CN108076456A - A kind of WiFi communication data security protection method and system based on more passwords - Google Patents
A kind of WiFi communication data security protection method and system based on more passwords Download PDFInfo
- Publication number
- CN108076456A CN108076456A CN201710301792.XA CN201710301792A CN108076456A CN 108076456 A CN108076456 A CN 108076456A CN 201710301792 A CN201710301792 A CN 201710301792A CN 108076456 A CN108076456 A CN 108076456A
- Authority
- CN
- China
- Prior art keywords
- router
- terminal
- random cipher
- data
- database
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Abstract
The invention discloses a kind of WiFi communication data security protection method and system based on more passwords, including:Terminal generates random cipher and is uploaded to router;The corresponding MAC Address of terminal and the random cipher of reception are stored in database by router;Terminal logs in router again using the random cipher and wireless security protocol;Router receives the request of data for carrying out self terminal and inquires about database, searches the random cipher corresponding to the MAC Address of the terminal, and the encryption and decryption of data is carried out using the random cipher.Technical solution of the present invention can be applied under existing all WiFi application scenarios, in the case where not increasing user using complexity, enhance the security of existing WiFi network.
Description
Technical field
The present invention relates to field of information security technology more particularly to a kind of WiFi communication data safety based on more passwords to prevent
Maintaining method and system.
Background technology
Under current WiFi application scenarios, after the good wireless router WiFi passwords of Administrator, all users are
WiFi connections are carried out using identical password.If attacker obtains what arbitrary user used by means such as social engineerings
WiFi passwords, the password that acquisition just can be used directly carry out the communication data of all users in the wireless router usage scenario
It intercepts and captures, and decrypts initial data.If router is not provided with WIFI passwords, user's networking data that attacker intercepts and captures is
Initial data, without decryption.
The content of the invention
For above-mentioned technical problem, technical solutions according to the invention cause each networked terminals to use different passwords
Router is logged in, and carries out the encryption and decryption transmission of data;Even if malicious user is got one of whole using engineering science means
The login password of end subscriber, it is also ensured that the flow of other users is not cracked, so as to utmostly ensure existing WiFi nets
The security of network.
The present invention realizes with the following method:A kind of WiFi communication data security protection method based on more passwords, bag
It includes:
Terminal generates random cipher and is uploaded to router;
The corresponding MAC Address of terminal and the random cipher of reception are stored in database by router;
Terminal logs in router again using the random cipher and wireless security protocol;
Router receives the request of data for carrying out self terminal and inquires about database, searches random corresponding to the MAC Address of the terminal
Password carries out the encryption and decryption of data using the random cipher.
Further, the terminal generates random cipher and is uploaded to router, is specially:Terminal generates random cipher,
And the random cipher is uploaded to router using the network transmission protocol of safety;Wherein, the safe network transmission association
View includes https agreements.
Further, the corresponding MAC Address of terminal and the random cipher of reception are stored in database, tool by the router
Body is:
Router is using the corresponding MAC Address of terminal as key, using the random cipher as value;Using the key and value as one group
Data are preserved to database.
In the above method, before the terminal generates random cipher and is uploaded to router, further include:
Terminal logs in router using administrator's preset password and wireless security protocol;Router opens https and services and monitor
Carry out the request of data of self terminal;Alternatively,
Terminal exempts from close login router;Router opens https and services and monitor the request of data for carrying out self terminal.
Following system may be employed to realize in the present invention:A kind of WiFi communication data safety protection system based on more passwords
System, including:The client being deployed in terminal and the server-side being deployed in router;
The client further includes secret generation module and again login module;The server-side further includes database generation module
With cipher inquiry module;Wherein,
The secret generation module, for generating random cipher and being uploaded to database generation module described in router;
Again the login module, for logging in router again using the random cipher and wireless security protocol;
The database generation module, for the random cipher of the corresponding MAC Address of terminal and reception to be stored in database;
The cipher inquiry module, for receiving to carry out the request of data of self terminal and inquire about database, with searching the MAC of the terminal
Random cipher corresponding to location carries out the encryption and decryption of data using the random cipher.
Further, the secret generation module, is specifically used for:Random cipher is generated, and utilizes the network transmission of safety
The random cipher is uploaded to database generation module described in router by agreement;Wherein, the safe network transmission association
View includes https agreements.
Further, the database generation module, is specifically used for:Using the corresponding MAC Address of terminal as key, by institute
It states random cipher and is used as value;The key and value are preserved as one group of data to database.
In above system, the client further includes first login module, and the server-side further includes request monitoring module;
Wherein, the first login module, for administrator's preset password and wireless security protocol to be used to log in router or terminal
Exempt from close login router;The request monitoring module carrys out the request of data of self terminal for opening https and servicing and monitor.
To sum up, the present invention provides a kind of WiFi communication data security protection method and system based on more passwords, is suitable for
Existing all WiFi application scenarios, user may use original unsafe WiFi connection methods connection router, at this time
" the secure internet connection pattern " of the present invention can be switched to by the client in terminal so that be connected to each of same router
A terminal is logged in using different passwords, and password here is the high intensity password generated at random by each terminal and is uploaded to
Router is stored together in the database in the MAC Address of router side and counterpart terminal, the subsequent terminal using generation with
Secret code carries out register and data encrypting and deciphering transmission.Technical solution disclosed in this invention not only ensure that each user connects
Used password is different when meeting WiFi, and even if the password of wherein some user is cracked by malicious user, also can not
Use the data of the password cracking other users.
Description of the drawings
In order to illustrate more clearly of technical scheme, letter will be made to attached drawing needed in the embodiment below
Singly introduce, it should be apparent that, the accompanying drawings in the following description is only some embodiments described in the present invention, for this field
For those of ordinary skill, without creative efforts, other attached drawings are can also be obtained according to these attached drawings.
Fig. 1 is a kind of 1 flow of WiFi communication data security protection method embodiment based on more passwords provided by the invention
Figure;
Fig. 2 is a kind of 2 flow chart of WiFi communication data security protection method embodiment based on more passwords provided by the invention;
Fig. 3 is a kind of WiFi communication data safety guard system example structure figure based on more passwords provided by the invention.
Specific embodiment
The present invention gives a kind of WiFi communication data security protection method and system embodiment based on more passwords, in order to
Those skilled in the art is made to more fully understand the technical solution in the embodiment of the present invention, and make the above-mentioned purpose of the present invention, spy
Advantage of seeking peace can be more obvious understandable, and technical solution in the present invention is described in further detail below in conjunction with the accompanying drawings:
Present invention firstly provides a kind of WiFi communication data security protection method embodiment 1 based on more passwords, suitable for existing
All WiFi connections scenes having, as shown in Figure 1, including:
S101:Terminal generates random cipher and is uploaded to router;Wherein, the random cipher can be high intensity password, increase
Add the difficulty and cost that malicious user cracks, and then enhance the security of entire WiFi communication process.
S102:The corresponding MAC Address of terminal and the random cipher of reception are stored in database by router;Wherein, herein
Storage mode is:The corresponding MAC Address of terminal and the one-to-one storage of random cipher of terminal generation are specially:Router will
The corresponding MAC Address of terminal is as key(key), using the random cipher as value(value);Using the key and value as one group
Data(Key, value)It preserves to database.
S103:Terminal logs in router again using the random cipher and wireless security protocol;Wherein, the wireless peace
Full agreement includes but not limited to:WPA2 or PSK etc..
S104:Router receives the request of data for carrying out self terminal and inquires about database, and the MAC Address institute for searching the terminal is right
The random cipher answered carries out the encryption and decryption of data using the random cipher.When router receive come self terminal data please
It when asking, then obtains the MAC Address of terminal and inquires about database, and then obtain its corresponding random cipher, so it is random using this
Password ciphertext data simultaneously carries out the operations such as the forwarding of data.
Preferably, the terminal generates random cipher and is uploaded to router, is specially:Terminal generates random cipher, and
The random cipher is uploaded to router using the network transmission protocol of safety;Wherein, the safe network transmission protocol
Including https agreements.The purpose for selecting the safe network transmission protocol herein is in order to which the random cipher of transmission is protected not disliked
The user that anticipates intercepts.
Invention also provides a kind of WiFi communication data security protection method embodiments 2 based on more passwords, are applicable in
In existing all WiFi connections scenes, as shown in Fig. 2, including:
S201:Terminal logs in router using the mode of acquiescence, and router opens https and services and monitor the data for carrying out self terminal
Request.Wherein, the mode of the acquiescence includes but not limited to:Terminal is logged in using administrator's preset password and wireless security protocol
Router;Alternatively, terminal exempts from close login router.
S202:Terminal generates random cipher and is uploaded to router;
S203:The corresponding MAC Address of terminal and the random cipher of reception are stored in database by router;
S204:Terminal logs in router again using the random cipher and wireless security protocol;
S205:Router receives the request of data for carrying out self terminal and inquires about database, searches corresponding to the MAC Address of the terminal
Random cipher carries out the encryption and decryption of data using the random cipher.
Current embodiment require that modification router side code, more cipher mechanisms are revised as by WiFi passwords.When terminal logs in
When carrying out data exchange with terminal and router, using more cipher mechanisms, searched according to the MAC Address of terminal corresponding with secret
Code carries out the encryption and decryption operation of data.
Secondly the present invention provides a kind of WiFi communication data safety guard system embodiment based on more passwords, such as Fig. 3
It is shown, including:The client 30 being deployed in terminal and the server-side 40 being deployed in router;
The client 30 further includes secret generation module 301 and again login module 302;The server-side 40 further includes data
Storehouse generation module 401 and cipher inquiry module 402;Wherein,
The secret generation module 301, for generating random cipher and being uploaded to database generation module described in router
401;
Again login module 302, for logging in router again using the random cipher and wireless security protocol;
The database generation module 401, for the random cipher of the corresponding MAC Address of terminal and reception to be stored in database;
The cipher inquiry module 402 for receiving to carry out the request of data of self terminal and inquire about database, searches the terminal
Random cipher corresponding to MAC Address carries out the encryption and decryption of data using the random cipher.
Preferably, the secret generation module, is specifically used for:Random cipher is generated, and is assisted using the network transmission of safety
The random cipher is uploaded to database generation module described in router by view;Wherein, the safe network transmission protocol
Including https agreements.
It is highly preferred that the database generation module, is specifically used for:Using the corresponding MAC Address of terminal as key, by described in
Random cipher is as value;The key and value are preserved as one group of data to database.
In above system embodiment, the client further includes first login module, and the server-side further includes request prison
Listen module;Wherein, the first login module, for use administrator's preset password and wireless security protocol log in router or
Person's terminal exempts from close login router;The request monitoring module, for open https service and monitor come self terminal data please
It asks.
User can open client software at terminal, open " secure internet connection pattern ", and client is waited to reconnect
Router, and then enable technical solutions according to the invention.Alternatively, by cooperating with system software manufacturer, will open " in safety
Net pattern " code is preset in original WiFi connections code, changes original WiFi connections custom into without user, just
Technical solution disclosed in this invention can be used to realize the safe wireless networking operation of terminal.
Each embodiment in this specification is described by the way of progressive, the same or similar between each embodiment
Just to refer each other for part, and the highlights of each of the examples are difference from other examples.Especially for system
For embodiment, since it is substantially similar to embodiment of the method, so description is fairly simple, related part is implemented referring to method
The part explanation of example.
As described above, above-described embodiment gives a kind of WiFi communication data security protection method based on more passwords and is
System embodiment, coordinates the unsafe WiFi connection methods being commonly used, and can be effectively accomplished and malicious user is prevented to cut
The effect for obtaining the networking data of user and being decrypted.User caused by solving existing unsafe WiFi connection modes networks
Data are captured by malicious user, and are passed through social engineering means and obtained password or the breaking techniques that use force and crack weak password pair
The problem of data are decrypted.Enhance the security of existing WiFi network data transmission.
Above example is to illustrative and not limiting technical scheme.Appointing for spirit and scope of the invention is not departed from
What modification or local replacement, should be covered by the scope of the claims of the present invention.
Claims (8)
1. a kind of WiFi communication data security protection method based on more passwords, which is characterized in that including:
Terminal generates random cipher and is uploaded to router;
The corresponding MAC Address of terminal and the random cipher of reception are stored in database by router;
Terminal logs in router again using the random cipher and wireless security protocol;
Router receives the request of data for carrying out self terminal and inquires about database, searches random corresponding to the MAC Address of the terminal
Password carries out the encryption and decryption of data using the random cipher.
2. the method as described in claim 1, which is characterized in that the terminal generates random cipher and is uploaded to router, has
Body is:Terminal generates random cipher, and the random cipher is uploaded to router using the network transmission protocol of safety;Its
In, the safe network transmission protocol includes https agreements.
3. method as claimed in claim 2, which is characterized in that the router is by the corresponding MAC Address of terminal and reception
Random cipher is stored in database, is specially:
Router is using the corresponding MAC Address of terminal as key, using the random cipher as value;Using the key and value as one group
Data are preserved to database.
4. method as claimed in claim 3, which is characterized in that the terminal generate random cipher and be uploaded to router it
Before, it further includes:
Terminal logs in router using administrator's preset password and wireless security protocol;Router opens https and services and monitor
Carry out the request of data of self terminal;Alternatively,
Terminal exempts from close login router;Router opens https and services and monitor the request of data for carrying out self terminal.
5. a kind of WiFi communication data safety guard system based on more passwords, which is characterized in that including:It is deployed in terminal
Client and the server-side being deployed in router;
The client further includes secret generation module and again login module;The server-side further includes database generation module
With cipher inquiry module;Wherein,
The secret generation module, for generating random cipher and being uploaded to database generation module described in router;
Again the login module, for logging in router again using the random cipher and wireless security protocol;
The database generation module, for the random cipher of the corresponding MAC Address of terminal and reception to be stored in database;
The cipher inquiry module, for receiving to carry out the request of data of self terminal and inquire about database, with searching the MAC of the terminal
Random cipher corresponding to location carries out the encryption and decryption of data using the random cipher.
6. system as claimed in claim 5, which is characterized in that the secret generation module is specifically used for:Generation is with secret
Code, and the random cipher is uploaded to database generation module described in router using the network transmission protocol of safety;Its
In, the safe network transmission protocol includes https agreements.
7. system as claimed in claim 6, which is characterized in that the database generation module is specifically used for:It should by terminal-pair
MAC Address as key, using the random cipher as value;The key and value are preserved as one group of data to database.
8. system as claimed in claim 7, which is characterized in that the client further includes first login module, the service
End further includes request monitoring module;Wherein, the first login module, for administrator's preset password and wireless security to be used to assist
View logs in router or terminal exempts from close login router;The request monitoring module services and monitors for opening https
The request of data of self terminal.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710301792.XA CN108076456A (en) | 2017-05-02 | 2017-05-02 | A kind of WiFi communication data security protection method and system based on more passwords |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710301792.XA CN108076456A (en) | 2017-05-02 | 2017-05-02 | A kind of WiFi communication data security protection method and system based on more passwords |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108076456A true CN108076456A (en) | 2018-05-25 |
Family
ID=62159106
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710301792.XA Pending CN108076456A (en) | 2017-05-02 | 2017-05-02 | A kind of WiFi communication data security protection method and system based on more passwords |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108076456A (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1842000A (en) * | 2005-03-29 | 2006-10-04 | 华为技术有限公司 | Method for realizing access authentication of WLAN |
US20120240191A1 (en) * | 2011-03-14 | 2012-09-20 | Jordan Husney | Wireless device nearfield security configuration |
CN104981000A (en) * | 2015-07-20 | 2015-10-14 | 陕西师范大学 | Invisible WiFi hotspot automatic connection device and method thereof |
CN105050086A (en) * | 2015-07-23 | 2015-11-11 | 广东顺德中山大学卡内基梅隆大学国际联合研究院 | Method for terminal to log in Wifi hotspot |
CN105208013A (en) * | 2015-08-31 | 2015-12-30 | 张方华 | Cross-device high-security non-password login method |
CN105515768A (en) * | 2016-01-08 | 2016-04-20 | 腾讯科技(深圳)有限公司 | Method, device and system for updating secret key |
-
2017
- 2017-05-02 CN CN201710301792.XA patent/CN108076456A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1842000A (en) * | 2005-03-29 | 2006-10-04 | 华为技术有限公司 | Method for realizing access authentication of WLAN |
US20120240191A1 (en) * | 2011-03-14 | 2012-09-20 | Jordan Husney | Wireless device nearfield security configuration |
CN104981000A (en) * | 2015-07-20 | 2015-10-14 | 陕西师范大学 | Invisible WiFi hotspot automatic connection device and method thereof |
CN105050086A (en) * | 2015-07-23 | 2015-11-11 | 广东顺德中山大学卡内基梅隆大学国际联合研究院 | Method for terminal to log in Wifi hotspot |
CN105208013A (en) * | 2015-08-31 | 2015-12-30 | 张方华 | Cross-device high-security non-password login method |
CN105515768A (en) * | 2016-01-08 | 2016-04-20 | 腾讯科技(深圳)有限公司 | Method, device and system for updating secret key |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3641266B1 (en) | Data processing method and apparatus, terminal, and access point computer | |
US9680795B2 (en) | Destination domain extraction for secure protocols | |
US11165604B2 (en) | Method and system used by terminal to connect to virtual private network, and related device | |
Shen et al. | Secure device-to-device communications over WiFi direct | |
US10158608B2 (en) | Key establishment for constrained resource devices | |
US20140109213A1 (en) | Method and Apparatus for Data Transmission | |
CN109167802B (en) | Method, server and terminal for preventing session hijacking | |
JP2010503323A (en) | Method and system for establishing a real-time authenticated and guaranteed communication channel in a public network | |
CA2321407C (en) | Security mechanisms and architecture for collaborative systems using tuple space | |
CN110493367B (en) | Address-free IPv6 non-public server, client and communication method | |
US7965701B1 (en) | Method and system for secure communications with IP telephony appliance | |
CN103795966B (en) | A kind of security video call implementing method and system based on digital certificate | |
CN115001686B (en) | Global quantum security device and system | |
CN104735037B (en) | A kind of method for network authorization, apparatus and system | |
US20080126455A1 (en) | Methods of protecting management frames exchanged between two wireless equipments, and of receiving and transmitting such frames, computer programs, and data media containing said computer programs | |
CN114584386B (en) | Global multistage encryption network communication method | |
WO2012024905A1 (en) | Method, terminal and ggsn for encrypting and decrypting data in mobile communication network | |
US10015208B2 (en) | Single proxies in secure communication using service function chaining | |
CN106465117B (en) | Method, device and communication system for accessing terminal to communication network | |
US20100131762A1 (en) | Secured communication method for wireless mesh network | |
KR101979157B1 (en) | Non-address network equipment and communication security system using it | |
Rana et al. | Common security protocols for wireless networks: A comparative analysis | |
Gao et al. | SecT: A lightweight secure thing-centered IoT communication system | |
KR101784240B1 (en) | Communication security method and system using a non-address network equipment | |
CN105871788B (en) | Password generation method and device for login server |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: 150028 Building 7, Innovation Plaza, Science and Technology Innovation City, Harbin Hi-tech Industrial Development Zone, Heilongjiang Province (838 Shikun Road) Applicant after: Harbin antiy Technology Group Limited by Share Ltd Address before: 150090 Room 506, No. 162 Hongqi Street, Nangang District, Harbin Development Zone, Heilongjiang Province Applicant before: Harbin Antiy Technology Co., Ltd. |
|
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20180525 |