CN107920076B - TLS protocol-based electric energy meter communication method - Google Patents

TLS protocol-based electric energy meter communication method Download PDF

Info

Publication number
CN107920076B
CN107920076B CN201711147555.9A CN201711147555A CN107920076B CN 107920076 B CN107920076 B CN 107920076B CN 201711147555 A CN201711147555 A CN 201711147555A CN 107920076 B CN107920076 B CN 107920076B
Authority
CN
China
Prior art keywords
electric energy
energy meter
random number
breakpoint
private key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711147555.9A
Other languages
Chinese (zh)
Other versions
CN107920076A (en
Inventor
竹贝芬
尹建丰
黄柳胜
季海涛
滕锋雷
柏龙青
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
JIANGSU HUAYUAN APPARATUS AND INSTR Co.,Ltd.
Original Assignee
Jiangsu Linyang Energy Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Linyang Energy Co ltd filed Critical Jiangsu Linyang Energy Co ltd
Priority to CN201711147555.9A priority Critical patent/CN107920076B/en
Publication of CN107920076A publication Critical patent/CN107920076A/en
Application granted granted Critical
Publication of CN107920076B publication Critical patent/CN107920076B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Arrangements For Transmission Of Measured Signals (AREA)
  • Selective Calling Equipment (AREA)

Abstract

The electric energy meter communication method based on the TLS protocol is characterized in that the TLS protocol selects a 0xC023 safety kit, after an ECC algorithm is started to run in TLS handshake negotiation, the ECC algorithm operation is quitted at regular intervals and break points and current operation data are saved when a public key M, a signature r and a pre-master secret key Q are calculated, after other tasks of the electric energy meter are finished, the ECC algorithm is entered from the break points and the operation is continued until the ECC algorithm is finished, and the operation is quitted and the operation data are saved. The invention applies the SSL/TLS which is quite mature in the prior art to the intelligent electric meter, and solves the difficulty of transplanting the TLS library to the intelligent electric meter. As an independent safety layer, the data transmission architecture is clear, the complexity of the intelligent electric meter is simplified, the intelligent electric meter has strong attack resistance, and the safety in electric meter data communication is improved.

Description

TLS protocol-based electric energy meter communication method
Technical Field
The invention relates to the technical field of power equipment, in particular to an electric energy meter communication method based on a TLS protocol.
Background
As a part of the smart power grid, the core characteristic of the smart electric meter is that an information technology is introduced on the basis of a basic metering device, and the electric quantity consumption information of a user is collected, processed and remotely transmitted, so that the metering system and the consumption market trade are quicker and more convenient due to the functions. However, the implementation of these basic functions of the intelligent electric energy meter needs to be based on the safety of data storage and transmission, and the unsafe communication environment also brings many negative risks to the safety of energy supply. Therefore, the method has very important significance for effectively protecting the information safety of the intelligent electric meter, and higher requirements are provided for the data protection and the data safety of the intelligent electric meter in many markets at present.
Disclosure of Invention
The invention aims to provide an electric energy meter communication method based on a TLS protocol, and an electric energy meter data communication system based on a physical layer, a security layer and a data layer is established according to the communication security requirement of an electric energy meter.
The technical scheme of the invention is as follows:
a TLS protocol-based electric energy meter communication method is characterized in that a TLS protocol security layer is added between a communication physical layer and a data layer of an electric energy meter, the TLS protocol is a 0xC023 security suite, after an ECC algorithm is started to run in TLS handshake negotiation, when a public key M, a signature r and a pre-master key Q are calculated, ECC algorithm operation is quitted at regular intervals and breakpoint and current operation data are stored, after other tasks of the electric energy meter are finished, the electric energy meter enters the ECC algorithm from the breakpoint and continues to operate until the ECC algorithm is finished, the operation is quitted and the operation data are stored.
The calculation of the public key M comprises the following steps:
step 101: the electric energy meter end generates a private key K, and the private key K is expressed in binary, namely K ═ Kd-1,...k2,k1)2
Step 102: multiplying the binary random number K' with an ECC curve base point G from high to low in sequence until (K) is calculatedd-stepNum)2When the operation is stopped, the breakpoint and the operation result are saved, and the K' digit calculated at the time is recorded as step digit stepNum;
step 103: after the processing of other tasks of the electric energy meter is finished, entering operation from the breakpoint when the operation is quitted, calculating a binary random number K' of a stepping digit stepNum according to the operation rule of the step two, quitting the operation and storing the breakpoint and the operation result after the operation is finished;
step 104: repeating the step 103 until the calculation of the public key M is completed, recording the number of times of entering the operation as callNum, and storing the number of times of the operation and the operation result, wherein the operation processing method comprises the following steps:
Figure GDA0001546466850000021
the calculation of the pre-master key Q includes the following steps:
step 201: the electric energy meter end generates a private key K, and the private key K is expressed in binary, namely K ═ Kd-1,...k2,k1)2
Step 202: multiplying the binary random number K' with the public key P received from the meter reading client from high order to low order in sequence until (K) is calculatedd-stepNum)2When the operation is stopped, the breakpoint and the operation result are saved, and the K' digit calculated at the time is recorded as step digit stepNum;
step 203: after the processing of other tasks of the electric energy meter is finished, entering operation from the breakpoint when the operation is quitted, calculating a binary random number K' of a stepping digit stepNum according to the operation rule of the step two, quitting the operation and storing the breakpoint and the operation result after the operation is finished;
step 204: repeating the step 203 until the calculation of the pre-master key Q is completed, recording the number of times of the entering operation as callNum, and storing the number of times of the operation and the operation result, wherein the operation processing method comprises the following steps:
Figure GDA0001546466850000031
the above-mentioned calculation of the signature r comprises the following steps:
step 301: the electric energy meter end generates a private key K, and the private key K is expressed in binary, namely K ═ Kd-1,...k2,k1)2
Step 302: multiplying the binary random number K' with the signature parameter R from high order to low order until (K) is calculatedd-stepNum)2When the operation is stopped, the breakpoint and the operation result are saved, and the K' digit calculated at the time is recorded as step digit stepNum;
step 303: after the processing of other tasks of the electric energy meter is finished, entering operation from the breakpoint when the operation is quitted, calculating a binary random number K' of a stepping digit stepNum according to the operation rule of the step two, quitting the operation and storing the breakpoint and the operation result after the operation is finished;
step 304: repeating the step 303 until the signature r is calculated, recording the number of times of entering operation as callNum, and storing the number of times of operation and the operation result, wherein the operation processing method comprises the following steps:
Figure GDA0001546466850000032
the time for each time of entering the operation processing in the above calculation is not more than 1 second.
The private key K is obtained by a random number generator CTR-DRBG base on AES 128 in the electric energy meter, and the obtaining of the private key K comprises the following steps:
step 401: before the electric energy meter leaves a factory, a 32-byte random number seed is stored in a storage chip;
step 402: after the electric energy meter is electrified, reading the random number seeds from the storage chip and updating the random number seeds to the random number generator entropy pool, and then updating the random number generator entropy pool at regular intervals;
step 403: when a random number obtaining function in the TLS handshake protocol is called, obtaining a random number seed in the current random number generator entropy pool as a private key K, and then updating the random number generator entropy pool.
The step 402 is specifically as follows: after the electric energy meter is electrified, the random number seeds are read from the storage chip and updated to the entropy pool of the random number generator, then every 10 minutes, the random number generator reads the current MCU clock data and the current electric quantity of the electric energy meter to obtain new random number seeds, and the new random number seeds are replaced into the entropy pool of the random number generator.
In the second step, before each digit of the random number K is calculated, whether the electric energy meter is powered off or not needs to be judged, if the electric energy meter is powered off, the current operation is immediately quitted, and the electric quantity data of the electric energy meter is stored.
The private key K mentioned above can also be denoted by NAF (K), i.e.
Figure GDA0001546466850000041
The invention has the beneficial effects that:
the invention applies the SSL/TLS which is quite mature in the prior art to the intelligent electric meter, and solves the difficulty of transplanting the TLS library to the intelligent electric meter. As an independent safety layer, the data transmission architecture is clear, the complexity of the intelligent electric meter is simplified, the intelligent electric meter has strong attack resistance, and the safety in electric meter data communication is improved.
Drawings
FIG. 1 is a flow chart of the ECC algorithm process of the present invention.
FIG. 2 is a flow diagram of the operation of the random number generator of the present invention.
Detailed Description
The technical scheme of the invention is further specifically described by the following embodiments and the attached drawings. As shown in fig. 2, CTR-DRBG base on AES 128 is used as a random number generator, in order to ensure the randomness of the random number, MCU clock data and active and reactive power data based on objective conditions, which are not controlled by human, are obtained as random number seed sources. The operation of the random number generator in the smart meter comprises the following steps:
(1) before the electric energy meter leaves a factory, initializing random number seeds to ensure randomness, storing an EEPROM (electrically erasable programmable read-only memory), electrifying the electric energy meter each time, reading the stored random number seeds, and initializing an entropy pool of a random number generator;
(2) acquiring and storing new seeds every 10 minutes, reading the current MCU clock and the active and reactive electric quantity data, and updating the entropy pool of the random number generator at the same time;
(3) when the random number acquisition function is called in TLS handshake, new seed is acquired again, entropy pool of random number generator is updated, and 32 byte random number is acquired.
The key negotiation algorithm ECDH and the signature algorithm ECDSA in TLS handshake both relate to ECC algorithm, the running time of the algorithm in a 40MHZ electric energy meter is about 2s, the operation must be quitted in the operation process and the current operation data are stored in consideration of the requirement of 1s data push in the data communication of the electric energy meter, and the operation continues at the breakpoint when the operation quits again after other tasks are completed.
The ECC algorithm operates primarily with M KP, where K is 32 bytes largeData, the main logic of the calculation is to represent K in binary or NAF (equation (1)), and multiply it bitwise with P, i.e. K1P+k2P2 + … …. Therefore, the operation exit mechanism is shown in that the operation (formula (2)) exits every time a stepNum bit with a fixed coefficient K is processed, the operation data is stored, the function is waited to enter again next time until the K bit is processed, callNum times are processed, the maximum word length Maxword of the intra-domain element specified by the algorithm library determines the processing times, wherein Maxword is 9, and thus the stepNum and callNum meet the requirement of stepNum callNum<=300。
The main process flow is shown in fig. 1 below, where Qi is the median of Kp calculated each time the function is exited, and binaryNum is the position where k is processed at the time of exiting. The first time the algorithm is entered, Qi is 0 and binaryNum is 0.
Figure GDA0001546466850000051
Figure 3
In addition, due to the working particularity of the intelligent electric meter, data can be stored in time under the condition of power failure. Therefore, whether the power failure flag is set or not is judged in each unit operation of K, and if the power failure flag is set, the current operation is immediately quitted, so that the intelligent electric meter has enough time and power energy to store electric quantity data.

Claims (5)

1. A electric energy meter communication method based on TLS protocol adds TLS protocol security layer between communication physical layer and data layer of electric energy meter, characterized by that the TLS protocol selects 0xC023 security suite, after starting to run ECC algorithm in TLS handshake negotiation, when calculating public key M, signature r and pre-master key Q, quit ECC algorithm operation and save breakpoint and current operation data at regular intervals, after waiting for other tasks of electric energy meter to finish processing, enter ECC algorithm from breakpoint and continue operation, until ECC algorithm processing finishes, quit operation and save operation data;
the calculation of the public key M comprises the following steps:
step 101: the electric energy meter end generates a private key K, and the private key K is expressed in binary, namely K ═ Kd-1,...k2,k1)2(ii) a K' is a binary representation of the private key K;
step 102: multiplying K' by the base point G of the ECC curve from high to low in sequence until (K) is calculatedd-stepNum)2When the operation is stopped, the breakpoint and the operation result are saved, and the K' digit calculated at the time is recorded as step digit stepNum;
step 103: after the other tasks of the electric energy meter are processed, the operation is carried out from the breakpoint when the operation is quitted, the K' of the stepping digit stepNum is calculated according to the operation rule of the step 102, the operation is quitted and the breakpoint and the operation result are stored after the operation is finished;
step 104: repeating the step 103 until the calculation of the public key M is completed, recording the number of times of entering the operation as callNum, and storing the number of times of the operation and the operation result, wherein the operation processing method comprises the following steps:
Figure FDA0002399953340000011
the calculation of the pre-master key Q comprises the following steps:
step 201: the electric energy meter end generates a private key K, and the private key K is expressed in binary, namely K ═ Kd-1,...k2,k1)2(ii) a K' is a binary representation of the private key K;
step 202: multiplying K' with the public key P received from the meter reading client from high order to low order until (K) is calculatedd-stepNum)2When the operation is stopped, the breakpoint and the operation result are saved, and the K' digit calculated at the time is recorded as step digit stepNum;
step 203: after the other tasks of the electric energy meter are processed, the operation is carried out from the breakpoint when the operation is quitted, the K' of the stepping digit stepNum is calculated according to the operation rule of the step 102, the operation is quitted and the breakpoint and the operation result are stored after the operation is finished;
step 204: repeating the step 203 until the calculation of the pre-master key Q is completed, recording the number of times of the entering operation as callNum, and storing the number of times of the operation and the operation result, wherein the operation processing method comprises the following steps:
Figure FDA0002399953340000021
the calculation of the signature r comprises the following steps:
step 301: the electric energy meter end generates a private key K, and the private key K is expressed in binary, namely K ═ Kd-1,...k2,k1)2(ii) a K' is a binary representation of the private key K;
step 302: multiplying K' by the signature parameter R from high to low in sequence until (K) is calculatedd-stepNum)2When the operation is stopped, the breakpoint and the operation result are saved, and the K' digit calculated at the time is recorded as step digit stepNum;
step 303: after the other tasks of the electric energy meter are processed, the operation is carried out from the breakpoint when the operation is quitted, the K' of the stepping digit stepNum is calculated according to the operation rule of the step 102, the operation is quitted and the breakpoint and the operation result are stored after the operation is finished;
step 304: repeating the step 303 until the signature r is calculated, recording the number of times of entering operation as callNum, and storing the number of times of operation and the operation result, wherein the operation processing method comprises the following steps:
Figure FDA0002399953340000022
2. the TLS protocol-based power meter communication method as claimed in claim 1, wherein the time for entering the operation process each time is not more than 1 second.
3. The TLS protocol-based power meter communication method according to claim 1 or 2, wherein the private key K in step 101 is obtained by a random number generator CTR-DRBG base on AES 128 in the power meter, and the obtaining of the private key K comprises the following steps:
step 401: before the electric energy meter leaves a factory, a 32-byte random number seed is stored in a storage chip;
step 402: after the electric energy meter is electrified, reading the random number seeds from the storage chip and updating the random number seeds to the random number generator entropy pool, and then updating the random number generator entropy pool at regular intervals;
step 403: when a random number obtaining function in the TLS handshake protocol is called, obtaining a random number seed in the current random number generator entropy pool as a private key K, and then updating the random number generator entropy pool.
4. The TLS protocol-based power meter communication method according to claim 3, wherein the step 402 specifically comprises: after the electric energy meter is electrified, the random number seeds are read from the storage chip and updated to the entropy pool of the random number generator, then every 10 minutes, the random number generator reads the current MCU clock data and the current electric quantity of the electric energy meter to obtain new random number seeds, and the new random number seeds are replaced into the entropy pool of the random number generator.
5. The TLS protocol-based electric energy meter communication method as claimed in claim 1, wherein in step 102, before each bit of K' is calculated, it is determined whether the electric energy meter is powered down, and if powered down, the current operation is immediately exited and the electric quantity data of the electric energy meter is stored.
CN201711147555.9A 2017-11-17 2017-11-17 TLS protocol-based electric energy meter communication method Active CN107920076B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711147555.9A CN107920076B (en) 2017-11-17 2017-11-17 TLS protocol-based electric energy meter communication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711147555.9A CN107920076B (en) 2017-11-17 2017-11-17 TLS protocol-based electric energy meter communication method

Publications (2)

Publication Number Publication Date
CN107920076A CN107920076A (en) 2018-04-17
CN107920076B true CN107920076B (en) 2020-04-28

Family

ID=61897375

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711147555.9A Active CN107920076B (en) 2017-11-17 2017-11-17 TLS protocol-based electric energy meter communication method

Country Status (1)

Country Link
CN (1) CN107920076B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110211360B (en) * 2019-07-03 2021-04-16 平顶山燃气有限责任公司 Broadcast type meter reading method based on random awakening meter end
CN112019342B (en) * 2020-06-30 2023-05-23 宁波三星医疗电气股份有限公司 Data transmission method between electric energy meter and master station and electric energy meter
CN114143051B (en) * 2021-11-19 2024-02-23 江苏林洋能源股份有限公司 Method for intelligent ammeter to select TLS protocol based on performance adjustment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104852805A (en) * 2015-05-11 2015-08-19 中国科学院软件研究所 SM2 signature algorithm protection method for resisting error attack based on lattice
CN105187418A (en) * 2015-08-26 2015-12-23 江西师范大学 Weak signature algorithm
CN105610773A (en) * 2015-09-17 2016-05-25 浙江瑞银电子有限公司 Communication encryption method of electric energy meter remote meter reading
CN107317673A (en) * 2017-05-25 2017-11-03 云南电网有限责任公司电力科学研究院 A kind of intelligent electric energy meter communication encryption algorithm

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080022124A1 (en) * 2006-06-22 2008-01-24 Zimmer Vincent J Methods and apparatus to offload cryptographic processes
CN102890757B (en) * 2012-09-11 2015-08-05 中国电力科学研究院 A kind of comparison method of electric energy meter software and Compare System thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104852805A (en) * 2015-05-11 2015-08-19 中国科学院软件研究所 SM2 signature algorithm protection method for resisting error attack based on lattice
CN105187418A (en) * 2015-08-26 2015-12-23 江西师范大学 Weak signature algorithm
CN105610773A (en) * 2015-09-17 2016-05-25 浙江瑞银电子有限公司 Communication encryption method of electric energy meter remote meter reading
CN107317673A (en) * 2017-05-25 2017-11-03 云南电网有限责任公司电力科学研究院 A kind of intelligent electric energy meter communication encryption algorithm

Also Published As

Publication number Publication date
CN107920076A (en) 2018-04-17

Similar Documents

Publication Publication Date Title
CN107920076B (en) TLS protocol-based electric energy meter communication method
EP2946540B1 (en) Protocol translation in smart grid communications
CN103441856A (en) Dynamic password authentication method and device
CN101957784B (en) Memory and data backup method thereof
CN102497377B (en) Method for remote-monitoring data safety transmission of fuel cell standby power supply of communication base station
US20120245870A1 (en) Data converting device, data processing device, power consumption processing system and computer program product
CN102082662B (en) Quantum safety communication method based on synchronous random number information base information retrieval
Darivianakis et al. A data-driven stochastic optimization approach to the seasonal storage energy management
CN102946307A (en) Method and system for protecting electricity consumption privacy of smart grid users
CN109495263A (en) Clock synchronizing method, system, device, intelligent terminal, vehicle termination and medium
WO2018072443A1 (en) Charging method, apparatus, and data storage medium
CN105450329B (en) The code modulating method and device of parallel channel
Hsiao et al. Utilizing blockchain technology to improve WSN security for sensor data transmission
CN104360933B (en) A kind of device for recording board and adding up power-on time
CN111859424B (en) Data encryption method, system, terminal and storage medium of physical management platform
CN203606828U (en) Software dongle with time-limited management control function
CN116341016B (en) Big data secure storage method and system
WO2016197696A1 (en) Method, apparatus and system for managing measurement data
CN104935406B (en) A kind of data compression of intelligent grid communication and decompression method and intelligent grid communication system
CN116992274A (en) Short-term wind speed prediction method and system based on improved principal component regression model
KR101261156B1 (en) Method for generating secret key and electronic device using the same
CN109598132A (en) Electric energy meter and its date storage method
CN101702646B (en) Data encryption method
CN107566123A (en) PPTP VPN passwords methods of calibration and computer-readable recording medium
CN112419698A (en) Electric energy meter data transmission method, system and device based on distribution line message specification

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20210916

Address after: No.188, Tianyuan East Road, Jiangning District, Nanjing City, Jiangsu Province, 210000

Patentee after: JIANGSU HUAYUAN APPARATUS AND INSTR Co.,Ltd.

Address before: 226200 NO.666, Linyang Road, Qidong Economic Development Zone, Nantong City, Jiangsu Province

Patentee before: JIANGSU LINYANG ENERGY Co.,Ltd.

TR01 Transfer of patent right