CN105554744A - Safety protection method for positioning node - Google Patents

Safety protection method for positioning node Download PDF

Info

Publication number
CN105554744A
CN105554744A CN201510936258.7A CN201510936258A CN105554744A CN 105554744 A CN105554744 A CN 105554744A CN 201510936258 A CN201510936258 A CN 201510936258A CN 105554744 A CN105554744 A CN 105554744A
Authority
CN
China
Prior art keywords
described
secret key
id
key1
location node
Prior art date
Application number
CN201510936258.7A
Other languages
Chinese (zh)
Other versions
CN105554744B (en
Inventor
袁协
张宇
谢飞鹏
Original Assignee
苏州寻息电子科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 苏州寻息电子科技有限公司 filed Critical 苏州寻息电子科技有限公司
Priority to CN201510936258.7A priority Critical patent/CN105554744B/en
Publication of CN105554744A publication Critical patent/CN105554744A/en
Application granted granted Critical
Publication of CN105554744B publication Critical patent/CN105554744B/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
    • H04W12/04Key management, e.g. by generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/04Services making use of location information using association of physical positions and logical data in a dedicated environment, e.g. buildings or vehicles

Abstract

The invention discloses a safety protection method for a positioning node. The safety protection method comprises the following steps: intercepting N digits of broadcast data of the positioning node to serve as a random key, and marking the random key as a key1, wherein the random key1 varies in real time, and the digits are generated randomly once the random key1 varies; calculating a real ID number of the positioning node and the random key1 according to a preset rule to obtain an encrypted ID number; and broadcasting the encrypted ID number and the random key1 in the broadcast data. Through adoption of the safety protection method for the positioning node, an ID of the node varies continuously, so that the ID of the node is prevented from being counterfeited and used without permission. Moreover, an accurate time synchronization relationship between the positioning node and a terminal is not needed in the encryption way, so that the stability of an encryption system is enhanced, and the encryption way has a wide market prospect on the popularization of the safety protection method for the positioning node.

Description

A kind of safety protecting method of location node

Technical field

The present invention relates to electronic information field, particularly relate to a kind of safety protecting method of location node.

Background technology

Be difficult to the indoor environment covered in satellite navigation system, the demand of location-based service is day by day urgent.The time of people more than 80% is in indoor environment, and along with the development of social modernization's construction, heavy construction increasing, the demand of indoor location service just constantly increases.The fields such as security monitoring, business and personal-location services, the management of large stadium pipe, special population monitoring all need to use indoor positioning information accurately, and particularly when tackling the emergent scenes such as emergency evacuation, indoor positioning information seems particularly important especially.Along with the demand of indoor location service is day by day urgent, location-based service is just starting to be changed to indoor and outdoor seamless navigation by outdoor navigation.

China cellphone subscriber reaches 1,000,000,000, and the number of users relevant to location-based service is more than 500,000,000, and development is swift and violent.The indoor positioning market capturing cellphone subscriber becomes the hot spot for competition in location-based service.

IBeacon is the localizer beacon node that Apple releases, and mobile phone can measure iBeacon(bluetooth) receiving intensity of node, thus determine the position of oneself.Utilize iBeacon node can carry out Mobile Telephone Gps, favor information pushes, a series of services such as member's integration acquisition.And how to ensure that the fail safe of iBeacon node becomes the important ring in bluetooth positioning service.

Current beaconing nodes realizes the identification of identity by broadcast oneself No. ID, and mobile phone is positioned by the signal strength signal intensity accepting different node.No. ID of iBeacon broadcast is made up of " UUID "+" marjor "+" minor " three part.Disclosed in the agreement of iBeacon is, Android mobile phone can scan the complete id information of on-the-spot all nodes, therefore there are at least following three aspect safety applications problems, limits the universal of its application:

(1) businessman A disposes iBeacon node, position navigation, B can No. ID of scan node, and the node then utilizing A to dispose when not needing hardware to drop into positions navigation Service equally, at this moment iBeacon actual deployment side A be unwilling to see;

(2) businessman A disposes iBeacon node, carries out pushing based on favor information, and rival B can No. ID of scan node, thus counterfeit go out the node of a collection of same ID dispose at market A, cause the navigation system of businessman A to fall into chaos completely;

(3) businessman A disposes iBeacon node, carry out location-based favor information propelling movement, member's integration etc. movable (as have to shop preferential, increase integration etc. to shop).B can No. ID of scan node, thus the node of the counterfeit a collection of same ID of going out is sold, for malicious acts such as brush integrations.

Therefore, how to carry out dynamic encryption to No. ID and become the major issue ensureing that beaconing nodes is believed safely.

Summary of the invention

The technical problem that the present invention mainly solves is to provide a kind of safety protecting method of location node, by in the broadcast data of location node, intercept wherein N position as random secret key and real-time change, the ID of node is constantly changed, cannot by counterfeit and rub use, in addition, this cipher mode does not need location node and terminal to have precise time synchronized relation, make the stability of encryption system stronger, have market prospects widely the popularizing of safety protecting method of location node.

For solving the problems of the technologies described above, the invention provides a kind of safety protecting method of location node, comprising the following steps:

In the broadcast data of location node, intercept wherein N position as random secret key, be designated as key1, described random secret key key1 real-time change, during each change, digits produces at random, then carry out computing with described random secret key key1 according to preset rules by true No. ID of described location node, obtain No. ID after encrypting, in broadcast data, broadcast No. ID and random secret key key1 after encryption.

In a preferred embodiment of the present invention, the preset rules of described random secret key key1 and described true No. ID makes XOR respectively for presetting position.

In a preferred embodiment of the present invention, be provided with the secret key of user and be designated as key2, by true No. ID of described location node, described random secret key key1, the secret key key2 three of described user carry out computing according to preset rules, obtain No. ID after encrypting, in broadcast data, broadcast No. ID and random secret key key1 after encryption.

In a preferred embodiment of the present invention, described preset rules is:

(1) by described true No. ID, described random secret key key1 and the secret key key2 of described user is converted to binary sequence;

(2) everybody of described random secret key key1 and the secret key key2 of described user is carried out XOR and obtain key3;

(3) everybody of described key3 and described true No. ID is carried out XOR and obtain after encrypting No. ID.

In a preferred embodiment of the present invention, time interval Stochastic choice within the scope of prefixed time interval of the real-time change of described random secret key key1.

In a preferred embodiment of the present invention, described prefixed time interval scope comprises 1 day, 3 days, 5 days.

In a preferred embodiment of the present invention, described location node is iBeacon node, No. ID of described iBeacon node comprises UUID identifier, Major identifier and Minor identifier, described UUID identifier comprises 16 bytes, namely 128, described Major identifier comprises 2 bytes, namely 16, described Minor identifier comprises 2 bytes, namely 16.

In a preferred embodiment of the present invention, described random secret key key1 extracts some compositions respectively from described Major identifier and described Minor identifier, and the remaining bit of described Major identifier and described Minor identifier is encrypted.

In a preferred embodiment of the present invention, some positions that described random secret key key1 extracts from described Major identifier are first 6, some positions that described random secret key key1 extracts from described Minor identifier are first 4, and latter 10 of described Major identifier are encrypted with latter 12 of described Minor identifier.

In a preferred embodiment of the present invention, decrypting end is decrypted process with the described random secret key key1 received to No. ID after the described encryption received according to known deciphering rule, obtains real No. ID.

The invention has the beneficial effects as follows: the safety protecting method of location node of the present invention makes the ID of node constantly change, cannot by counterfeit and rub use, in addition, this cipher mode does not need location node and terminal to have precise time synchronized relation, make the stability of encryption system stronger, have market prospects widely the popularizing of safety protecting method of location node.

Embodiment

Be clearly and completely described to the technical scheme in the embodiment of the present invention below, obviously, described embodiment is only a part of embodiment of the present invention, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making other embodiments all obtained under creative work prerequisite, belong to the scope of protection of the invention.

The embodiment of the present invention comprises:

A safety protecting method for location node, comprises the following steps:

In the broadcast data of location node, intercept wherein N position as random secret key, be designated as key1, described random secret key key1 real-time change, during each change, digits produces at random, the ID of node is constantly changed, then computing cannot be carried out with described random secret key key1 according to preset rules by true No. ID of described location node with rubbing to use by counterfeit, obtain No. ID after encrypting, No. ID and random secret key key1 after encryption is broadcasted in broadcast data, this cipher mode does not need location node and terminal to have precise time synchronized relation, make the stability of encryption system stronger.

Preferably, the preset rules of described random secret key key1 and described true No. ID makes XOR respectively for presetting position.

Preferably, be provided with the secret key of user and be designated as key2, by true No. ID of described location node, described random secret key key1, the secret key key2 three of described user carry out computing according to preset rules, obtains No. ID after encrypting, broadcast in broadcast data No. ID after encryption with random secret key key1.

Preferably, described preset rules is:

(1) by described true No. ID, described random secret key key1 and the secret key key2 of described user is converted to binary sequence;

(2) everybody of described random secret key key1 and the secret key key2 of described user is carried out XOR and obtain key3;

(3) everybody of described key3 and described true No. ID is carried out XOR and obtain after encrypting No. ID.

Preferably, the time interval of the real-time change of described random secret key key1 Stochastic choice within the scope of prefixed time interval.

Preferably, described prefixed time interval scope comprises 1 day, 3 days, 5 days, and the ID transformation period of each node is irregular, and the difficulty that cracks of encryption system is significantly increased.

Preferably, described location node is iBeacon node, No. ID of described iBeacon node comprises UUID identifier, Major identifier and Minor identifier, described UUID identifier comprises 16 bytes, namely 128, described Major identifier comprises 2 bytes, namely 16, described Minor identifier comprises 2 bytes, namely 16.

Preferably, described random secret key key1 extracts some compositions respectively from described Major identifier and described Minor identifier, and the remaining bit of described Major identifier and described Minor identifier is encrypted.

Preferably, some positions that described random secret key key1 extracts from described Major identifier are first 6, some positions that described random secret key key1 extracts from described Minor identifier are first 4, totally 10, latter 10 of described Major identifier are encrypted totally with latter 12 (22) of described Minor identifier.

Preferably, decrypting end is decrypted process with the described random secret key key1 received to No. ID after the described encryption received according to known deciphering rule, obtains real No. ID.

The decryption method being provided with the encryption method of user's secret key key2 is: decrypting end is decrypted process according to known exposition rule, user secret key key2 and the described random secret key key1 that receives to No. ID after the described encryption received, and obtains real No. ID.

The beneficial effect of the safety protecting method of location node of the present invention is:

By in the broadcast data of location node, intercept wherein N position as random secret key and real-time change, the ID of node is constantly changed, cannot by counterfeit and rub use, in addition, this cipher mode does not need location node and terminal to have precise time synchronized relation, makes the stability of encryption system stronger.

The foregoing is only embodiments of the invention; not thereby the scope of the claims of the present invention is limited; every utilize description of the present invention to do equivalent structure or equivalent flow process conversion; or be directly or indirectly used in other relevant technical field, be all in like manner included in scope of patent protection of the present invention.

Claims (10)

1. a safety protecting method for location node, is characterized in that, comprises the following steps:
In the broadcast data of location node, intercept wherein N position as random secret key, be designated as key1, described random secret key key1 real-time change, during each change, digits produces at random, then carry out computing with described random secret key key1 according to preset rules by true No. ID of described location node, obtain No. ID after encrypting, in broadcast data, broadcast No. ID and random secret key key1 after encryption.
2. the safety protecting method of location node according to claim 1, is characterized in that, the preset rules of described random secret key key1 and described true No. ID makes XOR respectively for presetting position.
3. the safety protecting method of location node according to claim 1, it is characterized in that, be provided with the secret key of user and be designated as key2, by true No. ID of described location node, described random secret key key1, the secret key key2 three of described user carry out computing according to preset rules, obtain No. ID after encrypting, in broadcast data, broadcast No. ID and random secret key key1 after encryption.
4. the safety protecting method of location node according to claim 3, is characterized in that, described preset rules is:
(1) by described true No. ID, described random secret key key1 and the secret key key2 of described user is converted to binary sequence;
(2) everybody of described random secret key key1 and the secret key key2 of described user is carried out XOR and obtain key3;
(3) everybody of described key3 and described true No. ID is carried out XOR and obtain after encrypting No. ID.
5. the safety protecting method of location node according to claim 1, is characterized in that, time interval Stochastic choice within the scope of prefixed time interval of the real-time change of described random secret key key1.
6. the safety protecting method of location node according to claim 5, is characterized in that, described prefixed time interval scope comprises 1 day, 3 days, 5 days.
7. the safety protecting method of location node according to claim 1, it is characterized in that, described location node is iBeacon node, No. ID of described iBeacon node comprises UUID identifier, Major identifier and Minor identifier, and described UUID identifier comprises 16 bytes, namely 128, described Major identifier comprises 2 bytes, namely 16, described Minor identifier comprises 2 bytes, namely 16.
8. the safety protecting method of location node according to claim 7, it is characterized in that, described random secret key key1 extracts some compositions respectively from described Major identifier and described Minor identifier, and the remaining bit of described Major identifier and described Minor identifier is encrypted.
9. the safety protecting method of location node according to claim 8, it is characterized in that, some positions that described random secret key key1 extracts from described Major identifier are first 6, some positions that described random secret key key1 extracts from described Minor identifier are first 4, and latter 10 of described Major identifier are encrypted with latter 12 of described Minor identifier.
10. the safety protecting method of location node according to claim 1, it is characterized in that, decrypting end is decrypted process with the described random secret key key1 received to No. ID after the described encryption received according to known deciphering rule, obtains real No. ID.
CN201510936258.7A 2015-12-16 2015-12-16 A kind of safety protecting method of positioning node CN105554744B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510936258.7A CN105554744B (en) 2015-12-16 2015-12-16 A kind of safety protecting method of positioning node

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510936258.7A CN105554744B (en) 2015-12-16 2015-12-16 A kind of safety protecting method of positioning node

Publications (2)

Publication Number Publication Date
CN105554744A true CN105554744A (en) 2016-05-04
CN105554744B CN105554744B (en) 2019-04-09

Family

ID=55833631

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510936258.7A CN105554744B (en) 2015-12-16 2015-12-16 A kind of safety protecting method of positioning node

Country Status (1)

Country Link
CN (1) CN105554744B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106056867A (en) * 2016-06-30 2016-10-26 北京奇虎科技有限公司 Monitoring method and apparatus
CN106407794A (en) * 2016-11-16 2017-02-15 杭州微飞胜科技有限公司 Method for preventing beaconing devices from being forged or copied

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103326853A (en) * 2012-03-22 2013-09-25 中兴通讯股份有限公司 Method and device for upgrading secret key
CN103929297A (en) * 2014-04-17 2014-07-16 福建联迪商用设备有限公司 Communication method, encryption method and device for POS and mobile terminal and POS
WO2014121294A1 (en) * 2013-02-04 2014-08-07 Shopkick, Inc. Presence detection using bluetooth and hybrid-mode transmitters
CN104980918A (en) * 2014-04-04 2015-10-14 阿里巴巴集团控股有限公司 Beacon data transmission method, beacon data transmission device, method of providing service based on beacon and device of providing service based on beacon

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103326853A (en) * 2012-03-22 2013-09-25 中兴通讯股份有限公司 Method and device for upgrading secret key
WO2014121294A1 (en) * 2013-02-04 2014-08-07 Shopkick, Inc. Presence detection using bluetooth and hybrid-mode transmitters
CN104980918A (en) * 2014-04-04 2015-10-14 阿里巴巴集团控股有限公司 Beacon data transmission method, beacon data transmission device, method of providing service based on beacon and device of providing service based on beacon
CN103929297A (en) * 2014-04-17 2014-07-16 福建联迪商用设备有限公司 Communication method, encryption method and device for POS and mobile terminal and POS

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106056867A (en) * 2016-06-30 2016-10-26 北京奇虎科技有限公司 Monitoring method and apparatus
CN106407794A (en) * 2016-11-16 2017-02-15 杭州微飞胜科技有限公司 Method for preventing beaconing devices from being forged or copied
CN106407794B (en) * 2016-11-16 2019-04-02 杭州微飞胜科技有限公司 A method of prevent beacon equipment to be forged or replicate

Also Published As

Publication number Publication date
CN105554744B (en) 2019-04-09

Similar Documents

Publication Publication Date Title
Otway et al. Efficient and timely mutual authentication
Jakobsson et al. Security weaknesses in Bluetooth
TWI280768B (en) Method and apparatus for security in a data processing system
CN102239719B (en) Verifying neighbor cell
Capkun et al. Secure positioning in wireless networks
Shao et al. pDCS: Security and privacy support for data-centric sensor networks
Yang et al. Multimedia cloud transmission and storage system based on internet of things
US20050208891A1 (en) Integration of secure identification logic into cell phone
Varshney The status and future of 802.11-based WLANs
US20030072450A1 (en) Method and apparatus for providing privacy of user identity and characteristics in a communication system
AU766534B2 (en) Method and arrangement for managing a service in a mobile communications system
US20130188538A1 (en) Method, apparatus, and computer program product for short-range communication based direction finding
ES2621990T3 (en) System and procedures for coding exchanges with a shared ephemeral key data set
Cunche I know your MAC Address: Targeted tracking of individual using Wi-Fi
TW429721B (en) Method for two party authentication and key agreement
US20110078443A1 (en) Method and system for secure communications on a managed network
GB2415875A (en) Wireless service point networks
CA2654830A1 (en) Network identity and timezone (nitz) functionality for non-3gpp devices
RU2015106926A (en) Quick initial link detection frames
RU2416882C2 (en) Generating security keys in next-generation mobile communication networks
ES2732548T3 (en) Discovery of trust in a communications network
RU2009112619A (en) Method and system for safe processing of key authentication material in a wireless ad nose network
CN102422659B (en) Method and apparatus for using pseudonyms in a wireless network
TW200917781A (en) Techniques for secure channelization between UICC and a terminal
CN1223227C (en) Positioning method for AGPS mobile phone in mobile communication network

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant