CN107104952B - Intelligent household user authentication method, user terminal and central control equipment - Google Patents

Intelligent household user authentication method, user terminal and central control equipment Download PDF

Info

Publication number
CN107104952B
CN107104952B CN201710213178.8A CN201710213178A CN107104952B CN 107104952 B CN107104952 B CN 107104952B CN 201710213178 A CN201710213178 A CN 201710213178A CN 107104952 B CN107104952 B CN 107104952B
Authority
CN
China
Prior art keywords
authentication
public key
user terminal
determining
private key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710213178.8A
Other languages
Chinese (zh)
Other versions
CN107104952A (en
Inventor
郭辰
徐宇杰
颜铁芳
潘露杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Original Assignee
Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yulong Computer Telecommunication Scientific Shenzhen Co Ltd filed Critical Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Priority to CN201710213178.8A priority Critical patent/CN107104952B/en
Publication of CN107104952A publication Critical patent/CN107104952A/en
Application granted granted Critical
Publication of CN107104952B publication Critical patent/CN107104952B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0846Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2803Home automation networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Lock And Its Accessories (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The application discloses an intelligent home user authentication method, a user terminal and a central control device, wherein the method comprises the following steps: initiating an authentication request to an intelligent home system; determining a forward authentication public key corresponding to the current moment to obtain a first public key; sending a first public key to the intelligent home system; when the smart home system receives the first public key, the smart home system executes the following steps: determining a forward authentication private key corresponding to the current moment to obtain a first private key, judging whether the first public key is matched with the first private key, if so, passing the authentication of the user terminal, and if not, forbidding passing the authentication of the user terminal; and, different forward authentication public keys correspond to different time information, and different forward authentication private keys correspond to different time information. The method and the system can greatly improve the safety of the intelligent home user authentication process, and fully maintain the personal and property safety of the user.

Description

Intelligent household user authentication method, user terminal and central control equipment
Technical Field
The invention relates to the technical field of intelligent home, in particular to an intelligent home user authentication method, a user terminal and a central control device.
Background
At present, along with internet of things's rapid development, intelligent home technology has obtained brisk development, and more household equipment have added intelligent home systems, and the user passes through the user terminal in the hand alright carry out remote control to the intelligent home equipment in house, has promoted home systems's intelligent level by a wide margin.
Before a user attempts to remotely control the intelligent home equipment through the user terminal, the intelligent home system is required to perform authentication operation on the user terminal, and only after the authentication is passed, the user terminal can be allowed to remotely control the intelligent home equipment.
When the current smart home system authenticates the user terminal, the authentication is performed on the user terminal based on a preset fixed security characteristic value (such as a password, etc.), and when the smart home system judges that the security characteristic value transmitted by the user terminal is consistent with a preset legal characteristic value, the smart home system can pass the authentication on the user terminal and then allow the user terminal to control the smart home device.
However, since the security feature value required in the authentication process is a preset fixed value, the security feature value is easily revealed under the condition that a lawbreaker maliciously invades, so that the lawbreaker can achieve the purpose of maliciously controlling the smart home device by using the obtained security feature value, and great personal and property losses are easily caused to users.
In summary, it can be seen that how to improve the security of the smart home user authentication process is a problem to be solved urgently at present.
Disclosure of Invention
In view of this, the present invention provides an intelligent home user authentication method, a user terminal and a central control device, which improve the security of the intelligent home user authentication process. The specific scheme is as follows:
an intelligent home user authentication method is suitable for a user terminal and comprises the following steps:
initiating an authentication request to an intelligent home system;
determining a forward authentication public key corresponding to the current moment to obtain a first public key;
sending the first public key to the intelligent home system;
when the smart home system receives the first public key, the smart home system executes the following steps: determining a forward authentication private key corresponding to the current moment to obtain a first private key, and judging whether the first public key is matched with the first private key, if so, passing the authentication of the user terminal, and if not, forbidding passing the authentication of the user terminal; and, different forward authentication public keys correspond to different time information, and different forward authentication private keys correspond to different time information.
Optionally, the smart home user authentication method further includes:
acquiring a second public key sent by the intelligent home system; the second public key is a reverse authentication public key corresponding to the current moment and determined by the intelligent home system after the intelligent home system passes the authentication of the user terminal;
determining a reverse authentication private key corresponding to the current moment to obtain a second private key, judging whether the second public key is matched with the second private key, if so, passing the authentication of the intelligent home system, and if not, forbidding passing the authentication of the intelligent home system;
wherein, different reverse authentication public keys correspond to different time information, and different reverse authentication private keys correspond to different time information.
Optionally, the determining the forward authentication public key corresponding to the current time to obtain the first public key includes:
determining a time segment of the current time, and then determining a forward authentication public key corresponding to the time segment by using a first mapping file pre-stored on the user terminal to obtain the first public key;
the process of determining the reverse authentication private key corresponding to the current moment and obtaining the second private key comprises the following steps:
determining a time segment of the current time, and then determining a reverse authentication private key corresponding to the time segment by using the first mapping file to obtain a second private key;
the first mapping file is a mapping file for recording and storing each time segment and the forward authentication public key and the reverse authentication private key which are respectively in one-to-one correspondence with each time segment.
The invention also discloses another intelligent household user authentication method, which is suitable for an intelligent household system and comprises the following steps:
receiving a first public key sent by a user terminal; the first public key is a forward authentication public key which is determined by the user terminal after initiating an authentication request and corresponds to the current moment;
determining a forward authentication private key corresponding to the current moment to obtain a first private key;
judging whether the first public key is matched with the first private key, if so, passing the authentication of the user terminal, and if not, forbidding passing the authentication of the user terminal;
wherein, different positive authentication public keys correspond to different time information, and different positive authentication private keys correspond to different time information.
Optionally, after the process of passing the authentication of the user terminal, the method further includes:
determining a reverse authentication public key corresponding to the current moment to obtain a second public key, and sending the second public key to the user terminal; when the user terminal receives the second public key, the user terminal executes the following steps: determining a reverse authentication private key corresponding to the current moment to obtain a second private key, judging whether the second public key is matched with the second private key, if so, passing the authentication of the intelligent home system, and if not, forbidding passing the authentication of the intelligent home system;
wherein, different reverse authentication public keys correspond to different time information, and different reverse authentication private keys correspond to different time information.
Optionally, the determining a forward authentication private key corresponding to the current time to obtain the first private key includes:
determining a time segment of the current time, and then determining a forward authentication private key corresponding to the time segment by using a second mapping file prestored on the intelligent home system to obtain a first private key;
the process of determining the reverse authentication public key corresponding to the current moment to obtain the second public key comprises the following steps:
determining a time segment of the current moment, and then determining a reverse authentication public key corresponding to the time segment by using the second mapping file to obtain a second public key;
the second mapping file is a mapping file for recording and storing each time segment and the forward authentication private key and the reverse authentication public key which are respectively in one-to-one correspondence with each time segment.
Optionally, the smart home user authentication method further includes:
and when the intelligent home system passes the authentication of the user terminal, allowing the user terminal to control the intelligent home equipment in the intelligent home system.
Optionally, the smart home user authentication method further includes:
and when the intelligent home system passes the authentication of the user terminal and the user terminal passes the authentication of the intelligent home system, allowing the user terminal to control the intelligent home equipment in the intelligent home system.
The invention correspondingly discloses a user terminal, which comprises:
a request initiating module for initiating an authentication request;
the public key determining module is used for determining a forward authentication public key corresponding to the current moment to obtain a first public key when the request initiating module initiates an authentication request;
the public key sending module is used for sending the first public key to the intelligent home system; when the smart home system receives the first public key, the smart home system executes the following steps: determining a forward authentication private key corresponding to the current moment to obtain a first private key, and judging whether the first public key is matched with the first private key, if so, passing the authentication of the user terminal, and if not, forbidding passing the authentication of the user terminal;
wherein, different positive authentication public keys correspond to different time information, and different positive authentication private keys correspond to different time information.
Optionally, the user terminal further includes:
the public key receiving module is used for receiving a second public key sent by the intelligent home system; the second public key is a reverse authentication public key corresponding to the current moment and determined by the intelligent home system after the intelligent home system authenticates the user terminal;
the private key determining module is used for determining a reverse authentication private key corresponding to the current moment to obtain a second private key when the public key receiving module receives the second public key;
the authentication control module is used for judging whether the second public key is matched with the second private key or not, if so, the authentication on the intelligent home system is passed, and if not, the authentication on the intelligent home system is forbidden;
wherein, different reverse authentication public keys correspond to different time information, and different reverse authentication private keys correspond to different time information.
The invention also correspondingly discloses an intelligent household central control device, which comprises:
the public key receiving module is used for receiving a first public key sent by a user terminal; the first public key is a forward authentication public key which is determined by the user terminal after initiating an authentication request and corresponds to the current moment;
the private key determining module is used for determining a forward authentication private key corresponding to the current moment to obtain a first private key when the public key receiving module receives the first public key;
the authentication control module is used for judging whether the first public key is matched with the first private key or not, if so, the authentication on the user terminal is passed, and if not, the authentication on the user terminal is forbidden;
wherein, different positive authentication public keys correspond to different time information, and different positive authentication private keys correspond to different time information.
Optionally, the smart home central control device further includes:
the public key determining module is used for determining a reverse authentication public key corresponding to the current moment after the authentication control module authenticates the user terminal to obtain a second public key;
a public key sending module, configured to send the second public key to the user terminal; when the user terminal receives the second public key, the user terminal executes the following steps: determining a reverse authentication private key corresponding to the current moment to obtain a second private key, judging whether the second public key is matched with the second private key, if so, passing the authentication of the intelligent home system, and if not, forbidding passing the authentication of the intelligent home system;
wherein, different reverse authentication public keys correspond to different time information, and different reverse authentication private keys correspond to different time information.
The invention discloses an intelligent home user authentication method, which is suitable for a user terminal and comprises the following steps: initiating an authentication request to an intelligent home system; determining a forward authentication public key corresponding to the current moment to obtain a first public key; sending a first public key to the intelligent home system; when the smart home system receives the first public key, the smart home system executes the following steps: determining a forward authentication private key corresponding to the current moment to obtain a first private key, judging whether the first public key is matched with the first private key, if so, passing the authentication of the user terminal, and if not, forbidding passing the authentication of the user terminal; and, different forward authentication public keys correspond to different time information, and different forward authentication private keys correspond to different time information.
Therefore, different forward authentication public keys and forward authentication private keys in the invention correspond to different time information, that is, the forward authentication public key and the forward authentication private key in the invention are not fixed and can dynamically change along with the lapse of time, compared with the technical scheme of carrying out authentication based on a fixed safety characteristic value in the prior art, the invention obviously can greatly improve the safety of the authentication process of the smart home user, and fully maintain the personal and property safety of the user.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a timing diagram of an intelligent home user authentication method disclosed in an embodiment of the present invention;
fig. 2 is a timing diagram of a specific smart home user authentication method disclosed in an embodiment of the present invention;
fig. 3 is a schematic diagram of a user terminal application disclosed in an embodiment of the present invention;
FIG. 4 is a schematic diagram of another application of a user equipment according to an embodiment of the present invention;
fig. 5 is a schematic diagram of a hardware structure of a user terminal according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The embodiment of the invention discloses an intelligent home user authentication method, which is suitable for a user terminal, and FIG. 1 is a sequence diagram corresponding to the method in the embodiment, wherein the method comprises the following steps S11 to S13:
step S11: and initiating an authentication request to the intelligent home system.
Step S12: and determining a forward authentication public key corresponding to the current moment to obtain a first public key.
Wherein different forward authentication public keys correspond to different time of day information. Specifically, the corresponding forward authentication public keys at different times are different; or, the forward authentication public keys corresponding to different time segments are different, in this case, if the forward authentication public key corresponding to the current time is to be determined, the time segment at the current time needs to be determined first, and then the corresponding forward authentication public key is determined according to the time segment. It is understood that the time lengths corresponding to the different time slices may be the same, and may also be different.
It should be noted that the forward authentication public key in the present invention refers to a public key required by the smart home system in the process of authenticating the user terminal.
In the embodiment of the invention, the intelligent home devices of the intelligent home system include, but are not limited to, an intelligent television, an intelligent refrigerator, an intelligent washing machine, an intelligent lamp, an intelligent air conditioner and the like.
It can be understood that, before the user terminal initiates the authentication request, validity verification needs to be performed on all devices in the smart home system, and specifically, validity verification may be performed on all devices in the smart home system by using a Control key (CK-Control keys) and a HASH Hardware Control key (HCK-HASH/Hardware CK).
Step S13: and sending the first public key to the intelligent home system.
When the smart home system receives the first public key, the smart home system executes the following steps: and determining a forward authentication private key corresponding to the current moment to obtain a first private key, judging whether the first public key is matched with the first private key, if so, passing the authentication of the user terminal, and if not, forbidding passing the authentication of the user terminal.
Wherein different forward authentication private keys correspond to different time of day information. Specifically, the corresponding forward authentication private keys at different times are different; or the forward authentication private keys corresponding to different time slices are different.
