CN108076456A - A kind of WiFi communication data security protection method and system based on more passwords - Google Patents

A kind of WiFi communication data security protection method and system based on more passwords Download PDF

Info

Publication number
CN108076456A
CN108076456A CN201710301792.XA CN201710301792A CN108076456A CN 108076456 A CN108076456 A CN 108076456A CN 201710301792 A CN201710301792 A CN 201710301792A CN 108076456 A CN108076456 A CN 108076456A
Authority
CN
China
Prior art keywords
router
terminal
random cipher
data
database
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710301792.XA
Other languages
Chinese (zh)
Inventor
宛宏祥
黄显澍
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Harbin Antiy Technology Co Ltd
Original Assignee
Harbin Antiy Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Harbin Antiy Technology Co Ltd filed Critical Harbin Antiy Technology Co Ltd
Priority to CN201710301792.XA priority Critical patent/CN108076456A/en
Publication of CN108076456A publication Critical patent/CN108076456A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Abstract

The invention discloses a kind of WiFi communication data security protection method and system based on more passwords, including:Terminal generates random cipher and is uploaded to router;The corresponding MAC Address of terminal and the random cipher of reception are stored in database by router;Terminal logs in router again using the random cipher and wireless security protocol;Router receives the request of data for carrying out self terminal and inquires about database, searches the random cipher corresponding to the MAC Address of the terminal, and the encryption and decryption of data is carried out using the random cipher.Technical solution of the present invention can be applied under existing all WiFi application scenarios, in the case where not increasing user using complexity, enhance the security of existing WiFi network.

Description

A kind of WiFi communication data security protection method and system based on more passwords
Technical field
The present invention relates to field of information security technology more particularly to a kind of WiFi communication data safety based on more passwords to prevent Maintaining method and system.
Background technology
Under current WiFi application scenarios, after the good wireless router WiFi passwords of Administrator, all users are WiFi connections are carried out using identical password.If attacker obtains what arbitrary user used by means such as social engineerings WiFi passwords, the password that acquisition just can be used directly carry out the communication data of all users in the wireless router usage scenario It intercepts and captures, and decrypts initial data.If router is not provided with WIFI passwords, user's networking data that attacker intercepts and captures is Initial data, without decryption.
The content of the invention
For above-mentioned technical problem, technical solutions according to the invention cause each networked terminals to use different passwords Router is logged in, and carries out the encryption and decryption transmission of data;Even if malicious user is got one of whole using engineering science means The login password of end subscriber, it is also ensured that the flow of other users is not cracked, so as to utmostly ensure existing WiFi nets The security of network.
The present invention realizes with the following method:A kind of WiFi communication data security protection method based on more passwords, bag It includes:
Terminal generates random cipher and is uploaded to router;
The corresponding MAC Address of terminal and the random cipher of reception are stored in database by router;
Terminal logs in router again using the random cipher and wireless security protocol;
Router receives the request of data for carrying out self terminal and inquires about database, searches random corresponding to the MAC Address of the terminal Password carries out the encryption and decryption of data using the random cipher.
Further, the terminal generates random cipher and is uploaded to router, is specially:Terminal generates random cipher, And the random cipher is uploaded to router using the network transmission protocol of safety;Wherein, the safe network transmission association View includes https agreements.
Further, the corresponding MAC Address of terminal and the random cipher of reception are stored in database, tool by the router Body is:
Router is using the corresponding MAC Address of terminal as key, using the random cipher as value;Using the key and value as one group Data are preserved to database.
In the above method, before the terminal generates random cipher and is uploaded to router, further include:
Terminal logs in router using administrator's preset password and wireless security protocol;Router opens https and services and monitor Carry out the request of data of self terminal;Alternatively,
Terminal exempts from close login router;Router opens https and services and monitor the request of data for carrying out self terminal.
Following system may be employed to realize in the present invention:A kind of WiFi communication data safety protection system based on more passwords System, including:The client being deployed in terminal and the server-side being deployed in router;
The client further includes secret generation module and again login module;The server-side further includes database generation module With cipher inquiry module;Wherein,
The secret generation module, for generating random cipher and being uploaded to database generation module described in router;
Again the login module, for logging in router again using the random cipher and wireless security protocol;
The database generation module, for the random cipher of the corresponding MAC Address of terminal and reception to be stored in database;
The cipher inquiry module, for receiving to carry out the request of data of self terminal and inquire about database, with searching the MAC of the terminal Random cipher corresponding to location carries out the encryption and decryption of data using the random cipher.
Further, the secret generation module, is specifically used for:Random cipher is generated, and utilizes the network transmission of safety The random cipher is uploaded to database generation module described in router by agreement;Wherein, the safe network transmission association View includes https agreements.
Further, the database generation module, is specifically used for:Using the corresponding MAC Address of terminal as key, by institute It states random cipher and is used as value;The key and value are preserved as one group of data to database.
In above system, the client further includes first login module, and the server-side further includes request monitoring module; Wherein, the first login module, for administrator's preset password and wireless security protocol to be used to log in router or terminal Exempt from close login router;The request monitoring module carrys out the request of data of self terminal for opening https and servicing and monitor.
To sum up, the present invention provides a kind of WiFi communication data security protection method and system based on more passwords, is suitable for Existing all WiFi application scenarios, user may use original unsafe WiFi connection methods connection router, at this time " the secure internet connection pattern " of the present invention can be switched to by the client in terminal so that be connected to each of same router A terminal is logged in using different passwords, and password here is the high intensity password generated at random by each terminal and is uploaded to Router is stored together in the database in the MAC Address of router side and counterpart terminal, the subsequent terminal using generation with Secret code carries out register and data encrypting and deciphering transmission.Technical solution disclosed in this invention not only ensure that each user connects Used password is different when meeting WiFi, and even if the password of wherein some user is cracked by malicious user, also can not Use the data of the password cracking other users.
Description of the drawings
In order to illustrate more clearly of technical scheme, letter will be made to attached drawing needed in the embodiment below Singly introduce, it should be apparent that, the accompanying drawings in the following description is only some embodiments described in the present invention, for this field For those of ordinary skill, without creative efforts, other attached drawings are can also be obtained according to these attached drawings.
Fig. 1 is a kind of 1 flow of WiFi communication data security protection method embodiment based on more passwords provided by the invention Figure;
Fig. 2 is a kind of 2 flow chart of WiFi communication data security protection method embodiment based on more passwords provided by the invention;
Fig. 3 is a kind of WiFi communication data safety guard system example structure figure based on more passwords provided by the invention.
Specific embodiment
The present invention gives a kind of WiFi communication data security protection method and system embodiment based on more passwords, in order to Those skilled in the art is made to more fully understand the technical solution in the embodiment of the present invention, and make the above-mentioned purpose of the present invention, spy Advantage of seeking peace can be more obvious understandable, and technical solution in the present invention is described in further detail below in conjunction with the accompanying drawings:
Present invention firstly provides a kind of WiFi communication data security protection method embodiment 1 based on more passwords, suitable for existing All WiFi connections scenes having, as shown in Figure 1, including:
S101:Terminal generates random cipher and is uploaded to router;Wherein, the random cipher can be high intensity password, increase Add the difficulty and cost that malicious user cracks, and then enhance the security of entire WiFi communication process.
S102:The corresponding MAC Address of terminal and the random cipher of reception are stored in database by router;Wherein, herein Storage mode is:The corresponding MAC Address of terminal and the one-to-one storage of random cipher of terminal generation are specially:Router will The corresponding MAC Address of terminal is as key(key), using the random cipher as value(value);Using the key and value as one group Data(Key, value)It preserves to database.
S103:Terminal logs in router again using the random cipher and wireless security protocol;Wherein, the wireless peace Full agreement includes but not limited to:WPA2 or PSK etc..
S104:Router receives the request of data for carrying out self terminal and inquires about database, and the MAC Address institute for searching the terminal is right The random cipher answered carries out the encryption and decryption of data using the random cipher.When router receive come self terminal data please It when asking, then obtains the MAC Address of terminal and inquires about database, and then obtain its corresponding random cipher, so it is random using this Password ciphertext data simultaneously carries out the operations such as the forwarding of data.
Preferably, the terminal generates random cipher and is uploaded to router, is specially:Terminal generates random cipher, and The random cipher is uploaded to router using the network transmission protocol of safety;Wherein, the safe network transmission protocol Including https agreements.The purpose for selecting the safe network transmission protocol herein is in order to which the random cipher of transmission is protected not disliked The user that anticipates intercepts.
Invention also provides a kind of WiFi communication data security protection method embodiments 2 based on more passwords, are applicable in In existing all WiFi connections scenes, as shown in Fig. 2, including:
S201:Terminal logs in router using the mode of acquiescence, and router opens https and services and monitor the data for carrying out self terminal Request.Wherein, the mode of the acquiescence includes but not limited to:Terminal is logged in using administrator's preset password and wireless security protocol Router;Alternatively, terminal exempts from close login router.
S202:Terminal generates random cipher and is uploaded to router;
S203:The corresponding MAC Address of terminal and the random cipher of reception are stored in database by router;
S204:Terminal logs in router again using the random cipher and wireless security protocol;
S205:Router receives the request of data for carrying out self terminal and inquires about database, searches corresponding to the MAC Address of the terminal Random cipher carries out the encryption and decryption of data using the random cipher.
Current embodiment require that modification router side code, more cipher mechanisms are revised as by WiFi passwords.When terminal logs in When carrying out data exchange with terminal and router, using more cipher mechanisms, searched according to the MAC Address of terminal corresponding with secret Code carries out the encryption and decryption operation of data.
Secondly the present invention provides a kind of WiFi communication data safety guard system embodiment based on more passwords, such as Fig. 3 It is shown, including:The client 30 being deployed in terminal and the server-side 40 being deployed in router;
The client 30 further includes secret generation module 301 and again login module 302;The server-side 40 further includes data Storehouse generation module 401 and cipher inquiry module 402;Wherein,
The secret generation module 301, for generating random cipher and being uploaded to database generation module described in router 401;
Again login module 302, for logging in router again using the random cipher and wireless security protocol;
The database generation module 401, for the random cipher of the corresponding MAC Address of terminal and reception to be stored in database;
The cipher inquiry module 402 for receiving to carry out the request of data of self terminal and inquire about database, searches the terminal Random cipher corresponding to MAC Address carries out the encryption and decryption of data using the random cipher.
Preferably, the secret generation module, is specifically used for:Random cipher is generated, and is assisted using the network transmission of safety The random cipher is uploaded to database generation module described in router by view;Wherein, the safe network transmission protocol Including https agreements.
It is highly preferred that the database generation module, is specifically used for:Using the corresponding MAC Address of terminal as key, by described in Random cipher is as value;The key and value are preserved as one group of data to database.
In above system embodiment, the client further includes first login module, and the server-side further includes request prison Listen module;Wherein, the first login module, for use administrator's preset password and wireless security protocol log in router or Person's terminal exempts from close login router;The request monitoring module, for open https service and monitor come self terminal data please It asks.
User can open client software at terminal, open " secure internet connection pattern ", and client is waited to reconnect Router, and then enable technical solutions according to the invention.Alternatively, by cooperating with system software manufacturer, will open " in safety Net pattern " code is preset in original WiFi connections code, changes original WiFi connections custom into without user, just Technical solution disclosed in this invention can be used to realize the safe wireless networking operation of terminal.
Each embodiment in this specification is described by the way of progressive, the same or similar between each embodiment Just to refer each other for part, and the highlights of each of the examples are difference from other examples.Especially for system For embodiment, since it is substantially similar to embodiment of the method, so description is fairly simple, related part is implemented referring to method The part explanation of example.
As described above, above-described embodiment gives a kind of WiFi communication data security protection method based on more passwords and is System embodiment, coordinates the unsafe WiFi connection methods being commonly used, and can be effectively accomplished and malicious user is prevented to cut The effect for obtaining the networking data of user and being decrypted.User caused by solving existing unsafe WiFi connection modes networks Data are captured by malicious user, and are passed through social engineering means and obtained password or the breaking techniques that use force and crack weak password pair The problem of data are decrypted.Enhance the security of existing WiFi network data transmission.
Above example is to illustrative and not limiting technical scheme.Appointing for spirit and scope of the invention is not departed from What modification or local replacement, should be covered by the scope of the claims of the present invention.

Claims (8)

1. a kind of WiFi communication data security protection method based on more passwords, which is characterized in that including:
Terminal generates random cipher and is uploaded to router;
The corresponding MAC Address of terminal and the random cipher of reception are stored in database by router;
Terminal logs in router again using the random cipher and wireless security protocol;
Router receives the request of data for carrying out self terminal and inquires about database, searches random corresponding to the MAC Address of the terminal Password carries out the encryption and decryption of data using the random cipher.
2. the method as described in claim 1, which is characterized in that the terminal generates random cipher and is uploaded to router, has Body is:Terminal generates random cipher, and the random cipher is uploaded to router using the network transmission protocol of safety;Its In, the safe network transmission protocol includes https agreements.
3. method as claimed in claim 2, which is characterized in that the router is by the corresponding MAC Address of terminal and reception Random cipher is stored in database, is specially:
Router is using the corresponding MAC Address of terminal as key, using the random cipher as value;Using the key and value as one group Data are preserved to database.
4. method as claimed in claim 3, which is characterized in that the terminal generate random cipher and be uploaded to router it Before, it further includes:
Terminal logs in router using administrator's preset password and wireless security protocol;Router opens https and services and monitor Carry out the request of data of self terminal;Alternatively,
Terminal exempts from close login router;Router opens https and services and monitor the request of data for carrying out self terminal.
5. a kind of WiFi communication data safety guard system based on more passwords, which is characterized in that including:It is deployed in terminal Client and the server-side being deployed in router;
The client further includes secret generation module and again login module;The server-side further includes database generation module With cipher inquiry module;Wherein,
The secret generation module, for generating random cipher and being uploaded to database generation module described in router;
Again the login module, for logging in router again using the random cipher and wireless security protocol;
The database generation module, for the random cipher of the corresponding MAC Address of terminal and reception to be stored in database;
The cipher inquiry module, for receiving to carry out the request of data of self terminal and inquire about database, with searching the MAC of the terminal Random cipher corresponding to location carries out the encryption and decryption of data using the random cipher.
6. system as claimed in claim 5, which is characterized in that the secret generation module is specifically used for:Generation is with secret Code, and the random cipher is uploaded to database generation module described in router using the network transmission protocol of safety;Its In, the safe network transmission protocol includes https agreements.
7. system as claimed in claim 6, which is characterized in that the database generation module is specifically used for:It should by terminal-pair MAC Address as key, using the random cipher as value;The key and value are preserved as one group of data to database.
8. system as claimed in claim 7, which is characterized in that the client further includes first login module, the service End further includes request monitoring module;Wherein, the first login module, for administrator's preset password and wireless security to be used to assist View logs in router or terminal exempts from close login router;The request monitoring module services and monitors for opening https The request of data of self terminal.
CN201710301792.XA 2017-05-02 2017-05-02 A kind of WiFi communication data security protection method and system based on more passwords Pending CN108076456A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710301792.XA CN108076456A (en) 2017-05-02 2017-05-02 A kind of WiFi communication data security protection method and system based on more passwords

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710301792.XA CN108076456A (en) 2017-05-02 2017-05-02 A kind of WiFi communication data security protection method and system based on more passwords

Publications (1)

Publication Number Publication Date
CN108076456A true CN108076456A (en) 2018-05-25

Family

ID=62159106

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710301792.XA Pending CN108076456A (en) 2017-05-02 2017-05-02 A kind of WiFi communication data security protection method and system based on more passwords

Country Status (1)

Country Link
CN (1) CN108076456A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1842000A (en) * 2005-03-29 2006-10-04 华为技术有限公司 Method for realizing access authentication of WLAN
US20120240191A1 (en) * 2011-03-14 2012-09-20 Jordan Husney Wireless device nearfield security configuration
CN104981000A (en) * 2015-07-20 2015-10-14 陕西师范大学 Invisible WiFi hotspot automatic connection device and method thereof
CN105050086A (en) * 2015-07-23 2015-11-11 广东顺德中山大学卡内基梅隆大学国际联合研究院 Method for terminal to log in Wifi hotspot
CN105208013A (en) * 2015-08-31 2015-12-30 张方华 Cross-device high-security non-password login method
CN105515768A (en) * 2016-01-08 2016-04-20 腾讯科技(深圳)有限公司 Method, device and system for updating secret key

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1842000A (en) * 2005-03-29 2006-10-04 华为技术有限公司 Method for realizing access authentication of WLAN
US20120240191A1 (en) * 2011-03-14 2012-09-20 Jordan Husney Wireless device nearfield security configuration
CN104981000A (en) * 2015-07-20 2015-10-14 陕西师范大学 Invisible WiFi hotspot automatic connection device and method thereof
CN105050086A (en) * 2015-07-23 2015-11-11 广东顺德中山大学卡内基梅隆大学国际联合研究院 Method for terminal to log in Wifi hotspot
CN105208013A (en) * 2015-08-31 2015-12-30 张方华 Cross-device high-security non-password login method
CN105515768A (en) * 2016-01-08 2016-04-20 腾讯科技(深圳)有限公司 Method, device and system for updating secret key

Similar Documents

Publication Publication Date Title
EP3641266B1 (en) Data processing method and apparatus, terminal, and access point computer
US9680795B2 (en) Destination domain extraction for secure protocols
US11165604B2 (en) Method and system used by terminal to connect to virtual private network, and related device
Shen et al. Secure device-to-device communications over WiFi direct
US10158608B2 (en) Key establishment for constrained resource devices
US20140109213A1 (en) Method and Apparatus for Data Transmission
CN109167802B (en) Method, server and terminal for preventing session hijacking
JP2010503323A (en) Method and system for establishing a real-time authenticated and guaranteed communication channel in a public network
CA2321407C (en) Security mechanisms and architecture for collaborative systems using tuple space
CN110493367B (en) Address-free IPv6 non-public server, client and communication method
US7965701B1 (en) Method and system for secure communications with IP telephony appliance
CN103795966B (en) A kind of security video call implementing method and system based on digital certificate
CN115001686B (en) Global quantum security device and system
CN104735037B (en) A kind of method for network authorization, apparatus and system
US20080126455A1 (en) Methods of protecting management frames exchanged between two wireless equipments, and of receiving and transmitting such frames, computer programs, and data media containing said computer programs
CN114584386B (en) Global multistage encryption network communication method
WO2012024905A1 (en) Method, terminal and ggsn for encrypting and decrypting data in mobile communication network
US10015208B2 (en) Single proxies in secure communication using service function chaining
CN106465117B (en) Method, device and communication system for accessing terminal to communication network
US20100131762A1 (en) Secured communication method for wireless mesh network
KR101979157B1 (en) Non-address network equipment and communication security system using it
Rana et al. Common security protocols for wireless networks: A comparative analysis
Gao et al. SecT: A lightweight secure thing-centered IoT communication system
KR101784240B1 (en) Communication security method and system using a non-address network equipment
CN105871788B (en) Password generation method and device for login server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 150028 Building 7, Innovation Plaza, Science and Technology Innovation City, Harbin Hi-tech Industrial Development Zone, Heilongjiang Province (838 Shikun Road)

Applicant after: Harbin antiy Technology Group Limited by Share Ltd

Address before: 150090 Room 506, No. 162 Hongqi Street, Nangang District, Harbin Development Zone, Heilongjiang Province

Applicant before: Harbin Antiy Technology Co., Ltd.

WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20180525