CN108833092A - Dual encryption communication means for photovoltaic monitoring management system - Google Patents

Dual encryption communication means for photovoltaic monitoring management system Download PDF

Info

Publication number
CN108833092A
CN108833092A CN201810607827.7A CN201810607827A CN108833092A CN 108833092 A CN108833092 A CN 108833092A CN 201810607827 A CN201810607827 A CN 201810607827A CN 108833092 A CN108833092 A CN 108833092A
Authority
CN
China
Prior art keywords
data
management apparatus
time
ciphertext
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810607827.7A
Other languages
Chinese (zh)
Inventor
杨宇辉
吴庆彬
杨朝辉
张燕敏
吴雪琴
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
WUXI LONGMA TECHNOLOGY Co Ltd
Original Assignee
WUXI LONGMA TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by WUXI LONGMA TECHNOLOGY Co Ltd filed Critical WUXI LONGMA TECHNOLOGY Co Ltd
Priority to CN201810607827.7A priority Critical patent/CN108833092A/en
Publication of CN108833092A publication Critical patent/CN108833092A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)

Abstract

The present invention discloses a kind of dual encryption communication means for photovoltaic monitoring management system, and the dual encryption communication means for photovoltaic monitoring management system includes following procedure:The collected initial data of data acquisition equipment;Encryption for the first time is carried out to initial data in data acquisition is set and obtains first time ciphertext, and first time ciphertext is transferred to data management apparatus;Data management apparatus, which receives first time ciphertext and decrypts for the first time, obtains initial data;The initial data that data management apparatus obtains after decrypting to first time carries out second and encrypts, and second of ciphertext is sent to cloud platform server;Cloud platform server, which receives second of ciphertext that data management apparatus is sent and decrypts, obtains initial data.The dual encryption communication means for photovoltaic monitoring management system can guarantee the Information Security and message integrality of communication processor wireless communication.

Description

Dual encryption communication means for photovoltaic monitoring management system
Technical field
The present invention relates to a kind of coded communication algorithm, especially a kind of dual encryption for photovoltaic monitoring management system is communicated Method belongs to the technical field of photovoltaic conflux data transmission.
Background technique
Unified monitoring management system is constructed in photovoltaic system, needs the tidal data recovering of header box, inverter, ammeter logical Believe supervisor, when photovoltaic system monitors, and communication processor uses plaintext transmission using wireless transmission, wireless communication has Packet phenomenon and the unsafe phenomenon of data.Network change is frequently or under the 2G/3G network environment of less stable, communication processor When with cloud platform communication, data are imperfect or may receive hacker attack, and data are dangerous.
Summary of the invention
Of the existing technology in order to solve the problems, such as, the present invention provides a kind of dual encryption for photovoltaic monitoring management system Communication means guarantees the Information Security and message integrality of communication processor wireless communication.
The technical solution provided according to the present invention, a kind of dual encryption communication means for photovoltaic monitoring management system, institute Stating for the dual encryption communication means of photovoltaic monitoring management system includes following procedure:
Data acquisition equipment acquires initial data;
Encryption for the first time is carried out to initial data in data acquisition equipment and obtains first time ciphertext, and first time ciphertext is transmitted To data management apparatus;
Data management apparatus, which receives first time ciphertext and decrypts for the first time, obtains initial data;
The initial data that data management apparatus obtains after decrypting to first time carries out second and encrypts, and second of ciphertext is sent Give cloud platform server;
Cloud platform server, which receives second of ciphertext that data management apparatus is sent and decrypts, obtains initial data.
Further, first time ciphertext is obtained for carrying out encryption for the first time to initial data in data acquisition equipment, And the encryption for the first time of data acquisition equipment described in the step of first time ciphertext is transferred to data management apparatus includes following Process:
The CRC check value of primary key and initial data progress XOR operation is obtained into new key;
New key and initial data are obtained into first time ciphertext by KEELOQ algorithm.
Further, the step of initial data is obtained for receiving first time ciphertext in data management apparatus and decrypting for the first time Suddenly include:Data management apparatus is decrypted the received first time ciphertext of institute by primary key.
Further, if data management apparatus can not be decrypted the received first time ciphertext of institute by primary key Function, data management apparatus then use the CRC check value of primary key and initial data to carry out the obtained new key of XOR operation The received first time ciphertext of institute is decrypted.
Further, obtained new if carrying out XOR operation using the CRC check value of primary key and initial data Success is decrypted in the received first time ciphertext of key pair institute, then data management apparatus is by the CRC of primary key and initial data Test value carries out decruption key of the obtained new key of XOR operation as data management apparatus.
Further, the initial data obtained after decrypting for data management apparatus to first time carries out second and encrypts, And it includes following that second of data management apparatus described in the step of second of ciphertext is sent to cloud platform server, which encrypts, Process:
The algorithm list that it is used and MAC algorithm are sent to cloud platform server by data management apparatus, and the MAC algorithm is used as Generate the random number of key;
Cloud platform server selects a kind of Encryption Algorithm as specified Encryption Algorithm from received algorithm list, selects one The specified Encryption Algorithm and specified MAC algorithm are sent to data management apparatus as specified MAC algorithm by kind MAC algorithm;
The initial data that data management apparatus obtains after decrypting to first time is segmented, and is divided into several records;
Data management apparatus sequentially generates the MAC of several records with specified MAC algorithm;
Data management apparatus successively carries out data encryption to several records with specified Encryption Algorithm and forms encryption data;
Data management apparatus adds the head of every record, sends the encryption data.
Further, is received by second of ciphertext of data management apparatus transmission and is decrypted for cloud platform server and obtain original The step of beginning data, specifically includes:
Cloud platform server receives the encryption data of every record, and with decipherment algorithm pair corresponding with specified Encryption Algorithm Every record is decrypted;
The practical specified MAC algorithm of cloud platform server verifies MAC.
It can be seen that the dual encryption communication means provided by the present invention for photovoltaic monitoring management system from the above, Has following advantages compared with prior art:First, ciphering process can guarantee the number of data management apparatus wireless communication twice According to safety and message integrality, guarantee the safe transmission of communication processor.Second, new key obtains in first time encryption Depending on the mode of primary key and the CRC check value of initial data, only primary key is avoided and existing transmission hidden danger.
Detailed description of the invention
Fig. 1 is flow chart of the invention.
Fig. 2 is the specific flow chart of step 2 in process described in Fig. 1.
Fig. 3 is the specific flow chart of step 3 in process described in Fig. 1.
Fig. 4 is the specific flow chart of step 4 in process described in Fig. 1.
Fig. 5 is the specific flow chart of step 5 in process described in Fig. 1.
Specific embodiment
To make the objectives, technical solutions, and advantages of the present invention clearer, below in conjunction with specific embodiment, and reference Attached drawing, the present invention is described in more detail.
Dual encryption communication means for photovoltaic monitoring management system
The photovoltaic monitoring management system includes:Data acquisition equipment, data management apparatus and cloud platform server;The data Acquiring equipment includes header box, inverter and ammeter, and data acquisition equipment can carry out channel radio between data management apparatus Letter is sent to data management apparatus after encrypting collected initial data for the first time;The data management apparatus, for receiving The first time ciphertext of data acquisition equipment transmission simultaneously obtains initial data through first time decryption, and data management apparatus is to first later Secondary obtained initial data of decrypting carries out second of encryption, and second of ciphertext is sent to cloud platform server;The cloud is flat Platform server, second of the ciphertext and decryption that management equipment is sent for receiving data obtain initial data.
As shown in Figure 1, it is described for photovoltaic monitoring management tie up to data acquisition set in initial data carry out for the first time plus It is close to obtain first time ciphertext, and it includes following mistake that first time ciphertext, which is transferred to the dual encryption communication means of data management apparatus system, Journey:
S1:Data acquisition equipment acquires initial data;
S2:Encryption for the first time is carried out to initial data in data acquisition equipment and obtains first time ciphertext, and by first time ciphertext It is transferred to data management apparatus;
S3;Data management apparatus, which receives first time ciphertext and decrypts for the first time, obtains initial data;
S4:Obtained initial data carries out second and encrypts after data management apparatus decrypts first time, and by second of ciphertext It is sent to cloud platform server;
S5:Cloud platform server, which receives second of ciphertext that data management apparatus is sent and decrypts, obtains initial data.
It can be seen that the ciphering process twice can guarantee the Information Security of data management apparatus wireless communication With message integrality, guarantee the safe transmission of communication processor.
In order to avoid making data acquisition equipment and data management apparatus because of Key Exposure in first time ciphering process Between transmission there are security risk, include following procedure for the encryption for the first time of data acquisition equipment described in step S2, As shown in Fig. 2,:
S210:The CRC check value of primary key and initial data progress XOR operation is obtained into new key;
S220:New key and initial data are obtained into first time ciphertext by KEELOQ algorithm.
As can be seen that the acquisition of the new key depends on the CRC check value of primary key and initial data, avoid only There is primary key and existing transmission hidden danger.
In order to cooperate the first time data encryption process of step S2 as described above, for data pipe described in step S3 Managing equipment decryption for the first time is that learning type is decrypted comprising following steps, as shown in Figure 3:
S310:The received first time ciphertext of institute is decrypted by primary key;
If data management apparatus is decrypted the received first time ciphertext of institute by primary key unsuccessful, data management is set It is standby then carry out S320:The obtained new key of XOR operation is carried out to institute using the CRC check value of primary key and initial data Received first time ciphertext is decrypted.If the S320 successful decryption of data management apparatus, data management apparatus is carried out S330:The CRC check value of primary key and initial data is carried out the obtained new key of XOR operation as data management to set Standby decruption key.
In order to avoid making data management apparatus and cloud platform server because of Key Exposure in second of ciphering process Between transmission there are security risk, it includes following procedure, such as Fig. 4 that second of data management apparatus described in S4, which is encrypted, It is shown,:
S410:The algorithm list that it is used and MAC algorithm are sent to cloud platform server by data management apparatus, and the MAC is calculated Method is used as the random number for generating key.
S420:Cloud platform server selects a kind of Encryption Algorithm to calculate as specified encryption from received algorithm list Method selects a kind of MAC algorithm to be sent to data as specified MAC algorithm, and by the specified Encryption Algorithm and specified MAC algorithm Management equipment.
S430:The initial data that data management apparatus obtains after decrypting to first time is segmented, and is divided into several records.
S440:Data management apparatus sequentially generates the MAC of several records with specified MAC algorithm.
S450:Data management apparatus successively carries out data encryption to several records with specified Encryption Algorithm and forms encryption number According to.
S460:Data management apparatus adds the head of every record, sends the encryption data.
Wherein the cloud platform server selects a kind of Encryption Algorithm to add as specified from received algorithm list Close algorithm selects a kind of MAC algorithm as specified MAC algorithm, can be avoided and generates the risk of leakage because Encryption Algorithm is single.
Is received by second of ciphertext of data management apparatus transmission and is decrypted for cloud platform server described in S5 and obtains original The step of beginning data, specifically includes, as shown in figure 5,:
S510:Cloud platform server receives the encryption data of every record, and with decryption corresponding with specified Encryption Algorithm Record described in every is decrypted in algorithm.
S520:The practical specified MAC algorithm of cloud platform server verifies MAC.
Those of ordinary skills in the art should understand that:The above is only a specific embodiment of the present invention, and It is not used in the limitation present invention, all any modification, equivalent substitution, improvement and etc. within purport of the invention, done should all include Within protection scope of the present invention.

Claims (7)

1. a kind of dual encryption communication means for photovoltaic monitoring management system, which is characterized in that described to be used for photovoltaic monitoring pipe The dual encryption communication means of reason system includes following procedure:
Data acquisition equipment acquires initial data;
Encryption for the first time is carried out to initial data in data acquisition equipment and obtains first time ciphertext, and first time ciphertext is transmitted To data management apparatus;
Data management apparatus, which receives first time ciphertext and decrypts for the first time, obtains initial data;
The initial data that data management apparatus obtains after decrypting to first time carries out second and encrypts, and second of ciphertext is sent Give cloud platform server;
Cloud platform server, which receives second of ciphertext that data management apparatus is sent and decrypts, obtains initial data.
2. as described in claim 1 be used for photovoltaic monitoring management system dual encryption communication means, which is characterized in that for Encryption for the first time is carried out to initial data in data acquisition equipment and obtains first time ciphertext, and first time ciphertext is transferred to data The encryption for the first time of data acquisition equipment described in the step of management equipment includes following procedure:
The CRC check value of primary key and initial data progress XOR operation is obtained into new key;
New key and initial data are obtained into first time ciphertext by KEELOQ algorithm.
3. as described in claim 1 be used for photovoltaic monitoring management system dual encryption communication means, which is characterized in that for Data management apparatus receives first time ciphertext and decrypts the step of obtaining initial data for the first time:Data management apparatus passes through The received first time ciphertext of institute is decrypted in primary key.
4. being used for the dual encryption communication means of photovoltaic monitoring management system as claimed in claim 3, which is characterized in that if number By primary key the received first time ciphertext of institute is decrypted according to management equipment unsuccessful, data management apparatus then uses original The CRC check value of beginning key and initial data carries out the obtained new key of XOR operation and carries out to the received first time ciphertext of institute Decryption.
5. being used for the dual encryption communication means of photovoltaic monitoring management system as claimed in claim 4, which is characterized in that if made The obtained new key of XOR operation is carried out to the received first time ciphertext of institute with the CRC check value of primary key and initial data Success is decrypted, then data management apparatus carries out the CRC check value of primary key and initial data obtained by XOR operation Decruption key of the new key as data management apparatus.
6. being used for the dual encryption communication means of photovoltaic monitoring management system as described in claim 1, which is characterized in that for number The initial data obtained after decrypting according to management equipment to first time carries out second and encrypts, and second of ciphertext is sent to cloud and is put down It includes following procedure that second of data management apparatus described in the step of platform server, which encrypts,:
The algorithm list that it is used and MAC algorithm are sent to cloud platform server by data management apparatus, and the MAC algorithm is used as Generate the random number of key;
Cloud platform server selects a kind of Encryption Algorithm as specified Encryption Algorithm from received algorithm list, selects one The specified Encryption Algorithm and specified MAC algorithm are sent to data management apparatus as specified MAC algorithm by kind MAC algorithm;
The initial data that data management apparatus obtains after decrypting to first time is segmented, and is divided into several records;
Data management apparatus sequentially generates the MAC of several records with specified MAC algorithm;
Data management apparatus successively carries out data encryption to several records with specified Encryption Algorithm and forms encryption data;
Data management apparatus adds the head of every record, sends the encryption data.
7. being used for the dual encryption communication means of photovoltaic monitoring management system as claimed in claim 6, which is characterized in that for cloud Platform Server receives second of ciphertext that data management apparatus is sent and decrypts the step of obtaining initial data and specifically includes:
Cloud platform server receives the encryption data of every record, and with decipherment algorithm pair corresponding with specified Encryption Algorithm Every record is decrypted;
The practical specified MAC algorithm of cloud platform server verifies MAC.
CN201810607827.7A 2018-06-13 2018-06-13 Dual encryption communication means for photovoltaic monitoring management system Pending CN108833092A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810607827.7A CN108833092A (en) 2018-06-13 2018-06-13 Dual encryption communication means for photovoltaic monitoring management system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810607827.7A CN108833092A (en) 2018-06-13 2018-06-13 Dual encryption communication means for photovoltaic monitoring management system

Publications (1)

Publication Number Publication Date
CN108833092A true CN108833092A (en) 2018-11-16

Family

ID=64144981

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810607827.7A Pending CN108833092A (en) 2018-06-13 2018-06-13 Dual encryption communication means for photovoltaic monitoring management system

Country Status (1)

Country Link
CN (1) CN108833092A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117278254A (en) * 2023-08-18 2023-12-22 华能灌云清洁能源发电有限责任公司 Distributed photovoltaic operation and maintenance system with data encryption transmission function

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1964254A (en) * 2005-11-11 2007-05-16 华为技术有限公司 A method to refresh secret key
AU2009296413A1 (en) * 2008-09-27 2010-04-01 Witricity Corporation Wireless energy transfer systems
CN102315933A (en) * 2011-10-18 2012-01-11 飞天诚信科技股份有限公司 Method for updating key and system
CN103020671A (en) * 2012-11-20 2013-04-03 南京邮电大学 Radio frequency identification bidirectional authentication method based on hash function
CN103490889A (en) * 2013-08-07 2014-01-01 金子光 Infinite length key internet communication encryption method
US20140123299A1 (en) * 2012-10-30 2014-05-01 Elwha Llc Methods and systems for managing one or more services and/or device data
CN105744515A (en) * 2016-02-02 2016-07-06 无锡隆玛科技股份有限公司 Wireless communication encryption method applied in data transmission of photovoltaic combiner box
CN105763315A (en) * 2014-12-16 2016-07-13 展讯通信(深圳)有限公司 Data encryption and decryption method and apparatus thereof, and communication system
CN106254355A (en) * 2016-08-10 2016-12-21 武汉信安珞珈科技有限公司 The security processing of a kind of the Internet protocol data bag and system
CN106685664A (en) * 2016-12-27 2017-05-17 广州邦讯信息系统有限公司 Safety control system and method for electric power equipment under Internet

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1964254A (en) * 2005-11-11 2007-05-16 华为技术有限公司 A method to refresh secret key
AU2009296413A1 (en) * 2008-09-27 2010-04-01 Witricity Corporation Wireless energy transfer systems
CN102315933A (en) * 2011-10-18 2012-01-11 飞天诚信科技股份有限公司 Method for updating key and system
US20140123299A1 (en) * 2012-10-30 2014-05-01 Elwha Llc Methods and systems for managing one or more services and/or device data
CN103020671A (en) * 2012-11-20 2013-04-03 南京邮电大学 Radio frequency identification bidirectional authentication method based on hash function
CN103490889A (en) * 2013-08-07 2014-01-01 金子光 Infinite length key internet communication encryption method
CN105763315A (en) * 2014-12-16 2016-07-13 展讯通信(深圳)有限公司 Data encryption and decryption method and apparatus thereof, and communication system
CN105744515A (en) * 2016-02-02 2016-07-06 无锡隆玛科技股份有限公司 Wireless communication encryption method applied in data transmission of photovoltaic combiner box
CN106254355A (en) * 2016-08-10 2016-12-21 武汉信安珞珈科技有限公司 The security processing of a kind of the Internet protocol data bag and system
CN106685664A (en) * 2016-12-27 2017-05-17 广州邦讯信息系统有限公司 Safety control system and method for electric power equipment under Internet

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117278254A (en) * 2023-08-18 2023-12-22 华能灌云清洁能源发电有限责任公司 Distributed photovoltaic operation and maintenance system with data encryption transmission function

Similar Documents

Publication Publication Date Title
CN102082796B (en) Method for encrypting channels and simplified method and system for encrypting channels based on HTTP (hyper text transport protocol)
CN102420821B (en) Method and system for improving transmission security of file
CN105307165B (en) Communication means, server-side and client based on mobile application
CN104754581A (en) Public key password system based LTE wireless network security certification system
CN104702611A (en) Equipment and method for protecting session key of secure socket layer
CN105376261B (en) Encryption method and system for instant messaging message
CN102868531B (en) Networked transaction certification system and method
CN101867898A (en) Short message encrypting communication system, method and secret key center
CN101707767B (en) Data transmission method and devices
CN109976948A (en) Private information backup method and recovery method and system
CN110753321A (en) Safe communication method for vehicle-mounted TBOX and cloud server
CN101448130A (en) Method, system and device for protecting data encryption in monitoring system
CN106411926A (en) Data encryption communication method and system
CN107181584B (en) Asymmetric completely homomorphic encryption and key replacement and ciphertext delivery method thereof
CN1323523C (en) Method of forming dynamic key in radio local network
CN103166757A (en) Method and system capable of dynamically protecting user private data
CN105791258A (en) Data transmission method, terminal and open platform
CN101938741A (en) Method, system and device for mutual authentication
CN104767766A (en) Web Service interface verification method, Web Service server and client
CN112383917A (en) Beidou secure communication method and system based on quotient and secret algorithm
CN114500064B (en) Communication security verification method and device, storage medium and electronic equipment
CN112039663B (en) Data transmission method and system
CN102624892A (en) Method for preventing plug-in client from simulating hyper text transmission protocol (HTTP) request
CN107659405A (en) The encrypting and decrypting method that data communicate between a kind of transformer station boss station
CN104994107A (en) MMS message off-line analysis method based on IEC62351

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20181116

RJ01 Rejection of invention patent application after publication