CN102111265A - Method for encrypting embedded secure access module (ESAM) of power system acquisition terminal - Google Patents

Method for encrypting embedded secure access module (ESAM) of power system acquisition terminal Download PDF

Info

Publication number
CN102111265A
CN102111265A CN2011100064692A CN201110006469A CN102111265A CN 102111265 A CN102111265 A CN 102111265A CN 2011100064692 A CN2011100064692 A CN 2011100064692A CN 201110006469 A CN201110006469 A CN 201110006469A CN 102111265 A CN102111265 A CN 102111265A
Authority
CN
China
Prior art keywords
key
terminal
random
main website
safety chip
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2011100064692A
Other languages
Chinese (zh)
Other versions
CN102111265B (en
Inventor
吕英杰
赵兵
刘鹰
翟峰
付义伦
冯占成
吴春亮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Corp of China SGCC
China Electric Power Research Institute Co Ltd CEPRI
Original Assignee
China Electric Power Research Institute Co Ltd CEPRI
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Electric Power Research Institute Co Ltd CEPRI filed Critical China Electric Power Research Institute Co Ltd CEPRI
Priority to CN201110006469.2A priority Critical patent/CN102111265B/en
Publication of CN102111265A publication Critical patent/CN102111265A/en
Application granted granted Critical
Publication of CN102111265B publication Critical patent/CN102111265B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

The invention relates to the technical field of information safety protection of electricity information acquisition terminals, and in particular relates to a method for encrypting an embedded secure access module (ESAM) of a power system acquisition terminal. A terminal random number reading function, a media access control (MAC) verification function, a public key verification function, a secret key update function and the like are realized by an interactive process among an acquisition system master station, a micro controller unit (MCU) of an acquisition terminal and an ESAM of the acquisition terminal, thus ensuring the security of the system. A symmetric algorithm and an asymmetrical algorithm are applied to the ESAM, wherein the symmetric algorithm is mainly used for decryption and decryption, and the asymmetrical algorithm is mainly used for updating secret keys. By means of the secure process, the acquisition of the random number, the MAC calculation, the secret key update and registration of asymmetrical secrete keys can be realized.

Description

A kind of safety chip encryption method of electric power system acquisition terminal
Technical field
The present invention relates to power information acquisition terminal protecting information safety technical field, be specifically related to a kind of safety chip encryption method of electric power system acquisition terminal.
Background technology
State Grid Corporation of China carried out the comprehensive unified building-up work of power consumer power information acquisition system in 2008, proposed unified standard, uniform bidding and the unified principle of building of construction system.A large amount of acquisition terminals that use are all according to the unified and standard design of up-to-date promulgation in system, and acquisition terminal need adopt safety chip to guarantee for reaching the security protection requirement.
Summary of the invention
For guaranteeing that acquisition terminal is in the safe and reliable use of power information acquisition system, the reliable execution that guarantees data security and instruct, except that guaranteeing authentication safety, need that also agreement, instruction and data are carried out encryption and decryption and handle, and the operational version of symmetric cryptographic technique and asymmetric cryptographic technique is also needed special design.
The mixed cipher algorithm that in acquisition terminal, has adopted symmetric cryptographic algorithm and asymmetric cryptographic algorithm to combine.
1) operational version of symmetric cryptographic algorithm is as follows:
The main symmetric cryptographic algorithm that adopts carries out issuing of order to the reset command in the terminal (AFN=01H), mode that parameter (AFN=04H), plaintext+MAC such as employing such as control command (AFN=05H) key order of etc.ing be set in terminal.
The clear data that MAC calculates in the message that terminal receives comprises AFN, SEQ, data cell sign, data cell, the MAC value of calculating is filled among the message authentication code field PW of additional information fields (AUX) (annotate: the message authentication scheme value is: 255, represent the specialized hardware certificate scheme).Terminal at first intercepts out clear data (comprising AFN, SEQ, data cell sign, data cell) according to message after receiving the order that has the MAC verification, and clear data sent and safety chip calculates MAC, MAC value that safety chip is calculated and the MAC value in the downlink message PW territory are compared then, if equate then carry out this order, does not wait and then return MAC verification mistake and requirement is obtained again according to stipulations random number and ESAM sequence number.
The key difference that different functions is used in symmetric cryptographic algorithm.The key updating of symmetric cryptographic algorithm is to carry out under the protection of asymmetric cryptographic algorithm.
2) the asymmetric cryptographic algorithm operational version is as follows:
The main asymmetric cryptographic algorithm that adopts carries out the negotiation and the renewal of key in terminal.Key updating comprises the key updating of symmetric cryptographic algorithm key updating and asymmetric cryptographic algorithm.
Be production and the test that makes things convenient for terminal producer, key is divided into test key and formal key.Test key is meant a cover key of inserting in advance for ease of the test of terminal manufacturer production; The key that formal key uses when being meant the terminal equipment commencement of commercial operation.Terminal equipment needs to carry out key updating before mounting, be about to test key and replace with formal key.
3) safety chip data interaction flow process
Terminal security chip data interaction flow mainly comprises: contents such as reading terminals random number, MAC verification, public key verifications, key updating.
(1) reading terminals random number
In symmetric cryptographic algorithm and asymmetric cryptographic algorithm, all used random number.The random number of terminal is produced and storage by the safety chip in the terminal, terminal should pick up counting read random number from safety chip after, guarantee the ageing of random number, time span can be provided with, if read the former random number of random number again with invalid, if be that main website did not obtain random number again within effective time, the terminal safety chip that resets.
(2) MAC verification
The MAC verification uses symmetric cryptographic algorithm to calculate, and is mainly used in and guarantees reset command (AFN=01H), data integrity in parameter (AFN=04H), the control command key order downlink messages such as (AFN=05H) is set.
Clear data in MAC check computational process comprises AFN, SEQ, data cell sign, data cell.This need intercept according to command type in downlink message.
The key difference that different command types uses will be noted the use of cipher key index when the MAC verification.
(3) public key verifications
Being mainly used in main website verifies the PKI in the terminal (master control PKI or main website PKI) correctness.Main website obtains random number from encryption equipment, with the PKI that will verify random number is signed, random number and signing messages are sent to acquisition terminal, and the acquisition terminal safety chip carries out signature verification with corresponding PKI to signed data, and terminal returns to the collection main website with the signature verification result.
(4) key updating
Terminal needs to carry out key updating and registration process before formally mounting.The test key that is about to terminal is updated to formal key, and the right PKI of terminal key of terminal generation is registered in the main website server, and this process need carries out according to local key updating mode under the environment of safety.
The employed key of symmetric cryptographic algorithm, local key updating mode is identical with the remote cipher key update mode, is all undertaken by following flow process.
Gather main website and initiate the key updating request command, acquisition terminal MCU sends and gets the random number order, and the random number of getting from safety chip and the sequence number of safety chip sent to the collection main website, main website sends to terminal with key information terminal random number and signing messages, safety chip in the terminal is tested label, as by then carrying out key updating, and will upgrade the result and return to the collection main website.
For the terminal unsymmetrical key, local key updating mode is slightly different with the remote cipher key update mode, what local key updating mode was mainly finished is the process that the terminal unsymmetrical key adds (or foundation) to the main website list of public keys, is called the registration of terminal unsymmetrical key; What the remote cipher key update mode was mainly finished is the process that the terminal unsymmetrical key upgrades to the main website list of public keys, is called the renewal of terminal unsymmetrical key.
(5) registration of terminal unsymmetrical key
The registration of terminal unsymmetrical key requires to adopt under security context local key updating mode to finish the terminal unsymmetrical key adds (or foundation) to the main website list of public keys process.
Gathering main website initiates to get the random number order from terminal, terminal will send to main website from random number and the safety chip sequence number that safety chip obtains, main website obtains random number from encryption equipment, and main website random number and terminal random number are signed with the main website private key, and with the main website random number, terminal random number and signing messages send to terminal, terminal is carried out signature verification by safety chip, again it is right to produce new key by the back generation, and the public key encryption information that new key is right sends to main website, main website is decrypted the PKI ciphertext of receiving, and the PKI that decrypts is added in the registration table.
(6) renewal of terminal unsymmetrical key
The renewal of terminal unsymmetrical key can adopt the remote cipher key update mode to finish the renewal process of terminal unsymmetrical key in the main website list of public keys under the public network condition.
Main website initiates the order of acquisition request random number to terminal, and terminal will send to main website from random number and the safety chip sequence number that safety chip obtains.Main website produces session key and with terminal public key session key is encrypted, and get random number from encryption equipment, with the main website private key to the session key ciphertext, the main website random number, terminal random number and signing messages are signed, and send to terminal, safety chip carries out signature verification in the terminal, obtain session key by the back deciphering, again it is right to produce new key then, with session key the right public key encryption of new key is produced the PKI ciphertext, with terminal secret key PKI ciphertext and main website random number are signed, return the right PKI ciphertext of new key, main website random number and signing messages thereof.Main website carries out signature verification, by the back PKI ciphertext is decrypted, and the PKI that decrypts is updated in the registration table.
The invention has the beneficial effects as follows:
1 makes full use of the advantage of symmetric cryptographic technique and asymmetric cryptographic technique;
2 are not having to have guaranteed the use of asymmetric cryptographic technique by process optimization under the situation of diploma system.
Description of drawings
The present invention is further described below in conjunction with accompanying drawing.
Fig. 1 information exchange block diagram of the present invention;
Fig. 2 is a reading terminals random number data flow chart.
Fig. 3 is a symmetric cryptographic algorithm MAC checking data flow chart.
Fig. 4 is the public key verifications data flowchart.
Fig. 5 is the key updating flow chart.
Fig. 6 is the log-on data flow chart of terminal unsymmetrical key.
Fig. 7 is the renewal data flowchart of terminal unsymmetrical key.
Embodiment
As shown in Figure 1, the encryption method of the safety chip of this electric power system acquisition terminal by acquisition system main website, acquisition terminal MCU and the acquisition terminal safety chip between interaction flow realize functions such as reading terminals random number, MAC verification, public key verifications, key updating, guarantee the safety of system.Safety chip adopts symmetry algorithm and asymmetric arithmetic, and symmetry algorithm is mainly finished encryption and decryption, and asymmetric arithmetic is mainly finished key updating.Flow process by safety realizes the registration of obtaining random number, MAC calculating, key updating, unsymmetrical key.
As shown in Figure 2, reading terminals random number data flow process is meant that main website initiates to read the random number order to terminal, after the MCU of terminal receives this order, MCU sends two subcommands respectively to safety chip in the terminal and comprises: obtain the safety chip sequence number and read random number, safety chip sends to MCU with sequence number and random number respectively according to the order of receiving, MCU sends to main website together with the sequence number and the random number of safety chip.
As shown in Figure 3, the MAC checking process is meant that main website is sending reset command to terminal, parameter is set, during key orders such as control command, can calculate the MAC check code of mentioned order data by the encryption device of main website side, order data is issued the MCU of terminal together with the MAC check code, after terminal MCU receives above-mentioned key order, order data is sent to safety chip, safety chip calculates the MAC check code according to order data and returns to MCU, the MAC that MAC that MCU sends main website and safety chip are sent compares, if it is consistent, then reply to the main website confirmation, deny information otherwise reply main website.
As shown in Figure 4, the public key verifications data flow is meant that main website sends to terminal MCU with random number and signing messages, MCU is transmitted to safety chip with random number and signing messages, safety chip receives after the data checking signing messages and will test and sign the result and return terminal MCU, terminal MCU according to test sign the result send confirm or the information of denying to main website.
As shown in Figure 5, the key updating flow process comprises two flow processs, and at first main website sends the key updating request command to terminal MCU, and terminal MCU transmission order is to safety chip or get random number, then safety chip sequence number and random number is returned to main website; Main website sends key information, random number and signing messages to terminal MCU then, MCU gives safety chip with these data forwarding, safety chip test sign and more will upgrade after the new key after the key result return to MCU, MCU sends affirmation or the information of denying to main website according to the key updating result.
As shown in Figure 6, the log-on data flow process of terminal unsymmetrical key comprises two flow processs, at first main website sends the key updating request command to terminal MCU, and terminal MCU transmission order is to safety chip or get random number, then safety chip sequence number and random number is returned to main website; Main website sends main website random number, terminal random number and signing messages to terminal MCU then, MCU gives safety chip with above-mentioned data forwarding, safety chip is certifying signature information at first, test sign pass through after, produce new key to and the public key encryption right to this key, the PKI ciphertext after encrypting is returned to MCU, MCU returns ciphertext to main website, sign failure if test, send and deny that information is to main website.
As shown in Figure 7, the renewal data flow of terminal unsymmetrical key comprises two flow processs, at first is or gets the random number flow process, with first flow process of accompanying drawing 5 and 6; Second flow process is that main website sends session key ciphertext, main website random number, terminal random number and signing messages to terminal MCU, MCU gives safety chip with data forwarding, safety chip test sign pass through after, to the public key encryption of new generation and to this ciphertext and main website random number signature, and cipher-text information and signing messages returned to MCU, MCU sends cipher-text information to main website, signs failure then replys the information of denying if test.
Invention has been described according to specific exemplary embodiment herein.It will be conspicuous carrying out suitable replacement to one skilled in the art or revise under not departing from the scope of the present invention.Exemplary embodiment only is illustrative, rather than to the restriction of scope of the present invention, scope of the present invention is by appended claim definition.

Claims (9)

1. the safety chip encryption method of an electric power system acquisition terminal is characterized in that:
The mixed cipher algorithm that in the safety chip of acquisition terminal, adopts symmetric cryptographic algorithm and asymmetric cryptographic algorithm to combine, safety chip adopts SM1 algorithm and RSA Algorithm; Described safety chip links to each other with the terminal main control unit by ISO/IEC7816-3 " the integrated circuit card signal of telecommunication and the host-host protocol of contact-carrying " standard and agreement, receives authentication instruction, encryption and decryption instruction and the key updating instruction of being sent by host computer.
2. the method for claim 1; it is characterized in that: the mode that employed symmetric cryptographic algorithm adopts plaintext+MAC in the electric power system acquisition terminal sends to reset command in the acquisition terminal to main website; key orders such as parameter and control command are set to be handled; functions different in symmetric cryptographic algorithm are used different keys; the key updating of symmetric cryptographic algorithm is to carry out under the protection of asymmetric cryptographic algorithm; adopt asymmetric cryptographic algorithm to carry out the negotiation and the renewal of key in acquisition terminal, key updating comprises in the symmetric cryptographic algorithm key updating in the key updating and asymmetric cryptographic algorithm.
3. method as claimed in claim 2, it is characterized in that also comprising the method that reads random number, the random number of acquisition terminal is produced and storage by the safety chip in the terminal, terminal should pick up counting read random number from safety chip after, guarantee the ageing of random number, time span can be provided with, if read the former random number of random number again with invalid, if be that main website did not obtain random number again within effective time, the terminal safety chip that resets.
4. method as claimed in claim 2, it is characterized in that also comprising MAC verification computational methods, the MAC verification uses symmetric cryptographic algorithm to calculate, be mainly used in and guarantee reset command, data integrity in the key order downlink messages such as parameter, control command is set, clear data in MAC check computational process comprises AFN, SEQ, data cell sign and data cell, need in downlink message, intercept according to command type, the key difference that different command types uses will be noted the use of cipher key index when the MAC verification.
5. method as claimed in claim 2, it is characterized in that also comprising the public key verifications method, being used for main website verifies the correctness of master control PKI in the terminal or main website PKI, main website obtains random number from encryption equipment, with the PKI that will verify random number is signed, random number and signing messages are sent to acquisition terminal, and the acquisition terminal safety chip carries out signature verification with corresponding PKI to signed data, and terminal returns to the collection main website with the signature verification result.
6. method as claimed in claim 2, it is characterized in that also comprising key updating method, terminal needs to carry out key updating and registration process before formally mounting, the test key that is about to terminal is updated to formal key, and the right PKI of terminal key that terminal is produced is registered in the main website server, the employed key of symmetric cryptographic algorithm, local key updating mode is identical with the remote cipher key update mode, is all undertaken by following flow process:
Gather main website and initiate the key updating request command, acquisition terminal MCU sends and gets the random number order, and the random number of getting from safety chip and the sequence number of safety chip sent to the collection main website, main website sends to terminal with key information terminal random number and signing messages, safety chip in the terminal is tested label, as by then carrying out key updating, and will upgrade the result and return to the collection main website, for the terminal unsymmetrical key, local key updating mode is different with the remote cipher key update mode, what local key updating mode was finished is the process that the terminal unsymmetrical key adds or sets up to the main website list of public keys, is called the registration of terminal unsymmetrical key; What the remote cipher key update mode was finished is the process that the terminal unsymmetrical key upgrades to the main website list of public keys, is called the renewal of terminal unsymmetrical key.
7. method as claimed in claim 2, it is characterized in that also comprising the register method of terminal unsymmetrical key, the registration of terminal unsymmetrical key requires to adopt under security context local key updating mode to finish the process that the terminal unsymmetrical key adds or sets up to the main website list of public keys, gathering main website initiates to get the random number order from terminal, terminal will send to main website from random number and the safety chip sequence number that safety chip obtains, main website obtains random number from encryption equipment, and main website random number and terminal random number are signed with the main website private key, and with the main website random number, terminal random number and signing messages send to terminal, terminal is carried out signature verification by safety chip, by after to produce new key again right, and the public key encryption information that new key is right sends to main website, main website is decrypted the PKI ciphertext of receiving, and the PKI that decrypts is added in the registration table.
8. method as claimed in claim 2, it is characterized in that also comprising the update method of terminal unsymmetrical key, the renewal of terminal unsymmetrical key can adopt the remote cipher key update mode to finish the renewal process of terminal unsymmetrical key in the main website list of public keys under the public network condition, main website initiates the order of acquisition request random number to terminal, terminal will send to main website from random number and the safety chip sequence number that safety chip obtains, main website produces session key and with terminal public key session key is encrypted, and get random number from encryption equipment, with the main website private key to the session key ciphertext, the main website random number, terminal random number and signing messages are signed, and send to terminal, safety chip carries out signature verification in the terminal, obtain session key by the back deciphering, again it is right to produce new key then, with session key the right public key encryption of new key is produced the PKI ciphertext, with terminal secret key PKI ciphertext and main website random number are signed, return the right PKI ciphertext of new key, main website random number and signing messages thereof, main website carries out signature verification, by the back PKI ciphertext is decrypted, and the PKI that decrypts is updated in the registration table.
9. the method for claim 1 is characterized in that:
(1) using method of described symmetric cryptographic algorithm is:
In acquisition terminal, adopt symmetric cryptographic algorithm to the reset command in the terminal, key orders such as parameter, control command be set adopt the mode of plaintext+MAC to carry out issuing of order,
The clear data that MAC calculates in the message that acquisition terminal receives comprises AFN, SEQ, data cell sign and data cell, the MAC value of calculating is filled among the message authentication code field PW of additional information fields, terminal at first intercepts out clear data according to message after receiving the order that has the MAC verification, and clear data sent and safety chip calculates MAC, MAC value that safety chip is calculated and the MAC value in the downlink message PW territory are compared then, if equate then carry out this order, does not wait and then return MAC verification mistake and requirement is obtained again according to stipulations random number and ESAM sequence number;
The key difference that different functions is used in symmetric cryptographic algorithm, the key updating of symmetric cryptographic algorithm is to carry out under the protection of asymmetric cryptographic algorithm;
(2) using method of described asymmetric cryptographic algorithm is:
The main asymmetric cryptographic algorithm that adopts carries out the negotiation and the renewal of key in terminal, and key updating comprises the key updating of symmetric cryptographic algorithm key updating and asymmetric cryptographic algorithm;
Be production and the test that makes things convenient for terminal producer, key is divided into test key and formal key, and test key is meant a cover key of inserting in advance for ease of the test of terminal manufacturer production; The key that formal key uses when being meant the terminal equipment commencement of commercial operation, terminal equipment needs to carry out key updating before mounting, be about to test key and replace with formal key.
CN201110006469.2A 2011-01-13 2011-01-13 Method for encrypting secure chip of power system acquisition terminal Active CN102111265B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201110006469.2A CN102111265B (en) 2011-01-13 2011-01-13 Method for encrypting secure chip of power system acquisition terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201110006469.2A CN102111265B (en) 2011-01-13 2011-01-13 Method for encrypting secure chip of power system acquisition terminal

Publications (2)

Publication Number Publication Date
CN102111265A true CN102111265A (en) 2011-06-29
CN102111265B CN102111265B (en) 2014-03-26

Family

ID=44175301

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201110006469.2A Active CN102111265B (en) 2011-01-13 2011-01-13 Method for encrypting secure chip of power system acquisition terminal

Country Status (1)

Country Link
CN (1) CN102111265B (en)

Cited By (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102255725A (en) * 2011-07-16 2011-11-23 山东省数字证书认证管理有限公司 Random hybrid key encryption/decryption method
CN102325023A (en) * 2011-07-04 2012-01-18 飞天诚信科技股份有限公司 A kind of chip data creation method and device in useful life of prolonging
CN103001771A (en) * 2012-11-14 2013-03-27 广东电网公司电力科学研究院 Data transmission security encryption method for metering automation system
CN103051450A (en) * 2012-12-10 2013-04-17 中国电力科学研究院 System and method applicable to electric power information collection system for distributing safety tasks
CN103095696A (en) * 2013-01-09 2013-05-08 中国电力科学研究院 Identity authentication and key agreement method suitable for electricity consumption information collection system
CN103178953A (en) * 2013-02-27 2013-06-26 中国电力科学研究院 Secure chip key issuing system and secure chip key issuing method
CN103279705A (en) * 2013-05-14 2013-09-04 上海华为技术有限公司 Validation method and validation device of chip with secure booting function
CN103888444A (en) * 2014-02-24 2014-06-25 北京科东电力控制系统有限责任公司 Distribution safety authentication device and method
CN104378201A (en) * 2013-08-12 2015-02-25 国家电网公司 Pollution discharge data secure transmission method and terminal and system
CN104579679A (en) * 2014-12-10 2015-04-29 国家电网公司 Wireless public network data forwarding method for rural power distribution network communication equipment
TWI497438B (en) * 2013-11-27 2015-08-21 Ind Tech Res Inst A system for firmware upgrade in ami and method thereof
CN105162593A (en) * 2015-07-27 2015-12-16 哈尔滨工业大学 Module authentication method applied to water treatment monitoring
CN105553645A (en) * 2015-12-17 2016-05-04 国家电网公司 Data protection system and data acquisition method of charging facility
CN105577386A (en) * 2015-12-23 2016-05-11 中国电力科学研究院 Data encryption method of bilateral interaction intelligent electric energy meter
CN105763542A (en) * 2016-02-02 2016-07-13 国家电网公司 Device and method of encryption and authentication for distribution terminal serial port communication
CN106571846A (en) * 2016-10-17 2017-04-19 国动物联网技术(上海)有限公司 LoRa data transmission module and data encryption method
CN106685991A (en) * 2017-02-10 2017-05-17 华立科技股份有限公司 Full life circle traceable electric energy meter based on wireless technology
CN106850207A (en) * 2017-02-28 2017-06-13 南方电网科学研究院有限责任公司 Identity identifying method and system without CA
CN106941491A (en) * 2017-03-29 2017-07-11 中国电力科学研究院 The safety application data link layer device and communication means of power information acquisition system
CN107046531A (en) * 2017-03-06 2017-08-15 国网湖南省电力公司 The data processing method and system of the data access Power Information Network of monitoring terminal
CN107395361A (en) * 2017-07-25 2017-11-24 成都国科微电子有限公司 The conversion of information source data and authentication method and system
CN107896231A (en) * 2017-12-27 2018-04-10 江苏联宏智慧能源股份有限公司 A kind of data ciphering method of energy hosted platform system remote communication
CN108134823A (en) * 2017-12-18 2018-06-08 宁波三星医疗电气股份有限公司 A kind of method for quick obtaining electric power acquisition data acquisition of terminal
CN108320355A (en) * 2017-12-29 2018-07-24 中国船舶重工集团公司第七八研究所 A kind of the emergency cryptosystem open system and its open method of intelligent door lock
CN109257328A (en) * 2017-07-14 2019-01-22 中国电力科学研究院 A kind of safety interacting method and device of scene operation/maintenance data
CN109257327A (en) * 2017-07-14 2019-01-22 中国电力科学研究院 A kind of the communication message safety interacting method and device of electrical power distribution automatization system
CN109335906A (en) * 2018-08-01 2019-02-15 苏州汇川技术有限公司 Method of calibration, elevator control aggregate and elevator peripheral equipment
CN109583155A (en) * 2018-12-10 2019-04-05 慧翰微电子股份有限公司 A kind of the IOT mould group and its control method of embedded safety chip
CN109587149A (en) * 2018-12-11 2019-04-05 许昌许继软件技术有限公司 A kind of safety communicating method and device of data
CN110011794A (en) * 2019-04-11 2019-07-12 北京智芯微电子科技有限公司 The test method of cipher machine key attribute
CN110086796A (en) * 2019-04-22 2019-08-02 南京联创北斗技术应用研究院有限公司 A kind of transmission method based on public private key encryption technology collection monitoring data
CN110286349A (en) * 2019-06-24 2019-09-27 国网吉林省电力有限公司电力科学研究院 It is a kind of for take control intelligent electric energy meter electric energy metering device calibration method
CN110380932A (en) * 2019-07-17 2019-10-25 中国工商银行股份有限公司 Test method and device and test macro for safety equipment
CN110995427A (en) * 2019-12-12 2020-04-10 广东电网有限责任公司电力调度控制中心 Control system key management method and device based on asymmetric encryption
CN109583155B (en) * 2018-12-10 2022-06-21 慧翰微电子股份有限公司 IOT module with embedded security chip and control method thereof

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106778308A (en) * 2016-12-19 2017-05-31 国网天津市电力公司信息通信公司 The wiring method and device of a kind of chip keys
CN106650464A (en) * 2016-12-29 2017-05-10 深圳市金立通信设备有限公司 Security detection method and terminal

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101005357A (en) * 2006-12-28 2007-07-25 北京飞天诚信科技有限公司 Method and system for updating certification key
EP1873963A1 (en) * 2006-06-29 2008-01-02 Incard SA Authentication method for IC cards
CN201387642Y (en) * 2009-02-18 2010-01-20 青岛乾程电子科技有限公司 Single-phase electronic type multi-rate prepayment electric energy meter
CN101753312A (en) * 2010-02-03 2010-06-23 北京融通高科科技发展有限公司 Security certification method and security certification device for power grid equipment and negative control terminal
CN201569701U (en) * 2009-12-29 2010-09-01 中国电力科学研究院 Single phase remote charge intelligent ammeter

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1873963A1 (en) * 2006-06-29 2008-01-02 Incard SA Authentication method for IC cards
CN101005357A (en) * 2006-12-28 2007-07-25 北京飞天诚信科技有限公司 Method and system for updating certification key
CN201387642Y (en) * 2009-02-18 2010-01-20 青岛乾程电子科技有限公司 Single-phase electronic type multi-rate prepayment electric energy meter
CN201569701U (en) * 2009-12-29 2010-09-01 中国电力科学研究院 Single phase remote charge intelligent ammeter
CN101753312A (en) * 2010-02-03 2010-06-23 北京融通高科科技发展有限公司 Security certification method and security certification device for power grid equipment and negative control terminal

Cited By (48)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102325023A (en) * 2011-07-04 2012-01-18 飞天诚信科技股份有限公司 A kind of chip data creation method and device in useful life of prolonging
CN102325023B (en) * 2011-07-04 2014-03-26 飞天诚信科技股份有限公司 Data generation method and device capable of prolonging service life of chip
CN102255725A (en) * 2011-07-16 2011-11-23 山东省数字证书认证管理有限公司 Random hybrid key encryption/decryption method
CN103001771A (en) * 2012-11-14 2013-03-27 广东电网公司电力科学研究院 Data transmission security encryption method for metering automation system
CN103001771B (en) * 2012-11-14 2015-06-10 广东电网公司电力科学研究院 Data transmission security encryption method for metering automation system
CN103051450A (en) * 2012-12-10 2013-04-17 中国电力科学研究院 System and method applicable to electric power information collection system for distributing safety tasks
CN103095696A (en) * 2013-01-09 2013-05-08 中国电力科学研究院 Identity authentication and key agreement method suitable for electricity consumption information collection system
CN103095696B (en) * 2013-01-09 2015-08-05 中国电力科学研究院 A kind of authentication and cryptographic key negotiation method being applicable to power information acquisition system
CN103178953A (en) * 2013-02-27 2013-06-26 中国电力科学研究院 Secure chip key issuing system and secure chip key issuing method
CN103178953B (en) * 2013-02-27 2016-09-21 中国电力科学研究院 A kind of secure chip key issuing system and secure chip key issuing method
WO2014183643A1 (en) * 2013-05-14 2014-11-20 华为技术有限公司 Check method and check device for chip having secure startup function
CN103279705A (en) * 2013-05-14 2013-09-04 上海华为技术有限公司 Validation method and validation device of chip with secure booting function
CN104378201A (en) * 2013-08-12 2015-02-25 国家电网公司 Pollution discharge data secure transmission method and terminal and system
TWI497438B (en) * 2013-11-27 2015-08-21 Ind Tech Res Inst A system for firmware upgrade in ami and method thereof
CN103888444B (en) * 2014-02-24 2018-07-10 国家电网公司 A kind of safe distribution of electric power authentication device and its method
CN103888444A (en) * 2014-02-24 2014-06-25 北京科东电力控制系统有限责任公司 Distribution safety authentication device and method
CN104579679A (en) * 2014-12-10 2015-04-29 国家电网公司 Wireless public network data forwarding method for rural power distribution network communication equipment
CN105162593A (en) * 2015-07-27 2015-12-16 哈尔滨工业大学 Module authentication method applied to water treatment monitoring
CN105553645A (en) * 2015-12-17 2016-05-04 国家电网公司 Data protection system and data acquisition method of charging facility
CN105577386A (en) * 2015-12-23 2016-05-11 中国电力科学研究院 Data encryption method of bilateral interaction intelligent electric energy meter
CN105763542A (en) * 2016-02-02 2016-07-13 国家电网公司 Device and method of encryption and authentication for distribution terminal serial port communication
CN106571846A (en) * 2016-10-17 2017-04-19 国动物联网技术(上海)有限公司 LoRa data transmission module and data encryption method
CN106685991A (en) * 2017-02-10 2017-05-17 华立科技股份有限公司 Full life circle traceable electric energy meter based on wireless technology
CN106850207A (en) * 2017-02-28 2017-06-13 南方电网科学研究院有限责任公司 Identity identifying method and system without CA
CN107046531B (en) * 2017-03-06 2020-07-10 国网湖南省电力公司 Data processing method and system for accessing data of monitoring terminal to power information network
CN107046531A (en) * 2017-03-06 2017-08-15 国网湖南省电力公司 The data processing method and system of the data access Power Information Network of monitoring terminal
CN106941491A (en) * 2017-03-29 2017-07-11 中国电力科学研究院 The safety application data link layer device and communication means of power information acquisition system
CN106941491B (en) * 2017-03-29 2020-08-21 中国电力科学研究院 Safety application data link layer equipment of electricity utilization information acquisition system and communication method
CN109257327B (en) * 2017-07-14 2021-01-08 中国电力科学研究院 Communication message safety interaction method and device for power distribution automation system
CN109257328A (en) * 2017-07-14 2019-01-22 中国电力科学研究院 A kind of safety interacting method and device of scene operation/maintenance data
CN109257327A (en) * 2017-07-14 2019-01-22 中国电力科学研究院 A kind of the communication message safety interacting method and device of electrical power distribution automatization system
CN107395361A (en) * 2017-07-25 2017-11-24 成都国科微电子有限公司 The conversion of information source data and authentication method and system
CN108134823A (en) * 2017-12-18 2018-06-08 宁波三星医疗电气股份有限公司 A kind of method for quick obtaining electric power acquisition data acquisition of terminal
CN107896231B (en) * 2017-12-27 2020-12-01 江苏联宏智慧能源股份有限公司 Data encryption method for remote communication of energy hosting platform system
CN107896231A (en) * 2017-12-27 2018-04-10 江苏联宏智慧能源股份有限公司 A kind of data ciphering method of energy hosted platform system remote communication
CN108320355A (en) * 2017-12-29 2018-07-24 中国船舶重工集团公司第七八研究所 A kind of the emergency cryptosystem open system and its open method of intelligent door lock
CN109335906B (en) * 2018-08-01 2020-09-11 苏州汇川技术有限公司 Verification method, elevator control device and elevator peripheral device
CN109335906A (en) * 2018-08-01 2019-02-15 苏州汇川技术有限公司 Method of calibration, elevator control aggregate and elevator peripheral equipment
CN109583155A (en) * 2018-12-10 2019-04-05 慧翰微电子股份有限公司 A kind of the IOT mould group and its control method of embedded safety chip
CN109583155B (en) * 2018-12-10 2022-06-21 慧翰微电子股份有限公司 IOT module with embedded security chip and control method thereof
CN109587149A (en) * 2018-12-11 2019-04-05 许昌许继软件技术有限公司 A kind of safety communicating method and device of data
CN110011794B (en) * 2019-04-11 2021-08-13 北京智芯微电子科技有限公司 Cipher machine key attribute testing method
CN110011794A (en) * 2019-04-11 2019-07-12 北京智芯微电子科技有限公司 The test method of cipher machine key attribute
CN110086796B (en) * 2019-04-22 2020-02-14 南京联创北斗技术应用研究院有限公司 Transmission method for collecting monitoring data based on public-private key encryption technology
CN110086796A (en) * 2019-04-22 2019-08-02 南京联创北斗技术应用研究院有限公司 A kind of transmission method based on public private key encryption technology collection monitoring data
CN110286349A (en) * 2019-06-24 2019-09-27 国网吉林省电力有限公司电力科学研究院 It is a kind of for take control intelligent electric energy meter electric energy metering device calibration method
CN110380932A (en) * 2019-07-17 2019-10-25 中国工商银行股份有限公司 Test method and device and test macro for safety equipment
CN110995427A (en) * 2019-12-12 2020-04-10 广东电网有限责任公司电力调度控制中心 Control system key management method and device based on asymmetric encryption

Also Published As

Publication number Publication date
CN102111265B (en) 2014-03-26

Similar Documents

Publication Publication Date Title
CN102111265B (en) Method for encrypting secure chip of power system acquisition terminal
CN109257327B (en) Communication message safety interaction method and device for power distribution automation system
CN102594558B (en) Anonymous digital certificate system and verification method of trustable computing environment
CN101828357B (en) Credential provisioning method and device
EP3742696A1 (en) Identity management method, equipment, communication network, and storage medium
CN105656859B (en) Tax control equipment software safety online upgrading method and system
CN103685323A (en) Method for realizing intelligent home security networking based on intelligent cloud television gateway
CN101738516B (en) Electronic electric energy meter and data secure transmission method thereof
CN101588236B (en) Protecting device, system and method for transmitting contents safely
CN101610150B (en) Third-party digital signature method and data transmission system
US9124561B2 (en) Method of transferring the control of a security module from a first entity to a second entity
CN104202170B (en) A kind of identity authorization system and method based on mark
CN108924147B (en) Communication terminal digital certificate issuing method, server and communication terminal
CN110035058B (en) Resource request method, device and storage medium
CN105610773A (en) Communication encryption method of electric energy meter remote meter reading
CN107135070A (en) Method for implanting, framework and the system of RSA key pair and certificate
CN109150526A (en) Cryptographic key negotiation method, equipment, terminal, storage medium and system
CN104579679B (en) Wireless public network data forwarding method for agriculture distribution communication equipment
CN104410641A (en) Security-controlled online activation method and device for POS terminals
CN109617675A (en) Both sides' identification authentication method and system between a kind of charge-discharge facility and user terminal
CN105281910A (en) Internet of things lock with CA digital certificate serving as network access identity identifier and network access identity identification method
CN102065092B (en) Method and system for authorizing digital signature of application program of set top box
CN104333547A (en) Safety protection method of two-way interaction intelligent ammeter
KR20130051636A (en) Method for mutual authentication and security in m2m environment
CN110300108A (en) A kind of power distribution automation message encryption transmission method, system, terminal and storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C41 Transfer of patent application or patent right or utility model
ASS Succession or assignment of patent right

Owner name: STATE ELECTRIC NET CROP.

Effective date: 20130508

TA01 Transfer of patent application right

Effective date of registration: 20130508

Address after: 100192 Beijing city Haidian District Qinghe small Camp Road No. 15

Applicant after: China Electric Power Research Institute

Applicant after: State Grid Corporation of China

Address before: 100192 Beijing city Haidian District Qinghe small Camp Road No. 15

Applicant before: China Electric Power Research Institute

GR01 Patent grant
GR01 Patent grant