CN116233767B - Cluster intercom communication method, device, equipment and storage medium - Google Patents

Abstract

The present disclosure provides a cluster intercom communication method, device, equipment and storage medium. The method includes: encrypting business data by a business data key generated in real time to obtain encrypted business data; and encrypting the business data key by the encryption key based on the encryption key corresponding to the business data to obtain an encrypted business data key; sending the encrypted business data key to the key platform for decryption and encryption processing, and sending the encrypted business data to the target cluster intercom device, so that the target cluster intercom device decrypts the encrypted business data based on the business data key processed by the key platform to obtain the business data. The present disclosure solves the problem of insufficient security of large-scale audio and video communications in the prior art, and maximizes the security of the encrypted business data key and the encrypted business data, thereby maximizing the security of the business data used for communication.

Description

Cluster intercom communication method, device, equipment and storage medium

Technical Field

The present disclosure relates to the field of quantum encryption communication technology, and in particular to a cluster intercom communication method, device, equipment and storage medium.

Background technique

With the development of communication technology, the traditional intelligent one-to-one voice transmission intercom has developed into a cluster intercom system with audio and video digitization functions, and has been widely used. Through the public network platform, large-scale audio and video communications in the public network cluster can be supported at the same time. At this time, it is necessary to ensure the stability, reliability and efficiency of the cluster intercom system.

However, when there is large-scale audio and video communication, the cluster intercom system still uses traditional encryption methods to encrypt the transmitted data during communication, which is not secure enough, the password is easily leaked or cracked by calculation, and it is difficult for users to detect that they are being eavesdropped, which can easily cause serious losses.

Summary of the invention

The present invention provides a cluster intercom communication method, device, equipment and storage medium to solve the problem of insufficient security of large-scale audio and video communications in the prior art.

In a first aspect, the present disclosure provides a cluster intercom communication method, which is applied to a cluster intercom device. The cluster intercom communication method includes:

Encrypting the business data based on an encryption key corresponding to the business data to obtain encrypted business data, wherein the encryption key includes a business data key;

Encrypting the business data key to obtain an encrypted business data key;

The encrypted business data key is sent to the key platform for decryption and encryption processing, and the encrypted business data is sent to the target cluster intercom device, so that the target cluster intercom device decrypts the encrypted business data based on the business data key processed by the key platform to obtain the business data.

In a second aspect, the present disclosure provides a cluster intercom communication method, which is applied to a target cluster intercom device. The cluster intercom communication method includes:

In response to the received encrypted business data, obtaining a corresponding encrypted business data key from the key platform;

Based on the preset encryption key and the encrypted business data key, obtain the corresponding business data key;

Based on the business data key, the encrypted business data is decrypted to obtain the corresponding business data.

In a third aspect, the present disclosure provides a cluster intercom communication method, which is applied to a key platform. The cluster intercom communication method includes:

In response to the received encrypted business data key, determining a corresponding business data key;

In response to the received application of the target cluster intercom device, re-encrypt the service data key;

The re-encrypted encrypted business data key is sent to the cluster intercom device corresponding to the encrypted business data key.

In a fourth aspect, the present disclosure provides a cluster intercom communication device, which is applied to a cluster intercom device, including:

A first encryption module, used to encrypt the business data based on an encryption key corresponding to the business data to obtain encrypted business data, where the encryption key includes a business data key;

A second encryption module is used to encrypt the business data key to obtain an encrypted business data key;

The sending module is used to send the encrypted business data key to the key platform for decryption and encryption processing, and send the encrypted business data to the target cluster intercom device, so that the target cluster intercom device decrypts the encrypted business data based on the business data key processed by the key platform to obtain the business data.

In a fifth aspect, the present disclosure provides a cluster intercom communication device, which is applied to a target cluster intercom device, including:

A receiving module, configured to obtain a corresponding encrypted business data key from a key platform in response to received encrypted business data;

A decryption module, used to obtain a corresponding business data key based on a preset encryption key and an encrypted business data key;

The determination module is used to decrypt the encrypted business data based on the business data key to obtain the corresponding business data.

In a sixth aspect, the present disclosure provides a cluster intercom communication device, applied to a key platform, comprising:

a decryption module, configured to determine a corresponding business data key in response to the received encrypted business data key;

An encryption module, used for re-encrypting the service data key in response to a received application from a target cluster intercom device;

The sending module is used to send the re-encrypted encrypted business data key to the cluster intercom device corresponding to the encrypted business data key.

In a seventh aspect, the present disclosure further provides a control device, the control device comprising:

at least one processor;

and a memory communicatively coupled to the at least one processor;

Among them, the memory stores instructions that can be executed by at least one processor, and the instructions are executed by at least one processor to enable the control device to execute a cluster intercom communication method corresponding to any embodiment of the first aspect of the present disclosure; and/or to enable the control device to execute a cluster intercom communication method corresponding to any embodiment of the second aspect of the present disclosure; and/or to enable the control device to execute a cluster intercom communication method corresponding to any embodiment of the third aspect of the present disclosure.

In a fourth aspect, the present disclosure further provides a computer-readable storage medium, in which computer execution instructions are stored, and when the computer execution instructions are executed by a processor, they are used to implement any cluster intercom communication method as described in the first aspect of the present disclosure; and/or, when the computer execution instructions are executed by a processor, they are used to implement any cluster intercom communication method as described in the second aspect of the present disclosure; and/or, when the computer execution instructions are executed by a processor, they are used to implement any cluster intercom communication method as described in the third aspect of the present disclosure.

In a fifth aspect, the present disclosure further provides a computer program product, which includes computer execution instructions, which, when executed by a processor, are used to implement a cluster intercom communication method as described in any of the first aspects of the present disclosure; and/or, when the computer execution instructions are executed by a processor, are used to implement a cluster intercom communication method as described in any of the second aspects of the present disclosure; and/or, when the computer execution instructions are executed by a processor, are used to implement a cluster intercom communication method as described in any of the third aspects of the present disclosure.

The cluster intercom communication method, device, equipment and storage medium provided by the present disclosure encrypts the business data based on the encryption key corresponding to the business data to obtain encrypted business data, and the encryption key includes the business data key; and encrypts the business data key to obtain the encrypted business data key; then sends the encrypted business data key to the key platform for decryption and encryption processing, and sends the encrypted business data to the target cluster intercom device, so that the target cluster intercom device decrypts the encrypted business data based on the business data key processed by the key platform to obtain the business data. Thus, the business data such as voice, video and text messages to be transmitted are encrypted by quantum encryption to ensure that the key is different for each communication; at the same time, the key of the business data is also encrypted, and the encrypted business data key is also transferred through the key platform instead of being sent directly to the target cluster intercom device, so as to protect the encrypted business data key; at the same time, the key platform will decrypt and re-encrypt the received encrypted business data key, so that the encrypted business data keys at different transmission stages are also different from each other, thereby maximizing the security of the encrypted business data key and the encrypted business data, and then maximizing the security of the business data used for communication.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and, together with the description, serve to explain the principles of the present disclosure.

