CN107360570A - The lightweight real-time cipher key generation method that Behavior-based control action perceives in Internet of Things wearable device - Google Patents

The lightweight real-time cipher key generation method that Behavior-based control action perceives in Internet of Things wearable device Download PDF

Info

Publication number
CN107360570A
CN107360570A CN201710485266.3A CN201710485266A CN107360570A CN 107360570 A CN107360570 A CN 107360570A CN 201710485266 A CN201710485266 A CN 201710485266A CN 107360570 A CN107360570 A CN 107360570A
Authority
CN
China
Prior art keywords
wearable device
bit
data
key
sensing data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710485266.3A
Other languages
Chinese (zh)
Other versions
CN107360570B (en
Inventor
任伟
陈子涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yami Technology (Guangzhou) Co., Ltd
Original Assignee
China University of Geosciences
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China University of Geosciences filed Critical China University of Geosciences
Priority to CN201710485266.3A priority Critical patent/CN107360570B/en
Publication of CN107360570A publication Critical patent/CN107360570A/en
Application granted granted Critical
Publication of CN107360570B publication Critical patent/CN107360570B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks

Abstract

The invention discloses the lightweight real-time cipher key generation method that Behavior-based control action perceives in a kind of Internet of Things wearable device, comprise the following steps:The sensing data of the acceleration transducer embedded in the different wearable device of user is obtained, the sensing data is that through randomness common shake produces the acceleration information with similar track to different wearable devices;High-pass filtering is carried out to the sensing data of acquisition, and carries out gliding smoothing filtration treatment;Error correction filtering is carried out to the sensing data of different wearable devices, specially abandons the bit-pattern point that adjacent difference is less than threshold value;Algorithm is quantified by the data bit of the numerical relation based on consecutive number strong point bit quantization is carried out to the sensing data after corrected filtering;Two wearable devices are held consultation, to co-own an identical safe key.

Description

The lightweight real-time cipher key life that Behavior-based control action perceives in Internet of Things wearable device Into method
Technical field
The present invention relates to the body area network in Internet of Things (BodySensorNetwork) field, more particularly to body area to sense In device network, the key lightweight dynamic creation method of wearable computing embedded device.Including initial between wearable device Key generates, sensing data processing and the generation of real-time session key.
Background technology
With the development of current wireless sensor network and wearable computing technology, wearable and embedded device is extensive Apply in different fields (including telemedicine field) on ground.The safety issue of wearable device has obtained increasing pass Note.Data involved by these are worn in the equipment with human body are related to the individual privacy of user, therefore for place The communication security of equipment room in body area sensing network ensures to become particularly significant.On the other hand, due to wearable device Application characteristic condition limits, its hardware capabilities such as limited ability such as runnability, continuation of the journey.And traditional encipherment scheme such as public key adds The computing of dense body requires excessive so that this kind of scheme is not well suited for applying on this kind of wearable device.
Leading to when the key generation between wearable device and management method depend primarily on the connection between equipment at present Letter pattern (such as Wi-Fi, Bluetooth communication).It is for the nothing between equipment (e.g., computer, mobile phone) at the beginning of these conceptual designs Line communicates, and does not account for this kind of wearable device of low power consuming requirement.By taking Bluetooth communication as an example, the Secure Communication of bluetooth In with reference to traditional Diffle-Hellman key agreement schemes, it is this kind of based on the scheme of asymmetric encipherment system because it is multiple Miscellaneous computing requirement, and it is not suitable for wearable device.And because these schemes need substantial amounts of operational performance when producing key, Decline so as to result in the endurance of these many wearable devices, therefore have impact on Consumer's Experience.Wearable set for these During standby design key managing project, it is necessary to consider enough securities of scheme and lightweight it is efficient between equilibrium, this two It is a mutually contradictory requirement between person, so as to and be run into currently for the research institute of the key managing project of wearable device A Major Difficulties.
The content of the invention
The technical problem to be solved in the present invention is the asymmetrical encryption approach for needing complex calculation in the prior art The defects of being not suitable for wearable device, there is provided a kind of lightweight real-time cipher key generation method suitable for wearable device and be System.
The technical solution adopted for the present invention to solve the technical problems is:
The lightweight real-time cipher key generation method that Behavior-based control action perceives in a kind of Internet of Things wearable device, bag are provided Include following steps:
S1, the sensing data for obtaining the acceleration transducer embedded in the different wearable device of user, the sensing data For different wearable devices, through randomness common shake produces the acceleration information with similar track;
S2, the sensing data to acquisition carry out high-pass filtering, and carry out gliding smoothing filtration treatment;
S3, the sensing data to different wearable devices carry out error correction filtering, specially abandon adjacent difference less than threshold value Bit-pattern point;
S4, algorithm quantified to the sensing after corrected filtering by the data bit of the numerical relation based on consecutive number strong point Data carry out bit quantization;
S5, two wearable devices are held consultation, to co-own an identical safe key, specific negotiations process bag Include:
The bit-pattern point sequence that first wearable device is abandoned is sent to the second wearable device;Second wearable device root Sensing data is screened according to the bit-pattern point sequence received, resulting sensing data is completed in the screening of the second wearable device For key;
When the key length that the second wearable device obtains is less than predetermined threshold value, then communication is terminated;Otherwise, the second wearing is set The standby bit-pattern point sequence abandoned transmits same to the first wearable device, and the content of transmission also includes entering to sending data Checking sequence obtained by row HMAC operations, the checking sequence are used for the identity of verification of data integrity and the first wearable device; The checking sequence is: Wherein K is the The key that two wearable devices are generated;M is the bit-pattern point sequence that the second wearable device needs to abandon;K ' is is generated by K New key;‖ is associative operator;For xor operator;Opad and ipad is respectively Filling power outwardly and inwardly;
First wearable device is screened also according to the bit-pattern point sequence received, is obtained after the completion of screening shared close Key, then verify received checking sequence using the shared key, with verify the identity validity of the first wearable device and The integrality of data.
Connect above-mentioned technical proposal, in step S4, the data bit of the numerical relation based on consecutive number strong point quantifies algorithm tool Body is:Compare the quantity difference size of current data point and previous data point, if current sample point is less than previous sample point, The bit value that then current sample point quantifies is 1, is otherwise 0.
Connect above-mentioned technical proposal, in step S3, specially abandon the bit-pattern point that adjacent difference is less than 0.15.
Above-mentioned technical proposal is connect, this method also includes step:
S6, the real-time of embedded accelerometer sensor capture obtained in two wearable devices of body different parts add Speed data;
S7, quantify real time acceleration number of the algorithm to acquisition by the data bit of the numerical relation based on consecutive number strong point According to directly progress bit quantization processing;
S8, two different wearable devices each possess different random bit strings, utilize the shared key generated Respective Bit String is encrypted, and the cryptographic Hash for calculating encrypted content is set with verification of data integrity, latter two right wearing It is standby that ciphertext and cryptographic Hash are each sent to other side;
Decryption obtains in plain text after if S9, one of wearable device receive ciphertext, and verifies the cryptographic Hash of plaintext, if testing Card passes through, then oneself existing random bit is serially added the Bit String received, generate new session key.
Perceived present invention also offers Behavior-based control action in a kind of Internet of Things wearable device based on the above method Lightweight real-time cipher key generates system, including:
Sensing data acquisition module, the sensing of the acceleration transducer embedded in the wearable device different for obtaining user Data, the sensing data are that through randomness common shake produces the acceleration number of degrees with similar track to different wearable devices According to;
Pretreatment module, for carrying out high-pass filtering to the sensing data of acquisition, and carry out gliding smoothing filtration treatment;
Correction module, for carrying out error correction filtering to the sensing data of different wearable devices, specially abandon adjacent difference Less than the bit-pattern point of threshold value;
Bit quantization processing module, for quantifying algorithm pair by the data bit of the numerical relation based on consecutive number strong point Sensing data after corrected filtering carries out bit quantization;
Negotiation module, held consultation for two wearable devices, to co-own an identical safe key, specific association Business's process includes:
The bit-pattern point sequence that first wearable device is abandoned is sent to the second wearable device;Second wearable device root Sensing data is screened according to the bit-pattern point sequence received, resulting sensing data is completed in the screening of the second wearable device For key;
When the key length that the second wearable device obtains is less than predetermined threshold value, then communication is terminated;Otherwise, the second wearing is set The standby bit-pattern point sequence abandoned transmits same to the first wearable device, and the content of transmission also includes entering to sending data Checking sequence obtained by row HMAC operations, the checking sequence are used for the identity of verification of data integrity and the first wearable device; The checking sequence is: Wherein K is the The key that two wearable devices are generated;M is the bit-pattern point sequence that the second wearable device needs to abandon;K ' is is generated by K New key;‖ is associative operator;For xor operator;Opad and ipad is respectively Filling power outwardly and inwardly;
First wearable device is screened also according to the bit-pattern point sequence received, is obtained after the completion of screening shared close Key, then verify received checking sequence using the shared key, with verify the identity validity of the first wearable device and The integrality of data.
Above-mentioned technical proposal is connect, the sensing data acquisition module, is additionally operable to obtain two positioned at body different parts The real time acceleration data of embedded accelerometer sensor capture in wearable device;
The bit quantization processing module, it is additionally operable to quantify by the data bit of the numerical relation based on consecutive number strong point Algorithm directly carries out bit quantization processing to the real time acceleration data of acquisition;
The system also includes:
Encrypting module, for when two different wearable devices each possess different random bit strings, using Respective Bit String is encrypted the shared key of generation, and calculates the cryptographic Hash of encrypted content with verification of data integrity, Ciphertext and cryptographic Hash are each sent to other side by latter two right wearable device;
New key generation module, decryption obtains in plain text after receiving ciphertext for a wearable device wherein, and verifies The cryptographic Hash of plaintext, if being verified, oneself existing random bit is serially added the Bit String received, generate new session Key.
The beneficial effect comprise that:The present invention utilizes the sensor of common configuration in wearable device, allows user Initial key can be quickly and efficiently generated in a device, and human action can be utilized to produce during using wearable device Raw sensing data produces real-time cipher key.
Brief description of the drawings
Below in conjunction with drawings and Examples, the invention will be further described, in accompanying drawing:
Fig. 1 is the overall plan flow chart of the embodiment of the present invention;
Fig. 2 is collaborative share key product process figure of the embodiment of the present invention based on human body gesture and action;
Fig. 3 is real-time cipher key generation method of the embodiment of the present invention based on human action.
Embodiment
In order to make the purpose , technical scheme and advantage of the present invention be clearer, it is right below in conjunction with drawings and Examples The present invention is further elaborated.It should be appreciated that specific embodiment described herein is only to explain the present invention, not For limiting the present invention.
For combining human body to the communication security requirements wearable device and its consideration of ardware feature, the present invention at present The embedded accelerometer sensor of action and Wearable proposes following methods.
1. perception random digit generation method and its key establishing method based on human body gesture and action
Main flow is mainly with data based on the key generation scheme for wearable device utilized to sensor at present Based on common trait is excavated.Such scheme, which generally requires, carries out a series of change, processing, feature mining to sensing data Deng, therefore have certain power consumption in data handling procedure.
The data of identical (or similar) are obtained in accelerometer sensor so as to generate pair realizing to utilize in distinct device In the scheme for claiming key, a more direct efficiently method is to allow equipment with the associated movement of identical track, that is, allows user Different equipment (e.g., wrist-watch, wearable portable sphygmomanometer) is shaken with carrying out randomness jointly, so as to produce with phase Like the acceleration information of track.And this method can have been reduced or remitted and consumed energy caused by most of progress data handling procedure, and This method has lightweight advantage, therefore is particularly suitable for using in the Sensor Network of body domain.
Meanwhile this random-number generating method is not based on the pseudo-random function generation of mathematics, but it is based on physical characteristic True random number, therefore, its random unpredictability is more preferable.
This method it is specific as follows:
1) after sensing data is obtained, carry out simply handling data first.(note:Due to being used in experiment Equipment for operation Android operation system equipment, Android sensor exploitation official document in illustrates such as to obtain in Android device Accurate acceleration information, the initial data of acquisition need to first pass through high-pass filtering processing to reduce or remit the interference of gravity, therefore below The data for regarding initial data to handle by high-pass filtering).Data carry out simple gliding smoothing filtering scheme, the program first Data can be done with simple smoothing processing, some lofty data are carried out simple smooth.
Wherein SMA is that the smooth value calculated is, n is smoothing parameter (number of samples taken when i.e. smooth every time), in this hair Bright middle n is arranged to 2 (i.e. each data point only carries out average smooth with previous data point), and M is that the upper limit of sample indexes Value (this M~M- (n-1) individual sample point of sampling when calculating), PiFor i-th of sample point, SMAprevFor it is preceding once calculate it is flat Sliding value.
Simple gliding smoothing filtering scheme can also solve when user shake at random in device procedures be likely to occur it is short The regular shake of temporary property, and this kind of regular action is easier successfully to be imitated by potential adversary, therefore in our follow-up meetings This kind of data are excluded.
2) before bit quantity is carried out to data, because the running orbit of user's equipment room when shaking equipment is not necessarily complete Unanimously, therefore the obtained bit value of two equipment rooms may be variant.To this, we have proposed error correction filtering scheme.The program Feature is that (0.15 this threshold value is the optimal value obtained in experimentation to bit of the adjacent difference of discarding less than 0.15, should It is too short that value can effectively filter out the key length that most of inconsistent data point and will not making simultaneously finally gives).This Be due to these consecutive points difference it is smaller, and the random noise in motion process can have more in the less sample of these differences Big influence, so as to cause the data of two equipment rooms inconsistent, can effectively it be filtered using the error correction filtering scheme Fall the impacted bit in this part, improve data consistency.
In addition, the situation of the issuable rule sexual act said before when user is shaking equipment at random also can It is resolved.Due to the effect of the smooth filtering scheme of simple average, difference between the sample point of these adjacent rules can be by In carried out average smooth processing and become very close (i.e. difference becomes very little).In this case, these data points will By it is proposed that error correction filtering scheme processing procedure screen out, so as to ensure that the bit data finally given comes from The shake action of user's randomness.
3) after above-mentioned filtering error correction filtering scheme is completed, can to sensing data carry out bit quantization (see below- The data bit of numerical relation based on consecutive number strong point quantifies algorithm).
4) after equipment completes above procedure, by the sample abandoned between distinct device in progress error correction filter process can Can be different, therefore two equipment need to hold consultation, and because negotiations process is related to intercommunication, therefore we with reference to The security negotiation scheme that can resist opponent that Mathur is proposed, specific negotiations process are as follows:
A) sequence number for the sample point that oneself is abandoned in above-mentioned 2) step is sent to equipment 2 by equipment 1;
B) equipment 2 is screened according to the sequence received, and the sequence after the completion of screening obtained by equipment 2 is key.Examine Considering opponent may be distorted to data in the transmission process of equipment 1 and (e.g., be deleted, increase), so as to cause final equipment The key of a short length is can only obtain, and the key of short length is easily under attack.Therefore we provide, work as equipment 2 (depend on the encipherment scheme actually used) when finding that final key length is less than certain threshold value, that is, are considered as this time and consult to lose Lose and terminate communication.
Otherwise, the sequence number of its sample point abandoned in above-mentioned 2) step is equally sent to equipment 1 by equipment 2, transmission Content also includes one to sending the sequence obtained by data carry out HMAC operations, and the sequence is used for verification of data integrity and set Standby 1 identity.
Wherein K generates key by equipment 2;M is transmission sequence;K ' is the new key that is generated by K;‖ is to combine to transport Operator;For xor operator;Opad and ipad is respectively Filling power outwardly and inwardly.
C) equipment 1 carries out screening out the sample point for needing to abandon also according to the sequence received, is total to after the completion of screening Enjoy key.Then key authentication HMAC sequences are utilized, it is effective so as to verify the identity of data sender's (i.e. equipment 1) The integrality of property and data.
After negotiations process as above is completed, an identical safe key is just co-owned between two equipment.
Abandoned it should be noted that the key that equipment 1 generates is the sample point abandoned according to equipment 1,2;And equipment 1st, 2 initial data is quantified after user is shaken jointly and error correction is filtered, it is ensured that two equipment exist The step for have sufficiently high accuracy rate.If the key difference of generation is larger, need to re-start.
2. the sensing data bit quantization algorithm of the difference relationship based on consecutive number strong point
The algorithm of existing sensing data bit quantization algorithm main flow is the calculation for the basic sample statistics that Muthur is proposed Method.The main thought of the algorithm is the value for counting all sample points in certain window value first, and calculate one it is appropriate The upper bound and floor value.To sensing data carry out quantizing process in, those more than the upper bound or less than lower bound and meet to (physical condition depends on the demand of practical solution) sample point of fixed condition can correspondingly be quantified as bit 1 or 0.Considering Under the present invention is by the use of human action data as the real background of data source, we have proposed a more suitably bit quantization to calculate Method.
Because the generation of key acts from the randomness shake of user, therefore, bit quantity is being carried out to sensing data During change, it should consider allow the bit data after quantifying that the randomness of user action can be reflected (i.e. by human body as far as possible The randomness of action is converted into the randomness of quantized data, so as to ensure the security of data).
Based on above thought, we have proposed the calculation of the sensing data bit quantization of the numerical relation based on consecutive number strong point Method.The algorithm is based on the quantity difference size for comparing current data point and previous data point, if current sample point is less than previous Individual sample point, the then bit value quantified from current sample point are 1;Otherwise it is 0.
The algorithm is mainly characterized by, and the difference relationship between one section of adjacent ratio feature can reflect equipment at this The situation of equipment acceleration or deceleration in the section time.Such as, if a series of sample point difference is just, equipment is entered in this time Row accelerates.And the randomness of the shake action of user can be considered as adding for this unpredictability on by shake equipment Speed or retarded motion, therefore the data after algorithm quantization can merge the randomness of physical action well, so as to improve Information Security.
3. the real-time cipher key lightweight generation method based on human action
It is presently mainly base to carry out bit quantization in the sensing data to human action so as to generate the scheme of real-time cipher key In the thought of feature extraction.As said before, this kind of thought may have when from the sensing data of body gait applying Certain security deficiency, this is due to comparatively the feature of body gait compares fixation, this also means that have it is certain can Energy property is successfully simulated.Therefore, caused key is also threatened by certain impersonation attack.
Based on the deficiency of current existing program, the present invention proposes one using raw sensory data caused by human action The random bit string of high security is generated so as to generate the method for real-time cipher key, method is specific as follows:
1) the embedded accelerometer sensor in the wearable device of body different parts captures real-time acceleration information.
2) to initial data without it is any processing directly carry out bit quantization processing, quantizing process use it is proposed that base The optimized algorithm of algorithm in 2.
The main process of the optimized algorithm is as follows:Compared based on the difference relationship between adjacent data point, it is little to difference All sample points in 0.15 carry out bit quantization:If current sample point is less than previous sample point and difference is not more than 0.15, amount Change value is 1;If current sample point is more than previous sample point and difference is not less than -0.15, quantized value 0.0.15 threshold value is real The optimal value verified during testing, the value can ensure to have enough data to be quantified as cipher key source while also protect Having demonstrate,proved the data after quantifying has enough securities.
The main thought of the algorithm is as follows:Embedded sensors in equipment can operationally be mingled with acquired data Each noise like (e.g., uncertain noise of hardware inherent characteristic etc.), this noise like can influence the acceleration number of degrees of sensor acquisition According to, but actually the disturbance degree of the data of these noises pair depends on the size of actual acceleration information.That is, if equipment is real The acceleration on border is very big, and the proportion that noise is influenceed is relatively small.On the other hand, if the actual acceleration magnitude of equipment not Greatly, this noise like can just play the influence of larger proportion scope in these samples.Therefore, it is proposed that optimized algorithm it is special Meaning screened the less sample point of this kind of difference as quantized samples source because these sample sources gather when by noise shadow Sound is larger, so as to improve the unpredictability of data and randomness.
After above procedure is completed, two different equipment each possess different random bit strings.
3) respective Bit String is encrypted using the shared key generated for two equipment rooms, and is calculated in encryption The cryptographic Hash of appearance is as verification of data integrity.Ciphertext and cryptographic Hash are each sent to other side by latter two right equipment.
4) decryption obtains in plain text after equipment receives ciphertext, and verifies the cryptographic Hash of plaintext.If being verified, oneself Existing random bit serially adds the Bit String being subject to, and generates new session key.
Above procedure can automate progress in real time in user action process (such as walking, motion) process, be continuously generated New key.So as to the real-time of implementation.
The lightweight that Behavior-based control action perceives in Internet of Things wearable device of the embodiment of the present invention based on the above method Real-time cipher key generates system, including:
Sensing data acquisition module, the sensing of the acceleration transducer embedded in the wearable device different for obtaining user Data, the sensing data are that through randomness common shake produces the acceleration number of degrees with similar track to different wearable devices According to;
Pretreatment module, for carrying out high-pass filtering to the sensing data of acquisition, and carry out gliding smoothing filtration treatment;
Correction module, for carrying out error correction filtering to the sensing data of different wearable devices, specially abandon adjacent difference Less than the bit-pattern point of threshold value;
Bit quantization processing module, for quantifying algorithm pair by the data bit of the numerical relation based on consecutive number strong point Sensing data after corrected filtering carries out bit quantization;
Negotiation module, held consultation for two wearable devices, to co-own an identical safe key, specific association Business's process includes:
The bit-pattern point sequence that first wearable device is abandoned is sent to the second wearable device;Second wearable device root Sensing data is screened according to the bit-pattern point sequence received, resulting sensing data is completed in the screening of the second wearable device For key;
When the key length that the second wearable device obtains is less than predetermined threshold value, then communication is terminated;Otherwise, the second wearing is set The standby bit-pattern point sequence abandoned transmits same to the first wearable device, and the content of transmission also includes entering to sending data Checking sequence obtained by row HMAC operations, the checking sequence are used for the identity of verification of data integrity and the first wearable device; The checking sequence is: Wherein K is the The key that two wearable devices are generated;M is the bit-pattern point sequence that the second wearable device needs to abandon;K ' is is generated by K New key;‖ is associative operator;For xor operator;Opad and ipad is respectively Filling power outwardly and inwardly;
First wearable device is screened also according to the bit-pattern point sequence received, is obtained after the completion of screening shared close Key, then verify received checking sequence using the shared key, with verify the identity validity of the first wearable device and The integrality of data.
Above-mentioned technical proposal is connect, the sensing data acquisition module, is additionally operable to obtain two positioned at body different parts The real time acceleration data of embedded accelerometer sensor capture in wearable device;
The bit quantization processing module, it is additionally operable to quantify by the data bit of the numerical relation based on consecutive number strong point Algorithm directly carries out bit quantization processing to the real time acceleration data of acquisition;
The system also includes:
Encrypting module, for when two different wearable devices each possess different random bit strings, using Respective Bit String is encrypted the shared key of generation, and calculates the cryptographic Hash of encrypted content with verification of data integrity, Ciphertext and cryptographic Hash are each sent to other side by latter two right wearable device;
New key generation module, decryption obtains in plain text after receiving ciphertext for a wearable device wherein, and verifies The cryptographic Hash of plaintext, if being verified, oneself existing random bit is serially added the Bit String received, generate new session Key.
To sum up, the present invention is realized following excellent based on the utilization to universal built-in accelerometer sensor in wearable device Point:1st, randomly generate but high efficiency:We have proposed one to allow user to carry out the dynamic of randomness to these portable wearable devices Work, posture etc. (including common shake), so as to efficiently by producing randomness symmetric key from belt sensor;2nd, it is random to perceive Quantization homogeneity:An it is proposed that lightweight based on the size of the difference relation between more adjacent sensing data point 5 bit quantization method;3rd, key produces strategy and method:The present invention proposes the real-time dynamic key generation side of a lightweight Method, this method directly can be used as real-time cipher key by the use of the initial data in sensor to generate the random number of high security.
It should be appreciated that for those of ordinary skills, can according to the above description be improved or converted, And all these modifications and variations should all belong to the protection domain of appended claims of the present invention.

Claims (6)

1. the lightweight real-time cipher key generation method that Behavior-based control action perceives in a kind of Internet of Things wearable device, its feature exist In comprising the following steps:
S1, the sensing data for obtaining the acceleration transducer embedded in the different wearable device of user, the sensing data is not Through randomness common shake produces the acceleration information with similar track to same wearable device;
S2, the sensing data to acquisition carry out high-pass filtering, and carry out gliding smoothing filtration treatment;S3, to different wearable devices Sensing data carry out error correction filtering, specially abandon adjacent difference be less than threshold value bit-pattern point;
S4, algorithm quantified to the sensing data after corrected filtering by the data bit of the numerical relation based on consecutive number strong point Carry out bit quantization;
S5, two wearable devices are held consultation, and to co-own an identical safe key, specific negotiations process includes:
The bit-pattern point sequence that first wearable device is abandoned is sent to the second wearable device;Second wearable device is according to receipts To bit-pattern point sequence sensing data is screened, the screening of the second wearable device complete obtained by sensing data to be close Key;
When the key length that the second wearable device obtains is less than predetermined threshold value, then communication is terminated;Otherwise, the second wearable device will Its bit-pattern point sequence abandoned transmits same to the first wearable device, and the content of transmission also includes carrying out to sending data Checking sequence obtained by HMAC operations, the checking sequence are used for the identity of verification of data integrity and the first wearable device;Should Verify that sequence is:HMAC (K, m)=H ((K ' ⊕ opad) ‖ H ((K ' ⊕ ipad) ‖ m)), wherein K is generated by the second wearable device Key;M is the bit-pattern point sequence that the second wearable device needs to abandon;K ' is the new key that is generated by K;‖ is knot Close operator;⊕ is xor operator;Opad and ipad is respectively Filling power outwardly and inwardly;
First wearable device is screened also according to the bit-pattern point sequence received, and shared key is obtained after the completion of screening, Then received checking sequence is verified using the shared key, to verify the identity validity of the first wearable device and data Integrality.
2. according to the method for claim 1, it is characterised in that in step S4, the numerical relation based on consecutive number strong point Data bit quantifies algorithm:Compare the quantity difference size of current data point and previous data point, if current sample Point is less than previous sample point, then the bit value that current sample point quantifies is 1, is otherwise 0.
3. method according to claim 1 or 2, it is characterised in that in step S3, specially abandon adjacent difference and be less than 0.15 bit-pattern point.
4. according to the method for claim 1, it is characterised in that this method also includes step:
The real time acceleration that S6, the embedded accelerometer sensor obtained in two wearable devices of body different parts capture Data;
S7, by the data bit of the numerical relation based on consecutive number strong point to quantify algorithm straight to the real time acceleration data of acquisition Tap into the processing of row bit quantization;
S8, two different wearable devices each possess different random bit strings, using the shared key generated to each From Bit String be encrypted, and it is each with verification of data integrity, latter two right wearable device to calculate the cryptographic Hash of encrypted content Other side is sent to from ciphertext and cryptographic Hash;
If decryption obtains in plain text after S9, one of wearable device receive ciphertext, and verifies the cryptographic Hash of plaintext, if checking is logical Cross, then oneself existing random bit is serially added the Bit String received, generate new session key.
A kind of 5. lightweight real-time cipher key life that Behavior-based control action perceives in Internet of Things wearable device based on claim 1 Into system, it is characterised in that including:
Sensing data acquisition module, the sensing number of the acceleration transducer embedded in the wearable device different for obtaining user According to the sensing data is that through randomness common shake produces the acceleration number of degrees with similar track to different wearable devices According to;
Pretreatment module, for carrying out high-pass filtering to the sensing data of acquisition, and carry out gliding smoothing filtration treatment;
Correction module, for carrying out error correction filtering to the sensing data of different wearable devices, specially abandon adjacent difference and be less than The bit-pattern point of threshold value;
Bit quantization processing module, for quantifying algorithm to through entangling by the data bit of the numerical relation based on consecutive number strong point Miss the sensing data after filter and carry out bit quantization;
Negotiation module, hold consultation for two wearable devices, to co-own an identical safe key, specifically consulted Journey includes:
The bit-pattern point sequence that first wearable device is abandoned is sent to the second wearable device;Second wearable device is according to receipts To bit-pattern point sequence sensing data is screened, the screening of the second wearable device complete obtained by sensing data to be close Key;
When the key length that the second wearable device obtains is less than predetermined threshold value, then communication is terminated;Otherwise, the second wearable device will Its bit-pattern point sequence abandoned transmits same to the first wearable device, and the content of transmission also includes carrying out to sending data Checking sequence obtained by HMAC operations, the checking sequence are used for the identity of verification of data integrity and the first wearable device;Should Verify that sequence is:HMAC (K, m)=H ((K ' ⊕ opad) ‖ H ((K ' ⊕ ipad) ‖ m)), wherein K is generated by the second wearable device Key;M is the bit-pattern point sequence that the second wearable device needs to abandon;K ' is the new key that is generated by K;‖ is knot Close operator;⊕ is xor operator;Opad and ipad is respectively Filling power outwardly and inwardly;
First wearable device is screened also according to the bit-pattern point sequence received, and shared key is obtained after the completion of screening, Then received checking sequence is verified using the shared key, to verify the identity validity of the first wearable device and data Integrality.
6. system according to claim 5, it is characterised in that
The sensing data acquisition module, it is additionally operable to obtain the embedded acceleration in two wearable devices of body different parts The real time acceleration data of flowmeter sensor capture;
The bit quantization processing module, it is additionally operable to quantify algorithm by the data bit of the numerical relation based on consecutive number strong point Bit quantization processing is directly carried out to the real time acceleration data of acquisition;
The system also includes:
Encrypting module, for when two different wearable devices each possess different random bit strings, using having generated Shared key respective Bit String is encrypted, and calculate the cryptographic Hash of encrypted content with verification of data integrity, then Ciphertext and cryptographic Hash are each sent to other side by two wearable devices;
New key generation module, decryption obtains in plain text after receiving ciphertext for a wearable device wherein, and verifies in plain text Cryptographic Hash, if being verified, oneself existing random bit is serially added the Bit String received, it is close to generate new session Key.
CN201710485266.3A 2017-06-23 2017-06-23 Behavior action perception-based lightweight real-time key generation method and system in wearable equipment of Internet of things Active CN107360570B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710485266.3A CN107360570B (en) 2017-06-23 2017-06-23 Behavior action perception-based lightweight real-time key generation method and system in wearable equipment of Internet of things

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710485266.3A CN107360570B (en) 2017-06-23 2017-06-23 Behavior action perception-based lightweight real-time key generation method and system in wearable equipment of Internet of things

Publications (2)

Publication Number Publication Date
CN107360570A true CN107360570A (en) 2017-11-17
CN107360570B CN107360570B (en) 2019-12-20

Family

ID=60273144

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710485266.3A Active CN107360570B (en) 2017-06-23 2017-06-23 Behavior action perception-based lightweight real-time key generation method and system in wearable equipment of Internet of things

Country Status (1)

Country Link
CN (1) CN107360570B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108989309A (en) * 2018-07-16 2018-12-11 苏州大学张家港工业技术研究院 Encryption communication method and its encrypted communication device based on narrowband Internet of Things
CN110753342A (en) * 2019-10-18 2020-02-04 武汉大学 Body area network equipment authentication and key agreement method based on channel characteristics
CN111555872A (en) * 2020-04-30 2020-08-18 平安科技(深圳)有限公司 Communication data processing method, device, computer system and storage medium
CN112104643A (en) * 2020-09-11 2020-12-18 重庆邮电大学 Encryption and decryption method for physical parameter characteristic value disturbance based on physical layer protocol data extraction random number
CN113938274A (en) * 2021-10-13 2022-01-14 北京积木信创数据技术有限公司 Data security transmission method for wearable equipment

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102984704A (en) * 2012-12-24 2013-03-20 中国地质大学(武汉) Authentication and key agreement method and system between light-weight smart mobile phones
CN103283175A (en) * 2010-12-28 2013-09-04 日本电气株式会社 Method of generating key

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103283175A (en) * 2010-12-28 2013-09-04 日本电气株式会社 Method of generating key
CN102984704A (en) * 2012-12-24 2013-03-20 中国地质大学(武汉) Authentication and key agreement method and system between light-weight smart mobile phones

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
MOHAMMAD MASDARI等: "Key management in wireless Body Area Network: Challenges and issues", 《ELSEVIER》 *
WEITAO XU等: "Gait-Key: A Gait-Based Shared Secret Key Generation Protocol for Wearable Devices", 《ACM TRANSACTIONS ON SENSOR NETWORKS》 *
任伟等: "物联网自治安全适配层模型以及T2ToI中T2T匿名认证协议", 《计算机研究与发展》 *

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108989309A (en) * 2018-07-16 2018-12-11 苏州大学张家港工业技术研究院 Encryption communication method and its encrypted communication device based on narrowband Internet of Things
CN108989309B (en) * 2018-07-16 2021-10-08 苏州大学张家港工业技术研究院 Encryption communication method and encryption communication device based on narrow-band Internet of things
CN110753342A (en) * 2019-10-18 2020-02-04 武汉大学 Body area network equipment authentication and key agreement method based on channel characteristics
CN110753342B (en) * 2019-10-18 2022-05-13 武汉大学 Body area network equipment authentication and key agreement method based on channel characteristics
CN111555872A (en) * 2020-04-30 2020-08-18 平安科技(深圳)有限公司 Communication data processing method, device, computer system and storage medium
CN112104643A (en) * 2020-09-11 2020-12-18 重庆邮电大学 Encryption and decryption method for physical parameter characteristic value disturbance based on physical layer protocol data extraction random number
CN113938274A (en) * 2021-10-13 2022-01-14 北京积木信创数据技术有限公司 Data security transmission method for wearable equipment
CN113938274B (en) * 2021-10-13 2024-03-22 北京积木信创数据技术有限公司 Data security transmission method for wearable equipment

Also Published As

Publication number Publication date
CN107360570B (en) 2019-12-20

Similar Documents

Publication Publication Date Title
CN107360570A (en) The lightweight real-time cipher key generation method that Behavior-based control action perceives in Internet of Things wearable device
US11101986B2 (en) Authentication processing service
CN105812126B (en) Lightweight backup and the efficient restoration methods of healthy block chain data encryption key
CN112232527B (en) Safe distributed federal deep learning method
CN104392534B (en) Electronic voting method and device based on finger vein feature recognition
Jiang et al. Shake to communicate: Secure handshake acceleration-based pairing mechanism for wrist worn devices
Lewis et al. Real time motion-based authentication for smartwatch
Revadigar et al. Accelerometer and fuzzy vault-based secure group key generation and sharing protocol for smart wearables
CN109309569A (en) The method, apparatus and storage medium of collaboration signature based on SM2 algorithm
CN106059775B (en) CFL manages mode implementation method concentratedly
CN107592311A (en) Towards the cloud storage medical treatment big data lightweight batch auditing method of wireless body area network
CN101369892A (en) Method for reinforcing fingerprint Fuzzy Vault system security
CN109450648B (en) Key generation device, data processing apparatus, and data transfer system
US20160352709A1 (en) Security system, method, and apparatus
CN105608356A (en) Password generation method and device, password authentication method and device as well as terminal
CN108989309A (en) Encryption communication method and its encrypted communication device based on narrowband Internet of Things
CN101030852B (en) Method for enciphering and deciphering human-body safety
CN108717666A (en) Personalized vehicle insurance computational methods, system and terminal based on block chain
CN105450419A (en) Method, device and system
CN106161035B (en) CFL personal privacy protection mode implementation method
CN107370601A (en) A kind of intelligent terminal, system and method for integrating a variety of safety certifications
Sun et al. Accelerometer-based key generation and distribution method for wearable IoT devices
CN103297237B (en) Identity registration and authentication method, system, personal authentication apparatus and certificate server
KR20190125223A (en) Electronic voting system and method thereof
Revadigar et al. Secure key generation and distribution protocol for wearable devices

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20210415

Address after: Room 801, 85 Kefeng Road, Huangpu District, Guangzhou City, Guangdong Province

Patentee after: Yami Technology (Guangzhou) Co., Ltd

Address before: 430074 No. 388 Lu Lu, Hongshan District, Hubei, Wuhan

Patentee before: CHINA University OF GEOSCIENCES (WUHAN CITY)