CN105577680A - Key generation method, encrypted data analyzing method, devices and key managing center - Google Patents
Key generation method, encrypted data analyzing method, devices and key managing center Download PDFInfo
- Publication number
- CN105577680A CN105577680A CN201610031369.8A CN201610031369A CN105577680A CN 105577680 A CN105577680 A CN 105577680A CN 201610031369 A CN201610031369 A CN 201610031369A CN 105577680 A CN105577680 A CN 105577680A
- Authority
- CN
- China
- Prior art keywords
- key
- terminal
- home appliance
- acquisition
- timestamp
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
Abstract
The invention discloses a key generation method, an encrypted data analyzing method, devices and a key managing center. According to the methods, the devices and the center of the invention, the key managing center receives a key obtaining request sent by a terminal; a key is generated according to the key obtaining request; the key is sent to the terminal; therefore, the terminal carries out secure communication with household appliances through the key; the household appliances are connected to a network; the key leakage risk is greatly reduced; and the problem in the prior art that the networking security of the configured household appliances is low is effectively solved.
Description
Technical field
The present invention relates to communication technical field, particularly relate to a kind of key generation method, resolve enciphered data method, device and KMC.
Background technology
The method that current home appliance networks, mainly send multicast message configuration home appliance by mobile phone to network, be specially, the AP access information of acquisition and key are sent to home appliance by multicast mode by mobile phone, after home appliance receives message, configuration access wireless access points AP.But the key in the method is all identical key, namely terminal all adopts identical key and home appliance alternately, thus makes the risk of key exposure larger.
Summary of the invention
The invention provides a kind of key generation method, resolve enciphered data method, device and KMC, configure the low problem of fail safe that home appliance networks to solve in prior art.
One aspect of the present invention provides a kind of key generation method, and the method comprises:
The acquisition key request that receiving terminal sends, Portable device mark and terminal iidentification in described acquisition key request;
Generate key according to described acquisition key request, described key is sent to described terminal, and wherein, described key is used for described terminal and home appliance are securely communicated, with by connected to the network for described home appliance;
Wherein, described key is uniquely corresponding with described acquisition key request.
Preferably, the method also comprises: arrange the shared key corresponding with described home appliance according to described home appliance in advance, and after receiving described acquisition key request, setup times stabs;
The described step according to described acquisition key request generation key specifically comprises:
Described key is generated according to described device identification, described terminal iidentification, described shared key and described timestamp.
Preferably, described according to described acquisition key request generation key, send to described terminal specifically to comprise described key:
Generate key according to described acquisition key request, and obtain the PKI of its correspondence according to the described key generated, described PKI is sent to described terminal as final key.
Preferably, the method also comprises: arrange the shared key corresponding with described home appliance according to described home appliance in advance, and after receiving described acquisition key request, setup times stabs;
Described according to described acquisition key request generation key, send to described terminal specifically to comprise described key:
Random generation key, is encrypted this key, described device identification, described terminal iidentification and described timestamp by described shared key and obtains encrypting messages, and described encrypting messages and described key are sent to described terminal.
Preferably, the method also comprises: arrange the shared key corresponding with described home appliance according to described home appliance in advance, and after receiving described acquisition key request, setup times stabs;
Described according to described acquisition key request generation key, send to described terminal specifically to comprise described key:
Random generation a pair PKI and private key, described private key, described device identification, described terminal iidentification and described timestamp are encrypted by described shared key and obtain encrypting messages, using described PKI as final key, and described encrypting messages and described PKI are sent to described terminal.
Preferably, after the acquisition key request that described receiving terminal sends, described according to before described acquisition key request generation key, also comprise:
Judging that whether described terminal is legal, when judging that described terminal is legal, generating key according to described acquisition key request.
On the other hand, the invention provides a kind of method of resolving enciphered data, the method comprises:
The enciphered data that receiving terminal sends, wherein, described enciphered data is that described terminal is encrypted according to the networked data that the double secret key that KMC generates is preset and the data obtained, and the acquisition key request generation that described key is described KMC to be sent according to described terminal, described key is uniquely corresponding with described acquisition key request, Portable device mark and terminal iidentification in described acquisition key request;
Parsing is carried out to described enciphered data and obtains described networked data, and according to described networked data access network.
Preferably, the method also comprises: receive timestamp and terminal iidentification that described terminal sends;
Describedly parsing is carried out to described enciphered data obtain described networked data and specifically comprise:
Obtain described key according to described timestamp, described terminal iidentification, device identification and shared key, and enciphered data is carried out parsing and is obtained described networked data according to described double secret key;
Wherein, described shared key is that described KMC pre-sets according to home appliance; Described timestamp is the time value that described KMC is arranged after receiving the acquisition key request of described terminal.
Preferably, describedly parsing is carried out to described enciphered data obtain described networked data and specifically comprise:
Obtain the PKI of its correspondence according to described key, described PKI is carried out parsing as enciphered data described in final double secret key and obtains described networked data.
Preferably, the method also comprises: the encrypting messages that receiving terminal sends;
Describedly parsing is carried out to described enciphered data obtain described networked data and specifically comprise:
Resolve described encrypting messages according to shared key, obtain timestamp and described key, according to described double secret key, enciphered data is carried out parsing and is obtained described networked data;
Wherein, described shared key is that described KMC pre-sets according to home appliance, and described timestamp is the time that described KMC is arranged after receiving the acquisition key request of described terminal.
Preferably, the method also comprises: receive the encrypting messages that described terminal is sent;
Describedly parsing is carried out to described enciphered data obtain described networked data and specifically comprise:
According to shared key, described encrypting messages is resolved, obtain timestamp and private key, and obtain the PKI of its correspondence according to this private key, according to described PKI, parsing is carried out to described enciphered data and obtain described networked data;
Wherein, described shared key is that described KMC pre-sets according to home appliance, and described timestamp is the time that described KMC is arranged after receiving the acquisition key request of described terminal.
Preferably, describedly carry out after parsing obtains described networked data to described enciphered data, described according to before described networked data access network, also comprise:
Described timestamp is verified, and when verifying that described timestamp is legal, according to described networked data access network.
Again on the one hand, the invention provides a kind of key generating device, this device comprises:
Receiving element, for the acquisition key request that receiving terminal sends, Portable device mark and terminal iidentification in described acquisition key request;
Generation unit, for generating key according to described acquisition key request, described key is sent to described terminal, wherein, described key is used for described terminal and home appliance are securely communicated, with by connected to the network for described home appliance, described key is uniquely corresponding with described acquisition key request.
Preferably, this device also comprises: setting unit;
Described setting unit, for arranging the shared key corresponding with described home appliance according to described home appliance in advance, and after receiving described acquisition key request, setup times stabs;
Described generation unit also for, generate described key according to described device identification, described terminal iidentification, described shared key and described timestamp, and described key sent to described terminal.
Preferably, described generation unit also for, generate key according to described acquisition key request, and obtain the PKI of its correspondence according to the described key generated, described PKI is sent to described terminal as final key.
Preferably, this device also comprises setting unit;
Described setting unit, for arranging the shared key corresponding with described home appliance according to described home appliance in advance, and after receiving described acquisition key request, setup times stabs;
Described generation unit also for, random generation key, this key, described device identification, described terminal iidentification and described timestamp are encrypted by described shared key and obtain encrypting messages, and described encrypting messages and described key are sent to described terminal.
Preferably, this device also comprises: setting unit;
Described setting unit, for arranging the shared key corresponding with described home appliance according to described home appliance in advance, and after receiving described acquisition key request, setup times stabs;
Described generation unit also for, random generation a pair PKI and private key, described private key, described device identification, described terminal iidentification and described timestamp are encrypted by described shared key and obtain encrypting messages, using described PKI as final key, and described encrypting messages and described PKI are sent to described terminal.
Again more on the one hand, present invention also offers a kind of device of resolving enciphered data, this device comprises:
Receiver module, for the enciphered data that receiving terminal sends, wherein, described enciphered data is that described terminal is encrypted according to the networked data that the double secret key that KMC generates is preset and the data obtained, and the acquisition key request generation that described key is described KMC to be sent according to described terminal, described key is uniquely corresponding with described acquisition key request, Portable device mark and terminal iidentification in described acquisition key request;
Parsing module, obtains described networked data for carrying out parsing to described enciphered data, and according to described networked data access network.
Preferably, described receiver module also for, receive timestamp and terminal iidentification that described terminal sends;
Described parsing also for, obtain described key according to described timestamp, described terminal iidentification, device identification and shared key, and enciphered data is carried out parsing and is obtained described networked data according to described double secret key;
Wherein, described shared key is that described KMC pre-sets according to home appliance, and described timestamp is the time that described KMC is arranged after receiving the acquisition key request of described terminal.
Preferably, described receiver module also for, receive timestamp and terminal iidentification that described terminal sends;
Described parsing module also for, obtain the PKI of its correspondence according to described key, described PKI carried out parsing as enciphered data described in final double secret key and obtains described networked data.
Preferably, described receiver module also for, receive the encrypting messages that described terminal is sent;
Described parsing module also for, resolve described encrypting messages according to shared key, obtain timestamp and described key, according to described double secret key, enciphered data is carried out parsing and is obtained described networked data;
Wherein, described shared key is that described KMC pre-sets according to home appliance, and described timestamp is the time that described KMC is arranged after receiving the acquisition key request of described terminal.
Preferably, described receiver module also for, receive the encrypting messages that described terminal is sent;
Described parsing module also for, according to shared key, described encrypting messages is resolved, obtains timestamp and private key, and obtain the PKI of its correspondence according to this private key, according to described PKI, parsing is carried out to described enciphered data and obtain described networked data;
Wherein, described shared key is that described KMC pre-sets according to home appliance, and described timestamp is the time that described KMC is arranged after receiving the acquisition key request of described terminal.
Preferably, this device also comprises authentication module;
Described authentication module, for verifying described timestamp, and when verifying that described timestamp is legal, according to described networked data access network.
Also more on the one hand, the invention provides a kind of KMC, this KMC comprises above-mentioned key generating device described in any one.
Beneficial effect of the present invention is as follows:
KMC of the present invention generates corresponding key by the acquisition key request of sending according to terminal, to make the key that different acquisition key request is corresponding different, thus greatly reduce the risk of key exposure, and then efficiently solve in prior art and configure the problem that home appliance networks and the fail safe that again networks of home appliance after suspension is low.
Accompanying drawing explanation
Fig. 1 is the schematic flow sheet of a kind of key generation method of the embodiment of the present invention;
Fig. 2 is the schematic flow sheet of the another kind of key generation method of the embodiment of the present invention;
Fig. 3 is the schematic flow sheet of another key generation method of the embodiment of the present invention;
Fig. 4 is the schematic flow sheet of another key generation method of the embodiment of the present invention;
Fig. 5 is the schematic flow sheet of another key generation method again of the embodiment of the present invention;
Fig. 6 is a kind of schematic flow sheet of resolving the method for enciphered data of the embodiment of the present invention;
Fig. 7 is the structural representation of a kind of key generating device of the embodiment of the present invention;
Fig. 8 is a kind of structural representation of resolving the device of enciphered data of the embodiment of the present invention.
Embodiment
The problem that home appliance networks and the fail safe that again networks of home appliance after suspension is low is configured in order to solve in prior art, the invention provides a kind of key generation method, key-parsing method, device and KMC, by making the key that different acquisition key request is corresponding different, namely, the key that each home appliance networking uses is all not identical, thus greatly reduce the risk of key exposure, and then efficiently solve in prior art the low problem of fail safe configuring home appliance and network.Below in conjunction with accompanying drawing and embodiment, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, do not limit the present invention.
Embodiment of the method one
The embodiment of the present invention provides a kind of key generation method, and the executive agent of the method is KMC, and see Fig. 1, the method comprises:
The acquisition key request that S101, receiving terminal send, Portable device mark and terminal iidentification in described acquisition key request;
S102, generate key according to described acquisition key request, described key is sent to described terminal, wherein, described key is used for described terminal and home appliance are securely communicated, with by connected to the network for described home appliance, wherein, described key is uniquely corresponding with described acquisition key request.
The present invention generates corresponding key by the acquisition key request of sending according to terminal, to make the key that different acquisition key request is corresponding different, thus greatly reduce the risk of key exposure, and then efficiently solve in prior art and configure the problem that home appliance networks and the fail safe that again networks of home appliance after suspension is low.
Namely, method described in the embodiment of the present invention, when needs configuration home appliance networks, or, at home appliance access to LAN, but local area network (LAN) loses the connection with the Internet, now, the terminal in local area network (LAN) is wanted to send out some security informations to home appliance by secure way, and terminal also can apply for key by 3G network to KMC, a kind of secure communication approach is set up, to realize the connection by home appliance and network according to the inventive method.
During concrete enforcement, obtain described in the embodiment of the present invention in key request and carry device identification dID and terminal iidentification tID, certainly, those skilled in the art also can carry other information in acquisition key request, generate corresponding key for KMC to use, numbering obtaining key request as arranged etc.
Wherein, device identification dID is used for identifying home appliance, to distinguish different home appliances, this device identification dID is that terminal obtains to home appliance, concrete acquisition methods can by scanning Quick Response Code, close range wireless communication (NearFieldCommunication, NFC) contact, PIN (PersonalIdentificationNumber, PIN) manually input, the modes such as sensor senses.
Method described in the embodiment of the present invention, also comprises:
In advance shared key corresponding to described home appliance is set according to described home appliance, and after receiving described acquisition key request, setup times stabs;
Described in the embodiment of the present invention, step S102 specifically comprises:
Generate described key according to described device identification, described terminal iidentification, described shared key and described timestamp, and described key is sent to described terminal, utilize described key and home appliance to securely communicate to make described terminal.
Namely, the present invention is in advance according to arranging different shared keys without home appliance, and described shared key and described device identification, described terminal iidentification and described timestamp are generated described key, described key is sent to terminal, terminal utilizes this double secret key that the data of home appliance will be sent to be encrypted, obtain enciphered data, and send to this home appliance, network to realize configuration home appliance.
It should be noted that, the KMC of the embodiment of the present invention needs to arrange the shared key corresponding with this home appliance according to home appliance, each shared key is preserved, this shared key is sent to corresponding home appliance simultaneously, for home appliance, use is decrypted to enciphered data.In addition, for greater safety, this shared key only know by KMC and corresponding home appliance.
By by a concrete example, method of the present invention is described below:
Fig. 2 is the method flow schematic diagram of the another kind of secret generating of the embodiment of the present invention, and as shown in Figure 2, the method that the present invention configures home appliance networking comprises:
1, user logs in KMC's certification terminal identity, and sets up escape way;
Specifically, terminal can adopt certificate bi-directional authentication and KMC to set up the discriminating communication channel of a safety.Certain those skilled in the art also can adopt SSL (SecureSocketsLayer, SSL) or the technology such as Transport Layer Security (TransportLayerSecurity, TLS), Internet protocol safety (IPsec) set up safe communication channel;
2, terminal obtains identifier of household appliance dID;
Concrete obtain manner manually can be inputted by scanning Quick Response Code, NFC contact, PIN code, the modes such as sensor senses;
3, terminal sends to KMC and obtains key request, carries self identification, (that is, terminal iidentification tID, this terminal iidentification tID can be cell-phone number, MAC etc.) and identifier of household appliance dID in this request;
4, KMC judges whether tID is legal terminal;
5, KMC finds the shared key master_key with equipment according to dID;
6, KMC's generation time stamp T;
7, KMC is according to master_key, dID, tID, T computation key KeyD;
8, KeyD and T is returned terminal by KMC;
9, terminal KeyD encrypts the data m that will send, and obtains ciphertext E
keyD(m);
10, terminal sends E
keyD(m), tID, T;
11, home appliance receives E
keyD(m), tID, T;
12, the home appliance proving time stabs is effective;
13, home appliance is according to master_key, dID, tID, T computation key KeyD;
14, home appliance KeyD decrypt E
keyDm () obtains m.
It should be noted that, the embodiment of the present invention is by increasing timestamp, and whether effective, effectively can prevent other people Replay Attack if passing through home appliance proving time stamp, thus the fail safe that the home appliance after enhancing the present invention configures home appliance networking and suspension further networks again.
In method described in the embodiment of the present invention, step S102 also comprises: generate key according to described acquisition key request, and the PKI of its correspondence is obtained according to the described key generated, described PKI is sent to described terminal as final key, described PKI and described home appliance is utilized to securely communicate to make described terminal, network to realize configuration home appliance, or the home appliance re-accessing network will disconnected with network.
That is, the embodiment of the present invention arranges public and private key by KMC, to improve the fail safe that configuration home appliance networks further.
Fig. 3 is the schematic flow sheet of the method for another secret generating of the embodiment of the present invention, below in conjunction with Fig. 3, the method is described in detail, it should be noted that, the relevant portion of Fig. 3 method can method described in reference diagram 2 be understood, for simplicity, no longer repeat to illustrate at this:
1, user logs in KMC's certification terminal identity, and sets up escape way;
2, terminal obtains identifier of household appliance dID, and concrete obtain manner manually can be inputted by scanning Quick Response Code, NFC contact, PIN code, the modes such as sensor senses;
3, terminal sends to KMC and obtains key request, carries self identification tID (can be cell-phone number, MAC etc.) and identifier of household appliance dID in this request message;
4, KMC judges whether tID is legal terminal;
5, KMC finds the shared key master_key with equipment according to dID;
6, KMC's generation time stamp T;
7, KMC calculates private key Key_pri according to master_key, dID, tID, T;
8, the PKI Key_pub that KMC's calculating K ey_pri is corresponding;
9, Key_pub and T is returned terminal by KMC;
10, terminal Key_pub encrypts the data m that will send, and obtains ciphertext EKey_pub (m);
11, terminal sends EKey_pub (m), tID, T;
12, home appliance receives EKey_pub (m), tID, T;
13, the home appliance proving time stabs is effective;
14, home appliance is according to master_key, dID, tID, T computation key Key_pri;
15, home appliance Key_pri deciphers EKey_pub (m) and obtains m.
The embodiment of the present invention additionally provides the method for another kind of secret generating, and the method specifically comprises:
In advance shared key corresponding to described home appliance is set according to described home appliance, and after receiving described acquisition key request, setup times stabs, random generation key, by this key, described device identification, described terminal iidentification and described timestamp are encrypted by described shared key and obtain encrypting messages, and described encrypting messages and described key are sent to described terminal, described encrypting messages and described key and described home appliance is utilized to securely communicate to make described terminal, network to realize configuration home appliance, or by the home appliance re-accessing network disconnected with network.
Namely, KMC of the present invention is after receiving described acquisition key request, random generation key, and this key and other to be identified and timestamp is encrypted and obtains encrypting messages, then key and this encrypting messages are sent to terminal, utilize this cipher key pair information to be encrypted by terminal, then the information after encryption and encrypting messages are sent to home appliance, thus the configuration home appliance realizing safety networks.
Fig. 4 is the schematic flow sheet of the method for another secret generating of the embodiment of the present invention, below in conjunction with Fig. 4, the method is described in detail, it should be noted that, the relevant portion of this method can method described in reference diagram 2 be understood, for simplicity, no longer repeat to illustrate at this:
1, user logs in KMC's certification terminal identity, and sets up escape way;
2, terminal obtains identifier of household appliance dID, and concrete obtain manner manually can be inputted by scanning Quick Response Code, NFC contact, PIN code, the modes such as sensor senses;
3, terminal sends to KMC and obtains key request, carries self identification tID (can be cell-phone number, MAC etc.) and identifier of household appliance dID in this request message;
4, KMC judges whether tID is legal terminal;
5, KMC finds the shared key master_key with equipment according to dID;
6, KMC produces key K eyD and time stamp T;
7, KMC master_key encrypts KeyD, and dID, tID, T obtain Emaster_key (KeyD, tID, dID, T);
8, KeyD, tID, dID, T, Emaster_key (KeyD, tID, dID, T) are returned terminal by KMC;
9, terminal KeyD encrypts the data m that will send, and obtains ciphertext EKeyD (m);
10, terminal sends EKeyD (m), Emaster_key (KeyD, tID, dID, T);
11, home appliance receives EKeyD (m), Emaster_key (KeyD, tID, dID, T);
12, home appliance master_key deciphers Emaster_key (KeyD, tID, dID, T), obtains KeyD, tID, dID, T;
13, the home appliance proving time stabs is effective;
14, home appliance KeyD decrypt EKeyD (m) obtains m.
The embodiment of the present invention additionally provides a kind of method of secret generating, and the method comprises:
In advance shared key corresponding to described home appliance is set according to described home appliance, and after receiving described acquisition key request, setup times stabs, random generation a pair PKI and private key, by described private key, described device identification, described terminal iidentification and described timestamp are encrypted by described shared key and obtain encrypting messages, using described PKI as final key, and described encrypting messages and described PKI are sent to described terminal, described encrypting messages and described PKI and described home appliance is utilized to securely communicate to make described terminal, network to realize configuration home appliance, or by the home appliance re-accessing network disconnected with network.
Fig. 5 is the schematic flow sheet of the method for another secret generating again of the embodiment of the present invention, is described the method below in conjunction with Fig. 5:
1, user logs in KMC's certification terminal identity, and sets up escape way;
2, terminal obtains identifier of household appliance dID, and concrete obtain manner manually can be inputted by scanning Quick Response Code, NFC contact, PIN code, the modes such as sensor senses;
3, terminal sends to KMC and obtains key request, carries self identification tID (can be cell-phone number, MAC etc.) and identifier of household appliance dID in this request message;
4, KMC judges whether tID is legal terminal;
5, KMC finds the shared key master_key with equipment according to dID;
6, KMC produces public affairs, private key to Key_pub and Key_pri and time stamp T;
7, KMC master_key encrypts Key_pri, and dID, tID, T obtain Emaster_key (Key_pri, tID, dID, T);
8, Key_pub, tID, dID, T, Emaster_key (Key_pri, tID, dID, T) are returned terminal by KMC;
9, terminal Key_pub encrypts the data m that will send, and obtains ciphertext Ekey_pub (m);
10, terminal sends Ekey_pub (m), Emaster_key (Key_pri, tID, dID, T);
11, home appliance receives Ekey_pub (m), Emaster_key (Key_pri, tID, dID, T);
12, home appliance master_key deciphers Emaster_key (Key_pri, tID, dID, T), obtains Key_pri, tID, dID, T;
13, the home appliance proving time stabs is effective;
14, home appliance Key_pri decrypt Ekey_pub (m) obtains m.
To sum up, the invention provides a kind of terminal sends safely method from configuration information to intelligent appliance, the mark of home appliance is obtained by terminal, and KMC's request key is sent to together with self identification, obtain the encryption key that KMC produces according to the shared key preset with home appliance, terminal uses this encryption key to be transferred to home appliance safely by after message encryption, thus greatly reduces the risk of key exposure.
Embodiment of the method two
Corresponding to the method for the secret generating that Fig. 1 introduces, present embodiments provide a kind of method of resolving enciphered data, the executive agent of the method is home appliance, and see Fig. 6, the executive agent of the method is home appliance, and the method comprises:
The enciphered data that S601, receiving terminal send, wherein, described enciphered data is that described terminal is encrypted according to the networked data that the double secret key that KMC generates is preset and the data obtained, and the acquisition key request generation that described key is described KMC to be sent according to described terminal, described key is uniquely corresponding with described acquisition key request, Portable device mark and terminal iidentification in described acquisition key request;
S602, parsing is carried out to described enciphered data obtain described networked data, and according to described networked data access network.
Because key Dou Shi KMC of the present invention generates according to concrete acquisition key request, that is, all keys are all different, thus greatly reduce the risk of Key Exposure, and then improve the fail safe that home appliance networks.
It should be noted that, the key described in the embodiment of the present invention is the key sent by terminal by KMC, or also can be that home appliance self generates the method for key according to KMC, and the key generated voluntarily.
Enciphered data described in the embodiment of the present invention is that data or message encryption obtain by the key that terminal is produced according to KMC, after home appliance receives this enciphered data, this enciphered data is resolved, parse data or message, and according to these data or message arrangement access network.
Networked data described in the embodiment of the present invention is the data that home appliance and KMC carry out networking by terminal, certain those skilled in the art also can come to be encrypted according to the method described in the present invention other data, better to ensure the fail safe of data as required.
Wherein, described enciphered data is, the key that terminal Land use systems embodiment one any one method generates, and is encrypted obtains the data that will send.
Corresponding with the method flow of the secret generating of Fig. 2, the home appliance of the embodiment of the present invention also receives the timestamp and terminal iidentification that described terminal sends;
Carry out parsing to described enciphered data described in the embodiment of the present invention to obtain described networked data and specifically comprise:
Obtain described key according to described timestamp, described terminal iidentification, device identification and shared key, and enciphered data is carried out parsing and is obtained described networked data according to described double secret key;
Wherein, described shared key is that described KMC pre-sets according to home appliance; Described timestamp is the time value that described KMC is arranged after receiving the acquisition key request of described terminal.
Namely, the shared key of the correspondence that the home appliance of the embodiment of the present invention is arranged according to KMC, and timestamp, terminal iidentification that terminal is sent, and the device identification of himself obtains described key, and carries out resolving according to these key pair encryption data and obtain concrete networked data.
Corresponding with the method flow of the secret generating of Fig. 3, described in the method described in the embodiment of the present invention, parsing is carried out to described enciphered data and obtain described networked data and specifically comprise:
Obtain the PKI of its correspondence according to described key, described PKI is carried out parsing as enciphered data described in final double secret key and obtains described networked data.
That is, the present invention's PKI of answering by arranging double secret key, to improve the fail safe that configuration home appliance networks further.
Corresponding with the method flow of the secret generating of Fig. 4, described in the method described in the embodiment of the present invention, parsing is carried out to described enciphered data and obtain described networked data and specifically comprise:
Resolve described encrypting messages according to shared key, obtain timestamp and described key, according to described double secret key, enciphered data is carried out parsing and is obtained described networked data;
Wherein, described shared key is that described KMC pre-sets according to home appliance, and described timestamp is the time that described KMC is arranged after receiving the acquisition key request of described terminal.
That is, the embodiment of the present invention is resolved encrypting messages by shared key, and obtains key.
Corresponding with the method flow of the secret generating of Fig. 5, described in the embodiment of the present invention, parsing is carried out to described enciphered data and obtain described networked data and specifically comprise:
According to shared key, described encrypting messages is resolved, obtain timestamp and private key, and obtain the PKI of its correspondence according to this private key, according to described PKI, parsing is carried out to described enciphered data and obtain described networked data;
Wherein, described shared key is that described KMC pre-sets according to home appliance, and described timestamp is the time that described KMC is arranged after receiving the acquisition key request of described terminal.
That is, the embodiment of the present invention arranges the fail safe that public and private key networks better to improve configuration home appliance.
Carry out after parsing obtains described networked data to described enciphered data described in the embodiment of the present invention, described according to before described networked data access network, also comprise:
Described timestamp is verified, and when verifying that described timestamp is legal, according to described networked data access network.
That is, the present invention is verified the timestamp in key by home appliance, effectively can prevent that other people carry out rogue attacks to home appliance, thus further increases the fail safe that home appliance networks.
That is, the key that the KMC in the method for the invention application process embodiment one generates to securely communicate with terminal, thus substantially increases the fail safe of home appliance networking.
Key of the present invention is obtain according to the method in embodiment of the method one, and the relevant portion that related content can refer to embodiment of the method one is understood, and does not repeat them here.
Device embodiment one
Embodiments provide a kind of key generating device, see Fig. 7, this device comprises the receiving element and generation unit that intercouple, concrete:
Receiving element, for the acquisition key request that receiving terminal sends, Portable device mark and terminal iidentification in described acquisition key request;
Generation unit, for generating key according to described acquisition key request, described key is sent to described terminal, and wherein, described key is used for described terminal and home appliance are securely communicated, with by connected to the network for described home appliance;
Wherein, described key is uniquely corresponding with described acquisition key request.
The present invention generates corresponding key by the acquisition key request of sending according to terminal, to make the key that different acquisition key request is corresponding different, thus greatly reduce the risk of key exposure, and then efficiently solve in prior art and configure the problem that home appliance networks and the fail safe that again networks of home appliance after suspension is low.
During concrete enforcement, obtain described in the embodiment of the present invention in key request and carry device identification dID and terminal iidentification tID, certainly, those skilled in the art also can carry other information in acquisition key request, generate corresponding key for KMC to use, numbering obtaining key request as arranged etc.
Wherein, device identification dID is used for identifying home appliance, to distinguish different home appliances, this device identification dID is that terminal obtains to home appliance, concrete acquisition methods can by scanning Quick Response Code, close range wireless communication (NearFieldCommunication, NFC) contact, PIN (PersonalIdentificationNumber, PIN) manually input, the modes such as sensor senses.
The embodiment of the present invention additionally provides one preferred embodiment, and this device also comprises: setting unit;
Described setting unit, for arranging shared key corresponding to described home appliance according to described home appliance in advance, and after receiving described acquisition key request, setup times stabs;
Described generation unit specifically for, described key is generated according to described device identification, described terminal iidentification, described shared key and described timestamp, and described key is sent to described terminal, to make described terminal utilize described key and home appliance to securely communicate, and by connected to the network for described home appliance.
Namely, the present invention is in advance according to arranging different shared keys without home appliance, and described shared key and described device identification, described terminal iidentification and described timestamp are generated described key, described key is sent to terminal, terminal utilizes this double secret key that the data of home appliance will be sent to be encrypted, and send to this home appliance, network to realize configuration home appliance.
It should be noted that, the embodiment of the present invention is by increasing timestamp, and whether effective, effectively can prevent other people Replay Attack if passing through home appliance proving time stamp, thus the fail safe that the home appliance after enhancing the present invention configures home appliance networking and suspension further networks again.
Generation unit described in the embodiment of the present invention also for, key is generated according to described acquisition key request, and the PKI of its correspondence is obtained according to the described key generated, described PKI is sent to described terminal as final key, utilizes described PKI and described home appliance to securely communicate to make described terminal.
That is, the embodiment of the present invention arranges public and private key by KMC, the fail safe again networked with the home appliance after improving the networking of configuration home appliance and suspension further.
The embodiment of the present invention additionally provides another kind of preferred embodiment, and device of the present invention also comprises: setting unit;
Described setting unit, for arranging shared key corresponding to described home appliance according to described home appliance in advance, and after receiving described acquisition key request, setup times stabs;
Described generation unit also for, after receiving described acquisition key request, random generation key, this key, described device identification, described terminal iidentification and described timestamp are encrypted by described shared key and obtain encrypting messages, and described encrypting messages and described key are sent to described terminal, utilize described encrypting messages and described key and described home appliance to securely communicate to make described terminal.
Namely, KMC of the present invention is after receiving described acquisition key request, random generation key, and this key and other to be identified and timestamp is encrypted and obtains encrypting messages, then key and this encrypting messages are sent to terminal, utilize this cipher key pair information to be encrypted by terminal, then the information after encryption and encrypting messages are sent to home appliance, thus realize better home appliance and enter software safety.
The embodiment of the present invention further provides a kind of preferred embodiment, and device of the present invention also comprises: setting unit;
Described setting unit, for arranging shared key corresponding to described home appliance according to described home appliance in advance, and after receiving described acquisition key request, setup times stabs;
Described generation unit also for, after receiving described acquisition key request, random generation a pair PKI and private key, described private key, described device identification, described terminal iidentification and described timestamp are encrypted by described shared key and obtain encrypting messages, using described PKI as final key, and described encrypting messages and described PKI are sent to described terminal, to make described terminal utilize described encrypting messages and described PKI and described home appliance to securely communicate, and by connected to the network for described home appliance.
Namely, KMC of the present invention is after receiving described acquisition key request, random generation a pair PKI and private key, private key, mark and timestamp are encrypted by described shared key and obtain encrypting messages, and described encrypting messages and described PKI are sent to described terminal, thus the configuration home appliance realizing safety networks.
The relevant portion of apparatus of the present invention embodiment can refer to embodiment of the method part and understands, and does not repeat them here.
Device embodiment two
Embodiments provide a kind of device of resolving enciphered data, see Fig. 8, this device is arranged on home appliance, and this device comprises the receiver module and parsing module that intercouple, concrete:
Receiver module, for the enciphered data that receiving terminal sends, wherein, described enciphered data is that described terminal is encrypted according to the networked data that the double secret key that KMC generates is preset and the data obtained, and the acquisition key request generation that described key is described KMC to be sent according to described terminal, described key is uniquely corresponding with described acquisition key request, Portable device mark and terminal iidentification in described acquisition key request;
Parsing module, obtains described networked data for carrying out parsing to described enciphered data, and according to described networked data access network.
Because key Dou Shi KMC of the present invention generates according to concrete acquisition key request, that is, all keys are all different, decrease the risk of Key Exposure, thus improve the fail safe that home appliance networks.
It should be noted that, the key described in the embodiment of the present invention is the key sent by terminal by KMC, or also can be that home appliance self generates the method for key according to KMC, and the key generated voluntarily.
Wherein, described enciphered data is, the key that terminal Land use systems embodiment one any one method generates, and is encrypted obtains the data that will send.
Preferably, receiver module described in the embodiment of the present invention also for, receive timestamp and terminal iidentification that described terminal sends;
Described parsing also for, obtain described key according to described timestamp, described terminal iidentification, device identification and shared key, and enciphered data is carried out parsing and is obtained described networked data according to described double secret key;
Wherein, described shared key is that described KMC pre-sets according to home appliance, and described timestamp is the time that described KMC is arranged after receiving the acquisition key request of described terminal.
Namely, the shared key of the correspondence that the home appliance of the embodiment of the present invention is arranged according to KMC, and timestamp, terminal iidentification that terminal is sent, and the device identification of himself obtains described key, and carries out resolving according to these key pair encryption data and obtain concrete networked data.
Preferably, the receiver module of device of the present invention also for, receive timestamp and terminal iidentification that described terminal sends; Described parsing module also for, obtain the PKI of its correspondence according to described key, described PKI carried out parsing as enciphered data described in final double secret key and obtains described networked data.
That is, the present invention's PKI of answering by arranging double secret key, to improve the fail safe that configuration home appliance networks further.
Preferably, the receiver module of device described in the embodiment of the present invention also for, receive the encrypting messages that described terminal is sent; Described parsing module also for, resolve described encrypting messages according to shared key, obtain timestamp and described key, according to described double secret key, enciphered data is carried out parsing and is obtained described networked data; Wherein, described shared key is that described KMC pre-sets according to home appliance, and described timestamp is the time that described KMC is arranged after receiving the acquisition key request of described terminal.
Preferably, the receiver module of device described in the embodiment of the present invention also for, receive the encrypting messages that described terminal is sent; Described parsing module also for, according to shared key, described encrypting messages is resolved, obtains timestamp and private key, and obtain the PKI of its correspondence according to this private key, according to described PKI, parsing is carried out to described enciphered data and obtain described networked data; Wherein, described shared key is that described KMC pre-sets according to home appliance, and described timestamp is the time that described KMC is arranged after receiving the acquisition key request of described terminal.
Preferably, device of the present invention also comprises authentication module;
Described authentication module, for verifying the timestamp in described key, and when verifying that described timestamp is legal, makes home appliance according to described networked data access network.
That is, the present invention is verified the timestamp in key by home appliance, effectively can prevent that other people carry out rogue attacks to home appliance, thus further increases the fail safe that home appliance networks.
That is, the key that the KMC in the method for the invention application process embodiment one generates to securely communicate with terminal, thus substantially increases the fail safe of home appliance networking.
The relevant portion of apparatus of the present invention embodiment can refer to embodiment of the method part and understands, and does not repeat them here.
KMC's embodiment
Embodiments provide a kind of KMC, this KMC comprises the device in device embodiment described in any one, thus improves configuration home appliance and network and the fail safe that again networks of home appliance after suspension.
Related content in the embodiment of the present invention can refer to device embodiment and embodiment of the method part is understood, and does not repeat them here.
The present invention at least can reach following beneficial effect:
1. different terminals of the present invention or distinct device share different passwords at different time, thus greatly reduce the risk of key exposure;
2. KMC is before generation key, to the validity judgement of terminal, thus further increases configuration home appliance and networks and the fail safe that again networks of home appliance after suspension;
3. add timestamp in the inventive method, thus effectively prevent other people Replay Attack, improve the fail safe that the home appliance after the networking of configuration home appliance and suspension networks again to a certain extent.
Although be example object, disclose the preferred embodiments of the present invention, it is also possible for those skilled in the art will recognize various improvement, increase and replacement, and therefore, scope of the present invention should be not limited to above-described embodiment.
Claims (24)
1. a key generation method, is characterized in that, comprising:
The acquisition key request that receiving terminal sends, Portable device mark and terminal iidentification in described acquisition key request;
Generate key according to described acquisition key request, described key is sent to described terminal, and wherein, described key is used for described terminal and home appliance are securely communicated, with by connected to the network for described home appliance;
Wherein, described key is uniquely corresponding with described acquisition key request.
2. method according to claim 1, is characterized in that, also comprises: arrange the shared key corresponding with described home appliance according to described home appliance in advance, and after receiving described acquisition key request, setup times stabs;
The described step according to described acquisition key request generation key specifically comprises:
Described key is generated according to described device identification, described terminal iidentification, described shared key and described timestamp.
3. method according to claim 1 and 2, is characterized in that, described according to described acquisition key request generation key, sends to described terminal specifically to comprise described key:
Generate key according to described acquisition key request, and obtain the PKI of its correspondence according to the described key generated, described PKI is sent to described terminal as final key.
4. method according to claim 1, is characterized in that, also comprises: arrange the shared key corresponding with described home appliance according to described home appliance in advance, and after receiving described acquisition key request, setup times stabs;
Described according to described acquisition key request generation key, send to described terminal specifically to comprise described key:
Random generation key, is encrypted this key, described device identification, described terminal iidentification and described timestamp by described shared key and obtains encrypting messages, and described encrypting messages and described key are sent to described terminal.
5. method according to claim 1, is characterized in that, also comprises: arrange the shared key corresponding with described home appliance according to described home appliance in advance, and after receiving described acquisition key request, setup times stabs;
Described according to described acquisition key request generation key, send to described terminal specifically to comprise described key:
Random generation a pair PKI and private key, described private key, described device identification, described terminal iidentification and described timestamp are encrypted by described shared key and obtain encrypting messages, using described PKI as final key, and described encrypting messages and described PKI are sent to described terminal.
6. the method according to claim 2,4 or 5, is characterized in that, after the acquisition key request that described receiving terminal sends, described according to before described acquisition key request generation key, also comprises:
Judging that whether described terminal is legal, when judging that described terminal is legal, generating key according to described acquisition key request.
7. resolve a method for enciphered data, it is characterized in that, comprising:
The enciphered data that receiving terminal sends, wherein, described enciphered data is that described terminal is encrypted according to the networked data that the double secret key that KMC generates is preset and the data obtained, and the acquisition key request generation that described key is described KMC to be sent according to described terminal, described key is uniquely corresponding with described acquisition key request, Portable device mark and terminal iidentification in described acquisition key request;
Parsing is carried out to described enciphered data and obtains described networked data, and according to described networked data access network.
8. method according to claim 7, is characterized in that, also comprises: receive timestamp and terminal iidentification that described terminal sends;
Describedly parsing is carried out to described enciphered data obtain described networked data and specifically comprise:
Obtain described key according to described timestamp, described terminal iidentification, device identification and shared key, and enciphered data is carried out parsing and is obtained described networked data according to described double secret key;
Wherein, described shared key is that described KMC pre-sets according to home appliance; Described timestamp is the time value that described KMC is arranged after receiving the acquisition key request of described terminal.
9. the method according to claim 7 or 8, is characterized in that, describedly carries out parsing to described enciphered data and obtains described networked data and specifically comprise:
Obtain the PKI of its correspondence according to described key, described PKI is carried out parsing as enciphered data described in final double secret key and obtains described networked data.
10. method according to claim 7, is characterized in that, also comprises: the encrypting messages that receiving terminal sends;
Describedly parsing is carried out to described enciphered data obtain described networked data and specifically comprise:
Resolve described encrypting messages according to shared key, obtain timestamp and described key, according to described double secret key, enciphered data is carried out parsing and is obtained described networked data;
Wherein, described shared key is that described KMC pre-sets according to home appliance, and described timestamp is the time that described KMC is arranged after receiving the acquisition key request of described terminal.
11. methods according to claim 7, is characterized in that, also comprise: receive the encrypting messages that described terminal is sent;
Describedly parsing is carried out to described enciphered data obtain described networked data and specifically comprise:
According to shared key, described encrypting messages is resolved, obtain timestamp and private key, and obtain the PKI of its correspondence according to this private key, according to described PKI, parsing is carried out to described enciphered data and obtain described networked data;
Wherein, described shared key is that described KMC pre-sets according to home appliance, and described timestamp is the time that described KMC is arranged after receiving the acquisition key request of described terminal.
Method described in 12. according to Claim 8,10 or 11, is characterized in that, describedly carries out after parsing obtains described networked data to described enciphered data, described according to before described networked data access network, also comprises:
Described timestamp is verified, and when verifying that described timestamp is legal, according to described networked data access network.
13. 1 kinds of key generating devices, is characterized in that, comprising:
Receiving element, for the acquisition key request that receiving terminal sends, Portable device mark and terminal iidentification in described acquisition key request;
Generation unit, for generating key according to described acquisition key request, described key is sent to described terminal, wherein, described key is used for described terminal and home appliance are securely communicated, with by connected to the network for described home appliance, described key is uniquely corresponding with described acquisition key request.
14. devices according to claim 13, is characterized in that, also comprise: setting unit;
Described setting unit, for arranging the shared key corresponding with described home appliance according to described home appliance in advance, and after receiving described acquisition key request, setup times stabs;
Described generation unit also for, generate described key according to described device identification, described terminal iidentification, described shared key and described timestamp, and described key sent to described terminal.
15. devices according to claim 13 or 14, is characterized in that,
Described generation unit also for, generate key according to described acquisition key request, and obtain the PKI of its correspondence according to the described key generated, described PKI is sent to described terminal as final key.
16. devices according to claim 13, is characterized in that, also comprise: setting unit;
Described setting unit, for arranging the shared key corresponding with described home appliance according to described home appliance in advance, and after receiving described acquisition key request, setup times stabs;
Described generation unit also for, random generation key, this key, described device identification, described terminal iidentification and described timestamp are encrypted by described shared key and obtain encrypting messages, and described encrypting messages and described key are sent to described terminal.
17. devices according to claim 13, is characterized in that, also comprise: setting unit;
Described setting unit, for arranging the shared key corresponding with described home appliance according to described home appliance in advance, and after receiving described acquisition key request, setup times stabs;
Described generation unit also for, random generation a pair PKI and private key, described private key, described device identification, described terminal iidentification and described timestamp are encrypted by described shared key and obtain encrypting messages, using described PKI as final key, and described encrypting messages and described PKI are sent to described terminal.
18. 1 kinds of devices of resolving enciphered data, is characterized in that, comprising:
Receiver module, for the enciphered data that receiving terminal sends, wherein, described enciphered data is that described terminal is encrypted according to the networked data that the double secret key that KMC generates is preset and the data obtained, and the acquisition key request generation that described key is described KMC to be sent according to described terminal, described key is uniquely corresponding with described acquisition key request, Portable device mark and terminal iidentification in described acquisition key request;
Parsing module, obtains described networked data for carrying out parsing to described enciphered data, and according to described networked data access network.
19. devices according to claim 18, is characterized in that,
Described receiver module also for, receive timestamp and terminal iidentification that described terminal sends;
Described parsing also for, obtain described key according to described timestamp, described terminal iidentification, device identification and shared key, and enciphered data is carried out parsing and is obtained described networked data according to described double secret key;
Wherein, described shared key is that described KMC pre-sets according to home appliance, and described timestamp is the time that described KMC is arranged after receiving the acquisition key request of described terminal.
20. devices according to claim 18 or 19, is characterized in that,
Described receiver module also for, receive timestamp and terminal iidentification that described terminal sends;
Described parsing module also for, obtain the PKI of its correspondence according to described key, described PKI carried out parsing as enciphered data described in final double secret key and obtains described networked data.
21. devices according to claim 18, is characterized in that,
Described receiver module also for, receive the encrypting messages that described terminal is sent;
Described parsing module also for, resolve described encrypting messages according to shared key, obtain timestamp and described key, according to described double secret key, enciphered data is carried out parsing and is obtained described networked data;
Wherein, described shared key is that described KMC pre-sets according to home appliance, and described timestamp is the time that described KMC is arranged after receiving the acquisition key request of described terminal.
22. devices according to claim 18, is characterized in that,
Described receiver module also for, receive the encrypting messages that described terminal is sent;
Described parsing module also for, according to shared key, described encrypting messages is resolved, obtains timestamp and private key, and obtain the PKI of its correspondence according to this private key, according to described PKI, parsing is carried out to described enciphered data and obtain described networked data;
Wherein, described shared key is that described KMC pre-sets according to home appliance, and described timestamp is the time that described KMC is arranged after receiving the acquisition key request of described terminal.
23. devices according to claim 19,21 or 22, is characterized in that, also comprise authentication module;
Described authentication module, for verifying described timestamp, and when verifying that described timestamp is legal, according to described networked data access network.
24. 1 kinds of KMCs, is characterized in that, this KMC comprises the device in claim 13-17 described in any one.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610031369.8A CN105577680B (en) | 2016-01-18 | 2016-01-18 | Key generation method, encrypted data analysis method, device and key management center |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610031369.8A CN105577680B (en) | 2016-01-18 | 2016-01-18 | Key generation method, encrypted data analysis method, device and key management center |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105577680A true CN105577680A (en) | 2016-05-11 |
| CN105577680B CN105577680B (en) | 2021-03-26 |
Family
ID=55887337
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610031369.8A Active CN105577680B (en) | 2016-01-18 | 2016-01-18 | Key generation method, encrypted data analysis method, device and key management center |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105577680B (en) |
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105959189A (en) * | 2016-06-08 | 2016-09-21 | 美的集团股份有限公司 | Home appliance equipment, communication system and method of cloud server and terminal, and terminal |
| CN106130958A (en) * | 2016-06-08 | 2016-11-16 | 美的集团股份有限公司 | The communication system of home appliance and terminal and method, home appliance, terminal |
| CN106411715A (en) * | 2016-11-02 | 2017-02-15 | 中国人民公安大学 | Cloud-based secure instant messaging method and system |
| CN106506289A (en) * | 2016-10-31 | 2017-03-15 | 邯郸美的制冷设备有限公司 | Networking method and apparatus, networking method and device, router and intelligent appliance |
| CN107171791A (en) * | 2017-05-24 | 2017-09-15 | 舒翔 | A kind of data encryption/decryption method and encrypting and deciphering system based on biological characteristic |
| CN107171797A (en) * | 2017-07-18 | 2017-09-15 | 郑州云海信息技术有限公司 | A kind of data ciphering method and device |
| CN107332661A (en) * | 2017-06-29 | 2017-11-07 | 环球智达科技(北京)有限公司 | The method of data encryption |
| CN108183800A (en) * | 2016-12-08 | 2018-06-19 | 大北欧听力公司 | System, the device and method of credible binding are created between hearing device and user's application |
| CN109547445A (en) * | 2018-11-27 | 2019-03-29 | 北京酷我科技有限公司 | A kind of method and system that verifying client network requests are legal |
| CN109617678A (en) * | 2018-11-20 | 2019-04-12 | 上海庆科信息技术有限公司 | Intelligent lock system and password store method, device, equipment, computer media |
| CN110495135A (en) * | 2017-04-14 | 2019-11-22 | 三菱电机株式会社 | Key management system, communication equipment and key sharing method |
| CN110519052A (en) * | 2019-08-23 | 2019-11-29 | 青岛海尔科技有限公司 | Data interactive method and device based on Internet of Things operating system |
| CN110784317A (en) * | 2019-10-30 | 2020-02-11 | 京东方科技集团股份有限公司 | Data encryption interaction method, device and system |
| CN111277574A (en) * | 2020-01-14 | 2020-06-12 | 杭州涂鸦信息技术有限公司 | Method and system for generating timeliness offline secret key for secure communication of shared equipment |
| CN111565107A (en) * | 2020-07-14 | 2020-08-21 | 腾讯科技(深圳)有限公司 | Key processing method and device based on cloud service platform and computer equipment |
| CN112448811A (en) * | 2019-09-03 | 2021-03-05 | 上海云从汇临人工智能科技有限公司 | Data security management method, data security management device and data security management system |
| CN112448808A (en) * | 2019-08-29 | 2021-03-05 | 斑马智行网络(香港)有限公司 | Communication method, device, access point, server, system and storage medium |
| CN114258013A (en) * | 2020-09-11 | 2022-03-29 | 中国联合网络通信集团有限公司 | Data encryption method, device and storage medium |
| CN115529130A (en) * | 2022-11-25 | 2022-12-27 | 无锡沐创集成电路设计有限公司 | Data processing method, terminal, server, system, device, medium and product |
| CN116782210A (en) * | 2023-08-07 | 2023-09-19 | 北京数盾信息科技有限公司 | Dynamic encryption key generation method of high-speed encryption algorithm |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2005229489A (en) * | 2004-02-16 | 2005-08-25 | Matsushita Electric Ind Co Ltd | Method for generating common information for networked home electrical appliances, and communication system |
| CN102202291A (en) * | 2010-03-22 | 2011-09-28 | 中国移动通信集团公司 | Card-free terminal, service access method and system thereof, terminal with card and bootstrapping server function (BSF) |
| CN103309307A (en) * | 2013-05-15 | 2013-09-18 | 重庆邮电大学 | Smart household appliance control method based on object access control |
| CN103795560A (en) * | 2012-11-01 | 2014-05-14 | 云永科技股份有限公司 | A method for managing networking device IDs and networking devices |
| EP2814273A1 (en) * | 2013-06-10 | 2014-12-17 | Whirlpool Corporation | Method of connecting an appliance to a WIFI network |
| CN104244030A (en) * | 2014-09-17 | 2014-12-24 | 四川迪佳通电子有限公司 | Recorded program sharing method and system |
| CN104506497A (en) * | 2014-12-10 | 2015-04-08 | 青岛海信电器股份有限公司 | Information issuing method and system |
| CN104793508A (en) * | 2015-04-21 | 2015-07-22 | 珠海格力电器股份有限公司 | Network access control method, network access control device and network access control system for household appliances |
-
2016
- 2016-01-18 CN CN201610031369.8A patent/CN105577680B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2005229489A (en) * | 2004-02-16 | 2005-08-25 | Matsushita Electric Ind Co Ltd | Method for generating common information for networked home electrical appliances, and communication system |
| CN102202291A (en) * | 2010-03-22 | 2011-09-28 | 中国移动通信集团公司 | Card-free terminal, service access method and system thereof, terminal with card and bootstrapping server function (BSF) |
| CN103795560A (en) * | 2012-11-01 | 2014-05-14 | 云永科技股份有限公司 | A method for managing networking device IDs and networking devices |
| CN103309307A (en) * | 2013-05-15 | 2013-09-18 | 重庆邮电大学 | Smart household appliance control method based on object access control |
| EP2814273A1 (en) * | 2013-06-10 | 2014-12-17 | Whirlpool Corporation | Method of connecting an appliance to a WIFI network |
| CN104244030A (en) * | 2014-09-17 | 2014-12-24 | 四川迪佳通电子有限公司 | Recorded program sharing method and system |
| CN104506497A (en) * | 2014-12-10 | 2015-04-08 | 青岛海信电器股份有限公司 | Information issuing method and system |
| CN104793508A (en) * | 2015-04-21 | 2015-07-22 | 珠海格力电器股份有限公司 | Network access control method, network access control device and network access control system for household appliances |
Cited By (30)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106130958A (en) * | 2016-06-08 | 2016-11-16 | 美的集团股份有限公司 | The communication system of home appliance and terminal and method, home appliance, terminal |
| CN106130958B (en) * | 2016-06-08 | 2019-02-01 | 美的集团股份有限公司 | The communication system and method for household appliance and terminal, household appliance, terminal |
| CN105959189A (en) * | 2016-06-08 | 2016-09-21 | 美的集团股份有限公司 | Home appliance equipment, communication system and method of cloud server and terminal, and terminal |
| CN105959189B (en) * | 2016-06-08 | 2019-09-13 | 美的集团股份有限公司 | Household appliance and its with the communication system and method for Cloud Server and terminal, terminal |
| CN106506289A (en) * | 2016-10-31 | 2017-03-15 | 邯郸美的制冷设备有限公司 | Networking method and apparatus, networking method and device, router and intelligent appliance |
| CN106506289B (en) * | 2016-10-31 | 2020-05-01 | 邯郸美的制冷设备有限公司 | Networking method and device, router and intelligent household appliance |
| CN106411715A (en) * | 2016-11-02 | 2017-02-15 | 中国人民公安大学 | Cloud-based secure instant messaging method and system |
| CN108183800A (en) * | 2016-12-08 | 2018-06-19 | 大北欧听力公司 | System, the device and method of credible binding are created between hearing device and user's application |
| CN110495135A (en) * | 2017-04-14 | 2019-11-22 | 三菱电机株式会社 | Key management system, communication equipment and key sharing method |
| CN110495135B (en) * | 2017-04-14 | 2022-06-28 | 三菱电机株式会社 | Key management system, communication device, and key sharing method |
| CN107171791A (en) * | 2017-05-24 | 2017-09-15 | 舒翔 | A kind of data encryption/decryption method and encrypting and deciphering system based on biological characteristic |
| CN107332661A (en) * | 2017-06-29 | 2017-11-07 | 环球智达科技(北京)有限公司 | The method of data encryption |
| CN107171797A (en) * | 2017-07-18 | 2017-09-15 | 郑州云海信息技术有限公司 | A kind of data ciphering method and device |
| CN109617678A (en) * | 2018-11-20 | 2019-04-12 | 上海庆科信息技术有限公司 | Intelligent lock system and password store method, device, equipment, computer media |
| CN109547445A (en) * | 2018-11-27 | 2019-03-29 | 北京酷我科技有限公司 | A kind of method and system that verifying client network requests are legal |
| CN109547445B (en) * | 2018-11-27 | 2021-05-14 | 北京酷我科技有限公司 | Method and system for verifying legality of network request of client |
| CN110519052A (en) * | 2019-08-23 | 2019-11-29 | 青岛海尔科技有限公司 | Data interactive method and device based on Internet of Things operating system |
| CN110519052B (en) * | 2019-08-23 | 2022-07-05 | 青岛海尔科技有限公司 | Data interaction method and device based on Internet of things operating system |
| CN112448808A (en) * | 2019-08-29 | 2021-03-05 | 斑马智行网络(香港)有限公司 | Communication method, device, access point, server, system and storage medium |
| CN112448811A (en) * | 2019-09-03 | 2021-03-05 | 上海云从汇临人工智能科技有限公司 | Data security management method, data security management device and data security management system |
| CN110784317A (en) * | 2019-10-30 | 2020-02-11 | 京东方科技集团股份有限公司 | Data encryption interaction method, device and system |
| US11477018B2 (en) | 2019-10-30 | 2022-10-18 | Beijing Boe Technology Development Co., Ltd. | Method, device and system for encrypting interactive data |
| CN111277574B (en) * | 2020-01-14 | 2022-05-17 | 杭州涂鸦信息技术有限公司 | Method and system for generating timeliness offline secret key for secure communication of shared equipment |
| CN111277574A (en) * | 2020-01-14 | 2020-06-12 | 杭州涂鸦信息技术有限公司 | Method and system for generating timeliness offline secret key for secure communication of shared equipment |
| CN111565107A (en) * | 2020-07-14 | 2020-08-21 | 腾讯科技(深圳)有限公司 | Key processing method and device based on cloud service platform and computer equipment |
| CN114258013A (en) * | 2020-09-11 | 2022-03-29 | 中国联合网络通信集团有限公司 | Data encryption method, device and storage medium |
| CN114258013B (en) * | 2020-09-11 | 2023-10-31 | 中国联合网络通信集团有限公司 | Data encryption method, device and storage medium |
| CN115529130A (en) * | 2022-11-25 | 2022-12-27 | 无锡沐创集成电路设计有限公司 | Data processing method, terminal, server, system, device, medium and product |
| CN116782210A (en) * | 2023-08-07 | 2023-09-19 | 北京数盾信息科技有限公司 | Dynamic encryption key generation method of high-speed encryption algorithm |
| CN116782210B (en) * | 2023-08-07 | 2024-04-30 | 数盾信息科技股份有限公司 | Dynamic encryption key generation method of high-speed encryption algorithm |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105577680B (en) | 2021-03-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105577680A (en) | Key generation method, encrypted data analyzing method, devices and key managing center | |
| US11122428B2 (en) | Transmission data protection system, method, and apparatus | |
| CN107317674B (en) | Key distribution and authentication method, device and system | |
| Shen et al. | Secure device-to-device communications over WiFi direct | |
| EP2039199B1 (en) | User equipment credential system | |
| CN100454808C (en) | Authentication method | |
| CN111052672B (en) | Secure key transfer protocol without certificate or pre-shared symmetric key | |
| CN102036238B (en) | Method for realizing user and network authentication and key distribution based on public key | |
| CN101931955B (en) | Authentication method, device and system | |
| US20110320802A1 (en) | Authentication method, key distribution method and authentication and key distribution method | |
| CN110087240B (en) | Wireless network security data transmission method and system based on WPA2-PSK mode | |
| KR20000012072A (en) | Method for two party authentication and key agreement | |
| JP2000083018A (en) | Method for transmitting information needing secrecy by first using communication that is not kept secret | |
| CN101951590B (en) | Authentication method, device and system | |
| Sedidi et al. | Key exchange protocols for secure Device-to-Device (D2D) communication in 5G | |
| CN105577365B (en) | A kind of user accesses the cryptographic key negotiation method and device of WLAN | |
| CN107682152B (en) | Group key negotiation method based on symmetric cipher | |
| KR20150051568A (en) | Security supporting method and system for proximity based service device to device discovery and communication in mobile telecommunication system environment | |
| CN103118363A (en) | Method, system, terminal device and platform device of secret information transmission | |
| CN108353279A (en) | A kind of authentication method and Verification System | |
| CN114362944B (en) | D2D secure mobile communication method and system based on quantum key | |
| Shang et al. | A certificateless authentication protocol for D2D group communications in 5G cellular networks | |
| WO2012024905A1 (en) | Method, terminal and ggsn for encrypting and decrypting data in mobile communication network | |
| KR101704540B1 (en) | A method of managing group keys for sharing data between multiple devices in M2M environment | |
| Maccari et al. | Security analysis of IEEE 802.16 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |