CN107820243B - Dynamic loading device and method for encryption key of wireless multi-hop self-organizing network - Google Patents
Dynamic loading device and method for encryption key of wireless multi-hop self-organizing network Download PDFInfo
- Publication number
- CN107820243B CN107820243B CN201711240008.5A CN201711240008A CN107820243B CN 107820243 B CN107820243 B CN 107820243B CN 201711240008 A CN201711240008 A CN 201711240008A CN 107820243 B CN107820243 B CN 107820243B
- Authority
- CN
- China
- Prior art keywords
- key
- loading
- dynamic
- wireless
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/18—Self-organising networks, e.g. ad-hoc networks or sensor networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a device and a method for dynamically loading encryption keys of a wireless multi-hop self-organizing network, wherein when Sentry series wireless Mesh network equipment carries out networking communication, a special U shield is used for loading an unpredictable random number combination (8-64 bits) as a key; the specific execution steps are as follows: and the U shield inputs a dynamic loading key, the dynamic key U shield containing the latest key is inserted into the wireless Mesh network equipment, the wireless Mesh network equipment automatically verifies and loads the latest key, the network service is restarted and the network is re-networked after the key loading is ensured to be successful after the verification is carried out again, and the dynamic loading of the encryption key of the wireless multi-hop self-organizing network is completed. The invention is a safe and convenient key protection technology, which can effectively protect the authentication security in the wireless network communication process; the Sentry series wireless equipment adopting the dynamic loading key networking mode does not need to modify the password periodically, does not need to memorize the password, and even does not need to worry about the password loss.
Description
Technical Field
The invention relates to the field of wireless multi-hop self-organizing networks, in particular to a device and a method for dynamically loading an encryption key of a wireless multi-hop self-organizing network with a dynamic key.
Background
The wireless multi-hop self-organizing network is composed of wireless multi-hop self-organizing nodes, can be dynamically networked through a self-organizing protocol, has the capacity of multi-hop transmission, and the networking protocol can automatically select the optimal path according to the link quality. The access method can be operated as an independent private network form, and can also be deployed in a fixed mode to realize the last kilometer of access. The wireless multi-hop self-organizing network has a great development prospect, and has become one of the hot spots of the current wireless network research along with the development of the internet of things. However, the increasingly serious security problem faces people to pay more attention to the security problem of the wireless multi-hop ad hoc network, and the wireless security problem is one of the key factors hindering the application development of the wireless multi-hop ad hoc network.
At present, the traditional encryption modes include WPA-PSK/WPA2-PSK, WPA/WPA2 and WEP encryption methods with lower security, but in the encryption schemes, the security problem is mainly solved by arranging Public Key Infrastructure (PKI) in the network, and the core is to establish a certificate service center and provide a central service mode such as certificate management. These approaches all provide an initial key by which unicast and broadcast traffic is encrypted and decrypted using certain authentication procedures and encryption algorithms (AES-CCMP, etc.). And wireless communication data leakage can be caused when the secret key is leaked. The invention provides a device and a method for dynamically loading an encryption key of a wireless multi-hop self-organizing network based on the characteristic of fixing and unchanging the key of the wireless network, and can effectively protect the authentication security in the communication process of the wireless network. The wireless equipment adopting the dynamic loading key networking mode does not need to modify the password periodically, does not need to memorize the password, and even does not need to worry about the password loss. The dynamic loading key networking mode can ensure wireless communication from multiple aspects, and users can be safe and worry-free.
Disclosure of Invention
In order to solve the above problems, the present invention provides a dynamic loading apparatus and method for encryption keys of a wireless multi-hop ad hoc network.
