Detailed Description
The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all embodiments of the application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
The terms first, second and the like in the description and in the claims, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged, as appropriate, such that embodiments of the present application may be implemented in sequences other than those illustrated or described herein, and that the objects identified by "first," "second," etc. are generally of a type, and are not limited to the number of objects, such as the first object may be one or more. Furthermore, in the description and claims, "and/or" means at least one of the connected objects, and the character "/", generally means that the associated object is an "or" relationship.
The quantum key filling method, the system, the electronic device and the readable storage medium provided by the embodiment of the application are described in detail below through specific embodiments and application scenes thereof with reference to the accompanying drawings.
Fig. 1 shows a flow chart of a quantum key filling method according to an embodiment of the present application, where the method may be performed by an electronic device, and the electronic device may include a terminal device. Referring to fig. 1, the method may include the following steps.
And step 102, sending a quantum key application short message to the quantum security service platform through a short message gateway.
The terminal equipment is provided with a user identity module (Subscriber Identity Module, SIM), namely a SIM card, so that data transmission can be realized and short message service is supported. The mobile terminal interacts with the short message gateway and the SIM card and is a transfer station for data transmission between the short message gateway and the SIM card.
And 104, receiving a quantum key sent by the quantum security service platform through the short message gateway, wherein the quantum key is generated by the quantum security service platform based on the quantum key application short message.
The quantum security service platform distributes the quantum key to the short message gateway through the quantum key distribution protocol, and the terminal equipment receives the quantum key through the short message gateway.
And step 106, storing the quantum key into a preset storage unit.
In the embodiment of the application, the terminal equipment sends the quantum key application short message to the quantum security service platform through the short message gateway, after the quantum security service platform generates the quantum key based on the quantum key application short message and sends the quantum key to the terminal equipment through the short message gateway, the terminal equipment receives the quantum key sent by the quantum security service platform through the short message gateway and stores the quantum key in the preset storage unit, so that efficient and safe quantum key filling on line without manual participation is realized.
In one implementation manner, the quantum key application short message includes card information of the SIM card and quantum key application information, and before the step 102 of sending the quantum key application short message to the quantum security service platform through the short message gateway, the method further includes the following steps.
And step 1011, encrypting the card information of the SIM card and the quantum key application information.
The security of the card information and the quantum key application information of the SIM card in the information transmission process is ensured by encrypting the card information and the quantum key application information of the SIM card.
And step 1012, packaging the encrypted card information of the SIM card and the quantum key application information into the quantum key application short message.
The structure of the quantum key application short message is shown in fig. 2a, and includes an uplink short message header, a short message security field and a response data packet. Wherein the structure of the response packet is shown in fig. 2b, and the field definitions of the respective parameters of the application data of the response packet are shown in table 1.
Table 1.
In the embodiment of the application, the quantum key application short message sent by the terminal equipment to the quantum security service platform through the short message gateway comprises the card information of the SIM card and the quantum key application information, wherein the card information of the SIM card is used for determining the application party of the quantum key, and the quantum key application information is used for explaining the information required for generating the quantum key. Before a quantum key application short message occurs to a quantum security service platform through a short message gateway, the terminal equipment encrypts and packages card information of the SIM card and the quantum key application information into a quantum key application short message, and reports the quantum key application short message to the short message gateway, so that the security of the card information of the SIM card and the quantum key application information in the short message reporting process is ensured.
In one implementation manner, the step 104 of receiving, by the sms gateway, the quantum key sent by the quantum security service platform includes the following steps.
Step 1041, receiving, by the sms gateway, a feedback sms sent by the quantum security service platform, where the feedback sms is obtained by encrypting and packaging the generated quantum key by the quantum security service platform.
The quantum security service platform packages the generated quantum key in a short message mode and sends the quantum key to the short message gateway, and the quantum key is transmitted to the terminal equipment by the short message gateway.
And step 1042, decrypting the feedback short message to obtain the quantum key.
Optionally, the terminal device decrypts the feedback short message by using a decryption algorithm built in the SIM card.
In the embodiment of the application, after the quantum security service platform applies for the short message to generate the quantum key based on the quantum key, the quantum key is encrypted and packaged into the feedback short message, the feedback short message is sent to the terminal equipment through the short message gateway, and the terminal equipment receives the feedback short message through the short message gateway, so that the transmission security of the quantum key is ensured. After receiving the feedback short message, the terminal equipment decrypts the feedback short message, so that a quantum key can be obtained, and efficient and safe quantum key filling through the reporting and issuing of the short message is realized.
In one implementation mode, the quantum key filling method can further comprise the step of receiving a preset quantum key sent by the quantum security service platform through the short message gateway.
In the embodiment of the application, the quantum security service platform can send a quantum key generated based on a quantum key application short message to the terminal equipment through the short message gateway, and can send a preset quantum key to the terminal equipment through the short message gateway, wherein the preset quantum key is preset in the quantum security service platform in advance, and is a quantum key, such as a quantum key application key and a quantum key session key, required by a user when using an application for interaction, the preset quantum key is generated in real time without the quantum security service platform according to the quantum key application short message of the receiving terminal equipment, and when the terminal equipment needs the preset quantum key, the terminal equipment directly obtains the preset quantum key from the quantum security service platform through the short message gateway, so that the issuing efficiency of the quantum key is improved.
In one implementation, the quantum key comprises at least one quantum key type. After the quantum key is stored in the preset storage unit in step 106, the method further includes the following steps.
Step 1081, determining, according to data information of the data to be transmitted, a target quantum key corresponding to the data information from the preset quantum key and the quantum key of the at least one quantum key type.
The data information of the data to be transmitted comprises an application scene of the data to be transmitted, and the data to be transmitted is processed by selecting a quantum key matched with the application scene.
And step 1082, encrypting and decrypting or authenticating the data to be transmitted according to the target quantum key.
In the embodiment of the application, the terminal equipment receives the quantum key generated based on the quantum key application short message sent by the quantum security service platform through the short message gateway and also receives the preset quantum key sent by the quantum security service platform, so that for data to be transmitted, a target quantum key corresponding to the data information is determined from the preset quantum key and the quantum key of at least one quantum key type according to the data information, and encryption and decryption or authentication can be carried out on the data to be transmitted according to the proper target quantum key.
Fig. 3 shows a flow chart of a quantum key filling method according to an embodiment of the present application, where the method is applied to a quantum security service platform. Referring to fig. 3, the method may include the following steps.
And step 302, receiving a quantum key application short message sent by the terminal equipment through a short message gateway.
The short message gateway receives a quantum key application short message which is reported by the terminal equipment and comprises card information of the SIM card and quantum key application information, verifies the card information of the SIM card and the quantum key application information in the quantum key application short message, and after the verification is passed, resends the quantum key application short message to the quantum security service platform.
And step 304, generating a quantum key based on the quantum key application short message.
The quantum security service platform determines an application party of the quantum key according to card information of the SIM card in the quantum key application short message, so as to bind the application party and issue the generated quantum key. The quantum security service platform obtains information required by generating a quantum key according to quantum key application information in the quantum key application short message, so as to be used for generating the quantum key.
And step 306, sending the quantum key to the terminal equipment through the short message gateway.
In the embodiment of the application, the quantum security service platform receives the quantum key application short message sent by the terminal equipment through the short message gateway, generates the quantum key based on the quantum key application short message, and then sends the generated quantum key to the terminal equipment through the short message gateway, so that the terminal equipment stores the received quantum key in the preset storage unit, thereby realizing efficient and safe quantum key charging on line without manual participation.
In one implementation manner, the quantum key application short message includes card information and quantum key application information of the SIM card of the terminal device, and before the quantum key is generated based on the quantum key application short message in step 304, the method further includes the following steps.
Step 3031, performing information verification on the card information of the SIM card and the quantum key application information based on the pre-recorded related information of the terminal equipment.
The pre-entered related information of the terminal device may be manually entered, where the related information includes user information and terminal device information, such as personal information represented by a name and an identity card of a user, mobile phone number operator information, department and role information, international mobile equipment identity (International Mobile Equipment Identity, IMEI) mobile terminal information, international mobile subscriber identity (International Mobile Subscriber Identification, IMSI) and SIM card identity information represented by an integrated circuit card identity (INTEGRATE CIRCUIT CARD IDENTITY, ICCID), and the like.
Step 3032, if the information verification passes, a binding relationship is established with the SIM card according to the card information of the SIM card.
In the embodiment of the application, before the quantum security service platform generates the quantum key based on the quantum key application short message, the information verification is carried out on the received card information of the SIM card of the terminal equipment and the quantum key application information according to the pre-recorded related information of the terminal equipment, namely, the identity of a requester of the quantum key and the authenticity and integrity of the quantum key application information are confirmed by comparing and checking the pre-recorded related information of the terminal equipment and the received information in the quantum key application short message, so that the safety of quantum key filling is ensured. Under the condition that the information verification is passed, the quantum security service platform establishes a binding relation with the SIM card of the terminal equipment according to the received card information of the SIM card, thereby determining a requesting party for issuing the quantum key and ensuring the accuracy of issuing the quantum key.
In one implementation, the quantum key application short message includes quantum key application information. The step 304 of generating a quantum key based on the quantum key application message includes generating a quantum key of at least one quantum key type according to the quantum key application message.
In the embodiment of the application, the quantum security service platform generates a quantum key required by terminal equipment of at least one quantum key type according to quantum key application information, for example, a quantum key user key associated with personal information represented by a name, an identity card and a mobile phone number of a user, and for example, a quantum key equipment key associated with terminal equipment information such as IMEI, IMSI, ICCID.
In one implementation, the step 306 sends the quantum key to the terminal device through the sms gateway, including the following steps.
Step 3061, encrypting and packaging the quantum key into a feedback short message.
The structure of the feedback short message of the quantum key is shown in fig. 4a, and includes a downlink short message header, an application command security field, and an application command message. The structure of the application command message is shown in fig. 4b, and the field definition of each parameter of the application data of the application command message is shown in table 2.
Table 2.
Step 3062, sending the feedback short message to the terminal device through the short message gateway.
In the embodiment of the application, the quantum security service platform receives the quantum key application short message sent by the terminal equipment through the short message gateway, generates the quantum key based on the quantum key application short message, encrypts and packages the generated quantum key into the feedback short message, and then sends the feedback short message to the terminal equipment through the short message gateway, thereby ensuring the safety of sending the feedback short message comprising the quantum key.
In one implementation, the method for filling the quantum key may further include sending a preset quantum key to the terminal device through the short message gateway.
In the embodiment of the application, the quantum security service platform can send a quantum key generated based on a quantum key application short message to the terminal equipment through the short message gateway, and can send a preset quantum key to the terminal equipment through the short message gateway, wherein the preset quantum key is preset in the quantum security service platform in advance, and is a quantum key, such as a quantum key application key and a quantum key session key, required by a user when the user uses an application to interact, when the terminal equipment needs the preset quantum key, the quantum security service platform sends the preset quantum key to the terminal equipment through the short message gateway, and the preset quantum key does not need the quantum security service platform to generate in real time according to the quantum key application short message of the receiving terminal equipment, so that the issuing efficiency of the quantum key is improved.
Fig. 5 shows a schematic structural diagram of a quantum key filling system according to an embodiment of the present application, and referring to fig. 5, the system 500 includes a terminal device 51, a quantum security service platform 52, and a short message gateway 53. The terminal equipment is provided with a SIM card, wherein the SIM card is a smart card supporting the ISO/IEC7816-4 specification and 3GPPTS31.111 specification, and the specific expression form is an instruction supporting an application protocol data unit (Application Protocol Data Unit, APDU) and supporting a connection-oriented bearer independent protocol (Bearer Independent Protocol, BIP).
The method comprises the steps that the terminal equipment 51 sends a quantum key application short message to the quantum security service platform 52 through the short message gateway 53, the quantum security service platform 52 receives the quantum key application short message sent by the terminal equipment 51 through the short message gateway 53, generates a quantum key based on the quantum key application short message, sends the quantum key to the terminal equipment 51 through the short message gateway 53, and the terminal equipment 51 receives the quantum key sent by the quantum security service platform 52 through the short message gateway 53 and stores the quantum key in a preset storage unit.
In one implementation manner, the quantum key application short message includes card information and quantum key application information of a SIM card, the terminal device 51 encrypts the card information and the quantum key application information of the SIM card, and packages the encrypted card information and quantum key application information of the SIM card into the quantum key application short message.
In one implementation manner, the terminal device 51 receives a feedback short message sent by the quantum security service platform 52 through the short message gateway 53, where the feedback short message is obtained by encrypting and packaging the generated quantum key by the quantum security service platform, and decrypts the feedback short message to obtain the quantum key.
In one implementation manner, the terminal device 51 receives, through the sms gateway 53, a preset quantum key sent by the quantum security service platform 52.
In one implementation, the quantum key comprises at least one quantum key type. The terminal device 51 determines a target quantum key corresponding to the data information from the preset quantum key and the quantum key of the at least one quantum key type according to the data information of the data to be transmitted, and encrypts, decrypts or authenticates the data to be transmitted according to the target quantum key.
In one implementation, the quantum key application short message includes card information and quantum key application information of a SIM card of the terminal device. The quantum security service platform 52 performs information verification on the card information of the SIM card and the quantum key application information based on the pre-entered related information of the terminal device 51, and establishes a binding relationship with the SIM card according to the card information of the SIM card if the information verification passes.
In one implementation, the quantum key application short message includes quantum key application information. The quantum security service platform 52 generates a quantum key of at least one quantum key type from the quantum key application information.
In one implementation, the quantum security service platform 52 encrypts and packages the quantum key into a feedback short message, and sends the feedback short message to the terminal device 51 through the short message gateway 53.
In one implementation, the quantum security service platform 52 sends a preset quantum key to the terminal device 51 through the sms gateway 53.
Fig. 6 shows a schematic flow chart of another quantum key filling method according to an embodiment of the present application, which can be applied to the quantum key filling system shown in fig. 5, and referring to fig. 6, the method includes the following steps.
In step 601, the terminal device triggers a quantum key application, and the SIM card application reports card information and quantum key application information to the short message gateway.
When the terminal equipment needs to acquire a new quantum key, a quantum key application request is actively initiated, the mobile terminal triggers an SIM card application, the SIM card application acquires card information, the card information and the quantum key application information are encrypted, and the card information and the quantum key application information are packed into a safe data packet and reported to a short message gateway.
And 602, the short message gateway receives the reported short message and uploads the reported short message to the quantum security service platform.
The short message gateway receives the information containing the quantum key application information and the card information of the SIM card, which are reported by the terminal equipment, verifies the information, and sends the quantum key application information and the card information of the SIM card to the quantum security service platform after the verification. Through the checking and forwarding operation of the short message gateway, the quantum key application information can be safely and reliably uploaded to the quantum security service platform, and necessary support is provided for the subsequent quantum key generation and distribution flow.
And 603, the quantum security service platform performs information verification, builds a binding relationship and completes generation of a quantum key.
The quantum security service platform receives the reported short message uploaded by the short message gateway, compares and verifies the pre-input information with the received quantum key application information and the card information of the SIM card, verifies the information in the reported short message, ensures the authenticity and the integrity of the information, and establishes a binding relationship according to the SIM card identification information and the mobile phone number after the verification is completed, and the process can be realized through a relevant unit of a user service information module of the quantum security service platform shown in fig. 7.
After the binding relationship is established, the quantum security service platform generates a quantum key type and a quantum key required by a user according to the application information, for example, a quantum key user key associated with personal information represented by a name, an identity card and a mobile phone number of the user, and for example, a quantum key device key associated with terminal device information such as IMEI, IMSI, ICCID.
And step 604, the quantum security service platform sends a feedback short message to the terminal equipment of the SIM card with the established binding relationship through the short message gateway.
After the quantum security service platform generates the quantum key, the generated quantum key, such as a quantum key user key and a quantum key device key, is encrypted and then is sent to the terminal device of the SIM card with the established binding relationship through the short message gateway. And sending a quantum key application key and a quantum key session key which are required by a user preset in advance when using application interaction to terminal equipment of the SIM card with the established binding relationship through the short message gateway.
Step 605, the SIM card of the terminal device analyzes the received feedback short message to obtain the quantum key and writes it into storage.
After receiving the feedback short message, the terminal device can decrypt the feedback short message by using a decryption algorithm built in the SIM card, thereby obtaining and storing the quantum key.
In the embodiment of the application, the terminal equipment reports quantum key application information to the quantum security service platform in a short message mode through the short message gateway, the quantum security service platform stores the received quantum key through the quantum key generated based on the quantum key application information under the short message mode through the short message gateway, and therefore, the efficient and safe quantum key charging on line without manual participation is realized.
The embodiment of the application also provides an electronic device for executing the quantum key filling method, and fig. 8 is a schematic structural diagram of the electronic device for implementing the embodiments of the application. The electronic device may have a relatively large difference due to different configurations or performances, and may include a processor (processor) 801, a communication interface (Communications Interface) 802, a memory (memory) 803, and a communication bus 804, where the processor 801, the communication interface 802, and the memory 803 complete communication with each other through the communication bus 804. The processor 801 may invoke a computer program stored in the memory 803 and executable on the processor 801 to perform the steps of the quantum key filling method embodiment described above and achieve the same technical effects, and for avoiding repetition, the description is omitted here.
It should be noted that, the electronic device in the embodiment of the present application includes a server, a terminal, or other devices except the terminal.
The above electronic device structure does not constitute a limitation of the electronic device, and the electronic device may include more or less components than illustrated, or may combine some components, or may be different in arrangement of components, for example, an input unit, may include a graphics processor (Graphics Processing Unit, GPU) and a microphone, and a display unit may configure a display panel in the form of a liquid crystal display, an organic light emitting diode, or the like. The user input unit includes at least one of a touch panel and other input devices. Touch panels are also known as touch screens. Other input devices may include, but are not limited to, a physical keyboard, function keys (e.g., volume control keys, switch keys, etc.), a trackball, a mouse, a joystick, and so forth, which are not described in detail herein.
The memory may be used to store software programs as well as various data. The memory may mainly include a first memory area storing programs or instructions and a second memory area storing data, wherein the first memory area may store an operating system, application programs or instructions (such as a sound playing function, an image playing function, etc.) required for at least one function, and the like. Further, the memory may include volatile memory or nonvolatile memory, or the memory may include both volatile and nonvolatile memory. The nonvolatile Memory may be a Read-Only Memory (ROM), a Programmable ROM (PROM), an Erasable PROM (EPROM), an Electrically Erasable EPROM (EEPROM), or a flash Memory. The volatile memory may be random access memory (Random Access Memory, RAM), static random access memory (STATIC RAM, SRAM), dynamic random access memory (DYNAMIC RAM, DRAM), synchronous Dynamic Random Access Memory (SDRAM), double data rate Synchronous dynamic random access memory (Double DATA RATE SDRAM, DDRSDRAM), enhanced Synchronous dynamic random access memory (ENHANCED SDRAM, ESDRAM), synchronous link dynamic random access memory (SYNCH LINK DRAM, SLDRAM), and Direct random access memory (DRRAM).
The processor may include one or more processing units and, optionally, the processor integrates an application processor that primarily processes operations involving an operating system, user interface, application program, etc., and a modem processor that primarily processes wireless communication signals, such as a baseband processor. It will be appreciated that the modem processor described above may not be integrated into the processor.
The embodiment of the application also provides a readable storage medium, on which a program or an instruction is stored, which when executed by a processor, implements each process of the above quantum key filling method embodiment, and can achieve the same technical effects, and in order to avoid repetition, a detailed description is omitted here.
Wherein the processor is a processor in the electronic device described in the above embodiment. The readable storage medium includes a computer readable storage medium such as a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a magnetic disk or an optical disk, and the like.
The embodiment of the application further provides a chip, which comprises a processor and a communication interface, wherein the communication interface is coupled with the processor, and the processor is used for running programs or instructions to realize the processes of the quantum key filling method embodiment, and the same technical effects can be achieved, so that repetition is avoided, and the description is omitted here.
It should be understood that the chips referred to in the embodiments of the present application may also be referred to as system-on-chip chips, chip systems, or system-on-chip chips, etc.
The embodiments of the present application further provide a computer program product, where the computer program product includes a computer program stored on a non-transitory computer readable storage medium, where the computer program includes a program or an instruction, where the program or the instruction when executed implement each process of the above-mentioned quantum key filling method embodiment, and the process may achieve the same technical effect, and for avoiding repetition, a description is omitted herein.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element. Furthermore, it should be noted that the scope of the methods and apparatus in the embodiments of the present application is not limited to performing the functions in the order shown or discussed, but may also include performing the functions in a substantially simultaneous manner or in an opposite order depending on the functions involved, e.g., the described methods may be performed in an order different from that described, and various steps may be added, omitted, or combined. Additionally, features described with reference to certain examples may be combined in other examples.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) comprising instructions for causing a terminal (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to perform the method according to the embodiments of the present application.
The embodiments of the present application have been described above with reference to the accompanying drawings, but the present application is not limited to the above-described embodiments, which are merely illustrative and not restrictive, and many forms may be made by those having ordinary skill in the art without departing from the spirit of the present application and the scope of the claims, which are to be protected by the present application.