneously marking the allocation condition as being completely allocated.
Step 2.3: performing one or more of the following operations:
(1) the key distribution network sends an alarm signal to the wearable device, and the wearable device receives the alarm signal and alarms the surrounding or a specific mechanism in a voice or other form;
(2) the key distribution network sends an alarm signal to the wearable device, and the wearable device collects the current position in real time after receiving the alarm signal and sends the current position to the key distribution network at set time intervals;
(3) the key distribution network sends an alarm signal to the wearable device, and after the wearable device receives the alarm signal, the wearable device deletes a pre-stored shared key between the wearable device and the key distribution network and deletes other stored sensitive information;
(4) and the key distribution network logs off or suspends the use authority of the wearable device.
In one or more embodiments, the identity authentication refers to looking up whether a record consistent with the received user biometric information, the received mobile terminal device information and/or the received contact information exists in the binding relationship table, and if so, the authentication is passed, otherwise, the authentication is not passed.
In one or more embodiments, the communication event further includes a communication type (video, voice, or text). And determining the size of the acquired key according to the communication type. Of course, the required key length may be directly specified instead of the communication type here.
In one or more embodiments, the quantum key is a continuous segment of binary data, and the traffic key is composed of a plurality of discrete key segments in the quantum key. At this time, the position marker includes a use order indicating an order of the plurality of discontinuous key segments in the traffic key and a pointer interval indicating a byte interval of each key segment in the quantum key.
As an example, the position markers are as follows:
1:600-1000
2:344-576
3:2504-2720
4:1032-2008
wherein, 1, 2, 3, 4 before the colon are "use order", and "600-" 1000 "is" pointer interval ".
And K is used for representing a whole quantum key consisting of continuous binary data, the service key indicated by the position mark uses the 600 th byte to the 1000 th byte of the K as a first section, uses the 344 th byte to the 576 th byte of the K as a second section, uses the 2504 th byte to the 2720 th byte of the K as a third section, uses the 1032 th byte to the 2008 th byte of the K as a fourth section, and is the service key of the communication in this time after splicing in sequence.
In one or more embodiments, the quantum key is stored in the form of a plurality of key segments, and the traffic key is comprised of a number of the plurality of key segments. At this time, the position marker includes a use order indicating an order of the plurality of key segments in the service key and a pointer interval indicating a sequence number of each key segment in the quantum key.
As an example, the position markers are as follows:
1:96
2:107
3:5
4:34
……
n:128
the numbers of the pointer fields represent key tiles numbered 96, 107, 5, 34 … … 128. When the key is used for this communication, the key is used in the order of "96 th block + 107 th block + 5 th block + 34 th block + … … + 128 th block".
Or the 'use order' and the 'pointer interval' can be directly combined into one, and the format is changed into:
96. 107, 5, 34 … … 128, when in use, corresponding key small blocks are sequentially extracted according to the sequence for use, and then the service key of the communication can be obtained.
In the step 3, after receiving the key position mark, the wearable device generates a two-dimensional code and provides the two-dimensional code to the mobile terminal; and the mobile terminal obtains a service key for the communication from a prestored quantum key according to the position mark of the key, wherein the service key is used for the communication between the mobile terminal of the initiator and the mobile terminal of the receiver.
In one or more embodiments, the wearable devices bound to the initiator mobile terminal and the recipient mobile terminal are both registered in advance with the key distribution network, and store a first shared quantum key and a second shared quantum key with the key distribution network in advance. The first and second shared quantum keys are used for encryption and decryption between wearable devices bound by the initiator mobile terminal and the receiver mobile terminal and key distribution network information communication respectively.
In one or more embodiments, the mobile terminal and the wearable device are connected in a wireless or wired mode; in a stricter security concern, in order to avoid plaintext transmission between the mobile terminal and the wearable device, both the mobile terminal and the corresponding wearable device may be registered in the key distribution network, and both the mobile terminal and the corresponding wearable device store a shared quantum key therebetween in advance. The wearable device encrypts the position mark based on the shared quantum key, and displays the encrypted position mark in a two-dimensional code form; and the mobile terminal scans the two-dimensional code and decrypts the two-dimensional code to obtain the position mark. Thus, even if the two-dimensional code pattern on the wearable device is shot by other image pickup devices and image pickup devices, an attacker cannot acquire the position mark through illegal scanning.
In order to illustrate the invention more clearly, the present embodiment is described below by way of an example, as shown in fig. 2:
the mobile terminal T1 sends a request for secure communication to the mobile terminal T2, and if the communication is granted after the request is received by T2, a grant signal is returned.
And after receiving the agreement signal, the mobile terminal T1 informs the bound wearable device W1 of the identity of the opposite mobile terminal T2 and the calling identity of the mobile terminal T2 in the communication, the type of the communication or the required key length.
And thirdly, the wearable device W1 collects the biological identification information of the calling party user, encrypts the biological identification information, the identity of the T1, the identity of the T2, the communication type of the communication or the required key length information by using a shared key of the key distribution network Q, and sends the information to the key distribution network Q.
And fourthly, the key distribution network Q decrypts the information sent by the W1 after receiving the information, searches the biometric information sent by the W1 in a biometric information base stored by the key distribution network Q, compares and verifies the biometric information, and enters the next step if the biometric information is found.
The key distribution network Q maintains a database or table that manages the quantum key K, in which the usage of the quantum key K is stored. Including which portions have been used (including keys already assigned to both the calling and called parties, referred to as "fully assigned", and including keys temporarily assigned only to one of the calling and called parties, referred to as "incompletely assigned"), and which portions have not been used (referred to as "not assigned"). If the last step of verification passes, the key distribution network searches all 'incompletely distributed' key application records currently stored for 'the identity of a T1 caller, the identity of a T2 callee', if the identity of the T1 caller and the identity of the T2 callee are not found, in a key part which is not used yet, a required key length is deduced according to the type of the communication (or directly according to the received required key length), a plurality of keys are drawn for the communication, and position marks (such as key pointers) of the keys in the whole K are sent to the W1 after being encrypted by a shared key between the Q and the W1.
After the key distribution network Q issues the key pointer to W1, the key application (the identity of the calling party in T1, the identity of the called party in T2) is recorded in the record and marked as "not fully distributed", because only the application of the calling party is received at present, the key distribution network matches the application of the called party according to the application record.
And fifthly, after receiving the key pointer and decrypting the key pointer, the wearable device W1 converts the information contained in the key pointer into a two-dimensional code and displays the two-dimensional code on a screen of the wearable device W1. The mobile terminal T1 scans the two-dimensional code to obtain the key pointer required for this communication.