In order to achieve the purpose, the technical scheme is that the encryption key dynamic loading device for the wireless multi-hop self-organized network comprises wireless self-organized network nodes and a wireless Mesh network, wherein the wireless self-organized network nodes are used for forming a wireless Mesh network; the dynamic secret key U shield is used for forming an interface event after being accessed into the wireless self-organizing network node; the automatic mounting device is used for mounting, and the interface event triggers the automatic mounting device to start mounting; the hot plug event execution device executes the hot plug event execution device by detecting the hot plug action through the kernel, and the hot plug event execution device finally calls the key automatic loading device; and the key automatic loading device is used for loading the latest dynamic key, the network service starting device is called finally after the key loading is finished, the network service of the wireless Mesh network is restarted, and the dynamic loading process of all the wireless multi-hop self-organized network encryption keys is finished.
The kernel refers to the core of the operating system, and is responsible for managing processes, memories, device drivers, files and network systems of the system, and determining the performance and stability of the system. Programs may be directly loaded into a computer for execution, and such a design illustrates that designers do not wish to provide any hardware abstraction and operating system support, as is common in the design of earlier computer systems. Finally, some auxiliary programs, such as program loaders and debuggers, are designed into the machine core or are fixed in read-only memory. The concept of the operating system kernel becomes clearer as these changes occur.
The dynamic key USB key can be a common USB flash disk with an 8-64 bit string set.
The USB interface provides a USB physical interface for the wireless self-organizing network node and is used for connecting the dynamic secret key U shield to the wireless Mesh network equipment.
The automatic mounting device comprises a driver corresponding to the kernel, can automatically identify the dynamic key U shield, and mounts the dynamic key U shield to the wireless self-organizing network node, which is a precondition for executing key loading. In the network running state, the dynamic key U shield can be inserted into the USB interface at any time according to the key loading requirement, and the system can automatically identify the dynamic key U shield. The automatic mounting device is similar to a USB flash disk which is plugged into a computer, automatically recognizes the USB flash disk and executes files in the USB flash disk.
The hot plug event execution device comprises an interface action identification program and an event calling program, can automatically identify the plug action of the USB interface, and then calls the key automatic loading device.
The key automatic loading device comprises a condition judgment and calling event execution program, judges whether the key is a dynamic key U shield or not and sets the key according to a specified format or not, and then loads the key to the wireless self-organizing network node.
The network service restarting device comprises a network interface and a wireless service restarting program, so that the newly loaded dynamic key can be effective.
A method for dynamically loading encryption keys of a wireless multi-hop self-organizing network comprises the following specific operation steps:
the first step is as follows: inputting a dynamic loading key by a dynamic key U shield;
the second step is that: sequentially inserting the dynamic secret key U shield into a USB interface of each wireless Mesh network device in the wireless Mesh network;
the third step: the wireless self-organizing network node executes encryption key loading;
the fourth step: the key loading is successful, and the network service is restarted;
the fifth step: after the network service is restarted, the dynamic loading of the encryption key of the wireless multi-hop self-organizing network is finished;
and a sixth step: executing dynamic key loading of the second wireless Mesh network equipment according to the first to the fifth steps; and the third dynamic key loading and the fourth dynamic key loading are analogized in sequence.
In order to ensure the interworking of wireless multi-hop ad hoc networks, it is necessary to ensure that nodes in the network have the same key.
The hot plug event execution device is a Linux kernel subsystem, and allows modules to be loaded and any script to be run at an event (during hardware connection or reconnection). In the running process of the system (here, the Linux kernel system), whenever a device is added or deleted from the system, a 'hot plug event' is generated; when the USB interface is started (UP) or closed (down), all scripts in the hot plug.d/USB directory are executed in alphabetical order; the device hot plug event executing step:
the first step is as follows: the dynamic key U shield is inserted, and a uevent event is generated;
the second step is that: the hot plug device receives the event;
the third step: positioning according to the additional information content of the ue event;
the fourth step: calling an exec command to execute a hot-call script according to variables such as ACTION, DEVPATH, SUBSYSTEM, DEVNAME, DEVTYPE and the like in the additional information;
the fifth step: hot plug-call executes all executable "hot plug event" scripts under/etc/hot plug.
The key dynamic loading device triggers an automatic key loading program after a dynamic key U shield is inserted into a node USB interface, and the specific automatic loading steps of the key dynamic loading device are as follows:
the first step is as follows: judging whether the U shield mounting of the dynamic key is successful; if the mounting is unsuccessful, quitting the program, and re-plugging the dynamic key U shield; if the mounting is successful, the execution is continued;
the second step is that: and checking the format of the key loading file, if the format of the key loading file is wrong, prompting no ukey, exiting the program, waiting for the correct dynamic key U shield to reload the key, and starting execution from the first step. The key loading file format is correct, the new key is continuously read and compared with the original network key, if the new key is the same as the original network key, the program is quitted, the comparison is different, and the execution is continued;
the third step: checking the key format, judging whether the key format is 8-64 bits or not, indicating the error reason, exiting the program, waiting for the correct dynamic key U shield to reload the key, and starting execution from the first step; loading a new key when the format is correct;
the fourth step: checking whether the new key is loaded successfully or not, if the new key is loaded unsuccessfully, prompting by an indicator light: 5 blinks at a rate of 5 times/sec for 5 times, and the routine ends; successful loading, indicator light prompt: flash for 3 seconds at a rate of 1 time/second;
the fifth step: restarting the network service; the indicator lamp is normally on for 1s after starting; and a sixth step: the indicator light is turned off until the dynamic key is loaded successfully.
Wherein the network service rebooting device; after the wireless parameters of the wireless Mesh network are modified, the network server needs to be restarted to install the modified parameters for execution. The network service restart procedure here is:
the first step is as follows: when a command for restarting the network service is received, the network interfaces of all the devices and the wireless service are stopped;
the second step is that: sleep for 1 second after stop, check kernel file, start all kernel processes to occupy resources (no kernel file size limit)
The third step: starting netifd service and starting each network interface;
the fourth step: and sleeping for 5 seconds, closing the wireless service, and then starting the wireless service.
The invention has the beneficial effects that: when the Sentry series wireless Mesh network equipment carries out networking communication, an unpredictable random number combination (8-64 bits) is loaded as a key by using a dynamic key U shield. The specific execution steps are as follows: and the dynamic key U shield inputs a dynamic loading key, the dynamic key U shield containing the latest key is inserted into the wireless Mesh network equipment, the wireless Mesh network equipment automatically verifies and loads the latest key, the network service is restarted and the network is re-networked after the key loading is ensured to be successful after the verification is carried out again, and the dynamic loading of the encryption key of the wireless multi-hop self-organizing network is completed. The invention is a safe and convenient secret key protection technology, and can effectively protect the authentication safety in the wireless network communication process. The Sentry series wireless equipment adopting the dynamic loading key networking mode does not need to modify the password periodically, does not need to memorize the password, and even does not need to worry about the password loss.
Drawings
Fig. 1 is a schematic diagram illustrating a configuration of a wireless multi-hop ad hoc network encryption key dynamic loading device according to the present invention;
FIG. 2 is a schematic diagram illustrating a dynamic loading apparatus for encryption keys in a wireless multi-hop ad hoc network according to the present invention;
FIG. 3 is a schematic diagram illustrating a method for dynamically loading encryption keys in a wireless multi-hop ad hoc network according to the present invention;
FIG. 4 is a diagram illustrating steps executed by the hot plug event execution apparatus according to the present invention;
FIG. 5 is a diagram illustrating the steps executed by the dynamic key loading apparatus according to the present invention;
FIG. 6 is a diagram illustrating steps performed by the network service restart apparatus according to the present invention.
Description of the labeling:
1. a wireless ad hoc network node;
11. a USB interface;
2. and (4) dynamic secret key U shield.
Detailed Description
Example 1
In the embodiment of the present invention, please refer to fig. 1 to 6, a dynamic loading apparatus for encryption keys of a wireless multi-hop ad hoc network includes: the system comprises a dynamic key U shield (2), a USB interface (11), an automatic mounting device, a hot-plug event execution device, an automatic key loading device and a network service restarting device. The dynamic secret key U shield (2) is connected into the wireless self-organizing network node (1) through a USB interface (11) to form an interface event, the interface event triggers an automatic mounting device, after mounting is completed, a hot plug event execution device detects hot plug action through a kernel, the hot plug event execution device calls a secret key automatic loading device at last to load a latest dynamic secret key, and after the secret key loading is completed, a network service starting device is called at last to restart network services of a wireless Mesh network to complete the encryption secret key dynamic loading process of all wireless multi-hop self-organizing networks.
Example 2
In the embodiment of the present invention, please refer to fig. 2, the present invention firstly inputs (or changes) the dynamic key U shield (2) on a computer (a computer/notebook, etc. that is equipped with software corresponding to a driver), powers on to start an action (task) to execute a required wireless ad hoc network node (1) (or a running device), ensures that the start is completed or started (an indicator light does not flash), inserts the dynamic key U shield (2) into a USB interface (11) of the wireless ad hoc network node (1), waits for the indicator light to flash three times at a speed of 1 time/second, and then lights for 1 second. Indicating that all operations are performed (about 30s), and then inserting the dynamic key Ushield (2) into another wireless self-organizing network node (1) device for repeated execution, wherein all devices in the network have to be performed once.
The invention has the following characteristics:
1) no need of memory: the U shield secret key can be set at any time without depending on the original password, so that the trouble of forgetting the password is avoided.
2) Multiple insurance: under the dynamic load key networking mechanism, the key is distributed or scheduled by the command center, even if the dynamic key and the wireless equipment are stolen at the same time, the network is not affected, and the security of wireless communication is guaranteed.
3) The inside and the outside are fixed: the dynamic load key changes in real time and is irregular, so that the safety problem caused by human factors is reduced to the maximum extent, the problem of stealing the key from the inside is effectively prevented, and the internal and external safety precaution of the system is firm and firm
4) The method is simple and easy to implement: the dynamic load key can wait for the completion of the dynamic load key process only by inserting the U shield into the USB port of the Sentry series wireless equipment.
The above embodiments are merely illustrative of the preferred embodiments of the present invention, and not restrictive, and various changes and modifications to the technical solutions of the present invention may be made by those skilled in the art without departing from the spirit of the present invention, and the technical solutions of the present invention are intended to fall within the scope of the present invention defined by the appended claims.
Claims (7)
1. A dynamic loading device for encryption keys of a wireless multi-hop ad hoc network is characterized by comprising the following components:
the wireless self-organizing network node is used for forming a wireless Mesh network;
the dynamic secret key U shield is used for forming an interface event after accessing the wireless self-organizing network node, and the interface event triggers and executes the automatic mounting device;
the automatic mounting device is used for mounting, and the interface event triggers the automatic mounting device to mount the dynamic key U shield to the wireless self-organizing network node; the automatic mounting device comprises a corresponding driver of a kernel and can automatically identify a dynamic key U shield;
the hot plug event execution device detects a hot plug action through the kernel to execute the hot plug event execution device after the automatic mounting device finishes mounting, and the hot plug event execution device finally calls the key automatic loading device;
the key automatic loading device is used for loading the latest dynamic key;
the network service starting device is finally called after the key loading is finished, the network service of the wireless Mesh network is restarted, the dynamic loading process of all the encryption keys of the wireless multi-hop self-organizing network is finished, the dynamic key loading device triggers an automatic key loading program after a dynamic key U shield is inserted into a node USB interface, and the specific automatic loading step is as follows:
the first step is as follows: judging whether the U shield mounting of the dynamic key is successful; if the mounting is unsuccessful, quitting the program, and re-plugging the dynamic key U shield; if the mounting is successful, the execution is continued;
the second step is that: checking the format of the key loading file, if the format of the key loading file is wrong, prompting no ukey, exiting the program, waiting for the correct dynamic key U shield to reload the key, and starting execution from the first step; the key loading file format is correct, the new key is continuously read and compared with the original network key, if the new key is the same as the original network key, the program is quitted, the comparison is different, and the execution is continued;
the third step: checking the key format, judging whether the key format is 8-64 bits or not, indicating the error reason, exiting the program, waiting for the correct dynamic key U shield to reload the key, and starting execution from the first step; loading a new key when the format is correct;
the fourth step: checking whether the new key is loaded successfully or not, if the new key is loaded unsuccessfully, prompting by an indicator light: 5 blinks at a rate of 5 times/sec for 5 times, and the routine ends; successful loading, indicator light prompt: flash for 3 seconds at a rate of 1 time/second;
the fifth step: restarting the network service; the indicator lamp is normally on for 1s after starting;
and a sixth step: the indicator light is turned off until the dynamic key is loaded successfully.
2. The device as claimed in claim 1, wherein the dynamic key usb shield is a general usb disk with a string of 8-64 bits already set.
3. The device for dynamically loading the encryption key of the wireless multi-hop ad hoc network according to claim 1, further comprising a USB interface, wherein the USB interface provides a USB physical interface for the wireless ad hoc network node to connect the dynamic key U shield to the wireless Mesh network device.
4. The device for dynamically loading the encryption key of the wireless multi-hop ad hoc network according to claim 1, wherein the hot-plug event executing device comprises an interface action recognition program and an event calling program, and can automatically recognize the plugging and unplugging action of the USB interface and then call the key automatic loading device.
5. The device of claim 1, wherein the device for automatically loading the encryption key comprises a conditional decision and an event execution procedure, and is configured to decide whether the key is a dynamic key U shield and whether the key is set according to a predetermined format, and then load the key to the node of the wireless ad hoc network.
6. The device of claim 1, wherein the network service restart means comprises a network interface and a wireless service restart procedure, so that the newly loaded dynamic key can be validated.
7. A method for applying the device for dynamically loading the encryption key of the wireless multi-hop ad hoc network according to claim 1, comprising the following steps:
the first step is as follows: inputting a dynamic loading key by a dynamic key U shield;
the second step is that: sequentially inserting the dynamic secret key U shield into a USB interface of each wireless Mesh network device in the wireless Mesh network;
the third step: the wireless self-organizing network node executes encryption key loading;
the fourth step: the key loading is successful, and the network service is restarted;
the fifth step: after the network service is restarted, the dynamic loading of the encryption key of the wireless multi-hop self-organizing network is finished;
and a sixth step: executing dynamic key loading of the second wireless Mesh network equipment according to the first to the fifth steps; and the third dynamic key loading and the fourth dynamic key loading are analogized in sequence.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2017110565897 | 2017-11-01 | ||
| CN201711056589 | 2017-11-01 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107820243A CN107820243A (en) | 2018-03-20 |
| CN107820243B true CN107820243B (en) | 2021-08-13 |
Family
ID=61605174
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711240008.5A Active CN107820243B (en) | 2017-11-01 | 2017-11-30 | Dynamic loading device and method for encryption key of wireless multi-hop self-organizing network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107820243B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017082797A1 (en) * | 2015-11-13 | 2017-05-18 | Telefonaktiebolaget Lm Ericsson (Publ) | Systems and methods of performing data transmission and reception in a communication system |
| WO2017167885A1 (en) * | 2016-04-01 | 2017-10-05 | Telefonaktiebolaget Lm Ericsson (Publ) | Determination of frequency resources for wireless communication devices |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7634230B2 (en) * | 2002-11-25 | 2009-12-15 | Fujitsu Limited | Methods and apparatus for secure, portable, wireless and multi-hop data networking |
| US7647508B2 (en) * | 2005-06-16 | 2010-01-12 | Intel Corporation | Methods and apparatus for providing integrity protection for management and control traffic of wireless communication networks |
| CN101192928B (en) * | 2006-12-01 | 2010-09-29 | 华为技术有限公司 | Mobile ad hoc authentication method and system |
| CN102056161B (en) * | 2009-10-28 | 2015-04-22 | 上海摩波彼克半导体有限公司 | Method for realizing layered key management in wireless mobile communication network |
| CN101706854A (en) * | 2009-11-03 | 2010-05-12 | 北京深思洛克软件技术股份有限公司 | USB information security equipment and method for communication between USB information security equipment and mainframe |
| CN101790163A (en) * | 2010-01-08 | 2010-07-28 | 电子科技大学 | Ad Hoc network-oriented dynamic key exchange protocol |
| CN106878381A (en) * | 2016-12-28 | 2017-06-20 | 珠海国芯云科技有限公司 | A kind of Internet of Things communicator and method |
-
2017
- 2017-11-30 CN CN201711240008.5A patent/CN107820243B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017082797A1 (en) * | 2015-11-13 | 2017-05-18 | Telefonaktiebolaget Lm Ericsson (Publ) | Systems and methods of performing data transmission and reception in a communication system |
| WO2017167885A1 (en) * | 2016-04-01 | 2017-10-05 | Telefonaktiebolaget Lm Ericsson (Publ) | Determination of frequency resources for wireless communication devices |
Non-Patent Citations (1)
| Title |
|---|
| Multi-hop Ad Hoc Wireless Communication draft-baccelli-intarea-adhoc-wireless-com-00;E. Baccelli等;《IETF Internet-Draft》;20150323;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107820243A (en) | 2018-03-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109815683B (en) | Authority verification method and related device | |
| CN102204304B (en) | Support of multiple pre-shared keys in access point | |
| AU2014235181B2 (en) | Certificate based profile confirmation | |
| EP2302549B1 (en) | Platform security apparatus and method thereof | |
| WO2018000834A1 (en) | Wifi hotspot information modification method and device | |
| CN106131612B (en) | The method and system of Android app dynamically load resource function module | |
| US11665532B2 (en) | Securing private wireless gateways | |
| WO2018045958A1 (en) | Method and system for upgrading wireless fidelity (wi-fi) device | |
| US20160330175A1 (en) | Secure element activities | |
| WO2012024851A1 (en) | Processing method and system for over-the-air bootstrap | |
| CN111918274B (en) | Code number configuration and management method and device, electronic equipment and readable storage medium | |
| CN109863475A (en) | The upgrade method and relevant device of a kind of application in safety element | |
| CN114124584B (en) | Method, device and system for remotely accessing office network, network access equipment and medium | |
| US12086099B2 (en) | Device to device migration in a unified endpoint management system | |
| CN103119600A (en) | Information processing device, method of controlling information processing device, information processing device control program and computer readable recording medium with information processing device control program recorded thereon | |
| CN104348616A (en) | Method for visiting terminal security component, device thereof and system thereof | |
| CN102594554B (en) | Bluetooth slave device and relevant authentication method thereof | |
| CN107105082B (en) | Method for unlocking network of terminal, method and device for starting terminal | |
| CN111786995B (en) | Account password management method, management middleware, system, equipment and storage medium | |
| CN105812364A (en) | Data transmission method and device | |
| CN107820243B (en) | Dynamic loading device and method for encryption key of wireless multi-hop self-organizing network | |
| CN108664805B (en) | Application program safety verification method and system | |
| CN108282784B (en) | Wireless network access method, MiFi terminal, mobile terminal and storage medium | |
| CN103685134A (en) | WLAN (Wireless Local Area Network) resource access control method and WLAN resource access control device | |
| CN109842600B (en) | Method for realizing mobile office, terminal equipment and MDM equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |