CN115567933A - Channel key generation method and data transmission method - Google Patents

Abstract

The application relates to a channel key generation method, a data transmission device, a computer device and a storage medium. The channel key generation method comprises the following steps: responding to a key generation request, and acquiring a target random vector, wherein the target random vector is generated according to channel state information obtained by channel detection of two communication parties; and acquiring an initial key, and generating a channel key according to the initial key and the target random vector. By adopting the method, the corresponding channel key can be generated according to the plurality of key generation requests, the channel keys adopted by the two communication parties can be continuously updated, the problem of eavesdropping attack safety caused by insufficient channel key change rate due to slow channel environment change of the channel keys of the two communication parties is solved, and the safety of data transmission is improved.

Description

Channel key generation method and data transmission method

Technical Field

The present application relates to the field of communication encryption technologies, and in particular, to a channel key generation method, a data transmission method, an apparatus, a computer device, and a storage medium.

Background

With the continuous advance of 5G construction, mobile communication is moving toward the goals of ultra-high speed data transmission, ultra-wide wireless coverage, ultra-large number of device interconnections, and ultra-low data latency. The 5G business will gradually expand from consumption to each vertical industry, and the 5G + industry application scene will be fully opened. However, wireless communication networks are particularly vulnerable to eavesdropping due to the broadcast nature of the wireless channel. For eavesdropping attacks, security requirements of confidentiality of wireless communication networks are used to ensure that eavesdroppers cannot read confidential information.

The traditional wireless secure communication method is realized by adopting traditional password schemes such as symmetric and asymmetric password algorithms, the security depends on the reliability of a third party organization (CA), the problem of difficult mathematics and the complexity of the password schemes, and the realization of the security is limited by the quantity of reliable third party organizations and the computing power of terminals. With the rapid increase of the number of network connections and the development of heterogeneous networks, the above-mentioned defects restrict the implementation of secure communication and increase the security risk of users.

The physical layer key based on the physical characteristics can realize the operations of distribution, updating and the like of the key based on the wireless channel characteristics on the basis of no traditional cipher scheme by utilizing the characteristics of wireless communication equipment, a channel and noise, thereby realizing the confidentiality of wireless security communication. As a supplement of the traditional wireless secure communication method, the wireless secure transmission theory and technology based on physical characteristics have wide application prospects.

However, in the actual physical layer key generation process, a quasi-static condition that the channel environment changes slowly is usually faced, which will reduce the uniqueness of the key, thereby affecting the security secrecy of the communication environment.

Disclosure of Invention

In view of the above, it is necessary to provide a channel key generation method, a data transmission method, an apparatus, a computer device, and a storage medium capable of improving security of a channel key in response to the above technical problems.

In a first aspect, the present application provides a channel key generation method, including:

responding to a key generation request, and acquiring a target random vector, wherein the target random vector is generated according to channel state information obtained by channel detection of both communication parties;

and acquiring an initial key, and generating a channel key according to the initial key and the target random vector, wherein after a channel key corresponding to a current key generation request is generated, a new target random vector is acquired in response to a new key generation request, and a channel key corresponding to a new key generation request is generated according to the new target random vector and the channel key corresponding to the current key generation request.

In one embodiment, the method further comprises:

when the key generation request is a first key generation request, determining the initial key according to an initial random vector; the initial random vector is generated based on channel state information obtained by channel detection of both communication parties after a first key generation request;

and when the key generation request is a non-primary key generation request, taking a channel key generated in the last key generation request of the non-primary key generation request as the initial key.

In one embodiment, the initial random vector comprises a first initial random vector and a second initial random vector; the step of determining the initial key from the initial random vector comprises:

and determining the initial key according to the first initial random vector and the second initial random vector.

In one embodiment, the determining the initial key according to the first initial random vector and the second initial random vector includes:

performing confusion encryption processing on the first initial random vector to obtain a confusion result; performing exclusive-or processing on the confusion result and the second initial random vector to obtain an exclusive-or processing result; carrying out confusion encryption processing on the XOR processing result to obtain an initial key;

or, performing exclusive or processing on the first initial random vector and the second initial random vector to obtain an initial key;

or, performing exclusive-or processing on the first initial random vector and the second initial random vector, and performing confusion encryption processing on an exclusive-or processing result to obtain the initial key.

In one embodiment, the step of determining the initial key from the initial random vector comprises:

taking an initial random vector generated by the primary channel detection of the two communication parties as the initial key;

or, confusion encryption processing is carried out on initial random vectors generated by the two communication parties through one-time channel detection, and the initial secret key is obtained.

In one embodiment, the step of obtaining an initial key and generating a channel key according to the initial key and the target random vector includes:

carrying out XOR processing on the initial key and the target random vector to obtain an XOR processing result;

and carrying out confusion encryption processing on the XOR processing result to obtain the channel key.

In one embodiment, the method further comprises:

when the key generation request is a first key generation request, determining the initial key according to an initial random vector, the preset vector, the current value of the counter and the target random vector; the initial random vector is generated based on channel state information obtained by channel detection of both communication parties after a first key generation request;

and when the key generation request is a non-primary key generation request, taking a channel key generated in the last key generation request of the non-primary key generation request as the initial key.

In one embodiment, the step of determining the initial key according to the initial random vector, the preset vector, the current value of the counter, and the target random vector includes:

determining a reference vector according to the preset vector and the current value of the counter;

carrying out confusion encryption processing on the initial random vector to obtain a confusion result;

and carrying out XOR processing on the confusion result, the reference vector and the target random vector, and carrying out confusion encryption processing on the result of the XOR processing to obtain the initial key.

In one embodiment, the step of obtaining an initial key and generating a channel key according to the initial key and the target random vector includes:

determining a reference vector according to the preset vector and the current value of the counter;

performing exclusive-or processing on the target random vector, the reference vector and the initial key, and performing confusion encryption processing on the result of the exclusive-or processing to obtain the channel key;

and updating the value of the counter according to a preset step after determining the channel key corresponding to the key generation request.

In one embodiment, the step of determining the reference vector according to the preset vector and the current value of the counter includes:

and combining the preset vector with the current value of the counter to obtain the reference vector.

In a second aspect, the present application further provides a data transmission method, applied to a sending end, including:

receiving a data transmission instruction;

encrypting data to be transmitted according to the channel key generated by the channel key generation method in any embodiment to obtain encrypted data;

and transmitting the encrypted data to a receiving end.

In a third aspect, the present application further provides a channel key generation apparatus, including:

the acquisition module is used for responding to the key generation request and acquiring a target random vector, wherein the target random vector is generated according to channel state information obtained by channel detection of both communication parties;

and the generation module is used for acquiring an initial key and generating a channel key according to the initial key and the target random vector, wherein after a channel key corresponding to the current key generation request is generated, a new target random vector is acquired in response to the new key generation request, and the channel key corresponding to the new key generation request is generated according to the new target random vector and the channel key corresponding to the current key generation request.

In a fourth aspect, the present application further provides a data transmission apparatus, where the data transmission apparatus is arranged at a sending end, and includes:

the receiving module is used for receiving a data transmission instruction;

the encryption module is used for encrypting the data to be transmitted according to the channel key generated by the channel key generation method in any embodiment to obtain encrypted data;

and the transmission module is used for transmitting the encrypted data to the receiving end.

In a fifth aspect, the present application further provides a computer device, which includes a memory and a processor, where the memory stores a computer program, and the processor implements the steps of the channel key generation method when executing the computer program.

In a sixth aspect, the present application further provides a computer-readable storage medium. The computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the above-mentioned channel key generation method.

The channel key generation method, the data transmission method, the device, the computer equipment and the storage medium can obtain the channel state information according to the channel detection executed by both communication parties, and process and obtain the channel key according to the channel state information and the initial key obtained when the current key generation request is received.

Drawings

FIG. 1 is a diagram of an embodiment of a channel key generation method;

fig. 2 is a flowchart illustrating a channel key generation method according to a first embodiment;

fig. 3 is a flowchart illustrating a channel key generation method according to a second embodiment;

fig. 4 is a schematic flowchart of a channel key generation method in a third embodiment;

fig. 5 is a flowchart illustrating a channel key generation method according to a fourth embodiment;

fig. 6 is a flowchart illustrating a channel key generation method according to a fifth embodiment;

fig. 7 is a flowchart illustrating a channel key generation method according to a sixth embodiment;

FIG. 8 is a flow diagram illustrating a method for data transmission according to one embodiment;

fig. 9 is a block diagram showing the configuration of a channel key generation apparatus according to an embodiment;

FIG. 10 is a block diagram showing the structure of a data transmission apparatus according to an embodiment;

FIG. 11 is a diagram of the internal structure of a computer device in one embodiment.

Detailed Description

In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of and not restrictive on the broad application.

The channel key generation method provided by the embodiment of the application can be applied to the application environment shown in fig. 1. The terminal 104 may be connected to the server 102. The terminal 104 may be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, internet of things devices, and portable wearable devices, and the internet of things devices may be smart speakers, smart televisions, smart air conditioners, smart car-mounted devices, and the like. The portable wearable device can be a smart watch, a smart bracelet, a head-mounted device, and the like. The server 102 may be implemented as a stand-alone server or a server cluster composed of a plurality of servers. The server 102 may be coupled to a data storage system that may store data that the server 102 needs to encrypt. The data storage system may be integrated on the server 102, or may be located on the cloud or other network server.

For example, the channel key generation method is applied to the terminal 104, after receiving the key generation request, the terminal 104 obtains channel state information obtained by channel probing of both communication parties, generates a target random vector according to the channel state information, then obtains an initial key, and generates a channel key according to the initial key and the target random vector, and the channel key generated by the terminal 104 may be transmitted to a memory for storage, where the memory may be a separate storage device, or the memory is built in the server 102, or the memory is located on another terminal 104.

For another example, the channel key generation method is applied to the server 102, and after receiving the key generation request, the server 102 obtains channel state information obtained by channel probing of both parties of communication, generates a target random vector according to the channel state information, then obtains an initial key, generates a channel key according to the initial key and the target random vector, and transmits the generated channel key to a memory for storage, where the memory may be a separate storage device or may be built in the server 102.

In one embodiment, a channel key generation method is provided, and this embodiment is exemplified by applying the channel key generation method to a processor, and it is understood that the processor may be located on a terminal or a server. As shown in fig. 2, the channel key generation includes:

step 202, responding to the key generation request, and acquiring a target random vector, wherein the target random vector is generated according to channel state information obtained by channel detection of both communication parties.

The key generation request can be a signal instruction directly received by the processor from the user, or a signal instruction automatically generated by the processor when the processor monitors that the user sends a data transmission request meeting preset conditions to the transmitting end of the two communication parties; or the processor continuously generates a signal instruction according to a preset second generation frequency when monitoring that the user sends a data transmission request meeting a preset condition to the transmitting end of the two communication parties. The preset condition may be that the data sending request requests the sending end of the two communication parties to send encrypted data to the receiving end, that is, it may be understood that the processor automatically generates the key generation request when the two communication parties need to encrypt the transmitted data.

The two communication parties may perform Channel detection by sending pilot signals to each other, and acquire Channel State Information, where the Channel State Information includes, but is not limited to, information that can be used to describe Channel characteristics, such as average signal energy of a Channel, steady-State Channel State Information (CSI), and transient CSI.

The generation process of the target random vector comprises the following steps: the processor firstly detects connection channels of two communication parties, the processor controls the sending end to send a pilot signal to the receiving end, the receiving end executes channel detection according to the pilot signal to obtain corresponding channel state information, the processor quantizes the channel state information to generate a first detection vector with the length of a preset bit, further, the processor controls the receiving end to send the pilot signal to the sending end, the sending end executes channel detection according to the pilot signal to obtain the channel state information, and the processor quantizes the channel state information to generate a second detection vector with the length of the preset bit. And then, carrying out harmonic error correction processing, wherein the processor receives harmonic error correction information sent by the sending end and an integrity check code of the second detection vector, such as an MD5 code. The processor performs harmonic error correction on the first detection vector through the harmonic error correction information, and calculates an integrity Check Code for a result after error correction, wherein algorithms adopted in the process of harmonic error correction include a harmonic algorithm and an error correction algorithm, such as a lipper Code (Low Density Parity Check Code, LDPC), a polar Code (polar Code), a Bose Code (Bose Chaudhuri hocquenghem Code, BCH), a BBBSS protocol, and the like. And then the processor compares the integrity check code of the first detection vector with the integrity check code of the second detection vector to obtain a comparison result. If the comparison result shows that the integrity check code of the first detection vector is inconsistent with the integrity check code of the second detection vector, the processor stops generating the target random vector and sends an alarm to prompt the user that the channel state between the sending direction and the receiving party is abnormal; if the comparison result shows that the integrity check code of the first detection vector is consistent with the integrity check code of the second detection vector, the processor further adopts a hash function library preset by the two communication parties to carry out privacy amplification processing on the first detection vector or the second detection vector, in the process, the two communication parties adopt the same hash function related parameters through channel negotiation, the related parameters can be understood as a preset matrix, a vector with a fixed length can be obtained after the preset matrix is multiplied by the first detection vector or the second detection vector, and the vector with the fixed length is a newly generated target random vector.

Specifically, the fixed length may be 128 bits.

In the channel key generation method according to the above embodiment, the processor controls the two parties of the communication connection to transmit pilot signals to each other according to the key generation request to perform channel detection, obtain channel state information of the two parties of the channel, and process the channel state information to obtain the target random vector.

In step 202, when both parties need to encrypt the transmitted data, the processor continuously generates the target random vector according to a preset first generation frequency, for example, and when the processor obtains the key generation request according to a second generation frequency, the processor obtains the latest generated target random vector in response to each key generation request. The second generation frequency and the first generation frequency may be different, that is, it may be understood that the generation process of the target random vector and the generation process of the key generation request are independent of each other.

And 204, acquiring an initial key, and generating a channel key according to the initial key and the target random vector, wherein after a channel key corresponding to the current key generation request is generated, a new target random vector is acquired in response to the new key generation request, and a channel key corresponding to the new key generation request is generated according to the new target random vector and the channel key corresponding to the current key generation request.

In step 204, the processor obtains the channel key according to the target random vector and the initial key, where the target random vector is generated according to the real-time channel state information of both communication parties, and can reflect the change of the channel states of both communication parties, so that the channel keys corresponding to different key generation requests can be different according to the change of the real-time channel states of both communication parties, thereby ensuring the difference between the continuously generated channel keys.

In the channel key generation method of the embodiment, after acquiring a newly generated target random vector, a processor acquires an initial key corresponding to a current key generation request according to channel state information of both communication parties, and processes the initial key and the target random vector to obtain a channel key corresponding to the current key generation request, thereby completing a channel key generation process, and when receiving a next key generation request, the processor acquires a target random vector corresponding to a new key generation request again, generates a channel key corresponding to the new key generation request according to the new target random vector and a channel key corresponding to a previous key generation request, thereby completing the channel key generation process; as can be understood from the foregoing, the key generation instruction may be a signal instruction that the processor automatically and continuously generates according to a preset generation frequency, that is, the channel key generation process is an automatic iterative generation process, and the processor continuously and iteratively generates a new channel key during data transmission between two communication parties.

In the above channel key generation method, when both parties of communication need to encrypt transmitted data, the processor obtains a target random vector according to a key generation request, where the target random vector is generated by the processor according to a first generation frequency, and the generation process of the target random vector includes: the processor controls the two communication parties to execute channel detection once to obtain channel state information, and then the processor processes the channel state information to generate a target random vector; and then the processor obtains channel state information again according to channel detection additionally executed by both communication parties, obtains an initial key according to the channel state information, and finally obtains the channel key by combining the target random vector and the initial key. According to actual requirements, the processor can generate a request according to the continuously updated key to continuously obtain a new channel key, so that the channel keys adopted by two communication parties can be continuously updated, the problem of eavesdropping attack safety caused by slow long-time conversion of the channel keys of the two communication parties is solved, and the safety of data transmission is improved.

In some optional embodiments, the channel key generation method further includes: when the key generation request is a first key generation request, determining an initial key according to the initial random vector; the initial random vector is generated based on channel state information obtained by channel detection of both communication parties after a first key generation request; when the key generation request is a non-primary key generation request, a channel key generated at the time of the last key generation request other than the primary key generation request is used as the initial key.

The generation process of the initial random vector comprises the following steps: before receiving a first key generation request corresponding to both communication parties, for example, when both communication parties have just established communication connection, the processor may control both communication parties to perform channel detection once to obtain channel state information, and further perform processing such as quantization, harmonic error correction, privacy amplification and the like on the channel state information to obtain an initial random vector. Specifically, the generation process of the initial random vector is the same as that of the target random vector, and is not described in detail herein.

When receiving a key generation request, a processor firstly judges whether the key generation request is the first time of receiving the key generation request corresponding to the current two communication parties, if so, determines an initial key according to an initial random vector obtained when the two communication parties just establish communication connection, and if not, determines a channel key corresponding to the current key generation request according to a channel key generated when the key generation request corresponding to the current two communication parties is received last time.

The determining whether the key generation request is the process of first receiving the key generation request corresponding to the current two communication parties may be determining whether the key generation request corresponding to the current two communication parties is first received within a preset time period. In this embodiment, if two communication parties perform data transmission twice in sequence and an interval between two transmission processes is smaller than a preset time length, if a first key generation request in a subsequent data transmission process is received, a latest channel key generated in a previous data transmission process may be directly used as an initial key.

Or, starting from a new handshake between two communication parties, determining whether a key generation request corresponding to the two communication parties is received for the first time. In this embodiment, if two communication parties perform data transmission twice in sequence, after completing the previous data transmission, the two communication parties perform a hand-splitting request, and perform handshake again during the next data transmission, and if a first key generation request in the next data transmission process is received, the initial key should be determined according to the initial random vector obtained by the two communication parties during handshake again.

In the channel key generation method, the processor judges whether channel keys of both communication parties are generated for the first time or not according to a received key generation request, if so, the processor determines an initial key according to an initial random vector and a target random key generated when both communication parties establish communication connection, and if not, the processor determines a channel key corresponding to the current key generation request according to a channel key and a target random key generated when the key generation request is received for the last time. By the arrangement, the channel keys of the two communication parties can have higher and higher safety in the process of frequent change, and the target random key is generated when the current key generation request is received, so that the randomness of the latest channel key is ensured.

In some optional embodiments, the initial random vector comprises a first initial random vector and a second initial random vector; the step of determining an initial key from the initial random vector comprises:

an initial key is determined from the first initial random vector and the second initial random vector.

In some optional embodiments, determining the initial key from the first initial random vector and the second initial random vector comprises:

performing confusion encryption processing on the first initial random vector to obtain a confusion result; performing XOR processing on the confusion result and the second initial random vector to obtain an XOR processing result; and carrying out confusion encryption processing on the result of the XOR processing to obtain an initial key.

Specifically, for example, byte substitutions (SubBytes), row shifts (ShiftRows), and column obfuscations (MixColumns) are adopted for the first initial random vector to perform obfuscation processing on the first initial random vector, so as to obtain an obfuscated result; and carrying out bitwise XOR on the confusion result and the second initial random key to obtain an XOR processing result, and then sequentially carrying out byte substitution, row shift and column confusion processing on the XOR processing result again to obtain the initial key.

The process of obfuscation includes, for example: sequencing the first initial random vector according to bytes, splitting the first initial random vector according to a preset byte value, respectively and sequentially carrying out byte substitution, row shift and column confusion processing on a plurality of byte sequences obtained after splitting to obtain a confusion encrypted byte sequence, and finally recombining the confusion byte sequence according to the sequence to obtain the confusion result. The process of obtaining the initial key by the obfuscation process is the same as the process of obtaining the obfuscated result by the obfuscation process, and is not described in detail herein.

In some optional embodiments, determining the initial key according to the first initial random vector and the second initial random vector further comprises:

and carrying out XOR processing on the first initial random vector and the second initial random vector to obtain an initial key.

Specifically, the first initial random vector and the second initial random vector are subjected to bitwise exclusive-or, and the result of the exclusive-or processing is directly used as the initial key.

In some embodiments, determining the initial key from the first initial random vector and the second initial random vector further comprises:

and carrying out XOR processing on the first initial random vector and the second initial random vector, and then carrying out confusion encryption processing on the XOR processing result to obtain an initial key.

Specifically, the first initial random vector and the second initial random vector are subjected to bitwise exclusive-or, and byte substitution, row shift and column confusion processing are sequentially performed on the exclusive-or processing result to obtain an initial key.

In this embodiment, when a key generation request is received for the first time, the processor performs processing such as obfuscating encryption, bitwise xor and the like according to the first initial random vector and the second initial random vector, obtains an initial key on the basis of ensuring security and confidentiality, and further generates a channel key corresponding to a subsequent non-initial key generation request according to the initial key corresponding to the first key generation request.

In some other possible embodiments, the determining the initial key according to the first initial random vector, the second initial random vector, the third initial random vector and the fourth initial random vector includes:

performing confusion encryption processing on the first initial random vector to obtain a first confusion result; performing XOR processing on the first confusion result and the second initial random vector to obtain a first XOR processing result; performing confusion encryption processing on the first XOR processing result to obtain a second confusion result; performing XOR processing on the second confusion result and the third initial random vector to obtain a second XOR processing result; performing confusion encryption processing on the second XOR processing result to obtain a third confusion result; performing XOR processing on the third confusion result and the fourth initial random vector to obtain a third XOR processing result; and performing confusion encryption processing on the third XOR processing result to obtain an initial key.

In this embodiment, the number of initial random vectors included in the initial random vector may be changed according to actual settings of a user, and the process of obtaining the initial key according to the initial random vector may be performed by referring to the iterative processing process described in the embodiment in which the initial random vector includes the first initial random vector, the second initial random vector, the third initial random vector, and the fourth initial random vector.

In some optional embodiments, the step of determining the initial key from the initial random vector comprises:

taking an initial random vector generated by the primary channel detection of both communication parties as an initial key;

or, confusion encryption processing is carried out on initial random vectors generated by the two communication parties through one-time channel detection, and an initial key is obtained.

Specifically, in this embodiment, after a first key generation request, channel state information may be obtained based on channel detection of both communication parties, and then the channel state information may be subjected to processing such as feature extraction, quantization, harmonic error correction, privacy amplification, and the like to obtain an initial random vector, and the initial random vector may be directly used as an initial key; or acquiring channel state information based on channel detection of both communication parties after a first key generation request, then performing feature extraction, quantization, harmonic error correction, privacy amplification and other processing on the channel state information to obtain an initial random vector, and further performing byte substitution, row shift and column confusion processing on the initial random vector in sequence to obtain an initial key.

In this embodiment, the processor generates the corresponding channel key regardless of whether the first or non-first key generation request is received, i.e. the first key generation request can also generate the channel key for encrypting data.

In some optional embodiments, the step of obtaining an initial key, and generating a channel key according to the initial key and the target random vector comprises:

carrying out XOR processing on the initial key and the target random vector to obtain an XOR processing result;

and carrying out confusion encryption processing on the result of the XOR processing to obtain a channel key.

In this embodiment, the processor performs bitwise xor processing on the initial key and the target random vector, and performs byte substitution, row shift, and column confusion processing on an xor processing result in sequence to obtain a channel key corresponding to the current key generation request.

In some alternative embodiments, when the key generation request is a first key generation request, the corresponding channel key may be obtained by performing xor processing on an initial random vector and a target random vector, where the initial random vector is generated based on channel state information obtained by channel probing of both communication parties after the first key generation request.

In some alternative embodiments, when the key generation request is a first key generation request, the target random vector may be directly used as the channel key.

In the channel key generation method, according to the key generation request which is continuously received, the corresponding channel key can be obtained according to the real-time channel state information of the two communication parties, so that the potential communication safety hazard caused by the fact that the channel key is kept unchanged for a long time under the quasi-static state that the two communication parties are kept connected is solved.

As shown in fig. 3, in this embodiment, the channel key generation method includes:

step 302, judging whether the key generation request is a first key generation request;

step 3041, if the first key generation request is made, generating a first initial random vector and a second initial random vector according to channel state information obtained by channel probing of both parties after the first key generation request, and performing obfuscating encryption processing on the first initial random vector to obtain an obfuscated result; performing XOR processing on the confusion result and the second initial random vector to obtain an XOR processing result; carrying out confusion encryption processing on the result of the XOR processing to obtain an initial key, and continuously detecting a new key generation request;

step 3042, if the request is the second key generation request, obtaining the initial key generated by the first key generation request; if the key generation request is the third time or more, taking the channel key corresponding to the last key generation request as the initial key;

step 306, performing exclusive-or processing on the initial key and the target random vector to obtain an exclusive-or processing result;

and 308, performing confusion encryption processing on the result of the XOR processing to obtain a channel key corresponding to the current key generation request, and continuously detecting a new key generation request.

In the channel key generation method, when the key generation request is a first key generation request, an initial key is generated, when the key generation request is a second key generation request, a corresponding channel key is generated according to the initial key corresponding to the first key generation request, when the key generation request is a third key generation request or more, the channel key corresponding to the previous key generation request is used as the initial key to generate the corresponding channel key, and the channel key can be continuously updated under the quasi-static state that two communication sides are connected, so that the probability of occurrence of security problems such as eavesdropping attack is greatly reduced, and the security of the finally generated channel key is guaranteed by adopting processing modes such as AES (advanced encryption standard) obfuscation encryption and bitwise XOR (exclusive OR).

As shown in fig. 4, in this embodiment, the channel key generation method includes:

step 402, judging whether the key generation request is a first key generation request;

step 4041, if the first key generation request is made, generating a first initial random vector and a second initial random vector according to channel state information obtained based on channel detection of both communication parties after the first key generation request, and performing confusion encryption processing on the first initial random vector and the second initial random vector to obtain an initial key;

step 4042, if the request is not the first key generation request, using the channel key corresponding to the last key generation request as the initial key;

step 406, performing exclusive or processing on the initial key and the target random vector to obtain an exclusive or processing result;

and step 408, performing confusion encryption processing on the result of the exclusive-or processing to obtain a channel key corresponding to the current key generation request.

In the channel key generation method, when the key generation request is a primary key generation request, an initial key is generated according to an initial random vector, a channel key corresponding to the primary key generation request is generated according to the initial key, when the key generation request is a non-primary key generation request, the channel key corresponding to the previous key generation request is used as the initial key to generate a corresponding channel key, and the channel key can be continuously updated under the quasi-static state that two communication parties are kept connected, so that the probability of occurrence of security problems such as eavesdropping attack and the like is greatly reduced, and the security of the finally generated channel key is guaranteed by adopting processing modes such as AES (advanced encryption standard) and bitwise XOR (exclusive OR).

As shown in fig. 5, in one possible embodiment, the channel key generation method includes:

step 502, controlling a sending end to send a pilot signal to a receiving end, and the receiving end executing channel detection according to the pilot signal to obtain corresponding channel state information;

step 504, quantizing the channel state information acquired by the receiving end to generate a first detection vector;

step 506, controlling the receiving end to send a pilot signal to the sending end, and the sending end executing channel detection according to the pilot signal to obtain channel state information;

step 508, quantizing the channel state information acquired by the transmitting end and generating a second detection vector;

step 510, receiving the reconciliation error correction information sent by the sending end and the integrity check code of the second detection vector;

step 512, performing harmonic error correction on the first detection vector according to the harmonic error correction information, and calculating an integrity check code for the error-corrected result;

step 514, comparing the integrity check code of the first detection vector after error correction with the integrity check code of the second detection vector after error correction to obtain a comparison result;

step 516, when the comparison result shows that the two are consistent, responding to the first key generation request, and generating a first initial random vector and a second initial random vector according to channel state information obtained based on channel detection of the two communication parties;

518, performing confusion encryption processing on the first initial random vector to obtain a confusion result; performing XOR processing on the confusion result and the second initial random vector to obtain an XOR processing result; carrying out confusion encryption processing on the XOR processing result to obtain an initial key;

step 520, responding to the second channel key generation request, acquiring channel state information obtained by channel detection of both communication parties again, and generating a target random vector according to the channel state information;

522, performing exclusive or processing on the initial key generated by the first key generation request and the target random vector to obtain an exclusive or processing result; carrying out confusion encryption processing on the result of the XOR processing to obtain a channel key;

and step 524, responding to the third and above channel key generation requests, taking the channel key corresponding to the last channel key generation request as an initial key, performing exclusive or processing on the initial key and the target random vector to obtain an exclusive or processing result, and performing confusion encryption processing on the exclusive or processing result to obtain the channel key.

In the channel key generation method, after communication connection is established between two communication parties, a processor firstly carries out integrity verification on a channel between a sending party and a receiving party, when the verification result is that an integrity check code of a first detection vector is consistent with an integrity check code of a second detection vector, the channel between the two communication parties is considered to meet the communication requirement, at the moment, in response to a first key generation request, a first initial random vector and a second initial random vector are generated according to channel state information obtained based on channel detection of the two communication parties, an initial key is determined according to the first initial random vector and the second initial random vector, then, in response to a second key generation request, channel state information obtained by channel detection of the two communication parties is obtained again, a target random vector is generated according to the channel state information, an initial key corresponding to the target random vector and the first key generation request is determined, a channel key corresponding to the second key generation request is determined, in response to a subsequent key generation request, channel state information obtained by channel detection of the two communication channels is obtained again, a target vector corresponding to the current generation request is generated according to the channel state information, and a random key corresponding to the current channel request is further generated according to the random vector and the current channel key corresponding to the current channel request. Through the setting, the continuous updating of the channel keys of both communication parties is realized, and the safety in data transmission is ensured.

In some optional embodiments, the channel key generation method further includes:

when the key generation request is a first key generation request, determining an initial key according to the initial random vector, a preset vector, the current value of the counter and the target random vector; the initial random vector is generated based on channel state information obtained by channel detection of both communication parties after a first key generation request;

when the key generation request is a non-primary key generation request, a channel key generated at the time of the last key generation request other than the primary key generation request is used as the initial key.

The generation process of the initial random vector comprises the following steps: before receiving a first key generation request corresponding to both communication parties, for example, when both communication parties have just established communication connection, the processor controls both communication parties to perform channel detection once to obtain channel state information, and further performs processes such as feature extraction, quantization, harmonic error correction, privacy amplification and the like on the channel state information to obtain an initial random vector.

As an example, when the key generation request is a first key generation request, the processor initializes the counter so that the counter is assigned a value of 0 and its length is fixed.

When receiving a key generation request, a processor firstly judges whether the key generation request is the first time that a key generation request corresponding to two current communication parties is received, if so, the processor determines an initial key according to an initial random vector, a preset vector, a current value of a counter and a target random vector which are obtained when the two communication parties just establish communication connection, and if not, the processor directly takes a channel key generated when the key generation request is last time as the initial key.

In the channel key generation method in the foregoing embodiment, the processor determines, according to a received key generation request, whether to generate channel keys of both communication parties at the present for the first time, if so, determines an initial key according to an initial random vector, a preset vector, a current value of the counter, and a target random vector generated when both communication parties establish communication connection, and if not, directly uses a channel key generated when a previous key generation request is made as the initial key, and updates the value of the counter according to a preset stride after the initial key is obtained, so that a next key generation request can obtain the initial key according to the updated value of the counter. By the arrangement, the channel keys of the two communication parties can have higher and higher security in the process of frequent change, and because the initial random vector is generated in real time when the current key generation request is received, the randomness of the latest channel key is also ensured.

In some optional embodiments, the step of determining the initial key according to the initial random vector, the preset vector, the current value of the counter, and the target random vector includes:

determining a reference vector according to a preset vector and the current value of the counter; carrying out confusion encryption processing on the initial random vector to obtain a confusion result; and carrying out XOR processing on the confusion result, the reference vector and the target random vector, and then carrying out confusion processing on the result of the XOR processing to obtain the initial key.

As an example, the reference vector may be obtained by combining a preset vector and a current value of the counter.

Performing obfuscation processing on the initial random vector by using byte substitution (SubBytes), row shifting (ShiftRows) and column obfuscation (MixColumns), for example, to obtain an obfuscated result, which may be regarded as an obfuscated vector; the confusion vector is further subjected to bitwise XOR with the reference vector and the target random vector to obtain an XOR processing result, and the XOR processing result is subjected to byte substitution, row shift and column confusion processing in sequence to obtain an initial key.

The process of obtaining the obfuscated result by the obfuscation process includes, for example: sequencing the initial random vector according to bytes, splitting the initial random vector according to a preset byte value, sequentially performing byte substitution, row shift and column confusion processing on a plurality of byte sequences obtained after splitting respectively to obtain a confusion encrypted byte sequence, and finally recombining the confusion byte sequence according to the sequence to obtain the confusion result. The process of obtaining the initial key by the obfuscating process is the same as the process of obtaining the obfuscated result by the obfuscating process, and is not described in detail herein.

In this embodiment, the initial key corresponding to the first key generation request may be directly used as the channel key corresponding to the first key generation request.

In the channel key generation method in the above embodiment, when the processor determines that the current key generation request is the first key generation request, the processor first combines the preset vector and the current value of the counter to obtain a reference vector, then performs obfuscation on the initial random vector by using byte substitution, row shift, and column obfuscation to obtain an obfuscated result, and finally performs bitwise xor on the obfuscated result, the reference vector, and the target random vector, and sequentially performs byte substitution, row shift, and column obfuscation on the result of the xor processing to obtain the initial key corresponding to the first key generation request.

In some embodiments, obtaining an initial key, and generating a channel key based on the initial key and the target random vector comprises:

determining a reference vector according to a preset vector and the current value of the counter;

performing exclusive-or processing on the target random vector, the reference vector and the initial key, and performing confusion encryption processing on the result of the exclusive-or processing to obtain a channel key;

and after the channel key corresponding to the key generation request is determined, updating the value of the counter according to the preset step.

Specifically, the value of the counter is updated according to the preset stride, which may be that the value is gradually increased or gradually decreased, and the length of the value is unchanged during the change of the value of the counter.

As an example, the reference vector may be obtained by combining a preset vector and a current value of the counter.

The process of obfuscating the encryption process includes, for example: sequencing the initial key according to bytes, splitting the initial key according to a preset byte value, sequentially performing byte substitution, row shift and column confusion processing on a plurality of byte sequences obtained after splitting respectively to obtain a confusion encrypted byte sequence, and finally recombining the confusion byte sequences according to the sequence to obtain a channel key corresponding to the current key generation request.

In the channel key generation method, according to the key generation request which is continuously received, the corresponding target random vector can be obtained according to the real-time channel state information of the two communication parties, so that the potential communication safety hazard caused by the fact that the channel key is kept unchanged for a long time under the quasi-static state that the two communication parties are kept connected is solved.

In the channel key generation method of the embodiment, the processor first combines a preset vector and a current value of the counter to obtain a reference vector, then obtains a channel key generated when a key generation request corresponding to both communication parties is received last time, and uses the channel key as an initial key corresponding to a current key generation request, and finally performs bitwise xor on the initial key, the reference vector and a new target random vector, and performs obfuscating encryption on an xor processing result to obtain a channel key corresponding to a current non-first key generation request.

As shown in fig. 6, in this embodiment, the channel key generation method includes:

step 602, judging whether the key generation request is a first key generation request;

step 6041, if the key is the first key generation request, generating an initial random vector and a target random vector according to channel state information obtained by channel detection of both communication parties after the first key generation request, and performing confusion encryption processing on the initial random vector corresponding to the current key generation request to obtain a confusion vector; determining a reference vector according to the preset vector and the current value of the counter, and carrying out XOR processing on the confusion vector, the reference vector and the target random vector to obtain an XOR processing result; carrying out confusion encryption processing on the XOR processing result to obtain an initial key, updating the count of a counter according to a preset step, and continuously detecting a new key generation request;

step 6042, if the second key generation request is true, acquiring a channel key corresponding to the first key generation request and using the channel key as an initial key corresponding to the second key generation request; if the key generation request is the third and above key generation requests, taking the channel key corresponding to the last key generation request as the initial key corresponding to the current key generation request;

step 606, determining a reference vector according to the preset vector and the current value of the counter;

step 608, performing exclusive or processing on the initial key, the reference vector and the target random vector to obtain an exclusive or processing result;

and step 610, performing confusion encryption processing on the result of the exclusive-or processing to obtain a channel key corresponding to the current key generation request, updating the count of the counter according to a preset step, and continuously detecting a new key generation request.

In the channel key generation method, when the key generation request is a first key generation request, an initial random vector is generated according to actual channel state information of both communication parties, when the key generation request is a second key generation request, a channel key corresponding to the first key generation request is used as an initial key corresponding to the second key generation request, when the key generation request is a third key generation request or more, a channel key corresponding to a previous key generation request is used as an initial key corresponding to a current key generation request, then, a reference vector is determined according to a preset vector and a current value of a counter, an exclusive or processing is performed on the initial key corresponding to the current key generation request, the reference vector and a target random vector, and then, a confusion encryption processing result is performed to obtain the channel key corresponding to the current key generation request. The channel key generation method in the embodiment can continuously update the channel key under the quasi-static state that both communication parties keep connected, greatly reduces the probability of security problems such as eavesdropping attack and the like, and provides guarantee for the security of the finally generated channel key by adopting processing modes such as confusion encryption, bitwise XOR and the like.

As shown in fig. 7, in one possible implementation, the channel key generation method includes:

step 702, controlling a sending end to send a pilot signal to a receiving end, and the receiving end executing channel detection according to the pilot signal to obtain corresponding channel state information;

step 704, quantizing the channel state information acquired by the receiving end to generate a first detection vector;

step 706, controlling the receiving end to send a pilot signal to the sending end, and the sending end executing channel detection according to the pilot signal to obtain channel state information;

step 708, quantizing the channel state information acquired by the transmitting end to generate a second detection vector;

step 710, receiving the reconciliation error correction information sent by the sending end and the integrity check code of the second detection vector;

step 712, performing harmonic error correction on the first detection vector according to the harmonic error correction information, and calculating an integrity check code for the error-corrected result;

step 714, comparing the integrity check code of the first detection vector with the integrity check code of the second detection vector to obtain a comparison result;

step 716, when the comparison result indicates that the integrity check code of the first detection vector is consistent with the integrity check code of the second detection vector, responding to the first key generation request, detecting the channel state information of the channels of both communication parties twice, and generating a target random vector and an initial random vector;

step 718, combining the preset vector with the current value of the counter to obtain a reference vector, and performing confusion encryption processing on the initial random vector to obtain a confusion vector; performing exclusive-or processing on the confusion vector, the target random vector and the reference vector to obtain an exclusive-or processing result, and performing confusion encryption processing on the exclusive-or processing result to obtain an initial key, namely a channel key corresponding to the primary key generation request; updating the value of the counter according to the preset step;

step 720, responding to the second key generation request, obtaining the channel state information obtained by the channel detection of the two communication parties again, and generating a target random vector corresponding to the second key generation request according to the channel state information;

step 722, combining the updated values of the preset vector and the counter to obtain a reference vector corresponding to the second key generation request, taking the channel key generated by the first key generation request as an initial key corresponding to the second key generation request, performing xor processing on the reference vector, the initial key and the target random vector corresponding to the second key generation request to obtain an xor processing result, and performing obfuscating and encrypting processing on the xor processing result to obtain a channel key corresponding to the second key generation request; meanwhile, updating the value of the counter again according to the preset step;

step 724, responding to the third and above key generation requests, acquiring channel state information obtained by channel detection of both communication parties, and generating a target random vector corresponding to the current key generation request according to the channel state information;

step 726, combining the preset vector and the latest value of the counter to obtain a reference vector corresponding to the current key generation request, taking the channel key corresponding to the last key generation request as an initial key corresponding to the current key generation request, performing exclusive or processing on the reference vector, the initial key and the target random vector corresponding to the current key generation request to obtain an exclusive or processing result, and performing confusion encryption processing on the exclusive or processing result to obtain a channel key corresponding to the current key generation request; and updating the value of the counter according to the preset step.

In the channel key generation method, after communication connection is established between two communication parties, a processor firstly carries out integrity verification on a channel between a sender and a receiver, when the verification result is that the integrity check code of a first detection vector is consistent with the integrity check code of a second detection vector, the channel between the two communication parties is considered to meet the communication requirement, at the moment, a first key generation request is responded, an initial random vector and a target random vector are generated according to channel state information obtained based on channel detection of the two communication parties, an initial key is determined according to the initial random vector, the target random vector, a preset vector and the current value of a counter, namely a channel key corresponding to the first key generation request, and the value of the counter is updated according to preset steps; further, in response to a second key generation request, channel state information obtained by channel detection of both communication parties is obtained again, a target random vector is generated according to the channel state information, a channel key corresponding to the first key generation request, a preset vector and a value obtained after updating of a counter are used for determining a channel key corresponding to the second key generation request, channel state information obtained by channel detection of both communication parties is obtained again in response to a subsequent key generation request, a target random vector corresponding to a current key generation request is generated according to the channel state information, and a channel key corresponding to the current key generation request is determined according to the target random vector, a channel key corresponding to a previous key generation request, the preset vector and the latest value of the counter. Through the arrangement, the channel keys of both communication parties are continuously updated, and the safety during data transmission is ensured.

It should be understood that, although the steps in the flowcharts related to the embodiments described above are shown in sequence as indicated by the arrows, the steps are not necessarily performed in sequence as indicated by the arrows. The steps are not limited to being performed in the exact order illustrated and, unless explicitly stated herein, may be performed in other orders. Moreover, at least a part of the steps in the flowcharts related to the embodiments described above may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, and the execution order of the steps or stages is not necessarily sequential, but may be rotated or alternated with other steps or at least a part of the steps or stages in other steps.

Based on the same inventive concept, the embodiment of the present application further provides a data transmission method for implementing the above-mentioned channel key generation method. The implementation scheme for solving the problem provided by the data transmission method is based on the implementation scheme described in the above method, so that specific limitations in one or more data transmission method embodiments provided below may refer to the above limitations on the channel key generation method, and details are not described herein.

In an embodiment, as shown in fig. 8, a data transmission method is provided, which is applied to a sending end, and includes:

step 802, receiving a data transmission instruction;

step 804, encrypting the data to be transmitted according to the channel key generated by the channel key generation method in any of the embodiments, to obtain encrypted data;

step 806, transmitting the encrypted data to the receiving end.

The method comprises the steps that a sending end divides data to be transmitted and transmits the data in times according to the size of a data packet which can be transmitted once in the process of transmitting the data to a receiving end, and before transmitting the data at each time, if a new channel key is detected to be generated, the sending end encrypts the data to be transmitted by adopting the new channel key and transmits the encrypted data to the receiving end.

According to the data transmission method, the transmitting end calls the latest channel key to encrypt the data when transmitting the data each time according to the continuously updated channel key in the data transmission process, so that the used channel key can change in real time in the data transmission process, and the data transmission safety is greatly improved.

Based on the same inventive concept, the embodiment of the present application further provides a channel key generation device for implementing the above-mentioned channel key generation method. The implementation scheme for solving the problem provided by the channel key generation device is based on the implementation scheme described in the above method, so specific limitations in one or more embodiments of the channel key generation device provided below may refer to the above limitations on the channel key generation method, and details are not described here.

In one embodiment, as shown in fig. 9, there is provided a channel key generation apparatus 900 including:

an obtaining module 910, configured to respond to the key generation request, and obtain a target random vector, where the target random vector is generated according to channel state information obtained by channel detection of both communication parties;

the generating module 920 is configured to obtain an initial key, generate a channel key according to the initial key and a target random vector, obtain a new target random vector in response to a new key generation request after generating a channel key corresponding to a current key generation request, and generate a channel key corresponding to the new key generation request according to the new target random vector and the channel key corresponding to the current key generation request.

In some embodiments, the generation module 920 is further configured to:

when the key generation request is a first key generation request, determining an initial key according to the initial random vector; the initial random vector is generated based on channel state information obtained by channel detection of both communication parties after a first key generation request;

when the key generation request is a non-primary key generation request, a channel key generated at the last key generation request of the non-primary key generation request is used as an initial key.

In some embodiments, the initial random vector comprises a first initial random vector and a second initial random vector; the generating module 920 is further configured to:

an initial key is determined from the first initial random vector and the second initial random vector.

In some embodiments, the generation module 920 is further configured to:

performing confusion encryption processing on the first initial random vector to obtain a confusion result; performing XOR processing on the confusion result and the second initial random vector to obtain an XOR processing result; carrying out confusion encryption processing on the XOR processing result to obtain an initial key;

or, performing exclusive-or processing on the first initial random vector and the second initial random vector to obtain an initial key;

or, the first initial random vector and the second initial random vector are subjected to exclusive-or processing, and then the exclusive-or processing result is subjected to confusion encryption processing to obtain an initial key.

In some embodiments, the generation module 920 is further configured to:

taking an initial random vector generated by the primary channel detection of both communication parties as an initial key;

or, the initial random vector generated by the primary channel detection of the two communication parties is subjected to confusion encryption processing to obtain the initial key.

In some embodiments, the generation module 920 is further configured to:

carrying out XOR processing on the initial key and the target random vector to obtain an XOR processing result;

and carrying out confusion encryption processing on the result of the XOR processing to obtain a channel key.

In some embodiments, the generation module 920 is further configured to:

when the key generation request is a first key generation request, determining an initial key according to the initial random vector, a preset vector, the current value of the counter and the target random vector; the initial random vector is generated based on channel state information obtained by channel detection of both communication parties after a first key generation request;

when the key generation request is a non-primary key generation request, a channel key generated at the last key generation request of the non-primary key generation request is used as an initial key.

In some embodiments, the generation module 920 is further configured to:

determining a reference vector according to a preset vector and the current value of the counter;

carrying out confusion encryption processing on the initial random vector to obtain a confusion result;

and carrying out XOR processing on the confusion result, the reference vector and the target random vector, and carrying out confusion encryption processing on the result of the XOR processing to obtain an initial key.

In some embodiments, the generation module 920 is further configured to:

determining a reference vector according to a preset vector and the current value of the counter;

performing exclusive-or processing on the target random vector, the reference vector and the initial key, and performing confusion encryption processing on the result of the exclusive-or processing to obtain a channel key;

and after the channel key corresponding to the key generation request is determined, updating the value of the counter according to a preset step.

In some embodiments, the generation module 920 is further configured to:

and combining the preset vector with the current value of the counter to obtain a reference vector.

In one embodiment, as shown in fig. 10, there is provided a data transmission apparatus 1000 including:

a receiving module 1010, configured to receive a data transmission instruction;

an encrypting module 1020, configured to encrypt data to be transmitted according to a channel key generated by the channel key generating method in any of the embodiments, to obtain encrypted data;

the transmission module 1030 is configured to transmit the encrypted data to a receiving end.

The respective modules in the channel key generation apparatus 900 or the data transmission apparatus 1000 described above may be wholly or partially implemented by software, hardware, and a combination thereof. The modules can be embedded in a hardware form or independent of a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.

In one embodiment, a computer device is provided, comprising a memory and a processor, the memory storing a computer program which, when executed by the processor, implements the steps of the above-described channel key generation method.

The computer device may be a terminal, and its internal structure diagram may be as shown in fig. 11. The computer device includes a processor, a memory, a communication interface, a display screen, and an input device connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The communication interface of the computer device is used for communicating with an external terminal in a wired or wireless manner, and the wireless manner can be realized through WIFI, a mobile cellular network, NFC (near field communication) or other technologies. The computer program is executed by a processor to implement a memory data access method. The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, a key, a track ball or a touch pad arranged on the shell of the computer equipment, an external keyboard, a touch pad or a mouse and the like.

Those skilled in the art will appreciate that the architecture shown in fig. 11 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.

In an embodiment, a computer-readable storage medium is provided, on which a computer program is stored, which computer program, when being executed by a processor, carries out the steps of the above-mentioned channel key generation method.

All possible combinations of the technical features in the above embodiments may not be described for the sake of brevity, but should be considered as being within the scope of the present disclosure as long as there is no contradiction between the combinations of the technical features.

The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the present application. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present application shall be subject to the appended claims.

Claims (16)

1. A channel key generation method, comprising:

responding to a key generation request, and acquiring a target random vector, wherein the target random vector is generated according to channel state information obtained by channel detection of both communication parties;

and acquiring an initial key, and generating a channel key according to the initial key and the target random vector, wherein after a channel key corresponding to a current key generation request is generated, a new target random vector is acquired in response to a new key generation request, and a channel key corresponding to a new key generation request is generated according to the new target random vector and the channel key corresponding to the current key generation request.

2. The method of claim 1, wherein the step of generating the target random vector comprises:

according to the preset generation frequency, processing to obtain the target random vector according to the channel state information obtained by the channel detection of both communication parties, or

And responding to the key generation request, and processing to obtain the target random vector according to channel state information obtained by channel detection of both communication parties.

3. The method of claim 1, further comprising:

when the key generation request is a first key generation request, determining the initial key according to an initial random vector; the initial random vector is generated based on channel state information obtained by channel detection of both communication parties after a first key generation request;

and when the key generation request is a non-primary key generation request, taking a channel key generated in the last key generation request of the non-primary key generation request as the initial key.

4. The method of claim 3, wherein the initial random vector comprises a first initial random vector and a second initial random vector; the step of determining the initial key from the initial random vector comprises:

determining the initial key from the first initial random vector and a second initial random vector.

5. The method of claim 4, wherein determining the initial key from the first initial random vector and the second initial random vector comprises:

performing confusion encryption processing on the first initial random vector to obtain a confusion result; performing exclusive-or processing on the confusion result and the second initial random vector to obtain an exclusive-or processing result; carrying out confusion encryption processing on the XOR processing result to obtain an initial key;

or, performing exclusive or processing on the first initial random vector and the second initial random vector to obtain an initial key;

or, performing exclusive-or processing on the first initial random vector and the second initial random vector, and performing confusion encryption processing on an exclusive-or processing result to obtain the initial key.

6. The method of claim 3, wherein the step of determining the initial key from the initial random vector comprises:

taking an initial random vector generated by the primary channel detection of both communication parties as the initial key;

or, performing confusion encryption processing on initial random vectors generated by the two communication parties through one-time channel detection to obtain the initial key.

7. The method of claim 3, wherein the step of obtaining an initial key and generating a channel key based on the initial key and the target random vector comprises:

performing XOR processing on the initial key and the target random vector to obtain an XOR processing result;

and carrying out confusion encryption processing on the XOR processing result to obtain the channel key.

8. The method of claim 1, further comprising:

when the key generation request is a first key generation request, determining the initial key according to an initial random vector, the preset vector, the current value of the counter and the target random vector; the initial random vector is generated based on channel state information obtained by channel detection of both communication parties after a first key generation request;

and when the key generation request is a non-primary key generation request, taking a channel key generated in the last key generation request of the non-primary key generation request as the initial key.

9. The method of claim 8, wherein the step of determining the initial key according to an initial random vector, the predetermined vector, a current value of a counter, and the target random vector comprises:

determining a reference vector according to the preset vector and the current value of the counter;

carrying out confusion encryption processing on the initial random vector to obtain a confusion result;

and carrying out XOR processing on the confusion result, the reference vector and the target random vector, and carrying out confusion encryption processing on the result of the XOR processing to obtain the initial key.

10. The method of claim 9, wherein the step of obtaining an initial key and generating a channel key based on the initial key and the target random vector comprises:

determining a reference vector according to the preset vector and the current value of the counter;

performing exclusive-or processing on the target random vector, the reference vector and the initial key, and performing confusion encryption processing on the result of the exclusive-or processing to obtain the channel key;

and updating the value of the counter according to a preset step after determining the channel key corresponding to the key generation request.

11. The method of claim 10, wherein the step of determining a reference vector according to the preset vector and the current value of the counter comprises:

and combining the preset vector and the current value of the counter to obtain the reference vector.

12. A data transmission method is applied to a sending end and comprises the following steps:

receiving a data transmission instruction;

encrypting data to be transmitted according to a channel key generated according to any one of claims 1 to 11 to obtain encrypted data;

and transmitting the encrypted data to a receiving end.

13. A channel key generation apparatus, comprising:

the acquisition module is used for responding to the key generation request and acquiring a target random vector, wherein the target random vector is generated according to channel state information obtained by channel detection of both communication parties;

and the generation module is used for acquiring an initial key and generating a channel key according to the initial key and the target random vector, wherein after the channel key corresponding to the current key generation request is generated, a new target random vector is acquired in response to a new key generation request, and the channel key corresponding to the new key generation request is generated according to the new target random vector and the channel key corresponding to the current key generation request.

14. The data transmission device is characterized in that the data transmission device is arranged at a sending end and comprises:

the receiving module is used for receiving a data transmission instruction;

an encryption module, configured to encrypt data to be transmitted according to the channel key generated according to any one of claims 1 to 11, to obtain encrypted data;

and the transmission module is used for transmitting the encrypted data to a receiving end.

15. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the steps of the channel key generation method of any one of claims 1 to 11 when executing the computer program.

16. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the channel key generation method of any one of claims 1 to 11.

Images