CN106130958B - The communication system and method for household appliance and terminal, household appliance, terminal - Google Patents
The communication system and method for household appliance and terminal, household appliance, terminal Download PDFInfo
- Publication number
- CN106130958B CN106130958B CN201610405105.4A CN201610405105A CN106130958B CN 106130958 B CN106130958 B CN 106130958B CN 201610405105 A CN201610405105 A CN 201610405105A CN 106130958 B CN106130958 B CN 106130958B
- Authority
- CN
- China
- Prior art keywords
- cloud server
- session key
- household appliance
- terminal
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Multimedia (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses the communication systems of a kind of household appliance and terminal, which includes household appliance and terminal: household appliance, for obtaining authority keys from Cloud Server after establishing connection with Cloud Server;The rights token that terminal is sent is received, generates the second session key based on authority keys and rights token, and the second session key is sent to terminal;Terminal, for obtaining the first session key and rights token from Cloud Server, and rights token is sent to household appliance after establishing connection with Cloud Server;The second session key that household appliance is sent is received, is sent to household appliance after encrypting data to be transmitted using the second session key and the first session key.The present invention also provides the communication means of household appliance and terminal, household appliance and terminals.The present invention improves the safety of data interaction between household appliance and terminal.
Description
Technical field
The present invention relates to Smart Home technical field more particularly to the communication systems and side of a kind of household appliance and terminal
Method, household appliance, terminal.
Background technique
With the growth of the quantity and category of intelligent appliance equipment, compel to be essential so that the connection and collaboration of equipment room become
It wants, the framework of wisdom life advances to the direction of connection and collaboration, occurs smart home therewith.Smart home refer to
House is platform, utilizes comprehensive wiring technology, network communications technology, security precautions technology, automatic control technology, audio and video technology
The related facility of home life is integrated, the management system of efficient housing facilities and family's schedule affairs is constructed, promotes household
Safety, convenience, comfort, artistry, and realize the living environment of environmental protection and energy saving.
In smart home system, in household appliance-terminal-Cloud Server system, household appliance and terminal it
Between information exchange, be essentially all after establishing a connection, directly carry out information communication, there is no consider household electrical appliances set
It is standby between terminal the problem of information communication safety.However, during carrying out information communication between household appliance and terminal,
Household appliance can not go to identify whether the application program in the terminal has permission and access the household appliance, be easy to cause illegal
Application program goes access household appliance, steals the data in household appliance, leads to data interaction between household appliance and terminal
Safety cannot ensure.
Summary of the invention
The main purpose of the present invention is to provide the communication system and method for a kind of household appliance and terminal, household appliance,
Terminal, it is intended to the technical issues of solving the safety of data interaction between existing household appliance and terminal cannot ensure.
To achieve the above object, the communication system of a kind of household appliance and terminal provided by the invention, the household appliance
Communication system with terminal includes household appliance and terminal:
The household appliance, for obtaining authority keys from the Cloud Server after establishing connection with Cloud Server;
The terminal, for it is close to obtain the first session from the Cloud Server after establishing connection with the Cloud Server
Key and rights token, and the rights token is sent to the household appliance;
The rights token is based on predetermined encryption algorithm by the Cloud Server, using the first session key generated and
Authority keys generate;
The household appliance is also used to receive the rights token that the terminal is sent, and is based on the authority keys and permission
Token generates the second session key, and second session key is sent to the terminal;
The terminal is also used to receive the second session key that the household appliance is sent, close using second session
Key and first session key are sent to the household appliance after encrypting data to be transmitted.
Preferably, the household appliance is also used to receive the rights token that the terminal is sent, using the authority keys
The rights token is decrypted, first session key is obtained;Verify the complete of first session key;If first meeting
It is complete to talk about key, then generates the second session key, and second session key is sent to the terminal.
Preferably, the terminal is also used to receive the second session key that the household appliance is sent, and calculates described second
The exclusive or value of session key and first session key, using the exclusive or value as third session key;Using the third
Session key is sent to the household appliance after encrypting data to be transmitted.
Preferably, the household appliance is also used to after establishing connection with Cloud Server, sends the first device identification request
It instructs to the Cloud Server, so that the Cloud Server is identified according to the first device identification request instruction returning equipment;
The device identification that the Cloud Server returns is received, key identification is obtained by the cryptographic Hash of the device identification, and pass through institute
It states key identification to instruct to the Cloud Server sending permission key request, so that the Cloud Server is according to the authority keys
Request instruction returns to authority keys;Receive the authority keys that the Cloud Server returns.
Preferably, the terminal is also used to after establishing connection with the Cloud Server, sends the second device identification request
It instructs to the Cloud Server, so that the Cloud Server is identified according to the second device identification request instruction returning equipment;
The device identification that the Cloud Server returns is received, key identification is obtained by the cryptographic Hash of the device identification, and pass through institute
Key identification is stated to the Cloud Server sending permission token request instruction, so that the Cloud Server is according to the rights token
Request instruction returns to the first session key and rights token;Receive the first session key and permission order that the Cloud Server returns
Board, and the rights token is sent to the household appliance.
In addition, to achieve the above object, the present invention also provides a kind of household appliance, the household appliance includes:
First obtains module, for obtaining authority keys from the Cloud Server after establishing connection with Cloud Server;
Key production module, it is raw based on the authority keys and rights token for receiving the rights token of terminal transmission
At the second session key;
Second session key is sent to the terminal by key sending module, so that the terminal receives the family
The second session key that electric equipment is sent, it is close using second session key and the first session obtained from the Cloud Server
Key is sent to the household appliance after encrypting data to be transmitted;
The rights token is based on predetermined encryption algorithm by the Cloud Server, using the first session key generated and
Authority keys generate.
Preferably, the key production module includes:
Decryption unit, the rights token sent for receiving the terminal decrypt the permission using the authority keys
Token obtains first session key;
Authentication unit, for verifying the integrality of first session key;
Key generating unit generates the second session key if complete for first session key.
Preferably, the first acquisition module includes:
First transmission unit, for after establishing connection with Cloud Server, sending the first device identification request instruction to institute
Cloud Server is stated, so that the Cloud Server is identified according to the first device identification request instruction returning equipment;
First receiving unit, the device identification returned for receiving the Cloud Server, passes through the Kazakhstan of the device identification
Uncommon value obtains key identification;
First transmission unit is also used to through the key identification to the Cloud Server sending permission key request
Instruction, so that the Cloud Server returns to authority keys according to the authority keys request instruction;
First receiving unit is also used to receive the authority keys that the Cloud Server returns.
In addition, to achieve the above object, the present invention also provides a kind of terminal, the terminal includes:
Second obtains module, for it is close to obtain the first session from the Cloud Server after establishing connection with Cloud Server
Key and rights token, and the rights token is sent to the household appliance, so that the household appliance is based on the permission
Key and rights token generate the second session key, and second session key is sent to the terminal;
The rights token is based on predetermined encryption algorithm by the Cloud Server, using the first session key generated and
Authority keys generate;
Receiving module, the second session key sent for receiving the household appliance, passes through second session key
After data to be transmitted being encrypted with first session key be sent to the household appliance.
Preferably, the second receiving unit, the second session key sent for receiving the household appliance calculate described the
The exclusive or value of two session keys and first session key, using the exclusive or value as third session key;
Data transmission unit, for being sent to the household electrical appliances after encrypting data to be transmitted by the third session key
Equipment.
Preferably, the second acquisition module includes:
Second transmission unit, for sending the second device identification request instruction after establishing connection with the Cloud Server
To the Cloud Server, so that the Cloud Server is identified according to the second device identification request instruction returning equipment;
Third receiving unit, the device identification returned for receiving the Cloud Server, passes through the Kazakhstan of the device identification
Uncommon value obtains key identification;
Second transmission unit is also used to request by the key identification to the Cloud Server sending permission token
Instruction, so that the Cloud Server returns to the first session key and rights token according to the rights token request instruction;
The third receiving unit is also used to receive the first session key and rights token that the Cloud Server returns,
And the rights token is sent to the household appliance, so that the household appliance is based on the authority keys and rights token
The second session key is generated, and second session key is sent to the terminal.
In addition, to achieve the above object, the present invention also provides the means of communication of a kind of household appliance and terminal, the household electrical appliances
The means of communication of equipment and terminal include:
After the household appliance and Cloud Server establish connection, the household appliance obtains permission from the Cloud Server
Key;
After the terminal and the Cloud Server establish connection, the terminal obtains the first session from the Cloud Server
Key and rights token, and the rights token is sent to the household appliance;
The rights token is based on predetermined encryption algorithm by the Cloud Server, using the first session key generated and
Authority keys generate;
The household appliance receives the rights token that the terminal is sent, and is generated based on the authority keys and rights token
Second session key, and second session key is sent to the terminal;
The terminal receives the second session key that the household appliance is sent, using second session key and described
First session key is sent to the household appliance after encrypting data to be transmitted.
Preferably, the household appliance receives the rights token that the terminal is sent, and is based on the authority keys and permission
Token generates the second session key, and the step of second session key is sent to the terminal includes:
The household appliance receives the rights token that the terminal is sent, and decrypts the permission using the authority keys and enables
Board obtains first session key;
The household appliance verifies the integrality of first session key;
If first session key is complete, the household appliance generates the second session key, and by second meeting
Words key is sent to the terminal.