It should be noted that the forward authentication private key in the present invention refers to a private key required by the smart home system in the process of authenticating the user terminal.
In this embodiment, the process of the smart home system determining whether the first public key and the first private key are matched may include: and judging whether the first public key is matched with the first private key or not by using pairing information between the legal forward authentication public key and the legal forward authentication private key which is obtained in real time or obtained in advance. In this embodiment, different legitimate forward authentication public keys are matched with different legitimate forward authentication private keys. And when the pairing information between the first public key and the first private key is legal pairing information, judging that the first public key is matched with the first private key, otherwise, judging that the first public key is not matched with the first private key.
Further, the smart home user authentication method in the embodiment of the present invention may further include: and when the intelligent home system passes the authentication of the user terminal, allowing the user terminal to control the intelligent home equipment in the intelligent home system.
It can be seen that, in the embodiment of the present invention, different forward authentication public keys and forward authentication private keys correspond to different time information, that is, the forward authentication public key and the forward authentication private key in the embodiment of the present invention are not fixed, but can dynamically change with the passage of time, and compared with the technical scheme of performing authentication based on a fixed security characteristic value in the prior art, the embodiment of the present invention obviously can greatly improve the security of the authentication process of the smart home user, and fully maintain the personal and property security of the user.
The embodiment of the invention discloses a specific intelligent home user authentication method, which is suitable for a user terminal, and FIG. 2 is a sequence diagram corresponding to the method, and the method specifically comprises the following steps S21 to S28:
step S21: and initiating an authentication request to the intelligent home system.
Step S22: and determining a forward authentication public key corresponding to the current moment to obtain a first public key.
Wherein different forward authentication public keys correspond to different time of day information.
Specifically, the process of determining the forward authentication public key corresponding to the current time to obtain the first public key includes: and determining a time segment of the current time, and then determining a forward authentication public key corresponding to the time segment by using a first mapping file prestored on the user terminal to obtain a first public key.
In this embodiment, the first mapping file is a mapping file that records and stores each time segment and the forward authentication public key and the reverse authentication private key that correspond to each time segment one-to-one. It should be noted that, the forward authentication public key in the present invention refers to a public key required by the smart home system in the process of authenticating the user terminal, and the reverse authentication private key refers to a private key required by the user terminal in the process of authenticating the smart home system.
That is, the first mapping file may record N time segments that are sequentially continuous in time, N forward authentication public keys that are respectively one-to-one corresponding to the N time segments, and N reverse authentication private keys that are respectively one-to-one corresponding to the N time segments. It is to be understood that the time lengths of different time segments in the N time segments may be the same, and certainly, in order to further improve the safety, the time lengths of different time segments in the N time segments may also be different, that is, the time lengths of different time segments in the N time segments may have differences, and the differences may be designed as irregular differences in advance.
In this embodiment, it is assumed that the user terminal issues the authentication request at time a, the user terminal determines the time segment at time a, and further determines the forward authentication public key corresponding to the time segment by using the first mapping file. After that, if the user terminal initiates an authentication request again at time B, the user will determine the time segment of time B, and it can be understood that, if the time segment of time a and the time segment of time B are the same time segment, the forward authentication public key corresponding to time B is the same as the forward authentication public key corresponding to time a, and if the time segment of time a and the time segment of time B are not the same time segment, the forward authentication public key corresponding to time B is different from the forward authentication public key corresponding to time a.
In this embodiment, the user terminal may obtain the first mapping file in advance through a pre-designated network server, and the first mapping file sent by the network server to the user terminal may be from a pre-designated security server. It will be appreciated that the security of the security server is higher than the security of the network server. Secondly, each of the forward authentication public key and the reverse authentication private key stored in the Security server may be generated by using an HSM (Hardware Security Module).
It can be understood that, in this embodiment, before the user terminal initiates the authentication request, the user terminal needs to obtain the first mapping file from the network server in advance.
Step S23: and sending the first public key to the intelligent home system.
When the smart home system receives the first public key, the smart home system executes the following steps: and determining a forward authentication private key corresponding to the current moment to obtain a first private key, judging whether the first public key is matched with the first private key, if so, passing the authentication of the user terminal, and if not, forbidding passing the authentication of the user terminal.
Wherein different forward authentication private keys correspond to different time of day information.
Specifically, the process of determining the forward authentication private key corresponding to the current time to obtain the first private key includes: and determining a time segment of the current time, and then determining a forward authentication private key corresponding to the time segment by using a second mapping file prestored on the intelligent home system to obtain a first private key.
In this embodiment, the second mapping file is a mapping file that records and stores each time segment and the forward authentication private key and the reverse authentication public key that are respectively in one-to-one correspondence with each time segment.
In order to improve the security, the smart home system preferentially obtains the second mapping file from the security server. In addition, each of the forward authentication private key and the reverse authentication public key stored in the security server may be generated by using the HSM.
It can be understood that, in this embodiment, before the user terminal initiates the authentication request, the smart home system needs to obtain the second mapping file from the security server in advance.
In addition, in this embodiment, the time slice information in the first mapping file is the same as the time slice information in the second mapping file. Further, after the time slice information in the first mapping file and the second mapping file is changed, for the sake of security, validity verification may be performed on all devices in the smart home system again, and specifically, validity verification may be performed on all devices in the smart home system by using the control key and the hash hardware control key.
It should be noted that, the forward authentication private key in the present invention refers to a private key required by the smart home system in the process of authenticating the user terminal, and the reverse authentication public key refers to a public key required by the user terminal in the process of authenticating the smart home system.
Step S24: acquiring a second public key sent by the intelligent home system; the second public key is a reverse authentication public key corresponding to the current moment and determined by the intelligent home system after authentication of the user terminal.
Wherein different reverse authentication public keys correspond to different time information.
In this embodiment, the process of determining the second public key by the smart home system specifically includes: and determining a time segment of the current time, and then determining a reverse authentication public key corresponding to the time segment by using the second mapping file to obtain a second public key.
Step S25: and determining a reverse authentication private key corresponding to the current moment to obtain a second private key.
Wherein, different reverse authentication private keys correspond to different time information.
Specifically, the process of determining the reverse authentication private key corresponding to the current time to obtain the second private key may include: and determining a time segment of the current time, and then determining a reverse authentication private key corresponding to the time segment by using the first mapping file to obtain a second private key.
Step S26: and judging whether the second public key is matched with the second private key, if so, entering the step S27, and if not, entering the step S28.
In this embodiment, the process of the user terminal determining whether the second public key and the second private key are matched may include: and judging whether the second public key is matched with the second private key by using pairing information between the legal reverse authentication public key and the legal reverse authentication private key which is obtained in real time or obtained in advance.
Step S27: through the authentication of the intelligent home system.
Step S28: and forbidding passing the authentication of the intelligent home system.
In this embodiment, when the smart home system passes the authentication of the user terminal and the user terminal passes the authentication of the smart home system, the user terminal may be allowed to control the smart home devices in the smart home system, otherwise, the user terminal is prohibited from controlling the smart home devices. That is, in the embodiment of the present invention, the user terminal may be allowed to control the smart home device when both the two-way authentication is passed, which is a stronger guarantee in terms of security compared to a case where the smart home system allows the user terminal to control the smart home device when the smart home system passes the authentication of the user terminal.
Referring to fig. 1, an embodiment of the present invention discloses another smart home user authentication method, which is applicable to a smart home system, and includes the following steps S31 to S35:
step S31: receiving a first public key sent by a user terminal; the first public key is a forward authentication public key corresponding to the current moment and determined after the user terminal initiates an authentication request.
Step S32: and determining a forward authentication private key corresponding to the current moment to obtain a first private key.
Step S33: and judging whether the first public key is matched with the first private key, if so, entering the step S34, and if not, entering the step S35.
Wherein, different positive authentication public keys correspond to different time information, and different positive authentication private keys correspond to different time information.
Step S34: by authentication of the user terminal.
Step S35: authentication of the user terminal is prohibited.
In this embodiment, the user terminal may be allowed to control the smart home devices in the smart home system when the smart home system passes the authentication of the user terminal.
It can be seen that, in the embodiment of the present invention, different forward authentication public keys and forward authentication private keys correspond to different time information, that is, the forward authentication public key and the forward authentication private key in the embodiment of the present invention are not fixed, but can dynamically change with the passage of time, and compared with the technical scheme of performing authentication based on a fixed security characteristic value in the prior art, the embodiment of the present invention obviously can greatly improve the security of the authentication process of the smart home user, and fully maintain the personal and property security of the user.
Referring to fig. 2, an embodiment of the present invention discloses a specific smart home user authentication method, which is applicable to a smart home system, and includes the following steps S41 to 47:
step S41: receiving a first public key sent by a user terminal; the first public key is a forward authentication public key corresponding to the current moment and determined after the user terminal initiates an authentication request.
Specifically, the process of determining the first public key includes: and determining a time segment of the current time, and then determining a forward authentication public key corresponding to the time segment by using a first mapping file prestored on the user terminal to obtain a first public key.
In this embodiment, the first mapping file is a mapping file that records and stores each time segment and the forward authentication public key and the reverse authentication private key that correspond to each time segment one-to-one.
Step S42: and determining a forward authentication private key corresponding to the current moment to obtain a first private key.
Wherein, different positive authentication public keys correspond to different time information, and different positive authentication private keys correspond to different time information.
Specifically, the process of determining the first private key includes: and determining a time segment of the current time, and then determining a forward authentication private key corresponding to the time segment by using a second mapping file prestored on the intelligent home system to obtain a first private key.
The second mapping file is a mapping file for recording and storing each time segment and the forward authentication private key and the reverse authentication public key which are respectively in one-to-one correspondence with each time segment.
Step S43: and judging whether the first public key is matched with the first private key, if so, entering the step S44, and if not, entering the step S45.
Step S44: through authentication of the user terminal, and then proceeds to step S46.
Step S45: authentication of the user terminal is prohibited.
Step S46: and determining the reverse authentication public key corresponding to the current moment to obtain a second public key.
Specifically, the process of determining the reverse authentication public key corresponding to the current time to obtain the second public key may include: and determining a time segment of the current time, and then determining a reverse authentication public key corresponding to the time segment by using the second mapping file to obtain a second public key.
Step S47: sending the second public key to the user terminal; when the user terminal receives the second public key, the user terminal executes the following steps: determining a reverse authentication private key corresponding to the current moment to obtain a second private key, judging whether the second public key is matched with the second private key, if so, passing the authentication of the intelligent home system, and if not, forbidding passing the authentication of the intelligent home system;
in this embodiment, the determining process of the second private key specifically includes: and determining a time segment of the current time, and then determining a reverse authentication private key corresponding to the time segment by using the first mapping file to obtain a second private key.
Wherein, different reverse authentication public keys correspond to different time information, and different reverse authentication private keys correspond to different time information.
In this embodiment, when the smart home system passes through the authentication of the user terminal and the user terminal passes through the authentication of the smart home system, the user terminal may be allowed to control the smart home devices in the smart home system.
The present invention also discloses a user terminal correspondingly, as shown in fig. 3, the user terminal includes:
a request initiating module 11, configured to initiate an authentication request;
a public key determining module 12, configured to determine, when the request initiating module 11 initiates an authentication request, a forward authentication public key corresponding to the current time to obtain a first public key;
the public key sending module 13 is configured to send a first public key to the smart home system; when the smart home system receives the first public key, the smart home system executes the following steps: determining a forward authentication private key corresponding to the current moment to obtain a first private key, judging whether the first public key is matched with the first private key, if so, passing the authentication of the user terminal, and if not, forbidding passing the authentication of the user terminal;
wherein, different positive authentication public keys correspond to different time information, and different positive authentication private keys correspond to different time information.
It can be seen that, in the embodiment of the present invention, different forward authentication public keys and forward authentication private keys correspond to different time information, that is, the forward authentication public key and the forward authentication private key in the embodiment of the present invention are not fixed, but can dynamically change with the passage of time, and compared with the technical scheme of performing authentication based on a fixed security characteristic value in the prior art, the embodiment of the present invention obviously can greatly improve the security of the authentication process of the smart home user, and fully maintain the personal and property security of the user.
Further, referring to fig. 4, the user terminal in this embodiment may further include:
the public key receiving module 14 is configured to receive a second public key sent by the smart home system; the second public key is a reverse authentication public key which is determined by the intelligent home system through authentication of the user terminal and corresponds to the current moment;
the private key determining module 15 is configured to determine, when the public key receiving module 14 receives the second public key, a reverse authentication private key corresponding to the current time to obtain the second private key;
the authentication control module 16 is configured to determine whether the second public key is matched with the second private key, pass the authentication on the smart home system if the second public key is matched with the second private key, and forbid passing the authentication on the smart home system if the second public key is not matched with the second private key;
wherein, different reverse authentication public keys correspond to different time information, and different reverse authentication private keys correspond to different time information.
The embodiment of the invention also further discloses intelligent household central control equipment, which comprises a public key receiving module, a private key determining module and an authentication control module; wherein the content of the first and second substances,
the public key receiving module is used for receiving a first public key sent by a user terminal; the first public key is a forward authentication public key which is determined by the user terminal after initiating an authentication request and corresponds to the current moment;
the private key determining module is used for determining a forward authentication private key corresponding to the current moment to obtain a first private key when the public key receiving module receives the first public key;
the authentication control module is used for judging whether the first public key is matched with the first private key, if so, passing the authentication of the user terminal, and if not, forbidding passing the authentication of the user terminal;
wherein, different positive authentication public keys correspond to different time information, and different positive authentication private keys correspond to different time information.
It can be seen that, in the embodiment of the present invention, different forward authentication public keys and forward authentication private keys correspond to different time information, that is, the forward authentication public key and the forward authentication private key in the embodiment of the present invention are not fixed, but can dynamically change with the passage of time, and compared with the technical scheme of performing authentication based on a fixed security characteristic value in the prior art, the embodiment of the present invention obviously can greatly improve the security of the authentication process of the smart home user, and fully maintain the personal and property security of the user.
Further, the smart home central control device in this embodiment may further include a public key determining module and a public key sending module; wherein the content of the first and second substances,
the public key determining module is used for determining a reverse authentication public key corresponding to the current moment after the authentication control module authenticates the user terminal to obtain a second public key;
the public key sending module is used for sending a second public key to the user terminal; when the user terminal receives the second public key, the user terminal executes the following steps: determining a reverse authentication private key corresponding to the current moment to obtain a second private key, judging whether the second public key is matched with the second private key, if so, passing the authentication of the intelligent home system, and if not, forbidding passing the authentication of the intelligent home system;
wherein, different reverse authentication public keys correspond to different time information, and different reverse authentication private keys correspond to different time information.
The embodiment of the invention also discloses a user terminal, which is shown in fig. 5 and comprises a processor 21 and a memory 22; wherein, the processor 21 executes the following steps by calling the instructions stored in the memory 22:
initiating an authentication request, then determining a forward authentication public key corresponding to the current moment to obtain a first public key, and then sending the first public key to the intelligent home system; when the smart home system receives the first public key, the smart home system executes the following steps: and determining a forward authentication private key corresponding to the current moment to obtain a first private key, judging whether the first public key is matched with the first private key, if so, passing the authentication of the user terminal, and if not, forbidding passing the authentication of the user terminal.
Wherein, different positive authentication public keys correspond to different time information, and different positive authentication private keys correspond to different time information.
Further, in this embodiment of the present invention, the processor 21 may further call up an instruction stored in the memory 22 to perform the following steps: receiving a second public key sent by the intelligent home system, then determining a reverse authentication private key corresponding to the current moment to obtain a second private key, then judging whether the second public key is matched with the second private key, if so, passing the authentication of the intelligent home system, and if not, forbidding passing the authentication of the intelligent home system; the second public key is a reverse authentication public key corresponding to the current moment and determined by the smart home system through authentication of the user terminal, different reverse authentication public keys correspond to different moment information, and different reverse authentication private keys correspond to different moment information.
It is understood that the user terminal in this embodiment further includes a battery 23, a communication chip 24, a display 25, an output device 26 and an input device 27.
It should be understood that the number of the processors, the memory, the battery, the communication chip, the display screen, the output device and the input device in the embodiment may be a single number or a plurality of numbers, and they are not limited to one. In addition, the operating system of the user terminal in this embodiment may include one or more of all existing mainstream terminal operating systems, and may also include an operating system newly developed in the future, where the operating system of the user terminal in this embodiment is not specifically limited.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The smart home user authentication method, the user terminal and the central control device provided by the invention are described in detail, a specific example is applied in the text to explain the principle and the implementation mode of the invention, and the description of the embodiment is only used for helping to understand the method and the core idea of the invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.

Claims (12)

1. An intelligent home user authentication method is suitable for a user terminal, and is characterized by comprising the following steps:
initiating an authentication request to an intelligent home system;
determining a forward authentication public key corresponding to the current moment to obtain a first public key;
sending the first public key to the intelligent home system;
when the smart home system receives the first public key, the smart home system executes the following steps: determining a forward authentication private key corresponding to the current moment to obtain a first private key, and judging whether the first public key is matched with the first private key, if so, passing the authentication of the user terminal, and if not, forbidding passing the authentication of the user terminal; and, different forward authentication public keys correspond to different time information, and different forward authentication private keys correspond to different time information.
2. The smart home user authentication method according to claim 1, further comprising:
acquiring a second public key sent by the intelligent home system; the second public key is a reverse authentication public key corresponding to the current moment and determined by the intelligent home system after the intelligent home system passes the authentication of the user terminal;
determining a reverse authentication private key corresponding to the current moment to obtain a second private key, judging whether the second public key is matched with the second private key, if so, passing the authentication of the intelligent home system, and if not, forbidding passing the authentication of the intelligent home system;
wherein, different reverse authentication public keys correspond to different time information, and different reverse authentication private keys correspond to different time information.
3. The smart home user authentication method according to claim 2,
the process of determining the forward authentication public key corresponding to the current moment to obtain the first public key comprises the following steps:
determining a time segment of the current time, and then determining a forward authentication public key corresponding to the time segment by using a first mapping file pre-stored on the user terminal to obtain the first public key;
the process of determining the reverse authentication private key corresponding to the current moment and obtaining the second private key comprises the following steps:
determining a time segment of the current time, and then determining a reverse authentication private key corresponding to the time segment by using the first mapping file to obtain a second private key;
the first mapping file is a mapping file for recording and storing each time segment and the forward authentication public key and the reverse authentication private key which are respectively in one-to-one correspondence with each time segment.
4. An intelligent home user authentication method is suitable for an intelligent home system and is characterized by comprising the following steps:
receiving a first public key sent by a user terminal; the first public key is a forward authentication public key which is determined by the user terminal after initiating an authentication request and corresponds to the current moment;
determining a forward authentication private key corresponding to the current moment to obtain a first private key;
judging whether the first public key is matched with the first private key, if so, passing the authentication of the user terminal, and if not, forbidding passing the authentication of the user terminal;
wherein, different positive authentication public keys correspond to different time information, and different positive authentication private keys correspond to different time information.
5. The smart home user authentication method according to claim 4, further comprising, after the process of passing the authentication of the user terminal:
determining a reverse authentication public key corresponding to the current moment to obtain a second public key, and sending the second public key to the user terminal; when the user terminal receives the second public key, the user terminal executes the following steps: determining a reverse authentication private key corresponding to the current moment to obtain a second private key, judging whether the second public key is matched with the second private key, if so, passing the authentication of the intelligent home system, and if not, forbidding passing the authentication of the intelligent home system;
wherein, different reverse authentication public keys correspond to different time information, and different reverse authentication private keys correspond to different time information.
6. The smart home user authentication method according to claim 5,
the process of determining the forward authentication private key corresponding to the current moment and obtaining the first private key comprises the following steps:
determining a time segment of the current time, and then determining a forward authentication private key corresponding to the time segment by using a second mapping file prestored on the intelligent home system to obtain a first private key;
the process of determining the reverse authentication public key corresponding to the current moment to obtain the second public key comprises the following steps:
determining a time segment of the current moment, and then determining a reverse authentication public key corresponding to the time segment by using the second mapping file to obtain a second public key;
the second mapping file is a mapping file for recording and storing each time segment and the forward authentication private key and the reverse authentication public key which are respectively in one-to-one correspondence with each time segment.
7. The smart home user authentication method according to claim 4, further comprising:
and when the intelligent home system passes the authentication of the user terminal, allowing the user terminal to control the intelligent home equipment in the intelligent home system.
8. The smart home user authentication method according to claim 5 or 6, further comprising:
and when the intelligent home system passes the authentication of the user terminal and the user terminal passes the authentication of the intelligent home system, allowing the user terminal to control the intelligent home equipment in the intelligent home system.
9. A user terminal, comprising:
a request initiating module for initiating an authentication request;
the public key determining module is used for determining a forward authentication public key corresponding to the current moment to obtain a first public key when the request initiating module initiates an authentication request;
the public key sending module is used for sending the first public key to the intelligent home system; when the smart home system receives the first public key, the smart home system executes the following steps: determining a forward authentication private key corresponding to the current moment to obtain a first private key, and judging whether the first public key is matched with the first private key, if so, passing the authentication of the user terminal, and if not, forbidding passing the authentication of the user terminal;
wherein, different positive authentication public keys correspond to different time information, and different positive authentication private keys correspond to different time information.
10. The user terminal according to claim 9, further comprising:
the public key receiving module is used for receiving a second public key sent by the intelligent home system; the second public key is a reverse authentication public key corresponding to the current moment and determined by the intelligent home system after the intelligent home system authenticates the user terminal;
the private key determining module is used for determining a reverse authentication private key corresponding to the current moment to obtain a second private key when the public key receiving module receives the second public key;
the authentication control module is used for judging whether the second public key is matched with the second private key or not, if so, the authentication on the intelligent home system is passed, and if not, the authentication on the intelligent home system is forbidden;
wherein, different reverse authentication public keys correspond to different time information, and different reverse authentication private keys correspond to different time information.
11. The utility model provides an intelligence house central control equipment which characterized in that includes:
the public key receiving module is used for receiving a first public key sent by a user terminal; the first public key is a forward authentication public key which is determined by the user terminal after initiating an authentication request and corresponds to the current moment;
the private key determining module is used for determining a forward authentication private key corresponding to the current moment to obtain a first private key when the public key receiving module receives the first public key;
the authentication control module is used for judging whether the first public key is matched with the first private key or not, if so, the authentication on the user terminal is passed, and if not, the authentication on the user terminal is forbidden;
wherein, different positive authentication public keys correspond to different time information, and different positive authentication private keys correspond to different time information.
12. The smart home central control device of claim 11, further comprising:
the public key determining module is used for determining a reverse authentication public key corresponding to the current moment after the authentication control module authenticates the user terminal to obtain a second public key;
a public key sending module, configured to send the second public key to the user terminal; when the user terminal receives the second public key, the user terminal executes the following steps: determining a reverse authentication private key corresponding to the current moment to obtain a second private key, judging whether the second public key is matched with the second private key, if so, passing the authentication of the intelligent home system, and if not, forbidding passing the authentication of the intelligent home system;
wherein, different reverse authentication public keys correspond to different time information, and different reverse authentication private keys correspond to different time information.
CN201710213178.8A 2017-04-01 2017-04-01 Intelligent household user authentication method, user terminal and central control equipment Active CN107104952B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710213178.8A CN107104952B (en) 2017-04-01 2017-04-01 Intelligent household user authentication method, user terminal and central control equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710213178.8A CN107104952B (en) 2017-04-01 2017-04-01 Intelligent household user authentication method, user terminal and central control equipment

Publications (2)

Publication Number Publication Date
CN107104952A CN107104952A (en) 2017-08-29
CN107104952B true CN107104952B (en) 2020-07-03

Family

ID=59675300

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710213178.8A Active CN107104952B (en) 2017-04-01 2017-04-01 Intelligent household user authentication method, user terminal and central control equipment

Country Status (1)

Country Link
CN (1) CN107104952B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111030967B (en) * 2018-10-10 2022-03-01 千寻位置网络有限公司 Cloud-based data transmission system, data transmission method and data acquisition method
CN111131144B (en) * 2019-11-05 2021-11-16 远景智能国际私人投资有限公司 IoT (Internet of things) equipment management method, device, server and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101330379A (en) * 2007-06-22 2008-12-24 华为技术有限公司 Method and apparatus for down distributing cryptographic key
CN103036880A (en) * 2012-12-12 2013-04-10 华为技术有限公司 Network information transmission method, transmission equipment and transmission system
KR101326243B1 (en) * 2012-06-04 2013-11-11 순천향대학교 산학협력단 User authenticaiton method
CN105429960A (en) * 2015-10-29 2016-03-23 东莞酷派软件技术有限公司 Method and device for intelligent household terminal authentication
CN105939198A (en) * 2016-06-24 2016-09-14 西安电子科技大学 Digital signature method based on location under time constraint
CN106131830A (en) * 2016-08-30 2016-11-16 林昌盛威(北京)科技有限公司 A kind of data processing method, Apparatus and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101330379A (en) * 2007-06-22 2008-12-24 华为技术有限公司 Method and apparatus for down distributing cryptographic key
KR101326243B1 (en) * 2012-06-04 2013-11-11 순천향대학교 산학협력단 User authenticaiton method
CN103036880A (en) * 2012-12-12 2013-04-10 华为技术有限公司 Network information transmission method, transmission equipment and transmission system
CN105429960A (en) * 2015-10-29 2016-03-23 东莞酷派软件技术有限公司 Method and device for intelligent household terminal authentication
CN105939198A (en) * 2016-06-24 2016-09-14 西安电子科技大学 Digital signature method based on location under time constraint
CN106131830A (en) * 2016-08-30 2016-11-16 林昌盛威(北京)科技有限公司 A kind of data processing method, Apparatus and system

Also Published As

Publication number Publication date
CN107104952A (en) 2017-08-29

Similar Documents

Publication Publication Date Title
CN104270404B (en) A kind of login method and device based on terminal iidentification
CN109410410A (en) Method, apparatus, system and the electronic equipment of intelligent door lock Cipher Processing
CN105741395A (en) Entrance guard access method and system based on two-dimension code and face identification
CN104618315B (en) A kind of method, apparatus and system of verification information push and Information Authentication
US10445487B2 (en) Methods and apparatus for authentication of joint account login
EP3179758A1 (en) Building intercom method, nfc unlocking device and building intercom system
WO2015070732A1 (en) Access control system, authorization method and device thereof, and storage medium
US20200175149A1 (en) System for controlling access to an account
CN108811179B (en) Wireless network connection method, device and storage medium
US10097538B1 (en) User authentication systems and methods
US9781127B2 (en) Method and apparatus to regulate a digital security system that controls access to a resource
CN104951072A (en) Application control method and terminal equipment
RU2685693C1 (en) Method and device for providing a signal indicating loss of a terminal
CN106470145B (en) Instant messaging method and device
CN106559213B (en) Equipment management method, equipment and system
CN104967586A (en) User identity authentication method, user identity authentication apparatus and user identity authentication system
US9801061B2 (en) Multi-factor user authentication based on decoy security questions
CN104158659A (en) Anti-fake verifying method, device and system
US20210058488A1 (en) Methods, systems, and media for pairing devices to complete a task using an application request
CN107104952B (en) Intelligent household user authentication method, user terminal and central control equipment
CN117319450A (en) Ultrasonic metering instrument data interaction method, device and equipment based on Internet of things
CN111554013A (en) Access control passing method, device, equipment and storage medium
EP3313039A1 (en) Home gateway, communication management method and communication system thereof
RU2631268C1 (en) Method and device for requesting information
WO2017148337A1 (en) Methods of providing and acquiring terminal service, device, and terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant