WO2024139740A1 - Key generation method and apparatus, device, system, and medium - Google Patents

Abstract

The present application relates to the technical field of information security, and discloses a key generation method and apparatus, a device, a system, and a medium. The method comprises: a first communication device acquiring first indication information and noise-containing second negotiation data that are sent by a second communication device, wherein the first indication information is used for indicating the bit positions of inconsistent data in a first data set and a second data set, the first data set comprises data, corresponding to a first bit position set, in noise-containing first negotiation data received by the second communication device, and the second data set comprises data, corresponding to the first bit position set, in the second negotiation data; on the basis of the first negotiation data, the noise-containing second negotiation data, and the first indication information, determining first inconsistent information; and on the basis of the first inconsistent information, generating a first key.

Description

密钥生成方法、装置、设备、***及介质Key generation method, device, equipment, system and medium

本申请要求于2022年12月29日提交的申请号为202211714544.5、发明名称为“密钥生成方法、装置、设备、***及介质”的中国专利申请的优先权，其全部内容通过引用结合在本申请中。This application claims priority to Chinese patent application No. 202211714544.5, filed on December 29, 2022, with invention name “Key generation method, device, equipment, system and medium”, the entire contents of which are incorporated by reference into this application.

技术领域Technical Field

本申请涉及信息安全技术领域，特别涉及一种密钥生成方法、装置、设备、***及介质。The present application relates to the field of information security technology, and in particular to a key generation method, device, equipment, system and medium.

背景技术Background technique

密钥分发是通信安全中的一个重要环节。通过密钥分发使得通信双方获得一致的密钥，从而能够利用密钥对通信双方之间传输的信息进行加密和解密。Key distribution is an important part of communication security. Through key distribution, both parties can obtain the same key, so that they can use the key to encrypt and decrypt the information transmitted between the two parties.

相关技术中，第一通信设备向第二通信设备发送第一协商数据，第二通信设备接收含噪声的第一协商数据。第二通信设备将第二协商数据发送给第一通信设备，该第二协商数据包含该含噪声的第一协商数据。第一通信设备比较接收到的含噪声的第二协商数据和自己发送给第二通信设备的第一协商数据，并基于比较结果，生成第一密钥。In the related art, a first communication device sends first negotiation data to a second communication device, and the second communication device receives the first negotiation data containing noise. The second communication device sends second negotiation data to the first communication device, and the second negotiation data includes the first negotiation data containing noise. The first communication device compares the received second negotiation data containing noise with the first negotiation data sent to the second communication device, and generates a first key based on the comparison result.

然而，由于第二通信设备需要将接收到的含噪声的第一协商数据发送给第一通信设备，所以第一协商数据在第一通信设备和第二通信设备之间进行了环回，生成第一密钥过程中需要传输的数据量较大。However, since the second communication device needs to send the received first negotiation data containing noise to the first communication device, the first negotiation data is looped back between the first communication device and the second communication device, and the amount of data that needs to be transmitted in the process of generating the first key is large.

发明内容Summary of the invention

本申请提供了一种密钥生成方法、装置、设备、***及介质，第二通信设备无需将接收到的含噪声的第一协商数据发送给第一通信设备，减少了密钥生成过程中需要传输的数据量。The present application provides a key generation method, apparatus, device, system and medium. The second communication device does not need to send the received first negotiation data containing noise to the first communication device, thereby reducing the amount of data that needs to be transmitted during the key generation process.

第一方面，提供了一种密钥生成方法。该方法包括：第一通信设备向第二通信设备发送第一协商数据；获取第一指示信息和含噪声的第二协商数据，所述第一指示信息和所述第二协商数据是所述第二通信设备发送的，所述第一指示信息用于指示第一数据集合和第二数据集合中不一致数据的比特位置，所述第一数据集合包括所述第二通信设备接收到的含噪声的第一协商数据中第一比特位置集合对应的数据，所述第二数据集合包括所述第二协商数据中所述第一比特位置集合对应的数据；基于所述第一协商数据、所述含噪声的第二协商数据和所述第一指示信息，确定第一不一致信息，所述第一不一致信息用于描述第三数据集合和第四数据集合中与第二比特位置集合对应的不一致数据的相关信息，所述第三数据集合包括所述第一协商数据中所述第一比特位置集合对应的数据，所述第四数据集合包括所述含噪声的第二协商数据中所述第一比特位置集合对应的数据，所述第二比特位置集合包括所述第一比特位置集合中除了所述第一指示信息所指示的比特位置之外的比特位置；基于所述第一不一致信息生成第一密钥。In a first aspect, a key generation method is provided. The method includes: a first communication device sends first negotiation data to a second communication device; obtains first indication information and second negotiation data containing noise, the first indication information and the second negotiation data are sent by the second communication device, the first indication information is used to indicate the bit positions of inconsistent data in the first data set and the second data set, the first data set includes data corresponding to the first bit position set in the first negotiation data containing noise received by the second communication device, and the second data set includes data corresponding to the first bit position set in the second negotiation data; based on the first negotiation data, the second negotiation data containing noise and the first indication information, determine first inconsistency information, the first inconsistency information is used to describe relevant information of inconsistent data corresponding to the second bit position set in a third data set and a fourth data set, the third data set includes data corresponding to the first bit position set in the first negotiation data, the fourth data set includes data corresponding to the first bit position set in the second negotiation data containing noise, and the second bit position set includes bit positions in the first bit position set except the bit positions indicated by the first indication information; and generates a first key based on the first inconsistency information.

其中，所述噪声是由所述第一通信设备、所述第二通信设备以及所述第一通信设备和所述第二通信设备之间的传输链路中的至少一处引入的噪声。The noise is noise introduced by at least one of the first communication device, the second communication device, and a transmission link between the first communication device and the second communication device.

在本申请中，第二通信设备无需将接收到的含噪声的第一协商数据再次发送给第一通信设备，而是将用于指示第一数据集合和第二数据集合中不一致数据的比特位置的第一指示信息发送给第一通信设备，从而实现第一通信设备到第二通信设备再到第一通信设备的逻辑环回。第一通信设备只需要进行一次协商数据的接收和发送，有利于减小密钥分发过程所需传输的数据量。In the present application, the second communication device does not need to send the received first negotiation data containing noise to the first communication device again, but sends the first indication information for indicating the bit position of inconsistent data in the first data set and the second data set to the first communication device, thereby realizing a logical loopback from the first communication device to the second communication device and then to the first communication device. The first communication device only needs to receive and send the negotiation data once, which is conducive to reducing the amount of data required to be transmitted during the key distribution process.

在本申请中，第二通信设备向第一通信设备发送第一指示信息，且该第一指示信息用于指示第一数据集合和第二数据集合中不一致数据的比特位置。由于第一数据集合包括第二通信设备接收到的含噪声的第一协商数据中第一比特位置集合对应的数据，所以第一数据集合和第二数据集合中的一致数据与噪声N1的影响相关。该噪声N1包括第一通信设备内部、第二通信设备内部以及从第一通信设备到第二通信设备的传输链路上的噪声。第二通信设备将第一指示信息发送给第一通信设备，相当于第二通信设备将第一数据集合和第二数据集合中的一致数据作为含噪声的协商数据发送给了第一通信设备，从而第一通信设备能够获知第二比特位置集合对应的数据受到噪声N1影响的相关信息。In the present application, the second communication device sends a first indication message to the first communication device, and the first indication message is used to indicate the bit positions of inconsistent data in the first data set and the second data set. Since the first data set includes the data corresponding to the first bit position set in the noisy first negotiation data received by the second communication device, the consistent data in the first data set and the second data set are related to the influence of noise N1. The noise N1 includes noise inside the first communication device, inside the second communication device, and on the transmission link from the first communication device to the second communication device. The second communication device sends the first indication message to the first communication device, which is equivalent to the second communication device sending the consistent data in the first data set and the second data set as noisy negotiation data to the first communication device, so that the first communication device can obtain relevant information that the data corresponding to the second bit position set is affected by noise N1.

而第四数据集合包括含噪声的第二协商数据中第一比特位置集合对应的数据，所以第四数据集合中的 数据包含了噪声N2的影响，该噪声N2包括第一通信设备内部、第二通信设备内部以及从第二通信设备到第一通信设备的传输链路上的噪声。因此，第三数据集合和第四数据集合中与第二比特位置集合对应的数据相关的第一不一致性信息，同时反应了噪声N1和噪声N2的特征。第一通信设备基于第一不一致性信息生成第一密钥，即可实现基于噪声的特征生成第一密钥。The fourth data set includes data corresponding to the first bit position set in the second negotiation data containing noise, so The data includes the influence of noise N2, which includes noise inside the first communication device, inside the second communication device, and on the transmission link from the second communication device to the first communication device. Therefore, the first inconsistency information related to the data corresponding to the second bit position set in the third data set and the fourth data set reflects the characteristics of noise N1 and noise N2 at the same time. The first communication device generates the first key based on the first inconsistency information, which can realize the generation of the first key based on the characteristics of the noise.

在一些示例中，所述第一不一致信息采用以下方式确定：先分别对所述第三数据集合和所述第四数据集合中的数据进行分组，得到多对数据组，所述多对数据组中的任一对数据组包括第一数据组和第二数据组，所述第一数据组属于所述第三数据集合，所述第二数据组属于所述第四数据集合，所述第一数据组和所述第二数据组均包括在所述第一比特位置集合中相邻的M个比特位置对应的数据，且所述第一数据组和所述第二数据组对应的M个比特位置相同，其中，M为整数且M大于1；然后，根据所述第一指示信息，确定所述任一对数据组的数据不一致率或者数据一致率。第一不一致信息即为确定出的多对数据组的数据不一致率或者数据一致率组成的序列。示例性地，M大于或者等于2，并且，M小于第一协商数据的长度的1/2。In some examples, the first inconsistency information is determined in the following manner: first, the data in the third data set and the fourth data set are grouped respectively to obtain multiple pairs of data groups, any pair of data groups in the multiple pairs of data groups includes a first data group and a second data group, the first data group belongs to the third data set, the second data group belongs to the fourth data set, the first data group and the second data group both include data corresponding to M adjacent bit positions in the first bit position set, and the M bit positions corresponding to the first data group and the second data group are the same, where M is an integer and M is greater than 1; then, according to the first indication information, the data inconsistency rate or data consistency rate of any pair of data groups is determined. The first inconsistency information is a sequence of data inconsistency rates or data consistency rates of the multiple pairs of data groups determined. Exemplarily, M is greater than or equal to 2, and M is less than 1/2 of the length of the first negotiation data.

这里，将多对数据组的数据不一致率或者数据一致率作为第一不一致信息，能够反应噪声随时间的变化，有利于提高第一密钥的随机性。Here, using the data inconsistency rate or data consistency rate of multiple pairs of data groups as the first inconsistency information can reflect the change of noise over time, which is beneficial to improving the randomness of the first key.

对于任一对数据组，对应的数据不一致率可以为所述第一数据组和所述第二数据组中，不一致的有效数据数量与总有效数据数量的比值。而数据一致率可以为所述第一数据组和所述第二数据组中，一致的有效数据数量与总有效数据数量的比值。其中，所述有效数据为所述第一数据组和所述第二数据组中，所述第二比特位置集合对应的数据。对于同一对数据组，数据不一致率与数据一致率之和等于1。For any pair of data groups, the corresponding data inconsistency rate can be the ratio of the number of inconsistent valid data to the total number of valid data in the first data group and the second data group. The data consistency rate can be the ratio of the number of consistent valid data to the total number of valid data in the first data group and the second data group. The valid data is the data corresponding to the second bit position set in the first data group and the second data group. For the same pair of data groups, the sum of the data inconsistency rate and the data consistency rate is equal to 1.

示例性地，第一密钥通过对多对数据组的数据不一致率或者数据一致率进行量化得到。Exemplarily, the first key is obtained by quantifying data inconsistency rates or data consistency rates of multiple pairs of data groups.

可选地，所述方法还包括：基于所述第一协商数据和所述含噪声的第二协商数据，确定第二指示信息，所述第二指示信息用于指示第五数据集合和第六数据集合中不一致数据的比特位置，所述第五数据集合包括所述第一协商数据中第三比特位置集合对应的数据，所述第六数据集合包括含噪声的第二协商数据中所述第三比特位置集合对应的数据，所述第三比特位置集合与所述第一比特位置集合的交集为空集；向所述第二通信设备发送所述第二指示信息。Optionally, the method also includes: determining second indication information based on the first negotiation data and the noisy second negotiation data, the second indication information being used to indicate the bit positions of inconsistent data in a fifth data set and a sixth data set, the fifth data set including data corresponding to a third bit position set in the first negotiation data, the sixth data set including data corresponding to the third bit position set in the noisy second negotiation data, and the intersection of the third bit position set and the first bit position set being an empty set; and sending the second indication information to the second communication device.

这样，第二通信设备能够基于第二协商数据、含噪声的第一协商数据和第二指示信息，确定第二不一致信息。基于第二不一致信息生成第二密钥。其中，第二不一致信息用于描述第七数据集合和第八数据集合中与第四比特位置集合对应的不一致数据的相关信息，第七数据集合包括第二协商数据中第三比特位置集合对应的数据，第八数据集合包括含噪声的第一协商数据中第三比特位置集合对应的数据，第四比特位置集合包括第三比特位置集合中除了第二指示信息所指示的比特位置之外的比特位置。In this way, the second communication device can determine the second inconsistency information based on the second negotiation data, the first negotiation data containing noise, and the second indication information. The second key is generated based on the second inconsistency information. The second inconsistency information is used to describe the relevant information of the inconsistent data corresponding to the fourth bit position set in the seventh data set and the eighth data set, the seventh data set includes the data corresponding to the third bit position set in the second negotiation data, the eighth data set includes the data corresponding to the third bit position set in the first negotiation data containing noise, and the fourth bit position set includes the bit positions in the third bit position set except the bit positions indicated by the second indication information.

可选地，该方法还包括：在确定第二指示信息之前，第一通信设备比较第一协商数据和含噪声的第二协商数据的长度。如果第一协商数据和含噪声的第二协商数据的长度相同，则基于所述第一协商数据和所述含噪声的第二协商数据，确定第二指示信息。如果第一协商数据和含噪声的第二协商数据的长度不相同，则无需执行后续步骤。Optionally, the method further includes: before determining the second indication information, the first communication device compares the lengths of the first negotiation data and the second negotiation data containing noise. If the lengths of the first negotiation data and the second negotiation data containing noise are the same, the second indication information is determined based on the first negotiation data and the second negotiation data containing noise. If the lengths of the first negotiation data and the second negotiation data containing noise are not the same, there is no need to perform subsequent steps.

在第二协商数据的传输过程中如果出现数据丢失，则会导致第一协商数据和含噪声的第二协商数据的长度不相等，在这种情况下，确定出的第一指示信息不准确，会导致难以生成可用的密钥。因此，可以通过比较第一协商数据和含噪声的第二协商数据的长度，保证第一指示信息的准确度。If data loss occurs during the transmission of the second negotiation data, the lengths of the first negotiation data and the second negotiation data containing noise will be unequal. In this case, the determined first indication information is inaccurate, which makes it difficult to generate a usable key. Therefore, the accuracy of the first indication information can be guaranteed by comparing the lengths of the first negotiation data and the second negotiation data containing noise.

在一些示例中，所述第一比特位置集合包括奇数位的比特，第三比特位置集合包括偶数位的比特。在另一些示例中，所述第一比特位置集合包括偶数位的比特，第三比特位置集合包括技术为的比特。这样，第一比特位置集合中的比特位置与第三比特位置集合中的比特位置相邻。In some examples, the first bit position set includes bits of an odd number of positions, and the third bit position set includes bits of an even number of positions. In other examples, the first bit position set includes bits of an even number of positions, and the third bit position set includes bits of an even number of positions. Thus, the bit positions in the first bit position set are adjacent to the bit positions in the third bit position set.

由于每个待传输符号中携带协商数据的一个比特位置的数据，且每个待传输符号在一个时隙中发送，因此，协商数据中相邻比特位置的数据在相邻的时隙中传输。而由于相邻的时隙中噪声的相关性较高，即在一段时间内，通过奇数时隙和偶数时隙统计的噪声特性变化不大，所以第一通信设备根据偶数比特计算得到的数据不一致率和第二通信设备根据奇数比特计算得到的数据不一致率大概率是相同的，这样，第一通信设备生成的第一密钥和第二通信设备生成的第二密钥的相似度较高，有利于第一通信设备和第二通信设备快速获得相同的最终密钥。Since each symbol to be transmitted carries data at a bit position of the negotiation data, and each symbol to be transmitted is sent in a time slot, data at adjacent bit positions in the negotiation data are transmitted in adjacent time slots. Since the correlation of noise in adjacent time slots is high, that is, within a period of time, the noise characteristics statistically analyzed by odd time slots and even time slots do not change much, the data inconsistency rate calculated by the first communication device based on the even bits and the data inconsistency rate calculated by the second communication device based on the odd bits are most likely the same. In this way, the first key generated by the first communication device and the second key generated by the second communication device are highly similar, which is conducive to the first communication device and the second communication device quickly obtaining the same final key.

在一些示例中，所述获取含噪声的第二协商数据，包括：接收所述第二通信设备发送的信号，所述信号包括连续的多段子信号；分别向所述多段子信号添加高斯白噪声；对添加高斯白噪声之后的所述多段子 信号进行解密，得到所述含噪声的第二协商数据。In some examples, the acquiring of the second negotiation data containing noise includes: receiving a signal sent by the second communication device, the signal including a continuous multi-segment sub-signal; adding Gaussian white noise to the multi-segment sub-signal respectively; The signal is decrypted to obtain the second negotiation data containing noise.

通过向每段子信号添加高斯白噪声，可以进一步利用噪声掩盖密钥相关信息，提高密钥分发的安全性，使得除第一通信设备和第二通信设备之外的第三通信设备无法获得第一通信设备和第二通信设备之间的密钥。By adding Gaussian white noise to each sub-signal, the noise can be further used to mask key-related information, thereby improving the security of key distribution, so that a third communication device other than the first communication device and the second communication device cannot obtain the key between the first communication device and the second communication device.

第二方面，提供了一种密钥生成装置。该装置包括发送模块、获取模块、第一确定模块和生成模块。发送模块用于向第二通信设备发送第一协商数据。获取模块用于获取第一指示信息和含噪声的第二协商数据，所述第一指示信息和所述第二协商数据是所述第二通信设备发送的，所述第一指示信息用于指示第一数据集合和第二数据集合中不一致数据的比特位置，所述第一数据集合包括所述第二通信设备接收到的含噪声的第一协商数据中第一比特位置集合对应的数据，所述第二数据集合包括所述第二协商数据中所述第一比特位置集合对应的数据。第一确定模块用于基于所述第一协商数据、所述含噪声的第二协商数据和所述第一指示信息，确定第一不一致信息，所述第一不一致信息用于描述第三数据集合和第四数据集合中与第二比特位置集合对应的不一致数据的相关信息，所述第三数据集合包括所述第一协商数据中所述第一比特位置集合对应的数据，所述第四数据集合包括所述含噪声的第二协商数据中所述第一比特位置集合对应的数据，所述第二比特位置集合包括所述第一比特位置集合中除了所述第一指示信息所指示的比特位置之外的比特位置。生成模块用于基于所述第一不一致信息生成第一密钥。其中，所述噪声是由所述第一通信设备、所述第二通信设备以及所述第一通信设备和所述第二通信设备之间的传输链路中的至少一处引入的噪声。In a second aspect, a key generation device is provided. The device includes a sending module, an acquisition module, a first determination module and a generation module. The sending module is used to send first negotiation data to a second communication device. The acquisition module is used to acquire first indication information and second negotiation data containing noise, wherein the first indication information and the second negotiation data are sent by the second communication device, wherein the first indication information is used to indicate the bit positions of inconsistent data in the first data set and the second data set, wherein the first data set includes data corresponding to the first bit position set in the first negotiation data containing noise received by the second communication device, and the second data set includes data corresponding to the first bit position set in the second negotiation data. The first determination module is used to determine first inconsistency information based on the first negotiation data, the second negotiation data containing noise and the first indication information, wherein the first inconsistency information is used to describe relevant information of inconsistent data corresponding to the second bit position set in the third data set and the fourth data set, wherein the third data set includes data corresponding to the first bit position set in the first negotiation data, the fourth data set includes data corresponding to the first bit position set in the second negotiation data containing noise, and the second bit position set includes bit positions in the first bit position set except the bit positions indicated by the first indication information. The generation module is used to generate a first key based on the first inconsistency information. The noise is noise introduced by at least one of the first communication device, the second communication device, and a transmission link between the first communication device and the second communication device.

可选地，所述第一确定模块包括分组子模块和确定子模块。分组子模块用于分别对所述第三数据集合和所述第四数据集合中的数据进行分组，得到多对数据组，所述多对数据组中的任一对数据组包括第一数据组和第二数据组，所述第一数据组属于所述第三数据集合，所述第二数据组属于所述第四数据集合，所述第一数据组和所述第二数据组均包括在所述第一比特位置集合中相邻的M个比特位置对应的数据，且所述第一数据组和所述第二数据组对应的M个比特位置相同。确定子模块用于根据所述第一指示信息，确定所述任一对数据组的数据不一致率，得到所述第一不一致信息。其中，M为整数且M大于1。Optionally, the first determination module includes a grouping submodule and a determination submodule. The grouping submodule is used to group the data in the third data set and the fourth data set respectively to obtain multiple pairs of data groups, any pair of data groups in the multiple pairs of data groups includes a first data group and a second data group, the first data group belongs to the third data set, the second data group belongs to the fourth data set, the first data group and the second data group both include data corresponding to M adjacent bit positions in the first bit position set, and the M bit positions corresponding to the first data group and the second data group are the same. The determination submodule is used to determine the data inconsistency rate of any pair of data groups according to the first indication information to obtain the first inconsistency information. Wherein, M is an integer and M is greater than 1.

可选地，所述确定子模块用于将所述第一数据组和所述第二数据组中，不一致的有效数据数量与总有效数据数量的比值，作为数据不一致率。或者，所述确定子模块用于将所述第一数据组和所述第二数据组中，一致的有效数据数量与总有效数据数量的比值，作为数据一致率。其中，所述有效数据为所述第一数据组和所述第二数据组中，所述第二比特位置集合对应的数据。Optionally, the determination submodule is used to use the ratio of the number of inconsistent valid data to the total number of valid data in the first data group and the second data group as the data inconsistency rate. Alternatively, the determination submodule is used to use the ratio of the number of consistent valid data to the total number of valid data in the first data group and the second data group as the data consistency rate. The valid data is the data corresponding to the second bit position set in the first data group and the second data group.

可选地，所述生成模块用于分别对所述多对数据组的数据不一致率或者数据一致率进行量化，得到所述第一密钥。Optionally, the generating module is used to quantify the data inconsistency rate or the data consistency rate of the multiple pairs of data groups respectively to obtain the first key.

可选地，所述装置还包括第二确定模块。第二确定模块用于基于所述第一协商数据和所述含噪声的第二协商数据，确定第二指示信息。所述第二指示信息用于指示第五数据集合和第六数据集合中不一致数据的比特位置，所述第五数据集合包括所述第一协商数据中第三比特位置集合对应的数据，所述第六数据集合包括含噪声的第二协商数据中所述第三比特位置集合对应的数据，所述第三比特位置集合与所述第一比特位置集合的交集为空集。所述发送模块还用于向所述第二通信设备发送所述第二指示信息。Optionally, the device further includes a second determination module. The second determination module is used to determine second indication information based on the first negotiation data and the second negotiation data containing noise. The second indication information is used to indicate the bit positions of inconsistent data in the fifth data set and the sixth data set, the fifth data set includes data corresponding to the third bit position set in the first negotiation data, the sixth data set includes data corresponding to the third bit position set in the second negotiation data containing noise, and the intersection of the third bit position set and the first bit position set is an empty set. The sending module is also used to send the second indication information to the second communication device.

可选地，所述获取模块包括接收子模块、添加子模块和解密子模块。接收子模块用于接收所述第二通信设备发送的信号，所述信号包括连续的多段子信号。添加子模块用于分别向所述多段子信号添加高斯白噪声。解密子模块用于对添加高斯白噪声之后的所述多段子信号进行解密，得到所述含噪声的第二协商数据。Optionally, the acquisition module includes a receiving submodule, an adding submodule and a decryption submodule. The receiving submodule is used to receive a signal sent by the second communication device, wherein the signal includes a continuous multi-segment sub-signal. The adding submodule is used to add Gaussian white noise to the multi-segment sub-signals respectively. The decryption submodule is used to decrypt the multi-segment sub-signals after adding Gaussian white noise to obtain the second negotiation data containing the noise.

第三方面，提供了一种通信设备，所述通信设备包括处理器和存储器；所述存储器用于存储软件程序，所述处理器通过执行存储在所述存储器内的软件程序，以使得所述通信设备实现第一方面的任一种可能的实施方式的方法。According to a third aspect, a communication device is provided, comprising a processor and a memory; the memory is used to store a software program, and the processor executes the software program stored in the memory so that the communication device implements any possible implementation method of the first aspect.

第四方面，提供了一种计算机可读存储介质，所述计算机可读存储介质存储有计算机指令，当计算机可读存储介质中的计算机指令被计算机设备执行时，使得计算机设备执行第一方面的任一种可能的实施方式的方法。In a fourth aspect, a computer-readable storage medium is provided, wherein the computer-readable storage medium stores computer instructions. When the computer instructions in the computer-readable storage medium are executed by a computer device, the computer device executes a method of any possible implementation of the first aspect.

第五方面，提供了一种通信***。所述通信***包括前述第一通信设备和前述第二通信设备，所述第一通信设备和所述第二通信设备之间通过传输链路连接。In a fifth aspect, a communication system is provided, wherein the communication system comprises the aforementioned first communication device and the aforementioned second communication device, wherein the first communication device and the second communication device are connected via a transmission link.

第六方面，提供了一种包含指令的计算机程序产品，当其在计算机设备上运行时，使得计算机设备执 行上述第一方面的任一种可能的实施方式的方法。In a sixth aspect, there is provided a computer program product comprising instructions, which, when executed on a computer device, causes the computer device to execute A method for implementing any possible implementation of the first aspect above.

第七方面，提供了一种芯片，包括处理器，处理器用于从存储器中调用并运行所述存储器中存储的指令，使得安装有所述芯片的通信设备执行上述第一方面的任一种可能的实施方式中的方法。In a seventh aspect, a chip is provided, comprising a processor, wherein the processor is used to call and execute instructions stored in a memory from the memory, so that a communication device equipped with the chip executes a method in any possible implementation manner of the above-mentioned first aspect.

第八方面，提供另一种芯片，包括：输入接口、输出接口、处理器和存储器，所述输入接口、输出接口、所述处理器以及所述存储器之间通过内部连接通路相连，所述处理器用于执行所述存储器中的代码，当所述代码被执行时，所述处理器用于执行上述第一方面的任一种可能的实施方式中的方法。In an eighth aspect, another chip is provided, comprising: an input interface, an output interface, a processor and a memory, wherein the input interface, the output interface, the processor and the memory are connected via an internal connection path, and the processor is used to execute the code in the memory. When the code is executed, the processor is used to execute the method in any possible implementation manner of the above-mentioned first aspect.

附图说明BRIEF DESCRIPTION OF THE DRAWINGS

图1是本申请实施例提供的一种光通信***的结构示意图；FIG1 is a schematic diagram of the structure of an optical communication system provided in an embodiment of the present application;

图2是本申请实施例提供的一种密钥生成方法的流程示意图；FIG2 is a schematic diagram of a flow chart of a key generation method provided in an embodiment of the present application;

图3是本申请实施例提供的一种密钥生成方法的一个实例的过程示意图；FIG3 is a schematic diagram of a process of an example of a key generation method provided in an embodiment of the present application;

图4是本申请实施例提供的一种密钥生成装置的结构示意图；FIG4 is a schematic diagram of the structure of a key generation device provided in an embodiment of the present application;

图5是本申请实施例提供的一种计算机设备的结构示意图。FIG5 is a schematic diagram of the structure of a computer device provided in an embodiment of the present application.

具体实施方式Detailed ways

为了更好地理解本申请实施例提供的密钥生成方法，下面首先对本申请实施例提供的密钥生成方法所应用的光通信***进行说明。In order to better understand the key generation method provided in the embodiment of the present application, the optical communication system to which the key generation method provided in the embodiment of the present application is applied is first described below.

图1是本申请实施例提供的一种光通信***的结构示意图。如图1所示，该光通信***包括第一通信设备11和第二通信设备12，第一通信设备11与第二通信设备12通过传输链路13连接。传输链路13中通常包括光纤(例如标准单模光纤(standard single mode fiber，SSMF))等光传输介质，此外，还可以包括光放大器(例如掺饵光纤放大器(erbium-doped fiber amplifier，EDFA)等)、可变光衰减器(variable optical attenuator，VOA)和光连接器等光器件，本申请实施例对此不做限定。FIG1 is a schematic diagram of the structure of an optical communication system provided in an embodiment of the present application. As shown in FIG1 , the optical communication system includes a first communication device 11 and a second communication device 12, and the first communication device 11 and the second communication device 12 are connected via a transmission link 13. The transmission link 13 generally includes an optical transmission medium such as an optical fiber (such as a standard single mode fiber (SSMF)), and further, may include an optical amplifier (such as an erbium-doped fiber amplifier (EDFA)), a variable optical attenuator (VOA), an optical connector and other optical devices, which are not limited in the embodiment of the present application.

第一通信设备11用于通过传输链路13向第二通信设备12发送第一协商数据。第二通信设备12用于接收第一通信设备11发送的第一协商数据。由于在第一协商数据的传输过程中，第一通信设备11内部、第二通信设备12内部以及传输链路13均可能引入噪声，因此，第二通信设备12获取到的是含噪声的第一协商数据。The first communication device 11 is used to send the first negotiation data to the second communication device 12 through the transmission link 13. The second communication device 12 is used to receive the first negotiation data sent by the first communication device 11. Since noise may be introduced into the first communication device 11, the second communication device 12 and the transmission link 13 during the transmission of the first negotiation data, the second communication device 12 obtains the first negotiation data containing noise.

第二通信设备12用于通过传输链路13向第一通信设备11发送第二协商数据。第一通信设备用于接收第二通信设备发送的第一协商数据。同样地，由于在第二协商数据的传输过程中，第一通信设备11内部、第二通信设备12内部以及传输链路13均可能引入噪声，因此，第一通信设备11获取到的是含噪声的第二协商数据。The second communication device 12 is used to send the second negotiation data to the first communication device 11 through the transmission link 13. The first communication device is used to receive the first negotiation data sent by the second communication device. Similarly, since noise may be introduced into the first communication device 11, the second communication device 12, and the transmission link 13 during the transmission of the second negotiation data, the first communication device 11 obtains the second negotiation data containing noise.

第二通信设备12用于根据发送的第二协商数据和含噪声的第一协商数据，确定第一指示信息；并向第一通信设备11发送第一指示信息。第一通信设备11用于根据第一协商数据、含噪声的第二协商数据和该第一指示信息，生成第一密钥。其中，第一指示信息用于指示第二协商数据和含噪声的第一协商数据中对应第一比特位置集合的数据的一致性。The second communication device 12 is used to determine the first indication information according to the sent second negotiation data and the first negotiation data containing noise, and send the first indication information to the first communication device 11. The first communication device 11 is used to generate a first key according to the first negotiation data, the second negotiation data containing noise, and the first indication information. The first indication information is used to indicate the consistency of the data corresponding to the first bit position set in the second negotiation data and the first negotiation data containing noise.

第一通信设备11用于根据发送的第一协商数据和含噪声的第二协商数据，确定第二指示信息；并向第二通信设备12发送第二指示信息。第二通信设备12用于根据第二协商数据、含噪声的第一协商数据和该第二指示信息，生成第二密钥。其中，第二指示信息用于指示第一协商数据和含噪声的第二协商数据中对应第三比特位置集合的数据的一致性。The first communication device 11 is used to determine the second indication information according to the sent first negotiation data and the second negotiation data containing noise; and send the second indication information to the second communication device 12. The second communication device 12 is used to generate a second key according to the second negotiation data, the first negotiation data containing noise and the second indication information. The second indication information is used to indicate the consistency of the data corresponding to the third bit position set in the first negotiation data and the second negotiation data containing noise.

第一比特位置集合和第三比特位置集合分别包括多个比特位置，且第一比特位置集合和第三比特位置集合的交集为空集。示例性地，第一比特位置集合与第三比特位置集合的并集包含第一协商数据的所有比特位置。或者，第一比特位置集合与第三比特位置集合的并集包含第一协商数据中部分比特位置。在本申请实施例中，第一比特位置集合中的至少部分比特位置与第三比特位置集合中的至少部分比特位置在第一协商数据中的比特位置相邻。The first bit position set and the third bit position set respectively include multiple bit positions, and the intersection of the first bit position set and the third bit position set is an empty set. Exemplarily, the union of the first bit position set and the third bit position set includes all bit positions of the first negotiation data. Alternatively, the union of the first bit position set and the third bit position set includes some bit positions in the first negotiation data. In an embodiment of the present application, at least some of the bit positions in the first bit position set and at least some of the bit positions in the third bit position set are adjacent to the bit positions in the first negotiation data.

例如，第一比特位置集合包括偶数位的比特，第三比特位置集合包括奇数位的比特；或者，第一比特位置集合包括奇数位的比特，第三比特位置集合包括偶数位的比特。For example, the first bit position set includes even-numbered bits, and the third bit position set includes odd-numbered bits; or, the first bit position set includes odd-numbered bits, and the third bit position set includes even-numbered bits.

第一通信设备还用于根据第一协商数据、含噪声的第二协商数据和第一指示信息，生成第一密钥。第二通信设备12还用于根据第二协商数据、含噪声的第一协商数据和第二指示信息，生成第二密钥。 The first communication device is further configured to generate a first key according to the first negotiation data, the second negotiation data containing noise and the first indication information. The second communication device 12 is further configured to generate a second key according to the second negotiation data, the first negotiation data containing noise and the second indication information.

这里，第一指示信息和第二指示信息的确定方式以及第一密钥和第二密钥的生成过程参见下文中的方法实施例，在此省略详细描述。Here, the method for determining the first indication information and the second indication information and the process for generating the first key and the second key refer to the method embodiment below, and the detailed description is omitted here.

下面对第一通信设备11和第二通信设备12的结构进行简单描述。The structures of the first communication device 11 and the second communication device 12 are briefly described below.

在本申请实施例中，第一通信设备11和第二通信设备12均包括发送模块和接收模块。In the embodiment of the present application, the first communication device 11 and the second communication device 12 both include a sending module and a receiving module.

发送模块包括激光器111、调制器112、处理器113和数模转换器(digital to analog converter，DAC)114。处理器113用于输出数字信号，DAC114用于将该数字信号转换为模拟信号后输出至调制器112。调制器112用于将模拟信号调制到光载波上，生成光信号，并将光信号通过传输链路13发送给第二通信设备12。示例性地，该处理器113用于对协商数据进行加密以及映射等处理。本申请对发送模块中的各个器件的类型不做限制，可以根据实际需要选择，只要能够完成上述功能即可。在一些示例中，激光器111可以为外腔激光器(external cavity laser，ECL)等，调制器112可以为I/Q调制器等，处理器113可以为数字信号处理器(digital signal processor，DSP)等。The sending module includes a laser 111, a modulator 112, a processor 113 and a digital to analog converter (DAC) 114. The processor 113 is used to output a digital signal, and the DAC 114 is used to convert the digital signal into an analog signal and output it to the modulator 112. The modulator 112 is used to modulate the analog signal onto an optical carrier, generate an optical signal, and send the optical signal to the second communication device 12 through the transmission link 13. Exemplarily, the processor 113 is used to encrypt and map the negotiation data. The present application does not limit the type of each device in the sending module, and it can be selected according to actual needs as long as it can complete the above functions. In some examples, the laser 111 can be an external cavity laser (ECL), etc., the modulator 112 can be an I/Q modulator, etc., and the processor 113 can be a digital signal processor (DSP), etc.

接收模块包括光电转换电路121、模数转换器(analog to digital converter，ADC)122和处理器123。其中光电转换器件121用于将接收到的光信号转换为模拟电信号，ADC122用于将模拟电信号转换为数字电信号；处理器123用于对数字电信号进行处理，以生成对应的密钥。示例性地，该处理器123用于对数字电信号进行色散补偿、载波恢复、信道均衡、解密以及解调等处理，以得到接收符号序列，并从接收符号序列中获得含噪声的协商数据。The receiving module includes an optoelectronic conversion circuit 121, an analog to digital converter (ADC) 122 and a processor 123. The optoelectronic conversion device 121 is used to convert the received optical signal into an analog electrical signal, and the ADC 122 is used to convert the analog electrical signal into a digital electrical signal; the processor 123 is used to process the digital electrical signal to generate a corresponding key. Exemplarily, the processor 123 is used to perform dispersion compensation, carrier recovery, channel equalization, decryption, and demodulation on the digital electrical signal to obtain a received symbol sequence, and obtain noisy negotiation data from the received symbol sequence.

可选地，该光通信***可以为相干光通信***或者直调直检光通信***。当光通信***为相干光通信***时，光电转换电路121包括激光器、光混频器和光电探测器，激光器用于产生本振光信号，光混频器用于将本振光信号与从传输链路接收到的光信号进行混频，得到光混频信号。光电探测器用于将光混频信号转换为电信号。当光通信***为直调直检光通信***时，光电转换电路121包括光电探测器，该光电探测器用于将从传输链路接收到的光信号转换为电信号。Optionally, the optical communication system can be a coherent optical communication system or a direct modulation and direct detection optical communication system. When the optical communication system is a coherent optical communication system, the photoelectric conversion circuit 121 includes a laser, an optical mixer and a photodetector, the laser is used to generate a local oscillator optical signal, and the optical mixer is used to mix the local oscillator optical signal with the optical signal received from the transmission link to obtain an optical mixing signal. The photodetector is used to convert the optical mixing signal into an electrical signal. When the optical communication system is a direct modulation and direct detection optical communication system, the photoelectric conversion circuit 121 includes a photodetector, which is used to convert the optical signal received from the transmission link into an electrical signal.

图2是本申请实施例提供的一种密钥生成方法的流程示意图。如图2所示，该方法包括：FIG2 is a flow chart of a key generation method provided in an embodiment of the present application. As shown in FIG2 , the method includes:

201：第一通信设备向第二通信设备发送第一信号。201: A first communication device sends a first signal to a second communication device.

该第一信号携带有加密后的第一协商数据。The first signal carries encrypted first negotiation data.

示例性地，该步骤201包括以下三步：Exemplarily, step 201 includes the following three steps:

第一步、第一通信设备采用量子噪声流加密(quantum noise stream cipher，QNSC)技术对第一协商数据加密，得到加密后的第一协商数据；第二步、第一通信设备基于加密后的第一协商数据，生成第一信号；第三步、第一通信设备向第二通信设备发送该第一信号。The first step is that the first communication device encrypts the first negotiation data using quantum noise stream cipher (QNSC) technology to obtain the encrypted first negotiation data; the second step is that the first communication device generates a first signal based on the encrypted first negotiation data; the third step is that the first communication device sends the first signal to the second communication device.

第一步中，第一协商数据又称第一协商序列，是一串由0和1组成的二进制比特序列，例如，伪随机二进制序列(pseudo random binary sequence，PRBS)。第一协商数据的长度可以根据实际需要设置，本申请对此不做限制。例如，第一协商数据的长度为x比特(bit)，第一协商数据可以由第一通信设备中的随机数发生器产生。其中，x大于或者等于1000。例如，等于5000、6000等等。In the first step, the first negotiation data is also called the first negotiation sequence, which is a binary bit sequence composed of 0 and 1, for example, a pseudo-random binary sequence (PRBS). The length of the first negotiation data can be set according to actual needs, and this application does not limit this. For example, the length of the first negotiation data is x bits (bit), and the first negotiation data can be generated by a random number generator in the first communication device. Wherein, x is greater than or equal to 1000. For example, it is equal to 5000, 6000, and so on.

在该第一步中，第一通信设备采用第一加密基对第一协商数据进行加密，该第一加密基可以是基于第一通信设备和第二通信设备共享的认证信息生成的。第一通信设备和第二通信设备采用相同的认证信息和密钥扩展算法，能够获得相同的第一加密基。该第一加密基也可以称为第一会话密钥。示例性地，密钥扩展算法可以为基于线性反馈移位寄存器(linear feedback shift register，LFSR)的密钥扩展算法。In the first step, the first communication device encrypts the first negotiation data using a first encryption base, and the first encryption base can be generated based on authentication information shared by the first communication device and the second communication device. The first communication device and the second communication device use the same authentication information and key expansion algorithm to obtain the same first encryption base. The first encryption base can also be called a first session key. Exemplarily, the key expansion algorithm can be a key expansion algorithm based on a linear feedback shift register (LFSR).

QNSC技术是一种利用调制阶数的提升将信号隐藏在物理噪声中的物理层加密技术，这种物理噪声包括接收端和发送端的量子噪声或者光传输链路中EDFA的放大器自发辐射噪声。利用信息在光纤传输中噪声的随机性，来达到加密的目的。示例性地，QNSC技术可以为Y00协议。QNSC technology is a physical layer encryption technology that uses the increase of modulation order to hide the signal in physical noise. This physical noise includes quantum noise at the receiving end and the transmitting end or the spontaneous radiation noise of the EDFA amplifier in the optical transmission link. The randomness of information noise in optical fiber transmission is used to achieve the purpose of encryption. Exemplarily, QNSC technology can be the Y00 protocol.

在该第二步中，第一通信设备对加密后的第一协商数据和待传输数据进行星座映射，并将星座映射后的数据调制到光载波上，得到第一信号。这种情况下，该第一信号除了携带加密后的第一协商数据之外，还携带了待传输数据，从而将密钥分发过程和信息安全传输过程相结合，提高第一通信设备和第二通信设备之间的通信效率。In the second step, the first communication device performs constellation mapping on the encrypted first negotiation data and the data to be transmitted, and modulates the constellation-mapped data onto an optical carrier to obtain a first signal. In this case, the first signal carries the data to be transmitted in addition to the encrypted first negotiation data, thereby combining the key distribution process with the information security transmission process, and improving the communication efficiency between the first communication device and the second communication device.

在该第二步中，第一通信设备将加密后的第一协商数据映射到待传输符号的低位，将待传输数据映射到待传输符号的高位，由于待传输符号的高位在传输过程中受到噪声的影响相对于低位受到的噪声的影响较小，所以将待传输数据放在高位，减小噪声的影响。In the second step, the first communication device maps the encrypted first negotiation data to the low bit of the symbol to be transmitted, and maps the data to be transmitted to the high bit of the symbol to be transmitted. Since the high bit of the symbol to be transmitted is less affected by noise during the transmission process than the low bit, the data to be transmitted is placed in the high bit to reduce the impact of noise.

这里，每个待传输符号包括多个比特，例如，每个待传输符号包括10个bit或者8个bit。每个比特占 据一个位置。某个比特在待传输符号中的位置越高，该比特受到噪声的影响越小；反之，某个比特在待传输符号中的位置越低，该比特受到噪声的影响越大。这里，低位可以是一个待传输符号所包含的所有比特中，除了最高位之外的任意比特位置。例如，当每个待传输符号包括8个bit时，假设第8位为最高位，低位可以是第5位或者第6位。Here, each symbol to be transmitted includes multiple bits, for example, each symbol to be transmitted includes 10 bits or 8 bits. The higher the position of a bit in the symbol to be transmitted, the less the bit is affected by noise; conversely, the lower the position of a bit in the symbol to be transmitted, the greater the impact of noise on the bit. Here, the low bit can be any bit position except the highest bit among all the bits contained in a symbol to be transmitted. For example, when each symbol to be transmitted includes 8 bits, assuming that the 8th bit is the highest bit, the low bit can be the 5th or 6th bit.

可选地，在第二步中，先对加密后的第一协商数据和待传输数据进行星座映射，再将星座映射后的数据调制到光载波上，这种方式为正交幅度调制(quadrature amplitude modulation，QAM)。在其他实施例中，除了QAM调制之外，还可以采用幅移键控(amplitude shift keying，ASK)、相移键控(phase shift keying，PSK)等调制方式生成第一信号。Optionally, in the second step, the encrypted first negotiation data and the data to be transmitted are first constellation mapped, and then the constellation mapped data is modulated onto the optical carrier, which is quadrature amplitude modulation (QAM). In other embodiments, in addition to QAM modulation, amplitude shift keying (ASK), phase shift keying (PSK) and other modulation methods can also be used to generate the first signal.

可选地，在其他实施例方式中，第一通信设备仅对加密后的第一协商数据进行星座映射，除了加密后的第一协商数据之外的比特空置，然后将星座映射后的数据调制到光载波上，得到第一信号。这种情况下，该第一信号仅携带加密后的第一协商数据，而不携带待传输数据。Optionally, in other embodiments, the first communication device only performs constellation mapping on the encrypted first negotiation data, leaves bits other than the encrypted first negotiation data vacant, and then modulates the constellation-mapped data onto an optical carrier to obtain a first signal. In this case, the first signal only carries the encrypted first negotiation data, and does not carry data to be transmitted.

相应地，第二通信设备接收该第一信号。Accordingly, the second communication device receives the first signal.

202：第二通信设备基于接收到的第一信号，获取含噪声的第一协商数据。202: The second communication device obtains first negotiation data containing noise based on the received first signal.

该步骤202可以包括：第一步、第二通信设备采用QNSC技术对第一信号进行解密，得到第一数据。第二步、第二通信设备从第一数据中获取第一协商数据。The step 202 may include: first, the second communication device uses the QNSC technology to decrypt the first signal to obtain the first data. second, the second communication device obtains the first negotiation data from the first data.

在本申请实施例中，该噪声是由第一通信设备、第二通信设备以及第一通信设备和第二通信设备之间的传输路径中的至少一处引入的噪声。In the embodiment of the present application, the noise is noise introduced by at least one of the first communication device, the second communication device, and a transmission path between the first communication device and the second communication device.

含噪声的第一协商数据可能与第一通信设备发送的第一协商数据(不含噪声的第一协商数据)完全相同，或者，含噪声的第一协商数据可能与第一通信设备发送的第一协商数据(不含噪声的第一协商数据)不完全相同，例如，部分比特位置的数据不同。The noisy first negotiation data may be exactly the same as the first negotiation data (the first negotiation data without noise) sent by the first communication device, or the noisy first negotiation data may not be exactly the same as the first negotiation data (the first negotiation data without noise) sent by the first communication device, for example, the data at some bit positions are different.

可选地，该步骤202还包括：在该第一步之前，第二通信设备对第一信号进行分段，得到多段子信号；分别向每一段子信号添加高斯白噪声，不同段子信号对应的高斯白噪声的方差不同；然后再采用QNSC技术对添加高斯白噪声之后的第一信号进行解密，得到第一数据。Optionally, step 202 also includes: before the first step, the second communication device segments the first signal to obtain multiple sub-signals; adds Gaussian white noise to each sub-signal respectively, and the variance of the Gaussian white noise corresponding to different sub-signals is different; and then uses QNSC technology to decrypt the first signal after adding Gaussian white noise to obtain first data.

这里，方差不同的高斯白噪声可以随机生成。可选地，高斯白噪声可以通过硬件电路产生或者通过函数模拟。Here, Gaussian white noise with different variances can be randomly generated. Alternatively, the Gaussian white noise can be generated by a hardware circuit or simulated by a function.

通过向每段子信号添加高斯白噪声，可以进一步利用噪声掩盖密钥相关信息，提高密钥分发的安全性，使得除第一通信设备和第二通信设备之外的第三通信设备无法获得第一通信设备和第二通信设备之间的密钥。By adding Gaussian white noise to each sub-signal, the noise can be further used to mask key-related information, thereby improving the security of key distribution, so that a third communication device other than the first communication device and the second communication device cannot obtain the key between the first communication device and the second communication device.

可选地，在其他实施方式中，该步骤202还包括：在该第一步之前，第二通信设备向第一信号添加高斯白噪声；然后再采用QNSC技术对添加高斯白噪声之后的第一信号进行解密，得到第一数据。Optionally, in other implementations, the step 202 further includes: before the first step, the second communication device adds Gaussian white noise to the first signal; and then uses the QNSC technology to decrypt the first signal after the Gaussian white noise is added to obtain the first data.

示例性地，如图3所示，第一通信设备发送的第一协商数据为dataA＝{a₁a₂a₃a₄a₅a₆a₇a₈}＝01001110，第二通信设备获得的第一协商数据为dataA′＝{a₁′a₂′a₃′a₄′a₅′a₆′a₇′a₈′}＝11011011。Exemplarily, _{as shown} in FIG3 , the first negotiation _data sent by _the first communication device is _dataA ={ _{a1a2a3a4a5a6a7a8 }} =01001110, _and the _first negotiation _{data obtained} by _the second _{communication} device is dataA′={ _{a1′a2′a3′a4′a5′a6′a7′a8 ′} }= _11011011 .

203：第二通信设备向第一通信设备发送第二信号。203: The second communication device sends a second signal to the first communication device.

该步骤203包括：第一步、第二通信设备采用第二加密基对第二协商数据加密，得到加密后的第二协商数据；第二步、第二通信设备基于加密后的第二协商数据，生成第二信号；第三步、第二通信设备向第一通信设备发送该第二信号。The step 203 includes: the first step, the second communication device uses the second encryption base to encrypt the second negotiation data to obtain the encrypted second negotiation data; the second step, the second communication device generates a second signal based on the encrypted second negotiation data; the third step, the second communication device sends the second signal to the first communication device.

该第一步中，第二协商数据又称第二协商序列，是一串由0和1组成的二进制比特序列，例如，伪随机二进制序列(pseudo random binary sequence，PRBS)。第二协商数据的长度与第一协商数据的长度相同。第二协商数据可以由第二通信设备中的随机数发生器产生。In the first step, the second negotiation data is also called the second negotiation sequence, which is a binary bit sequence consisting of 0 and 1, for example, a pseudo random binary sequence (PRBS). The length of the second negotiation data is the same as the length of the first negotiation data. The second negotiation data can be generated by a random number generator in the second communication device.

在本申请实施例中，第一协商数据的内容与第二协商数据的内容可以相同，或者不同。In the embodiment of the present application, the content of the first negotiation data and the content of the second negotiation data may be the same or different.

在该第一步中，第二通信设备采用第二加密基对第二协商数据进行加密，该第二加密基可以是基于第一通信设备和第二通信设备共享的认证信息生成的。第一通信设备和第二通信设备采用相同的认证信息和密钥扩展算法，能够获得相同的第二加密基。该第二加密基也可以称为第二会话密钥。该第二加密基与第一加密基可以相同或者不同。In the first step, the second communication device encrypts the second negotiation data using a second encryption base, and the second encryption base can be generated based on the authentication information shared by the first communication device and the second communication device. The first communication device and the second communication device use the same authentication information and key expansion algorithm to obtain the same second encryption base. The second encryption base can also be called a second session key. The second encryption base can be the same as or different from the first encryption base.

第二步的实现过程可以参见前述步骤201，在此不再详细描述。The implementation process of the second step can refer to the aforementioned step 201 and will not be described in detail here.

相应的，第一通信设备接收该第二信号。Correspondingly, the first communication device receives the second signal.

204：第一通信设备基于接收到的第二信号，获取含噪声的第二协商数据。 204: The first communication device obtains second negotiation data containing noise based on the received second signal.

该步骤204的实现过程可以参见前述步骤202，在此省略详细描述。The implementation process of step 204 can refer to the aforementioned step 202, and the detailed description is omitted here.

示例性地，如图3所示，示例性地，第二通信设备发送的第二协商数据为dataB＝{b₁b₂b₃b₄b₅b₆b₇b₈}＝00111011，第一通信设备获得含噪声的第二协商数据为dataB′＝{b₁′b₂′b₃′b₄′b₅′b₆′b₇′b₈′}＝11010111。Exemplarily, as _shown in _Figure 3 _, exemplary _{, the} second negotiation data _{sent by} the second communication device is dataB={ _{b1b2b3b4b5b6b7b8} }=00111011 _{, and the noisy second negotiation data obtained by the first communication device is dataB′={b1′b2′b3′b4′b5′b6′b7′b8 ′ } = 11010111} .

205：第二通信设备基于含噪声的第一协商数据和第二通信设备发送的第二协商数据，确定第一指示信息。205: The second communication device determines first indication information based on the first negotiation data containing noise and the second negotiation data sent by the second communication device.

该第一指示信息用于指示第一数据集合和第二数据集合中不一致数据的比特位置，第一数据集合包括含噪声的第一协商数据中第一比特位置集合对应的数据，第二数据集合包括第二通信设备发送的第二协商数据中第一比特位置集合对应的数据。也即是，第一指示信息用于指示第二协商数据和含噪声的第一协商数据中对应第一比特位置集合的数据的一致性。The first indication information is used to indicate the bit positions of inconsistent data in the first data set and the second data set, the first data set includes data corresponding to the first bit position set in the first negotiation data containing noise, and the second data set includes data corresponding to the first bit position set in the second negotiation data sent by the second communication device. That is, the first indication information is used to indicate the consistency of the data corresponding to the first bit position set in the second negotiation data and the first negotiation data containing noise.

可选地，该第一指示信息可以直接指示第一数据集合和第二数据集合中不一致数据的比特位置，或者，该第一指示信息可以指示第一数据集合和第二数据集合中一致数据的比特位置，从而间接指示第一数据集合和第二数据集合中不一致数据的比特位置。Optionally, the first indication information may directly indicate the bit positions of inconsistent data in the first data set and the second data set, or, the first indication information may indicate the bit positions of consistent data in the first data set and the second data set, thereby indirectly indicating the bit positions of inconsistent data in the first data set and the second data set.

在本申请实施例中，第一比特位置集合包括多个第一比特位置，这多个第一比特位置间隔分布在第一协商数据或者第二协商数据中。In the embodiment of the present application, the first bit position set includes multiple first bit positions, and the multiple first bit positions are distributed at intervals in the first negotiation data or the second negotiation data.

在一些示例中，这多个第一比特位置为第一协商数据中的奇数位比特，或者，这多个第一比特位置为第一协商数据中的偶数位比特。下面以这多个第一比特位置为第一协商数据中的偶数位比特为例进行举例说明。In some examples, the multiple first bit positions are odd bits in the first negotiation data, or the multiple first bit positions are even bits in the first negotiation data. The following example is taken as an example where the multiple first bit positions are even bits in the first negotiation data.

再次参见图3，对于第二通信设备获取到的第一协商数据dataA′，第一数据集合为dataA′_e ven＝{a₂′,a₄′,...,a₈′}＝1101。对于第二通信设备发送的第二协商数据dataB，第二数据集合为dataB_e ven＝{b₂,b₄,...,b₈}＝0101。不一致数据在第一协商数据或者第二协商数据中的比特位置为第2位，即第一指示信息指示的比特位置为第2位。在其他实施例中，不一致数据的比特位置也可以采用在第一比特位置集合中的位置表示，例如，第一指示信息指示的比特位置为第一比特位置集合中的第1位。Referring again to FIG. 3 , for the first negotiation data dataA′ acquired by the second communication device, the first data set is dataA′_e ven＝{a ₂ ′,a ₄ ′,...,a ₈ ′}＝1101. For the second negotiation data dataB sent by the second communication device, the second data set is dataB_e ven＝{b ₂ ,b ₄ ,...,b ₈ }＝0101. The bit position of the inconsistent data in the first negotiation data or the second negotiation data is the second bit, that is, the bit position indicated by the first indication information is the second bit. In other embodiments, the bit position of the inconsistent data may also be represented by the position in the first bit position set, for example, the bit position indicated by the first indication information is the first bit position in the first bit position set.

示例性地，该第一指示信息可以采用第一序列表示，该第一序列的长度等于第一协商数据中偶数位比特的数量。第一序列中的每个比特与一个第一比特位置对应，当第一序列中的某个比特为1时，表示该比特对应的第一比特位置的数据不一致；当第一序列中的某个比特为0时，表示该比特对应的第一比特位置的数据一致。Exemplarily, the first indication information may be represented by a first sequence, the length of which is equal to the number of even bits in the first negotiation data. Each bit in the first sequence corresponds to a first bit position, and when a bit in the first sequence is 1, it indicates that the data at the first bit position corresponding to the bit is inconsistent; when a bit in the first sequence is 0, it indicates that the data at the first bit position corresponding to the bit is consistent.

例如，当第一协商数据和第二协商数据的长度均为8bit时，第一序列的长度为4。不一致数据的比特位置为第2位时，该第一序列可以为1000，如图3的(a)部分所示。For example, when the lengths of the first negotiation data and the second negotiation data are both 8 bits, the length of the first sequence is 4. When the bit position of the inconsistent data is the second bit, the first sequence may be 1000, as shown in part (a) of FIG3 .

可选地，在该步骤205之前，该方法还包括：第一通信设备比较第一协商数据和含噪声的第二协商数据的长度；如果第一协商数据和含噪声的第二协商数据的长度相同，则执行步骤205；如果第一协商数据和含噪声的第二协商数据的长度不相同，则退出当前流程。Optionally, before step 205, the method further includes: the first communication device compares the length of the first negotiation data and the length of the second negotiation data containing noise; if the length of the first negotiation data and the length of the second negotiation data containing noise are the same, executing step 205; if the length of the first negotiation data and the length of the second negotiation data containing noise are not the same, exiting the current process.

在第二协商数据的传输过程中，可能会存在数据丢失的情况，由于第一通信设备无法判断丢失的数据是第二协商数据的哪一部分，所以无法对齐第一协商数据和含噪声的第二协商数据，进而无法基于第一协商数据和含噪声的第二协商数据确定第一指示信息，因此，需要重新执行步骤201～204。During the transmission of the second negotiation data, data may be lost. Since the first communication device cannot determine which part of the second negotiation data the lost data is, it is impossible to align the first negotiation data and the noisy second negotiation data, and further, it is impossible to determine the first indication information based on the first negotiation data and the noisy second negotiation data. Therefore, steps 201 to 204 need to be re-executed.

206：第二通信设备向第一通信设备发送该第一指示信息。206: The second communication device sends the first indication information to the first communication device.

示例性地，第二通信设备可以在开销中发送该第一指示信息。这里，开销是指传输帧结构中的一个字段，该字段可以用于承载该第一指示信息。Exemplarily, the second communication device may send the first indication information in an overhead. Here, the overhead refers to a field in a transmission frame structure, and the field may be used to carry the first indication information.

相应的，第一通信设备接收该第一指示信息。Correspondingly, the first communication device receives the first indication information.

207：第一通信设备根据第一协商数据、含噪声的第二协商数据和该第一指示信息，确定第一不一致信息。207: The first communication device determines first inconsistency information according to the first negotiation data, the second negotiation data containing noise, and the first indication information.

该第一不一致信息用于描述第三数据集合和第四数据集合中与第二比特位置集合对应的不一致数据的相关信息。第三数据集合包括第一协商数据中第一比特位置集合对应的数据，第四数据集合包括含噪声的第二协商数据中第一比特位置集合对应的数据。第二比特位置集合包括第一比特位置集合中除了第一指示信息所指示的比特位置之外的比特位置，即第二比特位置集合为第一比特位置集合的子集。The first inconsistency information is used to describe the relevant information of the inconsistent data corresponding to the second bit position set in the third data set and the fourth data set. The third data set includes the data corresponding to the first bit position set in the first negotiation data, and the fourth data set includes the data corresponding to the first bit position set in the second negotiation data containing noise. The second bit position set includes the bit positions in the first bit position set except the bit positions indicated by the first indication information, that is, the second bit position set is a subset of the first bit position set.

该步骤207包括：The step 207 includes:

2071：第一通信设备分别对第三数据集合和第四数据集合中的数据进行分组，得到多对数据组，每对数据组包括第一数据组和第二数据组，第一数据组属于第三数据集合，第二数据组属于第四数据集合，第 一数据组和第二数据组均包括在第一比特位置集合中相邻的M个比特位置对应的数据，且第一数据组和第二数据组对应的M个比特位置相同；示例性地，M大于或者等于2，并且，M小于第一协商数据的长度的1/2。M的取值可以较大，以提高第一密钥和第二密钥的一致性。例如可以大于或者等于200。2071: The first communication device groups the data in the third data set and the fourth data set respectively to obtain multiple pairs of data groups, each pair of data groups includes a first data group and a second data group, the first data group belongs to the third data set, the second data group belongs to the fourth data set, and the The first data group and the second data group both include data corresponding to M adjacent bit positions in the first bit position set, and the M bit positions corresponding to the first data group and the second data group are the same; illustratively, M is greater than or equal to 2, and M is less than 1/2 of the length of the first negotiation data. The value of M can be larger to improve the consistency of the first key and the second key. For example, it can be greater than or equal to 200.

2072：根据第一指示信息分别计算每对数据组的数据不一致率。2072: Calculate the data inconsistency rate of each pair of data groups according to the first indication information.

这里，计算出的每对数据组的不一致率即为第一不一致信息。Here, the calculated inconsistency rate of each pair of data groups is the first inconsistency information.

对于任一对数据组，计算数据不一致率的方式如下：将第一数据组和第二数据组中，不一致的有效数据数量与总有效数据数量的比值，作为数据不一致率。其中，有效数据为第一数据组和第二数据组中，第二比特位置集合对应的数据。For any pair of data groups, the data inconsistency rate is calculated as follows: the ratio of the number of inconsistent valid data in the first data group and the second data group to the total number of valid data is used as the data inconsistency rate, wherein the valid data is the data corresponding to the second bit position set in the first data group and the second data group.

在另一些示例中，该步骤2072可以替换为：根据第一指示信息分别计算每对数据组的数据一致率。这里，计算出的每对数据组的一致率即为第一不一致信息。In some other examples, step 2072 may be replaced by: calculating the data consistency rate of each pair of data groups according to the first indication information. Here, the calculated consistency rate of each pair of data groups is the first inconsistency information.

对于任一对数据组，计算数据一致率的方式如下：将第一数据组和第二数据组中，一致的有效数据数量与总有效数据数量的比值，作为数据一致率。For any pair of data groups, the data consistency rate is calculated as follows: the ratio of the number of consistent valid data in the first data group and the second data group to the total number of valid data is taken as the data consistency rate.

在本申请实施例中，将多对数据组的数据不一致率或者数据一致率作为第一不一致信息，能够反应噪声随时间的变化，有利于提高第一密钥的随机性。In the embodiment of the present application, the data inconsistency rate or data consistency rate of multiple pairs of data groups is used as the first inconsistency information, which can reflect the change of noise over time and is conducive to improving the randomness of the first key.

参见图3的(b)部分，假设每个数据组均包括2bit数据，则第一协商数据包括2个第一数据组，含噪声的第二协商数据包括2个第二数据组。第一对数据组中的有效数据为{a₄}＝0和{b₄′}＝1，计算得到第一对数据组的数据不一致率为1。第二对数据组中的有效数据为{a₆,a₈}＝10和{b₆′,b₈′}＝11，计算得到第二对数据组的数据不一致率为0.5。Referring to part (b) of FIG3 , assuming that each data group includes 2 bits of data, the first negotiation data includes 2 first data groups, and the noisy second negotiation data includes 2 second data groups. The valid data in the first pair of data groups is {a ₄ }=0 and {b ₄ ′}=1, and the data inconsistency rate of the first pair of data groups is calculated to be 1. The valid data in the second pair of data groups is {a ₆ ,a ₈ }=10 and {b ₆ ′,b ₈ ′}=11, and the data inconsistency rate of the second pair of data groups is calculated to be 0.5.

208：第一通信设备基于第一通信设备发送的第一协商数据和第一通信设备获取到的含噪声的第二协商数据，确定第二指示信息。208: The first communication device determines second indication information based on the first negotiation data sent by the first communication device and the second negotiation data containing noise acquired by the first communication device.

该第二指示信息用于指示第五数据集合和第六数据集合中不一致数据的比特位置，第五数据集合包括第一协商数据中第三比特位置集合对应的数据，第六数据集合包括含噪声的第二协商数据中第三比特位置集合对应的数据。第三比特位置集合与第一比特位置集合的交集为空集。示例性地，第三比特位置集合为第一协商数据的所有比特位置集合与第一比特位置集合的差集。The second indication information is used to indicate the bit positions of inconsistent data in the fifth data set and the sixth data set, the fifth data set includes data corresponding to the third bit position set in the first negotiation data, and the sixth data set includes data corresponding to the third bit position set in the second negotiation data containing noise. The intersection of the third bit position set and the first bit position set is an empty set. Exemplarily, the third bit position set is a difference set of all bit position sets of the first negotiation data and the first bit position set.

在本申请实施例中，第三比特位置集合包括多个第三比特位置，这多个第三比特位置间隔分布在第一协商数据或者第二协商数据中。In the embodiment of the present application, the third bit position set includes multiple third bit positions, and the multiple third bit positions are distributed at intervals in the first negotiation data or the second negotiation data.

示例性地，当第一比特位置集合中的多个第一比特位置为第一协商数据和含噪声的第二协商数据中的偶数位比特时，这多个第三比特位置为第一协商数据和含噪声的第二协商数据中的奇数位比特。Exemplarily, when the plurality of first bit positions in the first bit position set are even bits in the first negotiation data and the noisy second negotiation data, the plurality of third bit positions are odd bits in the first negotiation data and the noisy second negotiation data.

再次参见图3的(a)部分，对于第一通信设备发送的第一协商数据dataA，第五数据集合为dataA_o dd＝{a₁,a₃,...,a₇}＝0011。对于第一通信设备获取到的含噪声的第二协商数据dataB′，第六数据集合为dataB′_o dd＝{b₁′,b₃′,...,b₇′}＝1001。不一致数据在第一协商数据或者第二协商数据中的比特位置为第1位和第5位，即第二指示信息指示的比特位置为第1位和第5位。Referring again to part (a) of FIG3 , for the first negotiation data dataA sent by the first communication device, the fifth data set is dataA_o dd＝{a ₁ ,a ₃ ,...,a ₇ }＝0011. For the second negotiation data dataB′ containing noise acquired by the first communication device, the sixth data set is dataB′_o dd＝{b ₁ ′,b ₃ ′,...,b ₇ ′}＝1001. The bit positions of the inconsistent data in the first negotiation data or the second negotiation data are the 1st and 5th bits, that is, the bit positions indicated by the second indication information are the 1st and 5th bits.

示例性地，该第二指示信息可以采用第二序列表示，该第二序列的长度等于第一协商数据中奇数位比特的数量。第二序列中的每个比特与一个第三比特位置对应，当第二序列中的某个比特为1时，表示该比特对应的第三比特位置的数据不一致；当第二序列中的某个比特为0时，表示该比特对应的第三比特位置的数据一致。Exemplarily, the second indication information may be represented by a second sequence, the length of which is equal to the number of odd bits in the first negotiation data. Each bit in the second sequence corresponds to a third bit position, and when a bit in the second sequence is 1, it indicates that the data at the third bit position corresponding to the bit is inconsistent; when a bit in the second sequence is 0, it indicates that the data at the third bit position corresponding to the bit is consistent.

例如，当第一协商数据和第二协商数据的长度均为8bit时，第二序列的长度为4。不一致数据的比特位置为第1位和第5位时，该第一序列可以为1010。For example, when the lengths of the first negotiation data and the second negotiation data are both 8 bits, the length of the second sequence is 4. When the bit positions of the inconsistent data are the 1st bit and the 5th bit, the first sequence may be 1010.

可选地，在该步骤208之前，该方法还包括：第二通信设备比较第二协商数据和含噪声的第一协商数据的长度；如果第二协商数据和含噪声的第一协商数据的长度相同，则执行步骤208；如果第二协商数据和含噪声的第一协商数据的长度不相同，则退出当前流程。Optionally, before step 208, the method further includes: the second communication device compares the length of the second negotiation data and the length of the first negotiation data containing noise; if the length of the second negotiation data and the length of the first negotiation data containing noise are the same, executing step 208; if the length of the second negotiation data and the length of the first negotiation data containing noise are not the same, exiting the current process.

在第一协商数据的传输过程中，可能会存在数据丢失的情况，由于第二通信设备无法判断丢失的数据是第一协商数据的哪一部分，所以无法对齐第二协商数据和含噪声的第一协商数据，进而无法基于第二协商数据和含噪声的第一协商数据确定第二指示信息，因此，需要重新执行步骤201～204。During the transmission of the first negotiation data, data may be lost. Since the second communication device cannot determine which part of the first negotiation data the lost data is, it is impossible to align the second negotiation data and the noisy first negotiation data, and further, it is impossible to determine the second indication information based on the second negotiation data and the noisy first negotiation data. Therefore, steps 201 to 204 need to be re-executed.

209：第一通信设备向第二通信设备发送该第二指示信息。209: The first communication device sends the second indication information to the second communication device.

示例性地，第一通信设备可以在开销中发送该第二指示信息。Exemplarily, the first communication device may send the second indication information in an overhead.

相应的，第一通信设备接收该第二指示信息。 Correspondingly, the first communication device receives the second indication information.

210：第二通信设备根据第二协商数据、含噪声的第一协商数据和该第二指示信息，确定第二不一致信息。210: The second communication device determines second inconsistency information according to the second negotiation data, the first negotiation data containing noise, and the second indication information.

该第二不一致信息用于描述第七数据集合和第八数据集合中与第四比特位置集合对应的不一致数据的相关信息。第七数据集合包括含噪声的第一协商数据中第三比特位置集合对应的数据，第八数据集合包括第二协商数据中第三比特位置集合对应的数据。第四比特位置集合包括第三比特位置集合中除了第二指示信息所指示的比特位置之外的比特位置，即第四比特位置集合为第三比特位置集合的子集。The second inconsistency information is used to describe the relevant information of the inconsistent data corresponding to the fourth bit position set in the seventh data set and the eighth data set. The seventh data set includes the data corresponding to the third bit position set in the first negotiation data containing noise, and the eighth data set includes the data corresponding to the third bit position set in the second negotiation data. The fourth bit position set includes the bit positions in the third bit position set except the bit positions indicated by the second indication information, that is, the fourth bit position set is a subset of the third bit position set.

在该步骤210中，第二通信设备先分别对第七数据集合和第八数据集合中的数据进行分组，得到多对数据组。每对数据组包括第三数据组和第四数据组。第三数据组属于第七数据集合，第四数据组属于第八数据集合。第三数据组和第四数据组均包括在第三比特位置集合中相邻的M个比特位置对应的数据，且第三数据组和第四数据组对应的M个比特位置相同。示例性地，M大于或者等于2，并且，M小于第一协商数据的长度的1/2。M的取值可以较大，以提高第一密钥和第二密钥的一致性。例如可以大于或者等于200。然后，第二通信设备根据第二指示信息分别计算每对数据组的数据不一致率或者数据一致率，得到第二不一致信息。In step 210, the second communication device first groups the data in the seventh data set and the eighth data set respectively to obtain multiple pairs of data groups. Each pair of data groups includes a third data group and a fourth data group. The third data group belongs to the seventh data set, and the fourth data group belongs to the eighth data set. The third data group and the fourth data group both include data corresponding to M adjacent bit positions in the third bit position set, and the M bit positions corresponding to the third data group and the fourth data group are the same. Exemplarily, M is greater than or equal to 2, and M is less than 1/2 of the length of the first negotiated data. The value of M can be larger to improve the consistency of the first key and the second key. For example, it can be greater than or equal to 200. Then, the second communication device calculates the data inconsistency rate or data consistency rate of each pair of data groups according to the second indication information to obtain the second inconsistency information.

该步骤210的实现过程可以参见步骤207，在此省略详细描述。The implementation process of step 210 may refer to step 207 , and detailed description is omitted here.

参见图3的(b)部分，假设每个数据组均包括2bit数据，则含噪声的第一协商数据包括2个第一数据组，第二协商数据包括2个第二数据组。第一对数据组中的有效数据为{b₃}＝1和{a₃′}＝0，计算得到第一对数据组的数据不一致率为1。第二对数据组中的有效数据为{b₇}＝1和{a₇′}＝1，计算得到第二对数据组的数据不一致率为0。Referring to part (b) of FIG3 , assuming that each data group includes 2 bits of data, the first negotiation data containing noise includes 2 first data groups, and the second negotiation data includes 2 second data groups. The valid data in the first pair of data groups is {b ₃ }=1 and {a ₃ ′}=0, and the data inconsistency rate of the first pair of data groups is calculated to be 1. The valid data in the second pair of data groups is {b ₇ }=1 and {a ₇ ′}=1, and the data inconsistency rate of the second pair of data groups is calculated to be 0.

211：第一通信设备基于第一不一致信息，生成第一密钥。211: The first communication device generates a first key based on the first inconsistent information.

当第一不一致信息包括多对数据组的数据不一致率时，该步骤211包括：第一通信设备对第一不一致信息中多对数据组的数据不一致率分别进行量化，得到第一不一致序列；该第一不一致序列即为第一密钥。When the first inconsistency information includes data inconsistency rates of multiple pairs of data groups, step 211 includes: the first communication device quantifies the data inconsistency rates of multiple pairs of data groups in the first inconsistency information respectively to obtain a first inconsistency sequence; the first inconsistency sequence is the first key.

示例性地，第一通信设备按照双阈值量化规则对多对数据组的数据不一致率进行量化，得到第一不一致序列。Exemplarily, the first communication device quantizes data inconsistency rates of multiple pairs of data groups according to a double-threshold quantization rule to obtain a first inconsistency sequence.

示例性地，双阈值量化规则如下：
Exemplarily, the dual threshold quantization rule is as follows:

其中，i表示第i对数据组，key(i)表示第i对数据组的量化结果，M(i)表示第i对数据组的数据不一致率，q+表示上阈值，q-表示下阈值。Among them, i represents the i-th pair of data groups, key(i) represents the quantization result of the i-th pair of data groups, M(i) represents the data inconsistency rate of the i-th pair of data groups, q+ represents the upper threshold, and q- represents the lower threshold.

上阈值和下阈值可以采用公式(2)确定：
q±＝mean±ε×std        (2)The upper threshold and the lower threshold can be determined using formula (2):
q±＝mean±ε×std (2)

公式(2)中，mean表示各对数据组的数据不一致率的平均值，ε为设定值且0＜ε＜1，std表示各对数据组的数据不一致率的标准差。In formula (2), mean represents the average value of the data inconsistency rate of each pair of data groups, ε is a set value and 0＜ε＜1, and std represents the standard deviation of the data inconsistency rate of each pair of data groups.

第一通信设备对应的双阈值为q(a)±＝0.75±ε×0.3536，设ε＝0.5，则量化得到的第一密钥为K_A＝{1,0}。The double threshold corresponding to the first communication device is q(a)±=0.75±ε×0.3536, and ε=0.5. Then the first key obtained by quantization is _KA ={1,0}.

当第一不一致信息包括多对数据组的数据一致率时，在该步骤211中第一通信设备对多对数据组的数据一致率分别进行量化，得到第二密钥。对数据一致率进行量化的规则与对数据不一致率量化的规则相同，在此不再赘述。When the first inconsistency information includes data consistency rates of multiple pairs of data groups, the first communication device quantifies the data consistency rates of the multiple pairs of data groups to obtain the second key in step 211. The rules for quantifying the data consistency rates are the same as the rules for quantifying the data inconsistency rates, and are not repeated here.

212：第二通信设备基于第二不一致信息，生成第二密钥。212: The second communication device generates a second key based on the second inconsistency information.

当第二不一致信息包括多对数据组的数据不一致率时，该步骤212包括：第二通信设备对第二不一致信息中多对数据组的数据不一致率分别进行量化，得到第二不一致序列；该第二不一致序列即为第二密钥。When the second inconsistency information includes data inconsistency rates of multiple pairs of data groups, step 212 includes: the second communication device quantifies the data inconsistency rates of multiple pairs of data groups in the second inconsistency information respectively to obtain a second inconsistency sequence; the second inconsistency sequence is the second key.

示例性地，第二通信设备按照双阈值量化规则对第二不一致信息进行量化，得到第二不一致序列。该双阈值量化规则参见前述公式(1)。Exemplarily, the second communication device quantizes the second inconsistency information according to a double-threshold quantization rule to obtain a second inconsistency sequence. The double-threshold quantization rule is shown in the above formula (1).

第二通信设备对应的双阈值为q(b)±＝0.5±ε×0.7071，设ε＝0.5，则量化得到密钥KB＝{1,0}。The double threshold corresponding to the second communication device is q(b)±=0.5±ε×0.7071. Assuming ε=0.5, the quantized key KB={1,0} is obtained.

当第二不一致信息包括多对数据组的数据一致率时，在该步骤212中第二通信设备对数据一致率分别进行量化，得到第二密钥。对数据一致率进行量化的规则与对数据不一致率量化的规则相同，在此不再赘述。 When the second inconsistency information includes data consistency rates of multiple pairs of data groups, the second communication device quantifies the data consistency rates to obtain the second key in step 212. The rules for quantifying the data consistency rates are the same as the rules for quantifying the data inconsistency rates, and are not described in detail here.

在该实施例中，以第一比特位置集合包括偶数位比特，第三比特位置集合包括奇数位比特为例进行了说明。可选地，在其他实施例中，第一比特位置集合可以包括第j个比特位置和第j+1个比特位置；第三比特位置集合可以包括第j+2个比特位置和第j+3个比特位置。这里，j等于4x+1，x为整数，且x大于或者等于0。例如，假设第一协商数据和第二协商数据的长度均为100比特，即存在100个比特位置，则第一比特位置集合为{1，2，5，6，9，10……97，98}，第二比特位置集合为{3，4，7，8，11，12……95，96，99，100}。In this embodiment, the first bit position set includes even bits and the third bit position set includes odd bits. Optionally, in other embodiments, the first bit position set may include the jth bit position and the j+1th bit position; the third bit position set may include the j+2th bit position and the j+3th bit position. Here, j is equal to 4x+1, x is an integer, and x is greater than or equal to 0. For example, assuming that the length of the first negotiation data and the second negotiation data are both 100 bits, that is, there are 100 bit positions, then the first bit position set is {1, 2, 5, 6, 9, 10...97, 98}, and the second bit position set is {3, 4, 7, 8, 11, 12...95, 96, 99, 100}.

由于第一通信设备生成的第一密钥和第二通信设备生成的第二密钥可能不完全一致，因此，第一通信设备和第二通信设备还需要对第一密钥和第二密钥进行后处理，以获得一致的最终密钥。在一些示例中，后处理包括误码纠错、一致性检验和隐私放大。下面对获得最终密钥的过程进行示例性说明。Since the first key generated by the first communication device and the second key generated by the second communication device may not be completely consistent, the first communication device and the second communication device also need to post-process the first key and the second key to obtain a consistent final key. In some examples, the post-processing includes error correction, consistency check, and privacy amplification. The process of obtaining the final key is exemplarily described below.

首先，第一通信设备利用纠错协议对第一密钥进行误码纠错，第二通信设备利用纠错协议对第二密钥进行误码纠错。第一通信设备和第二通信设备采用的纠错协议相同。可选地，纠错协议包括但不限于Cascade纠错协议和低密度奇偶校验码(low density parity check code，LDPC)纠错协议等。First, the first communication device uses an error correction protocol to perform error correction on the first key, and the second communication device uses an error correction protocol to perform error correction on the second key. The error correction protocol used by the first communication device and the second communication device is the same. Optionally, the error correction protocol includes but is not limited to a Cascade error correction protocol and a low density parity check code (LDPC) error correction protocol.

然后，第一通信设备和第二通信设备对纠错后的第一密钥和第二密钥进行一致性校验。若纠错后的第一密钥和纠错后的第二密钥通过一致性检验，则第一通信设备使用单向函数对第一密钥进行隐私放大，得到最终密钥；第二通信设备使用单向函数对第二密钥进行隐私放大，得到最终密钥。示例性地，单向函数为哈希函数。这里，第一通信设备和第二通信设备使用的单向函数相同。Then, the first communication device and the second communication device perform consistency check on the first key and the second key after error correction. If the first key after error correction and the second key after error correction pass the consistency check, the first communication device uses a one-way function to amplify the privacy of the first key to obtain the final key; the second communication device uses a one-way function to amplify the privacy of the second key to obtain the final key. Exemplarily, the one-way function is a hash function. Here, the one-way function used by the first communication device and the second communication device is the same.

其中，误码纠错和一致性检验可以被称为密钥协商。由于在密钥协商过程中，第一通信设备和第二通信设备需要在公共信道上传递纠错信息，这样，第三通信设备能够获取到部分信息，因此，为了增强密钥的安全性，协商出来的密钥需要通过隐私放大进行增强。Among them, error correction and consistency check can be called key negotiation. During the key negotiation process, the first communication device and the second communication device need to transmit error correction information on a public channel, so that the third communication device can obtain part of the information. Therefore, in order to enhance the security of the key, the negotiated key needs to be enhanced through privacy amplification.

若纠错后的第一密钥和纠错后的第二密钥无法通过一致性检验，则终止协商，退出当前流程。可选地，第一通信设备和第二通信设备可以在设定时长后，重新执行步骤201～202，直至获得最终密钥。If the corrected first key and the corrected second key cannot pass the consistency check, the negotiation is terminated and the current process is exited. Optionally, the first communication device and the second communication device may re-execute steps 201 to 202 after a set time period until the final key is obtained.

在本申请实施例中，一致性检验的过程可以包括：第一通信设备利用单向函数计算纠错后的第一密钥的第一摘要信息，并向第二通信设备发送第一摘要信息；第二通信设备利用单向函数计算纠错后的第一密钥的第二摘要信息，并向第一通信设备发送第二摘要信息；第一通信设备和第二通信设备分别比对第一摘要信息和第二摘要信息，如果第一摘要信息和第二摘要信息相同，则表示纠错后的第一密钥和纠错后的第二密钥通过一致性校验。In an embodiment of the present application, the consistency check process may include: the first communication device uses a one-way function to calculate the first summary information of the first key after error correction, and sends the first summary information to the second communication device; the second communication device uses a one-way function to calculate the second summary information of the first key after error correction, and sends the second summary information to the first communication device; the first communication device and the second communication device respectively compare the first summary information and the second summary information. If the first summary information and the second summary information are the same, it means that the first key after error correction and the second key after error correction pass the consistency check.

需要说明的是，步骤201～202和步骤203～204可以同步执行或者先后执行；步骤205～207和步骤208～219可以同步执行或者先后执行；步骤211和步骤212可以同步执行或者先后执行，本申请对此不做限制。It should be noted that steps 201 to 202 and steps 203 to 204 can be executed simultaneously or one after another; steps 205 to 207 and steps 208 to 219 can be executed simultaneously or one after another; step 211 and step 212 can be executed simultaneously or one after another, and this application does not impose any restrictions on this.

本申请实施例中，第一通信设备对应的用户可以为Alice，第二通信设备对应的用户可以为Bob，第三通信设备对应的用户可以为Eve。In the embodiment of the present application, the user corresponding to the first communication device may be Alice, the user corresponding to the second communication device may be Bob, and the user corresponding to the third communication device may be Eve.

在本申请实施例中，第二通信设备向第一通信设备发送第一指示信息，且该第一指示信息用于指示第一数据集合和第二数据集合中不一致数据的比特位置。由于第一数据集合包括第二通信设备接收到的含噪声的第一协商数据中第一比特位置集合对应的数据，所以第一数据集合和第二数据集合中的一致数据与噪声N1的影响相关。该噪声N1包括第一通信设备内部、第二通信设备内部以及从第一通信设备到第二通信设备的传输链路上的噪声。第二通信设备将第一指示信息发送给第一通信设备，相当于第二通信设备将第一数据集合和第二数据集合中的一致数据作为含噪声的协商数据发送给了第一通信设备，从而第一通信设备能够获知第二比特位置集合对应的数据受到噪声N1影响的相关信息。In an embodiment of the present application, the second communication device sends a first indication message to the first communication device, and the first indication message is used to indicate the bit positions of inconsistent data in the first data set and the second data set. Since the first data set includes the data corresponding to the first bit position set in the noisy first negotiation data received by the second communication device, the consistent data in the first data set and the second data set are related to the influence of noise N1. The noise N1 includes noise inside the first communication device, inside the second communication device, and on the transmission link from the first communication device to the second communication device. The second communication device sends the first indication message to the first communication device, which is equivalent to the second communication device sending the consistent data in the first data set and the second data set as noisy negotiation data to the first communication device, so that the first communication device can obtain relevant information that the data corresponding to the second bit position set is affected by noise N1.

而第四数据集合包括含噪声的第二协商数据中第一比特位置集合对应的数据，所以第四数据集合中的数据包含了噪声N2的影响，该噪声N2包括第一通信设备内部、第二通信设备内部以及从第二通信设备到第一通信设备的传输链路上的噪声。因此，第三数据集合和第四数据集合中与第二比特位置集合对应的数据相关的第一不一致性信息，同时反应了噪声N1和噪声N2的特征。第一通信设备基于第一不一致性信息生成第一密钥，即可实现基于噪声的特征生成第一密钥。The fourth data set includes the data corresponding to the first bit position set in the second negotiation data containing noise, so the data in the fourth data set includes the influence of noise N2, which includes the noise inside the first communication device, inside the second communication device, and on the transmission link from the second communication device to the first communication device. Therefore, the first inconsistency information related to the data corresponding to the second bit position set in the third data set and the fourth data set reflects the characteristics of noise N1 and noise N2 at the same time. The first communication device generates the first key based on the first inconsistency information, which can realize the generation of the first key based on the characteristics of noise.

类似地，第二通信设备基于第二不一致性信息生成第一密钥，即可实现基于噪声的特征生成第二密钥。Similarly, the second communication device generates the first key based on the second inconsistency information, which can realize generating the second key based on the characteristics of noise.

当第一通信设备不停地发送第一协商数据，第二通信设备不停地发送第二协商数据时，第一通信设备和第二通信设备能够不断提取噪声的特征，据此不停生成密钥。When the first communication device continuously sends the first negotiation data and the second communication device continuously sends the second negotiation data, the first communication device and the second communication device can continuously extract the characteristics of the noise and continuously generate keys based on the characteristics.

在本申请实施例中，第一通信设备随机发送第一协商数据，第二通信设备接收含噪声的第一协商数据， 并比对含噪声的第一协商数据和发送的第二协商数据，获得第一指示信息发送给第一通信设备。第一通信设备根据第一指示信息选择对应的比特进行处理，从而形成第一通信设备到第二通信设备再到第一通信设备的逻辑环回，无需将接收到的第一协商数据本身发送给第一通信设备(即无需物理环回)。同样地，第一通信设备将第二指示信息发送给第二通信设备，从而实现第二通信设备到第一通信设备再到第二通信设备的逻辑环回，无需将接收到的第二协商数据本身发送给第二通信设备(即无需物理环回)。第一通信设备和第二通信设备均只需要进行一次协商数据的收发，有利于减小密钥分发过程所需传输的数据量，并且提高密钥的生成效率。In the embodiment of the present application, the first communication device randomly sends the first negotiation data, and the second communication device receives the first negotiation data containing noise. And compare the first negotiation data containing noise with the second negotiation data sent, obtain the first indication information and send it to the first communication device. The first communication device selects the corresponding bit for processing according to the first indication information, thereby forming a logical loopback from the first communication device to the second communication device and then to the first communication device, without sending the received first negotiation data itself to the first communication device (i.e., no physical loopback is required). Similarly, the first communication device sends the second indication information to the second communication device, thereby realizing a logical loopback from the second communication device to the first communication device and then to the second communication device, without sending the received second negotiation data itself to the second communication device (i.e., no physical loopback is required). The first communication device and the second communication device only need to send and receive negotiation data once, which is beneficial to reduce the amount of data required to be transmitted in the key distribution process and improve the efficiency of key generation.

并且，第一通信设备发送的第一协商数据和第二通信设备发送的第二协商数据无关，因此，第一通信设备和第二通信设备可以独立发送协商数据，不需要第一通信设备发送第一协商数据和第二通信设备发送第二协商数据的时间同步，实现更加简单。Furthermore, the first negotiation data sent by the first communication device is independent of the second negotiation data sent by the second communication device. Therefore, the first communication device and the second communication device can send negotiation data independently, without the need for time synchronization between the first communication device sending the first negotiation data and the second communication device sending the second negotiation data, which makes implementation simpler.

此外，本申请实施例可以利用光通信***中的已有器件实现，无需引入新的器件，兼容性好且易于实现。In addition, the embodiments of the present application can be implemented using existing devices in an optical communication system without introducing new devices, and have good compatibility and are easy to implement.

最后，当第一比特位置集合和第三比特位置集合中的一个包括奇数位比特，另一个包括偶数位比特时，第一比特位置集合中的比特位置和第三比特位置集合中的比特位置为相邻的比特位置。由于每个待传输符号中携带协商数据的一个比特位置的数据，且每个待传输符号在一个时隙中发送，因此，协商数据中相邻比特位置的数据在相邻的时隙中传输。而由于相邻的时隙中噪声的相关性较高，即在一段时间内，通过奇数时隙和偶数时隙统计的噪声特性变化不大，所以第一通信设备根据偶数比特计算得到的数据不一致率和第二通信设备根据奇数比特计算得到的数据不一致率大概率是相同的，这样，第一通信设备生成的第一密钥和第二通信设备生成的第二密钥的相似度较高，有利于第一通信设备和第二通信设备快速获得相同的最终密钥。Finally, when one of the first bit position set and the third bit position set includes odd bits and the other includes even bits, the bit positions in the first bit position set and the bit positions in the third bit position set are adjacent bit positions. Since each symbol to be transmitted carries data of a bit position of the negotiation data, and each symbol to be transmitted is sent in a time slot, the data of adjacent bit positions in the negotiation data are transmitted in adjacent time slots. Since the correlation of noise in adjacent time slots is high, that is, within a period of time, the noise characteristics statistically calculated by odd time slots and even time slots do not change much, the data inconsistency rate calculated by the first communication device based on the even bits and the data inconsistency rate calculated by the second communication device based on the odd bits are most likely the same. In this way, the first key generated by the first communication device and the second key generated by the second communication device are highly similar, which is conducive to the first communication device and the second communication device quickly obtaining the same final key.

图4是本申请一个示例性实施例提供的一种密钥生成装置的结构示意图。该装置可以通过软件、硬件或者两者的结合实现成为装置中的部分或者全部。本申请实施例提供的装置能够实现本申请实施例图2的流程中第一通信设备执行的步骤。如图4所示，该装置300包括：发送模块301、获取模块302、第一确定模块303和生成模块304。FIG4 is a schematic diagram of the structure of a key generation device provided by an exemplary embodiment of the present application. The device can be implemented as part or all of the device through software, hardware, or a combination of both. The device provided by the embodiment of the present application can implement the steps performed by the first communication device in the process of FIG2 of the embodiment of the present application. As shown in FIG4, the device 300 includes: a sending module 301, an acquisition module 302, a first determination module 303, and a generation module 304.

发送模块301用于向第二通信设备发送第一协商数据。The sending module 301 is configured to send first negotiation data to the second communication device.

获取模块302用于获取第一指示信息和含噪声的第二协商数据，第一指示信息和第二协商数据是第二通信设备发送的，第一指示信息用于指示第一数据集合和第二数据集合中不一致数据的比特位置，第一数据集合包括第二通信设备接收到的含噪声的第一协商数据中第一比特位置集合对应的数据，第二数据集合包括第二协商数据中第一比特位置集合对应的数据。The acquisition module 302 is used to acquire first indication information and second negotiation data containing noise, the first indication information and the second negotiation data are sent by the second communication device, the first indication information is used to indicate the bit positions of inconsistent data in the first data set and the second data set, the first data set includes data corresponding to a first bit position set in the first negotiation data containing noise received by the second communication device, and the second data set includes data corresponding to the first bit position set in the second negotiation data.

第一确定模块303用于基于第一协商数据、含噪声的第二协商数据和第一指示信息，确定第一不一致信息，第一不一致信息用于描述第三数据集合和第四数据集合中与第二比特位置集合对应的不一致数据的相关信息，第三数据集合包括第一协商数据中第一比特位置集合对应的数据，第四数据集合包括含噪声的第二协商数据中第一比特位置集合对应的数据，第二比特位置集合包括第一比特位置集合中除了第一指示信息所指示的比特位置之外的比特位置。The first determination module 303 is used to determine first inconsistency information based on the first negotiation data, the noisy second negotiation data and the first indication information, the first inconsistency information being used to describe relevant information of inconsistent data corresponding to the second bit position set in the third data set and the fourth data set, the third data set including data corresponding to the first bit position set in the first negotiation data, the fourth data set including data corresponding to the first bit position set in the noisy second negotiation data, and the second bit position set including bit positions in the first bit position set except the bit positions indicated by the first indication information.

生成模块304用于基于第一不一致信息生成第一密钥。The generating module 304 is configured to generate a first key based on the first inconsistent information.

其中，噪声是由第一通信设备、第二通信设备以及第一通信设备和第二通信设备之间的传输链路中的至少一处引入的噪声。The noise is introduced by at least one of the first communication device, the second communication device, and a transmission link between the first communication device and the second communication device.

可选地，第一确定模块303包括分组子模块3031和确定子模块3032。分组子模块3031用于分别对第三数据集合和第四数据集合中的数据进行分组，得到多对数据组，多对数据组中的任一对数据组包括第一数据组和第二数据组，第一数据组属于第三数据集合，第二数据组属于第四数据集合，第一数据组和第二数据组均包括在第一比特位置集合中相邻的M个比特位置对应的数据，且第一数据组和第二数据组对应的M个比特位置相同。确定子模块3032用于根据第一指示信息，确定任一对数据组的数据不一致率，得到第一不一致信息。Optionally, the first determination module 303 includes a grouping submodule 3031 and a determination submodule 3032. The grouping submodule 3031 is used to group the data in the third data set and the fourth data set respectively to obtain multiple pairs of data groups, any pair of data groups in the multiple pairs of data groups includes a first data group and a second data group, the first data group belongs to the third data set, the second data group belongs to the fourth data set, the first data group and the second data group both include data corresponding to M adjacent bit positions in the first bit position set, and the M bit positions corresponding to the first data group and the second data group are the same. The determination submodule 3032 is used to determine the data inconsistency rate of any pair of data groups according to the first indication information to obtain the first inconsistency information.

可选地，确定子模块3032用于将第一数据组和第二数据组中，不一致的有效数据数量与总有效数据数量的比值，作为数据不一致率。或者，确定子模块3032用于将第一数据组和第二数据组中，一致的有效数据数量与总有效数据数量的比值，作为数据一致率。其中，有效数据为第一数据组和第二数据组中，第二比特位置集合对应的数据。 Optionally, the determination submodule 3032 is used to use the ratio of the number of inconsistent valid data to the total number of valid data in the first data group and the second data group as the data inconsistency rate. Alternatively, the determination submodule 3032 is used to use the ratio of the number of consistent valid data to the total number of valid data in the first data group and the second data group as the data consistency rate. The valid data is the data corresponding to the second bit position set in the first data group and the second data group.

可选地，生成模块304用于对多对数据组的数据不一致率或者数据一致率分别进行量化，得到第一密钥。Optionally, the generating module 304 is used to quantify the data inconsistency rate or the data consistency rate of multiple pairs of data groups respectively to obtain the first key.

可选地，装置还包括第二确定模块305。第二确定模块305用于基于第一协商数据和含噪声的第二协商数据，确定第二指示信息。第二指示信息用于指示第五数据集合和第六数据集合中不一致数据的比特位置，第五数据集合包括第一协商数据中第三比特位置集合对应的数据，第六数据集合包括含噪声的第二协商数据中第三比特位置集合对应的数据，第三比特位置集合与第一比特位置集合的交集为空集。发送模块301还用于向第二通信设备发送第二指示信息。Optionally, the device also includes a second determination module 305. The second determination module 305 is used to determine the second indication information based on the first negotiation data and the second negotiation data containing noise. The second indication information is used to indicate the bit positions of inconsistent data in the fifth data set and the sixth data set, the fifth data set includes data corresponding to the third bit position set in the first negotiation data, the sixth data set includes data corresponding to the third bit position set in the second negotiation data containing noise, and the intersection of the third bit position set and the first bit position set is an empty set. The sending module 301 is also used to send the second indication information to the second communication device.

可选地，获取模块302包括接收子模块3021、添加子模块3022和解密子模块3023。Optionally, the acquisition module 302 includes a receiving submodule 3021 , an adding submodule 3022 and a decryption submodule 3023 .

接收子模块3021用于接收第二通信设备发送的信号，信号包括连续的多段子信号。添加子模块3022用于分别向多段子信号添加高斯白噪声。解密子模块3023用于对添加高斯白噪声之后的多段子信号进行解密，得到含噪声的第二协商数据。The receiving submodule 3021 is used to receive a signal sent by the second communication device, the signal including a continuous multi-segment sub-signal. The adding submodule 3022 is used to add Gaussian white noise to the multi-segment sub-signal respectively. The decryption submodule 3023 is used to decrypt the multi-segment sub-signal after adding the Gaussian white noise to obtain the second negotiation data containing the noise.

需要说明的是：上述实施例提供的密钥生成装置进行信号处理时，仅以上述各功能模块的划分进行举例说明，实际应用中，可以根据需要而将上述功能分配由不同的功能模块完成，即将装置的内部结构划分成不同的功能模块，以完成以上描述的全部或者部分功能。另外，上述实施例提供的密钥生成装置与密钥生成方法实施例属于同一构思，其具体实现过程详见方法实施例，这里不再赘述。It should be noted that: when the key generation device provided in the above embodiment performs signal processing, only the division of the above functional modules is used as an example. In actual applications, the above functions can be assigned to different functional modules as needed, that is, the internal structure of the device is divided into different functional modules to complete all or part of the functions described above. In addition, the key generation device provided in the above embodiment and the key generation method embodiment belong to the same concept, and the specific implementation process is detailed in the method embodiment, which will not be repeated here.

本申请实施例中对模块的划分是示意性的，仅仅为一种逻辑功能划分，实际实现时也可以有另外的划分方式，另外，在本申请各个实施例中的各功能模块可以集成在一个处理器中，也可以是单独物理存在，也可以两个或两个以上模块集成为一个模块中。上述集成的模块既可以采用硬件的形式实现，也可以采用软件功能模块的形式实现。The division of modules in the embodiments of the present application is schematic and is only a logical function division. There may be other division methods in actual implementation. In addition, each functional module in each embodiment of the present application may be integrated into a processor, or may exist physically separately, or two or more modules may be integrated into one module. The above-mentioned integrated modules may be implemented in the form of hardware or in the form of software functional modules.

该集成的模块如果以软件功能模块的形式实现并作为独立的产品销售或使用时，可以存储在一个计算机可读取存储介质中。基于这样的理解，本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来，该计算机软件产品存储在一个存储介质中，包括若干指令用以使得一台终端设备(可以是个人计算机，手机，或者通信设备等)或处理器(processor)执行本申请各个实施例该方法的全部或部分步骤。而前述的存储介质包括：U盘、移动硬盘、只读存储器(read-only memory，ROM)、随机存取存储器(random access memory，RAM)、磁碟或者光盘等各种可以存储程序代码的介质。If the integrated module is implemented in the form of a software function module and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application, or the part that contributes to the prior art, or all or part of the technical solution can be embodied in the form of a software product. The computer software product is stored in a storage medium, including several instructions to enable a terminal device (which can be a personal computer, mobile phone, or communication equipment, etc.) or a processor (processor) to execute all or part of the steps of the method in each embodiment of the present application. The aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (ROM), random access memory (RAM), disk or optical disk, and other media that can store program codes.

本申请实施例中还提供了一种计算机设备，该计算机设备可以为图1中的接收设备。图5示例性的提供了计算机设备400的一种可能的架构图。The embodiment of the present application further provides a computer device, which may be the receiving device in Figure 1. Figure 5 exemplarily provides a possible architecture diagram of a computer device 400.

计算机设备400包括存储器401、处理器402、通信接口403和总线404。其中，存储器401、处理器402和通信接口403通过总线404实现彼此之间的通信连接。The computer device 400 includes a memory 401 , a processor 402 , a communication interface 403 and a bus 404 . The memory 401 , the processor 402 and the communication interface 403 are connected to each other through the bus 404 .

存储器401可以是ROM，静态存储设备，动态存储设备或者RAM。存储器401可以存储程序，当存储器401中存储的程序被处理器402执行时，处理器402和通信接口403用于执行设备访问方法。存储器401还可以存储数据集合，例如：存储器401中的一部分存储资源被划分成一个数据存储模块，用于存储认证信息、指示信息(例如前述第一指示信息或者第二指示信息)以及量化规则等。The memory 401 may be a ROM, a static storage device, a dynamic storage device or a RAM. The memory 401 may store a program. When the program stored in the memory 401 is executed by the processor 402, the processor 402 and the communication interface 403 are used to execute the device access method. The memory 401 may also store a data set. For example, a portion of the storage resources in the memory 401 is divided into a data storage module for storing authentication information, indication information (such as the aforementioned first indication information or second indication information) and quantization rules, etc.

处理器402可以采用通用的CPU，微处理器，特定应用集成电路(application-specific integrated circuit，ASIC)，图形处理器(graphics processing unit，GPU)或者一个或多个集成电路。Processor 402 can adopt a general-purpose CPU, a microprocessor, an application-specific integrated circuit (ASIC), a graphics processing unit (GPU) or one or more integrated circuits.

处理器402还可以是一种集成电路芯片，具有信号处理能力。在实现过程中，本申请的信号处理装置的部分或全部功能可以通过处理器402中的硬件的集成逻辑电路或者软件形式的指令完成。上述的处理器402还可以是通用处理器、数字信号处理器(digital signal drocessing，DSP)、ASIC、现成可编程门阵列(field programmable gate array，FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件。可以实现或者执行本申请上述实施例中的公开的各方法。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。结合本申请实施例所公开的方法的步骤可以直接体现为硬件译码处理器执行完成，或者用译码处理器中的硬件及软件模块组合执行完成。软件模块可以位于随机存储器，闪存、只读存储器，可编程只读存储器或者电可擦写可编程存储器、寄存器等本领域成熟的存储介质中。该存储介质位于存储器401，处理器402读取存储器401中的信息，结合其硬件完成本申请实施例的密钥生成装置的部分功能。The processor 402 may also be an integrated circuit chip with signal processing capabilities. In the implementation process, some or all of the functions of the signal processing device of the present application may be completed by the hardware integrated logic circuit or software instructions in the processor 402. The above-mentioned processor 402 may also be a general-purpose processor, a digital signal processor (digital signal dr owcessing, DSP), an ASIC, a field programmable gate array (field programmable gate array, FPGA) or other programmable logic devices, discrete gates or transistor logic devices, discrete hardware components. The various methods disclosed in the above-mentioned embodiments of the present application may be implemented or executed. The general-purpose processor may be a microprocessor or the processor may also be any conventional processor, etc. The steps of the method disclosed in the embodiments of the present application may be directly embodied as being executed by a hardware decoding processor, or may be executed by a combination of hardware and software modules in a decoding processor. The software module may be located in a mature storage medium in the field such as a random access memory, a flash memory, a read-only memory, a programmable read-only memory or an electrically erasable programmable memory, a register, etc. The storage medium is located in the memory 401, and the processor 402 reads the information in the memory 401 and completes part of the functions of the key generation device of the embodiment of the present application in combination with its hardware.

通信接口403使用例如但不限于收发器一类的收发模块，来实现计算机设备400与其他设备或通信网络之间的通信。例如，可以通过通信接口403获取接收信号(例如前述第一信号或者第二信号)等。 The communication interface 403 uses a transceiver module such as, but not limited to, a transceiver to implement communication between the computer device 400 and other devices or communication networks. For example, a received signal (such as the first signal or the second signal) can be obtained through the communication interface 403.

总线404可包括在计算机设备400各个部件(例如，存储器401、处理器402、通信接口403)之间传送信息的通路。Bus 404 may include a path for transmitting information between various components of computer device 400 (eg, memory 401 , processor 402 , communication interface 403 ).

上述各个附图对应的流程的描述各有侧重，某个流程中没有详述的部分，可以参见其他流程的相关描述。The descriptions of the processes corresponding to the above-mentioned figures have different emphases. For parts that are not described in detail in a certain process, please refer to the relevant descriptions of other processes.

本申请实施例中，还提供了一种计算机可读存储介质，计算机可读存储介质存储有计算机指令，当计算机可读存储介质中存储的计算机指令被计算机设备执行时，使得计算机设备执行上述所提供的密钥生成方法。In an embodiment of the present application, a computer-readable storage medium is also provided, which stores computer instructions. When the computer instructions stored in the computer-readable storage medium are executed by a computer device, the computer device executes the key generation method provided above.

本申请实施例中，还提供了一种包含指令的计算机程序产品，当其在计算机设备上运行时，使得计算机设备执行上述所提供的密钥生成方法。In an embodiment of the present application, a computer program product including instructions is also provided, which, when executed on a computer device, enables the computer device to execute the key generation method provided above.

本申请实施例中，还提供了一种芯片，用于执行图2所示的密钥生成方法。In an embodiment of the present application, a chip is also provided for executing the key generation method shown in FIG. 2 .

除非另作定义，此处使用的技术术语或者科学术语应当为本公开所属领域内具有一般技能的人士所理解的通常意义。本公开专利申请说明书以及权利要求书中使用的“第一”、“第二”、“第三”以及类似的词语并不表示任何顺序、数量或者重要性，而只是用来区分不同的组成部分。同样，“一个”或者“一”等类似词语也不表示数量限制，而是表示存在至少一个。“包括”等类似的词语意指出现在“包括”前面的元件或者物件涵盖出现在“包括”后面列举的元件或者物件及其等同，并不排除其他元件或者物件。Unless otherwise defined, the technical or scientific terms used herein shall have the usual meanings understood by persons of ordinary skill in the field to which the present disclosure belongs. The words "first", "second", "third" and similar words used in the patent application specification and claims of the present disclosure do not indicate any order, quantity or importance, but are only used to distinguish different components. Similarly, words such as "one" or "one" do not indicate a quantitative limitation, but rather indicate the presence of at least one. Words such as "include" and the like mean that the elements or objects appearing before "include" cover the elements or objects listed after "include" and their equivalents, and do not exclude other elements or objects.

以上所述仅为本申请一个实施例，并不用以限制本申请，凡在本申请的精神和原则之内，所作的任何修改、等同替换、改进等，均应包含在本申请的保护范围之内。 The above description is only an embodiment of the present application and is not intended to limit the present application. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and principles of the present application should be included in the protection scope of the present application.

Claims (16)

1. 一种密钥生成方法，其特征在于，所述方法包括：A key generation method, characterized in that the method comprises:

   第一通信设备向第二通信设备发送第一协商数据；The first communication device sends first negotiation data to the second communication device;

   获取第一指示信息和含噪声的第二协商数据，所述第一指示信息和所述第二协商数据是所述第二通信设备发送的，所述第一指示信息用于指示第一数据集合和第二数据集合中不一致数据的比特位置，所述第一数据集合包括所述第二通信设备接收到的含噪声的第一协商数据中第一比特位置集合对应的数据，所述第二数据集合包括所述第二协商数据中所述第一比特位置集合对应的数据；Acquire first indication information and second negotiation data containing noise, where the first indication information and the second negotiation data are sent by the second communication device, the first indication information is used to indicate bit positions of inconsistent data in the first data set and the second data set, the first data set includes data corresponding to a first bit position set in the first negotiation data containing noise received by the second communication device, and the second data set includes data corresponding to the first bit position set in the second negotiation data;

   基于所述第一协商数据、所述含噪声的第二协商数据和所述第一指示信息，确定第一不一致信息，所述第一不一致信息用于描述第三数据集合和第四数据集合中与第二比特位置集合对应的不一致数据的相关信息，所述第三数据集合包括所述第一协商数据中所述第一比特位置集合对应的数据，所述第四数据集合包括所述含噪声的第二协商数据中所述第一比特位置集合对应的数据，所述第二比特位置集合包括所述第一比特位置集合中除了所述第一指示信息所指示的比特位置之外的比特位置；determining, based on the first negotiation data, the noisy second negotiation data, and the first indication information, first inconsistency information, wherein the first inconsistency information is used to describe relevant information of inconsistent data corresponding to a second bit position set in a third data set and a fourth data set, the third data set including data corresponding to the first bit position set in the first negotiation data, the fourth data set including data corresponding to the first bit position set in the noisy second negotiation data, and the second bit position set including bit positions in the first bit position set except the bit positions indicated by the first indication information;

   基于所述第一不一致信息生成第一密钥；generating a first key based on the first inconsistent information;

   其中，所述噪声是由所述第一通信设备、所述第二通信设备以及所述第一通信设备和所述第二通信设备之间的传输链路中的至少一处引入的噪声。The noise is noise introduced by at least one of the first communication device, the second communication device, and a transmission link between the first communication device and the second communication device.
2. 根据权利要求1所述的方法，其特征在于，所述基于所述第一协商数据、所述含噪声的第二协商数据和所述第一指示信息，确定第一不一致信息，包括：The method according to claim 1, characterized in that the determining the first inconsistency information based on the first negotiation data, the noisy second negotiation data and the first indication information comprises:

   分别对所述第三数据集合和所述第四数据集合中的数据进行分组，得到多对数据组，所述多对数据组中的任一对数据组包括第一数据组和第二数据组，所述第一数据组属于所述第三数据集合，所述第二数据组属于所述第四数据集合，所述第一数据组和所述第二数据组均包括在所述第一比特位置集合中相邻的M个比特位置对应的数据，且所述第一数据组和所述第二数据组对应的M个比特位置相同，其中，M为整数且M大于1；Respectively grouping the data in the third data set and the fourth data set to obtain a plurality of pairs of data groups, wherein any pair of data groups in the plurality of pairs of data groups includes a first data group and a second data group, the first data group belongs to the third data set, the second data group belongs to the fourth data set, the first data group and the second data group both include data corresponding to M adjacent bit positions in the first bit position set, and the M bit positions corresponding to the first data group and the second data group are the same, wherein M is an integer and M is greater than 1;

   根据所述第一指示信息，确定所述任一对数据组的数据不一致率或者数据一致率，得到所述第一不一致信息。The data inconsistency rate or the data consistency rate of any pair of data groups is determined according to the first indication information to obtain the first inconsistency information.
3. 根据权利要求2所述的方法，其特征在于，所述根据所述第一指示信息，确定所述任一对数据组的数据不一致率或者数据一致率，包括：The method according to claim 2, characterized in that determining the data inconsistency rate or data consistency rate of any pair of data groups according to the first indication information comprises:

   将所述第一数据组和所述第二数据组中，不一致的有效数据数量与总有效数据数量的比值，作为数据不一致率；或者，The ratio of the number of inconsistent valid data to the total number of valid data in the first data group and the second data group is used as the data inconsistency rate; or

   将所述第一数据组和所述第二数据组中，一致的有效数据数量与总有效数据数量的比值，作为数据一致率；The ratio of the number of consistent valid data to the total number of valid data in the first data group and the second data group is used as the data consistency rate;

   其中，所述有效数据为所述第一数据组和所述第二数据组中，所述第二比特位置集合对应的数据。The valid data is the data corresponding to the second bit position set in the first data group and the second data group.
4. 根据权利要求2或3所述的方法，其特征在于，所述基于所述第一不一致信息生成第一密钥，包括：The method according to claim 2 or 3, characterized in that the generating the first key based on the first inconsistent information comprises:

   分别对所述多对数据组的数据不一致率或者数据一致率进行量化，得到所述第一密钥。The data inconsistency rates or data consistency rates of the multiple pairs of data groups are quantified respectively to obtain the first key.
5. 根据权利要求1至4任一项所述的方法，其特征在于，所述方法还包括：The method according to any one of claims 1 to 4, characterized in that the method further comprises:

   基于所述第一协商数据和所述含噪声的第二协商数据，确定第二指示信息，所述第二指示信息用于指示第五数据集合和第六数据集合中不一致数据的比特位置，所述第五数据集合包括所述第一协商数据中第三比特位置集合对应的数据，所述第六数据集合包括含噪声的第二协商数据中所述第三比特位置集合对应的数据，所述第三比特位置集合与所述第一比特位置集合的交集为空集；determining, based on the first negotiation data and the second negotiation data containing noise, second indication information, where the second indication information is used to indicate bit positions of inconsistent data in a fifth data set and a sixth data set, the fifth data set including data corresponding to a third bit position set in the first negotiation data, the sixth data set including data corresponding to the third bit position set in the second negotiation data containing noise, and an intersection of the third bit position set and the first bit position set is an empty set;

   向所述第二通信设备发送所述第二指示信息。Send the second indication information to the second communication device.
6. 根据权利要求1至5任一项所述的方法，其特征在于，所述第一比特位置集合包括奇数位的比特， 或者，所述第一比特位置集合包括偶数位的比特。The method according to any one of claims 1 to 5, characterized in that the first bit position set includes odd-numbered bits, Alternatively, the first set of bit positions includes an even number of bits.
7. 根据权利要求1至6任一项所述的方法，其特征在于，所述获取含噪声的第二协商数据，包括：The method according to any one of claims 1 to 6, characterized in that the obtaining of the second negotiation data containing noise comprises:

   接收所述第二通信设备发送的信号，所述信号包括连续的多段子信号；receiving a signal sent by the second communication device, wherein the signal includes a continuous plurality of sub-segment signals;

   分别向所述多段子信号添加高斯白噪声；Adding Gaussian white noise to the multiple sub-signals respectively;

   对添加高斯白噪声之后的所述多段子信号进行解密，得到所述含噪声的第二协商数据。The multiple-segment sub-signals after adding Gaussian white noise are decrypted to obtain the second negotiation data containing the noise.
8. 一种密钥生成装置，其特征在于，所述装置包括：A key generation device, characterized in that the device comprises:

   发送模块，用于向第二通信设备发送第一协商数据；A sending module, used for sending the first negotiation data to the second communication device;

   获取模块，用于获取第一指示信息和含噪声的第二协商数据，所述第一指示信息和所述第二协商数据是所述第二通信设备发送的，所述第一指示信息用于指示第一数据集合和第二数据集合中不一致数据的比特位置，所述第一数据集合包括所述第二通信设备接收到的含噪声的第一协商数据中第一比特位置集合对应的数据，所述第二数据集合包括所述第二协商数据中所述第一比特位置集合对应的数据；an acquisition module, configured to acquire first indication information and second negotiation data containing noise, wherein the first indication information and the second negotiation data are sent by the second communication device, the first indication information is used to indicate bit positions of inconsistent data in a first data set and a second data set, the first data set includes data corresponding to a first bit position set in the first negotiation data containing noise received by the second communication device, and the second data set includes data corresponding to the first bit position set in the second negotiation data;

   第一确定模块，用于基于所述第一协商数据、所述含噪声的第二协商数据和所述第一指示信息，确定第一不一致信息，所述第一不一致信息用于描述第三数据集合和第四数据集合中与第二比特位置集合对应的不一致数据的相关信息，所述第三数据集合包括所述第一协商数据中所述第一比特位置集合对应的数据，所述第四数据集合包括所述含噪声的第二协商数据中所述第一比特位置集合对应的数据，所述第二比特位置集合包括所述第一比特位置集合中除了所述第一指示信息所指示的比特位置之外的比特位置；a first determining module, configured to determine first inconsistency information based on the first negotiation data, the noisy second negotiation data, and the first indication information, wherein the first inconsistency information is used to describe relevant information of inconsistent data corresponding to a second bit position set in a third data set and a fourth data set, the third data set including data corresponding to the first bit position set in the first negotiation data, the fourth data set including data corresponding to the first bit position set in the noisy second negotiation data, and the second bit position set including bit positions in the first bit position set except the bit positions indicated by the first indication information;

   生成模块，用于基于所述第一不一致信息生成第一密钥；A generating module, configured to generate a first key based on the first inconsistent information;

   其中，所述噪声是由第一通信设备、所述第二通信设备以及所述第一通信设备和所述第二通信设备之间的传输链路中的至少一处引入的噪声。The noise is noise introduced by at least one of the first communication device, the second communication device, and a transmission link between the first communication device and the second communication device.
9. 根据权利要求8所述的装置，其特征在于，所述第一确定模块，包括：The device according to claim 8, wherein the first determining module comprises:

   分组子模块，用于分别对所述第三数据集合和所述第四数据集合中的数据进行分组，得到多对数据组，所述多对数据组中的任一对数据组包括第一数据组和第二数据组，所述第一数据组属于所述第三数据集合，所述第二数据组属于所述第四数据集合，所述第一数据组和所述第二数据组均包括在所述第一比特位置集合中相邻的M个比特位置对应的数据，且所述第一数据组和所述第二数据组对应的M个比特位置相同；a grouping submodule, for grouping the data in the third data set and the fourth data set respectively to obtain a plurality of pairs of data groups, wherein any pair of data groups in the plurality of pairs of data groups comprises a first data group and a second data group, the first data group belongs to the third data set, the second data group belongs to the fourth data set, the first data group and the second data group both include data corresponding to M adjacent bit positions in the first bit position set, and the M bit positions corresponding to the first data group and the second data group are the same;

   确定子模块，用于根据所述第一指示信息，确定所述任一对数据组的数据不一致率，得到所述第一不一致信息。A determination submodule is used to determine the data inconsistency rate of any pair of data groups according to the first indication information to obtain the first inconsistency information.
10. 根据权利要求9所述的装置，其特征在于，所述确定子模块，用于将所述第一数据组和所述第二数据组中，不一致的有效数据数量与总有效数据数量的比值，作为数据不一致率；或者，The device according to claim 9, characterized in that the determining submodule is used to use the ratio of the number of inconsistent valid data to the total number of valid data in the first data group and the second data group as the data inconsistency rate; or

    将所述第一数据组和所述第二数据组中，一致的有效数据数量与总有效数据数量的比值，作为数据一致率；The ratio of the number of consistent valid data to the total number of valid data in the first data group and the second data group is used as the data consistency rate;

    其中，所述有效数据为所述第一数据组和所述第二数据组中，所述第二比特位置集合对应的数据。The valid data is the data corresponding to the second bit position set in the first data group and the second data group.
11. 根据权利要求9或10所述的装置，其特征在于，所述生成模块，用于分别对所述多对数据组的数据不一致率或者数据一致率进行量化，得到所述第一密钥。The device according to claim 9 or 10 is characterized in that the generation module is used to quantify the data inconsistency rate or the data consistency rate of the multiple pairs of data groups respectively to obtain the first key.
12. 根据权利要求8至11任一项所述的装置，其特征在于，所述装置还包括：The device according to any one of claims 8 to 11, characterized in that the device further comprises:

    第二确定模块，用于基于所述第一协商数据和所述含噪声的第二协商数据，确定第二指示信息，所述第二指示信息用于指示第五数据集合和第六数据集合中不一致数据的比特位置，所述第五数据集合包括所述第一协商数据中第三比特位置集合对应的数据，所述第六数据集合包括含噪声的第二协商数据中所述第三比特位置集合对应的数据，所述第三比特位置集合与所述第一比特位置集合的交集为空集；a second determination module, configured to determine second indication information based on the first negotiation data and the second negotiation data containing noise, wherein the second indication information is used to indicate bit positions of inconsistent data in a fifth data set and a sixth data set, wherein the fifth data set includes data corresponding to a third bit position set in the first negotiation data, the sixth data set includes data corresponding to the third bit position set in the second negotiation data containing noise, and an intersection of the third bit position set and the first bit position set is an empty set;

    所述发送模块还用于向所述第二通信设备发送所述第二指示信息。The sending module is further used to send the second indication information to the second communication device.
13. 根据权利要求8至12任一项所述的装置，其特征在于，所述第一比特位置集合包括奇数位的比特， 或者，所述第一比特位置集合包括偶数位的比特。The apparatus according to any one of claims 8 to 12, wherein the first bit position set includes odd-numbered bits, Alternatively, the first set of bit positions includes an even number of bits.
14. 根据权利要求8至13任一项所述的装置，其特征在于，所述获取模块包括：The device according to any one of claims 8 to 13, characterized in that the acquisition module comprises:

    接收子模块，用于接收所述第二通信设备发送的信号，所述信号包括连续的多段子信号；A receiving submodule, configured to receive a signal sent by the second communication device, wherein the signal includes a continuous plurality of sub-segments;

    添加子模块，用于分别向所述多段子信号添加高斯白噪声；An adding submodule, used for adding Gaussian white noise to the multiple sub-signals respectively;

    解密子模块，用于对添加高斯白噪声之后的所述多段子信号进行解密，得到所述含噪声的第二协商数据。The decryption submodule is used to decrypt the multiple sub-signals after adding Gaussian white noise to obtain the second negotiation data containing the noise.
15. 一种通信设备，其特征在于，所述通信设备包括处理器和存储器；所述存储器用于存储软件程序，所述处理器通过执行存储在所述存储器内的软件程序，以使得所述通信设备实现如权利要求1至7任一项所述的方法。A communication device, characterized in that the communication device includes a processor and a memory; the memory is used to store a software program, and the processor executes the software program stored in the memory so that the communication device implements the method according to any one of claims 1 to 7.
16. 一种计算机可读存储介质，其特征在于，所述计算机可读存储介质存储有计算机指令，当所述计算机可读存储介质中的计算机指令被计算机设备执行时，使得所述计算机设备执行如权利要求1至7任一项所述的方法。 A computer-readable storage medium, characterized in that the computer-readable storage medium stores computer instructions, and when the computer instructions in the computer-readable storage medium are executed by a computer device, the computer device executes the method according to any one of claims 1 to 7.