CN114362927A

CN114362927A - Key agreement method, device, equipment and storage medium

Info

Publication number: CN114362927A
Application number: CN202011098686.4A
Authority: CN
Inventors: 马冰珂
Original assignee: China Mobile Communications Group Co Ltd; China Mobile Communications Ltd Research Institute
Current assignee: China Mobile Communications Group Co Ltd; China Mobile Communications Ltd Research Institute
Priority date: 2020-10-14
Filing date: 2020-10-14
Publication date: 2022-04-15

Abstract

The invention discloses a key agreement method, a device, equipment and a storage medium. Wherein the method comprises the following steps: the first mobile terminal determines a first seed key; encrypting the first seed key, and sending the encrypted first seed key to a key server in a quantum key distribution network; the first seed key is used for a session key used for the key server to negotiate and communicate with a second mobile terminal; the key server receives the encrypted first seed key, decrypts the encrypted first seed key to obtain a decrypted first seed key, and sends the decrypted first seed key to the second mobile terminal; the second mobile terminal receives the first seed key and determines a second seed key; determining the session key using the first seed key and the second seed key.

Description

Key agreement method, device, equipment and storage medium

Technical Field

The present invention relates to the field of wireless technologies, and in particular, to a key agreement method, apparatus, device, and storage medium.

Background

Quantum secret communication has the technical advantages of quantum irreproducibility, quantum inaccuracy, quantum irreproducibility, ideal randomness and the like, and the phenomenon that the mobile terminal is applied to a quantum key distribution network of quantum secret communication is more and more common. In order to implement data communication of the mobile terminal in the quantum key distribution network, the central node in the quantum key distribution network may provide the quantum key to the mobile terminal, so that the mobile terminal may encrypt data transmitted in the quantum key distribution network by using the quantum key. However, in general, the mobile terminal can only passively receive the quantum key transmitted by the central node in the quantum key distribution network, and cannot participate in the generation of the quantum key, so that the generation method of the quantum key is relatively single.

Disclosure of Invention

In view of this, embodiments of the present invention are intended to provide a key agreement method, apparatus, device, and storage medium.

The technical scheme of the embodiment of the invention is realized as follows:

at least one embodiment of the present invention provides a key agreement method, including:

the first mobile terminal determines a first seed key; encrypting the first seed key, and sending the encrypted first seed key to a key server in a quantum key distribution network; the first seed key is used for a session key used for the key server to negotiate and communicate with a second mobile terminal;

the key server receives the encrypted first seed key, decrypts the encrypted first seed key to obtain a decrypted first seed key, and sends the decrypted first seed key to the second mobile terminal;

the second mobile terminal receives the first seed key and determines a second seed key; determining the session key using the first seed key and the second seed key.

Furthermore, in accordance with at least one embodiment of the present invention, the first mobile terminal and the second mobile terminal are both bound with a first key server in a quantum key distribution network;

the encrypting the first seed key and sending the encrypted first seed key to a key server in a quantum key distribution network includes:

the first mobile terminal determines a first quantum key and a corresponding first quantum key identification between the first mobile terminal and the first key server; and encrypting a first seed key identifier of the first seed key by using the first quantum key, and sending the encrypted first seed key identifier and the first quantum key identifier to the first key server.

Furthermore, according to at least one embodiment of the present invention, the receiving, by the key server, the encrypted first seed key identifier, and decrypting the encrypted first seed key identifier to obtain a decrypted first seed key includes:

the first key server receives the encrypted first seed key identification and the first quantum key identification; and determining a first quantum key corresponding to the first quantum key identifier, and decrypting the encrypted first seed key identifier by using the first quantum key to obtain a decrypted first seed key.

Furthermore, according to at least one embodiment of the present invention, the sending the decrypted first seed key to the second mobile terminal includes:

the first key server determines a second shared quantum key and a corresponding second quantum key identifier between the first key server and the second mobile terminal; and encrypting the decrypted first seed key by using the second shared quantum key, and sending the encrypted first seed key and the second quantum key identifier to the second mobile terminal.

Further, in accordance with at least one embodiment of the present invention, the second mobile terminal receiving the first seed key includes:

the second mobile terminal receives the encrypted first seed key and the encrypted second quantum key identifier; determining a corresponding second quantum key according to the second quantum key identifier; and decrypting the encrypted first seed key by using the second quantum key to obtain a decrypted first seed key.

Furthermore, in accordance with at least one embodiment of the present invention, the first mobile terminal is bound to a second key server in the quantum key distribution network, and the second mobile terminal is bound to a third key server in the quantum key distribution network;

the encrypting the first seed key identifier and sending the encrypted first seed key identifier to a key server in a quantum key distribution network includes:

the first mobile terminal determines a third shared quantum key and a corresponding third quantum key identifier between the first mobile terminal and the second key server; and encrypting the first seed key identification of the first seed key by using the third shared quantum key, and sending the encrypted first seed key identification and the third seed key identification to the second key server.

the second key server receives the encrypted first seed key identification and the third quantum key identification; determining a corresponding third shared quantum key by using the third quantum key identifier; and decrypting the encrypted first seed key identification by using the third shared quantum key to obtain a decrypted first seed key.

the second key server sends the decrypted first seed key to the third key server;

the third key server receives the first seed key; determining a fourth quantum key and corresponding fourth quantum key identification information between the mobile terminal and the second mobile terminal; and encrypting the first seed key by using the fourth quantum key, and sending the encrypted first seed key and the fourth quantum key identifier to the second mobile terminal.

the second mobile terminal receives the encrypted first seed key and the fourth quantum key identification sent by the third key server; determining a corresponding fourth quantum key according to the fourth quantum key identifier; and decrypting the encrypted first seed key by using the fourth quantum key to obtain the first seed key.

Further, in accordance with at least one embodiment of the present invention, the method further comprises:

the second mobile terminal determines a second seed key identifier corresponding to the second seed key and sends the second seed key identifier to the key server;

the key server receives the second seed key identification; determining a second seed key corresponding to the second seed key identification; sending the second seed key to the first mobile terminal;

the first mobile terminal receives the second seed key; determining the session key using the first seed key and the second seed key.

At least one embodiment of the present invention provides a key agreement method, applied to a first mobile terminal, the method including:

determining a first seed key identifier corresponding to the first seed key; the first seed key is used for a second mobile terminal to determine a session key used for communicating with the first mobile terminal;

encrypting the first seed key identification, and sending the encrypted first seed key identification to a key server in a quantum key distribution network;

the encrypted first seed key identifier is used for the key server to send the first seed key to the second mobile terminal, so as to generate the session key.