Preferably, the terminal receives the second session key that the household appliance is sent, close using second session
The step of key and first session key are sent to the household appliance after encrypting data to be transmitted include:
The terminal receives the second session key that the household appliance is sent, and calculates second session key and described
The exclusive or value of first session key, using the exclusive or value as third session key;
The terminal is sent to the household appliance after encrypting data to be transmitted using the third session key.
Preferably, described after the household appliance establishes connection with Cloud Server, the household appliance takes from the cloud
Business device obtain authority keys the step of include:
After the household appliance and Cloud Server establish connection, the household appliance sends the first device identification request and refers to
It enables to the Cloud Server, so that the Cloud Server is identified according to the first device identification request instruction returning equipment;
The household appliance receives the device identification that the Cloud Server returns, and is obtained by the cryptographic Hash of the device identification
It is instructed to key identification, and by the key identification to the Cloud Server sending permission key request, for cloud clothes
Device be engaged according to authority keys request instruction return authority keys;
The household appliance receives the authority keys that the Cloud Server returns.
Preferably, described after the terminal and the Cloud Server establish connection, the terminal is from the Cloud Server
The first session key and rights token are obtained, and the step of rights token is sent to the household appliance includes:
After the terminal and the Cloud Server establish connection, the terminal send the second device identification request instruction to
The Cloud Server, so that the Cloud Server is identified according to the second device identification request instruction returning equipment;
The terminal receives the device identification that the Cloud Server returns, and is obtained by the cryptographic Hash of the device identification close
Key mark, and by the key identification to the Cloud Server sending permission token request instruction, for the Cloud Server
The first session key and rights token are returned according to the rights token request instruction;
The terminal receives the first session key and rights token that the Cloud Server returns, and by the rights token
It is sent to the household appliance.
The present invention obtains the first session key and rights token by terminal from Cloud Server, and rights token is sent
To household appliance, household appliance is close based on the authority keys obtained from Cloud Server and the rights token the second session of generation
Key, and the second session key is sent to terminal, terminal uses the second session key and the first session key of institute by number to be transmitted
According to being sent to household appliance after encryption.It realizes during carrying out information communication between household appliance and terminal, household appliance is logical
The application program in rights token identification terminal is crossed with the presence or absence of the permission of access household appliance, only when the application journey in terminal
When sequence has the permission of access household appliance, the data of the available household appliance of application program ability in terminal improve house
The safety of data interaction between electric equipment and terminal.
Detailed description of the invention
Fig. 1 is the preferable implement scene schematic diagram of the communication system of present inventor's electric equipment and terminal;
Fig. 2 is the functional block diagram of present inventor's electric equipment preferred embodiment;
Fig. 3 is the first a kind of the functional block diagram for obtaining module in the embodiment of the present invention;
Fig. 4 is the functional block diagram of terminal preferred embodiment of the present invention;
Fig. 5 is the second a kind of the functional block diagram for obtaining module in the embodiment of the present invention;
Fig. 6 is the flow diagram of the means of communication preferred embodiment of present inventor's electric equipment and terminal;
Fig. 7 be in the embodiment of the present invention after household appliance and Cloud Server establish connection, the household appliance from
The Cloud Server obtains a kind of flow diagram of authority keys;
Fig. 8 is in the embodiment of the present invention after terminal and the Cloud Server establish connection, and the terminal is from described
Cloud Server obtains the first session key and rights token, and the rights token is sent to a kind of stream of the household appliance
Journey schematic diagram.
Specific embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
The present invention provides the communication system of a kind of household appliance and terminal.
Referring to Fig.1, Fig. 1 is the preferable implement scene schematic diagram of the communication system of present inventor's electric equipment and terminal.
By described Fig. 1 it is found that the household appliance 10 of Internet of Things is preferably applied in the communication of the household appliance 10 and terminal 30
It controls in scene, wherein the communication system of the household appliance 10 and terminal 30 includes that terminal 30, Cloud Server 20 and household electrical appliances are set
Standby 10, the terminal 30 can be mobile phone, PAD (Portable Android Device, tablet computer) or remote controler etc., sheet
Terminal 30 described in embodiment takes the mobile phone as an example, and the household appliance 10 includes various household appliances, such as air-conditioning, refrigerator or speaker
Etc..Specifically, the household appliance 10 is first and the Cloud Server 20 establishes secure connection, and the terminal 30 is also elder generation and institute
It states Cloud Server 20 and establishes secure connection, then the terminal 30 and the household appliance 10 interact, specific interaction side
Formula are as follows: the terminal 30 sends control instruction to the household appliance 10, to control the household appliance by Cloud Server 20
10 execute corresponding operation, such as control air conditioner and open heating mode, or adjusting heating temperature etc..
The household appliance 10, for obtaining permission from the Cloud Server 20 after establishing connection with Cloud Server 20
Key;
When household appliance 10 will carry out data transmission with terminal 30,10 elder generation of household appliance and the Cloud Server 20
Establish SST (Smart Security Transport, smart machine safe transmission bearing protocol) secure connection.When the household electrical appliances
Equipment 10 and the Cloud Server 20 are established after SST connect, and the household appliance 10 obtains permission from the Cloud Server 20
Key.Further, after the household appliance 10 obtains the authority keys from the Cloud Server 20, the household appliance
10 calculate the cryptographic Hash of the authority keys, and the cryptographic Hash of the authority keys and the authority keys are written to described
In SST, to be communicated in local area network by the authority keys and the terminal 30.
It should be noted that in the present embodiment, the terminal 30 is by presetting APP (Application, application program)
It is communicated with the household appliance 10 and the Cloud Server 20, the default APP refers in Internet of Things to the household electrical appliances
The application that equipment 10 is controlled.The authority keys are the 32 byte character strings that the Cloud Server 20 generates.However, it is possible to
As the case may be, to set 16 bytes or 64 bytes etc. for the byte number of the authority keys.
The terminal 30, for obtaining first from the Cloud Server 20 after establishing connection with the Cloud Server 20
Session key and rights token, and the rights token is sent to the household appliance 10;
The rights token is based on predetermined encryption algorithm by the Cloud Server 20, using the first session key generated
It is generated with authority keys;
When the terminal 30 will carry out data transmission with the Cloud Server 20, the terminal 30 and the Cloud Server
20 establish HTTPS (Hyper Text Transfer Protocol over Secure Socket Layer, network protocol) even
It connects.After the terminal 30, which establishes HTTPS with the server, to be connect, the terminal 30 detects in the APP whether have user
It logs in.When the user in the APP successfully logs in the APP, the terminal 30 obtains first from the Cloud Server 20
Session key and rights token.After the terminal 30 gets first session key and the rights token, the end
Secure connection is established with the household appliance 10 in end 30, and the first acquired session key and rights token are sent to the family
Electric equipment 10.
It should be noted that the rights token was generated by the Cloud Server 20.It is generated in the Cloud Server 20
During the rights token, the Cloud Server 20 can first get authority keys, and pass through pre-stored mapping table
It detects between the APP and household appliance 10 with the presence or absence of binding relationship.The mapping table be the household appliance 10 with it is described
The mapping table of APP in terminal 30 stores MAC (the Media Access of the household appliance 10 in the mapping table
Control, media access control) address, SN (serial number, sequence number) is between code and the identification information of the APP
The identification information of mapping relations, the APP is the information that can uniquely indicate the APP, such as the packet name of the APP.When the cloud takes
Business device 20 is based on the mapping table and detects that the cloud takes there are when binding relationship between the APP and the household appliance 10
Business device 20 generates the first session key, and using the authority keys as key, using preset Encryption Algorithm to first meeting
Words key is encrypted, and corresponding ciphertext is obtained.After the Cloud Server 20 obtains the ciphertext, the Cloud Server 20 is adopted
The cryptographic Hash of first session key is calculated with SHA-256 (Secure Hash Algorithm, Secure Hash Algorithm).Institute
It states Cloud Server 20 to splice the cryptographic Hash of encrypted first session key and the ciphertext, obtains permission order
Board.After the Cloud Server 20 obtains the rights token, the Cloud Server 20 is by the rights token and described first
Session key is sent to the terminal 30, so that the terminal 30 gets the rights token and first session key.
Detect that there is no binding relationships between the APP and the household appliance 10 when the Cloud Server 20 is based on the mapping table
When, the Cloud Server 20 then sends null message to the terminal 30.
It should be noted that the first session key that the Cloud Server 20 generates each time is all different.The cloud clothes
Business device 20 also can choose described the when obtaining rights token using the cryptographic Hash and the ciphertext of first session key
Partial words joint number in the partial words joint number and the ciphertext of the cryptographic Hash of one session key carries out splicing or different or, obtaining
The rights token.
In the present embodiment, the preset Encryption Algorithm is AES (Advanced Encryption Standard, height
Grade encryption standard), specifically use AES-256 algorithm.But the preset Encryption Algorithm is not restricted to AES-256 algorithm,
Other existing Encryption Algorithm can also be used, details are not described herein.
The household appliance 10 is also used to receive the rights token that the terminal 30 is sent, based on the authority keys and
Rights token generates the second session key, and second session key is sent to the terminal 30;
When the household appliance 10 receives the rights token that the terminal 30 is sent, the household appliance 10 is based on institute
It states the rights token that authority keys and the terminal 30 are sent and generates the second session key, and second session key is sent
To the terminal 30.
Further, the household appliance 10 is also used to receive the rights token that the terminal 30 is sent, using the power
It limits key and decrypts the rights token, obtain first session key;Verify the complete of first session key;If described
First session key is complete, then generates the second session key, and second session key is sent to the terminal 30.
When the household appliance 10 receives the rights token that the terminal 30 is sent, the household appliance 10 uses institute
It states authority keys and decrypts the rights token, obtain the cryptographic Hash of first session key and first session key, it will
The cryptographic Hash for decrypting resulting first session key is denoted as the first cryptographic Hash of the first session key, and recalculates the decryption
The cryptographic Hash of resulting first session key is denoted as the second cryptographic Hash of the first session key.The household appliance 10 uses institute
Second cryptographic Hash of the first cryptographic Hash and first session key of stating the first session key verifies first session key
Integrality.If the first cryptographic Hash of first session key is identical with the second cryptographic Hash of first session key, institute
It states household appliance 10 and then assert that first session key is complete, the household appliance 10 then generates the second session key, and will
Second session key is sent to the terminal 30;If the first cryptographic Hash of first session key and first session
Second cryptographic Hash of key is different, and the household appliance 10 then assert that first session key is imperfect, the household appliance
10 do not generate the second session key then.
The terminal 30 is also used to receive the second session key that the household appliance 10 is sent, using second meeting
Words key and first session key are sent to the household appliance 10 after encrypting data to be transmitted.
When the terminal 30 receives the second session key that the household appliance 10 is sent, the terminal 30 uses institute
State the second session key and first session key data to be transmitted is encrypted after be sent to the household appliance 10.It is described to
Transmitting data can be the control instruction or other data of the control unlatching of household appliance 10, closing etc..
Further, the terminal 30 is also used to receive the second session key that the household appliance 10 is sent, and calculates institute
The exclusive or value for stating the second session key and first session key, using the exclusive or value as third session key;Using institute
It states and is sent to the household appliance 10 after third session key encrypts data to be transmitted.
When the terminal 30 receives the second session key that the household appliance 10 is sent, the terminal 30 calculates institute
The exclusive or value for stating the second session key and first session key, by second session key and first session key
Exclusive or value as third session key.The terminal 30 by the third session key be key pair described in data to be transmitted into
Row encryption, obtains encrypted data to be transmitted.The encrypted data to be transmitted is sent to the family by the terminal 30
Electric equipment 10 and the household appliance 10 are communicated.
It should be noted that in the present embodiment, being not restricted to through first session key and second meeting
The third session key is calculated in the exclusive or value of words key.It can also be by first session key and second session
Key is spliced to obtain the third session key, can also use first session key and second session key
In partial words joint number carry out exclusive or, or splicing obtain the third session key.
The present embodiment obtains the first session key and rights token by terminal 30 from Cloud Server 20, and permission is enabled
Board is sent to household appliance 10, and household appliance 10 is generated based on the authority keys and the rights token obtained from Cloud Server 20
Second session key, and the second session key is sent to terminal 30, terminal 30 is using the second session key and the first session
Key is sent to household appliance 10 after encrypting data to be transmitted.It is logical to realize progress information between household appliance 10 and terminal 30
During news, household appliance 10 is by the application program in rights token identification terminal 30 with the presence or absence of access household appliance 10
Permission, only when the application program in terminal 30 has the permission of access household appliance 10, the application program in terminal 30 is
The data of available household appliance 10, improve the safety of data interaction between household appliance 10 and terminal 30.
Further, the household appliance 10 is also used to after establishing connection with Cloud Server 20, sends the first equipment mark
Request instruction is known to the Cloud Server 20, so that the Cloud Server 20 is returned according to the first device identification request instruction
Device identification;The device identification that the Cloud Server 20 returns is received, key mark is obtained by the cryptographic Hash of the device identification
Know, and instructed by the key identification to the 20 sending permission key request of Cloud Server, for the Cloud Server 20
Authority keys are returned according to the authority keys request instruction;Receive the authority keys that the Cloud Server 20 returns.
After the household appliance 10, which establishes SST with the Cloud Server 20, to be connect, the household appliance 10 sends the
One device identification request instruction gives the Cloud Server 20.When the Cloud Server 20 receives the first device identification request
After instruction, the Cloud Server 20 is identified according to the first device identification request instruction returning equipment to the household appliance
10.The device identification is the household appliance 10 when connecting network for the first time, and the Cloud Server 20 is to distribute to the family
Electric equipment 10, each household appliance 10 has unique device identification.
It should be noted that the device identification is also possible to the household appliance 10 oneself generation.
When the household appliance 10 receives the device identification that the Cloud Server 20 returns, the device identification is calculated
Cryptographic Hash will be described close using the result of the 16 byte phase exclusive or of front and back of the cryptographic Hash of the device identification as key identification
Key mark is denoted as UDP_KEY_ID.When the household appliance 10 obtains the key identification UDP_KEY_ID, the household electrical appliances are set
Standby 10 are instructed by the UDP_KEY_ID to the 20 sending permission key request of Cloud Server.When the Cloud Server 20 connects
When receiving the authority keys request instruction that the household appliance 10 is sent, the Cloud Server 20 is requested according to the authority keys
Instruction returns to the authority keys of its generation to the household appliance 10.Further, when the Cloud Server 20 simultaneously will be described
The cryptographic Hash of authority keys is sent to the household appliance 10.
It should be noted that can also using the result of the 8 byte phase exclusive or of front and back of the cryptographic Hash of the device identification as
The key identification, can also be using the result of the other byte number phase exclusive or in the front and back of the cryptographic Hash of the device identification as described in
Key identification.
The household appliance 10 receives the authority keys that the Cloud Server 20 returns, and receives the Cloud Server 20
The cryptographic Hash for the authority keys that the Cloud Server 20 is sent is denoted as the of authority keys by the cryptographic Hash of the authority keys of transmission
One cryptographic Hash.When the household appliance 10 receives the authority keys that the Cloud Server 20 returns, the household appliance 10
The cryptographic Hash for calculating the authority keys, the cryptographic Hash for the authority keys being calculated are denoted as the second of authority keys
Cryptographic Hash.The household appliance 10 is tested by the first cryptographic Hash of the authority keys and the second cryptographic Hash of the authority keys
Demonstrate,prove the integrality of the authority keys.If the first cryptographic Hash of the authority keys and the second cryptographic Hash phase of the authority keys
Together, then show that the authority keys are complete, the household appliance 10 then by the authority keys in local area network with the end
End 30 is communicated;If the first cryptographic Hash of the authority keys is different with the second cryptographic Hash of the authority keys, show
The authority keys are imperfect, and the household appliance 10 then obtains the authority keys or knot to the Cloud Server 20 again
The operation of Shu Dangqian.
The household appliance 10 from the Cloud Server 20 by obtaining authority keys, and the Hash for passing through authority keys
Value verifies the integrality of the authority keys.Improve the safety communicated between household appliance 10 and terminal 30.
Further, the terminal 30 is also used to after establishing connection with the Cloud Server 20, sends the second equipment mark
Request instruction is known to the Cloud Server 20, so that the Cloud Server 20 is returned according to the second device identification request instruction
Device identification;The device identification that the Cloud Server 20 returns is received, key mark is obtained by the cryptographic Hash of the device identification
Know, and by the key identification to the 20 sending permission token request instruction of Cloud Server, for the Cloud Server 20
The first session key and rights token are returned according to the rights token request instruction;Receive that the Cloud Server 20 returns the
One session key and rights token, and the rights token is sent to the household appliance 10.
After the terminal 30, which establishes HTTPS with the Cloud Server 20, to be connect, the terminal 30 sends the second equipment
Identification request is instructed to the Cloud Server 20.When the Cloud Server 20 receives the second device identification request instruction
Afterwards, the Cloud Server 20 is identified according to the second device identification request instruction returning equipment to the terminal 30.The cloud
It is the same device identification that server 20, which returns to the terminal 30 and the device identification of the household appliance 10,.Due to the cloud
The mapping table of APP in household appliance 10 described in server 20 and the terminal 30, so the Cloud Server 20 can be according to institute
It states the second device identification request instruction and returns to device identification identical with the household appliance 10 is returned to the terminal 30.
When the terminal 30 receives the device identification that the Cloud Server 20 returns, the Kazakhstan of the device identification is calculated
Uncommon value, using the result of the 16 byte phase exclusive or of front and back of the cryptographic Hash of the device identification as key identification.By the key mark
Memorize is UDP_KEY_ID.When the terminal 30 obtains the key identification UDP_KEY_ID, the terminal 30 passes through described
UDP_KEY_ID is to the 20 sending permission token request instruction of Cloud Server.When the Cloud Server 20 receives the terminal
When the rights token request instruction of 30 transmissions, the Cloud Server 20 returns to its generation according to the authority keys request instruction
Rights token and the first session key.When the Cloud Server 20 is during generating rights token, the key can be passed through
Identifier lookup is to the authority keys.Each device identification corresponds to a unique key identification, and each key identification is corresponding
Unique authority keys.The terminal 30 receives the first session key that the Cloud Server 20 returns and permission enables
Board accesses the household appliance 10 according to the rights token.
The household appliance 10 identifies whether the terminal 30 has and have access authority by the rights token, realize with
Secure interactive between the terminal 30.
The present invention further provides a kind of household appliances 10.
It is the functional block diagram of 10 preferred embodiment of present inventor's electric equipment referring to Fig. 2, Fig. 2.
In the present embodiment, the household appliance 10 includes:
First obtains module 11, for obtaining permission from the Cloud Server 20 after establishing connection with Cloud Server 20
Key;
When household appliance 10 will carry out data transmission with terminal 30,10 elder generation of household appliance and the Cloud Server 20
Establish SST (Smart Security Transport, smart machine safe transmission bearing protocol) secure connection.When the household electrical appliances
Equipment 10 and the Cloud Server 20 are established after SST connect, and first in the household appliance 10 obtains module 11 from the cloud
Authority keys are obtained in server 20.The household appliance 10 includes but is not limited to refrigerator, electric cooker, micro-wave oven and TV.Into
One step, after the first acquisition module 11 obtains the authority keys from the Cloud Server 20, described first obtains mould
Block 11 calculates the cryptographic Hash of the authority keys, and the cryptographic Hash of the authority keys and the authority keys are written to described
In SST, to be communicated in local area network by the authority keys and the terminal 30.
It should be noted that in the present embodiment, the terminal 30 is by presetting APP (Application, application program)
It is communicated with the household appliance 10 and the Cloud Server 20, the default APP refers in Internet of Things to the household electrical appliances
The application that equipment 10 is controlled.The authority keys are the 32 byte character strings that the Cloud Server 20 generates.However, it is possible to
As the case may be, to set 16 bytes or 64 bytes etc. for the byte number of the authority keys.
Key production module 12 is enabled for receiving the rights token of the transmission of terminal 30 based on the authority keys and permission
Board generates the second session key;
Second session key is sent to the terminal 30 by key sending module 13, for the terminal 30 reception
The second session key that the household appliance 10 is sent is obtained using second session key and from the Cloud Server 20
First session key is sent to the household appliance 10 after encrypting data to be transmitted;
When the key production module 12 in the household appliance 10 receives the rights token that the terminal 30 is sent, institute
It states the rights token that key production module 12 is sent based on the authority keys and the terminal 30 and generates the second session key.Institute
It states key sending module 13 and second session key is sent to the terminal 30.
Further, the key production module 12 includes:
Decryption unit, the rights token sent for receiving the terminal 30 decrypt the power using the authority keys
It orders board within a certain time, obtains first session key;
Authentication unit, for verifying the integrality of first session key;
Key generating unit generates the second session key if complete for first session key.
When the key production module 12 receives the rights token that the terminal 30 is sent, the key production module
Decryption unit in 12 decrypts the rights token using the authority keys, obtains first session key and described first
The cryptographic Hash for decrypting resulting first session key is denoted as the first Hash of the first session key by the cryptographic Hash of session key
Value, and the cryptographic Hash of resulting first session key of decryption is recalculated, it is denoted as the second cryptographic Hash of the first session key.
The authentication unit is tested using the first cryptographic Hash of first session key and the second cryptographic Hash of first session key
Demonstrate,prove the integrality of first session key.If the first cryptographic Hash of first session key and first session key
Second cryptographic Hash is identical, and the authentication unit then assert that first session key is complete, and the Key generating unit generates the
Two session keys;If the first cryptographic Hash of first session key is different with the second cryptographic Hash of first session key,
The authentication unit then assert that first session key is imperfect, and it is close that the Key generating unit does not generate the second session then
Key.
The rights token is based on predetermined encryption algorithm by the Cloud Server 20, using the first session key generated
It is generated with authority keys.
The rights token is generated by the Cloud Server 20.The rights token is generated in the Cloud Server 20
In the process, the Cloud Server 20 can first get authority keys, and detect the APP and family by pre-stored mapping table
It whether there is binding relationship between electric equipment 10.The mapping table is that the household appliance 10 is reflected with APP in the terminal 30
Firing table stores MAC (Media Access Control, the media interviews control of the household appliance 10 in the mapping table
System) mapping relations of address, SN (serial number, sequence number) between code and the identification information of the APP, the APP's
Identification information is the information that can uniquely indicate the APP, such as the packet name of the APP.When the Cloud Server 20 is based on the mapping
Table detects that the Cloud Server 20 generates the first session there are when binding relationship between the APP and the household appliance 10
Key, and using the authority keys as key, first session key is encrypted using preset Encryption Algorithm, is obtained
Corresponding ciphertext.After the Cloud Server 20 obtains the ciphertext, the Cloud Server 20 uses SHA-256 (Secure
Hash Algorithm, Secure Hash Algorithm) calculate the cryptographic Hash of first session key.The Cloud Server 20 will be described
The cryptographic Hash and the ciphertext of encrypted first session key are spliced, and rights token is obtained.When the Cloud Server 20
After obtaining the rights token, the rights token and first session key are sent to the end by the Cloud Server 20
End 30, so that the terminal 30 gets the rights token and first session key.When the Cloud Server 20 is based on
The mapping table detects that the Cloud Server 20 is then there is no when binding relationship between the APP and the household appliance 10
Null message is sent to the terminal 30.
It should be noted that the first session key that the Cloud Server 20 generates each time is all different.The cloud clothes
Business device 20 also can choose described the when obtaining rights token using the cryptographic Hash and the ciphertext of first session key
Partial words joint number in the partial words joint number and the ciphertext of the cryptographic Hash of one session key carries out splicing or different or, obtaining
The rights token.
In the present embodiment, the preset Encryption Algorithm is AES (Advanced Encryption Standard, height
Grade encryption standard), specifically use AES-256 algorithm.But the preset Encryption Algorithm is not restricted to AES-256 algorithm,
Other existing Encryption Algorithm can also be used, details are not described herein.
It further, is the first a kind of functional module signal for obtaining module 11 in the embodiment of the present invention referring to Fig. 3, Fig. 3
Figure
Described first, which obtains module 11, includes:
First transmission unit 111, for sending the first device identification request instruction after establishing connection with Cloud Server 20
To the Cloud Server 20, so that the Cloud Server 20 is identified according to the first device identification request instruction returning equipment;
After the household appliance 10, which establishes SST with the Cloud Server 20, to be connect, first transmission unit 111 is sent out
Send the first device identification request instruction to the Cloud Server 20.So that the Cloud Server 20 is according to first device identification
Request instruction returning equipment is identified into the first receiving unit 112.The device identification is that the household appliance 10 connects for the first time
When connecing network, the Cloud Server 20 is to distribute to the household appliance 10, and each household appliance 10 has unique equipment
Mark.
It should be noted that the device identification is also possible to the household appliance 10 oneself generation.
First receiving unit 112, the device identification returned for receiving the Cloud Server 20, passes through the device identification
Cryptographic Hash obtain key identification;
First transmission unit 111 is also used to close to 20 sending permission of Cloud Server by the key identification
Key request instruction, so that the Cloud Server 20 returns to authority keys according to the authority keys request instruction;
When first receiving unit 112 receives the device identification that the Cloud Server 20 returns, set described in calculating
The cryptographic Hash of standby mark will using the result of the 16 byte phase exclusive or of front and back of the cryptographic Hash of the device identification as key identification
The key identification is denoted as UDP_KEY_ID.When first receiving unit 112 obtains the key identification UDP_KEY_ID,
First transmission unit 111 is instructed by the UDP_KEY_ID to the 20 sending permission key request of Cloud Server, with
Authority keys are returned to according to the authority keys request instruction for the Cloud Server 20.Further, when the Cloud Server
The cryptographic Hash of the authority keys is sent to the household appliance 10 simultaneously by 20.
It should be noted that can also using the result of the 8 byte phase exclusive or of front and back of the cryptographic Hash of the device identification as
The key identification, can also be using the result of the other byte number phase exclusive or in the front and back of the cryptographic Hash of the device identification as described in
Key identification.
First receiving unit 112 is also used to receive the authority keys that the Cloud Server 20 returns.
First receiving unit 112 receives the authority keys that the Cloud Server 20 returns, and receives the cloud clothes
The cryptographic Hash for the authority keys that business device 20 is sent, it is close to be denoted as permission for the cryptographic Hash for the authority keys that the Cloud Server 20 is sent
First cryptographic Hash of key.It is described when first receiving unit 112 receives the authority keys that the Cloud Server 20 returns
First receiving unit 112 calculates the cryptographic Hash of the authority keys, the cryptographic Hash note for the authority keys being calculated
For the second cryptographic Hash of authority keys.First receiving unit 112 passes through the first cryptographic Hash of the authority keys and described
Second cryptographic Hash of authority keys verifies the integrality of the authority keys.If the first cryptographic Hash of the authority keys and described
Second cryptographic Hash of authority keys is identical, then shows that the authority keys are complete, and the household appliance 10 then passes through the permission
Key is communicated in local area network with the terminal 30;If the first cryptographic Hash of the authority keys and the authority keys
Second cryptographic Hash is different, then shows that the authority keys are imperfect, and described first obtains module 11 then again to the cloud service
Device 20 obtains the authority keys or terminates current operation.
The household appliance 10 from the Cloud Server 20 by obtaining authority keys, and the Hash for passing through authority keys
Value verifies the integrality of the authority keys.Improve the safety communicated between household appliance 10 and terminal 30.
The present invention further provides a kind of terminal 30.
It is the functional block diagram of 30 preferred embodiment of terminal of the present invention referring to Fig. 4, Fig. 4.
In the present embodiment, the terminal 30 includes:
Second obtains module 31, for obtaining first from the Cloud Server 20 after establishing connection with Cloud Server 20
Session key and rights token, and the rights token is sent to the household appliance 10, for 10 base of household appliance
The second session key is generated in the authority keys and rights token, and second session key is sent to the terminal
30;
When the terminal 30 will carry out data transmission with the Cloud Server 20, the terminal 30 and the Cloud Server
20 establish HTTPS (Hyper Text Transfer Protocol over Secure Socket Layer, network protocol) even
It connects.After the terminal 30, which establishes HTTPS with the server, to be connect, the terminal 30 detects in the APP whether have user
It logs in.When the user in the APP successfully logs in the APP, described second obtains module 31 from the Cloud Server 20
Obtain the first session key and rights token.When the second acquisition module 31 gets first session key and the power
It orders bridge queen within a certain time, the first acquired session key and rights token is sent to the household appliance 10, so that the household electrical appliances are set
Standby 10 generate the second session key based on the authority keys and rights token, and second session key are sent to described
Terminal 30.
The rights token is based on predetermined encryption algorithm by the Cloud Server 20, using the first session key generated
It is generated with authority keys;
The rights token is generated by the Cloud Server 20.The rights token is generated in the Cloud Server 20
In the process, the Cloud Server 20 can first get authority keys, and detect the APP and family by pre-stored mapping table
It whether there is binding relationship between electric equipment 10.The mapping table is that the household appliance 10 is reflected with APP in the terminal 30
Firing table stores MAC (Media Access Control, the media interviews control of the household appliance 10 in the mapping table
System) mapping relations of address, SN (serial number, sequence number) between code and the identification information of the APP, the APP's
Identification information is the information that can uniquely indicate the APP, such as the packet name of the APP.When the Cloud Server 20 is based on the mapping
Table detects that the Cloud Server 20 generates the first session there are when binding relationship between the APP and the household appliance 10
Key, and using the authority keys as key, first session key is encrypted using preset Encryption Algorithm, is obtained
Corresponding ciphertext.After the Cloud Server 20 obtains the ciphertext, the Cloud Server 20 uses SHA-256 (Secure
Hash Algorithm, Secure Hash Algorithm) calculate the cryptographic Hash of first session key.The Cloud Server 20 will be described
The cryptographic Hash and the ciphertext of encrypted first session key are spliced, and rights token is obtained.When the Cloud Server 20
After obtaining the rights token, the rights token and first session key are sent to the end by the Cloud Server 20
End 30, so that the terminal 30 gets the rights token and first session key.When the Cloud Server 20 is based on
The mapping table detects that the Cloud Server 20 is then there is no when binding relationship between the APP and the household appliance 10
Null message is sent to the terminal 30.
It should be noted that the first session key that the Cloud Server 20 generates each time is all different.The cloud clothes
Business device 20 also can choose described the when obtaining rights token using the cryptographic Hash and the ciphertext of first session key
Partial words joint number in the partial words joint number and the ciphertext of the cryptographic Hash of one session key carries out splicing or different or, obtaining
The rights token.
In the present embodiment, the preset Encryption Algorithm is AES (Advanced Encryption Standard, height
Grade encryption standard), specifically use AES-256 algorithm.But the preset Encryption Algorithm is not restricted to AES-256 algorithm,
Other existing Encryption Algorithm can also be used, details are not described herein.
Receiving module 32, the second session key sent for receiving the household appliance 10, passes through second session
Key and first session key are sent to the household appliance 10 after encrypting data to be transmitted.
When the receiving module 32 receives the second session key that the household appliance 10 is sent, the receiving module
32 use second session keys and first session key are sent to the household appliance after encrypting data to be transmitted
10.The data to be transmitted can be the control instruction or other data of the control unlatching of household appliance 10, closing etc..
Further, the receiving module 32 includes:
Second receiving unit, the second session key sent for receiving the household appliance 10, calculates second meeting
The exclusive or value for talking about key and first session key, using the exclusive or value as third session key;
Data transmission unit, for being sent to the household electrical appliances after encrypting data to be transmitted by the third session key
Equipment 10.
When second receiving unit receives the second session key that the household appliance 10 is sent, described second is connect
It receives unit and calculates the exclusive or value of second session key and first session key, by second session key and described
The exclusive or value of first session key is as third session key.The third session key is key by the data transmission unit
The data to be transmitted is encrypted, encrypted data to be transmitted is obtained.The data transmission unit will be after the encryption
Data to be transmitted be sent to the household appliance 10.
It should be noted that in the present embodiment, being not restricted to through first session key and second meeting
The third session key is calculated in the exclusive or value of words key.It can also be by first session key and second session
Key is spliced to obtain the third session key, can also use first session key and second session key
In partial words joint number carry out exclusive or, or splicing obtain the third session key.
It further, is the second a kind of functional module signal for obtaining module 31 in the embodiment of the present invention referring to Fig. 5, Fig. 5
Figure.
In the present embodiment, the second acquisition module 31 includes:
Second transmission unit 311, for after establishing connection with the Cloud Server 20, sending the second device identification request
It instructs to the Cloud Server 20, so that the Cloud Server 20 is according to the second device identification request instruction returning equipment mark
Know;
After the terminal 30, which establishes HTTPS with the Cloud Server 20, to be connect, second transmission unit 311 is sent
Second device identification request instruction gives the Cloud Server 20, so that the Cloud Server 20 is asked according to second device identification
Instruction returning equipment is asked to identify to third receiving unit 312.
Third receiving unit 312, the device identification returned for receiving the Cloud Server 20, passes through the device identification
Cryptographic Hash obtain key identification;
Second transmission unit 311 is also used to order within a certain time by the key identification to 20 transmission route of Cloud Server
Board request instruction, so that the Cloud Server 20 returns to the first session key and permission order according to the rights token request instruction
Board;
The third receiving unit 312 is also used to receive the first session key and permission that the Cloud Server 20 returns
Token, and the rights token is sent to the household appliance 10, so that the household appliance 10 is based on the authority keys
The second session key is generated with rights token, and second session key is sent to the terminal 30.
When the third receiving unit 312 receives the device identification that the Cloud Server 20 returns, set described in calculating
The cryptographic Hash of standby mark will using the result of the 16 byte phase exclusive or of front and back of the cryptographic Hash of the device identification as key identification
The key identification is denoted as UDP_KEY_ID.When the third receiving unit 312 obtains the key identification UDP_KEY_ID,
Second transmission unit 311 by the UDP_KEY_ID to the 20 sending permission token request instruction of Cloud Server, with
First session key and rights token are returned to the third according to the rights token request instruction for the Cloud Server 20
Receiving unit 312.When the Cloud Server 20 is during generating rights token, institute can be found by the key identification
State authority keys.Each device identification corresponds to a unique key identification, and each key identification corresponds to unique one
Authority keys.The third receiving unit 312 receives the first session key and rights token that the Cloud Server 20 returns, root
The household appliance 10 is accessed according to the rights token.
The household appliance 10 identifies whether the terminal 30 has and have access authority by the rights token, realize with
Secure interactive between the terminal 30.
The present invention further provides the communication means of a kind of household appliance and terminal.
It is the flow diagram of the communication means preferred embodiment of present inventor's electric equipment and terminal referring to Fig. 6, Fig. 6.
In the present embodiment, the communication means of the household appliance and terminal includes:
Step S10, after the household appliance and Cloud Server establish connection, the household appliance is from the Cloud Server
Obtain authority keys;
When household appliance will carry out data transmission with terminal, the household appliance is first and the Cloud Server establishes SST
(Smart Security Transport, smart machine safe transmission bearing protocol) secure connection.When the household appliance with
After the Cloud Server establishes SST connection, the household appliance obtains authority keys from the Cloud Server.The household electrical appliances are set
Standby including but not limited to refrigerator, electric cooker, micro-wave oven and TV.Further, when the household appliance is from the Cloud Server
After obtaining the authority keys, the household appliance calculates the cryptographic Hash of the authority keys, and by the Kazakhstan of the authority keys
Uncommon value and the authority keys are written into the SST, to be carried out in local area network by the authority keys and the terminal
Communication.
It should be noted that in the present embodiment, the terminal by default APP (Application, application program) with
The household appliance and the Cloud Server are communicated, the default APP refer in Internet of Things to the household appliance into
The application of row control.The authority keys are the 32 byte character strings that the Cloud Server generates.But it is also possible to according to specific
The byte number of the authority keys is set 16 bytes or 64 bytes etc. by situation.
Step S20, after the terminal establishes connection with the Cloud Server, the terminal is obtained from the Cloud Server
First session key and rights token, and the rights token is sent to the household appliance;
The rights token is based on predetermined encryption algorithm by the Cloud Server, using the first session key generated and
Authority keys generate;
When the terminal will carry out data transmission with the Cloud Server, the terminal and the Cloud Server are established
HTTPS (Hyper Text Transfer Protocol over Secure Socket Layer, network protocol) connection.When
The terminal and the server are established after HTTPS connect, and the terminal detects in the APP whether have user's login.Work as institute
When stating the user in APP and successfully logging in the APP, the terminal obtains the first session key and permission from the Cloud Server
Token.After the terminal gets first session key and the rights token, the terminal and the household appliance
Secure connection is established, the first acquired session key and rights token are sent to the household appliance.
It should be noted that the rights token was generated by the Cloud Server.Described in being generated in the Cloud Server
During rights token, the Cloud Server can first get authority keys, and detect institute by pre-stored mapping table
It states between APP and household appliance with the presence or absence of binding relationship.The mapping table is APP in the household appliance and the terminal
Mapping table stores MAC (Media Access Control, the media interviews control of the household appliance in the mapping table
System) mapping relations of address, SN (serial number, sequence number) between code and the identification information of the APP, the APP's
Identification information is the information that can uniquely indicate the APP, such as the packet name of the APP.When the Cloud Server is based on the mapping table
Detect that the Cloud Server generates the first session key there are when binding relationship between the APP and the household appliance, and
Using the authority keys as key, first session key is encrypted using preset Encryption Algorithm, is obtained corresponding
Ciphertext.After the Cloud Server obtains the ciphertext, the Cloud Server uses SHA-256 (Secure Hash
Algorithm, Secure Hash Algorithm) calculate the cryptographic Hash of first session key.The Cloud Server will be after the encryption
The first session key cryptographic Hash and the ciphertext spliced, obtain rights token.Described in being obtained when the Cloud Server
After rights token, the rights token and first session key are sent to the terminal by the Cloud Server, for institute
It states terminal and gets the rights token and first session key.It is detected when the Cloud Server is based on the mapping table
When binding relationship being not present between the APP and the household appliance, the Cloud Server then sends null message to the terminal.
It should be noted that the first session key that the Cloud Server generates each time is all different.The cloud service
Device also can choose first meeting when obtaining rights token using the cryptographic Hash and the ciphertext of first session key
It talks about the partial words joint number in the partial words joint number and the ciphertext of the cryptographic Hash of key and carries out splicing or different or, obtaining described
Rights token.
In the present embodiment, the preset Encryption Algorithm is AES (Advanced Encryption Standard, height
Grade encryption standard), specifically use AES-256 algorithm.But the preset Encryption Algorithm is not restricted to AES-256 algorithm,
Other existing Encryption Algorithm can also be used, details are not described herein.
Step S30, the household appliance receive the rights token that the terminal is sent, and are based on the authority keys and permission
Token generates the second session key, and second session key is sent to the terminal;
When the household appliance receives the rights token that the terminal is sent, the household appliance is based on the permission
The rights token that key and the terminal are sent generates the second session key, and second session key is sent to the end
End.
Further, the step S30 includes:
Step a, the household appliance receive the rights token that the terminal is sent, using described in authority keys decryption
Rights token obtains first session key;
Step b, the household appliance verify the integrality of first session key;
Step c, if first session key is complete, the household appliance generates the second session key, and will be described
Second session key is sent to the terminal.
When the household appliance receives the rights token that the terminal is sent, the household appliance uses the permission
Key decrypts the rights token, the cryptographic Hash of first session key and first session key is obtained, by decrypting
The cryptographic Hash of the first session key obtained is denoted as the first cryptographic Hash of the first session key, and it is resulting to recalculate the decryption
The cryptographic Hash of first session key is denoted as the second cryptographic Hash of the first session key.The household appliance uses first meeting
Second cryptographic Hash of the first cryptographic Hash and first session key of talking about key verifies the integrality of first session key.
If the first cryptographic Hash of first session key is identical with the second cryptographic Hash of first session key, the household appliance
Then assert that first session key is complete, the household appliance then generates the second session key, and second session is close
Key is sent to the terminal;If the second cryptographic Hash of the first cryptographic Hash of first session key and first session key
Difference, the household appliance then assert that first session key is imperfect, and it is close that the household appliance does not generate the second session then
Key.
Step S40, the terminal receives the second session key that the household appliance is sent, close using second session
Key and first session key are sent to the household appliance after encrypting data to be transmitted.
When the terminal receives the second session key that the household appliance is sent, the terminal uses described second
Session key and first session key are sent to the household appliance after encrypting data to be transmitted.The data to be transmitted
It can be the control instruction or other data of the control household appliance unlatching, closing etc..
Further, the step S40 includes:
Step d, the terminal receive the second session key that the household appliance is sent, and calculate second session key
With the exclusive or value of first session key, using the exclusive or value as third session key;
Step e, the terminal are sent to the household electrical appliances after being encrypted data to be transmitted using the third session key and set
It is standby.
When the terminal receives the second session key that the household appliance is sent, the terminal calculates described second
The exclusive or value of session key and first session key, by the exclusive or of second session key and first session key
Value is used as third session key.The third session key is that data to be transmitted described in key pair encrypts by the terminal,
Obtain encrypted data to be transmitted.The encrypted data to be transmitted is sent to the household appliance by the terminal, and
The household appliance is communicated.
It should be noted that in the present embodiment, being not restricted to through first session key and second meeting
The third session key is calculated in the exclusive or value of words key.It can also be by first session key and second session
Key is spliced to obtain the third session key, can also use first session key and second session key
In partial words joint number carry out exclusive or, or splicing obtain the third session key.
The present embodiment obtains the first session key and rights token by terminal from Cloud Server, and rights token is sent out
Household appliance is given, household appliance is close based on the authority keys obtained from Cloud Server and the rights token the second session of generation
Key, and the second session key is sent to terminal, terminal uses the second session key and the first session key of institute by number to be transmitted
According to being sent to household appliance after encryption.It realizes during carrying out information communication between household appliance and terminal, household appliance is logical
The application program in rights token identification terminal is crossed with the presence or absence of the permission of access household appliance, only when the application journey in terminal
When sequence has the permission of access household appliance, the data of the available household appliance of application program ability in terminal improve house
The safety of data interaction between electric equipment and terminal.
It further, is in the embodiment of the present invention when the household appliance and Cloud Server establish connection referring to Fig. 7, Fig. 7
Afterwards, the household appliance obtains a kind of flow diagram of authority keys from the Cloud Server.
In the present embodiment, the step S10 includes:
Step S11, after the household appliance establishes connection with Cloud Server, the household appliance sends the first equipment mark
Request instruction is known to the Cloud Server, so that the Cloud Server is according to the first device identification request instruction returning equipment
Mark;
After the household appliance, which establishes SST with the Cloud Server, to be connect, the household appliance sends the first equipment
Identification request is instructed to the Cloud Server.After the Cloud Server receives the first device identification request instruction, institute
Cloud Server is stated to be identified according to the first device identification request instruction returning equipment to the household appliance.The device identification
It is the household appliance when connecting network for the first time, the Cloud Server is to distribute to the household appliance, and each household electrical appliances are set
There is unique device identification.
It should be noted that the device identification is also possible to the household appliance oneself generation.
Step S12, the household appliance receive the device identification that the Cloud Server returns, pass through the device identification
Cryptographic Hash obtains key identification, and is instructed by the key identification to the Cloud Server sending permission key request, for
The Cloud Server returns to authority keys according to the authority keys request instruction;
When the household appliance receives the device identification that the Cloud Server returns, the Kazakhstan of the device identification is calculated
Uncommon value, using the result of the 16 byte phase exclusive or of front and back of the cryptographic Hash of the device identification as key identification, by the key mark
Memorize is UDP_KEY_ID.When the household appliance obtains the key identification UDP_KEY_ID, the household appliance passes through
The UDP_KEY_ID is instructed to the Cloud Server sending permission key request.When the Cloud Server receives the household electrical appliances
When the authority keys request instruction that equipment is sent, the Cloud Server returns to its generation according to the authority keys request instruction
Authority keys give the household appliance.Further, when the Cloud Server simultaneously sends the cryptographic Hash of the authority keys
To the household appliance.
It should be noted that can also using the result of the 8 byte phase exclusive or of front and back of the cryptographic Hash of the device identification as
The key identification, can also be using the result of the other byte number phase exclusive or in the front and back of the cryptographic Hash of the device identification as described in
Key identification.
Step S13, the household appliance receive the authority keys that the Cloud Server returns.
The household appliance receives the authority keys that the Cloud Server returns, and receives what the Cloud Server was sent
The cryptographic Hash for the authority keys that the Cloud Server is sent is denoted as the first Hash of authority keys by the cryptographic Hash of authority keys
Value.When the household appliance receives the authority keys that the Cloud Server returns, the household appliance calculates the permission
The cryptographic Hash of key, the cryptographic Hash for the authority keys being calculated are denoted as the second cryptographic Hash of authority keys.It is described
Household appliance is close by the first cryptographic Hash of the authority keys and the second cryptographic Hash verifying permission of the authority keys
The integrality of key.If the first cryptographic Hash of the authority keys is identical with the second cryptographic Hash of the authority keys, show institute
It is complete to state authority keys, the household appliance is then communicated in local area network with the terminal by the authority keys;If
First cryptographic Hash of the authority keys is different with the second cryptographic Hash of the authority keys, then shows that the authority keys are endless
Whole, the household appliance then obtains the authority keys to the Cloud Server again or terminates current operation.
The household appliance is tested by obtaining authority keys from the Cloud Server, and by the cryptographic Hash of authority keys
Demonstrate,prove the integrality of the authority keys.Improve the safety communicated between household appliance and terminal.
It further, is in the embodiment of the present invention when the terminal and the Cloud Server establish connection referring to Fig. 8, Fig. 8
Afterwards, the terminal obtains the first session key and rights token from the Cloud Server, and the rights token is sent to institute
State a kind of flow diagram of household appliance.
In the present embodiment, the step S20 includes:
Step S21, after the terminal establishes connection with the Cloud Server, the terminal sends the second device identification and asks
Ask instruction to the Cloud Server, so that the Cloud Server is according to the second device identification request instruction returning equipment mark
Know;
After the terminal, which establishes HTTPS with the Cloud Server, to be connect, the terminal sends the second device identification and asks
Ask instruction to the Cloud Server.After the Cloud Server receives the second device identification request instruction, the cloud clothes
Business device is identified according to the second device identification request instruction returning equipment to the terminal.The Cloud Server returns to described
The device identification of terminal and the household appliance is the same device identification.By household appliance described in the Cloud Server and institute
The mapping table of APP in terminal is stated, so the Cloud Server can be returned and be returned according to the second device identification request instruction
The terminal is given back to the identical device identification of the household appliance.
Step S22, the terminal receive the device identification that the Cloud Server returns, pass through the Hash of the device identification
Value obtains key identification, and by the key identification to the Cloud Server sending permission token request instruction, for described
Cloud Server returns to the first session key and rights token according to the rights token request instruction;
Step S23, the terminal receive the first session key and rights token that the Cloud Server returns, and will be described
Rights token is sent to the household appliance.
When the terminal receives the device identification that the Cloud Server returns, the Hash of the device identification is calculated
Value, using the result of the 16 byte phase exclusive or of front and back of the cryptographic Hash of the device identification as key identification.By the key identification
It is denoted as UDP_KEY_ID.When the terminal obtains the key identification UDP_KEY_ID, the terminal passes through the UDP_
KEY_ID is to the Cloud Server sending permission token request instruction.When the Cloud Server receives the power that the terminal is sent
When ordering board request instruction within a certain time, the Cloud Server returns to the rights token and the of its generation according to the authority keys request instruction
One session key.When the Cloud Server is during generating rights token, can be found by the key identification described
Authority keys.Each device identification corresponds to a unique key identification, and each key identification corresponds to unique power
Limit key.The terminal receives the first session key and rights token that the Cloud Server returns, according to the rights token
Access the household appliance.
The household appliance identifies whether the terminal has and have access authority by the rights token, realize with it is described
Secure interactive between terminal.
It should be noted that, in this document, the terms "include", "comprise" or its any other variant are intended to non-row
His property includes, so that the process, method, article or the device that include a series of elements not only include those elements, and
And further include other elements that are not explicitly listed, or further include for this process, method, article or device institute it is intrinsic
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including being somebody's turn to do
There is also other identical elements in the process, method of element, article or device.
The serial number of the above embodiments of the invention is only for description, does not represent the advantages or disadvantages of the embodiments.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side
Method can be realized by means of software and necessary general hardware platform, naturally it is also possible to by hardware, but in many cases
The former is more preferably embodiment.Based on this understanding, technical solution of the present invention substantially in other words does the prior art
The part contributed out can be embodied in the form of software products, which is stored in a storage medium
In (such as ROM/RAM, magnetic disk, CD), including some instructions are used so that a terminal device (can be mobile phone, computer, clothes
Business device, air conditioner or the network equipment etc.) execute method described in each embodiment of the present invention.
The above is only a preferred embodiment of the present invention, is not intended to limit the scope of the invention, all to utilize this hair
Equivalent structure or equivalent flow shift made by bright specification and accompanying drawing content is applied directly or indirectly in other relevant skills
Art field, is included within the scope of the present invention.
Claims (13)
1. the communication system of a kind of household appliance and terminal, which is characterized in that the communication system packet of the household appliance and terminal
Include household appliance and terminal:
The household appliance, for obtaining authority keys from the Cloud Server after establishing connection with Cloud Server;
The terminal, for after establishing connection with the Cloud Server, from the Cloud Server obtain the first session key and
Rights token, and the rights token is sent to the household appliance;
The rights token is based on predetermined encryption algorithm by the Cloud Server, using the first session key generated and permission
Key generates;
The household appliance, is also used to receive the rights token that the terminal is sent, and decrypts the power using the authority keys
It orders board within a certain time, obtains first session key;Verify the integrality of first session key;If first session key is complete
It is whole, then the second session key is generated, and second session key is sent to the terminal;
The terminal is also used to receive the second session key that the household appliance is sent, using second session key and
First session key is sent to the household appliance after encrypting data to be transmitted.
2. the communication system of household appliance as described in claim 1 and terminal, which is characterized in that the terminal is also used to connect
The second session key that the household appliance is sent is received, the exclusive or of second session key and first session key is calculated
Value, using the exclusive or value as third session key;It is sent to after being encrypted data to be transmitted using the third session key
The household appliance.
3. such as the communication system of claims 1 or 2 described in any item household appliances and terminal, which is characterized in that the household electrical appliances
Equipment is also used to after establishing connection with Cloud Server, sends the first device identification request instruction to the Cloud Server, for
The Cloud Server is identified according to the first device identification request instruction returning equipment;Receive setting for the Cloud Server return
Standby mark obtains key identification by the cryptographic Hash of the device identification, and passes through the key identification to the Cloud Server
Sending permission key request instruction, so that the Cloud Server returns to authority keys according to the authority keys request instruction;It connects
Receive the authority keys that the Cloud Server returns.
4. such as the communication system of claims 1 or 2 described in any item household appliances and terminal, which is characterized in that the terminal,
It is also used to after establishing connection with the Cloud Server, sends the second device identification request instruction to the Cloud Server, for
The Cloud Server is identified according to the second device identification request instruction returning equipment;Receive setting for the Cloud Server return
Standby mark obtains key identification by the cryptographic Hash of the device identification, and passes through the key identification to the Cloud Server
Sending permission token request instruction, so that the Cloud Server returns to the first session key according to the rights token request instruction
And rights token;The first session key and rights token that the Cloud Server returns are received, and the rights token is sent
To the household appliance.
5. a kind of household appliance, which is characterized in that the household appliance includes:
First obtains module, for obtaining authority keys from the Cloud Server after establishing connection with Cloud Server;
Key production module generates the based on the authority keys and rights token for receiving the rights token of terminal transmission
Two session keys;
Second session key is sent to the terminal by key sending module, is set so that the terminal receives the household electrical appliances
The second session key that preparation is sent, will using second session key and the first session key obtained from the Cloud Server
The household appliance is sent to after data to be transmitted encryption;
The rights token is based on predetermined encryption algorithm by the Cloud Server, using the first session key generated and permission
Key generates;
The key production module includes:
Decryption unit, the rights token sent for receiving the terminal decrypt the rights token using the authority keys,
Obtain first session key;
Authentication unit, for verifying the integrality of first session key;
Key generating unit generates the second session key if complete for first session key.
6. household appliance as claimed in claim 5, which is characterized in that described first, which obtains module, includes:
First transmission unit, for after establishing connection with Cloud Server, sending the first device identification request instruction to the cloud
Server, so that the Cloud Server is identified according to the first device identification request instruction returning equipment;
First receiving unit, the device identification returned for receiving the Cloud Server, passes through the cryptographic Hash of the device identification
Obtain key identification;
First transmission unit is also used to refer to by the key identification to the Cloud Server sending permission key request
It enables, so that the Cloud Server returns to authority keys according to the authority keys request instruction;
First receiving unit is also used to receive the authority keys that the Cloud Server returns.
7. a kind of terminal, which is characterized in that the terminal includes:
Second obtains module, for when establish connection with Cloud Server after, from the Cloud Server obtain the first session key with
Rights token, and the rights token is sent to household appliance, it is obtained so that the household appliance is used from the Cloud Server
The authority keys taken decrypt the rights token, obtain first session key;Verify the complete of first session key
Property;If first session key is complete, the second session key is generated, and second session key is sent to the end
End;
The rights token is based on predetermined encryption algorithm by the Cloud Server, using the first session key generated and permission
Key generates;
Receiving module, the second session key sent for receiving the household appliance, passes through second session key and institute
It states after the first session key encrypts data to be transmitted and is sent to the household appliance.
8. terminal as claimed in claim 7, which is characterized in that the receiving module includes:
Second receiving unit, the second session key sent for receiving the household appliance, calculates second session key
With the exclusive or value of first session key, using the exclusive or value as third session key;
Data transmission unit is set for being sent to the household electrical appliances after encrypting data to be transmitted by the third session key
It is standby.
9. terminal as claimed in claim 7 or 8, which is characterized in that described second, which obtains module, includes:
Second transmission unit, for after establishing connection with the Cloud Server, sending the second device identification request instruction to institute
Cloud Server is stated, so that the Cloud Server is identified according to the second device identification request instruction returning equipment;
Third receiving unit, the device identification returned for receiving the Cloud Server, passes through the cryptographic Hash of the device identification
Obtain key identification;
Second transmission unit is also used to refer to by the key identification to Cloud Server sending permission token request
It enables, so that the Cloud Server returns to the first session key and rights token according to the rights token request instruction;
The third receiving unit is also used to receive the first session key and rights token that the Cloud Server returns, and will
The rights token is sent to the household appliance, so that the household appliance is based on the authority keys and rights token generation
Second session key, and second session key is sent to the terminal.
10. the means of communication of a kind of household appliance and terminal, which is characterized in that the means of communication packet of the household appliance and terminal
It includes:
After the household appliance and Cloud Server establish connection, the household appliance is close from Cloud Server acquisition permission
Key;
After the terminal and the Cloud Server establish connection, the terminal obtains the first session key from the Cloud Server
And rights token, and the rights token is sent to the household appliance;
The rights token is based on predetermined encryption algorithm by the Cloud Server, using the first session key generated and permission
Key generates;
The household appliance receives the rights token that the terminal is sent, and decrypts the rights token using the authority keys,
Obtain first session key;
The household appliance verifies the integrality of first session key;
If first session key is complete, the household appliance generates the second session key, and second session is close
Key is sent to the terminal;
The terminal receives the second session key that the household appliance is sent, using second session key and described first
Session key is sent to the household appliance after encrypting data to be transmitted.
11. the means of communication of household appliance as claimed in claim 10 and terminal, which is characterized in that described in the terminal receives
The second session key that household appliance is sent, using second session key and first session key by data to be transmitted
The step of household appliance is sent to after encryption include:
The terminal receives the second session key that the household appliance is sent, and calculates second session key and described first
The exclusive or value of session key, using the exclusive or value as third session key;
The terminal is sent to the household appliance after encrypting data to be transmitted using the third session key.
12. such as the means of communication of claim 10 or 11 described in any item household appliances and terminal, which is characterized in that described to work as
After the household appliance and Cloud Server establish connection, the step of household appliance obtains authority keys from the Cloud Server
Include:
After the household appliance and Cloud Server establish connection, the household appliance send the first device identification request instruction to
The Cloud Server, so that the Cloud Server is identified according to the first device identification request instruction returning equipment;
The household appliance receives the device identification that the Cloud Server returns, and is obtained by the cryptographic Hash of the device identification close
Key mark, and instructed by the key identification to the Cloud Server sending permission key request, for the Cloud Server
Authority keys are returned according to the authority keys request instruction;
The household appliance receives the authority keys that the Cloud Server returns.
13. such as the means of communication of claim 10 or 11 described in any item household appliances and terminal, which is characterized in that described to work as
After the terminal and the Cloud Server establish connection, the terminal obtains the first session key and permission from the Cloud Server
Token, and the step of rights token is sent to the household appliance includes:
After the terminal and the Cloud Server establish connection, the terminal sends the second device identification request instruction to described
Cloud Server, so that the Cloud Server is identified according to the second device identification request instruction returning equipment;
The terminal receives the device identification that the Cloud Server returns, and obtains key mark by the cryptographic Hash of the device identification
Know, and by the key identification to the Cloud Server sending permission token request instruction, for the Cloud Server according to
The rights token request instruction returns to the first session key and rights token;
The terminal receives the first session key and rights token that the Cloud Server returns, and the rights token is sent
To the household appliance.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610405105.4A CN106130958B (en) | 2016-06-08 | 2016-06-08 | The communication system and method for household appliance and terminal, household appliance, terminal |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610405105.4A CN106130958B (en) | 2016-06-08 | 2016-06-08 | The communication system and method for household appliance and terminal, household appliance, terminal |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106130958A CN106130958A (en) | 2016-11-16 |
CN106130958B true CN106130958B (en) | 2019-02-01 |
Family
ID=57270341
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610405105.4A Active CN106130958B (en) | 2016-06-08 | 2016-06-08 | The communication system and method for household appliance and terminal, household appliance, terminal |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106130958B (en) |
Families Citing this family (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106534176B (en) * | 2016-12-08 | 2019-06-14 | 西安交大捷普网络科技有限公司 | Secure storage method of data under a kind of cloud environment |
CN106685775A (en) * | 2017-01-13 | 2017-05-17 | 北京同余科技有限公司 | Self-inspection type invasion prevention method and system for intelligent household electrical appliance |
CN106888206B (en) * | 2017-02-13 | 2020-06-09 | 海信集团有限公司 | Key exchange method, device and system |
EP3386202A1 (en) * | 2017-04-04 | 2018-10-10 | Nagravision SA | Security of surveillance media |
CN107592637A (en) * | 2017-09-22 | 2018-01-16 | 长沙准光里电子科技有限公司 | A kind of radio communication encryption system |
CN108848503B (en) * | 2018-06-14 | 2019-03-26 | 王佳骏 | A kind of smart home dynamic encryption means of communication and system transmitted using merogenesis |
CN109688567A (en) * | 2018-12-10 | 2019-04-26 | 维沃移动通信有限公司 | A kind of data transmission method and mobile terminal |
CN109861817A (en) * | 2019-02-26 | 2019-06-07 | 数安时代科技股份有限公司 | Generate method, apparatus, system, equipment and the medium of key |
CN110677248B (en) * | 2019-10-30 | 2022-09-30 | 宁波奥克斯电气股份有限公司 | Safe binding method and system based on narrowband Internet of things |
CN112039738B (en) * | 2020-08-31 | 2022-04-08 | 深圳创维-Rgb电子有限公司 | Intelligent device control method, terminal device and readable storage medium |
WO2023015462A1 (en) * | 2021-08-10 | 2023-02-16 | Oppo广东移动通信有限公司 | Method and apparatus for connection establishment, device and storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101820344A (en) * | 2010-03-23 | 2010-09-01 | 中国电信股份有限公司 | AAA server, home network access method and system |
CN102594823A (en) * | 2012-02-20 | 2012-07-18 | 南京邮电大学 | Trusted system for remote secure access of intelligent home |
CN105141584A (en) * | 2015-07-29 | 2015-12-09 | 宇龙计算机通信科技(深圳)有限公司 | Smart home system equipment authentication methods, and devices |
CN105227516A (en) * | 2014-05-28 | 2016-01-06 | 中兴通讯股份有限公司 | The access method of Smart Home, control centre's equipment and dress terminal |
CN105577680A (en) * | 2016-01-18 | 2016-05-11 | 青岛海尔智能家电科技有限公司 | Key generation method, encrypted data analyzing method, devices and key managing center |
-
2016
- 2016-06-08 CN CN201610405105.4A patent/CN106130958B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101820344A (en) * | 2010-03-23 | 2010-09-01 | 中国电信股份有限公司 | AAA server, home network access method and system |
CN102594823A (en) * | 2012-02-20 | 2012-07-18 | 南京邮电大学 | Trusted system for remote secure access of intelligent home |
CN105227516A (en) * | 2014-05-28 | 2016-01-06 | 中兴通讯股份有限公司 | The access method of Smart Home, control centre's equipment and dress terminal |
CN105141584A (en) * | 2015-07-29 | 2015-12-09 | 宇龙计算机通信科技(深圳)有限公司 | Smart home system equipment authentication methods, and devices |
CN105577680A (en) * | 2016-01-18 | 2016-05-11 | 青岛海尔智能家电科技有限公司 | Key generation method, encrypted data analyzing method, devices and key managing center |
Also Published As
Publication number | Publication date |
---|---|
CN106130958A (en) | 2016-11-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106130958B (en) | The communication system and method for household appliance and terminal, household appliance, terminal | |
CN105959189B (en) | Household appliance and its with the communication system and method for Cloud Server and terminal, terminal | |
CN106059869B (en) | A kind of internet of things intelligent household equipment safety control method and system | |
US10841759B2 (en) | Securely providing a password using an internet of things (IoT) system | |
US10248407B2 (en) | Integrated development tool with preview functionality for an internet of things (IoT) system | |
US10743171B2 (en) | Apparatus and method for registering and associating internet of things (IoT) devices with anonymous IoT device accounts | |
CN107683601B (en) | Relay services for the communication between controller and attachment | |
CN105472192B (en) | The smart machine, terminal device and method realizing control security certificate and sharing | |
US10223101B2 (en) | Integrated development tool with preview functionality for an internet of things (IoT) system | |
US10524119B2 (en) | Apparatus and method for sharing credentials in an internet of things (IoT) system | |
CN105471974B (en) | Realize smart machine, terminal device and the method remotely controlled | |
CN104427501B (en) | Method for network access, device and system | |
US20170171180A1 (en) | System and method for sharing internet of things (iot) devices | |
CN110177354A (en) | A kind of wireless control method and system of vehicle | |
CN106603485A (en) | Secret key negotiation method and device | |
US11736304B2 (en) | Secure authentication of remote equipment | |
CN105580310A (en) | Security management method and security management device in home network system | |
CN106603508A (en) | Wireless encryption communication method, intelligent household electrical appliance, server, and terminal | |
CN110235424A (en) | For providing the device and method with managing security information in a communications system | |
CN105871918A (en) | Household appliance, communication system and method between household appliance and cloud server as well as cloud server | |
CN103561044A (en) | Data transmission method and data transmission system | |
CN103026657A (en) | Method and apparatus for providing a key certificate in a tamperproof manner | |
CN105897784B (en) | Internet-of-things terminal equipment encryption communication method and device | |
CN106101097A (en) | Home appliance and with the communication system of Cloud Server and method, Cloud Server | |
CN105933322B (en) | Plug-in services acquisition methods, plug-in services providing method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |