Post-quantum cryptographic key distribution and session protection method and platform for cloud communication privacy number session

By obtaining session attribute information from the cloud communication privacy number session, selecting the security level identifier and hybrid negotiation parameter set, and generating a context commitment digest, the problem of the disconnect between security policy and business sensitivity in the existing technology is solved. This achieves the same source verification of the encryption plane and the audit plane and the control of abnormal risks, thereby improving the security and verifiability of cloud communication.

CN122247610APending Publication Date: 2026-06-19BEIJING HETENGTUZHI TECH CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
BEIJING HETENGTUZHI TECH CO LTD
Filing Date
2026-04-07
Publication Date
2026-06-19

AI Technical Summary

Technical Problem

Existing technologies lack parameter selection mechanisms for cloud communication privacy number sessions that cater to business sensitivity, compliance level, and terminal capabilities. This makes it impossible to achieve co-source verification between the encryption and audit sides, leading to the easy spread of abnormal risks and incomplete evidence chains, resulting in a disconnect between security policies and business sensitivity.

Method used

By acquiring session attribute information, selecting security level identifiers and hybrid negotiation parameter sets, generating hybrid shared key material and performing cryptographic binding, generating fixed-length context commitment digests, and realizing session protection, including deriving session protection keys, constructing isolated key fields, controlling key rotation, and generating verifiable evidence.

Benefits of technology

It enables the matching of differentiated security strategies for high-sensitivity and low-sensitivity services, ensures the same source verification of the encryption plane, control plane and audit plane, prevents the spread of abnormal risks, and provides a traceable chain of evidence during compliance verification, thereby improving the security and continuity of cloud communication privacy number scenarios.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122247610A_ABST
    Figure CN122247610A_ABST
Patent Text Reader

Abstract

This application provides a method and platform for post-quantum cryptography key distribution and session protection for cloud communication privacy number sessions. The method includes: obtaining session attribute information of the cloud communication privacy number session; selecting a security level identifier and a corresponding hybrid negotiation parameter set based on the information; performing hybrid key negotiation of a target public-key cryptography algorithm and a post-quantum cryptography algorithm with the user terminal according to the parameter set, generating hybrid shared key material; cryptographically binding the session attribute information and the shared key material to generate a fixed-length context commitment digest; and protecting the session based on the digest, wherein the session protection includes deriving a session protection key, constructing an isolated key field, controlling key rotation, and generating verifiable evidence. This application can solve the technical problems of the disconnect between security policies and business sensitivity, the difficulty in verifying the encryption and audit surfaces from the same source, the easy spread of abnormal risks, and the incomplete evidence chain in cloud communication privacy number sessions.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of cloud communication security technology, and in particular to a post-quantum cryptographic key distribution and session protection method and platform for cloud communication privacy number sessions. Background Technology

[0002] Cloud communication privacy number services introduce an intermediate virtual number between the caller and the recipient to achieve real number concealment, signaling routing control, recording retention, quality inspection and auditing, and dispute verification. This is a highly sensitive foundational capability in enterprise-level outbound calls, ride-hailing, lifestyle services, and customer service hotlines. The core technical challenge of this type of service is not merely "how to achieve encryption," but rather, to simultaneously satisfy long-term confidentiality, low latency, cross-tenant isolation, smooth rotation, and compliant verifiability without modifying terminals or with minimal changes to the existing network. With the continuous development of quantum computing capabilities, traditional handshake mechanisms based on RSA cryptography or elliptic curve cryptography (ECC) pose a long-term risk of data leakage—data collected now can be cracked in the future.

[0003] Existing post-quantum handshake migration and key rotation and auditing schemes mainly include: First, key encapsulation mechanisms (KEM) or hybrid key exchange schemes for post-quantum handshake migration, which solve the quantum resistance problem in the handshake process by combining classical algorithms with post-quantum cryptographic materials; Second, post-quantum handshake schemes for session protocols, which analyze and improve post-quantum handshakes around protocols such as Signal and PQXDH, focusing on authentication and forward secrecy during session establishment; Third, rotation and auditing schemes for key management, which achieve conventional key management and auditing through fixed-period rotation, protocol extension fields, and log recording. Although the above schemes involve hybrid negotiation, transcription binding, key rotation, and auditing respectively, none of them form a closed-loop collaborative mechanism for the business sensitivity classification of cloud communication privacy numbers, tenant-level anomaly isolation, session continuity, and compliance verifiability. The various technical means can only be used in parallel, rather than being coupled around the same context commitment and the same risk control link.

[0004] However, the existing technology has the following defects: (1) It lacks a parameter selection mechanism based on business sensitivity, compliance level and terminal capability. High-sensitivity business and low-sensitivity business adopt the same negotiation strategy, which wastes computing power and makes it difficult to prove the rationality of "configuration according to risk"; (2) The binding object stays on the handshake message itself and does not include the tenant identifier, session identifier, call direction, business level, risk level, rotation window and other business contexts into the same commitment digest, making it difficult to achieve the same source verification of the encryption plane, control plane and audit plane; (3) There is no linkage mechanism between anomaly detection and key isolation. When the tenant has abnormal retransmission, suspicious downgrade or decapsulation failure surge, the original key field is still used, and the risk cannot be quickly converged within the session boundary; (4) The audit record can only prove what happened, but cannot prove the negotiation parameter level, context commitment, rotation continuity and no unauthorized downgrade, making it difficult to trace the evidence chain when regulatory verification or dispute handling.

[0005] Therefore, there is an urgent need to address the technical issues in cloud communication privacy number sessions: the disconnect between security policies and business sensitivity, the difficulty in verifying the encryption and audit aspects from the same source, the easy spread of abnormal risks, and the incomplete evidence chain. Summary of the Invention

[0006] In view of this, embodiments of this application provide a post-quantum cryptography key distribution and session protection method and platform for cloud communication privacy number sessions, in order to eliminate or improve one or more defects existing in the prior art.

[0007] One aspect of this application provides a post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions, including: Obtain session attribute information for the cloud communication privacy number session; Based on the session attribute information, select the corresponding security level identifier and the hybrid negotiation parameter set corresponding to the security level identifier from the preset security level parameter library; Based on the hybrid negotiation parameter set, the user terminal corresponding to the cloud communication privacy number session interacts with the target public key cryptography algorithm and the post-quantum cryptography algorithm to perform hybrid key negotiation, and generate hybrid shared key material as the post-quantum cryptography key to be distributed to the cloud communication privacy number session; The session attribute information is cryptographically bound to the shared key material to generate a fixed-length context commitment digest; Based on the context commitment digest, session protection is performed on the cloud communication privacy number session; wherein, the session protection includes: deriving a session protection key, constructing an isolation key field, controlling key rotation, and generating verifiable evidence.

[0008] In some embodiments of this application, the interaction between the user terminal corresponding to the cloud communication privacy number session and the execution of a hybrid key negotiation between the target public-key cryptography algorithm and the post-quantum cryptography algorithm to generate hybrid shared key material as a post-quantum cryptography key distributed to the cloud communication privacy number session includes: Based on the hybrid negotiation parameter set, determine the first algorithm type of the target public-key cryptography algorithm and the second algorithm type of the post-quantum cryptography algorithm, and determine the negotiation suite identifier; Generate a first key negotiation parameter corresponding to the first algorithm type and a second key negotiation parameter corresponding to the second algorithm type; Send the first key negotiation parameters, the second key negotiation parameters, and the negotiation suite identifier to the user terminal corresponding to the cloud communication privacy number session; The system receives the third key negotiation parameters corresponding to the first algorithm type, the fourth key negotiation parameters corresponding to the second algorithm type, and the negotiation suite identifier confirmed by the user terminal, all returned by the user terminal. The negotiation calculation of the first algorithm type is performed based on the first key negotiation parameters and the third key negotiation parameters to obtain a first negotiation result; and the negotiation calculation of the second algorithm type is performed based on the second key negotiation parameters and the fourth key negotiation parameters to obtain a second negotiation result; According to the combination rules corresponding to the negotiation suite identifier, the first negotiation result and the second negotiation result are combined to generate a hybrid shared key material; A handshake transcription digest is generated based on the first key negotiation parameters, the second key negotiation parameters, the third key negotiation parameters, the fourth key negotiation parameters, and the negotiation suite identifier.

[0009] In some embodiments of this application, the step of cryptographically binding the session attribute information with the shared key material to generate a fixed-length context commitment digest includes: Obtain the call direction identifier, risk level, and current rotation window number of the cloud communication privacy number session; The session attribute information, the call direction identifier, the negotiation suite identifier, the handshake transcription digest, the risk level, and the current rotation window number are concatenated, and a cryptographic hash operation is performed on the resulting concatenated data to generate a fixed-length context commitment digest. The session attribute information includes: the tenant identifier, session identifier, service type, privacy level, and terminal capability level of the cloud communication privacy number session; the session attribute information also includes: the compliance level label and / or network status of the cloud communication privacy number session.

[0010] In some embodiments of this application, session protection is performed on the cloud communication privacy number session based on the context commitment digest, including: Using the hybrid shared key material as the root key and the context commitment digest as the context, the session master key corresponding to the cloud communication privacy number session is extracted through the key derivation function; Based on the session master key and the context commitment digest, a signaling protection subkey, a media protection subkey, and an audit protection subkey are derived for the cloud communication privacy number session.

[0011] In some embodiments of this application, session protection for the cloud communication privacy number session based on the context commitment digest further includes: Real-time monitoring of risk indicators for the cloud communication privacy number session; wherein, the risk indicators include at least one of the following: decapsulation failure rate, abnormal retransmission rate, and degradation frequency; When the risk indicator exceeds a preset threshold, an isolation key field seed is generated based on the session master key, the context commitment digest, and a preset risk random number through a key derivation function. Based on the isolated key field seed, an isolated key field independent of the normal session is enabled in the current cloud communication privacy number session to separate the key evolution path of the abnormal session from that of the normal session.

[0012] In some embodiments of this application, session protection for the cloud communication privacy number session based on the context commitment digest further includes: Obtain the current risk score, current traffic load score, and current jitter score of the cloud communication privacy number session; The overlap window length of the new and old keys is dynamically calculated based on the current risk score, the current traffic load score, and the current jitter score. Within the length of the overlapping window, the sending side prioritizes encryption with the new key, while the receiving side simultaneously accepts decryption with both the old and new keys, thereby achieving uninterrupted rotation of the session protection key; After the rotation is completed, update the current rotation window number of the cloud communication privacy number session.

[0013] In some embodiments of this application, session protection for the cloud communication privacy number session based on the context commitment digest further includes: Generate negotiation evidence records, continuity evidence records, and dispute evidence records for the current cloud communication privacy number session; wherein, the negotiation evidence record includes the negotiation suite identifier, the handshake transcription digest, the context commitment digest, and the corresponding timestamp signature; the continuity evidence record includes the key identifier before the session protection key rotation, the key identifier after the session protection key rotation, the current rotation window number, the isolation key field identifier, and the context commitment digest; the dispute evidence record includes anomaly reason code, risk level, degradation status, result digest, and the context commitment digest; the anomaly reason code is used to record the cause type of triggering the anomaly event, and the degradation status is used to record the degradation status of the session security level; The negotiated evidence record, the continuity evidence record, and the disputed evidence record are written into a preset verifiable evidence chain.

[0014] Another aspect of this application provides a cloud communication platform for executing the post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions provided in the first aspect above, the cloud communication platform comprising: The session attribute collection module is used to obtain session attribute information of cloud communication privacy number sessions; The security level selection module is used to select a corresponding security level identifier and a set of hybrid negotiation parameters corresponding to the security level identifier from a preset security level parameter library based on the session attribute information. The key negotiation module is used to interact with the user terminal corresponding to the cloud communication privacy number session according to the hybrid negotiation parameter set to perform hybrid key negotiation of the target public key cryptography algorithm and the post-quantum cryptography algorithm, and generate hybrid shared key material as the post-quantum cryptography key to be distributed to the cloud communication privacy number session; The commitment digest generation module is used to cryptographically bind the session attribute information with the shared key material to generate a fixed-length context commitment digest. The session protection module is used to perform session protection on the cloud communication privacy number session based on the context commitment digest; wherein, the session protection includes: deriving a session protection key, constructing an isolation key field, controlling key rotation, and generating verifiable evidence.

[0015] A third aspect of this application provides an electronic device including a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor, when executing the computer program, implements the post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions.

[0016] A fourth aspect of this application provides a computer-readable storage medium having a computer program stored thereon that, when executed by a processor, implements the described post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions.

[0017] The fifth aspect of this application provides a computer program product, including a computer program that, when executed by a processor, implements the described post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions.

[0018] The post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions provided in this application achieves the following beneficial effects by constructing a technical closed loop formed by service sensitivity-driven level selection, unified context commitment, hybrid key negotiation, and session protection based on commitment digests: First, by dynamically selecting security level identifiers and corresponding hybrid negotiation parameter sets based on session attribute information, differentiated security strategies can be adopted for high-sensitivity and low-sensitivity services. While ensuring the quantum security strength of high-sensitivity services, low-latency and low-computational-cost paths are reserved for low-sensitivity services, achieving fine-grained matching between security levels and latency tolerance. Moreover, this configuration process is verifiable and traceable. Second, by cryptographically binding session attribute information such as tenant identifier, session identifier, service type, and privacy level with hybrid shared key materials to generate a unified context commitment digest, and uniformly performing session protection key derivation and isolation based on this digest, the method achieves the following benefits: Key field construction, key rotation control, and verifiable evidence generation enable key derivation, risk isolation, key rotation, and compliance verification to all use the same commitment digest as a common root, reducing state drift and inconsistencies in auditing standards between multiple modules, and achieving source verification across the encryption, control, and audit planes. Furthermore, during session protection, deriving session protection keys ensures the confidentiality of signaling and media planes; constructing isolated key fields separates the key evolution path of risky sessions from normal sessions when anomalies are detected, preventing the impact of anomalies from spreading to other tenants or sessions; controlling key rotation dynamically adjusts the overlap window of old and new keys based on risk to ensure session continuity while achieving uninterrupted updates; and generating verifiable evidence outputs negotiated evidence, continuity evidence, and disputed evidence around the same commitment digest, enabling compliance verification or issue tracing to verify key information such as negotiated parameter levels, contextual commitments, rotation continuity, and non-unauthorized degradation without decrypting the call content. In summary, by incorporating business sensitivity, password strength, anomaly response, session continuity, and compliance verification into the same closed-loop control system, this invention can improve the collaborative capabilities of security, continuity, and verifiability in cloud communication privacy number scenarios.

[0019] Additional advantages, objectives, and features of this application will be set forth in part in the description which follows, and will in part become apparent to those skilled in the art upon review of the following description, or may be learned by practice of the application. The objectives and other advantages of this application can be realized and obtained by means of the structures specifically pointed out in the specification and drawings.

[0020] Those skilled in the art will understand that the purposes and advantages that can be achieved with this application are not limited to those specifically described above, and that the above and other purposes that this application can achieve will be more clearly understood from the following detailed description. Attached Figure Description

[0021] The accompanying drawings, which are included to provide a further understanding of this application and form part of this application, do not constitute a limitation thereof. The components in the drawings are not drawn to scale but are merely for illustrating the principles of this application. For ease of illustration and description of certain parts of this application, corresponding portions in the drawings may be enlarged, i.e., may appear larger relative to other components in an exemplary device actually manufactured according to this application. In the drawings: Figure 1 This is a schematic diagram of the first process of a post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions according to an embodiment of this application.

[0022] Figure 2 This is a schematic diagram of a second process for a post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions, as described in one embodiment of this application.

[0023] Figure 3 This is a schematic diagram of the structure of a cloud communication platform in one embodiment of this application.

[0024] Figure 4 This is a schematic diagram of the architecture and data flow of the cloud communication platform in an application example of this application.

[0025] Figure 5 This is a flowchart illustrating a post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions, as shown in an application example of this application.

[0026] Figure 6 This is a schematic diagram of the uniform commitment, derivation, and evidence mechanism in an application example of this application. Detailed Implementation

[0027] To make the objectives, technical solutions, and advantages of this application clearer, the application will be further described in detail below with reference to the embodiments and accompanying drawings. Here, the illustrative embodiments and their descriptions are used to explain this application, but are not intended to limit it.

[0028] It should also be noted that, in order to avoid obscuring this application with unnecessary details, only the structures and / or processing steps closely related to the solution according to this application are shown in the accompanying drawings, while other details that are not closely related to this application are omitted.

[0029] It should be emphasized that the term "including / comprises" as used herein refers to the presence of a feature, element, step, or component, but does not exclude the presence or addition of one or more other features, elements, steps, or components.

[0030] It should also be noted that, unless otherwise specified, the term "connection" in this article can refer not only to a direct connection, but also to an indirect connection involving an intermediary.

[0031] In the following description, embodiments of the present application will be illustrated with reference to the accompanying drawings. In the drawings, the same reference numerals represent the same or similar parts, or the same or similar steps.

[0032] First, it's important to note that with the continuous development of quantum computing capabilities, traditional handshake mechanisms based on RSA or ECC pose a long-term risk of data leakage—data collected now can be cracked in the future. Simply incorporating post-quantum algorithms into the existing handshake process, while theoretically improving quantum resistance, still presents three practical problems in cloud communication privacy scenarios: First, different business lines have vastly different tolerances for security levels and latency, making it difficult for a fixed algorithm suite to accommodate all needs; second, in multi-tenant, multi-session concurrency, the traditional unified key domain design can easily cause the impact to spread if abnormal handshakes, retransmission storms, or increased node risks occur; third, regulatory scenarios require the ability to prove that a particular negotiation, rotation, degradation, and recovery process is credible and continuous without exposing the call content.

[0033] While existing solutions most similar to this application involve hybrid negotiation, transcription binding, key rotation, and auditing, they do not form a closed-loop collaborative mechanism for business sensitivity classification of cloud communication privacy numbers, tenant-level anomaly isolation, session continuity, and compliance evidence collection. In other words, the components in existing technologies can be used in parallel, rather than being coupled around the same context commitment and the same risk control link. The specific problems of existing technologies are explained below: (1) Existing general hybrid handshake schemes usually complete the negotiation according to a fixed algorithm priority. They lack a parameter selection mechanism that is oriented towards business sensitivity, compliance level and terminal capability. This results in high-sensitivity business and low-sensitivity business using the same negotiation strategy, which wastes computing power and makes it difficult to prove the rationality of risk-based configuration.

[0034] (2) Although existing technologies mention transcription binding or context binding, the binding objects are mostly limited to the handshake message itself. They do not include the tenant identifier (tenant_id), session identifier (call_id), call direction, service level, risk level, current rotation window and other business contexts into the same commitment digest. Therefore, it is difficult to achieve the same source verification of the encryption plane, control plane and audit plane.

[0035] (3) Traditional rotation is generally driven by a fixed time period, and there is no direct linkage mechanism between anomaly detection and key isolation. When a tenant experiences a surge in abnormal retransmissions, suspicious downgrades, or decapsulation failures, the system often still uses the original session key domain, and the risk cannot be quickly contained within the session boundary.

[0036] (4) Most existing audit plans record what happened, but cannot prove which negotiated parameters were used at the time, which context commitment was used, whether the rotation was continuous and whether the downgrade was not overstepped. Therefore, the chain of evidence is still easy to break during regulatory verification or dispute resolution.

[0037] Therefore, the technical solution provided in this application no longer focuses on whether or not to adopt the abstract level of PQC, but rather on: how to drive the negotiation parameter level with business sensitivity, how to connect negotiation, derivation, rotation and evidence presentation with a unified context commitment summary, how to quickly switch a single session or single tenant to the isolated key domain when an anomaly occurs, and how to complete risk-driven rotation without interrupting the media plane.

[0038] Based on this, in order to address the technical problems of the disconnect between security policies and business sensitivity in cloud communication privacy number sessions, the difficulty in verifying the encryption and audit surfaces from the same source, the easy spread of abnormal risks, and the incomplete evidence chain, this application provides a post-quantum cryptography key distribution and session protection method for cloud communication privacy number sessions, a cloud communication platform, physical device, computer-readable storage medium, and computer program product for executing the post-quantum cryptography key distribution and session protection method for cloud communication privacy number sessions. It uses business sensitivity to drive the selection of security levels, uses a unified context commitment digest to connect hybrid negotiation, key derivation, anomaly isolation, dynamic sliding window rotation, and layered evidence output, and improves the collaborative capabilities of security, continuity, and evidentiaryness in multi-tenant real-time call scenarios.

[0039] The following examples will provide a detailed description.

[0040] Based on this, embodiments of this application provide a post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions, which can be implemented by a cloud communication platform. See [link to relevant documentation]. Figure 1 The post-quantum cryptography key distribution and session protection method for cloud communication privacy number sessions specifically includes the following: Step 100: Obtain the session attribute information of the cloud communication privacy number session.

[0041] It should be noted that session attribute information refers to a set of fields describing the basic characteristics of a cloud communication privacy number session, including tenant identifier, session identifier, service type, privacy level, and terminal capability level. The tenant identifier (tenant_id) is a unique identifier for different enterprise tenants within the cloud communication platform. The session identifier (call_id) is a unique identifier for a single call session. The service type (biz_type) identifies the type of business scenario to which the session belongs, such as outbound calling, ride-hailing, or lifestyle services. The privacy level (privacy_level) indicates the required level of number concealment and encryption strength for the session. The terminal capability level (cap_level) indicates the level of cryptographic algorithm capabilities supported by the user terminal.

[0042] Specifically, in step 100, when a user terminal initiates a privacy number session on the cloud communication platform, the platform first obtains the session attribute information. Specifically, the platform parses the tenant identifier (tenant_id), session identifier (call_id), service type (biz_type), privacy level (privacy_level), and terminal capability level (cap_level) from the session establishment request. The tenant identifier distinguishes different enterprise tenants, the session identifier uniquely identifies the current call, the service type identifies business scenarios such as outbound calls, ride-hailing, and lifestyle services, the privacy level indicates the session's requirements for number concealment and encryption strength, and the terminal capability level indicates the types of cryptographic algorithms supported by the user terminal.

[0043] Step 200: Based on the session attribute information, select the corresponding security level identifier and the hybrid negotiation parameter set corresponding to the security level identifier from the preset security level parameter library.

[0044] The security profile parameter library is a pre-configured dataset storing different security profiles and their corresponding parameters. The security profile identifier (profile_id) is a unique number used to identify a security profile. The hybrid negotiation parameter set is a group of parameters bound to a specific security profile, including the target public-key cryptographic algorithm candidate type, the post-quantum cryptographic algorithm candidate type, the handshake delay threshold, and the rotation baseline window, etc.

[0045] In step 200, the cloud communication platform invokes a preset security profile parameter library based on the acquired session attribute information. This parameter library predefines multiple security profiles, each corresponding to a security profile identifier (profile_id) and a set of hybrid negotiation parameters. The platform matches the corresponding security profile identifier according to preset mapping rules (e.g., a weighted calculation of business sensitivity and terminal capability) based on fields such as service type, privacy level, and terminal capability level, and extracts the hybrid negotiation parameter set corresponding to that identifier. This hybrid negotiation parameter set includes parameters such as candidate types of the target public-key cryptography algorithm, candidate types of post-quantum cryptography algorithms, handshake delay threshold, and rotation baseline window.

[0046] Step 300: Based on the hybrid negotiation parameter set, interact with the user terminal corresponding to the cloud communication privacy number session to perform hybrid key negotiation of the target public key cryptography algorithm and the post-quantum cryptography algorithm, and generate hybrid shared key material as the post-quantum cryptography key to be distributed to the cloud communication privacy number session.

[0047] In this context, the target public-key cryptography algorithm refers to a public-key cryptography algorithm that is not resistant to quantum computing, such as elliptic curve cryptography or RSA cryptography. Post-quantum cryptography algorithms refer to cryptographic algorithms that can resist quantum computer attacks and are used for key establishment or encapsulation, such as Kyber. Hybrid key negotiation refers to a negotiation method that combines the negotiation results of the target public-key cryptography algorithm with those of the post-quantum cryptography algorithm to generate a unified shared key material. The hybrid shared key material (hybrid_ss) is the shared key material generated through hybrid negotiation, serving as the root key derived from the subsequent session protection key. The negotiation suite identifier (suite_id) is a number used to identify the combination of algorithm suites used in this negotiation. The handshake transcription digest (hereinafter referred to as bundle_id) is a digest value generated based on the parameters interacted during the key negotiation process, used to uniquely identify this negotiation process.

[0048] Specifically, in step 300, the cloud communication platform performs two rounds of key negotiation with the user terminal based on the hybrid negotiation parameter set selected in step two. First, the platform determines the first algorithm type (e.g., elliptic curve cryptography) and the second algorithm type (e.g., Kyber) of the target public-key cryptography algorithm from the hybrid negotiation parameter set. The platform generates first key negotiation parameters (e.g., elliptic curve public key) corresponding to the first algorithm type and second key negotiation parameters (e.g., Kyber public key) corresponding to the second algorithm type, and sends these two parameters, along with the negotiation suite identifier (suite_id), to the user terminal. Upon receiving these parameters, the user terminal generates corresponding third key negotiation parameters (elliptic curve public key) and fourth key negotiation parameters (Kyber public key), confirms the negotiation suite identifier, and returns it to the platform. The platform performs negotiation calculations for the target public-key cryptography algorithm based on the first and third parameters to obtain the first negotiation result, and performs negotiation calculations for the post-quantum cryptography algorithm based on the second and fourth parameters to obtain the second negotiation result. Then, according to the combination rules corresponding to the negotiation suite identifier, the two results are combined to generate a hybrid shared key material (hybrid_ss), which serves as the post-quantum cryptography key distributed to this session. At the same time, the platform generates a handshake transcription summary (bundle_id) based on the first, second, third, and fourth key negotiation parameters and negotiation kit identifiers generated during the interaction process.

[0049] Step 400: Cryptographically bind the session attribute information with the shared key material to generate a fixed-length context commitment digest.

[0050] It is understandable that the Context Commitment Digest (CCD) is a fixed-length hash value generated by cryptographically binding session attribute information with the key negotiation result. It is used to uniformly bind the cryptographic context in the key derivation, key isolation, key rotation, and evidence generation processes. The call direction identifier (dir_id) is an identifier field used to identify the calling and called directions in a session. The risk level (risk_class) is a classification of the current session's risk level, such as high risk, medium risk, and low risk. The current rotation window number (window_slot) is the number used to identify the current key rotation progress window. Cryptographic hash operation: a one-way function operation that converts input data of arbitrary length into a fixed-length output value.

[0051] Specifically, in step 400, after completing the hybrid key negotiation, the cloud communication platform obtains the call direction identifier (dir_id), risk level (risk_class), and current rotation window number (window_slot) for this session. The call direction identifier identifies the calling or called party, the risk level is maintained in real-time by the platform's risk monitoring module, and the current rotation window number indicates the progress of key rotation. The platform concatenates the session attribute information obtained in step one (including tenant identifier, session identifier, service type, privacy level, and terminal capability level), the negotiation suite identifier and handshake transcription digest generated in step three, and the call direction identifier, risk level, and current rotation window number obtained in this step into a string in a preset order. Then, it performs a cryptographic hash operation on this string to generate a fixed-length hash value as a context commitment digest (CCD). This digest will serve as the common binding root for all subsequent session protection operations.

[0052] Step 500: Based on the context commitment digest, perform session protection on the cloud communication privacy number session; wherein, the session protection includes: deriving a session protection key, constructing an isolation key field, controlling key rotation, and generating verifiable evidence.

[0053] Based on the context commitment digest generated in step four, the cloud communication platform performs the following four session protection operations: (1) Regarding the derivation of session protection keys, the platform uses the hybrid shared key material generated in step three as the root key and the context commitment digest as the context. It extracts the session master key (ms) through the key derivation function (KDF), and then derives the signaling protection subkey (K_sig), media protection subkey (K_media), and audit protection subkey (K_audit) for this session based on the session master key and the context commitment digest. The signaling protection subkey is used to protect the security of the Session Initiation Protocol (SIP) control plane, the media protection subkey is used to protect the security of the Real-Time Transport Protocol (RTP) media plane, and the audit protection subkey is used to encrypt and protect subsequent evidence records.

[0054] (2) In terms of constructing the isolation key domain, the platform monitors the risk indicators of the current session in real time, including decapsulation failure rate, abnormal retransmission rate, and degradation frequency. When any risk indicator exceeds the preset threshold, the platform uses the session master key, context commitment digest, and preset risk nonce as input to generate an isolation key domain seed (IKD_seed) through the key derivation function, and enables an isolation key domain (IKD) independent of the normal session in the current session, so that the key evolution path of the abnormal session is separated from that of the normal session, and the risk is prevented from spreading to other tenants or sessions.

[0055] (3) Regarding the control key rotation, the platform obtains the current risk score, current traffic load score, and current jitter score of the current session. Based on these three scores, it dynamically calculates the overlap window length (W) between the old and new keys. The formula is to add a weighted adjustment value of risk, traffic, and jitter to the baseline window and then trim it to between the preset minimum and maximum values. Within the overlap window length, the sending side prioritizes encryption with the new key, while the receiving side accepts both the old and new keys for decryption, thus achieving uninterrupted rotation of the session protection key. After the rotation is completed, the platform updates the current rotation window number.

[0056] (4) Regarding the generation of verifiable evidence, the platform generates three types of evidence records based on the context commitment digest: negotiation evidence records include the negotiation suite identifier, handshake transcription digest, context commitment digest, and corresponding timestamp signature; continuity evidence records include the key identifier before the session protection key rotation (prev_key_id), the key identifier after the rotation (new_key_id), the current rotation window number, the isolation key domain identifier (ikd_flag), and the context commitment digest; and dispute evidence records include the anomaly reason code (reason_code), risk level, fallback state (fallback_state), result digest (result_digest), and context commitment digest. Among them, the anomaly reason code is used to record the type of cause that triggers the anomaly event, and the fallback state is used to record the fallback status of the session security level. The platform writes these three types of evidence records into a preset verifiable evidence chain, so that in subsequent compliance verification or problem tracing, key information such as the negotiation parameter level, context commitment, rotation continuity, and no unauthorized fallback can be verified without exposing the call content.

[0057] It should be noted that the session protection key refers to the symmetric key used to protect the signaling plane and media plane, including the signaling protection subkey and the media protection subkey. The session master key (ms) is a master key derived from the hybrid shared key material, used to further derive various functional subkeys. The signaling protection subkey (K_sig) is a symmetric key used to protect the control plane of the session initiation protocol. The media protection subkey (K_media) is a symmetric key used to protect the media plane of the real-time transport protocol. The audit protection subkey (K_audit) is a symmetric key used to encrypt and protect evidence records. The isolation key field (IKD) is a key derivation path independently opened for high-risk sessions when an anomaly is detected, separating its key evolution from that of normal sessions. The isolation key field seed (IKD_seed) is the seed value used to generate the isolation key field. The risk nonce is a random number used to generate the isolation key field, ensuring the uniqueness of the isolation path. The overlap window length (W) is the length of the time window during which the old and new keys are simultaneously effective. Within this window, the sending side prioritizes the new key, while the receiving side accepts both the old and new keys simultaneously. A verifiable evidence chain is an immutable storage medium or evidence preservation system used to store negotiated evidence, continuity evidence, and disputed evidence. Negotiated evidence records are evidence records used to prove the session negotiation level and commitment summary. Continuity evidence records are evidence records used to prove that the key belongs to the same commitment chain before and after the key rotation and that there is no untraceable interruption. Disputed evidence records are evidence records used to provide verification evidence without exposing media content. The pre-rotation key identifier (prev_key_id) is a number used to identify the session protection key before the rotation. The post-rotation key identifier (new_key_id) is a number used to identify the session protection key after the rotation. The isolation key field identifier (ikd_flag) is a flag used to indicate whether the isolation key field is enabled. The exception reason code (reason_code) is an encoding used to record the type of reason that triggered the exception event. The fallback state (fallback_state) is a status field used to record the session security level downgrade status. The result digest (result_digest) is a summary value used to record the result of the dispute event processing.

[0058] As described above, the post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions provided in this application establishes a unified closed loop from security profiles, context commitments, isolation rotations to evidence layering. First, the system selects a security profile (profile_id) from a preset parameter library based on business sensitivity, regulatory labels, terminal capabilities, and the current network status. Then, during the hybrid handshake process, a unified context commitment digest (CCD) is generated. This CCD is not a regular log field but rather the common binding root for all subsequent derivations, rotations, and evidence presentations. Next, if an abnormal risk is detected, the system derives an isolation key field (IKD) using the current CCD and an abnormal random variable, achieving cryptographic isolation between risky and normal sessions. Finally, the system outputs negotiated evidence, continuity evidence, and disputed evidence around the same CCD, ensuring verifiable consistency between the encryption and auditing surfaces.

[0059] Since the CCD carries both business context and cryptographic context, the method provided in this application does not involve stuffing business fields into the isolated action of the KDF, but rather involves the same digest in: negotiation level confirmation, session master key extraction, functional subkey field separation, rotation continuity proof, and external verification digest generation. This transforms the originally scattered engineering actions into a homogeneous, derivable chained technical effect.

[0060] To further address the issues of unclear interaction steps and inconsistent combination of negotiation results during hybrid key negotiation, this application provides a post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions. (See also...) Figure 2 Step 300 of the post-quantum cryptography key distribution and session protection method for cloud communication privacy number sessions specifically includes the following: Step 310: Based on the hybrid negotiation parameter set, determine the first algorithm type of the target public-key cryptography algorithm and the second algorithm type of the post-quantum cryptography algorithm, and determine the negotiation suite identifier.

[0061] Step 320: Generate a first key negotiation parameter corresponding to the first algorithm type and a second key negotiation parameter corresponding to the second algorithm type.

[0062] Step 330: Send the first key negotiation parameters, the second key negotiation parameters, and the negotiation suite identifier to the user terminal corresponding to the cloud communication privacy number session.

[0063] Step 340: Receive the third key negotiation parameters corresponding to the first algorithm type, the fourth key negotiation parameters corresponding to the second algorithm type, and the negotiation suite identifier confirmed by the user terminal returned by the user terminal.

[0064] Step 350: Perform negotiation calculation of the first algorithm type according to the first key negotiation parameters and the third key negotiation parameters to obtain a first negotiation result; and perform negotiation calculation of the second algorithm type according to the second key negotiation parameters and the fourth key negotiation parameters to obtain a second negotiation result.

[0065] Step 360: According to the combination rules corresponding to the negotiation suite identifier, combine the first negotiation result and the second negotiation result to generate a hybrid shared key material.

[0066] Step 370: Generate a handshake transcription digest based on the first key negotiation parameters, the second key negotiation parameters, the third key negotiation parameters, the fourth key negotiation parameters, and the negotiation suite identifier.

[0067] It should be noted that the first algorithm type refers to the specific type of the target public-key cryptographic algorithm determined based on the hybrid negotiation parameter set, such as elliptic curve cryptography or RSA cryptography. The second algorithm type refers to the specific type of post-quantum cryptographic algorithm used for key establishment or encapsulation, determined based on the hybrid negotiation parameter set, such as Kyber. The first key negotiation parameter refers to the public parameters generated by the cloud communication platform based on the first algorithm type for key negotiation, such as the temporary public key in elliptic curve cryptography. The second key negotiation parameter refers to the public parameters generated by the cloud communication platform based on the second algorithm type for key negotiation, such as the encapsulated public key in post-quantum cryptography. The third key negotiation parameter refers to the public parameters generated by the user terminal based on the first algorithm type for key negotiation, which, together with the first key negotiation parameter, are used to calculate the first negotiation result. The fourth key negotiation parameter refers to the public parameters generated by the user terminal based on the second algorithm type for key negotiation, which, together with the second key negotiation parameter, are used to calculate the second negotiation result. The first negotiation result refers to the shared secret value obtained by the cloud communication platform through negotiation using the target public-key cryptographic algorithm based on the first and third key negotiation parameters. The second negotiation result refers to the shared secret value obtained by the cloud communication platform through negotiation using the post-quantum cryptographic algorithm based on the second and fourth key negotiation parameters. Combination rules refer to a predetermined method for merging the first negotiation result and the second negotiation result to generate a hybrid shared key material, such as splicing, XORing, or fusion through key derivation functions.

[0068] Specifically, in one example, suppose a ride-hailing service triggers a cloud communication privacy number session. The session attribute information indicates the service type as ride-hailing, the privacy level as high, and the terminal capability level as supporting elliptic curve cryptography and Kyber post-quantum cryptography. The cloud communication platform selects a high security level based on the session attribute information, specifying elliptic curve cryptography as the first algorithm type and Kyber as the second algorithm type in the corresponding hybrid negotiation parameter set, and determining the negotiation suite identifier as Suite_001. The platform generates a temporary private key x for elliptic curve cryptography and calculates a temporary public key X as the first key negotiation parameter; simultaneously, it generates a Kyber encapsulation public key pk as the second key negotiation parameter. The platform packages X, pk, and the negotiation suite identifier Suite_001 and sends them to the user terminal. Upon receiving the package, the user terminal generates a temporary private key y for elliptic curve cryptography and calculates a temporary public key Y as the third key negotiation parameter; simultaneously, it generates a Kyber decapsulation private key sk and randomly generates a symmetric key k as the fourth key negotiation parameter, using pk to encapsulate k to obtain ciphertext C. The terminal returns Y, C, and the confirmed negotiation suite identifier Suite_001 to the platform. The platform calculates the shared secret value ecdh_secret of the elliptic curve cryptography based on X and Y as the first negotiation result; it performs Kyber decapsulation calculation based on pk and C to obtain k as the second negotiation result. The platform generates a hybrid shared key material hybrid_ss according to the combination rules corresponding to Suite_001 (e.g., concatenating ecdh_secret with k and then hashing). Simultaneously, the platform generates a handshake transcription digest bundle_id based on X, Y, pk, C, and Suite_001 using a preset hash algorithm, which is used to uniquely identify this negotiation process.

[0069] As can be seen from the above description, the post-quantum cryptography key distribution and session protection method for cloud communication privacy number sessions provided in this application can ensure that both parties negotiate a consistent hybrid shared key material by clearly defining the bidirectional parameter exchange between the platform and the terminal, calculating the negotiation results of the two types of algorithms separately and combining them according to rules, and providing a traceable negotiation suite identifier and handshake transcription digest for the subsequent generation of context commitment digest, thereby improving the reliability and verifiability of key negotiation.

[0070] To further address the issues of insufficient binding between business context and cryptographic materials, and the binding object remaining limited to the handshake message itself, this application provides a post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions. (See also...) Figure 2 Step 400 of the post-quantum cryptography key distribution and session protection method for cloud communication privacy number sessions specifically includes the following: Step 410: Obtain the call direction identifier, risk level, and current rotation window number of the cloud communication privacy number session.

[0071] Step 420: Concatenate the session attribute information, the call direction identifier, the negotiation suite identifier, the handshake transcription digest, the risk level, and the current rotation window number, and perform a cryptographic hash operation on the resulting concatenated data to generate a fixed-length context commitment digest; wherein, the session attribute information includes: the tenant identifier, session identifier, service type, privacy level, and terminal capability level of the cloud communication privacy number session; the session attribute information also includes: the compliance level label and / or network status of the cloud communication privacy number session.

[0072] It should be noted that the compliance level tag is a field used to identify the applicable compliance and regulatory level for the session, such as financial compliance level, medical privacy level, general business level, etc., corresponding to the regulatory tag (reg_tag) in the original disclosure. The network status is a field used to identify the current network connection quality or stability, such as network latency, packet loss rate, bandwidth status, etc., corresponding to the network status (net_state) in the original disclosure.

[0073] Specifically, in one example, a ride-hailing service triggered a cloud communication privacy number session. The platform has completed hybrid key negotiation, generating a hybrid shared key material (hybrid_ss), a negotiation suite identifier (Suite_001), and a handshake transcription digest (bundle_id_abc123). The platform further obtains the call direction identifier for this session as outgoing (dir_outgoing), the risk level as low (risk_low), and the current rotation window number as 0 (indicating that rotation has not yet occurred). The session attribute information includes: tenant identifier as tenant A (tenant_001), session identifier as session 001 (call_001), service type as ride-hailing (ride_hailing), privacy level as high (level_high), and terminal capability level as supporting elliptic curve cryptography and Kyber (cap_level_2). In addition, the session attribute information also includes a compliance level label as ride-hailing service compliant (compliance_level_2) and a network status as good (net_stable). The platform concatenates the above fields into a string according to a preset order. The concatenated string is hashed using SHA-256 to obtain a fixed-length hash value, which serves as the context commitment digest. This context commitment digest will be used as the common binding root for subsequent derived session protection keys, construction of isolation key fields, control of key rotation, and generation of verifiable evidence.

[0074] As can be seen from the above description, the post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions provided in this application can generate a unified context commitment digest by concatenating and hashing business contexts such as tenant identifier, session identifier, call direction, service level, risk level, and rotation window with cryptographic materials such as negotiation suite identifier and handshake transcription digest. This enables the encryption plane, control plane, and audit plane to achieve source verification and provides a traceable common root for subsequent session protection operations.

[0075] To further address the issues of unclear derivation paths from hybrid negotiation results to specific functional keys and the lack of isolation between functional keys, this application provides a post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions. (See also...) Figure 2 Step 500 of the post-quantum cryptography key distribution and session protection method for cloud communication privacy number sessions specifically includes the following: Step 511: Using the hybrid shared key material as the root key and the context commitment digest as the context, extract the session master key corresponding to the cloud communication privacy number session through the key derivation function.

[0076] Step 512: Based on the session master key and the context commitment digest, derive a signaling protection subkey, a media protection subkey, and an audit protection subkey for the cloud communication privacy number session.

[0077] Specifically, in one example, a ride-hailing service triggered a cloud communication privacy number session. The platform has generated a context commitment digest CCD_8a3f2e1d and a hybrid shared key material hybrid_ss. Using hybrid_ss as the root key and CCD_8a3f2e1d as the context, the platform calls an HMAC-based key derivation function (HKDF) to perform an extraction operation, obtaining a fixed-length session master key ms_5c7e9a2b. Subsequently, based on ms_5c7e9a2b and CCD_8a3f2e1d, the platform extended the key derivation function using different application tags: the tag 'signal' was used to derive the signaling protection subkey K_sig_1f3d8a7c, used for encryption and integrity verification of the signaling plane of the session initiation protocol; the tag 'media' was used to derive the media protection subkey K_media_2e4b6c8d, used for encryption of the media plane of the real-time transmission protocol; and the tag 'audit' was used to derive the audit protection subkey K_audit_3a5c7e9f, used for encryption protection of evidence records. At this point, the platform completed the derivation of the session protection key, providing the basic key material for subsequent operations such as signaling protection, media protection, audit protection, isolation key field construction, key rotation, and evidence generation.

[0078] As can be seen from the above description, the post-quantum cryptography key distribution and session protection method for cloud communication privacy number sessions provided in this application embodiment can achieve key isolation between different functional domains by deriving the session master key from the context commitment digest as the context, and then deriving mutually independent signaling, media and audit sub-keys based on the session master key, thereby enhancing the security of session protection and providing independent audit protection keys for subsequent verifiable evidence.

[0079] To further address the lack of a linkage mechanism between anomaly detection and key isolation, this application provides a post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions. (See also...) Figure 2 Step 500 of the post-quantum cryptography key distribution and session protection method for cloud communication privacy number sessions further includes the following: Step 521: Monitor the risk indicators of the cloud communication privacy number session in real time; wherein the risk indicators include at least one of the following: decapsulation failure rate, abnormal retransmission rate, and degradation frequency.

[0080] Step 522: When the risk indicator exceeds the preset threshold, an isolation key field seed is generated based on the session master key, the context commitment digest, and the preset risk random number through a key derivation function.

[0081] Step 523: Based on the isolated key field seed, enable an isolated key field independent of the normal session within the current cloud communication privacy number session to separate the key evolution path of the abnormal session from that of the normal session.

[0082] It should be noted that the decapsulation failure rate refers to the proportion of failed decryption or decapsulation operations in a session out of the total number of attempts, used to measure key or data integrity anomalies. The abnormal retransmission rate refers to the proportion of retransmission requests exceeding the normal retransmission limit in a session out of the total number of requests, used to measure abnormal conditions in signaling or media transmission. The degradation frequency refers to the number of times the session security level is downgraded, used to measure how frequently security policies are triggered for adjustment. The risk nonce is a random number used to generate the isolation key field seed, ensuring the unpredictability and uniqueness of the isolation key field. The isolation key field seed (IKD_seed) is a seed value generated by the key derivation function, used to initialize the isolation key field. The key evolution path refers to the derivative chain of keys that is continuously updated as the session progresses; this path is separated from the normal session after the isolation key field is enabled.

[0083] Specifically, in one example, a ride-hailing service session has derived a session master key ms_5c7e9a2b and a context commitment digest CCD_8a3f2e1d. The platform continuously monitors the risk indicators of this session: the decapsulation failure rate is currently 0.3%, the abnormal retransmission rate is 0.1%, and the degradation frequency is 0. The platform's preset thresholds are 1% for the decapsulation failure rate, 0.5% for the abnormal retransmission rate, and 1 for the degradation frequency. Suddenly, the platform detects that the decapsulation failure rate of this session has climbed to 2.5% in a short period of time, exceeding the preset threshold of 1%. The platform immediately triggers the isolation mechanism, obtains the preset risk random number risk_nonce_7d9f3a1e, and uses the session master key ms_5c7e9a2b, the context commitment digest CCD_8a3f2e1d, and the risk random number as input to generate the isolation key field seed IKD_seed_4b8e2c6f through the key derivation function. Based on this seed, the platform enables an isolated key domain within the current session, completely separating the subsequent key evolution path of this session from normal sessions. Thereafter, key derivation, rotation, and other operations within this session are independent of other sessions, and any abnormal impact is confined to the boundaries of this session, preventing it from spreading to other tenants or sessions.

[0084] As can be seen from the above description, the post-quantum cryptography key distribution and session protection method for cloud communication privacy number sessions provided in this application can separate the key derivation of abnormal sessions from normal sessions by real-time monitoring of risk indicators and generating isolated key field seeds and enabling independent key evolution paths when they exceed the threshold. This enables the risk to converge quickly within the session boundary and avoids the spread of anomalies to other tenants or sessions.

[0085] To further address the issues of fixed-period rotation failing to adapt to dynamic risks and media plane jitter easily occurring during rotation switching, this application provides a post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions. (See also...) Figure 2 Step 500 of the post-quantum cryptography key distribution and session protection method for cloud communication privacy number sessions further includes the following: Step 531: Obtain the current risk score, current traffic load score, and current jitter score of the cloud communication privacy number session.

[0086] Step 532: Dynamically calculate the overlap window length of the new and old keys based on the current risk score, the current traffic load score, and the current jitter score.

[0087] Step 533: Within the length of the overlapping window, the sending side prioritizes encryption with the new key, while the receiving side simultaneously accepts decryption with both the old and new keys, so as to achieve uninterrupted rotation of the session protection key.

[0088] Step 534: After the rotation is completed, update the current rotation window number of the cloud communication privacy number session.

[0089] It should be noted that the current risk score (risk_score) is a numerical score that comprehensively assesses the risk level of the current session, usually calculated in real time by the risk monitoring module. The current traffic load score (traffic_score) is a numerical score reflecting the traffic load level of the current session or system, used to measure network congestion. The current jitter score (jitter_score) is a numerical score reflecting the jitter level of the media stream in the current session, used to measure network stability. The overlap window length (W) is the length of the time window during which the old and new keys are simultaneously effective. Within this window, the sending side prioritizes encryption with the new key, and the receiving side accepts decryption with both the old and new keys simultaneously. Uninterrupted rotation refers to a rotation method in which there is no packet loss, stuttering, or interruption on the media plane during the key update process.

[0090] Specifically, in one example, the platform has derived a signaling protection subkey K_sig_1f3d8a7c and a media protection subkey K_media_2e4b6c8d. The platform obtains the current risk score of this session as 20 (out of 100), the current traffic load score as 35 (out of 100), the current jitter score as 15 (out of 100), the baseline window length W0 as 10 seconds, the minimum window length as 5 seconds, the maximum window length as 30 seconds, and the weighting coefficients a as 0.2, b as 0.5, and c as 0.3. The platform calculates the overlap window length according to the formula: W = clip(10 + 0.2×35 + 0.5×20 + 0.3×15, 5, 30) = clip(10 + 7 + 10 +4.5, 5, 30) = clip(31.5, 5, 30) = 30 seconds. The platform initiates key rotation, generating new signaling protection subkey K_sig_new and media protection subkey K_media_new. During the next 30-second window, the platform's sending side prioritizes encryption using the new key, while the receiving side accepts decryption using both the old and new keys simultaneously. Within this window, regardless of the arrival order of the old and new keys during transmission, successful decryption ensures uninterrupted media transmission.

[0091] After the window period ends, the platform stops using the old key, switches completely to the new key, and updates the current rotating window number of the session from 0 to 1.

[0092] As can be seen from the above description, the post-quantum cryptography key distribution and session protection method for cloud communication privacy number sessions provided in this application can quickly complete the rotation when there is high risk and smoothly transition when there is low risk by dynamically calculating the overlap window length based on risk score, traffic load score and jitter score. At the same time, it can accept the decryption of old and new keys simultaneously within the window, realize the uninterrupted rotation of session protection keys, and ensure the continuity of real-time voice services.

[0093] To further address the issue that audit logs cannot prove negotiated parameter levels, contextual commitments, rotation continuity, and non-unauthorized degradation, this application provides a post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions. (See also...) Figure 2 Step 500 of the post-quantum cryptography key distribution and session protection method for cloud communication privacy number sessions further includes the following: Step 541: Generate negotiation evidence record, continuity evidence record, and dispute evidence record for the current cloud communication privacy number session; wherein, the negotiation evidence record includes the negotiation suite identifier, the handshake transcription digest, the context commitment digest, and the corresponding timestamp signature; the continuity evidence record includes the key identifier before the session protection key rotation, the key identifier after the session protection key rotation, the current rotation window number, the isolation key field identifier, and the context commitment digest; the dispute evidence record includes the anomaly reason code, risk level, degradation status, result digest, and the context commitment digest; the anomaly reason code is used to record the cause type of triggering the anomaly event, and the degradation status is used to record the degradation status of the session security level.

[0094] Step 542: Write the negotiated evidence record, the continuity evidence record, and the disputed evidence record into a preset verifiable evidence chain.

[0095] It should be noted that the negotiation evidence record is used to prove the session negotiation level and commitment summary, including the negotiation suite identifier, handshake transcription summary, context commitment summary, and timestamp signature. The continuity evidence record is used to prove that the key before and after the key rotation belongs to the same commitment chain and there is no untraceable interruption, including the key identifiers before and after the rotation, the rotation window number, the isolation key field identifier, and the context commitment summary. The dispute evidence record is used to provide verification evidence without exposing media content, including the anomaly reason code, risk level, downgrade status, result summary, and context commitment summary. The timestamp signature is a signature generated by a trusted timestamp service to prove the authenticity of the evidence record's generation time. The key identifier before the session protection key rotation (prev_key_id) is used to identify the session protection key number before the rotation. The key identifier after the session protection key rotation (new_key_id) is used to identify the session protection key number after the rotation. The isolation key field identifier (ikd_flag) is a flag used to indicate whether the isolation key field is enabled. The anomaly reason code (reason_code) is an encoding used to record the type of reason that triggered the anomaly event. The fallback state is a status field used to record the status of a session's security level being downgraded. The result digest is a summary value used to record the result of the dispute resolution process. The verifiable evidence chain is an immutable storage medium or evidence preservation system used to store negotiated evidence, continuity evidence, and disputed evidence.

[0096] Specifically, in one example, this session has generated a negotiation suite identifier (Suite_001), a handshake transcription digest (bundle_id_abc123), and a context commitment digest (CCD_8a3f2e1d). The isolation key field was enabled, and a key rotation was completed (the key identifier before rotation was key_prev_001, and after rotation it was key_new_002; the rotation window number was updated from 0 to 1, and the isolation key field identifier was enabled). The decryption failure rate exceeded the threshold, the exception reason code was err_decrypt_001, the risk level was high, the downgrade status was not downgraded, and the result digest was isolate_success_001. The platform generates three types of evidence records based on the context commitment digest: (1) The negotiation evidence record includes: negotiation suite identifier Suite_001, handshake transcription summary bundle_id_abc123, context commitment summary CCD_8a3f2e1d, and timestamp signature ts_sig_20250329_001 generated by the trusted timestamp service.

[0097] (2) The continuity evidence record includes: the key identifier before rotation key_prev_001, the key identifier after rotation key_new_002, the current rotation window number 1, the isolation key domain identifier ikd_flag_enabled, and the context commitment digest CCD_8a3f2e1d.

[0098] (3) The disputed evidence record includes: the anomaly cause code err_decrypt_001, the risk level high, the downgrade status fallback_none, the result summary isolate_success_001, and the context commitment summary CCD_8a3f2e1d.

[0099] The platform records these three types of evidence in the blockchain storage system as a verifiable evidence chain for subsequent compliance verification or issue tracing. Without obtaining the content of the call, the verifying party can verify key information such as the negotiation parameter level (traceable through negotiation suite identifiers), context commitment (through digest comparison), rotation continuity (through continuous evidence records), and no unauthorized downgrade (through downgrade status in disputed evidence records).

[0100] As can be seen from the above description, the post-quantum cryptography key distribution and session protection method for cloud communication privacy number sessions provided in this application generates three layers of records—negotiated evidence, continuity evidence, and disputed evidence—around the same context commitment digest, and writes them into a verifiable evidence chain. This enables the verification of key information throughout the key management process without exposing the call content during compliance verification or issue tracing, thereby improving the integrity and credibility of evidence in regulatory verification and dispute resolution.

[0101] From a software perspective, this application also provides a cloud communication platform for performing all or part of the post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions, see [link to relevant documentation]. Figure 3 The cloud communication platform specifically includes the following: The session attribute acquisition module 10 is used to acquire session attribute information of the cloud communication privacy number session; The security level selection module 20 is used to select a corresponding security level identifier and a set of hybrid negotiation parameters corresponding to the security level identifier from a preset security level parameter library based on the session attribute information. The key negotiation module 30 is used to interact with the user terminal corresponding to the cloud communication privacy number session according to the hybrid negotiation parameter set to perform hybrid key negotiation of the target public key cryptography algorithm and the post-quantum cryptography algorithm, and generate hybrid shared key material as the post-quantum cryptography key to be distributed to the cloud communication privacy number session; The commitment digest generation module 40 is used to cryptographically bind the session attribute information with the shared key material to generate a fixed-length context commitment digest. The session protection module 50 is used to perform session protection on the cloud communication privacy number session based on the context commitment digest; wherein, the session protection includes: deriving a session protection key, constructing an isolation key field, controlling key rotation, and generating verifiable evidence.

[0102] The cloud communication platform embodiments provided in this application can be used to execute the processing flow of the embodiments of the post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions described above. Its functions will not be repeated here, but can be referred to the detailed description of the embodiments of the post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions described above.

[0103] The portion of the cloud communication platform that performs post-quantum cryptographic key distribution and session protection for cloud communication privacy number sessions can be completed in either a server or a client device. The choice can be made based on the processing capabilities of the client device and limitations of the user's usage scenario. This application does not impose any limitations in this regard. If all operations are completed in the client device, the client device may further include a processor for the specific processing of post-quantum cryptographic key distribution and session protection for cloud communication privacy number sessions.

[0104] The aforementioned client device may have a communication module (i.e., a communication unit) that can communicate with a remote server to achieve data transmission with the server. The server may include a server on the task scheduling center side; in other implementation scenarios, it may also include a server on an intermediate platform, such as a server on a third-party server platform that has a communication link with the task scheduling center server. The server may include a single computer device, a server cluster consisting of multiple servers, or a distributed server structure.

[0105] The server and the client device can communicate using any suitable network protocol, including those not yet developed as of the date of this application. Such network protocols may include, for example, TCP / IP, UDP / IP, HTTP, HTTPS, etc. Furthermore, such network protocols may also include RPC (Remote Procedure Call Protocol) and REST (Representational State Transfer Protocol) protocols used on top of the aforementioned protocols.

[0106] To further illustrate the above embodiments, this application also provides a specific application example of a post-quantum cryptography key distribution and session protection method for cloud communication privacy number sessions using a cloud communication platform. This method can at least achieve the following: First, automatically selecting appropriate hybrid negotiation parameters for different service lines, privacy levels, and terminal capabilities; second, uniformly binding handshake materials, derived materials, and audit evidence with the same commitment digest throughout the same session lifecycle; third, switching to an isolated key domain without interrupting existing calls in the event of abnormal risks; fourth, dynamically adjusting the overlap window of the old and new keys based on real-time service load and risk scoring to reduce media plane jitter; and fifth, outputting complete evidence internally and verifiable evidence digests externally, achieving compliance verification without decrypting service content.

[0107] See Figure 4 The cloud communication platform provided in this application example can be composed of the following core functional modules, whose data flow and control flow work together.

[0108] (1) Session attribute collection module 10 obtains session attribute information of cloud communication privacy number session, including tenant identifier, session identifier, service type, privacy level, call direction, terminal capability level, compliance level label and network status.

[0109] (2) Security level selection module 20 selects the corresponding security level identifier and the hybrid negotiation parameter set corresponding to the security level identifier from the preset security level parameter library based on the service type, privacy level, terminal capability level and other fields in the session attribute information, including candidate hybrid suite, handshake timeout threshold and rotation baseline window.

[0110] (3) Key negotiation module 30, according to the hybrid negotiation parameter set, interacts with the user terminal to perform hybrid key negotiation of the target public key cryptography algorithm and the post-quantum cryptography algorithm, and generates hybrid shared key material, negotiation suite identifier and handshake transcription digest.

[0111] (4) Commitment digest generation module 40 concatenates the tenant identifier, session identifier, service type, privacy level, terminal capability level, compliance level label, and network status in the session attribute information with the call direction identifier, negotiation suite identifier, handshake transcription digest, risk level, and current rotation window number, and performs cryptographic hash operation on the concatenated data to generate a fixed-length context commitment digest.

[0112] (5) Session protection module 50, based on the context commitment digest, performs session protection on the cloud communication privacy number session. Specifically, session protection module 50 includes: The key derivation unit 51 is used to extract the session master key using the hybrid shared key material as the root key and the context commitment digest as the context, and to derive the signaling protection subkey, media protection subkey and audit protection subkey based on the session master key and the context commitment digest; Anomaly detection and isolation key domain unit 52 is used to monitor risk indicators in real time. When the risk indicators exceed the preset threshold, an isolation key domain seed is generated based on the session master key, context commitment digest and risk random number, and an isolation key domain independent of normal sessions is enabled. The dynamic sliding window rotation unit 53 is used to obtain the current risk score, current traffic load score and current jitter score, dynamically calculate the overlap window length of the new and old keys, and use the new key to encrypt on the sending side first and the old key and the new key to decrypt on the receiving side at the same time to realize the uninterrupted rotation of the session protection key; The layered evidence output unit 54 is used to generate negotiated evidence records, continuity evidence records, and disputed evidence records, and write them into a verifiable evidence chain.

[0113] Based on this, this application example is based on the above architecture, and the process follows... Figure 5 The steps are executed sequentially, with each step using the output of the previous step as the valid input for the next step, forming a closed loop: S1: Retrieving Session Attribute Information Before a session is established, the cloud communication platform obtains the session attribute information of the cloud communication privacy number session, including tenant identifier, session identifier, service type, privacy level, terminal capability level, compliance level label, network status and other fields, and maps them into a unified standardized input structure.

[0114] S2: Safety Gear Selection Based on the session attribute information, the cloud communication platform selects the corresponding security level identifier and the corresponding hybrid negotiation parameter set from a preset security level parameter library. For example, a high-security level, a medium-security level, or a compatible level can be obtained according to the rule of "business sensitivity × terminal capability × network stability". The security level simultaneously determines the target public-key cryptography algorithm candidate set, the post-quantum cryptography algorithm candidate set, the handshake delay threshold, and the rotation benchmark parameter.

[0115] S3: Hybrid Key Negotiation The cloud communication platform interacts with the user terminal based on the hybrid negotiation parameter set to perform hybrid key negotiation of the target public-key cryptography algorithm and the post-quantum cryptography algorithm. Specifically, the platform determines the first algorithm type of the target public-key cryptography algorithm and the second algorithm type of the post-quantum cryptography algorithm, and determines the negotiation suite identifier; generates first key negotiation parameters corresponding to the first algorithm type and second key negotiation parameters corresponding to the second algorithm type; sends the first key negotiation parameters, the second key negotiation parameters, and the negotiation suite identifier to the user terminal; receives the third key negotiation parameters, the fourth key negotiation parameters, and the negotiation suite identifier confirmed by the user terminal; performs negotiation calculations for the first algorithm type based on the first and third key negotiation parameters to obtain a first negotiation result, and performs negotiation calculations for the second algorithm type based on the second and fourth key negotiation parameters to obtain a second negotiation result; combines the first and second negotiation results according to the combination rules corresponding to the negotiation suite identifier to generate hybrid shared key material; and simultaneously generates a handshake transcription digest based on the first, second, third, and fourth key negotiation parameters and the negotiation suite identifier.

[0116] S4: Context Commitment Summary Generation The cloud communication platform obtains the call direction identifier, risk level, and current rotation window number of the cloud communication privacy number session; it concatenates the session attribute information, call direction identifier, negotiation suite identifier, handshake transcription digest, risk level, and current rotation window number, and performs a cryptographic hash operation on the resulting concatenated data to generate a fixed-length context commitment digest. The session attribute information includes tenant identifier, session identifier, service type, privacy level, terminal capability level, compliance level label, and / or network status.

[0117] S5: Session Protection Key Derivation The cloud communication platform uses hybrid shared key material as the root key and context commitment digest as the context to extract the session master key through key derivation function; based on the session master key and context commitment digest, it derives signaling protection subkey, media protection subkey and audit protection subkey.

[0118] S6: Construction of the Isolation Key Domain The cloud communication platform monitors risk indicators in real time, including at least one of the following: decapsulation failure rate, abnormal retransmission rate, and degradation frequency. When any risk indicator exceeds a preset threshold, an isolation key field seed is generated through a key derivation function based on the session master key, context commitment digest, and a preset risk random number. Based on this seed, an isolation key field independent of the normal session is enabled within the current session, thus separating the key evolution path of the abnormal session from that of the normal session.

[0119] S7: Key Rotation Control The cloud communication platform obtains the current risk score, current traffic load score, and current jitter score. Based on these scores, it dynamically calculates the overlap window length between the old and new keys, using the formula W = clip(W0 + a·traffic_score + b·risk_score + c·jitter_score, Wmin, Wmax). Within the overlap window length, the sending side prioritizes encryption using the new key, while the receiving side simultaneously accepts decryption using both the old and new keys, achieving uninterrupted rotation of the session protection key. After rotation is complete, the current rotation window number is updated.

[0120] It should be noted that in the above formula, W is the overlap window length, representing the length of the time window during which the old and new keys are simultaneously effective. Within this window, the sending side prioritizes encryption with the new key, while the receiving side simultaneously accepts both the old and new keys for decryption, thus achieving uninterrupted rotation of the session protection key; W0 is the baseline window length, representing the pre-configured default overlap window length, serving as the base value for dynamic adjustment; traffic_score is the current traffic load score, used to measure the network congestion status of the current session or system; risk_score is the current risk score, calculated in real time by the risk monitoring module to comprehensively assess the risk level of the current session; jitter_score is the current jitter score, used to measure the network jitter level of the media stream in the current session; a, b, and c are the weighting coefficients corresponding to the traffic load score, risk score, and jitter score, respectively, used to adjust the influence of each factor on the window length; Wmin is the minimum window value, and Wmax is the maximum window value, used to trim the calculation results to a reasonable range, preventing the window from being too short and affecting session continuity, or too long and causing key update delays. This formula dynamically adjusts the overlap window length by integrating three factors: traffic load, risk level, and network jitter, to achieve a differentiated rotation strategy that allows for rapid convergence during high-risk periods and smooth transition during low-risk periods.

[0121] in, Figure 6 This diagram illustrates the unified commitment, derivation, and evidence mechanism. Mechanism description: The left side shows session attribute information and hybrid shared key material; the middle section shows the unified context commitment digest; the right side shows negotiated evidence records, continuous evidence records, and disputed evidence records; and the bottom section shows the isolated key field and dynamic window W.

[0122] exist Figure 6In this context, `ms = HKDF-Extract(hybrid_ss, CCD)` means that the session master key `ms` is generated using the hybrid shared key material `hybrid_ss` as the root key and the context commitment digest `CCD` as the context, through the extraction operation in the key derivation function. `K_media / K_sig / K_audit` means that based on the session master key `ms` and the context commitment digest `CCD`, the media protection subkey `K_media`, the signaling protection subkey `K_sig`, and the audit protection subkey `K_audit` are derived respectively through the expansion operation in the key derivation function. `IKD = HKDF-Extract(ms, CCD || risk_nonce)` means that when the risk indicator exceeds a preset threshold, using the session master key `ms` as the root key and the result of concatenating the context commitment digest `CCD` and the risk random number `risk_nonce` as the context, an isolation key field seed `IKD` is generated through the key derivation function to enable an isolation key field independent of the normal session within the current session.

[0123] The three formulas above together constitute a complete key derivation chain from the hybrid negotiation result to the session protection key and then to the abnormal isolation key field: first, the session master key is derived from the hybrid shared key material and the context commitment digest; then, the functional subkeys are derived from the session master key; and finally, when an abnormality is triggered, the isolation key field seed is derived from the session master key, the context commitment digest, and the risk random number, thereby achieving cryptographic isolation of risky sessions.

[0124] S8: Verifiable data generation The cloud communication platform generates negotiation evidence records, continuity evidence records, and dispute evidence records for the current session. Negotiation evidence records include the negotiation suite identifier, handshake transcription digest, context commitment digest, and corresponding timestamp signature. Continuity evidence records include the key identifier before and after the session protection key rotation, the current rotation window number, the isolation key field identifier, and the context commitment digest. Dispute evidence records include anomaly cause codes, risk levels, degradation status, result digests, and context commitment digests. The anomaly cause code records the type of reason that triggered the anomaly, and the degradation status records the degradation of the session's security level. The platform writes these three types of evidence records into a verifiable evidence chain.

[0125] It is understood that in the application examples of this application, the post-quantum cryptography algorithm can be replaced by different combinations of KEM or signature algorithms, as long as the candidate set selection is still based on the secure peg library and bound by the same context commitment digest, it will fall within the protection scope of this application. The constant detection model can employ a rule engine, statistical model, or machine learning model; as long as its output is used to trigger the switching of the isolated key domain and dynamic rotation, it can be considered an equivalent substitute for this application. Layered evidence can be anchored to local immutable storage, a trusted timestamp service, or a cross-domain digest storage system, as long as the evidence and the context commitment digest remain bound to the same source.

[0126] In addition, to ensure that those skilled in the art can directly understand and reproduce this solution, the key data structures involved in this application and their functions are shown in Table 1.

[0127] Table 1

[0128] Based on this, the method provided in this application application includes: a security tier selection mechanism that jointly determines the hybrid negotiation tier based on business sensitivity, regulatory labels, and terminal capabilities; a mechanism for generating a unified context commitment digest (CCD) based on fields such as tenant_id, call_id, dir_id, profile_id, and risk_class, and using the CCD to connect handshake, derivation, rotation, and evidence presentation; an anomaly detection and isolation key field linkage mechanism; a high-risk session cryptographic isolation mechanism based on IKD; a dynamic sliding window rotation mechanism jointly driven by risk and traffic; and a layered evidence presentation mechanism that generates negotiated evidence, continuous evidence, and disputed evidence around the same CCD.

[0129] Therefore, the application examples of this application have the following beneficial effects: (1) Compared with existing schemes that only focus on post-quantum handshake, this application directly couples the business sensitivity classification with the selection of cryptographic parameters, which can form a verifiable configuration chain where the same business goes through the same level and different businesses go through different levels.

[0130] (2) Compared with the scheme that only binds message transcription, this application uses a unified CCD to bind negotiation, derivation, rotation and evidence simultaneously, which can significantly reduce the problems of state drift and inconsistency of audit scope between multiple modules.

[0131] (3) Compared with the fixed-period rotation scheme, this application achieves rapid convergence and low-interruption rotation of high-risk sessions through the isolation key field of abnormal linkage and dynamic sliding window rotation, which is more suitable for real-time voice services.

[0132] (4) Compared with the scheme that only leaves a hash chain trace, this application outputs a layered evidence structure, which allows key issues such as what parameters are used, when to switch, and whether to restore continuously to be verified by a third party without decrypting the content.

[0133] This application also provides an electronic device, which may include a processor, a memory, a receiver, and a transmitter. The processor is used to execute the post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions mentioned in the above embodiments. The processor and memory can be connected via a bus or other means, taking a bus connection as an example. The receiver can be connected to the processor and memory via wired or wireless means.

[0134] The processor can be a central processing unit (CPU). The processor can also be other general-purpose processors, digital signal processors (DSPs), application-specific integrated circuits (ASICs), field-programmable gate arrays (FPGAs), or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or combinations of the above types of chips.

[0135] Memory, as a non-transitory computer-readable storage medium, can be used to store non-transitory software programs, non-transitory computer-executable programs, and modules, such as the program instructions / modules corresponding to the post-quantum cryptography key distribution and session protection method for cloud communication privacy number sessions in the embodiments of this application. The processor executes various functional applications and data processing by running the non-transitory software programs, instructions, and modules stored in the memory, thereby implementing the post-quantum cryptography key distribution and session protection method for cloud communication privacy number sessions in the above method embodiments.

[0136] The memory may include a program storage area and a data storage area. The program storage area may store the operating system and applications required for at least one function; the data storage area may store data created by the processor, etc. Furthermore, the memory may include high-speed random access memory and non-transitory memory, such as at least one disk storage device, flash memory device, or other non-transitory solid-state storage device. In some embodiments, the memory may optionally include memory remotely located relative to the processor, which can be connected to the processor via a network. Examples of such networks include, but are not limited to, the Internet, corporate intranets, local area networks, mobile communication networks, and combinations thereof.

[0137] The one or more modules are stored in the memory, and when executed by the processor, the post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions in the embodiment is executed.

[0138] In some embodiments of this application, the user equipment may include a processor, a memory, and a transceiver unit. The transceiver unit may include a receiver and a transmitter. The processor, memory, receiver, and transmitter may be connected via a bus system. The memory is used to store computer instructions, and the processor is used to execute the computer instructions stored in the memory to control the transceiver unit to send and receive signals.

[0139] As one implementation method, the functions of the receiver and transmitter in this application can be implemented by transceiver circuits or dedicated transceiver chips, and the processor can be implemented by dedicated processing chips, processing circuits or general-purpose chips.

[0140] As another implementation approach, the server provided in this application embodiment can be implemented using a general-purpose computer. That is, the program code implementing the processor, receiver, and transmitter functions is stored in memory, and the general-purpose processor implements the processor, receiver, and transmitter functions by executing the code in memory.

[0141] This application also provides a computer-readable storage medium storing a computer program thereon. When executed by a processor, the computer program implements the steps of the aforementioned post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions. The computer-readable storage medium can be a tangible storage medium, such as random access memory (RAM), main memory, read-only memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, floppy disks, hard disks, removable storage disks, CD-ROMs, or any other form of storage medium known in the art.

[0142] This application also provides a computer program product, including a computer program that, when executed by a processor, implements the steps of the aforementioned method for post-quantum cryptographic key distribution and session protection for cloud communication privacy number sessions.

[0143] In the research and development and implementation of the technical solutions involved in this application, all user personal information (if any) was processed in strict accordance with the principles of legality, legitimacy, necessity, and good faith. Specifically, the relevant data was obtained through one or more of the following compliant methods: 1) Before collecting users' personal information, the purpose, method, and scope of the collection have been clearly communicated to the users, and the users' individual and explicit authorization and consent have been obtained; 2) The personal data used comes from publicly available datasets permitted by laws and regulations, and the personal data has undergone necessary anonymization or de-identification processing during use to ensure that no specific individual can be identified and the information is irretrievable; 3) The use of personal data is limited to the technical research and development, model training and verification purposes described in this application, and strict technical and management measures have been taken to protect data security and prevent information leakage, abuse and unauthorized access.

[0144] Those skilled in the art will understand that the exemplary components, systems, and methods described in conjunction with the embodiments disclosed herein can be implemented in hardware, software, or a combination of both. Whether implemented in hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art can use different methods to implement the described functions for each specific application, but such implementation should not be considered beyond the scope of this application. When implemented in hardware, it can be, for example, electronic circuits, application-specific integrated circuits (ASICs), appropriate firmware, plug-ins, function cards, etc. When implemented in software, the elements of this application are programs or code segments used to perform the required tasks. The programs or code segments can be stored on a machine-readable medium or transmitted over a transmission medium or communication link via data signals carried on a carrier wave.

[0145] It should be clarified that this application is not limited to the specific configurations and processes described above and shown in the figures. For the sake of brevity, detailed descriptions of known methods are omitted here. In the above embodiments, several specific steps are described and shown as examples. However, the method process of this application is not limited to the specific steps described and shown. Those skilled in the art can make various changes, modifications, and additions, or change the order of steps, after understanding the spirit of this application.

[0146] In this application, features described and / or illustrated for one embodiment may be used in the same or similar manner in one or more other embodiments, and / or combined with or in place of features of other embodiments.

[0147] The above description is merely a preferred embodiment of this application and is not intended to limit this application. Various modifications and variations can be made to the embodiments of this application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and principles of this application should be included within the protection scope of this application.

Claims

1. A post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions, characterized in that, include: Obtain session attribute information for the cloud communication privacy number session; Based on the session attribute information, select the corresponding security level identifier and the hybrid negotiation parameter set corresponding to the security level identifier from the preset security level parameter library; Based on the hybrid negotiation parameter set, the user terminal corresponding to the cloud communication privacy number session interacts with the target public key cryptography algorithm and the post-quantum cryptography algorithm to perform hybrid key negotiation, and generate hybrid shared key material as the post-quantum cryptography key to be distributed to the cloud communication privacy number session; The session attribute information is cryptographically bound to the shared key material to generate a fixed-length context commitment digest; Based on the context commitment digest, session protection is performed on the cloud communication privacy number session; wherein, the session protection includes: deriving a session protection key, constructing an isolation key field, controlling key rotation, and generating verifiable evidence.

2. The method for post-quantum cryptographic key distribution and session protection for cloud communication privacy number sessions according to claim 1, characterized in that, The interaction between the user terminal corresponding to the cloud communication privacy number session and the execution of a hybrid key negotiation between the target public-key cryptography algorithm and the post-quantum cryptography algorithm to generate hybrid shared key material as the post-quantum cryptography key distributed to the cloud communication privacy number session includes: Based on the hybrid negotiation parameter set, determine the first algorithm type of the target public-key cryptography algorithm and the second algorithm type of the post-quantum cryptography algorithm, and determine the negotiation suite identifier; Generate a first key negotiation parameter corresponding to the first algorithm type and a second key negotiation parameter corresponding to the second algorithm type; Send the first key negotiation parameters, the second key negotiation parameters, and the negotiation suite identifier to the user terminal corresponding to the cloud communication privacy number session; The system receives the third key negotiation parameters corresponding to the first algorithm type, the fourth key negotiation parameters corresponding to the second algorithm type, and the negotiation suite identifier confirmed by the user terminal, all returned by the user terminal. The negotiation calculation of the first algorithm type is performed based on the first key negotiation parameters and the third key negotiation parameters to obtain a first negotiation result; and the negotiation calculation of the second algorithm type is performed based on the second key negotiation parameters and the fourth key negotiation parameters to obtain a second negotiation result; According to the combination rules corresponding to the negotiation suite identifier, the first negotiation result and the second negotiation result are combined to generate a hybrid shared key material; A handshake transcription digest is generated based on the first key negotiation parameters, the second key negotiation parameters, the third key negotiation parameters, the fourth key negotiation parameters, and the negotiation suite identifier.

3. The method for post-quantum cryptographic key distribution and session protection for cloud communication privacy number sessions according to claim 2, characterized in that, The step of cryptographically binding the session attribute information with the shared key material to generate a fixed-length context commitment digest includes: Obtain the call direction identifier, risk level, and current rotation window number of the cloud communication privacy number session; The session attribute information, the call direction identifier, the negotiation suite identifier, the handshake transcription digest, the risk level, and the current rotation window number are concatenated, and a cryptographic hash operation is performed on the resulting concatenated data to generate a fixed-length context commitment digest. The session attribute information includes: the tenant identifier, session identifier, service type, privacy level, and terminal capability level of the cloud communication privacy number session; the session attribute information also includes: the compliance level label and / or network status of the cloud communication privacy number session.

4. The post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions according to claim 3, characterized in that, Based on the aforementioned context commitment summary, session protection is provided for the cloud communication privacy number session, including: Using the hybrid shared key material as the root key and the context commitment digest as the context, the session master key corresponding to the cloud communication privacy number session is extracted through the key derivation function; Based on the session master key and the context commitment digest, a signaling protection subkey, a media protection subkey, and an audit protection subkey are derived for the cloud communication privacy number session.

5. The method for post-quantum cryptographic key distribution and session protection for cloud communication privacy number sessions according to claim 4, characterized in that, Based on the aforementioned context commitment summary, session protection for the cloud communication privacy number session further includes: Real-time monitoring of risk indicators for the cloud communication privacy number session; wherein, the risk indicators include at least one of the following: decapsulation failure rate, abnormal retransmission rate, and degradation frequency; When the risk indicator exceeds a preset threshold, an isolation key field seed is generated based on the session master key, the context commitment digest, and a preset risk random number through a key derivation function. Based on the isolated key field seed, an isolated key field independent of the normal session is enabled in the current cloud communication privacy number session to separate the key evolution path of the abnormal session from that of the normal session.

6. The post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions according to claim 4, characterized in that, Based on the aforementioned context commitment summary, session protection for the cloud communication privacy number session further includes: Obtain the current risk score, current traffic load score, and current jitter score of the cloud communication privacy number session; The overlap window length of the new and old keys is dynamically calculated based on the current risk score, the current traffic load score, and the current jitter score. Within the length of the overlapping window, the sending side prioritizes encryption with the new key, while the receiving side simultaneously accepts decryption with both the old and new keys, thereby achieving uninterrupted rotation of the session protection key; After the rotation is completed, update the current rotation window number of the cloud communication privacy number session.

7. The method for post-quantum cryptographic key distribution and session protection for cloud communication privacy number sessions according to claim 6, characterized in that, Based on the aforementioned context commitment summary, session protection for the cloud communication privacy number session further includes: Generate negotiation evidence records, continuity evidence records, and dispute evidence records for the current cloud communication privacy number session; wherein, the negotiation evidence record includes the negotiation suite identifier, the handshake transcription digest, the context commitment digest, and the corresponding timestamp signature; the continuity evidence record includes the key identifier before the session protection key rotation, the key identifier after the session protection key rotation, the current rotation window number, the isolation key field identifier, and the context commitment digest; the dispute evidence record includes anomaly reason code, risk level, degradation status, result digest, and the context commitment digest; the anomaly reason code is used to record the cause type of triggering the anomaly event, and the degradation status is used to record the degradation status of the session security level; The negotiated evidence record, the continuity evidence record, and the disputed evidence record are written into a preset verifiable evidence chain.

8. A cloud communication platform, characterized in that, include: The session attribute collection module is used to obtain session attribute information of cloud communication privacy number sessions; The security level selection module is used to select a corresponding security level identifier and a set of hybrid negotiation parameters corresponding to the security level identifier from a preset security level parameter library based on the session attribute information. The key negotiation module is used to interact with the user terminal corresponding to the cloud communication privacy number session according to the hybrid negotiation parameter set to perform hybrid key negotiation of the target public key cryptography algorithm and the post-quantum cryptography algorithm, and generate hybrid shared key material as the post-quantum cryptography key to be distributed to the cloud communication privacy number session; The commitment digest generation module is used to cryptographically bind the session attribute information with the shared key material to generate a fixed-length context commitment digest. The session protection module is used to perform session protection on the cloud communication privacy number session based on the context commitment digest; wherein, the session protection includes: deriving a session protection key, constructing an isolation key field, controlling key rotation, and generating verifiable evidence.

9. An electronic device comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, characterized in that, When the processor executes the computer program, it implements the post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions as described in any one of claims 1 to 7.

10. A computer-readable storage medium having a computer program stored thereon, characterized in that, When executed by a processor, the computer program implements the post-quantum cryptographic key distribution and session protection method for cloud communication privacy number sessions as described in any one of claims 1 to 7.