CN104901966B - A kind of cipher key configuration method and system of network communication - Google Patents
A kind of cipher key configuration method and system of network communication Download PDFInfo
- Publication number
- CN104901966B CN104901966B CN201510295887.6A CN201510295887A CN104901966B CN 104901966 B CN104901966 B CN 104901966B CN 201510295887 A CN201510295887 A CN 201510295887A CN 104901966 B CN104901966 B CN 104901966B
- Authority
- CN
- China
- Prior art keywords
- key
- configuration
- presetting rule
- generate
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/068—Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
Abstract
A kind of cipher key configuration method of network communication and system thereof, during cipher key configuration, configuring end and be configured hold the same network segment being in same LAN and all prestore initial key, the first presetting rule and the second presetting rule, the method includes the steps of: S1, configuration end are broadcasted after utilizing initial key encryption multidigit random character; S2, it is configured end deciphering and obtains multidigit random character, utilize the information comprising multidigit random character to generate the first key crypto identity mark; S3, configuration end generate the first key and deciphering obtains identity, utilize identity computing to generate the second key with encryption communication key; S4, be configured end generate the second key, deciphering obtain communication key. Enforcement the invention has the beneficial effects as follows, is configuring end and is being configured between end to provide a kind of safe and reliable cipher key transmitting method, solve the safety that local network secret key transmits.
Description
Technical field
The present invention relates to field of cryptography, more particularly, it relates to the cipher key configuration method and system of a kind of network communication.
Background technology
Existing common symmetric cryptography, AES uses same key with decipherment algorithm, and this key is generally preset in originating end and receiving terminal respectively. Wherein, when originating end is to receiving terminal transmission message, the message that originating end will send is encrypted by key, and the information after encryption is transmitted, and uses identical key to be decrypted and obtain the message that transmitting terminal sends after the information that receiving terminal receiving end/sending end sends. Therefore, the safety of message depends mainly on the safety of key, once key is cracked, message content is it is possible to divulge a secret. The symmetric cryptography of existing employing, due to the characteristic of its simple and effective, is applied very extensive.
In existing communication system, system all adopts above-mentioned communication mode greatly. In existing a lot of intelligent domestic systems, for sending the mobile phone of control instruction and carrying out the transmission of data for controlling the server of the duty of household in family, the two has identical preset initial key, mobile phone sends the control instruction through initial key encryption, server utilizes initial key deciphering to obtain control instruction after receiving after. But these systems often cannot change initial key, or the unsafe problems of key change troublesome poeration and cipher key delivery during change initial key, can be run into. Such as, a lot of systems are all the communication keys adopting initial key encryption to need change, and this encrypted communication key is undertaken by network, other people are relatively easy to crack and obtain communication key, thus illegally controlling household further, bring serious threat to the security of the lives and property, therefore the transmission of safety and keeping key be problem demanding prompt solution.
Summary of the invention
The technical problem to be solved in the present invention is in that, communication system for prior art often cannot change initial key, or the unsafe problems technological deficiency of key change troublesome poeration and cipher key delivery can be run into during change initial key, it is provided that the cipher key configuration method and system of a kind of network communication.
This invention address that its technical problem, be employed technical scheme comprise that a kind of cipher key configuration method constructing network communication, during cipher key configuration, configuring end and be configured hold the same network segment being in same LAN and all preset same initial key, the method includes the steps of:
S1, configuration end utilize initial key that the request instruction and multidigit random character for asking to proceed by encryption is encrypted and the content after encryption are broadcasted;
S2, be configured termination receive and utilize initial key deciphering initial key encryption after content, obtain request instruction and above-mentioned multidigit random character, respond this request instruction, the information operation comprising above-mentioned multidigit random character is utilized to generate the first key according to the first presetting rule, and utilize the first key to encrypt this identity being configured end and by the content response after encryption to configuration end, wherein each is configured to hold and has different identity;
S3, configuration termination receive the content after the first key encryption, the information operation comprising above-mentioned multidigit random character is utilized to generate the first key according to the first presetting rule, the content after first secret key decryption the first key encryption is utilized to obtain identity, utilizing the information operation comprising identity to generate the second key according to the second presetting rule, the communication key utilizing the second double secret key variable is encrypted and the content after encryption is broadcasted;
S4, be configured termination receive second key encryption after content, according to second presetting rule utilize comprise identity information operation generate the second key, utilize second secret key decryption the second key encryption after content obtain communication key.
In the cipher key configuration method of the present invention, in above-mentioned steps S2 and S3, the above-mentioned information operation comprising above-mentioned multidigit random character according to the first presetting rule utilization generates the first key, particularly as follows: utilize above-mentioned multidigit random character and initial key computing to generate the first key according to the first presetting rule.
In the cipher key configuration method of the present invention, above-mentioned steps S3 and S4 is above-mentioned utilizes the information operation comprising identity to generate the second key according to the second presetting rule, particularly as follows: utilize identity and the first key computing to generate the second key according to the second presetting rule.
In the cipher key configuration method of the present invention, in above-mentioned steps S3, above-mentioned communication key is configuration end stochastic generation.
In the cipher key configuration method of the present invention, above-mentioned computing generates and generates specifically by MD5 computing.
In the cipher key configuration method of the present invention, further comprise the steps of:
S5, configuration end send and configure completed 4th information to configuration end, are configured to terminate cipher key configuration state after termination receives the 4th information.
The present invention solves its technical problem, also provide for the cipher key configuration system of a kind of network communication, comprise:
Broadcast for the content after utilizing initial key that the request instruction and multidigit random character for asking to proceed by encryption is encrypted and just encrypting, and for receiving the content after the first key is encrypted, the information operation comprising above-mentioned multidigit random character is utilized to generate the first key according to the first presetting rule, the content after first secret key decryption the first key encryption is utilized to obtain identity, the information operation comprising identity is utilized to generate the second key according to the second presetting rule, the communication key utilizing the second double secret key variable is encrypted and the content after encryption is broadcasted,
It is configured end, it is configured the content after termination is received and utilized initial key deciphering initial key to encrypt, respond this request instruction, the information operation comprising above-mentioned multidigit random character is utilized to generate the first key according to the first presetting rule, and utilize the first key to encrypt this identity being configured end by the content response after encryption to configuration end, and for receiving the content after the second key is encrypted, utilize the information operation comprising identity to generate the second key according to the second presetting rule, utilize the content after second secret key decryption the second key encryption to obtain communication key;
During cipher key configuration, configuration end and be configured hold the same network segment being in same LAN and all prestore same initial key, the first presetting rule and the second presetting rule, each is configured to hold and has different identity.
In the cipher key configuration system of the present invention, the second key is to utilize identity and the first key computing to generate according to the second presetting rule, and the first key is to utilize above-mentioned multidigit random character and initial key computing to generate according to the first presetting rule.
In the cipher key configuration system of the present invention, above-mentioned communication key is configuration end stochastic generation.
In the cipher key configuration system of the present invention, the above-mentioned end that is configured is additionally operable to send completed 4th information of configuration to configuration end, and above-mentioned configuration termination terminates cipher key configuration state after receiving the 4th information.
Implement key generation method and the system of the network communication of the present invention, have the advantages that the first key generates according to multidigit random character, only come into force in this cipher key configuration process, even if other people get the first key obtains the second key and communication key with also cracking in next time; Second key generates according to the identity being configured end, and each communication key being configured end is inconsistent, and therefore configuration end can configure at the same time and multiple be configured in end process to communicate each other not affect; Communication key is the changeable key of stochastic generation, and each is configured the communication key that end generates, if this key leaks, it is configured to hold owing to communication key is inconsistent, and other people also cannot use this key to be controlled, and does not interfere with the safety of other networks; Key in above-mentioned each configuration process is only transmitted inside LAN, it is to avoid therefore other people originally provide a kind of safe and reliable cipher key transmitting method and system by the probability of disclosed those keys of Network Capture, solve the safety of key transmission.
Accompanying drawing explanation
Below in conjunction with drawings and Examples, the invention will be further described, in accompanying drawing:
Fig. 1 is the flow chart of the key generation method first embodiment of inventive network communication;
Fig. 2 is the flow chart of key generation method second embodiment of inventive network communication;
Fig. 3 is the schematic diagram of the function of the first embodiment of the key generation system of inventive network communication;
Fig. 4 is the circuit theory diagrams of the second embodiment of the key generation system of inventive network communication.
Detailed description of the invention
In order to the technical characteristic of the present invention, purpose and effect are more clearly understood from, now comparison accompanying drawing describes the specific embodiment of the present invention in detail.
As shown in Figure 1, it is the flow chart of cipher key configuration method first embodiment of inventive network communication, it is with the mobile phone in intelligent domestic system and home gateway, mobile phone sends control instruction to home gateway thus each Smart Home can be controlled by the network such as 3G, 4G network and the Internet, it is also possible to send control instruction to home gateway from thus each Smart Home can be controlled by the LAN such as WIFI, bluetooth. In the present embodiment during cipher key configuration, home gateway and mobile phone are connected by WIFI and communicate, and namely the two is in the same network segment of the same family gateway. Namely mobile phone quite configures end in the present embodiment, and home gateway is equivalent to be configured end, and mobile phone and home gateway prestore initial key Key0 and the first presetting rule MD5 computing and the second presetting rule MD5 computing respectively, and the method mainly includes the following steps that.
1, home gateway initially enters configuration status, is prepared to enter into the configuration of key. Only home gateway enter configuration status key could be set, even if otherwise handset requests it is configured also invalid.
2, mobile phone produces request and home gateway is proceeded by the request instruction of configuration and the random character of 32, is encrypted by the random character of request instruction and 32 by initial key Key0, and is broadcasted by the first information formed after encryption.
3, home gateway is owing to having initial key 0, therefore can decipher the first information after the first information receiving mobile phone broadcast, thus obtaining request instruction and 32 random characters. Home gateway responds this request instruction, according to the first presetting rule, the information operation comprising these 32 random characters is generated the first key. In the present embodiment, directly 32 random characters are generated the first key by MD5 computing, then pass through the first key and self No. ID is encrypted, the second information answer formed after encryption is broadcast to mobile phone. Wherein, each home gateway has different ID, characterizes different identity respectively.
4, mobile phone receives the second information, and in like manner according to the first presetting rule, the information operation comprising these 32 random characters is generated the first key, generates the first key by 32 random characters by MD5 computing. Then, utilize first secret key decryption the second information, obtain No. ID of this home gateway. The information operation comprising No. ID is utilized to generate the second key further according to the second presetting rule, namely in this embodiment, directly generating the second key by No. ID by MD5 computing, the communication key Key3 utilizing the second double secret key variable is encrypted generation the 3rd information and the 3rd information is broadcasted. This mobile phone preserves key 3, abolishes key 1 and key 2, and by the completed information of Key2 encryption configuration to home gateway. Wherein, communication key Key3 is for after cipher key configuration completes, it is encrypted when transmitting control instruction between mobile phone and home gateway, it is variable when referring to that carry out configuration generates key every time, key3 does not fix, this communication key Key3 can be obtained by stochastic generation, it is ensured that every time after configuration, the time Key3 that uses of communication is inconsistent.
5, home gateway receives the 3rd information, generates the second key Key2 according to the second preset presetting rule, and utilizes Key2 to decipher the 3rd information, obtains communication key Key3. After obtaining communication key Key3, response mobile phone configures completed information, preserve communication key Key3, abolish key 1 and key 2, and technical configuration state, cipher key configuration completes, and now mobile phone and home gateway can use the Key3 of each preservation to be encrypted communication within the time of ensuing one end, it is achieved mobile phone passes through the home gateway control to Smart Home.
In this embodiment, mobile phone and home gateway are in the process of configuring cipher key, initial key Key0, the first key Key1 and the second key Key2 are all only effective in cipher key configuration process, after namely cipher key configuration completes, simply with the message of communication key Key3 coded communication transmission. In configuration process, Key0, Key1, Key2 only in this LAN transmission use, not 3G, 4G, the Internet public network on transmission, therefore avoid the possibility that other people intercept communication content on public network carries out cracking. Further, the character owing to generating Key1 every time is random, and therefore, when Key1 configures every time, Key1 does not all fix, it is ensured that utilizing Key1 to transmit the safety of message in message configuration process, when configuration terminates, Key1 lost efficacy immediately.Owing to presetting rule will not be transmitted when configuration, therefore, even if the initial key Key0 of this communication, the first key Key1, the second key Key2 are cracked, still do not affect the safety of configuration next time. Simultaneously as each home gateway has different ID, ID generate the second key Key2, ensure that the Key2 of the generation of each gateway is different, can only crack for same gateway when other people crack Key2 every time, and the method for the present invention can configure the key of multiple gateway simultaneously, due to. Key3 is dynamic key, and it is stochastic generation, and the key that the Key3 that therefore each home gateway generates generates is inconsistent. Such as, Key3 is cracked when utilizing 3G network to send instruction, and other people are other gateway uncontrollable also.
With reference to Fig. 2, it is the flow chart of key generation method the second embodiment of present networks communication of the present invention. Itself and above-described embodiment are distinctive in that, the generating mode of Key1 and Key2 is different. In the present embodiment, Key1 is generated through MD5 computing jointly by 32 random characters and Key0, and therefore password complexity improves, and further increases and cracks difficulty. Key2 is common through key MD5 computing generation through Key1 and No. ID simultaneously, and therefore Key2 comprises 32 is the information of random character, and Key2 is also a dynamic key, also loses efficacy after having configured. Therefore, other people this time crack and obtain Key2 and Key1 and reconfigure in the process of key in next time, still cannot obtain the communication key Key3 produced immediately next time.
Should be understood that, in the application, the create-rule of Key2 and Key1 is not limited to MD5 computing, other rule can also be adopted in other embodiments to generate, and the first presetting rule and the second presetting rule can also and differ simultaneously, increase the difficulty cracked further.
With reference to Fig. 3, it be the schematic diagram of the function of first embodiment of key generation system of inventive network communication, and this system comprises configuration end and is configured to hold. configuration end, broadcast for the content after utilizing initial key that the request instruction and multidigit random character for asking to proceed by encryption is encrypted and just encrypting, and for receiving the content after the first key is encrypted, the information operation comprising described multidigit random character is utilized to generate the first key according to the first presetting rule, the content after first secret key decryption the first key encryption is utilized to obtain identity, the information operation comprising identity is utilized to generate the second key according to the second presetting rule, the communication key utilizing the second double secret key variable is encrypted and the content after encryption is broadcasted, it is configured end, for the content after receiving and utilizing initial key deciphering initial key to encrypt, respond this request instruction, the information operation comprising described multidigit random character is utilized to generate the first key according to the first presetting rule, and utilize the first key to encrypt this identity being configured end by the content response after encryption to configuration end, and for receiving the content after the second key is encrypted, utilize the information operation comprising identity to generate the second key according to the second presetting rule, utilize the content after second secret key decryption the second key encryption to obtain communication key.
Configuration end is respectively provided with the first local area network communications module 10 and the first local area network communications module 20 with being configured end, during cipher key configuration, configuration end is communicatively coupled by the two local area network communications module 10,20 with being configured end, make the two be in the same network segment of same LAN, be capable of configuration end and the transmission of data when being configured in configuration and reception by this local area network communication.Meanwhile, configuration end and be configured end and all prestore same initial key, the first presetting rule and the second presetting rule, each is configured to hold and has different identity.
Configuration end also has the initial encryption module 11 generating the first information for utilizing initial key that the request instruction and multidigit random character for asking to proceed by encryption is encrypted, for utilizing the information operation comprising above-mentioned multidigit random character to generate the first generation module 12 of the first key according to the first presetting rule, for utilizing first secret key decryption the second information to obtain the first deciphering module 13 of identity, for utilizing the information operation comprising identity to generate the second generation module 14 of the second key according to the second presetting rule, communication key for utilizing the second double secret key variable is encrypted the second encrypting module 15 of the 3rd information of generation, and for generating the 3rd generation module 16 of variable communication key, wherein the 3rd generation module is preferably the module of random stages of labor communication key.
It is configured to hold and also includes for utilizing the initial key deciphering first information to obtain request instruction and the initial deciphering module 21 of above-mentioned multidigit random character, for utilizing the information operation comprising above-mentioned multidigit random character to generate generation first module 22 of the first key according to the first presetting rule, the first encrypting module 23 of the second information is generated for utilizing the first key to encrypt this identity being configured end, for utilizing the information operation comprising identity to generate generation second module 24 of the second key according to the second presetting rule, for utilizing the second secret key decryption the 3rd information to obtain the second deciphering module 25 of communication key.
With reference to Fig. 4, the circuit theory diagrams of the second embodiment of the key generation system of inventive network communication, this system comprises server 3 and mobile intelligent terminal 4. Server 3 comprises LAN communication unit 31, CPU 32, I/O unit 33, memory element 34, telecommunication unit 35 and state switch 36. Intelligent movable unit 4 comprises local area network communications module 41, processing module 42 and remote communication module 43.
Wherein, LAN communication unit 31 and CPU 32 are electrically connected, and local area network communications module 41 and processing module 44 are electrically connected, and LAN communication unit 31 can realize radio communication with local area network communications module 41 and be connected, during communication connection, the two is in the same network segment of same LAN. LAN communication unit 31 and local area network communications module 41 all can pass through any one or multiple realization in WIFI module, bluetooth module, but the two should adopt same kind of module to realize communicating.
I/O unit 33 and CPU 32, for being connected with Smart Home, can realize the control to household under the control of CPU 12.
Memory element 34 and CPU 32, for poke data, it is possible to adopt a memorizer to realize, the data such as the identity of this server 3 that needs during storage cipher key configuration to use, the first presetting rule, the second presetting rule. And preferably, this memory element 34 has a Reading Sections, this subregion is used for storing identity, the first presetting rule, the second presetting rule, it is to avoid these information are modified, it is ensured that communication key normal delivery.
Telecommunication unit 35 and CPU 32 are electrically connected, remote communication module 43 and processing module 44 are electrically connected, telecommunication unit 35 and remote communication module 43 can realize long-range communication connection, user can editor control instruction on mobile intelligent terminal 4, and sent by remote communication module 43, after telecommunication unit 35 receives this control instruction, it is transmitted to CPU 35, CPU 35, according to control instruction, controls the duty of each Smart Home.Telecommunication unit 35 and one or more in the remote communication module 43 respectively mobile communication module such as 3G module, 4G module. As mobile intelligent terminal adopts a mobile phone to realize, mobile phone sends control instruction by its 4G network, is forwarded to the WIFI module of server by the Internet.
State switch 36 and CPU 32 are electrically connected, and are used for switching CPU 32 and are operated in key generation controlled state or home control state. Can be designed as a button as state switch switchs 36, this button comprises two kinds of "ON", "Off" duty, and counterpart keys generates state and home control state (in other embodiments, the state of its correspondence can be on the contrary) respectively. When utilizing this server 3 to communicate control household, this button is in "off" state, when user needs to carry out key generation, presses this button, and button switches to "On" state, is now in key and generates state. It should be appreciated that above-mentioned telecommunication unit 35 is only in the control instruction that button is "off" state transmission, household could be controlled.
When CPU 32 is to be operated in home control state, as mobile intelligent terminal adopts a mobile phone to realize, mobile phone sends control instruction (including utilizing communication key ciphering process) by its 4G network, the 4G module of server obtains this control instruction, CPU 32 is according to this control instruction (including utilizing communication key decrypting process), instruction is transmitted to Smart Home, thus controlling Smart Home further by I/O port.
When needs carry out key generation, user presses above-mentioned button, making this button be in "On" state (if already at "On" state, without pressing), server 3 is initially configured state, and now server 3 and mobile intelligent terminal 4 are in the same network segment of same LAN. processing module 42 produces for asking to proceed by request instruction and the multidigit random character of encryption, and utilizes the initial key being preset in this mobile intelligent terminal 4 to be encrypted, and the content after encryption is broadcasted by local area network communications module 41. the LAN communication unit 31 of server 3 receives the content after initial key is encrypted, and be forwarded to CPU 32 and obtain initial key from memory element 34, and utilize initial key to decipher thus obtaining request instruction and this multidigit random character, respond this request instruction, the first presetting rule is obtained from memory element 34, and utilize the information operation comprising this multidigit random character to generate the first key according to the first presetting rule, and utilize the first key encryption identity from this server 3 of memory element 34 acquisition and by the content response after encryption to mobile intelligent terminal 4. remote communication module 41 receives the content after the first key encryption and is forwarded to processing module 42, processing module 42 utilizes the information operation comprising above-mentioned multidigit random character to generate the first key according to the first presetting rule being preset in this mobile intelligent terminal 4, then first secret key decryption content after the first key encryption is utilized to obtain identity, and utilize the information operation comprising this identity according to the second presetting rule utilization being preset in this mobile intelligent terminal 4 to generate the second key, the communication key utilizing the second double secret key variable is encrypted and will be sent by local area network communications module 41 by the content after the second key encryption, wherein communication key is preferably processing module 42 and randomly generates.LAN communication unit 31 receives the content after initial key is encrypted, and it is forwarded to CPU 32, the second presetting rule is obtained from memory element 34, and utilize the information operation comprising this server identity mark to generate the second key according to the second presetting rule, and the second secret key decryption the 3rd information is utilized to obtain communication key.
Corresponding with the content shown in Fig. 1, Fig. 2 for home control state principle, is specifically referred to above-mentioned content, repeats no more here. Preferably, CPU 32 includes first processor, the second processor and a switch unit, switch unit is electrically connected with first processor, the second processor and state switch 36 respectively, first processor is also electrically connected with I/O unit 33, telecommunication unit 35 respectively, second processor is also electrically connected with LAN communication unit 31, and further first processor can also be electrically connected with LAN communication unit 31. Wherein, LAN communication unit 31 can also be connected with Smart Home radio communication if desired, realize the controlled in wireless to Smart Home, namely after cipher key configuration completes, remote communication module can be passed through and/or local area network communication mould module sends control instruction, control the Smart Home with server wireless connections. Switch unit for according to the "ON" of state switch 36, "Off" state, is operated switching first processor or the second processor. First processor is for realizing the control to Smart Home, second processor is for the configuration of key, corresponding respectively to above-mentioned CPU 32 is be operated in key to generate controlled state and home control state, being merely illustrative and perform above-mentioned two kind working method respectively with employing two processors, concrete operation principle repeats no more.
The key generation system of inventive network communication can also comprise Smart Home, and Smart Home is connected with I/O port or LAN communication unit 31, can be controlled the duty of this Smart Home by mobile intelligent terminal 4 and server 3. Server 3 can also comprise a Tip element, and this Tip element and CPU 32 are electrically connected, it is possible to is used for reminding the duty of client server. As, Tip element may refer to show lamp, lights when configuring cipher key and extinguishes during home control; Also to comprise a buzzer, for when cipher key configuration completes, reminding user.
Above in conjunction with accompanying drawing, embodiments of the invention are described; but the invention is not limited in above-mentioned detailed description of the invention; above-mentioned detailed description of the invention is merely schematic; rather than it is restrictive; those of ordinary skill in the art is under the enlightenment of the present invention; without departing under present inventive concept and scope of the claimed protection situation, it may also be made that a lot of form, these belong within the protection of the present invention.
Claims (8)
1. the cipher key configuration method of a network communication, it is characterized in that, during cipher key configuration, configuring end and be configured hold the same network segment being in same LAN and all prestore initial key, the first presetting rule and the second presetting rule, this cipher key configuration method comprises the steps of
S1, configuration end utilize initial key that the request instruction and multidigit random character for asking to proceed by encryption is encrypted and the content after encryption are broadcasted;
S2, be configured termination receive and utilize initial key deciphering initial key encryption after content, obtain request instruction and described multidigit random character, respond this request instruction and utilize the information operation comprising described multidigit random character to generate the first key according to the first presetting rule, and utilize the first key to encrypt this identity being configured end and by the content response after encryption to configuration end, wherein each is configured to hold and has different identity;
S3, configuration termination receive the content after the first key encryption, the information operation comprising described multidigit random character is utilized to generate the first key according to the first presetting rule, the content after first secret key decryption the first key encryption is utilized to obtain identity, the information operation comprising identity is utilized to generate the second key according to the second presetting rule, the communication key utilizing the second double secret key variable is encrypted and the content after encryption is broadcasted, and described variable communication key is configuration end stochastic generation;
S4, be configured termination receive second key encryption after content, the information operation comprising identity is utilized to generate the second key according to the second presetting rule, utilize the content after second secret key decryption the second key encryption obtain communication key and preserve communication key, abolish the first key and the second key.
2. cipher key configuration method according to claim 1, it is characterized in that, the information operation comprising described multidigit random character is utilized to generate the first key according to the first presetting rule described in described step S2 and S3, particularly as follows: utilize described multidigit random character and initial key computing to generate the first key according to the first presetting rule.
3. cipher key configuration method according to claim 1, it is characterized in that, the information operation comprising identity is utilized to generate the second key according to the second presetting rule described in described step S3 and S4, particularly as follows: utilize identity and the first key computing to generate the second key according to the second presetting rule.
4. cipher key configuration method according to claim 1, it is characterised in that described computing generation is referred to and generated by MD5 computing.
5. cipher key configuration method according to claim 1, it is characterised in that further comprise the steps of:
S5, configuration end send and configure completed information to being configured end, are configured to terminate cipher key configuration state after termination receives the completed information of configuration.
6. the cipher key configuration system of a network communication, it is characterised in that comprise:
Configuration end, broadcast for the content after utilizing initial key that the request instruction and multidigit random character for asking to proceed by encryption is encrypted and just encrypting, and for receiving the content after the first key is encrypted, the information operation comprising described multidigit random character is utilized to generate the first key according to the first presetting rule, the content after first secret key decryption the first key encryption is utilized to obtain identity, the information operation comprising identity is utilized to generate the second key according to the second presetting rule, the communication key utilizing the second double secret key variable is encrypted and the content after encryption is broadcasted, described communication key is configuration end stochastic generation,
It is configured end, for the content after receiving and utilizing initial key deciphering initial key to encrypt, respond this request instruction and utilize the information operation comprising described multidigit random character to generate the first key according to the first presetting rule, and utilize the first key to encrypt this identity being configured end by the content response after encryption to configuration end, and for receiving the content after the second key is encrypted, the information operation comprising identity is utilized to generate the second key according to the second presetting rule, the content after second secret key decryption the second key encryption is utilized to obtain communication key and preserve communication key, abolish the first key and the second key,
During cipher key configuration, configuration end and be configured hold the same network segment being in same LAN and all prestore same initial key, the first presetting rule and the second presetting rule, each is configured to hold and has different identity.
7. cipher key configuration system according to claim 6, it is characterized in that, described second key is to utilize identity and the first key computing to generate according to the second presetting rule, and described first key is to utilize described multidigit random character and initial key computing to generate according to the first presetting rule.
8. cipher key configuration system according to claim 6, it is characterised in that described in be configured end be additionally operable to send configure completed information to configuration end, described configuration termination receive configuration completed information after terminate cipher key configuration state.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510295887.6A CN104901966B (en) | 2015-06-02 | 2015-06-02 | A kind of cipher key configuration method and system of network communication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510295887.6A CN104901966B (en) | 2015-06-02 | 2015-06-02 | A kind of cipher key configuration method and system of network communication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104901966A CN104901966A (en) | 2015-09-09 |
| CN104901966B true CN104901966B (en) | 2016-06-08 |
Family
ID=54034363
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510295887.6A Active CN104901966B (en) | 2015-06-02 | 2015-06-02 | A kind of cipher key configuration method and system of network communication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104901966B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105871548B (en) * | 2016-06-08 | 2019-06-04 | 美的集团股份有限公司 | The processing method of household appliance, Cloud Server and the debugging of family's power information |
| CN106411513B (en) * | 2016-12-02 | 2019-10-18 | 美的智慧家居科技有限公司 | Cryptographic key negotiation method and device in local area network communication |
| CN108306726B (en) * | 2017-01-13 | 2021-09-17 | 杭州海康威视数字技术股份有限公司 | Secret key obtaining method and system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1659821A (en) * | 2002-06-12 | 2005-08-24 | 纳格拉卡德股份有限公司 | Method for secure data exchange between two devices |
| CN101242323A (en) * | 2007-02-06 | 2008-08-13 | 华为技术有限公司 | Establishment method and home network system for pipes between devices |
| CN101536399A (en) * | 2006-09-28 | 2009-09-16 | 西门子公司 | Method for providing a symmetric key for protecting a key management protocol |
-
2015
- 2015-06-02 CN CN201510295887.6A patent/CN104901966B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1659821A (en) * | 2002-06-12 | 2005-08-24 | 纳格拉卡德股份有限公司 | Method for secure data exchange between two devices |
| CN101536399A (en) * | 2006-09-28 | 2009-09-16 | 西门子公司 | Method for providing a symmetric key for protecting a key management protocol |
| CN101242323A (en) * | 2007-02-06 | 2008-08-13 | 华为技术有限公司 | Establishment method and home network system for pipes between devices |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104901966A (en) | 2015-09-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Shen et al. | Secure device-to-device communications over WiFi direct | |
| CN108923927B (en) | System and method for provisioning dynamic QR code and BLE connections to a video camera | |
| US11805411B2 (en) | Establishing connections between WiFi access points and wireless devices via light fidelity access points | |
| CN105577680A (en) | Key generation method, encrypted data analyzing method, devices and key managing center | |
| GB2512502A (en) | Device authentication | |
| WO2005101727A1 (en) | Communication device, communication system, and authentication method | |
| US8489071B2 (en) | System and method for assuring identity on a mobile device | |
| GB2535749A (en) | Authentication module | |
| CN102202299A (en) | Realization method of end-to-end voice encryption system based on 3G/B3G | |
| RU2015153111A (en) | COMMUNICATION CONTROL DEVICE, AUTHENTICATION DEVICE, CENTRAL CONTROL DEVICE AND COMMUNICATION SYSTEM | |
| WO2012024906A1 (en) | Mobile communication system and voice call encryption method thereof | |
| CN111050321B (en) | Data processing method, device and storage medium | |
| JP7174156B2 (en) | Ensuring Secure Attachment in Size-Limited Authentication Protocols | |
| CN105337969A (en) | Safety communication method between two mobile terminals | |
| CN105577365A (en) | Key consultation method and device for user' access to WLAN | |
| CN109617867B (en) | Intelligent gateway system for controlling household equipment | |
| CN104901966B (en) | A kind of cipher key configuration method and system of network communication | |
| CN104683291A (en) | IMS system based session key negotiating method | |
| CN104243146A (en) | Encryption communication method and device and terminal | |
| KR20160130376A (en) | Method for managing a node association in a wireless personal area communication network | |
| CN110943835A (en) | Distribution network encryption method and system for sending wireless local area network information | |
| EP3229512B1 (en) | Method for device having wlan function to access network and device for implementing method | |
| CN204695013U (en) | A kind of intelligent domestic system with secret generating function | |
| JP2005323149A (en) | Wireless communication system | |
| Korkusuz | Security in the GSM Network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20230420 Address after: Room 302, No. 6, Dafu Industrial Zone, Kukeng Community, Guanlan Street, Longhua District, Shenzhen City, Guangdong Province, 518000 Patentee after: Shenzhen huiruitong Intelligent Technology Co.,Ltd. Address before: 518110 Huiruitong Science Park, Dafu Industrial Zone, Guanlan Town, Longhua New District, Shenzhen City, Guangdong Province Patentee before: WRT INTELLIGENT TECHNOLOGY Co.,Ltd. |