FIG1 is a diagram of an application scenario of a cluster intercom communication method provided by an embodiment of the present disclosure;

FIG2 is a flow chart of a cluster intercom communication method provided by an embodiment of the present disclosure;

FIG3 is a flow chart of a cluster intercom communication method provided by another embodiment of the present disclosure;

FIG4 is a flow chart of a cluster intercom communication method provided by another embodiment of the present disclosure;

FIG5 is a flow chart of a cluster intercom communication method provided by another embodiment of the present disclosure;

FIG6 is a flow chart of a cluster intercom communication method provided by another embodiment of the present disclosure;

FIG7 is a flow chart of a cluster intercom communication method provided by another embodiment of the present disclosure;

FIG8 is a schematic diagram of the structure of a cluster intercom communication device provided by another embodiment of the present disclosure;

FIG9 is a schematic diagram of the structure of a cluster intercom communication device provided by another embodiment of the present disclosure;

FIG10 is a schematic diagram of the structure of a cluster intercom communication device provided by another embodiment of the present disclosure;

FIG. 11 is a schematic diagram of the structure of a control device provided in yet another embodiment of the present disclosure.

The above drawings have shown clear embodiments of the present disclosure, which will be described in more detail below. These drawings and text descriptions are not intended to limit the scope of the present disclosure in any way, but to illustrate the concepts of the present disclosure to those skilled in the art by referring to specific embodiments.

Detailed ways

Exemplary embodiments will be described in detail herein, examples of which are shown in the accompanying drawings. When the following description refers to the drawings, the same numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present disclosure. Instead, they are merely examples of devices and methods consistent with some aspects of the present disclosure as detailed in the appended claims.

The following specific embodiments are used to describe in detail the technical solution of the present invention and how the technical solution of the present invention solves the above-mentioned technical problems. The following specific embodiments can be combined with each other, and the same or similar concepts or processes may not be repeated in some embodiments. The embodiments of the present invention will be described below in conjunction with the accompanying drawings.

With the development of communication technology, the traditional intelligent one-to-one voice transmission intercom has developed into a cluster intercom system (including cluster intercom terminals, intercom platforms and other cluster intercom equipment) with audio and video digitization functions, and has been widely used. Through the public network platform, large-scale audio and video communications in the public network cluster can be supported at the same time. At this time, it is necessary to ensure the stability, reliability and efficiency of the cluster intercom system.

In the existing cluster intercom system, a cluster intercom device usually encrypts the audio and video communication data and other business data to be transmitted through a preset encryption algorithm, and then sends it directly to the target cluster intercom device, which decrypts the encrypted business data based on the preset decryption algorithm to obtain the business data in plain text. However, in the case of large-scale audio and video communications, the security of this traditional encryption algorithm is seriously insufficient, and the password is easily leaked or cracked by calculation; even if the preset encryption and decryption algorithms are changed, it is very easy to be cracked in the cluster intercom system, which has an extremely high communication frequency, and it is difficult for users to detect eavesdropping, which can easily cause serious losses.

In order to solve the above problems, the embodiment of the present disclosure provides a cluster intercom communication method, which uses an encryption key to encrypt the business data and then sends it, and then encrypts the business data key used for encryption and sends it separately to the key platform, which is forwarded by the key platform. In this way, the encryption of the business data key and the separation from the business data transmission channel are achieved, which maximizes the difficulty of cracking and improves the communication security.

The application scenarios of the embodiments of the present disclosure are explained below:

Fig. 1 is an application scenario diagram of the cluster intercom communication method provided by an embodiment of the present disclosure. As shown in Fig. 1, in the cluster intercom communication process, the cluster intercom device 100 encrypts the business data to be sent, and then encrypts the business data key, and directly sends the encrypted business data to the target cluster intercom device 110, and sends the encrypted business data key to the key platform 120, which is decrypted and re-encrypted by the key platform 120 and then sent to the target cluster intercom device, and the target cluster intercom device completes the decryption of the encrypted business data key and the encrypted business data, thereby realizing the transmission of business data.

It should be noted that in the scenario shown in Figure 1, only one cluster intercom device, target cluster intercom device, and key platform are used as an example for illustration, but the present disclosure is not limited to this, that is, the number of cluster intercom devices, target cluster intercom devices, and key platforms can be arbitrary.

The cluster intercom communication method provided by the present disclosure is described in detail below through specific embodiments. It should be noted that the following specific embodiments can be combined with each other, and the same or similar concepts or processes may not be described in detail in some embodiments.

FIG2 is a flow chart of a cluster intercom communication method provided by an embodiment of the present disclosure. The cluster intercom communication method is applied to a cluster intercom device, as shown in FIG2 , and includes the following steps:

Step S201: Encrypt the business data based on the encryption key corresponding to the business data to obtain encrypted business data.

The encryption key includes the business data key.

Specifically, cluster intercom means that a large number of devices are connected to the communication network at the same time and communicate with each other through multiple different channels. Compared with conventional intercom systems, the amount of communication data and communication efficiency can be significantly improved. It can also support the communication of audio, video and other data between multiple devices, while conventional intercoms can only support the single function of voice communication.

The cluster intercom device can be a terminal that supports the cluster intercom function, or a platform that supports the cluster intercom function and can receive and send group business data.

Business data refers to data including audio, video, program text, etc. that needs to be sent by the cluster intercom equipment, and is not limited to data of a specific business type. In contrast to business data, non-business data such as keys and positioning information are also sent by the cluster intercom equipment.

The cluster intercom equipment has built-in various types of encryption keys or encryption key generation modules, including a business data key generation module. By generating business data keys in real time, the problem of easy cracking and low security caused by using fixed keys can be avoided.

By encrypting business data, the confidentiality of business data can be achieved and the leakage of business data content can be avoided.

Step S202: Encrypt the business data key to obtain an encrypted business data key.

Specifically, in addition to encrypting the business data, the business data key of the encrypted business data also needs to be encrypted, so that when the encrypted business data is transmitted to the target cluster intercom device, the encrypted business data key (i.e., the encrypted business data key) is sent to the target cluster device through the key platform, so that the target cluster device performs local decryption based on the encrypted business data key received in real time, and decrypts the encrypted business data with the business data key obtained by decryption. Therefore, when the target cluster intercom device obtains the business data plaintext, it needs to perform two decryptions (decrypting the encrypted business data key, and decrypting the encrypted business data). Compared with the existing cluster intercom communication method, it can significantly improve the confidentiality and security of business data.

Step S203: Send the encrypted business data key to the key platform for decryption and encryption processing, and send the encrypted business data to the target cluster intercom device, so that the target cluster intercom device decrypts the encrypted business data based on the business data key processed by the key platform to obtain the business data.

Specifically, the encrypted business data key will not be sent directly to the target cluster intercom device, but will be sent to the key platform for processing and then forwarded. In this way, the sending channels of the encrypted business data and the encrypted business data key are separated from each other, avoiding the situation where the encrypted business data and the encrypted business data key are intercepted and cracked at the same time when they are sent through the same channel; the key platform will decrypt and re-encrypt the encrypted business data key, so that the encrypted business data key sent from the cluster intercom platform to the key platform and the encrypted business data key sent from the key platform to the target cluster intercom device are different from each other, further reducing the probability of the encrypted business data key being intercepted and cracked, thereby greatly improving the security of business data.

The cluster intercom communication method provided by the embodiment of the present disclosure encrypts the business data based on the encryption key corresponding to the business data to obtain encrypted business data, and the encryption key includes the business data key; and encrypts the business data key to obtain the encrypted business data key; then sends the encrypted business data key to the key platform for decryption and encryption processing, and sends the encrypted business data to the target cluster intercom device, so that the target cluster intercom device decrypts the encrypted business data based on the business data key processed by the key platform to obtain the business data. Thus, the business data such as voice, video and text messages to be transmitted are encrypted by quantum encryption to ensure that the key is different for each communication; at the same time, the key of the business data is also encrypted, and the encrypted business data key is also transferred through the key platform instead of being directly sent to the target cluster intercom device, so as to protect the encrypted business data key; at the same time, the key platform will decrypt and re-encrypt the received encrypted business data key, so that the encrypted business data keys at different transmission stages are also different from each other, thereby maximizing the security of the encrypted business data key and the encrypted business data, and then maximizing the security of the business data used for communication.

FIG3 is a flow chart of a cluster intercom communication method provided by the present disclosure. As shown in FIG3, the cluster intercom communication method provided by this embodiment is applied to a cluster intercom device, and includes the following steps:

Step S301: Encrypt the business data based on the encryption key corresponding to the business data to obtain encrypted business data.

The encryption key includes the business data key.

Specifically, when the cluster intercom device generates or receives service data to be sent, an encryption key for encrypting the service data, ie, a service data key, is automatically generated.

In some embodiments, the service data key may be obtained by:

Through the quantum encryption module, the generated quantum true random number is used as the business data key.

Specifically, the cluster intercom device is pre-configured with a quantum encryption module, which can automatically generate quantum true random numbers used as business data keys to ensure that the business data keys used to encrypt business data each time are different, thereby ensuring the security of business data.

For example, in practical applications, after a quantum true random number is generated by a quantum encryption module, an information security protocol layer message is generated based on the quantum true random number on the basis of the existing cluster intercom service message, so as to implement quantum encryption of service data. Among them, the algorithm used for quantum encryption can be the SM4 encryption algorithm. At this time, the message format of the security protocol layer obtained by quantum encryption is shown in Table 1 below:

Table 1 Message format of the security protocol layer obtained by quantum encryption

Among them: the length of the starting identifier is generally fixed at 4 bytes, and uses a fixed format of EAE0E1EA; the message length is generally 2 bytes with the high bit in front, and the checksum refers to the data from the beginning of the message type (including the message type) to the checksum before the data (shaded part); the message type length is generally 2 bytes with the high bit in front, which is used to define the object for data interaction and define the confidentiality measures of the encapsulated data field; the quantum encryption encapsulated data field is the encrypted ciphertext, which includes the quantum encryption header (16 bytes long), the quantum encryption data field, and the encrypted MAC with a length of 4 bytes (the full name is Message authentication code).

The message type is represented by the high-order 1 byte, and the specific types are shown in Table 2 below:

Table 2 Message format of the security protocol layer obtained by quantum encryption

Therefore, different types of message types can be represented by this byte.

In some embodiments, the lower byte of the message type can be used to indicate the service type.

Furthermore, the encryption key also includes: a business quantum key corresponding to the business type, and a device quantum key corresponding to the device; the device quantum key includes: a device identity key used to indicate the identity of the cluster intercom device, and a key encryption key used to cooperate with the business quantum key to jointly implement encryption.

Specifically, the encryption key also includes a business quantum key for encrypting the business data key, a key encryption key, and a device identity key for indicating the identity of the device. By combining the business quantum key with the key encryption key and then encrypting the business data key, the encryption strength and complexity of the encrypted business data key are effectively improved, the difficulty of cracking is increased, and the security of the encrypted business data key, business data key and business data is thereby improved.

Among them, the business quantum key and the device quantum key are pre-configured on each cluster intercom device and key platform. In addition to these encryption keys, each cluster intercom device is usually also configured with a device certificate for proving the identity of the device. When cluster intercom devices communicate with each other, they complete the two-way identity authentication with the key platform through their respective device identity keys and device certificates, and the quantum key adopts the "one certificate and one key" method (that is, corresponding to the identity authentication of each device, its device identity key is unique).

The business quantum key is predetermined according to the business type, and the business quantum keys between each cluster intercom device and the key platform are mutually interchangeable.

The device quantum key on each cluster intercom device is fixed and unique (the device quantum key can be updated periodically, but the updated device quantum key still corresponds to the cluster intercom device).

The key encryption key is also predetermined, and the key encryption keys on each device are also different. The business data key is encrypted by combining the business quantum key with the key encryption key, effectively ensuring that the encrypted key corresponding to each device is unique and there will be no duplication.

In some embodiments, the device quantum key and the service quantum key can be updated online according to the policy. Common policies include regular updates based on time periods, or triggering online updates when key usage reaches a set threshold; or actively updating cluster intercom devices.

Exemplarily, the business quantum key is updated online through the key encryption key and business quantum key protection. First, the cluster intercom device obtains the business quantum key update parameters through the quantum encryption module and sends a message. The message content mainly includes the quantum encryption module identifier and the key request parameter. The message arrives at the quantum cryptography service platform side (that is, the key platform). The platform will parse the message and generate the business quantum key to be updated. The business quantum key to be updated is XORed with the business quantum key, and then encrypted with the key encryption key. Then, a response message is constructed and returned to the cluster intercom device, so that the cluster intercom device interacts with the quantum encryption module to complete the quantum key update.

The formats of the service quantum key update messages are shown in Tables 3 and 4 below:

Table 3 Service quantum key update request message format

Table 4 Service quantum key update response message format

Among them, the identity authentication protocol message sends three frames of data messages according to the message type, and the corresponding values of the message type are 0xE070, 0xE071, and 0xE072. The quantum encryption header mainly includes the encryption method, the KID (key identifier) of the key encryption key used, and the KID of the business quantum key that is XORed with the business data key.

In addition, the device quantum key is updated online through key encryption key encryption protection. First, the cluster intercom device obtains the device quantum key update parameters through the quantum encryption module and sends a message. The message content mainly includes the quantum encryption module identification and key request parameters. When the message arrives at the key platform side, the key platform will parse the message, generate the device quantum key to be updated, and encrypt the device quantum key to be updated with the key encryption key, and then construct a response message to return to the cluster intercom device, which then interacts with the quantum encryption module to complete the quantum key update.

The device quantum key update message format is as follows:

Table 5 Device quantum key update request message format

Table 6 Device quantum key update response message format

The identity authentication protocol message sends three frames of data messages according to the message type, and the corresponding values of the message type are 0xE075, 0xE076, and 0xE077. The quantum encryption header mainly includes the encryption method and the KID of the key encryption key used.

Step S302: Determine the business quantum key corresponding to the business type of the business data and used to encrypt the business data key.

Specifically, according to the different types of business data (such as audio data, video data, non-audio and video file data, etc.), the corresponding optional business quantum keys in the cluster intercom device are different (at least one business quantum key corresponding to each business type), so that different types of messages are processed in different ways to achieve dynamic encryption of data. In actual applications, after determining the business data to be sent, the cluster intercom device will automatically determine the business type of the business data, and then automatically determine the corresponding business quantum key.

Step S303: Combine the business data key with the business quantum key.

Specifically, by combining the business data key and the business quantum key, the complexity of the business data key can be increased, the cracking rate can be reduced, and the security of the business data key can be improved.

In some embodiments, the encryption method for the business data key may use a Boolean algorithm, such as performing an XOR operation on the business data key and the business quantum key to achieve a combination of the two.

Step S304: Encrypt the combination of the business data key and the business quantum key using the key encryption key to obtain an encrypted business data key.

Specifically, on the basis of combining the business quantum key with the business data key, the combined result is encrypted by the key encryption key to achieve triple encryption of business data (business data key encryption, encryption combined with the business quantum key and business data key, and encryption with the key encryption key), thereby maximizing the security of business data.

Step S305: Send the encrypted business data to the target cluster intercom device.

Specifically, after the business data is encrypted once, it can be directly transmitted to the target cluster intercom device (that is, the target cluster intercom device) without the need to encrypt the business data multiple times.

Because the content length of business data is usually much longer than the business data key, if the business data is encrypted multiple times, the time required for decryption is much longer than the time required for multiple decryption of the business data key. Therefore, by encrypting the business data once and then doubly encrypting the business data key (encryption of the business quantum key combined with the business data key, and encryption of the key encryption key), we can achieve triple encryption of the business data to ensure the security of the business data, and ensure the decryption efficiency, thereby maximizing the protection of the business data.

Step S306: Send the encrypted business data key to the key platform, so that the key platform decrypts the encrypted business data key based on the device quantum key and the business quantum key of the cluster intercom device, and encrypts the decrypted encrypted business data key based on the device quantum key and the business quantum key of the target cluster intercom device.

Specifically, the encrypted business data key is not directly sent to the cluster intercom device together with the encrypted business data, so that the encrypted business data and the encrypted business data key are sent separately through different channels. The target cluster intercom device will also obtain the encrypted business data key and encrypted business data in different ways and transmit them through different channels, thereby avoiding the situation where the encrypted business data and the encrypted business data key are intercepted and cracked at the same time when they are sent through the same channel, thereby further improving the security of the business data.

The cluster intercom communication method provided by the embodiment of the present disclosure encrypts the business data based on the encryption key corresponding to the business data to obtain encrypted business data, then determines the business type corresponding to the business data, and the business quantum key used to encrypt the business data key, after combining the business data key with the business quantum key, encrypts it through the key encryption key to obtain the encrypted business data key, and finally sends the encrypted business data to the target cluster intercom device, and sends the encrypted business data key and the device quantum key to the key platform. In this way, the quantum key is combined with the key of the business type and device, and multiple protections are implemented for the business data, and dynamic protection can be implemented according to the changes in the business data; and the encrypted business data and the encrypted business data key are distributed in different channels, which maximizes the security of the business data.

FIG4 is a flow chart of a cluster intercom communication method provided by the present disclosure. As shown in FIG4, the cluster intercom communication method provided by this embodiment is applied to a target cluster intercom device, and includes the following steps:

Step S401: In response to the received encrypted business data, obtain the corresponding encrypted business data key from the key platform.

Specifically, the target cluster intercom device is the receiving target to which the encrypted business data generated by the cluster intercom device in the embodiments shown in Figures 2 and 3 is sent. The configuration in the target cluster intercom device is the same as that in the cluster intercom device, and also has configurations such as business quantum keys and device quantum keys, and can decrypt the encrypted business data accordingly.

At the same time, when the target cluster intercom device receives the encrypted business data sent by other cluster intercom devices, it will obtain the corresponding encrypted business data key from the key platform according to the ciphertext information.

The ciphertext information may be a part of the encrypted business data sent by the cluster intercom device, or may be the authentication information (i.e., device certificate, device identity key, etc.) sent during synchronization.

Step S402: Based on the preset encryption key and the encrypted business data key, obtain the corresponding business data key.

Specifically, after receiving the encrypted business data key sent by the key platform, the target cluster intercom device will decrypt the encrypted business data key based on the pre-configured business quantum key and device quantum key (the key encryption key in it) to obtain the corresponding business data key.

Step S403: decrypt the encrypted business data based on the business data key to obtain corresponding business data.

Specifically, the service data is decrypted using the service data key to obtain the final service data, thereby effectively ensuring the security of the service data transmission process.

The cluster intercom communication method provided by the embodiment of the present disclosure obtains the corresponding encrypted business data key from the key platform in response to the received encrypted business data, and then decrypts the encrypted business data based on the preset encryption key and the encrypted business data key to obtain the corresponding business data. Thus, the decryption and reception of multiple encrypted business data are realized, and the received encrypted business data and the encrypted business data key are obtained from different channels respectively, which effectively ensures the security of the process of receiving business data and related information, thereby ensuring the security of business data.

FIG5 is a flow chart of a cluster intercom communication method provided by the present disclosure. As shown in FIG5, the cluster intercom communication method provided by this embodiment is applied to a target cluster intercom device, and includes the following steps:

Step S501: In response to the received encrypted business data, determine the ciphertext identifier corresponding to the encrypted business data.

The business data key includes a key identifier.

Specifically, the business data keys, encryption keys, etc. involved in this embodiment are all quantum keys. Each quantum key consists of two components, a key identifier KID and a key value KV, so the quantum key can be represented as K=<KID, KV>. Each cluster intercom device has its own device information (that is, device certificate and other information).

Therefore, a set of quantum keys can be expressed as D = {<KID _i , KV _i >, 0≤i≤number of tables}, where the number of tables is used for the number of keys required (because there may be multiple keys that need to be used at the same time, such as requiring device quantum keys, business quantum keys, or multiple pre-prepared business quantum keys).

When the target cluster intercom device receives the encrypted business data, since the encrypted business data contains the corresponding key identifier (i.e., the quantum encryption header and encryption MAC in Table 1), the encrypted business data key used to decrypt the encrypted business data can be obtained from the key platform according to the key identifier, and the encrypted business data can be decrypted with the business data key obtained after decrypting the encrypted business data key to obtain the business data plaintext.

Furthermore, the preset encryption key mentioned in the embodiment shown in FIG. 4 includes:

A business quantum key corresponding to the business type, and a device quantum key corresponding to the target cluster intercom device; the device quantum key includes: a key encryption key used to cooperate with the business quantum key to jointly implement encryption.

Specifically, the encryption key-related description refers to the description in step S301 in the embodiment shown in Figure 3. The target cluster intercom device is the same as the cluster intercom device (but the content of the key corresponding to the specific device identity key, etc. is different from that of the device itself), which will not be repeated here.

Step S502: Based on the ciphertext identifier, an application is sent to the key platform to obtain the encrypted business data key corresponding to the encrypted business data.

Specifically, after the application containing the ciphertext identifier is sent to the key platform, the key platform will determine the corresponding encrypted business data key based on the ciphertext identifier, and determine the device quantum key of the target cluster intercom device based on the application, so as to re-encrypt the decrypted encrypted business data key based on the device quantum key, so that the target cluster intercom device can decrypt the encrypted business data key through its own device quantum key and business quantum key to obtain the business data key itself.

Step S503: Determine a business quantum key corresponding to the business type of the encrypted business data key and used to decrypt the encrypted business data key.

Specifically, after receiving the encrypted business data key, the target cluster intercom device will determine the business type in the encrypted business data based on information such as the message type, determine the business type corresponding to the encrypted business data key, and determine the business quantum key used for alignment decryption based on the business type.

Step S504: After combining the key encryption key and the business quantum key, the encrypted business data key is decrypted to obtain the business data key.

Specifically, after decrypting the encrypted business data key with the key encryption key, XORing it with the business quantum key can obtain the plain text of the business data key. The relative relationship between the keys can refer to the relevant contents of step S303 to step S304 in the embodiment shown in Figure 3, which will not be repeated here.

Step S505: decrypt the encrypted business data based on the business data key to obtain corresponding business data.

Specifically, the encrypted business data can be directly decrypted through the business data key plaintext to obtain the business data plaintext, thus completing the business data communication process.

The cluster intercom communication method provided by the embodiment of the present disclosure determines the ciphertext identifier corresponding to the encrypted business data in response to the received encrypted business data, and then sends the device quantum key to the key platform based on the ciphertext identifier to obtain the encrypted business data key corresponding to the encrypted business data, and then decrypts the encrypted business data key by combining the key encryption key and the business quantum key to obtain the business data key, and finally decrypts the encrypted business data by the business data key to obtain the corresponding business data. In this way, the reception and decryption of the multi-encrypted business data on the target cluster intercom device side is realized, and the security of the business data transmission process is effectively guaranteed.

FIG6 is a flow chart of a cluster intercom communication method provided by the present disclosure. As shown in FIG6, the cluster intercom communication method provided by this embodiment is applied to a key platform, and includes the following steps:

Step S601: In response to the received encrypted business data key, determine the corresponding business data key.

Specifically, the key platform, namely the quantum key service platform, is used to receive the encrypted business data keys sent by the cluster intercom device and perform transit processing (i.e. decryption and re-encryption processing), and then send them to the corresponding target cluster intercom device.

This process involves communication and mutual authentication with the cluster intercom device/target cluster intercom device, as well as a transit processing process within the key platform.

The authentication process is implemented based on the authentication information (i.e., device certificate, device identity key, etc.) sent by the cluster intercom device.

For example, the cluster intercom device is referred to as entity A and the key platform is referred to as entity B. Then TokenBA is the authentication information sent from entity B to entity A, and TokenAB is the authentication information sent from entity A to entity B. At this time, the specific process is as follows:

Step 1 (not shown): Entity A generates a quantum random number Ra through a local quantum encryption module, and simultaneously concatenates Text1 as authentication data and sends it to entity B.

Among them, Text1=IDa||Ta, IDa is the identifier of the quantum encryption module in entity A, Ta is the timestamp information, and || is the "or" operator in Boolean operation.

Step 2 (not shown): Entity B receives the authentication data sent by A and calculates and generates TokenBA, TokenBA = Rb||Text3||FUN1(Kba,Ra||Rb||Text2)||FUN2(Sa,Ra||Rb||Text2).

Where Text2＝IDa||IDb||Ta||Tb, Text3＝IDb||Tb. Rb is the quantum random number generated by the quantum encryption module in entity B, Tb is the timestamp information of the quantum cryptography service platform, and Sa is the private key corresponding to the device certificate. FUN1(Kba,X) is a function that uses the one-way shared key Kba (hereinafter referred to as the one-way key) to perform group symmetric key encryption on the specified data X, such as the SM4 cryptographic operation of the GCM group. FUN2(Sa,X) is a function that uses the private key to perform a summary operation and then a signature operation on the specified data X.

Step three (not shown), entity A receives the data TokenBA sent by entity B, calculates FUN1 (Kab, Ra||Rb||IDa||IDb||Ta||Tb), verifies whether the calculation result is consistent with the data in the received TokenBA; and verifies whether the certificate received from entity B is valid. If valid, obtains the valid public key, and verifies the received signature data to ensure that the signed data is authentic and valid and contains the random number Ra.

When the above verification passes, TokenAB will be calculated and returned to entity B, where TokenAB = Text5||FUN1(Kab,Rb||Ra||Text4)||FUN2(Sb,Ra||Rb||Text4).

Where Text4 = IDb||IDa||Tb||Ta. And TokenAB is sent to B. In this example, the preset shared key is used, and the one-way key Kba is the same as the one-way key Kab.

Step 4 (not shown), after entity B receives TokenAB sent by entity A, it calculates FUN1(K,Rb||Ra||IDb||IDa||Tb||Ta), verifies whether the calculation result is consistent with the data received by TokenAB, and verifies whether the received certificate of entity A is valid. If it is valid, the valid public key is obtained, and the received signature data is verified to ensure that the signed data is authentic and valid and contains the random number Rb. If they are consistent, the two-way identity authentication is successful.

The identity authentication protocol layer message format is shown in Table 7:

Table 7 Identity authentication protocol layer message

The identity authentication protocol message sends three frames of data messages according to the message type, and the corresponding values of the message type are 0xE080, 0xE081, and 0xE082.

Furthermore, the transfer process in the key platform includes the process of decrypting the encrypted business data key based on the device quantum key and the business quantum key of the built-in cluster intercom device to obtain the business data key. This process is the same as the process principle of decrypting the received encrypted business data key in the target cluster intercom device, and will not be repeated here.

Step S602: Re-encrypt the service data key in response to the received request from the target cluster intercom device.

Specifically, in order to ensure that the target cluster intercom device can decrypt the encrypted business data key locally on its device, it is necessary to re-encrypt the business data key based on the device quantum key of the built-in target intercom device to obtain a new encrypted business data key. The re-encryption process of the business data key can refer to the relevant contents of steps S303 to S304 in the embodiment shown in Figure 3. The principle is the same, so it will not be repeated here.

Exemplarily, the message format of the encrypted service data key is shown in Table 8:

Table 8 Message format of encrypted service data key

Among them, the message of the encrypted business data key sends three frames of data messages according to the message type, and the corresponding values of the message type are 0xE090, 0xE091, and 0xE092. The quantum encryption header mainly includes the encryption method, the KID of the key encryption key used, and the KID of the business quantum key combined with the business data key.

Step S603: Send the re-encrypted encrypted service data key to the cluster intercom device corresponding to the encrypted service data key.

Specifically, the re-encrypted encrypted business data can be directly sent to the target cluster intercom device (ie, the cluster intercom device corresponding to the encrypted business data key), thereby completing the part of the business data communication process in the cluster intercom on the key platform.

The cluster intercom communication method provided by the embodiment of the present disclosure determines the corresponding business data key by responding to the received encrypted business data key, and then re-encrypts the business data key in response to the application of the received target cluster intercom device, and then sends the re-encrypted encrypted business data key to the cluster intercom device corresponding to the encrypted business data key. In this way, the receiving, transit processing and sending of the encrypted business data key are completed on the key platform side, so that the encrypted business data key and the encrypted business data are transmitted through different channels, and the decryption of the encrypted business data key and the decryption of the encrypted business data can be completed locally on the target cluster intercom device, which maximizes the security of the business data transmission process.

FIG7 is a flow chart of a cluster intercom communication method provided by the present disclosure. As shown in FIG7 , the cluster intercom communication method provided by this embodiment is applied to a key platform, and includes the following steps:

Step S701: In response to the received encrypted business data key, based on the business type of the encrypted business data key, determine a business quantum key for decrypting the encrypted business data key.

Specifically, referring to the structure of the encrypted service data key shown in Table 8 and step S301 in the embodiment shown in FIG. 3 , when the key platform receives the encrypted service data key, it can determine its service type based on its message.

The key platform has built-in business quantum keys that are the same as the cluster intercom device/target cluster intercom device and device quantum keys corresponding to the cluster intercom device and target cluster intercom device. After determining the business type of the received encrypted business data key, the business quantum key used for decryption can be found from the pre-made business quantum keys and combined with the corresponding device quantum key to achieve decryption and re-encryption of the business data key.

Step S702: decrypt the encrypted business data key using the key encryption key and the business quantum key corresponding to the cluster intercom device to obtain the business data key.

Specifically, when the encrypted business data key is received, the corresponding cluster intercom device can be determined through the message, and then the device quantum key corresponding to the built-in cluster intercom device can be determined. At this time, the key encryption key in the device quantum key can be combined with the business quantum key to complete the decryption of the encrypted business data key and obtain the plaintext of the business data key.

For the specific decryption process, please refer to the relevant description in the embodiment shown in FIG5 , which will not be repeated here.

Step S703: Determine a business quantum key that corresponds to the business type of the business data key and is used to encrypt the business data key.

Specifically, after receiving the encrypted business data key sent by the cluster intercom device, the key platform will also receive an application for obtaining the encrypted business data key sent by the target cluster intercom device. At this time, the key platform can re-encrypt the decrypted business data key based on the built-in business quantum key and device quantum key.

First, it is still necessary to determine the business quantum key used to encrypt the business data key.

In some embodiments, the business quantum key in step S701 can be directly selected to re-encrypt the business data key without affecting the security of the business data (because the obtained encrypted business data key will change, that is, the encrypted business data key is different when transmitted between different devices/key platforms, and the difficulty of cracking cannot be reduced).

The re-encryption process involved in this step can refer to the description of step S303 in the embodiment shown in FIG. 3 , and will not be described in detail here.

Step S704: Combine the service quantum key with the device quantum key corresponding to the target cluster intercom device to re-encrypt the service data key.

Specifically, the process of re-encrypting the business data key plaintext based on the key encryption key in the business quantum key and the device quantum key can refer to the description in step S304 in the embodiment shown in Figure 3, and will not be repeated here.

Step S705: Send the re-encrypted encrypted service data key to the cluster intercom device corresponding to the encrypted service data key.

Specifically, this step is the same as step S603 in the embodiment shown in FIG. 6 , and will not be described in detail here.

The cluster intercom communication method provided by the embodiment of the present disclosure determines the business quantum key for decrypting the encrypted business data key based on the business type of the encrypted business data key in response to the received encrypted business data key, and then decrypts the encrypted business data key through the key encryption key and the business quantum key to obtain the business data key, and then determines the business quantum key corresponding to the business type of the business data key and used to encrypt the business data key, and combines the business quantum key with the device quantum key of the target cluster intercom device to re-encrypt the business data key, and finally sends the re-encrypted encrypted business data key to the cluster intercom device corresponding to the encrypted business data key. Thus, on the key platform side, the encrypted business data key is received and decrypted based on the device quantum key and the encrypted business data key sent by the cluster intercom device, and the decrypted business data key is encrypted and sent again based on the target cluster intercom device, so that the encrypted business data key and the encrypted business data are transmitted through different channels, and the encrypted business data key in different transmission stages is the same, and the decryption of the encrypted business data key and the decryption of the encrypted business data can be completed locally on the target cluster intercom device, effectively ensuring the security of the business data transmission process and the decryption process.

Fig. 8 is a schematic diagram of the structure of a cluster intercom communication device provided by the present disclosure. As shown in Fig. 8, the cluster intercom communication device 800 is applied to a cluster intercom device, and its implementation principle and technical effects have been fully described in the above embodiments, which will not be repeated here.

The cluster intercom communication device 800 includes: a first encryption module 810, a second encryption module 820 and a sending module 830. Among them:

A first encryption module 810, configured to encrypt the business data based on an encryption key corresponding to the business data to obtain encrypted business data, wherein the encryption key includes a business data key;

The second encryption module 820 is used to encrypt the business data key to obtain an encrypted business data key;

The sending module 830 is used to send the encrypted business data key to the key platform for decryption and encryption processing, and send the encrypted business data to the target cluster intercom device, so that the target cluster intercom device decrypts the encrypted business data based on the business data key processed by the key platform to obtain the business data.

Optionally, the first encryption module 810 is specifically used to obtain the business data key in the following manner when a quantum encryption module is provided in the cluster intercom device: using the generated quantum true random number as the business data key through the quantum encryption module.

Optionally, the first encryption module 810 specifically includes: the encryption key also includes: a business quantum key corresponding to the business type, and a device quantum key corresponding to the device; the device quantum key includes: a device identity key used to indicate the identity of the cluster intercom device, and a key encryption key used to cooperate with the business quantum key to jointly implement encryption.

Optionally, the second encryption module 820 is specifically used to determine the business type corresponding to the business data and the business quantum key used to encrypt the business data key; combine the business data key with the business quantum key; encrypt the combination of the business data key and the business quantum key by using the key encryption key to obtain an encrypted business data key.

Optionally, the sending module 830 is specifically used to send the encrypted business data key to the key platform when a business quantum key is configured in the key platform, so that the key platform decrypts the encrypted business data key based on the device quantum key and the business quantum key of the cluster intercom device, and encrypts the decrypted encrypted business data key based on the device quantum key and the business quantum key of the target cluster intercom device.

Fig. 9 is a schematic diagram of the structure of a cluster intercom communication device provided by the present disclosure. As shown in Fig. 9, the cluster intercom communication device 900 is applied to a target cluster intercom device, and its implementation principle and technical effects have been fully described in the above embodiments, which will not be repeated here.

The cluster intercom communication device 900 includes: a receiving module 910, a decryption module 920 and a determination module 930. Among them:

The receiving module 910 is used to obtain the corresponding encrypted business data key from the key platform in response to the received encrypted business data;

The decryption module 920 is used to obtain the corresponding business data key based on the preset encryption key and the encrypted business data key;

The determination module 930 is used to decrypt the encrypted business data based on the business data key to obtain corresponding business data.

Optionally, the decryption module 920 specifically includes: the preset encryption key includes: a business quantum key corresponding to the business type, and a device quantum key corresponding to the target cluster intercom device; the device quantum key includes: a key encryption key used to cooperate with the business quantum key to jointly implement encryption.

Optionally, the receiving module 910 is specifically used to, when the business data key includes a key identifier, determine a ciphertext identifier corresponding to the encrypted business data in response to the received encrypted business data; based on the ciphertext identifier, send a device quantum key to the key platform to obtain an encrypted business data key corresponding to the encrypted business data.

Optionally, the decryption module 920 is specifically used to determine a business quantum key corresponding to the business type of the encrypted business data key and used to decrypt the encrypted business data key; after combining the key encryption key and the business quantum key, the encrypted business data key is decrypted to obtain the business data key; and the encrypted business data is decrypted using the business data key to obtain the corresponding business data.

Fig. 10 is a schematic diagram of the structure of a cluster intercom communication device provided by the present disclosure. As shown in Fig. 10, the cluster intercom communication device 1000 is applied to the key platform, and its implementation principle and technical effects have been fully described in the above embodiments, which will not be repeated here.

The cluster intercom communication device 1000 includes: a decryption module 1010, an encryption module 1020 and a sending module 1030. Among them:

The decryption module 1010 is used to determine the corresponding business data key in response to the received encrypted business data key;

The encryption module 1020 is used to re-encrypt the service data key in response to the received application of the target cluster intercom device;

The sending module 1030 is used to send the re-encrypted encrypted service data key to the cluster intercom device corresponding to the encrypted service data key.

Optionally, the decryption module 1010 specifically includes that a business quantum key corresponding to the business type and a device quantum key corresponding to the cluster intercom device and the target cluster intercom device are configured in the key platform, and the device quantum key includes a key encryption key used to cooperate with the business quantum key to jointly implement encryption.

Optionally, the decryption module 1010 is specifically used to, in response to the received encrypted business data key, determine a business quantum key used to decrypt the encrypted business data key based on the business type of the encrypted business data key; decrypt the encrypted business data key using the key encryption key and the business quantum key corresponding to the cluster intercom device to obtain the business data key.

Optionally, the encryption module 1020 is specifically used to determine a business quantum key corresponding to the business type of the business data key and used to encrypt the business data key; combine the business quantum key with the device quantum key corresponding to the target cluster intercom device, and re-encrypt the business data key.

FIG11 is a schematic diagram of the structure of a control device provided by the present disclosure. As shown in FIG11 , the control device 1100 includes: a memory 1110 and a processor 1120 .

The memory 1110 stores a computer program that can be executed by at least one processor 1120. The computer program is executed by at least one processor 1120 to enable the control device to implement the cluster intercom communication method provided in any of the above embodiments.

The memory 1110 and the processor 1120 may be connected via a bus 1130 .

The relevant instructions can be understood by referring to the relevant descriptions and effects corresponding to the method embodiments, which will not be repeated here.

An embodiment of the present disclosure provides a computer-readable storage medium having a computer program stored thereon. The computer program is executed by a processor to implement the cluster intercom communication method of any embodiment corresponding to FIG. 2 to FIG. 7 .

Among them, the computer-readable storage medium may be a ROM, a random access memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.

An embodiment of the present disclosure provides a computer program product, which includes computer-executable instructions. When the computer-executable instructions are executed by a processor, they are used to implement the cluster intercom communication method of any embodiment corresponding to FIG. 2 to FIG. 7 .

In the several embodiments provided in the present disclosure, it should be understood that the disclosed devices and methods can be implemented in other ways. For example, the device embodiments described above are only schematic, for example, the division of modules is only a logical function division, and there may be other division methods in actual implementation, such as multiple modules or components can be combined or integrated into another system, or some features can be ignored or not executed. Another point is that the mutual coupling or direct coupling or communication connection shown or discussed can be through some interfaces, indirect coupling or communication connection of devices or modules, which can be electrical, mechanical or other forms.

Those skilled in the art will readily appreciate other embodiments of the present disclosure after considering the specification and practicing the disclosure disclosed herein. The present disclosure is intended to cover any variations, uses, or adaptations of the present disclosure that follow the general principles of the present disclosure and include common knowledge or customary techniques in the art that are not disclosed in the present disclosure. The description and examples are intended to be exemplary only, and the true scope and spirit of the present disclosure are indicated by the following claims.

It should be understood that the present disclosure is not limited to the exact structures that have been described above and shown in the drawings, and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.

Claims (9)

1. A cluster intercom communication method, characterized in that it is applied to a cluster intercom device, and the method comprises: Encrypting the business data based on an encryption key corresponding to the business data to obtain encrypted business data, wherein the encryption key includes a business data key; Encrypting the business data key to obtain an encrypted business data key; Sending the encrypted business data key to the key platform for decryption and encryption processing, and sending the encrypted business data to the target cluster intercom device, so that the target cluster intercom device decrypts the encrypted business data based on the business data key processed by the key platform to obtain the business data; The encryption key further includes: The business quantum key corresponding to the business type, and a device quantum key corresponding to the device; The device quantum key includes: a device identity key for indicating the identity of the cluster intercom device, and a key encryption key for cooperating with the service quantum key to realize encryption; The step of encrypting the business data key to obtain the encrypted business data key includes: Determine a business quantum key corresponding to the business type of the business data and used to encrypt the business data key; Combining the service data key with the service quantum key; Encrypting the combination of the service data key and the service quantum key by using the key encryption key to obtain the encrypted service data key; The key platform is configured with a business quantum key, and the encrypted business data key is sent to the key platform for decryption and encryption processing, including: The encrypted business data key is sent to the key platform, so that the key platform decrypts the encrypted business data key based on the device quantum key of the cluster intercom device and the business quantum key, and encrypts the decrypted encrypted business data key based on the device quantum key of the target cluster intercom device and the business quantum key. 2. The cluster intercom communication method according to claim 1, characterized in that a quantum encryption module is provided in the cluster intercom device, and the service data key is obtained by: Through the quantum encryption module, the generated quantum true random number is used as the business data key. 3. A cluster intercom communication method, characterized in that it is applied to a target cluster intercom device, and the method comprises: In response to the received encrypted business data, obtaining a corresponding encrypted business data key from the key platform; Based on the preset encryption key and the encrypted business data key, obtaining a corresponding business data key; Decrypting the encrypted business data based on the business data key to obtain corresponding business data; The preset encryption key includes: The business quantum key corresponding to the business type, and the device quantum key corresponding to the target cluster intercom device; The device quantum key comprises: A key encryption key used to work with the business quantum key to achieve encryption; The business data key includes a key identifier, and the step of obtaining the corresponding encrypted business data key from the key platform in response to the received encrypted business data includes: In response to the received encrypted business data, determining a ciphertext identifier corresponding to the encrypted business data; Based on the ciphertext identifier, applying to the key platform to obtain the encrypted business data key corresponding to the encrypted business data; The obtaining of the corresponding business data key based on the preset encryption key and the encrypted business data key includes: Determining a service quantum key corresponding to the service type of the encrypted service data key and used to decrypt the encrypted service data key; After combining the key encryption key and the business quantum key, the encrypted business data key is decrypted to obtain the business data key. 4. A cluster intercom communication method, characterized in that it is applied to a key platform, and the method comprises: In response to the received encrypted business data key, determining a corresponding business data key; In response to the received application of the target cluster intercom device, re-encrypting the service data key; Sending the re-encrypted encrypted service data key to the cluster intercom device corresponding to the encrypted service data key; The key platform is configured with business quantum keys corresponding to business types and device quantum keys corresponding to cluster intercom devices and target cluster intercom devices. The device quantum key includes a key encryption key used to cooperate with the service quantum key to jointly implement encryption; The step of determining the corresponding business data key in response to the received encrypted business data key includes: In response to the received encrypted business data key, determining a business quantum key for decrypting the encrypted business data key based on the business type of the encrypted business data key; Decrypting the encrypted service data key by using a key encryption key and a service quantum key corresponding to the cluster intercom device to obtain the service data key; The step of re-encrypting the service data key in response to the received application of the target cluster intercom device comprises: Determine a business quantum key corresponding to the business type of the business data key and used to encrypt the business data key; The service quantum key is combined with the device quantum key corresponding to the target cluster intercom device to re-encrypt the service data key. 5. A cluster intercom communication device, characterized in that it is applied to cluster intercom equipment, comprising: A first encryption module, used to encrypt the business data based on an encryption key corresponding to the business data to obtain encrypted business data, wherein the encryption key includes the business data key; A second encryption module is used to encrypt the business data key to obtain an encrypted business data key; A sending module, used to send the encrypted business data key to the key platform for decryption and encryption processing, and send the encrypted business data to the target cluster intercom device, so that the target cluster intercom device decrypts the encrypted business data based on the business data key processed by the key platform to obtain the business data; Among them, the first encryption module specifically includes: the encryption key also includes: a business quantum key corresponding to the business type, and a device quantum key corresponding to the device; the device quantum key includes: a device identity key for indicating the identity of the cluster intercom device, and a key encryption key for cooperating with the business quantum key to jointly realize encryption; The second encryption module is specifically used to determine the business type corresponding to the business data and the business quantum key used to encrypt the business data key; combine the business data key with the business quantum key; encrypt the combination of the business data key and the business quantum key by using the key encryption key to obtain the encrypted business data key; The sending module is specifically used to send the encrypted business data key to the key platform when the business quantum key is configured in the key platform, so that the key platform decrypts the encrypted business data key based on the device quantum key and the business quantum key of the cluster intercom device, and encrypts the decrypted encrypted business data key based on the device quantum key and the business quantum key of the target cluster intercom device. 6. A cluster intercom communication device, characterized in that it is applied to a target cluster intercom device, comprising: A receiving module, configured to obtain a corresponding encrypted business data key from a key platform in response to received encrypted business data; A decryption module, used to obtain a corresponding business data key based on a preset encryption key and the encrypted business data key; A determination module, configured to decrypt the encrypted business data based on the business data key to obtain corresponding business data; The decryption module specifically includes: the preset encryption key includes: a business quantum key corresponding to the business type, and a device quantum key corresponding to the target cluster intercom device; the device quantum key includes: a key encryption key used to cooperate with the business quantum key to jointly realize encryption; The receiving module is specifically used to, when the business data key includes a key identifier, determine the ciphertext identifier corresponding to the encrypted business data in response to the received encrypted business data; based on the ciphertext identifier, send the device quantum key to the key platform to obtain the encrypted business data key corresponding to the encrypted business data; The decryption module is specifically used to determine the business type corresponding to the encrypted business data key and used to decrypt the encrypted business data key; after combining the key encryption key and the business quantum key, the encrypted business data key is decrypted to obtain the business data key; and the encrypted business data is decrypted by the business data key to obtain the corresponding business data. 7. A cluster intercom communication device, characterized in that it is applied to a key platform, comprising: a decryption module, configured to determine a corresponding business data key in response to the received encrypted business data key; An encryption module, configured to re-encrypt the service data key in response to a received application from a target cluster intercom device; A sending module, used to send the re-encrypted encrypted business data key to the cluster intercom device corresponding to the encrypted business data key; The decryption module specifically includes: a key platform is configured with a service quantum key corresponding to the service type and a device quantum key corresponding to the cluster intercom device and the target cluster intercom device; the device quantum key includes a key encryption key used to cooperate with the service quantum key to jointly realize encryption; The decryption module is specifically used to, in response to the received encrypted business data key, determine the business quantum key used to decrypt the encrypted business data key based on the business type of the encrypted business data key; decrypt the encrypted business data key by using the key encryption key and the business quantum key corresponding to the cluster intercom device to obtain the business data key; The encryption module is specifically used to determine a business quantum key corresponding to the business type of the business data key and used to encrypt the business data key; combine the business quantum key with the device quantum key corresponding to the target cluster intercom device to re-encrypt the business data key. 8. A control device, comprising: at least one processor; and a memory communicatively coupled to the at least one processor; Wherein, the memory stores instructions that can be executed by the at least one processor, and the instructions are executed by the at least one processor so that the control device executes the cluster intercom communication method as described in any one of claims 1 to 2; and/or so that the control device executes the cluster intercom communication method as described in claim 3; and/or so that the control device executes the cluster intercom communication method as described in claim 4. 9. A computer-readable storage medium, characterized in that the computer-readable storage medium stores computer execution instructions, and when the computer execution instructions are executed by a processor, they are used to implement the cluster intercom communication method as described in any one of claims 1 to 2; and/or, when the computer execution instructions are executed by a processor, they are used to implement the cluster intercom communication method as described in claim 3; and/or, when the computer execution instructions are executed by a processor, they are used to implement the cluster intercom communication method as described in claim 4.