Sixthly, the mobile terminal T2 informs the W2 bound to itself of the communication type or required key length, the called identity of itself, and the identity of the correspondent mobile terminal T1 after replying the agreement.
The wearable device W2 collects the biometric information of the called user, and sends it to the key distribution network Q, together with the identity of T2 and the identity of T1, the communication type of this communication, or the required key length information, encrypted with the shared key of the key distribution network Q.
And the key distribution network Q decrypts the information sent by the W2 after receiving the information, searches the biological identification information sent by the W2 in a biological identification information base stored by the key distribution network Q, compares and verifies the information, and enters the next step if the information is found.
The key distribution network Q searches for the identity of the T1 caller and the identity of the T2 callee in all current 'incompletely distributed' key application records, and after finding the key pointers which are sent to the W1 before are encrypted by using the shared key of the W2 and then are sent to the W2. After the transmission is completed, the key application record of this time "identity of T1 caller, identity of T2 callee" is marked as "fully distributed".
Ninthly, after receiving the key pointer and decrypting the key pointer, the wearable device W2 converts the information contained in the key pointer into a two-dimensional code and displays the two-dimensional code on the screen of the wearable device W2. The mobile terminal T2 scans the two-dimensional code to obtain the key pointer required for this communication.
And the mobile terminals T1 and T2 splice the service key required by the communication in the quantum keys K respectively stored according to the received key pointers, and use the service key for secret communication.
Due to different network conditions, the key distribution network may receive the key distribution application of the calling terminal first or may receive the key distribution application of the called terminal first. The key distribution network preferentially distributes the party which is received first, namely, when the calling party key distribution application is received first, the step (c) -the step (c) are executed first, and then the step (c) -the step (b) are executed; when the application for distributing the key of the called party is received, the steps of the seventh step are executed, and then the third step is executed.
In one or more embodiments, the key distribution method can be extended to a scenario where two or more mobile terminals perform secure communication.
The embodiment also provides a secret communication method based on the quantum key, and based on the service key obtained by the distribution method, the initiator mobile terminal and the receiver mobile terminal carry out secret communication.
In this way, even if the mobile terminal is stolen and the key stored in the mobile terminal is stolen, since it is not known how the previous key was used, the communication data before being stolen is still secure. Similarly, if only the key pointer is eavesdropped by others, the communication data still cannot be cracked because the transmitted key is not the key itself but only a stack of position pointers.
Example two
Based on the key distribution method of the first embodiment, the present embodiment provides a key distribution system, including:
a key distribution network for generating and storing quantum keys; and
receiving a key distribution request which is initiated by an initiator mobile terminal or a receiver mobile terminal and processed by a wearable device bound with the initiator mobile terminal, and distributing a position mark of a service key of the communication to the mobile terminal in the quantum key;
the initiator mobile terminal and the receiver mobile terminal which are to establish communication pre-store the quantum key; and
respectively initiating a key distribution request to a key distribution network; and receiving a position mark sent by a key distribution network, and acquiring the service key from the quantum key according to the position mark.
The key distribution request comprises the communication event, and the communication event comprises information of a communication initiator and a communication receiver; the initiator/receiver information includes, but is not limited to, initiator/receiver device information (e.g., mobile terminal device ID), and may also include initiator/receiver contact information (e.g., mobile phone number, social media account number, etc.), which is used to identify the identity of the initiator/receiver.
In one or more embodiments, the key distribution network manages the distribution of portions of the quantum key; the allocation case comprises:
the data is already distributed to the initiator and the receiver and is recorded as completely distributed;
only distributing to one of the initiator and the receiver, and recording as incomplete distribution;
unassigned to either party, denoted as unassigned.
In one or more embodiments, the key distribution network manages distribution of the quantum key parts through a key distribution management table. The key distribution management table comprises fields of an initiator, a receiver, a quantum key position mark, distribution conditions and the like, wherein the distribution conditions comprise: the data is already distributed to the initiator and the receiver and is recorded as completely distributed; only distributing to one of the initiator and the receiver, and recording as incomplete distribution; and the record is not allocated to any party and is marked as unallocated, namely the initial values of the fields of the initiator and the receiver corresponding to the unallocated record are null under the allocation condition.
The allocating the position mark of the service key of the communication in the quantum key comprises:
the key distribution network first looks up from the incompletely distributed records if there is a record for which the originator and recipient information is consistent with the communication event:
if the quantum key does not exist, acquiring a service key from the part of the quantum key which is not distributed, acquiring a position mark of the service key in the quantum key, distributing the position mark to the mobile terminal, and simultaneously marking the part of the key as not-completely-distributed;
if the key exists, the position mark corresponding to the partial key is sent to the mobile terminal, and meanwhile, the partial key is marked to be completely distributed.
In one or more embodiments, the initiator mobile terminal and the recipient mobile terminal each initiate a key distribution request to a key distribution network via a respective bound wearable device. In particular, the amount of the solvent to be used,
an initiator mobile terminal or a receiver mobile terminal to establish communication sends a communication event to wearable equipment bound with the initiator mobile terminal or the receiver mobile terminal, wherein the communication event comprises information of the initiator and the receiver;
the wearable device collects user biological identification information of a holder, generates a key distribution request based on the collected user biological identification information and a communication event, and sends the key distribution request to a key distribution network.
The key distribution network stores a binding relationship table and a key distribution management table. The binding relationship table records mobile terminal device information and/or contact information of a registered user and biological identification information of the user. And the key distribution management table is used for managing the distribution condition of each part of the quantum key.
In one or more embodiments, the key distribution management table includes fields of an initiator, a receiver, a quantum key location flag, and a distribution case, where the distribution case includes: the data is already distributed to the initiator and the receiver and is recorded as completely distributed; only distributing to one of the initiator and the receiver, and recording as incomplete distribution; and the record is not allocated to any party and is marked as unallocated, namely the initial values of the fields of the initiator and the receiver corresponding to the unallocated record are null under the allocation condition.
The allocating the position mark of the service key of the communication in the quantum key comprises:
the key distribution network firstly carries out identity authentication on a holder according to the user biological identification information and the binding relation table;
if the identity authentication is passed, searching whether a record with the initiator and receiver information consistent with the communication event exists in the incompletely distributed records in the key distribution management table:
if the communication event does not exist, acquiring a service key from the part of the quantum key which is not distributed, acquiring a position mark of the service key in the quantum key, sending the position mark to the wearable equipment, generating a new record in a key distribution management table, writing the information of the initiator, the receiver and the acquired position mark corresponding to the communication event, and marking the distribution condition as incomplete distribution;
if the position mark exists, the position mark in the record is sent to the wearable equipment, and meanwhile, the distribution condition is marked to be completely distributed;
the mobile terminal obtains the position mark from the wearable device.
The method for the mobile terminal to obtain the position mark comprises the following steps:
the wearable device displays the received position mark in a coding pattern form, and the mobile terminal scans the code to obtain the position mark.
If the identity authentication is not passed, one or more of the following operations are executed:
(1) the key distribution network sends an alarm signal to the wearable device, and the wearable device receives the alarm signal and alarms the surrounding or a specific mechanism in a voice or other form;
(2) the key distribution network sends an alarm signal to the wearable device, and the wearable device collects the current position in real time after receiving the alarm signal and sends the current position to the key distribution network at set time intervals;
(3) the key distribution network sends an alarm signal to the wearable device, and after the wearable device receives the alarm signal, the wearable device deletes a pre-stored shared key between the wearable device and the key distribution network and deletes other stored sensitive information;
(4) and the key distribution network logs off or suspends the use authority of the wearable device.
In one or more embodiments, the identity authentication refers to looking up whether a record consistent with the received user biometric information, the received mobile terminal device information and/or the received contact information exists in the binding relationship table, and if so, the authentication is passed, otherwise, the authentication is not passed.
In one or more embodiments, the quantum key is stored as continuous binary data, and the traffic key is composed of a plurality of discrete key segments in the quantum key. The position mark comprises a use sequence and a pointer interval; wherein the usage order represents an order of the plurality of discrete key segments in the traffic key, and the pointer interval represents a byte interval of each key segment in the quantum key.
In one or more embodiments, the quantum key is stored in the form of a plurality of key segments, and the traffic key is comprised of a number of the plurality of key segments. The position mark comprises a use sequence and a pointer interval; the usage order represents an order of the plurality of key segments in the traffic key, and the pointer interval represents a sequence number of each key segment in the quantum key.
In one or more embodiments, the communication event further includes a communication type for determining a key length to be assigned. The required key length may also be specified directly in the communication event.
In one or more embodiments, the wearable device pre-stores a shared quantum key with a key distribution network for encryption and decryption of communications with the key distribution network.
In one or more embodiments, the mobile terminal pre-stores a shared quantum key between wearable devices bound thereto for encryption and decryption of the location marker.
EXAMPLE III
The present embodiment provides a key distribution network that,
generating and storing a quantum key, wherein the quantum key is stored in a mobile terminal to be communicated in advance;
and receiving a key distribution request initiated by an initiator mobile terminal or a receiver mobile terminal, and distributing the position mark of the service key of the communication in the quantum key to the mobile terminal.
In one or more embodiments, the key assignment request includes the communication event, and the communication event includes communication initiator and receiver information.
The key distribution network manages the distribution condition of each part of the quantum key; the allocation case comprises: the data is already distributed to the initiator and the receiver and is recorded as completely distributed; only distributing to one of the initiator and the receiver, and recording as incomplete distribution; unassigned to either party, denoted as unassigned.
The allocating the position mark of the service key of the communication in the quantum key comprises:
for the key distribution request initiated by the mobile terminal, the key distribution network firstly searches whether a record with initiator and receiver information consistent with the communication event exists from an incompletely distributed record:
if the quantum key does not exist, acquiring a service key from the part of the quantum key which is not distributed, acquiring a position mark of the service key in the quantum key, distributing the position mark to the mobile terminal, and simultaneously marking the part of the key as not-completely-distributed;
if the key exists, the position mark corresponding to the partial key is sent to the mobile terminal, and meanwhile, the partial key is marked to be completely distributed.
In one or more embodiments, the key assignment request further includes user biometric information. An initiator mobile terminal or a receiver mobile terminal to establish communication sends a communication event to wearable equipment bound with the initiator mobile terminal or the receiver mobile terminal, wherein the communication event comprises information of the initiator and the receiver; the wearable device collects user biological identification information of a holder, generates a key distribution request based on the collected user biological identification information and a communication event, and sends the key distribution request to a key distribution network.
The key distribution network manages the mobile terminal device information and/or contact information of the registered user, the binding relation of the user biological identification information and the key distribution condition. The allocation case comprises: the data is already distributed to the initiator and the receiver and is recorded as completely distributed; only distributing to one of the initiator and the receiver, and recording as incomplete distribution; unassigned to either party, denoted as unassigned.
The allocating the position mark of the service key of the communication in the quantum key comprises:
the key distribution network firstly carries out identity authentication on a holder according to the user biological identification information;
if the identity authentication is passed, searching whether a record that the information of the initiator and the receiver is consistent with the communication event exists in the incompletely distributed records:
if the quantum key does not exist, acquiring a service key from the part of the quantum key which is not distributed, acquiring a position mark of the service key in the quantum key, sending the position mark to the wearable equipment, and simultaneously marking the part of the key as not completely distributed;
if the key exists, sending the position mark corresponding to the partial key to the wearable device, and simultaneously marking the partial key as completely distributed;
the mobile terminal obtains the position mark from the wearable device.
In one or more embodiments, the identity authentication refers to looking up whether a record consistent with the received user biometric information, the received mobile terminal device information and/or the received contact information exists in the binding relationship table, and if so, the authentication is passed, otherwise, the authentication is not passed.
In one or more embodiments, the quantum key is stored as continuous binary data, and the traffic key is composed of a plurality of discrete key segments in the quantum key. The position mark comprises a use sequence and a pointer interval; wherein the usage order represents an order of the plurality of discrete key segments in the traffic key, and the pointer interval represents a byte interval of each key segment in the quantum key.
In one or more embodiments, the quantum key is stored in the form of a plurality of key segments, and the traffic key is comprised of a number of the plurality of key segments. The position mark comprises a use sequence and a pointer interval; the usage order represents an order of the plurality of key segments in the traffic key, and the pointer interval represents a sequence number of each key segment in the quantum key.
In one or more embodiments, the communication event further includes a communication type, and the key distribution network determines the length of the service key to be distributed according to the communication type. The required service key length may also be specified directly in the communication event.
In one or more embodiments, the wearable device pre-stores a shared quantum key with a key distribution network for encryption and decryption of communications with the key distribution network.
Example four
The embodiment provides a mobile terminal, and the same quantum key is stored in advance in another mobile terminal with which communication is pre-established, wherein the quantum key is generated and stored by a key distribution network.
The mobile terminal sends a communication event to the wearable device bound with the mobile terminal, and the wearable device further initiates a key distribution request to a key distribution network;
receiving a position mark of a service key of the communication in the quantum key, which is distributed by a key distribution network;
and acquiring the service key from the quantum key according to the position mark.
In one or more embodiments, the mobile terminal initiates a key distribution request to a key distribution network via a wearable device; and obtaining the location tag assigned by the key distribution network from the wearable device.
Specifically, the mobile terminal sends a communication event to a wearable device bound with the mobile terminal, wherein the communication event comprises information of a communication initiator and a communication receiver; the wearable device collects user biological identification information of a holder, generates a key distribution request based on the collected user biological identification information and a communication event and sends the key distribution request to a key distribution network; and
obtaining the location indicia from the wearable device, the location indicia assigned to the wearable device by a key distribution network.
In one or more embodiments, the communication event further includes a communication type (video, voice or image), or a key length required for the communication service.
In one or more embodiments, the mobile terminal and the wearable device are connected in a wireless or wired manner, and in this connection manner, the method for the mobile terminal to obtain the location marker from the wearable device includes: and the wearable equipment transmits the position mark to the mobile terminal in a wireless or wired communication mode.
In addition, the wearable device can also generate and display codes (two-dimensional codes, bar codes and the like) based on the position marks, and the codes can be scanned and acquired by the mobile terminal.
In order to avoid plaintext transmission between the mobile terminal and the wearable device due to stricter security considerations, the mobile terminal and the corresponding wearable device may be registered in a key distribution network, and both the mobile terminal and the corresponding wearable device store a shared quantum key therebetween in advance for encryption and decryption of the position marker, that is, the wearable device encrypts the position marker with the shared quantum key and transmits the encrypted position marker or encrypts the position marker and provides the encrypted position marker to the mobile terminal in a two-dimensional code manner, and the mobile terminal obtains and decrypts the position marker with the shared quantum key.
EXAMPLE five
The embodiment provides a wearable device, which is bound with an initiator mobile terminal or a receiver mobile terminal, wherein the initiator mobile terminal and the receiver mobile terminal both store a same quantum key in advance, and the quantum key is generated and stored by a key distribution network;
receiving a communication event sent by the mobile terminal, wherein the communication event comprises information of a communication initiator and a communication receiver;
acquiring user biological identification information of a holder, generating a key distribution request based on the acquired user biological identification information and a communication event, and sending the key distribution request to a key distribution network;
receiving a position mark of a service key distributed by the key distribution network in the quantum key, and providing the position mark to the mobile terminal;
wherein, the wearable device displays the position mark in a coding pattern form (two-dimensional code, bar code and the like) and provides the position mark for the mobile terminal. The mobile terminal can obtain the position mark through optical scanning.
In one or more embodiments, the mobile terminal and the wearable device are connected in a wireless or wired manner, and in this connection manner, the method for the mobile terminal to obtain the location marker from the wearable device includes: and the wearable equipment transmits the position mark to the mobile terminal in a wireless or wired communication mode.
In order to avoid plaintext transmission between the mobile terminal and the wearable device due to stricter security considerations, the mobile terminal and the corresponding wearable device may be registered in a key distribution network, and both the mobile terminal and the corresponding wearable device store a shared quantum key therebetween in advance for encryption and decryption of the position marker, that is, the wearable device encrypts the position marker with the shared quantum key and transmits the encrypted position marker or encrypts the position marker and provides the encrypted position marker to the mobile terminal in a two-dimensional code manner, and the mobile terminal obtains and decrypts the position marker with the shared quantum key.
The invention has the advantages of
1. The invention provides a method for distributing quantum keys to a mobile terminal, which stores the same quantum key into the mobile terminal in advance before secret communication, only distributes a position mark of a service key used for the current communication in the quantum key when a key distribution network distributes, and the mobile terminal obtains the service key according to the position mark and the prestored quantum key. Therefore, if data is intercepted in the transmission process, the intercepted data is only the position mark data, and a real service key cannot be acquired; if the mobile phone is stolen or the quantum key is stolen, the service key cannot be cracked due to the fact that no position marking information exists, and therefore safety of communication data is guaranteed.
2. The wearable device with the function of uploading the biological identification information is used as the isolator between the key distribution network and the mobile terminal which actually uses the quantum key for communication, so that the problem of dynamically distributing the quantum key for the legal mobile terminal is solved, the biological identification information uploaded by the wearable device is approved by the key distribution network, and the mobile terminal for distributing the key is the owner of the mobile terminal.
3. The invention uses the two-dimension code optical scanning mode to solve the last kilometer of quantum key transmission, and can effectively prevent the signal leakage problem of near-field wireless transmission modes such as Bluetooth and the like.
The above description is only a preferred embodiment of the present application and is not intended to limit the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application. For example, although the present application addresses the key distribution problem of quantum keys, it is within the scope of the present application to make the present application suitable for key distribution of other types of keys through equivalent transformation of some conventional means.
Although the embodiments of the present invention have been described with reference to the accompanying drawings, it is not intended to limit the scope of the present invention, and it should be understood by those skilled in the art that various modifications or variations may be made without inventive faculty, based on the technical solutions of the present invention.

Claims (49)

1. A key distribution method is characterized in that mobile terminals to establish communication all store the same quantum key in advance, the quantum key is generated and stored by a key distribution network, and the method comprises the following steps:
an initiator mobile terminal or a receiver mobile terminal to establish communication initiates a key distribution request to a key distribution network through wearable equipment bound with the initiator mobile terminal or the receiver mobile terminal;
the key distribution network receives the key distribution request, and distributes the position mark of the service key of the communication to the mobile terminal in the quantum key through the wearable device;
and the mobile terminal acquires the service key from the quantum key according to the position mark.
2. The key distribution method according to claim 1, wherein the initiating of the key distribution request specifically comprises:
the method comprises the steps that an initiator mobile terminal or a receiver mobile terminal of communication to be established sends a communication event to wearable equipment bound with the initiator mobile terminal or the receiver mobile terminal, wherein the communication event comprises communication initiator information and receiver information, and the initiator/receiver information comprises initiator/receiver equipment information and/or contact information;
the wearable device collects user biological identification information of a holder, generates a key distribution request based on the collected user biological identification information and a communication event, and sends the key distribution request to a key distribution network.
3. The key distribution method according to claim 2, wherein the key distribution network stores a binding relationship table and a key distribution management table; the binding relation table records mobile terminal equipment information and/or contact information of a registered user and biological identification information of the user; the key distribution management table records the distribution condition of each part of the quantum key; the allocation case comprises:
the data is already distributed to the initiator and the receiver and is recorded as completely distributed;
only distributing to one of the initiator and the receiver, and recording as incomplete distribution;
unassigned to either party, denoted as unassigned.
4. The key distribution method according to claim 3, wherein the distributing the position mark of the service key of the communication in the quantum key comprises:
the key distribution network firstly carries out identity authentication on a holder according to the user biological identification information and the binding relation table;
if the identity authentication is passed, searching whether a record with the initiator and receiver information consistent with the communication event exists in the incompletely distributed records in the key distribution management table:
if the communication event does not exist, acquiring a service key from the part of the quantum key which is not distributed, acquiring a position mark of the service key in the quantum key, sending the position mark to the wearable device, generating a new record in a key distribution management table, writing the information of the initiator, the receiver and the acquired position mark corresponding to the communication event, and marking the distribution condition as incomplete distribution;
if the position mark exists, the position mark in the record is sent to the wearable equipment, and meanwhile, the distribution condition is marked to be completely distributed;
the mobile terminal obtains the position mark from the wearable device.
5. The key distribution method of claim 4, wherein the identity authentication comprises: and searching whether a record consistent with the received user biological identification information, the received mobile terminal equipment information and/or the received contact information exists in the binding relation table, if so, passing the authentication, otherwise, failing to pass the authentication.
6. The key distribution method according to claim 4 or 5, wherein if the identity authentication fails, one or more of the following operations are performed:
(1) the key distribution network sends an alarm signal to the wearable device, and the wearable device receives the alarm signal and alarms the surrounding or a specific mechanism in a voice or other form;
(2) the key distribution network sends an alarm signal to the wearable device, and the wearable device collects the current position in real time after receiving the alarm signal and sends the current position to the key distribution network at set time intervals;
(3) the key distribution network sends an alarm signal to the wearable device, and after the wearable device receives the alarm signal, the wearable device deletes a pre-stored shared key between the wearable device and the key distribution network and deletes other stored sensitive information;
(4) and the key distribution network logs off or suspends the use authority of the wearable device.
7. The key distribution method of claim 4, wherein the method for the mobile terminal to obtain the location marker comprises:
the wearable device sends the position mark to the mobile terminal in a wireless or wired communication mode; or the wearable device displays the received position mark in a coding pattern form, and the mobile terminal scans the code to acquire the position mark.
8. The key distribution method according to claim 7, wherein the code pattern is in the form of a bar code or a two-dimensional code.
9. The key distribution method of claim 1, wherein the quantum key is stored as continuous binary data, the traffic key is composed of a plurality of discrete key segments in the quantum key, and the location marker includes a usage order and a pointer interval; wherein the usage order represents an order of the plurality of discrete key segments in the traffic key, and the pointer interval represents a byte interval of each key segment in the quantum key.
10. The key distribution method of claim 1, wherein the quantum key is stored in a plurality of key segments, the traffic key is comprised of a number of the plurality of key segments, and the location marker comprises a usage order and a pointer interval; the usage order represents an order of the plurality of key segments in the traffic key, and the pointer interval represents a sequence number of each key segment in the quantum key.
11. The key distribution method of claim 2, wherein the communication event further comprises a communication type for determining a key length to be distributed.
12. The key distribution method of claim 2, wherein the communication event further includes a key length required for the communication service.
13. The key distribution method of claim 1, wherein the wearable device pre-stores a shared quantum key with a key distribution network for encryption and decryption of communications with the key distribution network.
14. The wearable device-based key distribution method of claim 1, wherein the mobile terminal pre-stores a shared quantum key between wearable devices bound thereto for encryption and decryption of location markers.
15. A key distribution system, comprising:
a key distribution network for generating and storing quantum keys; and
receiving a key distribution request which is initiated by an initiator mobile terminal or a receiver mobile terminal and processed by wearable equipment bound with the initiator mobile terminal, and distributing a position mark of a service key of the communication to the mobile terminal in the quantum key through the wearable equipment;
the initiator mobile terminal and the receiver mobile terminal which are to establish communication pre-store the quantum key; and
respectively initiating a key distribution request to a key distribution network; and receiving a position mark distributed by a key distribution network, and acquiring the service key from the quantum key according to the position mark.
16. The key distribution system of claim 15, wherein the mobile terminal initiating a key distribution request to a key distribution network comprises:
the method comprises the steps that an initiator mobile terminal or a receiver mobile terminal of communication to be established sends a communication event to wearable equipment bound with the initiator mobile terminal or the receiver mobile terminal, wherein the communication event comprises communication initiator information and receiver information, and the initiator/receiver information comprises initiator/receiver equipment information and/or contact information;
the wearable device collects user biological identification information of a holder, generates a key distribution request based on the collected user biological identification information and a communication event, and sends the key distribution request to a key distribution network.
17. The key distribution system of claim 16, wherein the key distribution network stores a binding relationship table and a key distribution management table; the binding relation table records mobile terminal equipment information and/or contact information of a registered user and biological identification information of the user; the key distribution management table records the distribution condition of each part of the quantum key; the allocation case comprises:
the data is already distributed to the initiator and the receiver and is recorded as completely distributed;
only distributing to one of the initiator and the receiver, and recording as incomplete distribution;
unassigned to either party, denoted as unassigned.
18. The key distribution system of claim 17, wherein the distributing the position mark of the service key of the communication in the quantum key comprises:
the key distribution network firstly carries out identity authentication on a holder according to the user biological identification information;
if the identity authentication is passed, searching whether a record with the initiator and receiver information consistent with the communication event exists in the incompletely distributed records in the key distribution management table:
if the communication event does not exist, acquiring a service key from the part of the quantum key which is not distributed, acquiring a position mark of the service key in the quantum key, sending the position mark to the wearable device, generating a new record in a key distribution management table, writing the information of the initiator, the receiver and the acquired position mark corresponding to the communication event, and marking the distribution condition as incomplete distribution;
if the position mark exists, the position mark in the record is sent to the wearable equipment, and meanwhile, the distribution condition is marked to be completely distributed;
the mobile terminal obtains the position mark from the wearable device.
19. The key distribution system of claim 18, wherein the identity authentication comprises: and searching whether a record consistent with the received user biological identification information, the received mobile terminal equipment information and/or the received contact information exists in the binding relation table, if so, passing the authentication, otherwise, failing to pass the authentication.
20. The key distribution system according to claim 18 or 19, wherein if the authentication fails, one or more of the following operations are performed:
(1) the key distribution network sends an alarm signal to the wearable device, and the wearable device receives the alarm signal and alarms the surrounding or a specific mechanism in a voice or other form;
(2) the key distribution network sends an alarm signal to the wearable device, and the wearable device collects the current position in real time after receiving the alarm signal and sends the current position to the key distribution network at set time intervals;
(3) the key distribution network sends an alarm signal to the wearable device, and after the wearable device receives the alarm signal, the wearable device deletes a pre-stored shared key between the wearable device and the key distribution network and deletes other stored sensitive information;
(4) and the key distribution network logs off or suspends the use authority of the wearable device.
21. The key distribution system of claim 18, wherein the method for the mobile terminal to obtain the location marker is:
the wearable device sends the position mark to the mobile terminal in a wireless or wired communication mode; or the wearable device displays the received position mark in a coding pattern form, and the mobile terminal scans the code to acquire the position mark.
22. The key distribution system of claim 21, wherein the coding pattern is in the form of a bar code or a two-dimensional code.
23. The key distribution system of claim 15, wherein the quantum key is stored as contiguous binary data, the traffic key is comprised of a plurality of discrete key segments in the quantum key, and the location indicia includes a usage order and a pointer interval; wherein the usage order represents an order of the plurality of discrete key segments in the traffic key, and the pointer interval represents a byte interval of each key segment in the quantum key.
24. The key distribution system of claim 15, wherein the quantum key is stored in a plurality of key segments, the traffic key is comprised of a number of the plurality of key segments, and the location indicia includes a usage order and a pointer interval; the usage order represents an order of the plurality of key segments in the traffic key, and the pointer interval represents a sequence number of each key segment in the quantum key.
25. The key distribution system of claim 16, wherein the communication event further comprises a communication type for determining a length of a key to be distributed.
26. The key distribution system of claim 16, wherein the communication event further includes a key length required for the communication service.
27. The key distribution system of claim 15, wherein the wearable device pre-stores a shared quantum key with a key distribution network for encryption and decryption of communications with the key distribution network.
28. The key distribution system of claim 15, wherein the mobile terminal pre-stores a shared quantum key between wearable devices bound thereto for encryption and decryption of location markers.
29. A key distribution network is characterized in that quantum keys are generated and stored, and the quantum keys are stored in advance in a mobile terminal to establish communication;
and receiving a key distribution request initiated by an initiator mobile terminal or a receiver mobile terminal through a wearable device bound with the initiator mobile terminal, and distributing a position mark of the service key of the communication in the quantum key to the mobile terminal through the wearable device.
30. A key distribution network according to claim 29, wherein the key distribution request includes the communication event and user biometric information collected by the wearable device, the communication event including communication initiator and recipient information, wherein the initiator/recipient information includes initiator/recipient device information and/or contact information.
31. A key distribution network as recited in claim 30,
the key distribution network stores a binding relation table and a key distribution management table; the binding relation table records mobile terminal equipment information and/or contact information of a registered user and biological identification information of the user; the key distribution management table records the distribution condition of each part of the quantum key; the allocation case comprises:
the data is already distributed to the initiator and the receiver and is recorded as completely distributed;
only distributing to one of the initiator and the receiver, and recording as incomplete distribution;
unassigned to either party, denoted as unassigned.
32. The key distribution network of claim 31, wherein the assigning the location of the traffic key of the communication in the quantum key comprises:
the key distribution network firstly carries out identity authentication on a holder according to the user biological identification information;
if the identity authentication is passed, searching whether a record with the initiator and receiver information consistent with the communication event exists in the incompletely distributed records in the key distribution management table:
if the communication event does not exist, acquiring a service key from the part of the quantum key which is not distributed, acquiring a position mark of the service key in the quantum key, sending the position mark to the wearable device, generating a new record in a key distribution management table, writing the information of the initiator, the receiver and the acquired position mark corresponding to the communication event, and marking the distribution condition as incomplete distribution;
if the position mark exists, the position mark in the record is sent to the wearable equipment, and meanwhile, the distribution condition is marked to be completely distributed; the location indicia is provided to the mobile terminal by the wearable device.
33. A key distribution network as claimed in claim 32, wherein said identity authentication comprises: and searching whether a record consistent with the received user biological identification information, the received mobile terminal equipment information and/or the received contact information exists in the binding relation table, if so, passing the authentication, otherwise, failing to pass the authentication.
34. A key distribution network as claimed in claim 29, wherein said quantum key is stored as a continuous binary datum, said traffic key is comprised of a plurality of discrete key segments in the quantum key, and said location indicia includes a usage sequence and pointer intervals; wherein the usage order represents an order of the plurality of discrete key segments in the traffic key, and the pointer interval represents a byte interval of each key segment in the quantum key.
35. A key distribution network as claimed in claim 29, wherein said quantum key is stored in a plurality of key segments, said traffic key is comprised of a number of said plurality of key segments, and said location indicia includes a usage order and pointer intervals; the usage order represents an order of the plurality of key segments in the traffic key, and the pointer interval represents a sequence number of each key segment in the quantum key.
36. A key distribution network as claimed in claim 30, wherein the communications event further comprises a communications type for determining the size of the traffic key to be distributed.
37. A key distribution network as claimed in claim 30, wherein the communications event further comprises the length of the key required for the communications service.
38. A key distribution network as claimed in claim 29 wherein the wearable device pre-stores a shared quantum key with the key distribution network for encryption and decryption of communications with the key distribution network.
39. A mobile terminal is characterized in that the same quantum key is stored in advance in another mobile terminal which is communicated with the other mobile terminal in advance, and the quantum key is generated and stored by a key distribution network;
the mobile terminal sends a communication event to the wearable device bound with the mobile terminal, and the wearable device further initiates a key distribution request to a key distribution network;
acquiring a position mark of a service key of the communication distributed by a key distribution network in the quantum key;
and acquiring the service key from the quantum key according to the position mark.
40. A mobile terminal according to claim 39, wherein the mobile terminal initiates a key distribution request to a key distribution network via a wearable device; and obtaining the location tag assigned by the key distribution network from the wearable device.
41. The mobile terminal of claim 40, wherein the location of the key distribution network allocation obtained from the wearable device is marked as:
the wearable device sends the position mark to the mobile terminal in a wireless or wired communication mode; or the wearable device displays the received position mark in a coding pattern form, and the mobile terminal scans the code to acquire the position mark.
42. A mobile terminal as in claim 40 or 41, wherein said mobile terminal pre-stores a shared quantum key between wearable devices bound to it for encryption and decryption of location markers.
43. A mobile terminal as in claim 39, wherein said communication event comprises communication initiator and recipient information.
44. A mobile terminal as in claim 39, wherein said communication event further comprises a communication type or a key length required for the communication service.
45. A wearable device is characterized in that the wearable device is bound with an initiator mobile terminal or a receiver mobile terminal, and the initiator mobile terminal and the receiver mobile terminal both store the same quantum key in advance;
the wearable device receives a communication event sent by the mobile terminal;
acquiring user biological identification information of a holder, generating a key distribution request based on the acquired user biological identification information and a communication event, and sending the key distribution request to a key distribution network;
and receiving the position mark of the service key distributed by the key distribution network in the quantum key, and providing the position mark to the mobile terminal.
46. The wearable device of claim 45, wherein the means for providing the location indicia to the mobile terminal comprises: the wearable device sends the position mark to the mobile terminal in a wireless or wired communication mode; or, the wearable device displays the position mark in a coding pattern form for the mobile terminal to scan.
47. The wearable device of claim 46, wherein the coded pattern is in the form of a bar code or a two-dimensional code.
48. The wearable device of claim 45, wherein the wearable device pre-stores a shared quantum key between mobile terminals bound to the wearable device for encryption and decryption of location markers.
49. A secret communication method based on quantum keys, characterized in that, based on the service keys obtained by the distribution method according to any one of claims 1 to 14, the originating mobile terminal and the receiving mobile terminal perform secret communication.
CN201910865926.XA 2019-09-09 2019-09-09 Key distribution method, system, mobile terminal and wearable device Active CN112468287B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201910865926.XA CN112468287B (en) 2019-09-09 2019-09-09 Key distribution method, system, mobile terminal and wearable device
PCT/CN2020/113815 WO2021047477A1 (en) 2019-09-09 2020-09-07 Key allocation method and system, mobile terminal and wearable device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910865926.XA CN112468287B (en) 2019-09-09 2019-09-09 Key distribution method, system, mobile terminal and wearable device

Publications (2)

Publication Number Publication Date
CN112468287A true CN112468287A (en) 2021-03-09
CN112468287B CN112468287B (en) 2022-02-22

Family

ID=74807576

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910865926.XA Active CN112468287B (en) 2019-09-09 2019-09-09 Key distribution method, system, mobile terminal and wearable device

Country Status (2)

Country Link
CN (1) CN112468287B (en)
WO (1) WO2021047477A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117792795A (en) * 2024-02-23 2024-03-29 河北赛克普泰计算机咨询服务有限公司 Data encryption method and real-time network security monitoring system

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113315694B (en) * 2021-05-27 2023-11-10 维沃移动通信有限公司 Instant messaging method and device and electronic equipment
CN113904949B (en) * 2021-11-11 2024-02-09 宁波奥克斯电气股份有限公司 Distribution network binding method and device, intelligent equipment and storage medium
CN115358748B (en) * 2022-08-26 2024-08-23 中国银行股份有限公司 Payment protection method, device, equipment and storage medium based on quantum encryption
CN116112276A (en) * 2023-02-01 2023-05-12 中国工商银行股份有限公司 Service information transmission method, request terminal, service terminal and system

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060093143A1 (en) * 2004-11-01 2006-05-04 Nec Corporation Method and system for generating shared information
US20110126011A1 (en) * 2009-11-24 2011-05-26 Electronics And Telecommunications Research Institute Method of user-authenticated quantum key distribution
CN104243143A (en) * 2013-06-08 2014-12-24 安徽量子通信技术有限公司 Mobile secret communication method based on quantum key distribution network
US20150036819A1 (en) * 2013-07-31 2015-02-05 Oki Electric Industry Co., Ltd. Quantum-key-distribution receiving device and method for using single-photon detector
CN106817694A (en) * 2017-04-14 2017-06-09 江苏亨通问天量子信息研究院有限公司 Quantum wireless secret communication system and mobile terminal
CN107040378A (en) * 2017-06-01 2017-08-11 浙江九州量子信息技术股份有限公司 A kind of key dispatching system and method based on Multi-user Remote Communication
CN107086908A (en) * 2016-02-15 2017-08-22 阿里巴巴集团控股有限公司 A kind of quantum key delivering method and device
WO2018224138A1 (en) * 2017-06-07 2018-12-13 Huawei Technologies Co., Ltd. Quantum key distribution transmitter, system and method
CN109525390A (en) * 2018-11-20 2019-03-26 江苏亨通问天量子信息研究院有限公司 Quantum key wireless dispatch method and system for terminal device secret communication
CN109561056A (en) * 2017-09-27 2019-04-02 山东量子科学技术研究院有限公司 A kind of secret communication method, system, mobile terminal and wearable device
CN109842486A (en) * 2017-11-27 2019-06-04 全球能源互联网研究院有限公司 Four states of one kind modulation continuous variable quantum key distribution data coordinating method and system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104243144B (en) * 2013-06-08 2018-03-13 科大国盾量子技术股份有限公司 A kind of communication key distribution method based on Android intelligent mobile terminal
CN107959566A (en) * 2016-10-14 2018-04-24 阿里巴巴集团控股有限公司 Quantal data key agreement system and quantal data cryptographic key negotiation method
CN106878015A (en) * 2017-04-14 2017-06-20 江苏亨通问天量子信息研究院有限公司 Encryption satellite communication system and method
US10432395B2 (en) * 2017-10-04 2019-10-01 The Boeing Company Recipient-driven data encryption

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060093143A1 (en) * 2004-11-01 2006-05-04 Nec Corporation Method and system for generating shared information
US20110126011A1 (en) * 2009-11-24 2011-05-26 Electronics And Telecommunications Research Institute Method of user-authenticated quantum key distribution
CN104243143A (en) * 2013-06-08 2014-12-24 安徽量子通信技术有限公司 Mobile secret communication method based on quantum key distribution network
US20150036819A1 (en) * 2013-07-31 2015-02-05 Oki Electric Industry Co., Ltd. Quantum-key-distribution receiving device and method for using single-photon detector
CN107086908A (en) * 2016-02-15 2017-08-22 阿里巴巴集团控股有限公司 A kind of quantum key delivering method and device
CN106817694A (en) * 2017-04-14 2017-06-09 江苏亨通问天量子信息研究院有限公司 Quantum wireless secret communication system and mobile terminal
CN107040378A (en) * 2017-06-01 2017-08-11 浙江九州量子信息技术股份有限公司 A kind of key dispatching system and method based on Multi-user Remote Communication
WO2018224138A1 (en) * 2017-06-07 2018-12-13 Huawei Technologies Co., Ltd. Quantum key distribution transmitter, system and method
CN109561056A (en) * 2017-09-27 2019-04-02 山东量子科学技术研究院有限公司 A kind of secret communication method, system, mobile terminal and wearable device
CN109842486A (en) * 2017-11-27 2019-06-04 全球能源互联网研究院有限公司 Four states of one kind modulation continuous variable quantum key distribution data coordinating method and system
CN109525390A (en) * 2018-11-20 2019-03-26 江苏亨通问天量子信息研究院有限公司 Quantum key wireless dispatch method and system for terminal device secret communication

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117792795A (en) * 2024-02-23 2024-03-29 河北赛克普泰计算机咨询服务有限公司 Data encryption method and real-time network security monitoring system

Also Published As

Publication number Publication date
CN112468287B (en) 2022-02-22
WO2021047477A1 (en) 2021-03-18

Similar Documents

Publication Publication Date Title
CN112468287B (en) Key distribution method, system, mobile terminal and wearable device
US9668127B2 (en) Method for allocating communication key based on android intelligent mobile terminal
CN101662765B (en) Encryption system and method of short message of mobile telephone
US5689563A (en) Method and apparatus for efficient real-time authentication and encryption in a communication system
US7716483B2 (en) Method for establishing a communication between two devices
ES2263264T3 (en) PROCEDURE AND SYSTEM FOR THE PROCESSING OF MESSAGES IN A TELECOMMUNICATIONS SYSTEM.
US9165149B2 (en) Use of a mobile telecommunication device as an electronic health insurance card
KR20010039387A (en) Method protecting data stored in lost mobile terminal and recording medium therefor
JP2009510644A (en) Method and configuration for secure authentication
US8112638B2 (en) Secure backup system and method in a mobile telecommunication network
KR100826522B1 (en) Apparatus and method for dynamic ciphering in mobile communication system
JP6397046B2 (en) Address book protection method, apparatus and communication system
US7177425B2 (en) Device and method for securing information associated with a subscriber in a communication apparatus
CN100514999C (en) Method, terminal device and communication system for realizing virtual terminal communication
CN112564892B (en) Key distribution method, system and wearable device
US9277403B2 (en) Authentication method and device
CN103188665A (en) System, method and device of improving safety of cell phone receiving advertising
US6111955A (en) Security in cellular telephones
US20150156173A1 (en) Communication system utilizing fingerprint information and use thereof
WO2017008423A1 (en) Communication method and device, and storage medium
AU753951B2 (en) Voice and data encryption method using a cryptographic key split combiner
CN108337385A (en) A kind of system for establishing call connection using safety equipment
CN115348085A (en) Epidemic prevention management method based on quantum encryption and epidemic prevention terminal
CN105245526B (en) Call the method and apparatus of SIM card application
KR20060112597A (en) Method and system for resetting memory of mobile terminal and mobile terminal having a memory reset function

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant