CN118827012A - Session key negotiation method, device and storage medium - Google Patents
Session key negotiation method, device and storage medium Download PDFInfo
- Publication number
- CN118827012A CN118827012A CN202310892547.6A CN202310892547A CN118827012A CN 118827012 A CN118827012 A CN 118827012A CN 202310892547 A CN202310892547 A CN 202310892547A CN 118827012 A CN118827012 A CN 118827012A
- Authority
- CN
- China
- Prior art keywords
- key
- session key
- session
- message
- request message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
本申请实施例公开了一种会话密钥协商方法、密钥管理设备、发送设备、接收设备、电子设备、芯片及计算机可读存储介质,其中,所述方法应用于密钥管理设备,包括:接收发送设备发送的针对目标会话的第一会话密钥请求消息;基于所述第一会话密钥请求消息携带的信息为所述目标会话生成第一消息验证码MAC1、第一时间戳以及第二消息验证码MAC2;向所述发送设备发送第一会话密钥请求响应消息。
An embodiment of the present application discloses a session key negotiation method, a key management device, a sending device, a receiving device, an electronic device, a chip and a computer-readable storage medium, wherein the method is applied to a key management device, and includes: receiving a first session key request message for a target session sent by a sending device; generating a first message authentication code MAC1, a first timestamp and a second message authentication code MAC2 for the target session based on information carried by the first session key request message; and sending a first session key request response message to the sending device.
Description
Technical Field
The present application relates to the field of information security technologies, and in particular, to a session key negotiation method, a key management device, a transmitting device, a receiving device, an electronic device, a chip, and a computer readable storage medium.
Background
When two devices initiate quantum session key distribution/negotiation, the quantum secure communication application service system provides a quantum secure communication application service to upper users over a wide area. The key ideas are the same, namely, a quantum key pre-filled in a quantum key storage medium is used as a key encryption key (Key Encryption Key, KEK), so that the issue of the quantum session key is protected, however, in the information interaction process of two devices, the information can be tampered or replayed by a middleman, so that the two devices acquire different keys, and the information security is threatened.
Disclosure of Invention
The embodiment of the application provides a session key negotiation method, a key management device, a sending device, a receiving device, an electronic device, a chip and a computer readable storage medium.
The technical scheme of the embodiment of the application is realized as follows:
in a first aspect, an embodiment of the present application provides a session key negotiation method, which is applied to a key management device, including:
Receiving a first session key request message for a target session sent by a sending device;
Generating a first message authentication code MAC1, a first timestamp and a second message authentication code MAC2 for the target session based on information carried by the first session key request message;
transmitting a first session key request response message to the transmitting device; the first session key request response message includes: the MAC1, the first timestamp, and the MAC2; wherein the MAC1 is configured to verify the integrity of the first session key request response message by the transmitting device; the MAC2 is configured to verify the integrity of the communication request information by using a receiving device corresponding to the transmitting device, and the first timestamp is used by the receiving device to verify whether the communication request information is replay information.
In a second aspect, an embodiment of the present application provides a session key negotiation method, applied to a transmitting device, including:
Transmitting a first session key request message for the target session to the key management device;
receiving a first session key request response message sent by a quantum key management device, wherein the first session key request response message comprises: MAC1, MAC2, and a first timestamp;
Verifying the integrity of the first session key request response message by the MAC 1;
If the first session key request response message is complete, sending a communication request message to a receiving device, where the communication request message includes: a first timestamp and MAC2; the MAC2 is configured to verify the integrity of the communication request information by using the receiving device, and the first timestamp is used to verify whether the communication request information is replay information by using the receiving device.
In a third aspect, an embodiment of the present application provides a session key negotiation method, applied to a receiving device, including:
Receiving a communication request message sent by a sending device; the communication request message includes: a first timestamp and MAC2;
Verifying the integrity of the communication request message by the MAC2 and verifying whether the communication request message is a replay message by the first timestamp;
and if the communication request message is complete and is not replay information, sending a second session key request message to the key management device.
In a fourth aspect, an embodiment of the present application provides a key management apparatus, including:
a first receiving unit: the method comprises the steps of receiving a first session key request message sent by a sending device;
A first processing unit: generating a first message authentication code MAC1, a first timestamp and a second message authentication code MAC2 for the session based on the information carried by the first session key request message;
A first transmitting unit: for sending a first session key request response message to the sending device; the first session key request response message includes: the MAC1, the first timestamp, and the MAC2; wherein the MAC1 is configured to verify the integrity of the first session key request response message by the transmitting device; the MAC2 is configured to verify the integrity of the communication request information by using a receiving device corresponding to the transmitting device, and the first timestamp is used by the receiving device to verify whether the communication request information is replay information.
In a fifth aspect, an embodiment of the present application provides a transmitting apparatus, including:
a second transmitting unit: for sending a first session key request message to a key management device;
a second receiving unit: for receiving a first session key request response message sent by a quantum key management device, the first session key request response message comprising: MAC1, MAC2, and a first timestamp;
a second processing unit, configured to verify, by using the MAC1, the integrity of the first session key request response message;
The second sending unit is further configured to send a communication request message to a receiving device if the first session key request response message is complete, where the communication request message includes: a first timestamp and MAC2; the MAC2 is configured to verify the integrity of the communication request information by using the receiving device, and the first timestamp is used to verify whether the communication request information is replay information by using the receiving device.
In a sixth aspect, an embodiment of the present application provides a receiving apparatus, including:
A third receiving unit: for receiving a communication request message sent by a sending device; the communication request message includes: a first timestamp and MAC2;
A third processing unit: for verifying the integrity of the communication request message by the MAC2; verifying whether the communication request message is a replay message or not through the first timestamp;
a third transmitting unit: for sending a second session key request message to the key management device if the communication request message is complete and not replay information.
In a seventh aspect, the present application provides an electronic device, comprising: the system comprises a processor and a memory, wherein the memory is used for storing a computer program, and the processor is used for calling and running the computer program stored in the memory to execute any session key negotiation method provided by the embodiment of the application.
In an eighth aspect, the present application provides a chip comprising: and the processor is used for calling and running the computer program from the memory, so that the device provided with the chip executes any one of the session key negotiation methods provided by the embodiment of the application.
In a ninth aspect, the present application provides a computer-readable storage medium storing a computer program for causing a computer to execute any one of the session key negotiation methods provided by the embodiments of the present application.
According to the session key negotiation method provided by the embodiment of the application, the message verification code is generated through the quantum key equipment and is used for verifying the integrity of the message sent by the quantum key management equipment by the sending equipment, the sending equipment verifies the received parameters, so that the attack of a man-in-the-middle is prevented, and the safety of information interaction is ensured.
Drawings
Fig. 1 is a schematic diagram of a quantum session key negotiation flow in the related art;
fig. 2 is a schematic diagram of an implementation flow of a session key negotiation method according to an embodiment of the present application;
Fig. 3 is a second schematic implementation flow chart of a session key negotiation method according to an embodiment of the present application;
fig. 4 is a schematic diagram of a third implementation flow of a session key negotiation method according to an embodiment of the present application;
fig. 5 is a schematic diagram of a quantum session key negotiation flow provided in an embodiment of the present application;
fig. 6 is a schematic structural diagram of a key management device 600 according to an embodiment of the present application;
Fig. 7 is a schematic structural diagram of a transmitting device 700 according to an embodiment of the present application;
Fig. 8 is a schematic structural diagram of a receiving device 800 according to an embodiment of the present application;
Fig. 9 is a schematic structural diagram of an electronic device according to an embodiment of the present application;
fig. 10 is a schematic structural diagram of a chip provided in an embodiment of the present application.
Detailed Description
The following description of the technical solutions according to the embodiments of the present application will be given with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
It should be noted that, in the embodiment of the present application, the term "and/or" is merely an association relationship describing the association object, which means that three relationships may exist, for example, a and/or B may be represented: a exists alone, A and B exist together, and B exists alone. In addition, in the embodiment of the present application, the character "/", generally indicates that the front and rear association objects are in an or relationship.
In the description of the embodiments of the present application, the term "corresponding" may indicate that there is a direct correspondence or an indirect correspondence between the two, or may indicate that there is an association between the two, or may indicate a relationship between the two and the indicated, configured, etc.
In order to facilitate understanding of the technical solutions of the embodiments of the present application, the following description describes related technologies of the embodiments of the present application, and the following related technologies may be optionally combined with the technical solutions of the embodiments of the present application as alternatives, which all belong to the protection scope of the embodiments of the present application.
Referring to fig. 1, fig. 1 is a schematic diagram of a quantum session key negotiation flow in the related art, as shown in fig. 1, a quantum cryptography application (initiator) applies for a new session to a quantum key management device, and applies for a quantum session key; after receiving the request, the quantum key management device creates a session, extracts a quantum session key, encrypts the quantum session key by using the KEK, and returns a session ID, a quantum session key ciphertext and a KEK index to the vector codon cryptographic application (initiator); the quantum cryptography application (initiator) finds the KEK corresponding to the KEK index in the local quantum key storage medium, and decrypts the quantum session key ciphertext to obtain a session key; quantum cryptography application (initiator) vector sub-cryptography application (passive) sync session ID; the quantum cryptography application (initiator) applies for a quantum session key corresponding to the inquiry session ID to the quantum key management device; the quantum key management equipment inquires a quantum session key corresponding to the session ID in a key bank, encrypts the quantum session key by using a Key Encryption Key (KEK), and returns a quantum session key ciphertext by vector codon (a passive party) application and a KEK index; the quantum cryptography application (the passive party) finds the KEK corresponding to the KEK index in the local quantum key storage medium, and decrypts the quantum session key ciphertext to obtain the quantum session key.
In the related technical scheme, the quantum key service center binds the sending end and the receiving end through the session ID, and the quantum session key is transmitted by using KEK encryption. However, all messages of the scheme have no integrity protection and replay prevention mechanism, so the scheme is vulnerable to man-in-the-middle attacks, i.e. an attacker can tamper with and replay the message, so that two communication parties cannot negotiate a same quantum session key. Messages between the initiator and the quantum key management device are not integrity protected, and an attacker modifies the KEK index to enable the initiator to obtain the wrong quantum session key, and can replay previous messages to enable the initiator to obtain the previous quantum session key. The message between the initiator and the receiver is not integrity protected, and the attacker makes the receiving end obtain a key different from the sending end from the quantum key service center by modifying the session ID. An attacker can also make the receiving end obtain the previously used quantum key by replaying the previous quantum key identification. Messages between the quantum key management device and the recipient also have no integrity protection and anti-replay mechanisms.
Fig. 2 is a schematic diagram of an implementation flow of a session key negotiation method according to an embodiment of the present application, as shown in fig. 2, where the session key negotiation method is applied to a key management device, and the method includes the following steps:
step 201: and receiving a first session key request message sent by the sending device and aiming at the target session.
The information carried by the first session key request message includes: a transmitting device identification, a receiving device identification, and a first random number.
Step 202: and generating a first message authentication code MAC1, a first timestamp and a second message authentication code MAC2 for the target session based on the information carried by the first session key request message.
The first timestamp and the MAC2 are used to be carried in a communication request message sent by the sending device to the receiving device when the MAC1 verifies that the error is absent.
In some optional embodiments, the generating the first message authentication code MAC1, the first timestamp, and the second message authentication code MAC2 for the session based on the information carried by the first session key request message includes:
Generating session related information based on information carried by the first session key request message;
A first timestamp generated from a local time of the key management device;
Performing MAC operation on the session related information and the information carried by the first session key request message through a first key to generate MAC1;
And performing MAC operation on the session related information, the information carried by the first session key request message and the first timestamp through a second key to generate MAC2.
In some alternative embodiments, the first key is a key that is unused by the transmitting device, and the second key is a key that is unused by the receiving device.
In some alternative embodiments, the session related information includes: session key and session identification;
The performing MAC operation on the session related information and the information carried by the first session key request message through the first key to generate MAC1, including:
encrypting the session key with a first key;
performing MAC operation on the sending equipment identifier, the receiving equipment identifier, the session identifier, the first random number, a key index corresponding to the first key and the session key encrypted by the first key through the first key to generate a first message authentication code MAC1;
Performing MAC operation on the session related information, the information carried by the first session key request message, and the first timestamp by using a second key to generate MAC2, including:
And performing MAC operation on the sending equipment identifier, the receiving equipment identifier, the first timestamp, the session identifier and a key index corresponding to the second key through the second key to generate a second message authentication code MAC2.
Step 203: transmitting a first session key request response message to the transmitting device; the first session key request response message includes: the MAC1, the first timestamp, and the MAC2; wherein the MAC1 is configured to verify the integrity of the first session key request response message by the transmitting device; the MAC2 is configured to verify the integrity of the communication request information by using a receiving device corresponding to the transmitting device, and the first timestamp is used by the receiving device to verify whether the communication request information is replay information.
In some optional embodiments, the first session key request response message further includes: the sending equipment identifier, the receiving equipment identifier, the first random number, the session identifier, the key index corresponding to the first key, the session key encrypted by the first key and the key index corresponding to the second key.
In some alternative embodiments, the method further comprises:
receiving a second session key request message sent by receiving equipment;
Generating a fifth message authentication code (MAC 5) based on the information carried by the second session key request message;
transmitting a second session key request response message to the receiving device; the second session key request response message includes: the MAC5.
In some optional embodiments, the information carried by the second session key request message includes: the session identifier, the second random number and the third message authentication code MAC3; the MAC3 is obtained by the receiving device performing MAC operation on the session identifier and the second random number through the second key;
the generating the fifth message authentication code MAC5 based on the information carried by the second session key request message includes:
encrypting the session key with the second key;
And performing MAC operation on the second random number and the session key encrypted by the second key through the second key to generate MAC5.
In some optional embodiments, the sending a second session key request response message to the receiving device includes:
Performing MAC operation on the received session identifier and the second random number through the second secret key to generate a fourth message authentication code MAC4;
If the MAC3 is equal to the MAC4, a second session key request response message is sent to the receiving equipment; the second session key request response message includes: the second random number, the session key encrypted by the second key and a fifth message authentication code MAC5; the MAC5 is obtained by performing a MAC operation on the second random number and the session key encrypted by the second key.
In some alternative embodiments, the MAC operation may be performed using an HMAC-SHA256 function, with exemplary mac1=hmac-SHA 256 (Ka, a iib iina iisil KEKxa iisk Ka), mac2=hamc-SHA 256 (Kb, a iib iisil KEKxb), where iirepresents a concatenation of characters, ka represents a first key, a represents a transmitting device identification, B represents a receiving device identification, na represents a first random number, sid represents a session identifier, KEKxa represents a key index corresponding to the first key, SK Ka represents a session key encrypted by the first key, kb represents a second key, TS represents a first timestamp, KEKxb represents a key index corresponding to the second key, HMAC-SHA256 is a message authentication code generation function, other functions such as CBC-AES and the like can be adopted, and the application is not limited to the above.
Referring to fig. 3, fig. 3 is a second implementation flow chart of a session key negotiation method according to an embodiment of the present application, where the session key negotiation method is applied to a transmitting device, and the method includes the following steps:
Step 301: a first session key request message for a target session is sent to a key management device.
In some optional embodiments, the information carried by the first session key request message includes: transmitting the equipment identifier, receiving the equipment identifier and the first random number; the information carried in the first session key request message is used by the key management device to generate the MAC1, the MAC2 and the first timestamp.
Step 302: receiving a first session key request response message sent by a quantum key management device, wherein the first session key request response message comprises: MAC1, MAC2, and a first timestamp.
In some optional embodiments, the first session key request response message further includes: the sending equipment identifier, the receiving equipment identifier, the first random number, the session identifier, the key index corresponding to the first key, the session key encrypted by the first key and the key index corresponding to the second key.
Step 303: and verifying the integrity of the first session key request response message through the MAC 1.
In some alternative embodiments, the verifying, by the MAC1, the integrity of the first session key request response message includes:
performing MAC operation on the received sending equipment identifier, the received receiving equipment identifier, the first random number, the session identifier, the key index corresponding to the first key and the session key encrypted by the first key to generate a sixth message authentication code MAC6;
if the MAC6 is equal to the MAC1, the first session key request response message is complete.
Step 304: if the first session key request response message is complete, sending a communication request message to a receiving device, where the communication request message includes: a first timestamp and MAC2; the MAC2 is configured to verify the integrity of the communication request information by using the receiving device, and the first timestamp is used to verify whether the communication request information is replay information by using the receiving device.
In some alternative embodiments, if the first session key request response message is complete, the method further comprises:
Decrypting the session key encrypted by the first key through the first key to obtain a session key;
the communication request message further includes: and the sending equipment identifier, the receiving equipment identifier, the session identifier and a key index corresponding to the second key.
In some alternative embodiments, before the session key is obtained by the first key and the session key encrypted by the first key, the method further includes, before sending the communication request message to the receiving device:
judging whether the received first random number is the same as the first random number sent to the key management device;
If the communication request message is the same, the session key encrypted by the first key is decrypted by the first key to obtain the session key, and the communication request message is sent to the receiving equipment.
Referring to fig. 4, fig. 4 is a third implementation flow chart of a session key negotiation method according to an embodiment of the present application, where the session key negotiation method is applied to a receiving device, and the method includes the following steps:
Step 401: receiving a communication request message sent by a sending device; the communication request message includes: a first timestamp and MAC2;
step 402: verifying the integrity of the communication request message by the MAC2 and verifying whether the communication request message is a replay message by the first timestamp.
Step 403: and if the communication request message is complete and is not replay information, sending a second session key request message to the key management device.
In some alternative embodiments, the communication request message further includes: a sending device identifier, the receiving device identifier, a session identifier and a key index corresponding to the second key; the verifying, by the MAC2, the integrity of the communication request message includes:
Performing MAC operation on the received sending equipment identifier, the received receiving equipment identifier, a first timestamp, the session identifier and a key index corresponding to the second key through the second key to generate a seventh message authentication code MAC7;
If the MAC7 is equal to the MAC2, the communication request message is complete;
The verifying, by the first timestamp, whether the communication request message is a replay message, including:
and judging whether the difference value between the first timestamp and the local time of the receiving equipment is within a preset range, and if so, judging that the communication request message is not a replay message.
In some optional embodiments, the second session key request message includes: the session identifier, the second random number and the third message authentication code MAC3; the MAC3 is obtained by performing MAC operation on the session identifier and the second random number through the second key.
In some alternative embodiments, the method further comprises:
receiving a second session key request response message sent by the key management equipment; the second session key request response message includes: the second random number, the session key encrypted by the second key and the MAC5;
Performing MAC operation on the received second random number and the session key encrypted by the second key through the second key to generate an eighth message authentication code MAC8;
and if the MAC8 is equal to the MAC5 and the received second random number is the same as the random number sent to the key management equipment, decrypting the session key encrypted by the second key through the second key to obtain the session key.
Illustratively, mac3=hamc-SHA 256 (Kb, sid iinb), mac5=hamc-SHA 256 (Kb, nb iisk Kb), where Nb represents a second random number generated by the receiving device and SK Kb represents a session key encrypted by the second key.
Referring to fig. 5, fig. 5 is a second schematic diagram of a quantum session key negotiation flow provided by an embodiment of the present application, as shown in fig. 5, the method includes the following steps:
step 501: the sending end and the receiving end respectively acquire a group of quantum key encryption keys and key indexes corresponding to the keys from the quantum key management equipment, and the method can be exemplified by an off-line filling mode.
Step 502: the sender sends a first session key request message to the vector subkey management device, the content of the message is sender identification A, receiver identification B and one-time random number Na. Here, the key management device may be a key service center
Step 503: the quantum key management device receives the first session key request message, and the quantum key management device generates a session key SK and a session identification Sid for use between the transmitting end a and the receiving end B. According to the sender identifier a, the quantum key management device finds a pre-stored key encryption key Ka that is not used by the sender and a corresponding key encryption key index KEKxa, and encrypts the session key by using the key Ka, i.e., [ SK ] Ka. According to the receiving end identifier B, the quantum key management device finds a pre-stored key encryption key Kb and a corresponding key encryption key index KEKxb that the receiving end has not used yet. The quantum key management device generates a first timestamp TS from the local time. It further generates message authentication codes MAC1 and MAC2, which are calculated as follows:
MAC1=HMAC-SHA256(Ka,A‖B‖Na‖Sid‖KEKxa‖[SK]Ka),
MAC2=HAMC-SHA256(Kb,A‖B‖Sid‖TS‖KEKxb)。
The MAC1 ensures that the falsification of information A, B, na, sid, KEKxa, [ SK ] Ka by an attacker can be found by a transmitting end. The MAC2 ensures that tampering of the information a, B, sid, TS, KEKxb by an attacker can be found by the receiving end.
The quantum key management device generates a first session key request response message and returns to the sender, which comprises a, B, na, sid, KEKxa, [ SK ] Ka, MAC1, TS, KEKxb, MAC2.
Step 504: after receiving the first session key request response message, the sending end first finds a corresponding key Ka according to KEKxa, and then uses the key Ka to perform MAC operation on a, B, na, sid, KEKxa, [ SK ] Ka to generate MAC6. The received MAC1 is compared with the calculated MAC6 and if the two are equal, a, B, na, sid, KEKxa, [ SK ] Ka in the message is not tampered with by the man-in-the-middle. The transmitting end compares the received Na with Na in the first session key request message sent to the quantum key management device, and if the Na and the Na are the same, the transmitting end can judge that the first session key request response message is not a replay message. After determining that a, B, na, sid, KEKxa, [ SK ] Ka in the session key request response message has not been tampered and replayed, the transmitting end decrypts the [ SK ] Ka using the key Ka to obtain the session key SK. The sending end sends a communication request message to the receiving end, wherein the content of the communication request message is A, B, sid, TS, KEKxb and MAC2.
Step 505: after receiving the communication request message, the receiving end finds the corresponding key Kb according to KEKxb, and uses the key Kb to perform MAC operation on a, B, sid, TS, KEKxb to generate MAC7. The received MAC2 is compared with the calculated MAC7 and if the two are equal, the a, B, sid, TS, KEKxb in the message is not tampered with by the man-in-the-middle. The receiving end re-uses the first time stamp TS in the message to compare with the local time, and if TS is within the threshold value range set by the system, the communication request message is determined not to be a replay message.
The receiving end generates a second session key request message and sends the second session key request message to the quantum key management device, wherein the content of the second session key request message is Sid, nb and MAC3. The calculation method of the MAC3 is as follows: mac3=hamc-SHA 256 (Kb, silnb) where Nb is a one-time random number generated at the receiving end, corresponding to the second random number in the foregoing embodiment.
Step 506: after the quantum key management device receives the second session key request message, a pre-stored key encryption key Kb corresponding to the receiving end is found according to the session identifier Sid. And then performing MAC operation on Sid and Nb by using the key Kb to generate MAC4. The received MAC3 is compared with the computationally generated MAC4 and if the two are equal, the Sid, nb in the message is not tampered with by the man-in-the-middle.
The quantum key management device generates a second session key request response message and sends the second session key request response message to the receiving end, wherein the content of the second session key request response message is Nb, [ SK ] Kb, and MAC5, [ SK ] Kb represents that the session key SK is encrypted by using the key encryption key Kb of the receiving end. The calculation of MAC5 is as follows:
MAC5=HAMC-SHA256(Kb,Nb‖[SK]Kb)
Step 507: after receiving the second session key request response message, the receiving end uses the key Kb to perform MAC operation on Nb, [ SK ] Kb, and generates MAC8. The received MAC5 is compared with the computationally generated MAC8 and if the two are equal, then Nb, [ SK ] Kb in the message is not tampered with by the man-in-the-middle. The receiving end decrypts [ SK ] Kb by using the key Kb to obtain the session key SK.
Step 508: the receiving end and the transmitting end use the session key SK to carry out secret communication.
According to the session key negotiation method provided by the embodiment of the application, the quantum key management equipment generates two message verification codes, namely MAC1 and MAC2, wherein the former is used for verifying the integrity of a message sent by the quantum key management equipment by a sending end, and the latter is used for verifying the integrity of a message sent by the forwarding key management equipment by a receiving end; adding replay-preventing parameters and message verification codes (MAC) for preventing message tampering into the transmitted message, and determining whether the message is a replay message or a tampered message by the receiving end through verifying the replay-preventing parameters and the MAC in the received message, so as to prevent man-in-the-middle attack; the key encryption key (Ka, kb) is used for encrypting the session key and generating the operation of the message verification code; in addition, the quantum key management device carries a time stamp TS in a session key request response message sent to the transmitting side, which is forwarded to the receiving side in a communication request message through the transmitting side. The receiving end determines whether the communication request message is a replay message or not through the TS, so that the attack of a man-in-the-middle is prevented, the attacker is prevented from tampering and replaying the message, and the safety is further improved.
Referring to fig. 6, fig. 6 is a schematic structural diagram of a key management device 600 according to an embodiment of the present application, as shown in fig. 6, the key management device 600 includes:
The first receiving unit 610: the method comprises the steps of receiving a first session key request message sent by a sending device;
The first processing unit 620: the method comprises the steps of generating a first message authentication code MAC1, a first timestamp and a second message authentication code MAC2 for a session based on information carried by the first session key request message;
The first transmitting unit 630: for sending a first session key request response message to the sending device; the first session key request response message includes: the MAC1, the first timestamp, and the MAC2; wherein the MAC1 is configured to verify the integrity of the first session key request response message by the transmitting device; the MAC2 is configured to verify the integrity of the communication request information by using a receiving device corresponding to the transmitting device, and the first timestamp is used by the receiving device to verify whether the communication request information is replay information.
In the embodiment of the present application, the first processing unit 620 is specifically configured to generate session related information based on information carried by the first session key request message; a first timestamp generated from a local time of the key management device; performing MAC operation on the session related information and the information carried by the first session key request message through a first key to generate MAC1; and performing MAC operation on the session related information, the information carried by the first session key request message and the first timestamp through a second key to generate MAC2.
In the embodiment of the present application, the information carried by the first session key request message includes: transmitting the equipment identifier, receiving the equipment identifier and the first random number; the session related information includes: session key and session identification; the first processing unit 620 is specifically further configured to encrypt the session key with a first key; performing MAC operation on the sending equipment identifier, the receiving equipment identifier, the session identifier, the first random number, a key index corresponding to the first key and the session key encrypted by the first key through the first key to generate a first message authentication code MAC1; and performing MAC operation on the sending equipment identifier, the receiving equipment identifier, the first timestamp, the session identifier and a key index corresponding to the second key through the second key to generate a second message authentication code MAC2.
In the embodiment of the present application, the first session key request response message further includes: the sending equipment identifier, the receiving equipment identifier, the first random number, the session identifier, the key index corresponding to the first key, the session key encrypted by the first key and the key index corresponding to the second key.
In the embodiment of the present application, the first receiving unit 610 is further configured to receive a second session key request message sent by a receiving device; the first processing unit 620 is further configured to generate a fifth message authentication code MAC5 based on information carried by the second session key request message; the first sending unit 630 is further configured to send a second session key request response message to the receiving device; the second session key request response message includes: the MAC5.
In the embodiment of the present application, the information carried by the second session key request message includes: the session identifier, the second random number and the third message authentication code MAC3; the MAC3 is obtained by the receiving device performing MAC operation on the session identifier and the second random number through the second key; the first processing unit 620 is further configured to encrypt the session key with the second key; and performing MAC operation on the second random number and the session key encrypted by the second key through the second key to generate MAC5.
In this embodiment of the present application, the first processing unit 620 is further configured to perform MAC operation on the received session identifier and the second random number by using the second key, so as to generate a fourth message authentication code MAC4; the first sending unit 630 is further configured to send a second session key request response message to the receiving device if the MAC3 is equal to the MAC4; the second session key request response message includes: the second random number, the session key encrypted by the second key and a fifth message authentication code MAC5; the MAC5 is obtained by performing a MAC operation on the second random number and the session key encrypted by the second key.
Those skilled in the art will appreciate that the implementation functions of the units in the key management device shown in fig. 6 can be understood with reference to the relevant description of the foregoing method. The functions of the units in the key management device shown in fig. 6 may be implemented by a program running on a processor or by a specific logic circuit.
Referring to fig. 7, fig. 7 is a schematic structural diagram of a transmitting device 700 according to an embodiment of the present application, as shown in fig. 7, the transmitting device 700 includes:
The second transmitting unit 710: for sending a first session key request message to a key management device;
the second receiving unit 720: for receiving a first session key request response message sent by a quantum key management device, the first session key request response message comprising: MAC1, MAC2, and a first timestamp;
the second processing unit 730: for verifying the integrity of the first session key request response message by the MAC 1;
The second transmitting unit 710: and the communication request message is further used for sending a communication request message to the receiving device if the first session key request response message is complete, wherein the communication request message comprises: a first timestamp and MAC2; the MAC2 is configured to verify the integrity of the communication request information by using the receiving device, and the first timestamp is used to verify whether the communication request information is replay information by using the receiving device.
In the embodiment of the present application, the information carried by the first session key request message includes: transmitting the equipment identifier, receiving the equipment identifier and the first random number; the information carried in the first session key request message is used by the key management device to generate the MAC1, the MAC2 and the first timestamp.
In the embodiment of the present application, the first session key request response message further includes: the sending equipment identifier, the receiving equipment identifier, the first random number, the session identifier, the key index corresponding to the first key, the session key encrypted by the first key and the key index corresponding to the second key.
In the embodiment of the present application, if the first session key request response message is complete, the second processing unit 730 is further configured to decrypt, by using the first key, the session key encrypted by the first key to obtain the session key; the communication request message further includes: and the sending equipment identifier, the receiving equipment identifier, the session identifier and a key index corresponding to the second key.
In this embodiment of the present application, the second processing unit 730 is specifically configured to perform MAC operation on the received sending device identifier, the receiving device identifier, the first random number, the session identifier, a key index corresponding to the first key, and the session key encrypted by the first key, so as to generate a sixth message authentication code MAC6; if the MAC6 is equal to the MAC1, the first session key request response message is complete.
In this embodiment of the present application, the second processing unit 730 is further configured to determine whether the received first random number is the same as the first random number sent to the key management device; and if the communication request message is the same, decrypting the session key encrypted by the first key through the first key to obtain the session key, and sending the communication request message to the receiving equipment.
Those skilled in the art will appreciate that the implementation functions of the units in the transmitting apparatus shown in fig. 7 can be understood with reference to the related description of the foregoing method. The functions of the respective units in the transmitting apparatus shown in fig. 7 may be realized by a program running on a processor or by a specific logic circuit.
Referring to fig. 8, fig. 8 is a schematic structural diagram of a receiving device 800 according to an embodiment of the present application, as shown in fig. 8, the receiving device 800 includes:
Third receiving unit 810: for receiving a communication request message sent by a sending device; the communication request message includes: a first timestamp and MAC2;
The third processing unit 820: for verifying the integrity of the communication request message by the MAC2 and whether the communication request message is a replay message by the first timestamp;
Third transmitting unit 830: for sending a second session key request message to the key management device if the communication request message is complete and not replay information.
In the embodiment of the present application, the communication request message further includes: a sending device identifier, the receiving device identifier, a session identifier and a key index corresponding to the second key; the third processing unit 820 is specifically configured to perform MAC operation on the received sending device identifier, the received receiving device identifier, the first timestamp, the session identifier, and a key index corresponding to the second key by using the second key, so as to generate a seventh message authentication code MAC7; if the MAC7 is equal to the MAC2, the communication request message is complete; and judging whether the difference value between the first timestamp and the local time of the receiving equipment is within a preset range, and if so, judging that the communication request message is not a replay message.
In the embodiment of the present application, the second session key request message includes: the session identifier, the second random number and the third message authentication code MAC3; the MAC3 is obtained by performing MAC operation on the session identifier and the second random number through the second key.
In this embodiment of the present application, the third receiving unit 810 is further configured to receive a second session key request response message sent by the key management device; the second session key request response message includes: the second random number, the session key encrypted by the second key and the MAC5; the third processing unit 820 is further configured to perform MAC operation on the received second random number and the session key encrypted by the second key to generate an eighth message authentication code MAC8; and if the MAC8 is equal to the MAC5 and the received second random number is the same as the random number sent to the key management equipment, decrypting the session key encrypted by the second key through the second key to obtain the session key.
Those skilled in the art will appreciate that the implementation functions of the units in the receiving device shown in fig. 8 can be understood with reference to the relevant description of the foregoing method. The functions of the units in the receiving apparatus shown in fig. 8 may be implemented by a program running on a processor or by a specific logic circuit.
Fig. 9 is a schematic block diagram of an electronic device 900 according to an embodiment of the present application. The electronic device 900 shown in fig. 9 comprises a processor 910, from which the processor 910 may call and run a computer program to implement the method in an embodiment of the application.
Optionally, as shown in fig. 9, the electronic device 900 may also include a memory 920. Wherein the processor 910 may invoke and run a computer program from the memory 920 to implement the method in the embodiments of the present application.
Wherein the memory 920 may be a separate device from the processor 910 or may be integrated in the processor 910.
Optionally, as shown in fig. 9, the electronic device 900 may further include a transceiver 930, and the processor 910 may control the transceiver 930 to communicate with other devices, and in particular, may send information or data to other devices, or receive information or data sent by other devices.
Wherein transceiver 930 may include a transmitter and a receiver. Transceiver 930 may further include antennas, the number of which may be one or more.
The electronic device 900 may be specifically a key management device, a sending device, and a receiving device according to the embodiments of the present application, and the electronic device 900 may implement corresponding flows implemented by the key management device, the sending device, and the receiving device in each method according to the embodiments of the present application, which are not described herein for brevity.
Fig. 10 is a schematic structural view of a chip of an embodiment of the present application. The chip 1000 shown in fig. 10 includes a processor 1010, and the processor 1010 may call and run a computer program from a memory to implement the method in the embodiment of the present application.
Optionally, as shown in fig. 10, the chip 1000 may further include a memory 1020. Wherein the processor 1010 may call and run a computer program from the memory 1020 to implement the methods in embodiments of the present application.
The memory 1020 may be a separate device from the processor 1010 or may be integrated into the processor 1010.
Optionally, the chip 1000 may also include an input interface 1030. The processor 1010 may control the input interface 1030 to communicate with other devices or chips, and in particular, may obtain information or data sent by the other devices or chips.
Optionally, the chip 1000 may further include an output interface 1040. Wherein the processor 1010 may control the output interface 1040 to communicate with other devices or chips, and in particular, may output information or data to other devices or chips.
The chip can be applied to the key management device, the sending device and the receiving device in the embodiment of the present application, and the chip can implement corresponding flows implemented by the key management device, the sending device and the receiving device in each method in the embodiment of the present application, which are not described herein for brevity.
It should be understood that the chips referred to in the embodiments of the present application may also be referred to as system-on-chip chips, or the like.
It should be appreciated that the processor of an embodiment of the present application may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method embodiments may be implemented by integrated logic circuits of hardware in a processor or instructions in software form. The Processor may be a general purpose Processor, a digital signal Processor (DIGITAL SIGNAL Processor, DSP), an Application SPECIFIC INTEGRATED Circuit (ASIC), an off-the-shelf programmable gate array (Field Programmable GATE ARRAY, FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components. The disclosed methods, steps, and logic blocks in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present application may be embodied directly in the execution of a hardware decoding processor, or in the execution of a combination of hardware and software modules in a decoding processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in a memory, and the processor reads the information in the memory and, in combination with its hardware, performs the steps of the above method.
It will be appreciated that the memory in embodiments of the application may be volatile memory or nonvolatile memory, or may include both volatile and nonvolatile memory. The nonvolatile Memory may be a Read-Only Memory (ROM), a Programmable ROM (PROM), an Erasable PROM (EPROM), an Electrically Erasable EPROM (EEPROM), or a flash Memory. The volatile memory may be random access memory (Random Access Memory, RAM) which acts as external cache memory. By way of example, and not limitation, many forms of RAM are available, such as static random access memory (STATIC RAM, SRAM), dynamic random access memory (DYNAMIC RAM, DRAM), synchronous Dynamic Random Access Memory (SDRAM), double data rate Synchronous dynamic random access memory (Double DATA RATE SDRAM, DDR SDRAM), enhanced Synchronous dynamic random access memory (ENHANCED SDRAM, ESDRAM), synchronous link dynamic random access memory (SYNCHLINK DRAM, SLDRAM), and Direct memory bus RAM (DR RAM). It should be noted that the memory of the systems and methods described herein is intended to comprise, without being limited to, these and any other suitable types of memory.
It should be appreciated that the above memory is exemplary and not limiting, and for example, the memory in the embodiments of the present application may be static random access memory (STATIC RAM, SRAM), dynamic random access memory (DYNAMIC RAM, DRAM), synchronous Dynamic Random Access Memory (SDRAM), double data rate synchronous dynamic random access memory (double DATA RATE SDRAM, DDR SDRAM), enhanced synchronous dynamic random access memory (ENHANCED SDRAM, ESDRAM), synchronous connection dynamic random access memory (SYNCH LINK DRAM, SLDRAM), direct Rambus RAM (DR RAM), and the like. That is, the memory in embodiments of the present application is intended to comprise, without being limited to, these and any other suitable types of memory.
The embodiment of the application also provides a computer readable storage medium for storing a computer program. The computer readable storage medium may be applied to the key management device, the transmitting device, and the receiving device in the embodiments of the present application, and the computer program causes the computer to execute corresponding processes implemented by the key management device, the transmitting device, and the receiving device in the methods in the embodiments of the present application, which are not described herein for brevity.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.
In the several embodiments provided by the present application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, or a key management device, a transmitting device, a receiving device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a usb disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing is merely illustrative of the present application, and the present application is not limited thereto, and any person skilled in the art will readily recognize that variations or substitutions are within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (23)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310892547.6A CN118827012A (en) | 2023-07-19 | 2023-07-19 | Session key negotiation method, device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310892547.6A CN118827012A (en) | 2023-07-19 | 2023-07-19 | Session key negotiation method, device and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN118827012A true CN118827012A (en) | 2024-10-22 |
Family
ID=93067192
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310892547.6A Pending CN118827012A (en) | 2023-07-19 | 2023-07-19 | Session key negotiation method, device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN118827012A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110167272A1 (en) * | 2010-01-06 | 2011-07-07 | Kolesnikov Vladimir Y | Secure Multi-UIM aka key exchange |
| CN102804676A (en) * | 2009-06-23 | 2012-11-28 | 松下电器产业株式会社 | Cryptogram-key distribution system |
| CN113612610A (en) * | 2021-09-15 | 2021-11-05 | 深圳市国信量子科技有限公司 | Session key negotiation method |
| CN114362925A (en) * | 2020-09-29 | 2022-04-15 | 中国移动通信有限公司研究院 | A key agreement method, device and terminal |
| CN115334497A (en) * | 2022-08-01 | 2022-11-11 | 中电信量子科技有限公司 | Satellite terminal key distribution method, device and system |
-
2023
- 2023-07-19 CN CN202310892547.6A patent/CN118827012A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102804676A (en) * | 2009-06-23 | 2012-11-28 | 松下电器产业株式会社 | Cryptogram-key distribution system |
| US20110167272A1 (en) * | 2010-01-06 | 2011-07-07 | Kolesnikov Vladimir Y | Secure Multi-UIM aka key exchange |
| CN114362925A (en) * | 2020-09-29 | 2022-04-15 | 中国移动通信有限公司研究院 | A key agreement method, device and terminal |
| CN113612610A (en) * | 2021-09-15 | 2021-11-05 | 深圳市国信量子科技有限公司 | Session key negotiation method |
| CN115334497A (en) * | 2022-08-01 | 2022-11-11 | 中电信量子科技有限公司 | Satellite terminal key distribution method, device and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111092717B (en) | Secure and reliable communication method based on group authentication in smart home environment | |
| US8059818B2 (en) | Accessing protected data on network storage from multiple devices | |
| KR101725847B1 (en) | Master key encryption functions for transmitter-receiver pairing as a countermeasure to thwart key recovery attacks | |
| EP3476078B1 (en) | Systems and methods for authenticating communications using a single message exchange and symmetric key | |
| US7991998B2 (en) | Secure proximity verification of a node on a network | |
| EP2461564A1 (en) | Key transport protocol | |
| US20250202688A1 (en) | Quantum key transmission method, apparatus, and system | |
| US6535607B1 (en) | Method and apparatus for providing interoperability between key recovery and non-key recovery systems | |
| EP3035585B1 (en) | S-box selection in white-box cryptographic implementation | |
| CN105553951A (en) | Data transmission method and data transmission device | |
| WO2007103906A2 (en) | Secure data transmission using undiscoverable or black data | |
| TW200537959A (en) | Method and apparatus for authentication in wireless communications | |
| CN110383755B (en) | Network device and trusted third party device | |
| CN118540164B (en) | Quantum security enhancement method for Internet key exchange protocol | |
| Niu et al. | A novel user authentication scheme with anonymity for wireless communications | |
| CN101296077A (en) | An Identity Authentication System Based on Bus Topology | |
| CN118827011A (en) | Session key distribution method, device and storage medium | |
| CN118827012A (en) | Session key negotiation method, device and storage medium | |
| US8769280B2 (en) | Authentication apparatus and method for non-real-time IPTV system | |
| KR100381710B1 (en) | Method For Security In Internet Server Based Upon Membership Operating System And Server Systems Regarding It | |
| EP3361670B1 (en) | Multi-ttp-based method and device for verifying validity of identity of entity | |
| CN118944867B (en) | A password-based authentication key negotiation method and electronic device | |
| EP4554141A1 (en) | Method of entrusting data using a secure component | |
| US20250202954A1 (en) | Lawful interception of an encrypted communication with a proof-of-work-protected key | |
| Piper | Encryption |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |