CN106920302B - For the method for unlocking of Internet of Things lock, master device, from apparatus and system - Google Patents
For the method for unlocking of Internet of Things lock, master device, from apparatus and system Download PDFInfo
- Publication number
- CN106920302B CN106920302B CN201710029091.5A CN201710029091A CN106920302B CN 106920302 B CN106920302 B CN 106920302B CN 201710029091 A CN201710029091 A CN 201710029091A CN 106920302 B CN106920302 B CN 106920302B
- Authority
- CN
- China
- Prior art keywords
- password
- master device
- spare
- primary
- unlocking
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00309—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00571—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00857—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00857—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
- G07C2009/00865—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed remotely by wireless communication
Abstract
The step of the invention discloses a kind of for the method for unlocking of Internet of Things lock, master device, from apparatus and system, is related to entrance guard management technical field, is executed in this method from master device includes: to sending the order obtained from equipment safety information from device;The security information returned from device is received, safety verification is carried out;After safety verification passes through, request of unlocking is sent to from device, wherein includes: the primary password of master device and the spare password of master device in request of unlocking;Receive the unlocking result returned from device according to request of unlocking.It can be seen that the safety of Internet of Things lock system, robustness, compatibility greatly improved by Double-puzzle management system by the present invention.
Description
Technical field
The present invention relates to entrance guard management technical fields, and in particular to it is a kind of for Internet of Things lock method for unlocking, master device, from
Apparatus and system.
Background technique
Internet of Things communicates cognition technology by Intellisense, identification technology and general fit calculation etc., is widely used in network
In fusion.In Internet of Things, object is connected with internet, carries out information exchange and communication.Internet of Things lock, which refers to, is different from traditional machine
Tool lock, in user's identification, safety, the more intelligentized lockset of managerial aspect.
In the implementation of the present invention, following problem: single cipher management system exists in the prior art in inventor
There are management difficulties after cryptocompromise for system greatly, lock core cipher updates the disadvantages of management cost is high, man-in-the-middle attack protective capacities is poor.
Summary of the invention
In view of the above problems, the embodiment of the present invention provide it is a kind of solve the above problems for Internet of Things lock method for unlocking,
Master device, from apparatus and system.
One aspect according to an embodiment of the present invention provides a kind of method for unlocking for Internet of Things lock, by master device
It executes, this method comprises: to the order obtained from equipment safety information is sent from device;Receive the safety letter returned from device
Breath carries out safety verification;After safety verification passes through, request of unlocking is sent to from device, wherein includes: master in request of unlocking
The primary password of device and the spare password of master device;Receive the unlocking result returned from device according to request of unlocking.
Optionally, further comprising to before sending the step of unlocking request from device: it is regular according to preset replacement,
Replace the primary password of master device and the spare password of master device.
Optionally, according to preset replacement rule, the step of primary password of replacement master device and master device spare password, has
Body includes: to replace the spare password of former master device, the spare password of master device after being replaced with the former primary password of master device;According to
Preset password create-rule generates new password, and to replace the primary password of former master device, the master device after being replaced is primary
Password.
Optionally, further comprising to before sending the step of unlocking request from device:, will after safety verification passes through
Initialization information is sent to from device, wherein initialization information includes: the primary password of master device and the spare password of master device;And
Receive the initialization result returned from device.
Other side according to an embodiment of the present invention provides a kind of method for unlocking for Internet of Things lock, by from dress
Execution is set, this method comprises: receiving the acquisition of master device transmission from the order of equipment safety information;Safety letter is sent to master device
Breath;The unlocking request that master device is sent is received, and the primary password of master device and master device for including in request of unlocking is spare close
Code is compared with from the primary password of device and from the spare password of device;When comparison result be by when, execute unlocking operation, and
The unlocking result of successful types is returned to master device.
Optionally, further comprise before the step of receiving the unlocking request that master device is sent: receiving master device and send
Initialization information, wherein initialization information includes: the primary password of master device and the spare password of master device;Master device is primary
Password is set as initial from the primary password of device, sets initial from the spare password of device for the spare password of master device.
Optionally, by unlock request in include the primary password of master device and the spare password of master device with it is primary close from device
Code and the step of being compared from the spare password of device, specifically include: by the primary password of master device respectively and from the primary password of device
It is compared with from the spare password of device;By the spare password of master device respectively and from the primary password of device and from the spare password of device
It is compared;When the primary password of master device with from the primary password of device the spare password of identical and master device with from the spare password of device
When identical, alternatively, when the primary password of master device is different from from the primary password of device but the spare password of master device with it is primary from device
When password is identical, comparison result is to pass through.
Optionally, when the primary password of master device from from the primary password of device the spare password of different but master device with from device master
When identical with password, will unlock request in include the primary password of master device and the spare password of master device with it is primary close from device
Code and the step of be compared from the spare password of device after further comprise: it is spare according to the primary password of master device and master device
Password, replacement is from the primary password of device and from the spare password of device.
Optionally, replacement is specifically included from the step of primary password of device and password spare from device: primary with master device
The former primary password of slave device from the primary password of device, after being replaced of password replacement;With master device spare password replacement it is former from
The spare password of device, the spare password of slave device after being replaced.
According to another aspect of the invention, it provides a kind of for executing the master device of Internet of Things lock method for unlocking, the master
Device includes: security information order unit, for sending the order obtained from equipment safety information to from device;Security information is tested
Unit is demonstrate,proved, for receiving the security information returned from device, carries out safety verification;Unlocking request transmitting unit, for when safety
After being verified, request of unlocking is sent to from device, wherein includes: that the primary password of master device and master device are standby in request of unlocking
Use password;Unlocking result receiving unit, for receiving the unlocking result returned from device according to request of unlocking.
Optionally, further comprise before unlocking request transmitting unit: master device cipher change unit, for according to pre-
If replacement rule, the primary password of replacement master device and the spare password of master device.
Optionally, master device cipher change unit is specifically used for: it is spare to replace former master device with the former primary password of master device
Password, the spare password of master device after being replaced;New password is generated according to preset password create-rule, to replace former master
The primary password of device, the primary password of master device after being replaced.
Optionally, further comprise before unlocking request transmitting unit: initialization information unit, for working as safety verification
By rear, initialization information is sent to from device, wherein initialization information includes: that the primary password of master device and master device are standby
Use password;And receive the initialization result returned from device.
Another aspect according to the present invention provides a kind of for executing the slave device of Internet of Things lock method for unlocking, clump dress
Setting includes: security information order receiving unit, for receiving the acquisition of master device transmission from the order of equipment safety information;Safety
Information returning unit, for sending security information to master device;Unlocking requesting processing, for receiving opening for master device transmission
Lock request, and by unlock request in include the primary password of master device and the spare password of master device with from the primary password of device and from
The spare password of device is compared;Unlocking operation unit, for when comparison result be by when, execute unlocking operation, and to master
The unlocking result of device return successful types.
Optionally, further comprise before unlocking requesting processing: initialization operation unit, for receiving master device
The initialization information of transmission, wherein initialization information includes: the primary password of master device and the spare password of master device;By master device
Primary password is set as initial from the primary password of device, sets initial spare close from device for the spare password of master device
Code.
Optionally, unlocking requesting processing is specifically used for: by the primary password of master device respectively and from the primary password of device
It is compared with from the spare password of device;By the spare password of master device respectively and from the primary password of device and from the spare password of device
It is compared;When the primary password of master device with from the primary password of device the spare password of identical and master device with from the spare password of device
When identical, alternatively, when the primary password of master device is different from from the primary password of device but the spare password of master device with it is primary from device
When password is identical, comparison result is to pass through.
Optionally, when the primary password of master device from from the primary password of device the spare password of different but master device with from device master
When identical with password, further comprise after unlocking requesting processing: from device cipher change unit, for according to main dress
Set primary password and the spare password of master device, replacement is from the primary password of device and from the spare password of device.
Optionally, it is specifically used for from device cipher change unit: former primary close from device with the primary password replacement of master device
Code, the primary password of slave device after being replaced;With the spare password replacement original of master device from the spare password of device, after obtaining replacement
The spare password of slave device.
Another aspect according to the present invention provides a kind of system for executing Internet of Things lock method for unlocking, including above-mentioned
Master device and above-mentioned from device.
It is according to the present invention it is a kind of for Internet of Things lock method for unlocking, master device, from apparatus and system, Double-puzzle can be used
Management system substitutes traditional single cipher management system, thus solves management difficulty after cryptocompromise of the existing technology
Greatly, lock core cipher updates the problems such as management cost is high, man-in-the-middle attack protective capacities is poor, achieves and greatly improves Internet of Things lock system
Safety, robustness, compatibility beneficial effect, be in addition also achieved at low cost cylinder side password update management, substantially
Reduce the man-in-the-middle attack risk of whole system.
The above description is only an overview of the technical scheme of the present invention, in order to better understand the technical means of the present invention,
And it can be implemented in accordance with the contents of the specification, and in order to allow above and other objects of the present invention, feature and advantage can
It is clearer and more comprehensible, the followings are specific embodiments of the present invention.
Detailed description of the invention
By reading the following detailed description of the preferred embodiment, various other advantages and benefits are common for this field
Technical staff will become clear.The drawings are only for the purpose of illustrating a preferred embodiment, and is not considered as to the present invention
Limitation.And throughout the drawings, the same reference numbers will be used to refer to the same parts.In the accompanying drawings:
Fig. 1 shows a kind of flow diagram of method for unlocking for Internet of Things lock of the offer of the embodiment of the present invention one;
Fig. 2 shows a kind of flow diagrams of the method for unlocking for Internet of Things lock provided by Embodiment 2 of the present invention;
Fig. 3 shows a kind of flow diagram of method for unlocking for Internet of Things lock of the offer of the embodiment of the present invention three;
Fig. 4 shows a kind of flow diagram of method for unlocking for Internet of Things lock of the offer of the embodiment of the present invention four;
Fig. 5 shows a kind of for executing the structure of the master device of Internet of Things lock method for unlocking of the offer of the embodiment of the present invention five
Schematic diagram;
Fig. 6 shows a kind of for executing the structure of the master device of Internet of Things lock method for unlocking of the offer of the embodiment of the present invention six
Schematic diagram;
Fig. 7 shows a kind of for executing the structure of the slave device of Internet of Things lock method for unlocking of the offer of the embodiment of the present invention seven
Schematic diagram;
Fig. 8 shows a kind of for executing the structure of the slave device of Internet of Things lock method for unlocking of the offer of the embodiment of the present invention eight
Schematic diagram;
Fig. 9 shows a kind of detailed process of the initialization step of the method for unlocking for Internet of Things lock in the embodiment of the present invention
Figure;
Figure 10 shows a kind of unlocking and cipher change step of the method for unlocking for Internet of Things lock in the embodiment of the present invention
Specific flow chart.
Specific embodiment
Exemplary embodiments of the present disclosure are described in more detail below with reference to accompanying drawings.Although showing the disclosure in attached drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure
It is fully disclosed to those skilled in the art.
Embodiment one
Fig. 1 shows a kind of flow diagram of method for unlocking for Internet of Things lock of the offer of the embodiment of the present invention one, such as
Shown in figure, this method is executed by master device, is specifically included:
Step S110: order of the acquisition from equipment safety information is sent to from device.
Wherein, security information is generally comprised from the identity information of device and/or status information etc..Master device is in order to subsequent
In step, corresponding unlocking cipher etc. can be inquired according to from the identity information of device, and/or, it can be according to from device
The corresponding operational order of state information searching etc., and operational order appropriate is issued, so needing to send to from device
Obtain the order from equipment safety information.Above-mentioned master device generally comprises the key and/or matched software of Internet of Things lock, uses
In sending operational order etc..It is above-mentioned that the lockset that Internet of Things are locked is generally comprised from device, for verifying the information of master device transmission, and hold
The preset operation of row, such as unlock or replace password etc..
Step S120: receiving the security information returned from device, carries out safety verification.
In order to improve the safety of Internet of Things lock, corresponding authorization message can be set to master device and from device, will own
Authorization message and the identity information from device and/or the identity information of master device are accordingly saved in preset database.For
Safety is further increased, each authorization message all can also be arranged an effective time, within the effective time, from
Device can respond the related command of master device transmission, and send out beyond master device after the effective time, is then no longer responded from device
The related command sent.
When receiving from the security information that device is returned according to the order of above-mentioned acquisition security information, master device needs root
Corresponding authorization message is inquired according to the identity information for the slave device for including in security information and the identity information of master device, and
Verify the timeliness of the authorization message.Only when safety verification passes through, subsequent step is just executed.
Step S130: after safety verification passes through, request of unlocking is sent to from device.
Wherein, unlocking in requesting includes: the primary password of master device and the spare password of master device.Above-mentioned password is for being sent to
Subsequent unlocking operation is carried out from device, and above-mentioned password is accordingly saved in preset database with the identity information from device
In.
Specifically, after safety verification passes through, master device be looked up from the preset database with from the corresponding main dress of device
The primary secret and spare password of master device is set, then will include that the unlocking request of above-mentioned password is sent to from device.
Step S140: the unlocking result returned from device according to request of unlocking is received.
When in step S130 unlocking request be sent to from device after, from device can according to unlock request make it is corresponding from
Reason, and unlocking result is returned into master device.Generally there are two types of situations for the unlocking result, and one is unlocking successful results, in addition
One is unlocking failure results.
It can be seen that in embodiments of the present invention, traditional single cipher management system is substituted by Double-puzzle management system,
Thus it solves the problems such as management difficulty is big, man-in-the-middle attack protective capacities is poor after cryptocompromise of the existing technology, obtains
Greatly improve the safety of Internet of Things lock systems, robustness, compatibility beneficial effect.
Embodiment two
Fig. 2 shows a kind of flow diagrams of the method for unlocking for Internet of Things lock provided by Embodiment 2 of the present invention, such as
Described in figure, this method is executed by master device, which includes software platform (such as cell phone application) and the electricity for having communication function
Sub- key, this method specifically include:
Step S210: order of the acquisition from equipment safety information is sent to from device.
It in embodiments of the present invention, is the lock core of Internet of Things lock from device, the lock core and electron key are built by physical interface
Vertical communication, and pass through the reading of TD/T1363 protocol realization data and authentication management on this basis.
Specifically, when electron key discloses upper lock core, electron key can send enabling signal to software platform.When software is flat
After platform receives the enabling signal of electron key transmission, software platform can be sent by the electron key being connected with lock core and obtain lock
The order of core security information.
Step S220: receiving the security information returned from device, carries out safety verification.
In order to improve the safety of Internet of Things lock, corresponding authorization message can be set to master device and from device, will own
Authorization message and the identity information from device and/or the identity information of master device are accordingly saved in preset database.For
Safety is further increased, each authorization message all can also be arranged an effective time, within the effective time, from
Device can respond the related command of master device transmission, and send out beyond master device after the effective time, is then no longer responded from device
The related command sent.
It specifically, can be by the security information and electronics key after electron key receives the security information of lock core return
The identity information (i.e. the unique identifier of electron key) of spoon is all sent to software platform.Wherein, it is included at least in security information
The identity information of lock core (i.e. the unique identifier of lock core).At this point, software platform can be inquired respectively from preset database
Electron key and the corresponding authorization message of lock core, and safety verification is carried out to authorization message, that is, verify the timeliness of its authorization message
Property.When electron key and the corresponding authorization message of lock core are effective, the result of safety verification is to pass through.
Step S230: according to preset replacement rule, the primary password of replacement master device and the spare password of master device.
The step is optional step, can be according to preset replacement rule, more in order to further increase the safety of system
The primary password of master device and the spare password of master device in change owner device.Specifically, former main with the primary password replacement of former master device
The spare password of device, the spare password of master device after being replaced;And new password is generated according to preset password create-rule, it uses
The primary password of master device to replace the primary password of former master device, after being replaced.The replacement step can be with clocked flip, can also
Actively to be triggered by user, the present invention is not especially limit this, and those skilled in the art can be with flexible setting.Because
New password be automatically generated according to preset password create-rule, therefore the password be for a user it is opaque, because
This, can relatively well solve the problems, such as that internal staff divulges a secret.
Step S240: after safety verification passes through, initialization information being sent to from device, and is received and returned from device
Initialization result.
The step is also optional step, is mainly used for setting password when lock core enables for the first time or resets for lock core close
Code.Wherein, initialization information includes: the primary password of master device and the spare password of master device.
Specifically, after the safety verification in step S220 passes through, software platform will include the primary password of master device and master
The initialization information of the spare password of device is sent to lock core by the electron key connecting with lock core, and lock core is then believed according to initialization
Breath initializes.After completing initialization operation, lock core can return to initialization knot to software platform by electron key
Fruit.After the initializing operation, software platform can also further obtain the details of lock core.
It for security consideration, is transmitted again after initialization information being encrypted, common encryption is calculated
Method can be RC4 Encryption Algorithm.
Step S250: after safety verification passes through, request of unlocking is sent to from device.
After safety verification passes through, master device is looked up from the preset database primary secret with from the corresponding master device of device
Then the close and spare password of master device will include that the unlocking request of above-mentioned password is sent to from device.
Specifically, after the safety verification in step S220 passes through, software platform is searched and the lock core pair from database
The primary password of the master device answered and the spare password of master device, and by above-mentioned password be included in unlock request in, by with lock core phase
Electron key even is sent to lock core, to request lock core to execute unlocking operation.
Due to safety concerns, it can request to be transmitted again after being encrypted with dual lock, common Encryption Algorithm can
To be RC4 Encryption Algorithm.
Step S260: the unlocking result returned from device according to request of unlocking is received.
Specifically, after lock core receives above-mentioned unlocking request, which can verify the password etc. for including in request of unlocking
Information, and corresponding feedback is made, unlocking result is finally fed back into software platform by electron key.
It can be seen that in embodiments of the present invention, traditional single cipher management system is substituted by Double-puzzle management system,
Thus solve that management difficulty after cryptocompromise of the existing technology is big, lock core cipher updates that management cost is high, go-between attacks
Hit the problems such as protective capacities is poor, achieve the safety for greatly improving Internet of Things lock system, robustness, compatibility beneficial effect.
Meanwhile operation is updated by timing or artificial trigger password, using former primary password as spare password, former spare password is deleted
It removes, dynamic more new password is achieved the purpose that with this, and offline dynamic is carried out to lock core cipher by the daily unlocking operation of user
It updates and effectively manages, thus the Dynamic Management System for realizing low cost, extensively covering.In addition, by the Encryption Algorithm such as RC4 into
Row communication encryption, to preferably solve the problems, such as man-in-the-middle attack.
Embodiment three
Fig. 3 shows a kind of flow diagram of method for unlocking for Internet of Things lock of the offer of the embodiment of the present invention three, such as
Shown in figure, this method is specifically included by executing from device:
Step S310: the acquisition of master device transmission is received from the order of equipment safety information.
Wherein, security information is generally comprised from the identity information of device and/or status information etc..Above-mentioned master device is generally wrapped
The key and/or matched software for including Internet of Things lock, for issuing operational order etc..It is above-mentioned to generally comprise Internet of Things lock from device
Lockset and execute preset operation for verifying the information of master device transmission, such as unlock or replacement password etc..
From device after receiving security information order, the order can be parsed, and related data is searched according to command context.
Step S320: security information is sent to master device.
Because master device needs to verify the safety from device before carrying out other operations, therefore, connect from device needs
After receiving security information order, resolve command content, and the security information according to needed for security information order feedback master device.
Step S330: the unlocking request that master device is sent, and the primary password of master device that will include in request of unlocking are received
It is compared with the spare password of master device with from the primary password of device and from the spare password of device.
After receiving the unlocking request that master device is sent from device, unlocking request can be parsed from device, and therefrom mention
Take out the primary password of master device and the spare password of master device, and according to certain comparison rule by above-mentioned password with it is pre- from device
If the primary password of slave device and be compared from the spare password of device.The embodiment of the present invention does not limit comparison rule specifically
Fixed, those skilled in the art can flexibly set.
Step S340: when comparison result be by when, execute unlocking operation, and to master device return successful types unlocking
As a result.
When the comparison result in step S330 be by when, illustrate master device be have the right unlock device, therefore, from device
Unlocking operation is executed, and unlocking successful result is returned into master device.
When the comparison result in step S330 is not pass through, illustrate that master device is to have no right unlocking apparatus or master device transmission
Password it is wrong, do not execute unlocking operation from device, directly to master device return unlocking failure result.
It can be seen that in embodiments of the present invention, in embodiments of the present invention, substituting tradition by Double-puzzle management system
Single cipher management system, thus solve that management difficulty after cryptocompromise of the existing technology is big, man-in-the-middle attack protection
The problems such as ability is poor, achieve the safety for greatly improving Internet of Things lock system, robustness, compatibility beneficial effect.
Example IV
Fig. 4 shows a kind of flow diagram of method for unlocking for Internet of Things lock of the offer of the embodiment of the present invention four, such as
Shown in figure, this method should include the lock core for having communication function from device, this method specifically includes by executing from device:
Step S410: the acquisition of master device transmission is received from the order of equipment safety information.
In embodiments of the present invention, master device includes software platform (such as cell phone application) and the electronics for having communication function
Key.It is communicated from device (i.e. lock core) with electron key by physical interface foundation, and is assisted on this basis by TD/T1363
View realizes reading and the authentication management of data.For security consideration, which can be set as being only capable of by matching
Electron key communicated, it is possible thereby to which non-user personnel is avoided to carry out brokenly in the case where no electron key to lock core
Solution.
Specifically, the order of the acquisition lock core security information of software platform transmission is received by electron key when lock core
Afterwards, lock core can parse the order, and security related information needed for searching the order.
Step S420: security information is sent to master device.
Because master device needs to verify the safety from device before carrying out other operations, therefore, connect from device needs
After receiving security information order, resolve command content, and the security information according to needed for security information order feedback master device.
Specifically, when lock core parses the security information order that receives, and associated safety needed for finding the order is believed
After breath, which can return to software platform for above-mentioned security information by the electron key being attached thereto.Wherein, the safety
It include the identity information (i.e. the unique identifier of lock core) of lock core in information.
It in order to further improve the security, can also include for coded communication from the security information that device returns
Session code, the session code are similar to the identity information of encryption information.In communication process, all returned each time to master device from device
Different session codes is returned, master device needs subsidiary this time communication corresponding after receiving session code when sending information every time
Session code prevents other users from master device being pretended to be to communicate with from device it is possible thereby to guarantee the uniqueness of coded communication each time.
Step S430: the initialization information that master device is sent is received;Set initial from dress for the primary password of master device
Primary password is set, sets initial from the spare password of device for the spare password of master device.
The step is optional step, is mainly used for setting password when lock core enables for the first time or resets for lock core close
Code.Wherein, initialization information includes: the primary password of master device and the spare password of master device.
Specifically, when lock core receives the initialization information of software platform transmission, lock core is mentioned from the initialization information
The primary password of master device and the spare password of master device are taken out, and sets initial primary close from device for the primary password of master device
Code, sets initial from the spare password of device for the spare password of master device.After completing the initialization operation, lock core can be with
Initialization result information is returned to software platform.
When initialization information is encrypted ciphertext, lock core also needs to carry out the ciphertext according to corresponding Encryption Algorithm
Decryption, can just extract corresponding initialization information after decryption.
Step S440: the unlocking request that master device is sent, and the primary password of master device that will include in request of unlocking are received
It is compared with the spare password of master device with from the primary password of device and from the spare password of device.
After receiving the unlocking request that master device is sent from device, unlocking request can be parsed from device, and therefrom mention
Take out the primary password of master device and the spare password of master device, and according to certain comparison rule by above-mentioned password with it is pre- from device
If the primary password of slave device and be compared from the spare password of device.
In embodiments of the present invention, above-mentioned comparison rule are as follows: by the primary password of master device respectively and from the primary password of device
It is compared with from the spare password of device;By the spare password of master device respectively and from the primary password of device and from the spare password of device
It is compared;When the primary password of master device with from the primary password of device the spare password of identical and master device with from the spare password of device
When identical, alternatively, when the primary password of master device is different from from the primary password of device but the spare password of master device with it is primary from device
When password is identical, comparison result is to pass through.
When request of unlocking is encrypted ciphertext, also need to carry out the ciphertext according to corresponding Encryption Algorithm from device
Decryption can just extract corresponding request of unlocking after decryption.
Step S450: when the primary password of master device from from the primary password of device the spare password of different but master device with from device
When primary password is identical, according to the primary password of master device and the spare password of master device, replacement is from the primary password of device and from device
Spare password.
The step is optional step, and only working as the primary password of master device, different but master device is standby from from the primary password of device
It is just executed when identical as from the primary password of device with password.When there is above-mentioned comparable situation, the password of master device is illustrated
It is replaced, so, it is also required to carry out corresponding replacement from device.Specific replacing options provided in an embodiment of the present invention are as follows:
With the primary former primary password of slave device from the primary password of device, after being replaced of password replacement of master device;It is spare with master device
The former spare password of slave device from the spare password of device, after being replaced of password replacement.In other embodiments, art technology
Personnel can also be with other replacing options of flexible setting.
Because of the case where there are corresponding one of multiple master devices in practical applications from device, in this case, it is possible to
Occur part master device password replaced and part other master device cipher changes not in time the problem of.At this point it is possible to
Timer is set from device side, the timer is secondary for being recorded in can be used for the preceding Old Password of replacement in the certain time time limit
Number, to be used as buffer.For example, when timer initial number is 3, within default validity period, when there is a master device to use
When Old Password is unlocked before replacing, feedback operation is carried out as usual from device;New password after having a master device to replace carries out
When unlocking, the numerical value of counter is subtracted 1 after device progress feedback operation, i.e. the numerical value of this hour counter is kept to 2;With such
It pushes away, when the numerical value of counter is kept to 0 or default validity period expires, no longer receiving is used to the master device of Old Password from device
Unlocking request.At this point, ought occur that the primary password of master device is different from from the primary password of device but master device is spare close again
When code is identical as from the primary password of device, cipher change operation is executed from device.
Step S460: when comparison result be by when, execute unlocking operation, and to master device return successful types unlocking
As a result.
When the comparison result in step S440 be by when, illustrate master device be have the right unlock device, therefore, from device
Unlocking operation is executed, and unlocking successful result is returned into master device.
When the comparison result in step S440 is not pass through, illustrate that master device is to have no right unlocking apparatus or master device transmission
Password it is wrong, do not execute unlocking operation from device, directly to master device return unlocking failure result.
It can be seen that in embodiments of the present invention, traditional single cipher management system is substituted by Double-puzzle management system,
Thus solve that management difficulty after cryptocompromise of the existing technology is big, lock core cipher updates that management cost is high, go-between attacks
Hit the problems such as protective capacities is poor, achieve the safety for greatly improving Internet of Things lock system, robustness, compatibility beneficial effect.
Meanwhile operation is updated by timing or artificial trigger password, using former primary password as spare password, former spare password is deleted
It removes, dynamic more new password is achieved the purpose that with this, and offline dynamic is carried out to lock core cipher by the daily unlocking operation of user
It updates and effectively manages, thus the Dynamic Management System for realizing low cost, extensively covering.In addition, by the Encryption Algorithm such as RC4 into
Row communication encryption, to preferably solve the problems, such as man-in-the-middle attack.
In order to further facilitate the initialization step understood in the above method, Fig. 9 shows primary complete initialization step
Rapid process, specifically includes: 1, electron key discloses locking, and electron key sends enabling signal;2, software platform, which is sent, obtains lock
The order of core security information, and order is passed through by lock core by electron key;3, lock core returns to lock core security information and session
Code, and information is passed through by software platform by electron key;4, software platform carries out safety according to the security information received
Verifying;5, initialization information is encrypted using RC4 Encryption Algorithm to obtain ciphertext, and passes through electron key for ciphertext and step
3 session codes received pass through lock core together;6, lock core obtains initially according to the ciphertext that corresponding Encryption Algorithm decryption receives
Change information, and is initialized according to the initialization information;7, lock core is saturating by initialization operation result by electron key
It is transmitted to software platform;8, after software platform receives initialization operation result, the order for obtaining lock core details can be sent;
9, the order that lock core is sent according to software platform returns to lock core details.
In order to further facilitate the unlocking and cipher change step that understand in the above method, Figure 10 shows primary complete
The process unlocked with cipher change step, specifically includes: 1, electron key discloses locking, and electron key sends enabling signal;2, soft
Part platform sends the order for obtaining lock core security information, and order is passed through lock core by electron key;3, lock core returns to lock
Core security information and session code, and information is passed through by software platform by electron key;4, software platform is according to receiving
Security information carries out safety verification;5, after being encrypted using RC4 Encryption Algorithm to the unlocking request comprising the password after replacement
Ciphertext is obtained, and the session code that ciphertext and step 3 receive is passed through by lock core by electron key together;6, lock core is according to right
The ciphertext that receives of Encryption Algorithm decryption is answered to obtain request of unlocking, when the spare password of software platform and the primary password match of lock core,
And the numerical value of counter less than 1 when, execute unlocking operation simultaneously update the active and standby password of lock core;7, lock core passes through electron key to software
Platform returns to operating result.
Embodiment five
Fig. 5 shows a kind of for executing the structure of the master device of Internet of Things lock method for unlocking of the offer of the embodiment of the present invention five
Schematic diagram, the master device include: security information order unit 510, security information verification unit 520, unlocking request transmitting unit
530 and unlocking result receiving unit 540.
Security information order unit 510, for sending the order obtained from equipment safety information to from device.
Wherein, security information is generally comprised from the identity information of device and/or status information etc..Master device is in order to root
Corresponding unlocking cipher etc. is inquired according to from the identity information of device, and/or, it can be according to the state information searching from device
Corresponding operational order etc., and issue operational order appropriate, so security information order unit 510 is needed to from device
Send the order obtained from equipment safety information.Above-mentioned master device generally comprises the key of Internet of Things lock and/or matched soft
Part, for issuing operational order etc..It is above-mentioned that the lockset that Internet of Things are locked is generally comprised from device, for verifying the letter of master device transmission
Breath, and execute preset operation, such as unlock or replace password etc..
Security information verification unit 520 carries out safety verification for receiving the security information returned from device.
In order to improve the safety of Internet of Things lock, corresponding authorization message can be set to master device and from device, will own
Authorization message and the identity information from device and/or the identity information of master device are accordingly saved in preset database.For
Safety is further increased, each authorization message all can also be arranged an effective time, within the effective time, from
Device can respond the related command of master device transmission, and send out beyond master device after the effective time, is then no longer responded from device
The related command sent.
When receiving from the security information that device is returned according to the order of above-mentioned acquisition security information, security information verification
Unit 520 needs corresponding according to the identity information for the slave device for including in security information and the identity information inquiry of master device
Authorization message, and verify the timeliness of the authorization message.Only when safety verification passes through, subsequent cell could continue work
Make.
Unlocking request transmitting unit 530, for sending request of unlocking to from device after safety verification passes through.
Wherein, unlocking in requesting includes: the primary password of master device and the spare password of master device.Above-mentioned password is for being sent to
Subsequent unlocking operation is carried out from device, and above-mentioned password is accordingly saved in preset database with the identity information from device
In.
Specifically, after safety verification passes through, unlocking request transmitting unit 530 be looked up from the preset database with from dress
Set the primary secret and spare password of master device of corresponding master device, then by include above-mentioned password unlocking request be sent to from
Device.
Unlocking result receiving unit 540, for receiving the unlocking result returned from device according to request of unlocking.
After unlocking request transmitting unit 530, which will unlock, requests to be sent to from device, it can be done from device according to request of unlocking
Corresponding processing out, and unlocking result is returned into master device.Generally there are two types of situations for the unlocking result, and one is unlock successfully
As a result, another is unlocking failure result.
The concrete operating principle of above-mentioned each unit can refer to the description of corresponding steps in embodiment of the method, no longer superfluous herein
It states.
It can be seen that in embodiments of the present invention, traditional single cipher management system is substituted by Double-puzzle management system,
Thus it solves the problems such as management difficulty is big, man-in-the-middle attack protective capacities is poor after cryptocompromise of the existing technology, obtains
Greatly improve the safety of Internet of Things lock systems, robustness, compatibility beneficial effect.
Embodiment six
Fig. 6 shows a kind of for executing the structure of the master device of Internet of Things lock method for unlocking of the offer of the embodiment of the present invention six
Schematic diagram, the master device include software platform (such as cell phone application) and the electron key for having communication function, the master device packet
It includes: security information order unit 610, security information verification unit 620, master device cipher change unit 630, initialization information list
Member 640, unlocking request transmitting unit 650 and unlocking result receiving unit 660.
Security information order unit 610, for sending the order obtained from equipment safety information to from device.
It in embodiments of the present invention, is the lock core of Internet of Things lock from device, the lock core and electron key are built by physical interface
Vertical communication, and pass through the reading of TD/T1363 protocol realization data and authentication management on this basis.
Specifically, when electron key discloses upper lock core, electron key can security information order unit on software platform
610 send enabling signal.After security information order unit 610 receives the enabling signal of electron key transmission, security information
Order unit 610 can send the order for obtaining lock core security information by the electron key being connected with lock core.
Security information verification unit 620 carries out safety verification for receiving the security information returned from device.
In order to improve the safety of Internet of Things lock, corresponding authorization message can be set to master device and from device, will own
Authorization message and the identity information from device and/or the identity information of master device are accordingly saved in preset database.For
Safety is further increased, each authorization message all can also be arranged an effective time, within the effective time, from
Device can respond the related command of master device transmission, and send out beyond master device after the effective time, is then no longer responded from device
The related command sent.
It specifically, can be by the security information and electronics key after electron key receives the security information of lock core return
The identity information (i.e. the unique identifier of electron key) of spoon is all sent to the security information verification unit 620 on software platform.
Wherein, the identity information (i.e. the unique identifier of lock core) of lock core has been included at least in security information.At this point, security information verification
Unit 620 can inquire respectively electron key and the corresponding authorization message of lock core from preset database, and to authorization message into
Row safety verification verifies the timeliness of its authorization message.When electron key and the corresponding authorization message of lock core are effective,
The result of safety verification is to pass through.
Master device cipher change unit 630, for replacing the primary password of master device and main dress according to preset replacement rule
It purchases and uses password.
The unit is selectable unit, can be according to preset replacement rule, more in order to further increase the safety of system
The primary password of master device and the spare password of master device in change owner device.Specifically, former main with the primary password replacement of former master device
The spare password of device, the spare password of master device after being replaced;And new password is generated according to preset password create-rule, it uses
The primary password of master device to replace the primary password of former master device, after being replaced.The unit can be with clocked flip, can also be by
User actively triggers, and the present invention is not especially limit this, and those skilled in the art can be with flexible setting.Because of Xinmi City
Code be automatically generated according to preset password create-rule, therefore the password be for a user it is opaque, therefore, can
Relatively well to solve the problems, such as that internal staff divulges a secret.
Initialization information unit 640 for after safety verification passes through, initialization information to be sent to from device, and connects
Receive the initialization result returned from device.
The unit is also selectable unit, is mainly used for setting password when lock core enables for the first time or resets for lock core close
Code.Wherein, initialization information includes: the primary password of master device and the spare password of master device.
Specifically, the initialization information after safety verification in security information verification unit 620 passes through, on software platform
Initialization information comprising the primary password of master device and the spare password of master device is passed through the electronics key that connect with lock core by unit 640
Spoon is sent to lock core, and lock core is then initialized according to initialization information.After completing initialization operation, lock core can pass through
Electron key returns to initialization result to initialization information unit 640.After the initializing operation, initialization information unit 640 is gone back
The details of lock core can further be obtained.
For security consideration, initialization information unit 640 carries out again after initialization information being encrypted
Transmission, common Encryption Algorithm can be RC4 Encryption Algorithm.
Unlocking request transmitting unit 650, for sending request of unlocking to from device after safety verification passes through.
After safety verification passes through, master device is looked up from the preset database primary secret with from the corresponding master device of device
Then the close and spare password of master device will include that the unlocking request of above-mentioned password is sent to from device.
Specifically, after the safety verification in security information verification unit 620 passes through, hair is requested in the unlocking on software platform
Unit 650 is sent to search the primary password of corresponding with lock core master device and the spare password of master device from database, and will be above-mentioned
Password is included in request of unlocking, and is sent to lock core by the electron key being connected with lock core, to request lock core to execute the behaviour that unlocks
Make.
Due to safety concerns, unlocking request transmitting unit 650 can request to be passed again after being encrypted with dual lock
Defeated, common Encryption Algorithm can be RC4 Encryption Algorithm.
Unlocking result receiving unit 660, for receiving the unlocking result returned from device according to request of unlocking.
Specifically, after lock core receives above-mentioned unlocking request, which can verify the password etc. for including in request of unlocking
Information, and corresponding feedback is made, unlocking result is finally fed back into the unlocking result on software platform by electron key and is connect
Receive unit 660.
The concrete operating principle of above-mentioned each unit can refer to the description of corresponding steps in embodiment of the method, no longer superfluous herein
It states.
It can be seen that in embodiments of the present invention, traditional single cipher management system is substituted by Double-puzzle management system,
Thus solve that management difficulty after cryptocompromise of the existing technology is big, lock core cipher updates that management cost is high, go-between attacks
Hit the problems such as protective capacities is poor, achieve the safety for greatly improving Internet of Things lock system, robustness, compatibility beneficial effect.
Meanwhile operation is updated by timing or artificial trigger password, using former primary password as spare password, former spare password is deleted
It removes, dynamic more new password is achieved the purpose that with this, and offline dynamic is carried out to lock core cipher by the daily unlocking operation of user
It updates and effectively manages, thus the Dynamic Management System for realizing low cost, extensively covering.In addition, by the Encryption Algorithm such as RC4 into
Row communication encryption, to preferably solve the problems, such as man-in-the-middle attack.
Embodiment seven
Fig. 7 shows a kind of for executing the structure of the slave device of Internet of Things lock method for unlocking of the offer of the embodiment of the present invention seven
Schematic diagram, the device specifically include: security information order receiving unit 710, security information return unit 720, at unlocking request
Manage unit 730 and unlocking operation unit 740.
Security information order receiving unit 710, for receiving the acquisition of master device transmission from the order of equipment safety information.
Wherein, security information is generally comprised from the identity information of device and/or status information etc..Above-mentioned master device is generally wrapped
The key and/or matched software for including Internet of Things lock, for issuing operational order etc..It is above-mentioned to generally comprise Internet of Things lock from device
Lockset and execute preset operation for verifying the information of master device transmission, such as unlock or replacement password etc..
Security information order receiving unit 710 sends a command to subsequent cell after receiving security information order, uses
Related data is searched in the parsing order, and according to command context.
Security information return unit 720, for sending security information to master device.
Because master device needs to verify the safety from device, therefore, when security information order before carrying out other operations
After receiving unit 710 receives security information order, security information return unit 720 needs resolve command content, and according to peace
Security information needed for master device is fed back in full information order.
Unlocking requesting processing 730, the unlocking for receiving master device transmission are requested, and include in the request that will unlock
The primary password of master device and the spare password of master device are compared with from the primary password of device and from the spare password of device.
After receiving the unlocking request of master device transmission, unlocking requesting processing 730 can parse unlocking request, and
Therefrom extract the primary password of master device and the spare password of master device, and according to certain comparison rule by above-mentioned password with from dress
It is preset in setting to be compared from the primary password of device and from the spare password of device.The embodiment of the present invention is not made to have to comparison rule
Body limits, and those skilled in the art can flexibly set.
Unlocking operation unit 740, for when comparison result be by when, execute unlocking operation, and to master device return at
The unlocking result of function type.
When the comparison result in unlocking requesting processing 730 be by when, illustrate master device be have the right unlock device,
Therefore, unlocking operation unit 740 executes unlocking operation, and unlocking successful result is returned to master device.
When the comparison result in unlocking requesting processing 730 is not pass through, illustrate that master device is to have no right unlocking apparatus
Or the password that master device is sent is wrong, unlocking operation unit 740 does not execute unlocking operation, directly returns to failure of unlocking to master device
As a result.
The concrete operating principle of above-mentioned each unit can refer to the description of corresponding steps in embodiment of the method, no longer superfluous herein
It states.
It can be seen that in embodiments of the present invention, in embodiments of the present invention, substituting tradition by Double-puzzle management system
Single cipher management system, thus solve that management difficulty after cryptocompromise of the existing technology is big, man-in-the-middle attack protection
The problems such as ability is poor, achieve the safety for greatly improving Internet of Things lock system, robustness, compatibility beneficial effect.
Embodiment eight
Fig. 8 shows a kind of for executing the structure of the slave device of Internet of Things lock method for unlocking of the offer of the embodiment of the present invention eight
Schematic diagram should include the lock core for having communication function from device, should specifically include from device: security information order receiving unit
810, security information return unit 820, initialization operation unit 830, unlocking requesting processing 840, from device cipher change
Unit 850 and unlocking operation unit 860
Security information order receiving unit 810, for receiving the acquisition of master device transmission from the order of equipment safety information.
In embodiments of the present invention, master device includes software platform (such as cell phone application) and the electronics for having communication function
Key.It is communicated from device (i.e. lock core) with electron key by physical interface foundation, and is assisted on this basis by TD/T1363
View realizes reading and the authentication management of data.For security consideration, which can be set as being only capable of by matching
Electron key communicated, it is possible thereby to which non-user personnel is avoided to carry out brokenly in the case where no electron key to lock core
Solution.
Specifically, when the security information order receiving unit 810 on lock core receives software platform hair by electron key
After the order for the acquisition lock core security information sent, security information order receiving unit 810 can send a command to subsequent cell, use
Related data is searched in the parsing order, and according to command context.
Security information return unit 820, for sending security information to master device.
Because master device needs to verify the safety from device, therefore, when security information order before carrying out other operations
After receiving unit 810 receives security information order, security information return unit 820 needs resolve command content, and according to peace
Security information needed for master device is fed back in full information order.
Specifically, it when the security information order that the parsing of security information return unit 820 on lock core receives, and finds
After security related information needed for the order, security information return unit 820 can be by the electron key being attached thereto, will be above-mentioned
Security information returns to software platform.It wherein, include identity information (the i.e. unique identification of lock core of lock core in the security information
Code).
In order to further improve the security, can also include in the security information that security information return unit 820 returns
For the session code of coded communication, which is similar to the identity information of encryption information.In communication process, security information is returned
Receipt member 820 all returns to different session codes to master device each time, and master device sends letter after receiving session code, each
Needing this subsidiary time to communicate corresponding session code when breath prevents other it is possible thereby to guarantee the uniqueness of coded communication each time
User pretends to be master device to communicate with from device.
Initialization operation unit 830, for receiving the initialization information of master device transmission;By the primary password setting of master device
To be initial from the primary password of device, set initial from the spare password of device for the spare password of master device.
The unit is selectable unit, is mainly used for setting password when lock core enables for the first time or resets for lock core close
Code.Wherein, initialization information includes: the primary password of master device and the spare password of master device.
Specifically, when the initialization operation unit 830 on lock core receives the initialization information of software platform transmission, just
Beginningization operating unit 830 extracts the primary password of master device and the spare password of master device from the initialization information, and by main dress
It sets primary password and is set as initial from the primary password of device, set initial spare close from device for the spare password of master device
Code.After completing the initialization operation, initialization operation unit 830 can also return to initialization result information to software platform.
When initialization information is encrypted ciphertext, initialization operation unit 830 also needs to be calculated according to corresponding encryption
The ciphertext is decrypted in method, can just extract corresponding initialization information after decryption.
Unlocking requesting processing 840, the unlocking for receiving master device transmission are requested, and include in the request that will unlock
The primary password of master device and the spare password of master device are compared with from the primary password of device and from the spare password of device.
After unlocking requesting processing 840 receives the unlocking request of master device transmission, unlocking requesting processing 840
Unlocking request can be parsed, and therefrom extracts the primary password of master device and the spare password of master device, and according to certain comparison
Above-mentioned password is compared with preset from device from the primary password of device and from the spare password of device by rule.
In embodiments of the present invention, above-mentioned comparison rule are as follows: by the primary password of master device respectively and from the primary password of device
It is compared with from the spare password of device;By the spare password of master device respectively and from the primary password of device and from the spare password of device
It is compared;When the primary password of master device with from the primary password of device the spare password of identical and master device with from the spare password of device
When identical, alternatively, when the primary password of master device is different from from the primary password of device but the spare password of master device with it is primary from device
When password is identical, comparison result is to pass through.
When request of unlocking is encrypted ciphertext, unlocking requesting processing 840 also needs to be calculated according to corresponding encryption
The ciphertext is decrypted in method, can just extract corresponding request of unlocking after decryption.
From device cipher change unit 850, for working as the primary password of master device dress different but main from from the primary password of device
When purchasing identical as from the primary password of device with password, according to the primary password of master device and the spare password of master device, replace from dress
Set primary password and from the spare password of device.
The unit is selectable unit, and only working as the primary password of master device, different but master device is standby from from the primary password of device
It is just executed when identical as from the primary password of device with password.When there is above-mentioned comparable situation, the password of master device is illustrated
It is replaced, so, it is also required to carry out corresponding replacement from device.Specific replacing options provided in an embodiment of the present invention are as follows:
With the primary former primary password of slave device from the primary password of device, after being replaced of password replacement of master device;It is spare with master device
The former spare password of slave device from the spare password of device, after being replaced of password replacement.In other embodiments, art technology
Personnel can also be with other replacing options of flexible setting.
Because of the case where there are corresponding one of multiple master devices in practical applications from device, in this case, it is possible to
Occur part master device password replaced and part other master device cipher changes not in time the problem of.At this point it is possible to
Timer is set from device side, the timer is secondary for being recorded in can be used for the preceding Old Password of replacement in the certain time time limit
Number, to be used as buffer.For example, when timer initial number is 3, within default validity period, when there is a master device to use
When Old Password is unlocked before replacing, feedback operation is carried out as usual from device;New password after having a master device to replace carries out
When unlocking, the numerical value of counter is subtracted 1 after device progress feedback operation, i.e. the numerical value of this hour counter is kept to 2;With such
It pushes away, when the numerical value of counter is kept to 0 or default validity period expires, no longer receiving is used to the master device of Old Password from device
Unlocking request.At this point, ought occur that the primary password of master device is different from from the primary password of device but master device is spare close again
When code is identical as from the primary password of device, cipher change operation is executed from device.
Unlocking operation unit 860, for when comparison result be by when, execute unlocking operation, and to master device return at
The unlocking result of function type.
When the comparison result in unlocking requesting processing 840 be by when, illustrate master device be have the right unlock device,
Therefore, unlocking operation unit 860 executes unlocking operation, and unlocking successful result is returned to master device.
When the comparison result in unlocking requesting processing 840 is not pass through, illustrate that master device is to have no right unlocking apparatus
Or the password that master device is sent is wrong, unlocking operation unit 860 does not execute unlocking operation, directly returns to failure of unlocking to master device
As a result.
The concrete operating principle of above-mentioned each unit can refer to the description of corresponding steps in embodiment of the method, no longer superfluous herein
It states.
It can be seen that in embodiments of the present invention, traditional single cipher management system is substituted by Double-puzzle management system,
Thus solve that management difficulty after cryptocompromise of the existing technology is big, lock core cipher updates that management cost is high, go-between attacks
Hit the problems such as protective capacities is poor, achieve the safety for greatly improving Internet of Things lock system, robustness, compatibility beneficial effect.
Meanwhile operation is updated by timing or artificial trigger password, using former primary password as spare password, former spare password is deleted
It removes, dynamic more new password is achieved the purpose that with this, and offline dynamic is carried out to lock core cipher by the daily unlocking operation of user
It updates and effectively manages, thus the Dynamic Management System for realizing low cost, extensively covering.In addition, by the Encryption Algorithm such as RC4 into
Row communication encryption, to preferably solve the problems, such as man-in-the-middle attack.
Embodiment nine
The embodiment of the present invention nine provides a kind of system for executing Internet of Things lock method for unlocking, which includes above-mentioned
Master device in Installation practice and from device.The specific structure and working principle of above-mentioned each device can refer to Installation practice
The description of middle corresponding units, details are not described herein again.
In addition, it will be appreciated by those of skill in the art that although some embodiments in this include institute in other embodiments
Including certain features rather than other feature, but the combination of the feature of different embodiment means in the scope of the present invention
Within and form different embodiments.For example, in the following claims, embodiment claimed it is any it
One can in any combination mode come using.
Various component embodiments of the invention can be implemented in hardware, or to run on one or more processors
Software module realize, or be implemented in a combination thereof.It will be understood by those of skill in the art that can be used in practice
Microprocessor or digital signal processor (DSP) realize some or all portions in device according to an embodiment of the present invention
The some or all functions of part.The present invention is also implemented as a part or complete for executing method as described herein
The device or device program (for example, computer program and computer program product) in portion.It is such to realize program of the invention
It can store on a computer-readable medium, or may be in the form of one or more signals.Such signal can be with
It downloads from internet website, is perhaps provided on the carrier signal or is provided in any other form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and ability
Field technique personnel can be designed alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference symbol between parentheses should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not
Element or step listed in the claims.Word "a" or "an" located in front of the element does not exclude the presence of multiple such
Element.The present invention can be by means of including the hardware of several different elements and being come by means of properly programmed computer real
It is existing.In the unit claims listing several devices, several in these devices can be through the same hardware branch
To embody.The use of word first, second, and third does not indicate any sequence.These words can be explained and be run after fame
Claim.
Claims (11)
1. a kind of method for unlocking for Internet of Things lock, is executed, which is characterized in that specifically include by master device:
Order of the acquisition from equipment safety information is sent to from device;
Receive the security information that said slave device returns, carry out safety verification, wherein according in the security information include from
The identity information of device and the identity information of the master device inquire corresponding authorization message, and verify the authorization message
Timeliness;
After the safety verification passes through, according to preset replacement rule, the primary password of replacement master device and master device are spare close
Code, to said slave device send unlock request, wherein it is described unlock request in include: replacement after the primary password of master device and
The spare password of master device after replacement;Preset replacement rule specifically includes: replacing former master device with the former primary password of master device
Spare password, the spare password of master device after being replaced;New password is generated according to preset password create-rule, to replace
The former primary password of master device, the primary password of master device after being replaced;
It is according to unlocking request that the primary password of the master device is primary close with said slave device respectively to receive said slave device
Code and the spare password of said slave device be compared, and by the spare password of the master device respectively with the primary password of said slave device
The unlocking result returned after being compared with the spare password of said slave device;Wherein, when the primary password of the master device with it is described
When from the primary password of device, the spare password of the identical and described master device is identical as the spare password of said slave device, alternatively, when described
The primary password of the master device spare password of the master device different but described from the primary password of said slave device and said slave device are primary close
When code is identical, comparison result is to pass through.
2. the method according to claim 1, wherein sending the step of unlocking request to said slave device described
Further comprise before:
After the safety verification passes through, initialization information is sent to said slave device, wherein the initialization information packet
It includes: the primary password of master device and the spare password of the master device;And receive the initialization result of said slave device return.
3. a kind of method for unlocking for Internet of Things lock, by being executed from device, which is characterized in that specifically include:
The acquisition of master device transmission is received from the order of equipment safety information;
The security information is sent to the master device;
The unlocking request that the master device is sent is received, and the primary password of the master device is primary close with said slave device respectively
Code and the spare password of said slave device are compared;By the spare password of the master device respectively with the primary password of said slave device and
The spare password of said slave device is compared;
When comparison result be by when, execute unlocking operation, and to the master device return successful types unlocking result;
Wherein, it is described by the primary password of the master device respectively with the primary password of said slave device and the spare password of said slave device
It is compared;The spare password of the master device is carried out with the primary password of said slave device and the spare password of said slave device respectively
The step of comparing specifically includes:
When the primary password of the master device spare password of the master device identical and described with the primary password of said slave device and it is described from
When the spare password of device is identical, alternatively, working as the primary password of the master device master different but described from the primary password of said slave device
When the spare password of device is identical as the primary password of said slave device, comparison result is to pass through;
When the primary password of the master device spare password of the master device different but described from the primary password of said slave device and it is described from
When the primary password of device is identical, in the primary password of master device and the spare password of master device that will include in the request of unlocking
Further comprise with after the step of being compared from the primary password of device and from the spare password of device:
According to the primary password of the master device and the spare password of the master device, replace the primary password of said slave device and it is described from
The spare password of device.
4. according to the method described in claim 3, it is characterized in that, receiving what the unlocking that the master device is sent was requested described
Further comprise before step:
Receive the initialization information that the master device is sent, wherein the initialization information includes: the primary password of the master device
With the spare password of the master device;
It sets initial from the primary password of device for the primary password of the master device, sets the spare password of the master device to
The initial spare password of slave device.
5. according to the method described in claim 3, it is characterized in that, the primary password of the replacement said slave device and described from dress
It purchases and is specifically included with the step of password:
With the primary former primary password of slave device from the primary password of device, after being replaced of password replacement of the master device;
With the spare former spare password of slave device from the spare password of device, after being replaced of password replacement of the master device.
6. a kind of for executing the master device of Internet of Things lock method for unlocking characterized by comprising
Security information order unit, for sending the order obtained from equipment safety information to from device;
Security information verification unit carries out safety verification for receiving the security information of said slave device return, wherein according to
The slave device identity information for including in the security information and the identity information of the master device inquire corresponding authorization message,
And verify the timeliness of the authorization message;
Unlocking request transmitting unit, for according to preset replacement rule, replacing master device master after the safety verification passes through
With password and the spare password of master device, request of unlocking is sent to said slave device, wherein includes: replacement in the unlocking request
The spare password of master device after the primary password of master device afterwards and replacement, preset replacement rule specifically include: with former master device
Primary password replaces the spare password of former master device, the spare password of master device after being replaced;It is generated and is advised according to preset password
New password is then generated, the primary password of master device to replace the primary password of former master device, after being replaced;
Unlocking result receiving unit divides the primary password of the master device according to unlocking request for receiving said slave device
It is not compared with the primary password of said slave device and the spare password of said slave device, and the spare password of the master device is distinguished
The unlocking result returned after being compared with the primary password of said slave device and the spare password of said slave device;Wherein, when described
The primary password of the master device spare password of the master device identical and described with the primary password of said slave device and said slave device are spare close
When code is identical, alternatively, when the primary password of the master device master device different but described from the primary password of said slave device is spare close
When code is identical as the primary password of said slave device, comparison result is to pass through.
7. master device according to claim 6, which is characterized in that in the packet that takes a step forward of the unlocking request transmitting unit
It includes:
Initialization information unit, for after the safety verification passes through, initialization information to be sent to said slave device,
In, the initialization information includes: the primary password of the master device and the spare password of the master device;And receive said slave device
The initialization result of return.
8. a kind of for executing the slave device of Internet of Things lock method for unlocking characterized by comprising
Security information order receiving unit, for receiving the acquisition of master device transmission from the order of equipment safety information;
Security information return unit, for sending the security information to the master device;
Unlocking requesting processing, the unlocking request sent for receiving the master device, and by the primary password of the master device
It is compared respectively with the primary password of said slave device and the spare password of said slave device;By the spare password difference of the master device
It is compared with the primary password of said slave device and the spare password of said slave device;
Unlocking operation unit, for when comparison result be by when, execute unlocking operation, and return to successfully class to the master device
The unlocking result of type;
Wherein, the unlocking requesting processing is specifically used for:
When the primary password of the master device spare password of the master device identical and described with the primary password of said slave device and it is described from
When the spare password of device is identical, alternatively, working as the primary password of the master device master different but described from the primary password of said slave device
When the spare password of device is identical as the primary password of said slave device, comparison result is to pass through;
When the primary password of the master device spare password of the master device different but described from the primary password of said slave device and it is described from
When the primary password of device is identical, further comprise after the unlocking requesting processing:
From device cipher change unit, for replacing institute according to the primary password of the master device and the spare password of the master device
It states from the primary password of device and the spare password of said slave device.
9. according to claim 8 from device, which is characterized in that in the packet that takes a step forward of the unlocking requesting processing
It includes:
Initialization operation unit, the initialization information sent for receiving the master device, wherein the initialization information packet
It includes: the primary password of master device and the spare password of the master device;By the primary password of the master device be set as it is initial from
The primary password of device sets initial from the spare password of device for the spare password of the master device.
10. according to claim 8 from device, which is characterized in that said slave device cipher change unit is specifically used for:
With the primary former primary password of slave device from the primary password of device, after being replaced of password replacement of the master device;
With the spare former spare password of slave device from the spare password of device, after being replaced of password replacement of the master device.
11. a kind of system for executing Internet of Things lock method for unlocking, which is characterized in that including any in the claims 6-7
Slave device described in any one of master device and the claims 8-10 described in.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710029091.5A CN106920302B (en) | 2017-01-16 | 2017-01-16 | For the method for unlocking of Internet of Things lock, master device, from apparatus and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710029091.5A CN106920302B (en) | 2017-01-16 | 2017-01-16 | For the method for unlocking of Internet of Things lock, master device, from apparatus and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106920302A CN106920302A (en) | 2017-07-04 |
| CN106920302B true CN106920302B (en) | 2019-11-15 |
Family
ID=59454601
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710029091.5A Active CN106920302B (en) | 2017-01-16 | 2017-01-16 | For the method for unlocking of Internet of Things lock, master device, from apparatus and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106920302B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107516364A (en) * | 2017-08-30 | 2017-12-26 | 上海若禅信息科技有限公司 | Method for unlocking, bluetooth lock and the unlocking terminal of bluetooth lock |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102425338A (en) * | 2008-11-04 | 2012-04-25 | 邓睿 | Method and device for controlling electronic lock by utilizing computer programs |
| CN103023539A (en) * | 2012-12-04 | 2013-04-03 | 中兴通讯股份有限公司 | Method and system for starting functions of electronic devices |
| CN203070401U (en) * | 2012-12-30 | 2013-07-17 | 章玺 | Electronic lock system utilizing bar code |
| EP2463833B1 (en) * | 2010-12-09 | 2013-07-24 | Oberthur Technologies | Method and device for operational control of internal functions and protected applications embedded in chip cards for mobile terminals |
| CN103313238A (en) * | 2013-06-20 | 2013-09-18 | 天翼电信终端有限公司 | Safety system and safety protection method for mobile terminal |
| CN103413081A (en) * | 2013-08-29 | 2013-11-27 | 惠州Tcl移动通信有限公司 | After-password-input prompt method, password modifying method and electronic equipment |
| CN106203014A (en) * | 2016-06-29 | 2016-12-07 | 捷开通讯(深圳)有限公司 | The unlocking method of a kind of mobile terminal and tripper |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105991776B (en) * | 2016-06-29 | 2019-08-20 | 北京三快在线科技有限公司 | A kind of coded lock control method, apparatus and system |
-
2017
- 2017-01-16 CN CN201710029091.5A patent/CN106920302B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102425338A (en) * | 2008-11-04 | 2012-04-25 | 邓睿 | Method and device for controlling electronic lock by utilizing computer programs |
| EP2463833B1 (en) * | 2010-12-09 | 2013-07-24 | Oberthur Technologies | Method and device for operational control of internal functions and protected applications embedded in chip cards for mobile terminals |
| CN103023539A (en) * | 2012-12-04 | 2013-04-03 | 中兴通讯股份有限公司 | Method and system for starting functions of electronic devices |
| CN203070401U (en) * | 2012-12-30 | 2013-07-17 | 章玺 | Electronic lock system utilizing bar code |
| CN103313238A (en) * | 2013-06-20 | 2013-09-18 | 天翼电信终端有限公司 | Safety system and safety protection method for mobile terminal |
| CN103413081A (en) * | 2013-08-29 | 2013-11-27 | 惠州Tcl移动通信有限公司 | After-password-input prompt method, password modifying method and electronic equipment |
| CN106203014A (en) * | 2016-06-29 | 2016-12-07 | 捷开通讯(深圳)有限公司 | The unlocking method of a kind of mobile terminal and tripper |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106920302A (en) | 2017-07-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110046521B (en) | Decentralized privacy protection method | |
| CN110995432B (en) | Internet of things sensing node authentication method based on edge gateway | |
| CN110191153B (en) | Social communication method based on block chain | |
| US11263298B2 (en) | Persistent authentication system incorporating one time pass codes | |
| WO2009060283A1 (en) | Method and apparatus for secure communication | |
| CN107147498B (en) | Authentication method and encryption method for transmitting information in RFID authentication process | |
| CN102187619A (en) | Authentication system | |
| CN108471352A (en) | Processing method, system, computer equipment based on distributed private key and storage medium | |
| CA2257429C (en) | Method for group-based cryptographic code management between a first computer unit and group computer units | |
| CN110519300A (en) | Client key method for secure storing based on password bidirectional authentication | |
| CN101039181B (en) | Method for preventing service function entity of general authentication framework from attack | |
| Poettering et al. | Asynchronous ratcheted key exchange | |
| CA3038733A1 (en) | Authentication protocol using a one-time password | |
| CN110737915A (en) | Anti-quantum-computation anonymous identity recognition method and system based on alliance chain and implicit certificate | |
| CN106506479B (en) | Method, system and the client of cipher authentication, server and smart machine | |
| CN105847009A (en) | RFID bidirectional authentication method meeting requirement on backward security | |
| CN106920302B (en) | For the method for unlocking of Internet of Things lock, master device, from apparatus and system | |
| CN114666040B (en) | Radio frequency identification authentication system and method based on quantum cryptography network | |
| CN116527259B (en) | Cross-domain identity authentication method and system based on quantum key distribution network | |
| CN102215235B (en) | SIP (session initiation protocol) safety certification method capable of modifying authentication password | |
| JP5102701B2 (en) | Secret key distribution method and secret key distribution system | |
| CN114726555B (en) | Authentication and key agreement method, device and storage medium | |
| CN113572617B (en) | Distributed inter-node identity authentication method based on alliance chain | |
| Azad et al. | A lightweight protocol for RFID authentication | |
| CN115314191A (en) | Fusion key application method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |