摘要 |
<p>A two-way key switching method and an implementation device. The method includes: when acquiring a new key, any end in a communication link setting a new key transmitting direction to be unavailable and setting a new key receiving direction to be available; after it is presumed or determined that at least n opposite ends have acquired the new key and before an original key is invalid, the any end starting a first key switching process, to set the transmitting direction of the original key to be unavailable and set the new key transmitting direction to be available, where N≥n≥1, and N is the total number of receiving sides corresponding to the transmitting side; according to a protection identifier of data transmitted from the opposite end, the any end selecting a valid key to perform deprotection; and after the data is successfully deprotected with the new key for the first time, the any end starting a second key switching process, to set the receiving direction of the original key to be unavailable. By limiting the sequence of each end on a communication link to perform key switching, the present invention ensures that each end can correctly deprotect data transmitted from an opposite end.</p> |