At least one embodiment of the present invention provides a key agreement apparatus including:

the first processing unit is used for determining a first seed key identifier corresponding to the first seed key; the first seed key is used for a second mobile terminal to determine a session key used for communicating with the first mobile terminal;

the second processing unit is used for encrypting the first seed key identification and sending the encrypted first seed key identification to a key server in a quantum key distribution network;

Furthermore, according to at least one embodiment of the present invention, the second processing unit is specifically configured to:

the first mobile terminal and the second mobile terminal are both bound with a first key server in a quantum key distribution network; the first mobile terminal determines a first quantum key and a corresponding first quantum key identification between the first mobile terminal and the first key server; and encrypting a first seed key identifier of the first seed key by using the first quantum key, and sending the encrypted first seed key identifier and the first quantum key identifier to the first key server.

the first mobile terminal is bound with a second key server in the quantum key distribution network, and the second mobile terminal is bound with a third key server in the quantum key distribution network; the first mobile terminal determines a third shared quantum key and a corresponding third quantum key identifier between the first mobile terminal and the second key server; and encrypting the first seed key identification of the first seed key by using the third shared quantum key, and sending the encrypted first seed key identification and the third seed key identification to the second key server.

At least one embodiment of the present invention provides a mobile terminal including:

a communication interface for the communication of the information to the external,

the processor is used for determining a first seed key identifier corresponding to the first seed key; the first seed key is used for a second mobile terminal to determine a session key used for communicating with the first mobile terminal; encrypting the first seed key identification, and sending the encrypted first seed key identification to a key server in a quantum key distribution network;

At least one embodiment of the invention provides a mobile terminal comprising a processor and a memory storing a computer program capable of running on the processor,

wherein the processor is configured to execute the steps of any one of the above-mentioned methods at the mobile terminal side when running the computer program.

At least one embodiment of the present invention provides a storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of any of the methods described above on the mobile terminal side.

According to the key agreement method, the key agreement device, the key agreement equipment and the storage medium, the first mobile terminal determines a first seed key; encrypting the first seed key, and sending the encrypted first seed key to a key server in a quantum key distribution network; the first seed key is used for a session key used for the key server to negotiate and communicate with a second mobile terminal; the key server receives the encrypted first seed key, decrypts the encrypted first seed key to obtain a decrypted first seed key, and sends the decrypted first seed key to the second mobile terminal; the second mobile terminal receives the first seed key and determines a second seed key; determining the session key using the first seed key and the second seed key. By adopting the technical scheme of the embodiment of the invention, the first mobile terminal provides the data for generating the session key to the second mobile terminal through the key server, so that the second mobile terminal can generate the session key according to the seed key provided by the first mobile terminal through the key server, and compared with a mode that the generation mode of the key is single because the mobile terminal only passively receives the session key sent by the central node in the quantum key distribution network in the related technology, the method can ensure that the first mobile terminal participates in the generation process of the session key.

Drawings

Fig. 1 is a first schematic flow chart illustrating an implementation of a key agreement method according to an embodiment of the present invention;

FIG. 2 is a first schematic diagram of a quantum key distribution network according to an embodiment of the present invention;

FIG. 3 is a schematic diagram of a flow chart of an implementation of key agreement initiation according to an embodiment of the present invention;

fig. 4 is a first flowchart illustrating an implementation process of a first mobile station negotiating a session key with a second mobile station according to an embodiment of the present invention;

fig. 5 is a schematic diagram of an implementation process of a second mobile terminal negotiating a session key with a first mobile terminal according to an embodiment of the present invention;

fig. 6 is a schematic diagram of a second implementation flow of key agreement initiation according to an embodiment of the present invention;

fig. 7 is a schematic diagram illustrating a second implementation flow of a session key negotiation between a first mobile terminal and a second mobile terminal according to an embodiment of the present invention;

fig. 8 is a schematic diagram illustrating a second implementation process of negotiating a session key between a second mobile terminal and a first mobile terminal according to an embodiment of the present invention;

FIG. 9 is a schematic diagram of a configuration of a key agreement system according to an embodiment of the present invention;

fig. 10 is a schematic diagram illustrating an implementation flow of a key agreement method according to an embodiment of the present invention;

fig. 11 is a schematic structural diagram of a key agreement device according to an embodiment of the present invention;

fig. 12 is a schematic structural diagram of a mobile terminal according to an embodiment of the present invention.

Detailed Description

Before the technical solution of the embodiment of the present invention is introduced, a description is given of a related art.

In the related technology, quantum secret communication has the technical advantages of quantum irrevocability, quantum inaccuracy measurement, quantum irreproducibility, ideal randomness and the like, and the security of the quantum secret communication is based on the basic principle of quantum mechanics, and is the only secret communication technology with the theoretical security strictly proved at present. Due to various factors such as the size of the device, the key transceiving system for practical quantum secret communication is difficult to be directly applied to mobile devices with extremely high requirements on the size and the portability of the device. The mobility of the related art of quantum communication is a key issue at the core that promotes the larger-scale application of quantum communication.

In the related art, a scheme for performing communication by using a key sent by a quantum key distribution network includes: (1) a patent document entitled a mobile secure communication method based on quantum key distribution network discloses: the mobile terminal registers to the network and establishes a binding relationship with a certain centralized control station in the quantum key distribution network; after the communication service is initiated, the mobile terminal participating in the communication distributes a network application service key to the sub-key; the quantum key distribution network obtains addresses of all centralized control stations participating in service key distribution in communication, and the service keys are designated according to current state indexes of all the centralized control stations to generate the centralized control stations; the service key generation centralized control station generates a service key required by the communication and distributes the service key to the mobile terminals participating in the communication; and the mobile terminal participating in communication uses the service key to carry out secret communication through the original data link of the communication service. The technical defects of the scheme are as follows: the main concerned scene is secret communication between mobile terminals based on a quantum key distribution network, session keys between the mobile terminals are generated and distributed in a centralized mode of the quantum key distribution network, the mobile terminals do not participate in specific generation of the session keys, and detailed agreement is not made on a key generation mechanism and a key generation process. (2) The title is secret mobile communication system based on quantum key discloses: the system comprises a quantum key service station, a plurality of mobile terminals and a public communication network, wherein the quantum key service station and the mobile terminals are communicated through the public communication network; the quantum key service station is used for providing quantum key downloading service for the mobile terminal and completing security control of the quantum key, the mobile terminal is used for achieving a basic call function and a secret communication additional function, and the public communication network is used for achieving a data transmission function. The technical defects of the scheme are as follows: the quantum key service station, the mobile terminals and the public communication network are used for realizing the distribution of the quantum key among the mobile terminals and the application of the secret communication function. The scheme gives a system structure and basic steps, but a session key generation mechanism is not agreed in detail, the session key is generated and distributed in a centralized mode, and the mobile terminal does not participate in specific generation and designation of the session key. (3) The name is a quantum wireless secret communication system and a mobile terminal, and discloses: the mobile terminal is applied to the quantum wireless secret communication system, the quantum wireless secret communication system comprises a plurality of service terminals, the service terminals are connected through a quantum key distribution network, and each service terminal is connected with the mobile terminals. When at least two mobile terminals are connected with a service terminal, if a preset mobile terminal needing secret communication exists in the at least two mobile terminals, the service terminal distributes the same quantum key for the preset mobile terminal needing secret communication in advance; if the mobile terminal needing temporary communication exists, the service terminal distributes the same quantum key to the mobile terminal needing secret communication in real time. The technical defects of the scheme are as follows: the system structure and the basic steps are given, but no detailed agreement is made on the generation mechanism of the session key, the session key is generated and distributed in a centralized mode, and the mobile terminal does not participate in the specific generation and designation of the session key. (4) A patent document entitled flexible quantum secure mobile communication method discloses: quantum Key Distribution (QKD) nodes provide quantum basic key injection services for the mobile terminal, and quantum keys are negotiated between the QKD nodes and the QKMC through a QKD network; the QKMC distributes session keys among two or more mobile terminals; including a registration process and an online negotiation session key process. After the mobile terminal injects the quantum basic key once, the mobile terminal can obtain quantum key service at any QKD node, and can inject the quantum basic key again at any QKD node after the quantum basic key is used up; the whole process of obtaining the session key by the mobile terminal is quantum security; a quantum key management center is introduced to uniformly control the generation and negotiation of the user session key. The technical defects of the scheme are as follows: the main concerned scene is secret communication between mobile terminals based on a quantum key distribution network, session keys between the mobile terminals are generated and distributed in a centralized mode of the quantum key distribution network, the mobile terminals do not participate in specific generation of the session keys, and a key generation mechanism and a key generation process are not agreed in detail.

In summary, in the related art, the method mainly depends on a quantum key distribution network, the session key is generated and distributed in a centralized manner, and the generation mechanism and the steps are incomplete; session keys among the mobile terminals are completely distributed and specified by the quantum key distribution platform, and the mobile terminals receive the keys specified by the platform in a passive mode; the loss of the key information transmitted by any communication line of the mobile terminal can cause the leakage of the session key.

Based on this, in various embodiments of the present invention, a first mobile terminal determines a first seed key; encrypting the first seed key, and sending the encrypted first seed key to a key server in a quantum key distribution network; the first seed key is used for a session key used for the key server to negotiate and communicate with a second mobile terminal; the key server receives the encrypted first seed key, decrypts the encrypted first seed key to obtain a decrypted first seed key, and sends the decrypted first seed key to the second mobile terminal; the second mobile terminal receives the first seed key and determines a second seed key; determining the session key using the first seed key and the second seed key.

The present invention will be described in further detail with reference to the accompanying drawings and examples.

An embodiment of the present invention provides a key agreement method, as shown in fig. 1, the method includes:

step 101: the first mobile terminal determines a first seed key; encrypting the first seed key, and sending the encrypted first seed key to a key server in a quantum key distribution network;

the first seed key is used for a session key used for the key server to negotiate and communicate with a second mobile terminal;

step 102: the key server receives the encrypted first seed key, decrypts the encrypted first seed key to obtain a decrypted first seed key, and sends the decrypted first seed key to the second mobile terminal;

step 103: the second mobile terminal receives the first seed key and determines a second seed key; determining the session key using the first seed key and the second seed key.

Here, in step 101, when the first mobile terminal communicates with the second mobile terminal, in order to ensure the security of the communication between the first mobile terminal and the second mobile terminal, a session key between the first mobile terminal and the second mobile terminal needs to be determined. In order to ensure that the first mobile terminal can participate in the session key generation process, the first mobile terminal may provide the second mobile terminal with partial data for generating a session key, that is, the first mobile terminal sends the first seed key to the second mobile terminal through a quantum key distribution network.

Here, in step 102, in an actual application, the first seed key sent by the first mobile terminal may be sent to the second mobile terminal by using a key server; the first seed key sent by the first mobile terminal can be sent to the second mobile terminal through two different key servers.

Here, in step 103, the second mobile terminal may generate a session key between the first mobile terminal and the second mobile terminal by using the partial data provided by the first mobile terminal and the partial data provided by itself, that is, the second mobile terminal generates a session key by using the first seed key and the second seed key provided by itself, which are sent by the first mobile terminal through the quantum key distribution network.

The following describes in detail how to send the first seed key sent by the first mobile terminal to the second mobile terminal through the key server in the quantum key distribution network.

In case 1, performing intra-domain negotiation, that is, sending the first seed key sent by the first mobile terminal to the second mobile terminal through the same key server. The same key server may mean that the key server bound by the first mobile terminal and the second mobile terminal is the same key server.

In practical application, in order to ensure that the session key leakage problem is not caused even when part of data provided by the first mobile terminal is lost, the first mobile terminal may send the identification information of the first seed key to a bound key server, so that the key server sends the first seed key to the second mobile terminal. Since the identification information of the first seed key sent by the first mobile terminal is received on the communication link between the key server and the first mobile terminal, and the first seed key is sent to the second mobile terminal on the communication link between the key server and the second mobile terminal, the session key is not leaked even if the data of any one of the two communication links is lost.

Based on this, in an embodiment, the first mobile terminal and the second mobile terminal are both bound with a first key server in a quantum key distribution network;

The first key server may refer to a key server in a quantum key distribution network bound by the first mobile terminal, and may also be a key server in a quantum key distribution network bound by the second mobile terminal.

Here, the first seed key identifier may refer to a seed key identifier preset in the first mobile terminal by a first key server in the quantum key distribution network. The first quantum key identifier may refer to a quantum key identifier preset in the first mobile terminal by a first key server in a quantum key distribution network.

In practical application, the first key server may store a correspondence between a seed key identifier and a seed key, and thus, after the first key server receives the encrypted first seed key identifier sent by the first mobile terminal and decrypts the encrypted first seed key identifier to obtain the first seed key identifier, the first key server may determine the first seed key corresponding to the first seed key identifier by using the correspondence between the seed key identifier and the seed key.

Based on this, in an embodiment, the receiving, by the key server, the encrypted first seed key identifier, and decrypting the encrypted first seed key identifier to obtain a decrypted first seed key includes:

Here, before the first key server receives the encrypted first seed key identifier and the first quantum key identifier sent by the first mobile terminal, it is further required to complete processes such as quantum key distribution network networking, mobile terminal binding, mobile terminal communication initiation, session key agreement initiation, and the like, and the specific description is as follows:

(1) quantum key distribution networking

Fig. 2 is a schematic diagram of a quantum key distribution network, and as shown in fig. 2, the quantum key distribution network completes networking and includes a plurality of key servers, such as a key server SC and a key server SD, and distributes and shares a quantum key between the key servers in the quantum key distribution network through the quantum key distribution network, and has ideal security, for example, SC and SD represent two key servers in the quantum key distribution network, and a communication session key KCD is shared between the key server SC and the key server SD.

(2) Mobile terminal binding

The mobile terminal can be bound to a certain key server in a registration mode, the bound mobile terminal can perform quantum key charging through the key server, the key server and the mobile terminal jointly hold a plurality of sections of quantum keys after charging is completed, a small part of the quantum keys are used for communication between the mobile terminal and the key server, and a large part of the quantum keys are used for session key negotiation with other mobile terminals. A key server in the quantum key distribution network provides a key service to a mobile terminal, and the mobile terminal registers and binds to a specific key server, as shown in fig. 2, a mobile terminal UA binds to a key server SC, and a communication session key KAC is shared between the mobile terminal UA and the key server SC; the mobile terminal UB is bound to the key server SD, and a communication session key KBD is shared between the mobile terminal UB and the key server SD; the mobile terminal UE is bound to the key server SD, and the mobile terminal and the key server SD share the communication session key. The key server bound by the mobile terminal UA and the mobile terminal UB is an inter-domain key server, and the key server bound by the mobile terminal UB and the mobile terminal UE is an intra-domain server.

(3) Mobile terminal communication initiation

Assuming that the first mobile terminal is represented by UB in FIG. 2 and the second mobile terminal is represented by UE in FIG. 2, the mobile terminal UB sends a communication request with the mobile terminal UE to a key server bound with the mobile terminal UB, and the key server inquires whether the mobile terminal UE is reachable currently and the information such as the key server bound with the mobile terminal UE through a quantum key distribution network; if the opposite end is not reachable, the session key negotiation fails.

Specifically, in the case where two mobile terminals are bound to the same key server, as shown in fig. 2, both the mobile terminal UB and the mobile terminal UE are bound to the key server SD. UB initiates a communication request with UE through SD, SD searches whether UE in current state is reachable, if not, the UB enters a failure state; and if the UE is reachable, entering a session key negotiation initiation state.

(4) Session key agreement initiation

The mobile terminal 1 initiates a session key negotiation request through the key server bound by the mobile terminal, and the mobile terminal 2 responds to the key negotiation request of the mobile terminal 1 through the key server bound by the mobile terminal, so that the session key negotiation is initiated; if the number of failed attempts is exceeded, the session key negotiation fails.

In an example, as shown in fig. 3, taking an example that two mobile terminals bind to the same key server, a process of session key agreement initiation within a domain is described, including the following steps:

step 301: the mobile terminal UB and the mobile terminal UE are bound to the key server SD, and a session request for session communication with the mobile terminal UE is sent to the key server SD.

Step 302: the mobile terminal UB uses the session key KBD with the key server SD to encrypt and authenticate the transmitted session request, which is as follows:

Enc({UB,UE}||Req,KBD)||KIBD,MAC({UB,UE}||KIBD||Req,KBD),

where Enc denotes a symmetric encryption algorithm, MAC denotes a message authentication code algorithm, { UB, UE } denotes UB and UE communicate, Req denotes specific contents of the request (including communication request information, time, sequence number, and the like to prevent playback in general), KBD, KIBD denotes a session key and id of the mobile terminal UB and the key server SD.

Step 303: the key server SD checks and verifies the session request sent by the mobile terminal UB, and if the verification is successful, step 304 is executed.

Specifically, a corresponding key KBD is searched for according to the session key identifier KIBD, the KBD is used for decrypting and authenticating the received data, and if the verification fails, the request is rejected.

Step 304: the key server SD forwards the session request of the mobile terminal UB to the mobile terminal UE.

Here, the key server SD uses the session key KED with the mobile terminal UE, and encrypts and authenticates the session request, specifically as follows:

Enc({UB,UE}||Req,KED)||KIED,MAC({UB,UE}||KIED||Req,KED),

wherein, KED and KIED represent session key and ID of the key server SD and the mobile terminal UE.

Step 305: the mobile terminal UE checks and verifies the data sent by the SD, and if the data is successfully verified, the mobile terminal UE agrees to the UB communication request, and then step 306 is executed.

Specifically, a corresponding key is searched for according to the KIED, the received data is decrypted and authenticated by using the key, and if the verification fails, the request is rejected; .

Step 306: the mobile terminal UE sends a response agreeing to communicate with the mobile terminal UB to the key server SD bound to itself,

here, the mobile terminal UE uses the session key KED with the SD, and encrypts and authenticates the response data, specifically as follows:

Enc({UB,UE}||Rep,KED)||KIED,MAC({UB,UE}||KIED||Rep,KED),

where Rep indicates the specific content of the response (typically including communication response information, and including time, sequence number, etc.).

Step 307: and the key server SD checks and verifies the received response data, namely, a corresponding key is searched according to the KIED, the received data is decrypted and authenticated by using the key, and the step 7 is carried out after the verification is passed.

Step 308: the key server SD sends the received response data to UB, namely the SD selects a session key KBD with the UB, encrypts the response data and authenticates the message, calculates and sends:

Enc({UB,UE}||Rep,KBD)||KIBD,MAC({UB,UE}||KIBD||Rep,KBD).

step 309: the mobile terminal UB checks and verifies the received response data,

specifically, a corresponding key KBD is searched for according to the session key identifier KIBD, the received data is decrypted and authenticated by using the KBD, the intra-domain session key agreement initiation process is finished after the authentication is passed, and the intra-domain session key agreement process is entered.

In practical application, in order to ensure that the problem of session key leakage cannot occur even when part of data provided by the first mobile terminal is lost, the first key server receives the first seed key identifier sent by the first mobile terminal, and after determining the first seed key corresponding to the first seed key identifier, may send the encrypted first seed key to the second mobile terminal.

Based on this, in an embodiment, the sending the decrypted first seed key to the second mobile terminal includes:

Here, the first key server may determine the identification information of the second mobile terminal according to a key agreement request sent by the first mobile terminal at a key agreement initiation stage, and determine the corresponding second mobile terminal according to the identification information of the second mobile terminal.

In practical application, the second mobile terminal may store a corresponding relationship between a quantum key identifier and a quantum key, so that after receiving the encrypted first and second quantum key identifiers sent by the first key server, the second mobile terminal may determine, by using the corresponding relationship between the quantum key identifier and the quantum key, a second quantum key corresponding to the second quantum key identifier, and thus, may decrypt, by using the second quantum key, the encrypted first seed key to obtain the first seed key.

Based on this, in an embodiment, the receiving, by the second mobile terminal, the first seed key includes:

In practical application, after the second mobile terminal calculates the session key according to the first seed key and the second seed key, in order to ensure that the second mobile terminal can participate in the generation process of the session key, the second mobile terminal may provide part of data for generating the session key to the first mobile terminal, that is, the second mobile terminal sends the second seed key to the first mobile terminal through a quantum key distribution network.

Based on this, in an embodiment, the method further comprises:

It should be noted that a process of the second mobile terminal sending the second seed key to the first mobile terminal through the quantum key distribution network is similar to a process of the first mobile terminal sending the first seed key to the second mobile terminal through the quantum key distribution network, and details are not repeated here.

In an example, as shown in fig. 4, taking intra-domain negotiation as an example, a process of a first mobile terminal negotiating a session key with a second mobile terminal is described, which includes:

step 401: the mobile terminal UB encrypts the seed key identification KI3 of the seed key K3 by using the quantum key KBD of the mobile terminal UB and the key server SD, and sends the encrypted seed key identification KI3 and the quantum key identification KIBD of the quantum key KBD to the key server SD bound with the mobile terminal UB.

The first mobile terminal may refer to a mobile terminal UB, and the second mobile terminal may refer to a mobile terminal UE. And the mobile terminal UB and the mobile terminal UE are simultaneously bound with the key server SD, and intra-domain session key negotiation is carried out through the key server SD.

Specifically, the mobile terminal UB encrypts the transmitted data and performs message authentication, that is, calculates and transmits:

Enc({UB,UE}||KI3,KBD)||KIBD,MAC({UB,UE}||KI3||KIBD,KBD),

enc represents a symmetric encryption algorithm, MAC represents a message authentication code algorithm, { UB, UE } represents a session key agreement between UB and UE, KI3 represents a key identifier of a session seed key K3 selected by UB and UE, and KBD and KIBD represent a session key and identifier between UB and SD.

Step 402: and the key server SD decrypts the encrypted seed key identification KI3 sent by the mobile terminal UB to obtain a seed key corresponding to the seed key identification KI 3.

Here, the key server SD checks and verifies the data sent by the mobile terminal UB, that is, first, the corresponding key KBD is searched according to the KIBD, and then, the KBD is used to decrypt and authenticate the received data, and if the verification fails, the request is rejected; if the verification is successful, a key K3 is obtained through inquiry according to the key identification KI 3.

Step 403: the key server SD sends the seed key K3 to the mobile terminal UE.

Here, the key server SD uses the session key KED with the mobile terminal UE to encrypt and authenticate the seed key K3, i.e. to calculate and send:

Enc({UB,UE}||K3,KED)||KIED,MAC({UB,UE}||K3||KIED,KED),

wherein, KED and KIED represent session key and ID of SD and UE.

Step 404: the mobile terminal UE selects the seed key K4 from its own stored keys and calculates the final session key.

Here, the mobile terminal UE checks and verifies the data sent by the key server SD, that is, first, searches for a corresponding key KED according to the KIED, then decrypts and authenticates the received data with the KED, and if the verification fails, rejects the request; if the verification is successful, the decryption obtains K3, and the seed key K4 stored in the decryption device is used for calculating the final session key.

SKBE＝F(K3,K4),

Wherein, SKBE represents a session key, F () represents a one-way function, which should have strong one-way and randomness, and cannot be easily inverted, and a cryptographic hash function, a key expansion algorithm, etc. can be adopted.

In an example, as shown in fig. 5, taking intra-domain negotiation as an example, a process of a second mobile terminal negotiating a session key with a first mobile terminal is described, which includes:

step 501: the mobile terminal UE forwards the identifier KI4 to SD of the session seed key K4 of the mobile terminal UE, the UE selects the session key KED with the SD, and encrypts and authenticates the data, namely calculates and sends:

Enc({UB,UE}||KI4,KED)||KIED,MAC({UB,UE}||KI4||KIED,KED).

step 502: the key server SD checks and verifies the data sent by the UE, namely, a corresponding key is searched according to the KIED, the received data is decrypted and authenticated by using the key, and if the verification fails, the request is rejected; if the verification is successful, a key K4 is obtained through inquiry according to the key identification KI 4.

Step 503: the key server SD forwards the session seed key K4 of the terminal UE to the terminal UB, the SD selects the session key KBD with the UB, and encrypts data and performs message authentication, that is, calculates and transmits:

Enc({UB,UE}||K4,KBD)||KIBD,MAC({UB,UE}||K4||KIBD,KBD).

step 504: the terminal UB checks and verifies the data sent by the SD, namely, a corresponding secret key KBD is searched according to the KIBD, the KBD is used for carrying out decryption and message authentication on the received data, and if the verification fails, the request is rejected; if the verification is successful, the decryption obtains K4, and the step (14) is entered.

Step 505: UB calculates the final session key SKBE: SKBE ═ F (K3, K4).

Here, the terminal UB and the terminal UE perform subsequent secret communication using the session key SKBE.

Here, the first mobile terminal and the second mobile terminal perform session key agreement in the domain through the same bound key server, which has the following advantages:

(1) a method and process for mobile terminal to negotiate and generate session key with the help of quantum key distribution network is provided, the session key is negotiated and determined by both mobile terminals, the centralized node such as quantum key distribution network is only used as intermediate communication medium of key negotiation, and final session key can not be appointed;

(2) two communication parties respectively select one seed key, two seed keys are used as input, a final session key is obtained through calculation of an F () function, and the two seed keys cannot be transmitted in the same link section at the same time, namely, the identifier of the first seed key is transmitted on a communication link between the first mobile terminal and the key server, and the first seed key is transmitted on a communication link between the second mobile terminal and the key server, so that key leakage caused by stealing of the seed keys in the link can be effectively avoided.

(3) The session key is generated by calculating a part of data provided by both mobile terminals, and any part of data only appears in a classical communication link of one mobile terminal, so that the session key cannot be leaked even if the part of data transmitted by a communication line of one mobile terminal is lost, and the security is stronger.

(4) The identification information of the quantum key is transmitted when the data is processed, and the quantum key corresponding to the quantum key identification is used for encrypting and protecting the integrity of the transmission content, so that the key is prevented from being directly transmitted in a communication link, and the key can be effectively prevented from being leaked.

In case 2, inter-domain negotiation, that is, sending the first seed key sent by the first mobile terminal to the second mobile terminal is implemented through two different key servers. The different key servers may mean that the key servers bound by the first mobile terminal and the second mobile terminal are different key servers.

In practical application, in order to ensure that the session key leakage problem is not caused even when part of data provided by the first mobile terminal is lost, the first mobile terminal may send the identification information of the first seed key to a key server bound to the first mobile terminal, so that the key server sends the first seed key to the key server bound to the second mobile terminal, and the key server bound to the second mobile terminal sends the first seed key to the second mobile terminal. Since the identification information of the first seed key sent by the first mobile terminal is received on the communication link between the key server and the first mobile terminal, and the first seed key is sent to the second mobile terminal on the communication link between the key server and the second mobile terminal, the session key is not leaked even if the data of any one of the two communication links is lost.

Based on this, in an embodiment, the first mobile terminal is bound with a second key server in the quantum key distribution network, and the second mobile terminal is bound with a third key server in the quantum key distribution network;

The second key server may refer to a key server in a quantum key distribution network bound by the first mobile terminal.

Here, the first seed key may refer to a seed key preset in the first mobile terminal by a first key server in the quantum key distribution network. The first quantum key identifier may refer to a seed key identifier preset in the first mobile terminal by a first key server in a quantum key distribution network.

In practical application, the second key server may store a correspondence between a seed key identifier and a seed key, so that the second key server receives the encrypted first seed key identifier sent by the first mobile terminal, decrypts the encrypted first seed key identifier to obtain the first seed key identifier, and may determine the first seed key corresponding to the first seed key identifier by using the correspondence between the seed key identifier and the seed key.

(1) quantum key distribution networking

Fig. 2 is a schematic diagram of a quantum key distribution network, and as shown in fig. 2, the quantum key distribution network completes networking and includes several key servers, such as SC and SD, and distributes and shares a quantum key between the key servers in the quantum key distribution network through the quantum key distribution network, and has ideal security, for example, SC and SD are used to represent two key servers in the quantum key distribution network, and a communication session key KCD is shared between the key server SC and the key server SD.

(2) Mobile terminal binding

(3) Mobile terminal communication initiation

(4) Session key agreement initiation

In an example, as shown in fig. 6, taking an example that two mobile terminals bind to different key servers, a process of initiating inter-domain session key agreement is described, which includes the following steps:

step 601: the mobile terminal UA and the mobile terminal UB are bound to the key server SC, and a session request for carrying out session communication with the mobile terminal UB is sent to the key server SC:

here, the mobile terminal UA selects the session key KAC with the key server SC, encrypts the session request and performs message authentication, i.e. calculates and sends:

Enc({UA,UB}||Req,KAC)||KIAC,MAC({UA,UB}||KIAC||Req,KAC),

where Enc denotes a symmetric encryption algorithm, MAC denotes a message authentication code algorithm, { UA, UB } denotes that the mobile terminal UA communicates with the mobile terminal UB, Req denotes the specific content of the request (including communication request information in general and including time, sequence number, etc. to prevent playback), and KAC and KIAC denote the session key and identifier of UA and SC.

Step 602: the key server SC checks and verifies the session request sent by the mobile terminal UA, and if the verification is successful, step 603 is executed.

Specifically, a corresponding key KAC is searched according to the KIAC, the received data is decrypted and authenticated by the KAC, and if the authentication fails, the request is rejected; .

Step 603: the key server SC forwards the session request of the mobile terminal UA to the key server SD bound to the mobile terminal UB,

here, the key server SC selects the session key KCD with the key server SD and encrypts the session request data and performs message authentication, i.e. calculates and transmits:

Enc({UA,UB}||Req,KCD)||KICD,MAC({UA,UB}||KICD||Req,KCD),

the KCD and the KICD indicate session keys and identifiers of the key server SC and the key server SD.

Step 604: the key server SD checks and verifies the data sent by the key server SC, and if the verification is successful, step 605 is executed.

Specifically, a corresponding key KCD is searched according to the KICD, the KCD is used for decrypting and authenticating the received data, and if the verification fails, the request is rejected.

Step 605: the key server SD forwards the session request of the mobile terminal UA to the mobile terminal UB,

specifically, the key server SD selects the session key KBD with the mobile terminal UB and encrypts the session request data and performs message authentication, i.e., calculates and transmits:

Enc({UA,UB}||Req,KBD)||KIBD,MAC({UA,UB}||KIBD||Req,KBD),

KBD and KIBD denote session keys and identifiers of SD and UB.

Step 606: the mobile terminal UB checks and verifies the session request sent by the key server SD, and if the verification is successful, agrees to the communication request of UA, and then step 607 is executed.

Specifically, a corresponding key KBD is searched for according to the KIBD, the KBD is used for decrypting and authenticating the received data, and if the verification fails, the request is rejected.

Step 607: the mobile terminal UB sends a response agreeing to communicate with the mobile terminal UA to the key server SD bound with the mobile terminal UB, the mobile terminal UB selects a session key KBD of the mobile terminal UB, and encrypts and authenticates response data, namely calculates and sends:

Enc({UA,UB}||Rep,KBD)||KIBD,MAC({UA,UB}||KIBD||Rep,KBD),

where Rep indicates the specific content of the response (typically containing communication response information and including time, sequence number, etc. information).

Step 608: the key server SD checks and verifies the received response data, and step 609 is executed after the verification is passed.

Specifically, a corresponding key KBD is searched for according to the KIBD, and then the KBD is used to decrypt and authenticate the received data.

Step 609: the key server SD sends the received response data to the key server SC,

specifically, the key server SD selects the session key KCD with the key server SC, and encrypts and authenticates the response data, calculates and transmits:

Enc({UA,UB}||Rep,KCD)||KICD,MAC({UA,UB}||KICD||Rep,KCD).

step 610: the key server SC checks and verifies the received response data and performs step 611 after the verification is passed.

Specifically, the corresponding key KCD is searched for according to the key identifier KICD, and then the received data is decrypted and authenticated by using the KCD.

Step 611: the key server SC sends the received response data to the mobile terminal UA.

Specifically, the key server SC selects the session key KAC with the mobile terminal UA and encrypts the response data and performs message authentication, i.e. calculates and sends:

Enc({UA,UB}||Rep,KAC)||KIAC,MAC({UA,UB}||KIAC||Rep,KAC).

step 612: the mobile terminal UA checks and verifies the received response data.

Specifically, a corresponding key KAC is searched according to the KIAC, the received data is decrypted and authenticated by the KAC, the inter-domain session key agreement initiation process is ended after the authentication is passed, and the inter-domain session key agreement process is entered.

In practical application, in order to ensure that the problem of session key leakage cannot occur even when part of data provided by the first mobile terminal is lost, the second key server receives the first seed key identifier sent by the first mobile terminal, and after determining the first seed key corresponding to the first seed key identifier, may send the first seed key to the second key server bound to the second mobile terminal, and send the first seed key to the second mobile terminal through the second key server.

Wherein the third key server may refer to a key server in a quantum key distribution network bound to the second mobile terminal.

In practical application, the second mobile terminal may store a corresponding relationship between a quantum key identifier and a quantum key, so that after receiving the encrypted first and fourth quantum key identifiers sent by the third key server, the second mobile terminal may determine, by using the corresponding relationship between the quantum key identifier and the quantum key, a fourth quantum key corresponding to the fourth quantum key identifier, and thus, may decrypt, by using the fourth quantum key, the encrypted first seed key to obtain the first seed key.

Based on this, in an embodiment, the method further comprises:

In an example, as shown in fig. 7, a process of a first mobile terminal negotiating a session key with a second mobile terminal is described by taking inter-domain negotiation as an example, and includes:

step 701: the mobile terminal UA encrypts the key identification KI1 of the selected seed key K1 using the quantum key KAC with the key server SC, and transmits the encrypted seed key identification KI1 and the quantum key identification KIAC of the quantum key KAC to the key server SC bound to itself.

The first mobile terminal may refer to a mobile terminal UA, and the second mobile terminal may refer to a mobile terminal UB. The mobile terminal UA binds the key server SC, the mobile terminal UB binds the key server SD, and the inter-domain session key negotiation is carried out through the key server SC and the key server SD.

Specifically, the mobile terminal UA encrypts and authenticates the transmitted data using the quantum key KAC with the key server SC, i.e. calculates and transmits:

Enc({UA,UB}||KI1,KAC)||KIAC,MAC({UA,UB}||KI1||KIAC,KAC),

enc represents a symmetric encryption algorithm, MAC represents a message authentication code algorithm, { UA, UB } represents a session key agreement between the mobile terminal UA and the mobile terminal UB, KI1 represents a seed key identifier of a seed key K1 selected by the mobile terminal UA to have a session with the mobile terminal UB, and KAC and KIAC represent a quantum key and an identifier of the mobile terminal UA and the key server SC.

Step 702: and the key server SC checks and verifies the data sent by the mobile terminal UA, and if the verification is successful, the seed key K1 is obtained according to the inquiry of the seed key identification KIAB.

Specifically, the corresponding quantum key KAC is searched according to the quantum key identifier KIAC, the received data is decrypted and authenticated by using the quantum key KAC, and if the authentication fails, the request is rejected.

Step 703: the key server SC sends the seed key K1 of the mobile terminal UA to the key server SD to which the mobile terminal UB is bound, using the quantum key distribution network.

Step 704: the key server SD receives the seed key K1 of the mobile terminal UA using the quantum key distribution network.

Step 705: the key server SD forwards the seed key K1 of the mobile terminal UA to the mobile terminal UB.

Specifically, the key server SD selects the quantum key KBD associated with the mobile terminal UB and encrypts and authenticates the data, i.e. calculates and sends:

Enc({UA,UB}||K1,KBD)||KIBD,MAC({UA,UB}||K1||KIBD,KBD),

KBD and KIBD denote session keys and identifiers of SD and UB.

Step 706: the mobile terminal UB checks and verifies the data sent by the key server SD, and if the verification is successful, the seed key K1 is obtained by decryption, and step 707 is executed.

Specifically, a corresponding quantum key KBD is searched for according to the quantum key identifier KIBD, the received data is decrypted and message authentication is performed by using the quantum key KBD, and if verification fails, the request is rejected.

Step 707: the mobile terminal itself stores the selected seed key K2 from the keys and calculates the final session key SKAB.

SKAB＝F(K1,K2),

Wherein, F () represents a one-way function, which should have strong one-way and randomness, and cannot be easily inverted, and a cryptographic hash function, a key expansion algorithm, etc. may be employed.

In an example, as shown in fig. 8, taking inter-domain negotiation as an example, a process of a second mobile terminal negotiating a session key with a first mobile terminal is described, which includes:

step 801: the mobile terminal UB encrypts the seed key identification KI2 of the selected seed key K2 by using the quantum key KBD of the key server SD bound to the mobile terminal UB, and transmits the encrypted seed key identification KI2 and the quantum key identification KIBD to the key server SD.

Enc({UA,UB}||KI2,KBD)||KIBD,MAC({UA,UB}||KI2||KIBD,KBD)

step 802: and the key server SD checks and verifies the data sent by the mobile terminal UB, and if the verification is successful, the seed server SD queries and obtains a seed key K2 according to the seed key identifier KI 2.

Specifically, a corresponding quantum key KBD is searched according to a quantum key identifier KIBD, the received data is decrypted and authenticated by using the quantum key KBD, and if the verification fails, the request is rejected; .

Step 803: the key server SD sends the seed key K2 of the mobile terminal UB to the key server SC to which the terminal UA is bound, using a quantum key distribution network.

Step 804: the key server SC receives the seed key K2 of the mobile terminal UB using the quantum key distribution network.

Step 805: the key server SC forwards the seed key K2 of the mobile terminal UB to the mobile terminal UA,

specifically, the key server SC selects the quantum key KAC with the mobile terminal UA, encrypts data and performs message authentication, that is, calculates and sends:

Enc({UA,UB}||K2,KAC)||KIAC,MAC({UA,UB}||K2||KIAC,KAC).

step 806: the mobile terminal UA checks and verifies the data sent by the key server SC, and if the verification is successful, the decryption result is K2, and step 807 is executed.

Specifically, a corresponding quantum key KAC is searched according to the quantum key identification KIAC, the received data is decrypted and authenticated by using the KAC, and if the verification fails, the request is rejected; .

Step 807: the mobile terminal UA calculates the final session key SKAB.

SKAB＝F(K1,K2)。

Here, the first mobile terminal and the second mobile terminal perform inter-domain session key negotiation through the respective bound key servers, and the following advantages are provided:

By adopting the technical scheme of the embodiment of the invention, the first mobile terminal provides the data for generating the session key to the second mobile terminal through the key server, so that the second mobile terminal can generate the session key according to the seed key provided by the first mobile terminal through the key server, and compared with a mode that the generation mode of the key is single because the mobile terminal only passively receives the session key sent by the central node in the quantum key distribution network in the related technology, the method can ensure that the first mobile terminal participates in the generation process of the session key.

In order to implement the key agreement method according to the embodiment of the present invention, an embodiment of the present invention further provides a key agreement system, and fig. 9 is a schematic structural diagram of the key agreement system according to the embodiment of the present invention; as shown in fig. 9, the system includes:

a first mobile terminal 91 for determining a first seed key; encrypting the first seed key, and sending the encrypted first seed key to a key server in a quantum key distribution network; the first seed key is used for a session key used for the key server to negotiate and communicate with a second mobile terminal;

the key server 92 is configured to receive the encrypted first seed key, decrypt the encrypted first seed key to obtain a decrypted first seed key, and send the decrypted first seed key to the second mobile terminal;

the second mobile terminal 93 is configured to receive the first seed key and determine a second seed key; determining the session key using the first seed key and the second seed key.

Here, the implementation processes of the first mobile terminal, the second mobile terminal and the key server are described above, and are not described herein again.

An embodiment of the present invention further provides a key agreement method, applied to a first mobile terminal, as shown in fig. 10, including:

step 1001: determining a first seed key identifier corresponding to the first seed key; the first seed key is used for a second mobile terminal to determine a session key used for communicating with the first mobile terminal;

step 1002: encrypting the first seed key identification, and sending the encrypted first seed key identification to a key server in a quantum key distribution network;

In order to implement the key agreement method according to the embodiment of the present invention, an embodiment of the present invention further provides a key agreement device, and fig. 11 is a schematic diagram illustrating a structure of the key agreement device according to the embodiment of the present invention; as shown in fig. 11, the apparatus includes:

a first processing unit 111, configured to determine a first seed key identifier corresponding to the first seed key; the first seed key is used for a second mobile terminal to determine a session key used for communicating with the first mobile terminal;

the second processing unit 112 is configured to encrypt the first seed key identifier, and send the encrypted first seed key identifier to a key server in a quantum key distribution network;

Furthermore, according to at least one embodiment of the present invention, the second processing unit 112 is specifically configured to:

In practical applications, the first processing unit 112 and the second processing unit 112 may be implemented by a processor in a key agreement apparatus.

It should be noted that: in the key agreement device provided in the above embodiment, only the division of the above program modules is taken as an example for performing key agreement, and in practical applications, the above processing allocation may be completed by different program modules as needed, that is, the internal structure of the device may be divided into different program modules to complete all or part of the above-described processing. In addition, the key agreement device and the key agreement method provided by the above embodiments belong to the same concept, and the specific implementation process thereof is detailed in the method embodiments and will not be described herein again.

An embodiment of the present invention further provides a mobile terminal, as shown in fig. 12, including:

a communication interface 121 capable of performing information interaction with other devices;

and the processor 122 is connected with the communication interface 121 and is configured to execute the method provided by one or more technical solutions of the intelligent device side when running the computer program. And the computer program is stored on the first memory 123.

It should be noted that: the specific processing procedures of the processor 122 and the communication interface 121 are detailed in the method embodiment, and are not described herein again.

Of course, in practice, the various components in the network device are coupled together by a bus system 124. It will be appreciated that the bus system 124 is used to enable communications among the components. The bus system 124 includes a power bus, a control bus, and a status signal bus in addition to a data bus. For clarity of illustration, however, the various buses are labeled as bus system 124 in fig. 12.

The memory 123 in the embodiments of the present application is used to store various types of data to support the operation of the network device. Examples of such data include: any computer program for operating on a network device.

The method disclosed in the above embodiments of the present application may be applied to the processor 122, or implemented by the processor 122. The processor 122 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be implemented by integrated logic circuits of hardware or instructions in the form of software in the processor 122. The Processor 122 may be a general purpose Processor, a Digital data Processor (DSP), or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, etc. The processor 122 may implement or perform the methods, steps and logic blocks disclosed in the embodiments of the present application. A general purpose processor may be a microprocessor or any conventional processor or the like. The steps of the method disclosed in the embodiments of the present application may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software modules may be located in a storage medium located in the memory 123, and the processor 122 reads the information in the memory 123 and performs the steps of the foregoing method in combination with its hardware.

In an exemplary embodiment, the mobile terminal 120 may be implemented by one or more Application Specific Integrated Circuits (ASICs), DSPs, Programmable Logic Devices (PLDs), Complex Programmable Logic Devices (CPLDs), Field Programmable Gate Arrays (FPGAs), general purpose processors, controllers, Micro Controllers (MCUs), microprocessors (microprocessors), or other electronic components for performing the aforementioned methods.

It will be appreciated that the memory (memory 123) of embodiments of the present application may be either volatile memory or nonvolatile memory, and may include both volatile and nonvolatile memory. Among them, the nonvolatile Memory may be a Read Only Memory (ROM), a Programmable Read Only Memory (PROM), an Erasable Programmable Read-Only Memory (EPROM), an Electrically Erasable Programmable Read-Only Memory (EEPROM), a magnetic random access Memory (FRAM), a Flash Memory (Flash Memory), a magnetic surface Memory, an optical disk, or a Compact Disc Read-Only Memory (CD-ROM); the magnetic surface storage may be disk storage or tape storage. Volatile Memory can be Random Access Memory (RAM), which acts as external cache Memory. By way of illustration and not limitation, many forms of RAM are available, such as Static Random Access Memory (SRAM), Synchronous Static Random Access Memory (SSRAM), Dynamic Random Access Memory (DRAM), Synchronous Dynamic Random Access Memory (SDRAM), Double Data Rate Synchronous Dynamic Random Access Memory (DDRSDRAM), Enhanced Synchronous Dynamic Random Access Memory (ESDRAM), Enhanced Synchronous Dynamic Random Access Memory (Enhanced DRAM), Synchronous Dynamic Random Access Memory (SLDRAM), Direct Memory (DRmb Access), and Random Access Memory (DRAM). The memories described in the embodiments of the present application are intended to comprise, without being limited to, these and any other suitable types of memory.

In an exemplary embodiment, the present invention further provides a storage medium, specifically a computer-readable storage medium, for example, a memory 123 storing a computer program, which is executable by the processor 122 of the mobile terminal 120 to perform the steps of the foregoing method. The computer readable storage medium may be Memory such as FRAM, ROM, PROM, EPROM, EEPROM, Flash Memory, magnetic surface Memory, optical disk, or CD-ROM.

It should be noted that: "first," "second," and the like are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order.

In addition, the technical solutions described in the embodiments of the present invention may be arbitrarily combined without conflict.

The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention.

Claims

1. A method of key agreement, the method comprising:

2. The method of claim 1, wherein the first mobile terminal and the second mobile terminal are both bound to a first key server in a quantum key distribution network;

3. The method according to claim 2, wherein the key server receives the encrypted first seed key identifier, decrypts the encrypted first seed key identifier to obtain a decrypted first seed key, and includes:

4. The method according to claim 3, wherein the sending the decrypted first seed key to the second mobile terminal comprises:

5. The method of claim 4, wherein the second mobile terminal receiving the first seed key comprises:

6. The method of claim 1, wherein the first mobile terminal is bound to a second key server in a quantum key distribution network, and wherein the second mobile terminal is bound to a third key server in the quantum key distribution network;

7. The method according to claim 6, wherein the key server receives the encrypted first seed key identifier, decrypts the encrypted first seed key identifier to obtain a decrypted first seed key, and comprises:

8. The method according to claim 7, wherein the sending the decrypted first seed key to the second mobile terminal comprises:

9. The method of claim 8, wherein the second mobile terminal receiving the first seed key comprises:

10. The method of claim 1, further comprising:

11. A key agreement method, applied to a first mobile terminal, the method comprising:

12. The method of claim 11, wherein the first mobile terminal and the second mobile terminal are both bound to a first key server in a quantum key distribution network;

13. The method of claim 11, wherein the first mobile terminal is bound to a second key server in the quantum key distribution network, and wherein the second mobile terminal is bound to a third key server in the quantum key distribution network;

14. A key agreement apparatus, comprising:

15. A mobile terminal, comprising:

16. A mobile terminal comprising a processor and a memory for storing a computer program capable of running on the processor,

wherein the processor is adapted to perform the steps of the method of any one of claims 11 to 13 when running the computer program.

17. A storage medium having a computer program stored thereon, the computer program, when being executed by a processor, performing the steps of the method of any one of claims 11 to 13.