CN108966214A - Authentication method, the wireless network safety communication method and device of wireless network - Google Patents

Authentication method, the wireless network safety communication method and device of wireless network Download PDF

Info

Publication number
CN108966214A
CN108966214A CN201810848032.5A CN201810848032A CN108966214A CN 108966214 A CN108966214 A CN 108966214A CN 201810848032 A CN201810848032 A CN 201810848032A CN 108966214 A CN108966214 A CN 108966214A
Authority
CN
China
Prior art keywords
information
key
encryption
certificate server
pmk
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810848032.5A
Other languages
Chinese (zh)
Other versions
CN108966214B (en
Inventor
崔文朋
郑哲
乔磊
王亮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Information and Telecommunication Co Ltd
Beijing Smartchip Microelectronics Technology Co Ltd
Original Assignee
State Grid Corp of China SGCC
Global Energy Interconnection Research Institute
State Grid Shanghai Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Corp of China SGCC, Global Energy Interconnection Research Institute, State Grid Shanghai Electric Power Co Ltd filed Critical State Grid Corp of China SGCC
Priority to CN201810848032.5A priority Critical patent/CN108966214B/en
Publication of CN108966214A publication Critical patent/CN108966214A/en
Application granted granted Critical
Publication of CN108966214B publication Critical patent/CN108966214B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the invention provides a kind of authentication methods of wireless network, the wireless network includes: the certification node for prestoring the first public key and the first private key and the certificate server that prestores the second public key and the second private key, this method comprises: certification node sends the first identity information to certificate server;Certificate server encrypts the first identity information of certification node and the second identity information of certificate server using the second private key, generates the first encryption information and is sent to certification node;Certification node decrypts the first encryption information using the second public key, obtains the tiers e'tat information of certification node, judges whether tiers e'tat information is identical as the first identity information, and when identical, judgement passes through the certification of certificate server.By applying the present invention, realize certification of the certification node to certificate server, avoids user and login the property loss that causes the leakage of personal information after the Wi-Fi network of forgery and can not retrieve.

Description

Authentication method, the wireless network safety communication method and device of wireless network
Technical field
The present invention relates to wireless communication technology fields, and in particular to a kind of authentication method of wireless network, wireless network peace Full communication method and device.
Background technique
With the development of wireless communication technique, communication is also more and more, and common communication includes Wireless Fidelity (Wi-Fi, WIreless-FIdelity) communication technology, the Wireless Fidelity communication technology are a kind of permission terminal devices Access the communication technology of a WLAN (WLAN, Wireless Local Area Networks).
The existing Wi-Fi communication technology uses unidirectional authentication, and the user for holding terminal device inputs password and logins nothing Gauze network, and user can not authenticate the wireless network, when criminal creates false Wi-Fi network, and user logins After the vacation Wi-Fi network, it be easy to cause the leakage of userspersonal information, in some instances it may even be possible to cause the property loss that can not be retrieved.Cause How this, realize that user becomes urgent problem to be solved to the certification of wireless network server.
Summary of the invention
In view of this, the embodiment of the invention provides a kind of authentication methods of wireless network, wireless network safety communication side Method and device, to realize certification of the user to wireless network server.
According in a first aspect, the embodiment of the invention provides a kind of authentication method of wireless network, the wireless network packet Include: certification node and certificate server, the certification node prestore the first public key and the first private key, and the certificate server is pre- There are the second public key and the second private key, the authentication method of the wireless network includes: to send the first identity information to the certification to take Business device;The first encryption information that the certificate server is sent is received, first encryption information is that the certificate server makes The first identity information of the certification node and the second identity information of certificate server are encrypted with second private key It generates;First encryption information is decrypted using second public key, obtains the tiers e'tat letter of the certification node Breath, and judge whether the tiers e'tat information and first identity information are identical;When the tiers e'tat information with it is described When first identity information is identical, judgement passes through the certification of the certificate server.
With reference to first aspect, in first aspect first embodiment, using second public key to first encryption Information is decrypted, and also decryption obtains the second identity information of the certificate server, the method also includes: use described the One private key encrypts the second identity information of the certificate server that first identity information and decryption obtain, and generates second Encryption information, and second encryption information is sent to the certificate server.
First embodiment with reference to first aspect, in first aspect second embodiment, the tiers e'tat information is The certification node is decrypted to obtain using SM2 algorithm using second public key to first encryption information;Described Two encryption information are that the certification node conciliates first identity information using the SM2 algorithm using first private key Second identity information of close obtained certificate server carries out encryption generation.
First embodiment with reference to first aspect, in first aspect third embodiment, the authentication method of wireless network Further include: the third encryption information that the certificate server is sent is received, the third encryption information is the certificate server The first wildcard according to the service set of corresponding access points and the certification node and certificate server is raw At the first PMK key information, encryption generation is carried out to the first PMK key information using first public key;Using described The third encryption information is decrypted in first private key, obtains the 3rd PMK key information, judges the 3rd PMK key letter Whether the second wildcard and first wildcard in breath are identical;When second wildcard and described the When one wildcard is identical, determine that the 3rd PMK key information is identical as the first PMK key information;According to described First pre-share of the service set of the corresponding access points of certificate server and the certification node and certificate server Key generates the 2nd PMK key information;The 2nd PMK key information is encrypted using second public key, generates the Four encryption information, and the 4th encryption information is sent to the certificate server;Receive what the certificate server was sent PMK available information and PMK key information, the PMK available information and PMK key information are described in the certificate server use The 4th encryption information is decrypted in second private key, obtains the 4th PMK key information, judges the 4th PMK key letter Whether the third wildcard and first wildcard in breath are identical, when the third wildcard and described the When one wildcard is identical, determine that the 4th PMK key information is identical as the 2nd PMK key information rear according to First PMK key information and the 4th PMK key information generate;Store the PMK key information.
Third embodiment with reference to first aspect, in the 4th embodiment of first aspect, the 3rd PMK key information It is obtained after the third encryption information is decrypted using SM2 algorithm using first private key for the certification node;Institute Stating the 4th encryption information is that the certification node uses second public key using the SM2 algorithm to the 2nd PMK key Information carries out encryption generation.
According to second aspect, the embodiment of the invention provides a kind of authentication method of wireless network, the wireless network packet Include: certification node and certificate server, the certification node prestore the first public key and the first private key, and the certificate server is pre- There are the second public key and the second private key, the authentication method of the wireless network includes: the first body for receiving the certification node and sending Part information;Using second private key to the first identity information of the certification node and the second identity information of certificate server It is encrypted, generates the first encryption information, and first encryption information is sent to the certification node.
In conjunction with second aspect, in second aspect first embodiment, the authentication method of wireless network further include: receive institute The second encryption information that certification node is sent is stated, second encryption information is that the certification node uses second public key pair First encryption information is decrypted, and obtains the tiers e'tat information of the certification node and the second identity of the server Information, and judge whether the tiers e'tat information and first identity information are identical, when the tiers e'tat information and institute State the first identity information it is identical when, the certification node using first private key to first identity information and described second Identity information carries out encryption generation;Second encryption information is decrypted using first public key, obtains the certification 4th identity information of server, and judge whether the 4th identity information and second identity information are identical;When described When 4th identity information is identical as second identity information, determine that the certification to the certification node passes through.
In conjunction with second aspect first embodiment, in second aspect second embodiment, first encryption information is The certificate server takes the first identity information of the certification node and certification using SM2 algorithm using second private key Second identity information of business device carries out encryption generation;4th identity information is that the certificate server is public using described first Key is decrypted to obtain using the SM2 algorithm to second encryption information.
In conjunction with second aspect first embodiment, in second aspect third embodiment, the authentication method of wireless network Further include: according to the service set of the corresponding access points of the certificate server and the certification node and authentication service First wildcard of device generates the first PMK key information, using first public key to the first PMK key information into Row encryption, generates third encryption information, and the third encryption information is sent to the certification node;Receive the certification section The 4th encryption information that point is sent, the 4th encryption information are that the certification node uses first private key to the third Encryption information is decrypted, and obtains the 3rd PMK key information, judges that the second pre-share in the 3rd PMK key information is close Whether key and first wildcard are identical, when second wildcard is identical as first wildcard When, determine that the 3rd PMK key information is identical as the first PMK key information, it is corresponding according to the certificate server It is close that first wildcard of the service set of access points and the certification node and certificate server generates the 2nd PMK Key information carries out encryption generation to the 2nd PMK key information using second public key;Using second private key to institute It states the 4th encryption information to be decrypted, obtains the 4th PMK key information, judge that the third in the 4th PMK key information is pre- Whether shared key and first wildcard are identical, when the third wildcard and first wildcard When identical, determine that the 4th PMK key information is identical as the 2nd PMK key information, believed according to the first PMK key Breath and the 4th PMK key information generate PMK key information and PMK available information, store the PMK key information, and will The PMK available information and the PMK key information are sent to the certification node.
In conjunction with second aspect third embodiment, in the 4th embodiment of second aspect, the third encryption information is The certificate server carries out encryption generation to the first PMK key information using SM2 algorithm using first public key;Institute It states PMK available information and PMK key information and uses the SM2 algorithm to institute using second private key for the certificate server It states and is generated after the 4th encryption information is decrypted according to the first PMK key information and the 4th PMK key information.
According to the third aspect, the embodiment of the invention provides a kind of wireless network safety communication method, the wireless networks It include: certification node, certificate server, the certificate server is communicated by access points with the certification node, The wireless network safety communication method includes: using first aspect, first aspect any embodiment, second aspect or second party The authentication method of wireless network described in any embodiment of face authenticates the wireless network;When certification passes through, adopt Encryption key distribution is carried out to the certification node and access points with SM3 algorithm and SM4 algorithm;The certification node and access connect Access point carries out data communication using SM3 algorithm and SM4 algorithm using the key.
According to fourth aspect, the embodiment of the invention provides a kind of authentication device of wireless network, the wireless network packet Include: certification node and certificate server, the certification node prestore the first public key and the first private key, and the certificate server is pre- There are the second public key and the second private key, the authentication device of wireless network includes: identity information sending module, for sending the first body Part information is to the certificate server;Encryption information receiving module, the first encryption sent for receiving the certificate server Information, first encryption information are first identity of the certificate server using second private key to the certification node Second identity information of information and certificate server carries out encryption generation;Deciphering module, for using second public key to institute It states the first encryption information to be decrypted, obtains the tiers e'tat information of the certification node, and judge the tiers e'tat information It is whether identical as first identity information;Determination module, for when the tiers e'tat information and first identity information When identical, judgement passes through the certification of the certificate server.
According to the 5th aspect, the embodiment of the invention provides a kind of authentication device of wireless network, the wireless network packet Include: certification node and certificate server, the certification node prestore the first public key and the first private key, and the certificate server is pre- There are the second public key and the second private key, the authentication device of the wireless network includes: identity information receiving module, described for receiving Authenticate the first identity information that node is sent;Encryption information generation module, for being saved using second private key to the certification First identity information of point and the second identity information of certificate server are encrypted, and generate the first encryption information, and will be described First encryption information is sent to the certification node.
According to the 6th aspect, the embodiment of the invention provides a kind of wireless network safety communication device, the wireless networks It include: certification node, certificate server, the certificate server is communicated by access points with the certification node, The wireless network safety communication device includes: authentication module, for using first aspect, first aspect any embodiment, the The authentication method of wireless network described in two aspects or second aspect any embodiment authenticates the wireless network;It is close Key distribution module, for when certification passes through, using SM3 algorithm and SM4 algorithm to the certification node and access points into Row encryption key distribution;Data communication module, for the certification node and access points using the key using SM3 algorithm with SM4 algorithm carries out data communication.
According to the 7th aspect, the embodiment of the invention provides a kind of electronic equipment, which includes: memory and place Device is managed, connection is communicated with each other between the memory and the processor, computer instruction is stored in the memory, it is described Processor by executing the computer instruction, thereby executing first aspect, first aspect any embodiment, second aspect or Wireless network safety communication described in the authentication method or the third aspect of wireless network described in second aspect any embodiment Method.
It is described computer-readable the embodiment of the invention provides a kind of computer readable storage medium according to eighth aspect Storage medium is stored with computer instruction, and the computer instruction is for making the computer execute first aspect, first aspect The authentication method or the third aspect of wireless network described in any embodiment, second aspect or second aspect any embodiment The wireless network safety communication method.
Technical solution of the present invention at least has the advantages that compared with prior art
The embodiment of the invention provides a kind of authentication method of wireless network, wireless network safety communication method and device, Wireless network includes: certification node and certificate server, and certification node prestores the first public key and the first private key, certificate server The second public key and the second private key are prestored, the authentication method of the wireless network includes: to send the first identity information to authentication service Device;Receive the first encryption information that certificate server is sent, the first encryption information be certificate server using the second private key to recognizing Second identity information of the first identity information and certificate server of demonstrate,proving node carries out encryption generation;Using the second public key to first Encryption information is decrypted, and obtains the tiers e'tat information of certification node, and judge tiers e'tat information and the first identity information It is whether identical;When tiers e'tat information is identical as the first identity information, judgement passes through the certification of certificate server.Pass through reality The present invention is applied, certification of the certification node to certificate server is realized, is connect again after the authentication to certificate server passes through Enter wireless network, avoids user and login the property that causes the leakage of personal information after the Wi-Fi network of forgery and can not retrieve Loss.
Detailed description of the invention
The features and advantages of the present invention will be more clearly understood by referring to the accompanying drawings, and attached drawing is schematically without that should manage Solution is carries out any restrictions to the present invention, in the accompanying drawings:
Fig. 1 is the application scenarios schematic diagram of the embodiment of the present invention;
Fig. 2 is the flow chart of a specific example of the authentication method of wireless network in the embodiment of the present invention;
Fig. 3 is the flow chart of another specific example of the authentication method of wireless network in the embodiment of the present invention;
Fig. 4 is the flow chart of another specific example of the authentication method of wireless network in the embodiment of the present invention;
Fig. 5 is the flow chart of a specific example of wireless network safety communication method in the embodiment of the present invention;
Fig. 6 is the functional block diagram of a specific example of the authentication device of wireless network in the embodiment of the present invention;
Fig. 7 is the functional block diagram of another specific example of the authentication device of wireless network in the embodiment of the present invention;
Fig. 8 is the functional block diagram of a specific example of wireless network safety communication device in the embodiment of the present invention;
Fig. 9 is the structural schematic diagram of a specific example of electronic equipment in the embodiment of the present invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those skilled in the art are not having Every other embodiment obtained under the premise of creative work is made, shall fall within the protection scope of the present invention.
As shown in Figure 1, being the application scenarios schematic diagram of the embodiment of the present invention.Mobile terminal is the mobile phone with WiFi module Or tablet computer etc., it is interacted between mobile terminal and server, mobile terminal, which is equipped with, supports wireless network of the present invention The integrated software of other third-party applications such as the application program or game of authentication method or wireless network safety communication method is opened It sends out kit (Software Dwbelopment Kit, SDK), the connection between application program or SDK and server uses It is mobile whole after carrying out open system authentication between the access points of HTTPS+XML interface protocol, mobile terminal and server Its identity information can be sent to server by access points by end, and server adds the identity information using private key Close, mobile terminal is decrypted encrypted identity information using the public key of server, the identity obtained by judging decryption Whether information is that the identity information of itself realizes the certification to server.
The embodiment of the invention provides a kind of authentication method of wireless network, wireless network includes: certification node and certification Server, certification node prestore the first public key and the first private key, and certificate server prestores the second public key and the second private key, such as Shown in Fig. 2, the authentication method of the wireless network includes:
Step S101: certification node sends the first identity information to certificate server;
Step S102: certificate server is using the second private key to the first identity information and certificate server for authenticating node Second identity information is encrypted, and generates the first encryption information, which is sent to certification node;
Step S103: certification node is decrypted the first encryption information using the second public key, obtains the of certification node Three identity informations;
Step S104: certification node judges whether tiers e'tat information is identical as the first identity information;
Step S105: when tiers e'tat information is identical as the first identity information, certification node determines to certificate server Certification pass through;
Step S106: when tiers e'tat information and the first identity information be not identical, certification node determines to authentication service The certification of device does not pass through.
S101 to step S106 through the above steps, the authentication method of wireless network provided in an embodiment of the present invention are realized Certification of the certification node to certificate server, mobile terminal which holds take to certification The authentication of business device accesses wireless network after passing through again, avoids after user logins the Wi-Fi network of forgery and causes personal letter The leakage of breath and the property loss that can not be retrieved.
In a preferred embodiment, as shown in figure 3, the authentication method of wireless network provided in an embodiment of the present invention is authenticating It further include authentication of the certificate server to certification node, specifically after node passes through the authentication of certificate server Include:
Step S107: the of the certificate server that certification node obtains the first identity information and decryption using the first private key Two identity informations are encrypted, and generate the second encryption information, and the second encryption information is sent to certificate server, wherein the Two identity informations are that certification node is decrypted to obtain using the second public key to the first encryption information in above-mentioned steps S103;
Step S108: certificate server receives the second encryption information that certification node is sent, using the first public key to second Encryption information is decrypted, and obtains the 4th identity information of certificate server;
Step S109: certificate server judges whether the 4th identity information and the second identity information are identical;
Step S1010: when the 4th identity information is identical as the second identity information, certificate server determines to certification node Certification pass through;
Step S1011: when the 4th identity information and not identical the second identity information, certificate server determines to save certification The certification of point does not pass through.
S107 to step S1011 through the above steps, the authentication method of wireless network provided in an embodiment of the present invention are realized Certification of the certificate server to certification node again allows its to access wireless network after the authentication to certification node passes through Network avoids unauthorized user access wireless network using Internet resources, protects the equity of authorized user.
The authentication method of S101 to step S1011 through the above steps, wireless network provided in an embodiment of the present invention are realized Identity two-way identification between certification node and certificate server, to ensure that authenticating node and certification in wireless network takes Device bi-directional transfer of data of being engaged in safety.
In a preferred embodiment, above-mentioned first encryption information is that certificate server uses the second private key to use SM2 algorithm Second identity information of the first identity information and certificate server to certification node carries out encryption generation, above-mentioned tiers e'tat letter Breath is decrypted to obtain using SM2 algorithm using the second public key for certification node to the first encryption information, above-mentioned second encryption letter The second of the certificate server that breath obtains the first identity information and decryption using SM2 algorithm using the first private key for certification node Identity information carries out encryption generation, and above-mentioned 4th identity information is certificate server using the first public key using SM2 algorithm to the Two encryption information are decrypted to obtain.The embodiment of the present invention executes above-mentioned encrypt and decrypt operation using the close SM2 algorithm of state, not by It is limited to external enciphering and deciphering algorithm, convenient for modifying to algorithm, improves the initiative of operation.
In a specific embodiment of the present invention, between certification node and certificate server further include: access points (AP, Access Point) is authenticated and is carried out wireless communication between node and certificate server by access points.Specifically, Before certification node and certificate server carry out the two-way authentication of identity, certification node and certificate server also carry out Open System System certification, certification node send certification request information (EAPOL-Start, Extensible Authentication Extensible Authentication Protocol of the Protocol Over LAN based on local area network) to access points, access points receive the certification and ask Information is sought, sends identity request information (EAP-Request/Identity) to certification node, which includes visiting Ask that the identity information of access point, certification node receive the identity request information, send identity response information (EAP-Response/ Identity) to access points, which includes the identity information for authenticating node, authenticates the identity information of node Usually authenticate the MAC Address of node.On the other hand, when authenticating node and certificate server is communicated, access points The information transmitted between certification node and certificate server is forwarded, that is, the information that node is sent will be authenticated and be forwarded to and recognized Server is demonstrate,proved, the information that certificate server is sent is forwarded to certification node.
In a preferred embodiment, as shown in figure 4, through the above steps S101 to step S1011 realize certification node and After two-way authentication between certificate server, the authentication method of wireless network provided in an embodiment of the present invention further include: generate It the step of PMK key, specifically includes:
Step S201: certificate server is according to service set (SSID, the Service Set of corresponding access points Identifier) and certification node and certificate server the first wildcard (PSK, pre-shared key) generate first PMK (Pairwise Master Key, pairwise master key) key information, carries out the first PMK key information using the first public key Encryption generates third encryption information, and the third encryption information is sent to certification node;
Step S202: certification node receives the above-mentioned third encryption information that certificate server is sent, and uses the first private key pair Third encryption information is decrypted, and obtains the 3rd PMK key information;
Step S203: certification node judges that the second wildcard in the 3rd PMK key information and the first pre-share are close Whether key is identical, when the second wildcard and not identical the first wildcard, step S204 is executed, when the second pre-share When key is identical as the first wildcard, step S205 is executed;
Step S204: terminate the step of generating PMK key;
Step S205: certification node determines that the 3rd PMK key information is identical as the first PMK key information, is taken according to certification The service set of the corresponding access points of device of being engaged in and the first wildcard of certification node and certificate server generate the Two PMK key informations;
Step S206: certification node encrypts the 2nd PMK key information using the second public key, generates the 4th encryption letter Breath, and the 4th encryption information is sent to certificate server;
Step S207: certificate server receives the 4th encryption information that certification node is sent, using the second private key to the 4th Encryption information is decrypted, and obtains the 4th PMK key information;
Step S208: certificate server judges third wildcard and the first pre-share in the 4th PMK key information Whether key is identical, when third wildcard and not identical the first wildcard, step S204 is executed, when third is pre- total Enjoy key it is identical as the first wildcard when, execute step S209;
Step S209: certificate server determines that the 4th PMK key information is identical as the 2nd PMK key information, according to first PMK key information and the 4th PMK key information generate PMK key information and PMK available information, store PMK key information, and will PMK available information and PMK key information are sent to certification node;
Step S2010: certification node receives PMK available information and PMK key information that certificate server is sent, storage PMK key information.
S201 to step S2010 through the above steps, the authentication method of wireless network provided in an embodiment of the present invention generate PMK key information is simultaneously stored in certification node and certificate server, lays the foundation for the encryption key distribution of wireless network.
In a preferred embodiment, above-mentioned third encryption information is that certificate server uses the first public key to use SM2 algorithm Encryption generation is carried out to the first PMK key information, above-mentioned 3rd PMK key information is that certification node is used using the first private key SM2 algorithm obtains after third encryption information is decrypted, and above-mentioned 4th encryption information is that certification node is adopted using the second public key Encryption generation is carried out to the 2nd PMK key information with SM2 algorithm, above-mentioned PMK available information and PMK key information are authentication service Device using the second private key using SM2 algorithm the 4th encryption information is decrypted after according to the first PMK key information and the 4th PMK Key information generates.The embodiment of the present invention executes above-mentioned encrypt and decrypt operation using the close SM2 algorithm of state, and it is additional to be not only restricted to state Decipherment algorithm improves the initiative of operation convenient for modifying to algorithm.
The embodiment of the invention also provides a kind of wireless network safety communication method, wireless network includes: certification node, recognizes Server is demonstrate,proved, certificate server is communicated by access points with certification node, as shown in figure 5, the wireless network secure Communication means includes:
Step S301: wireless network is authenticated using the authentication method of wireless network in above-described embodiment;
Step S302: when certification passes through, certification node and access points are carried out using SM3 algorithm and SM4 algorithm Encryption key distribution;
Specifically, access points generate the first random number, and the first random number is sent to certification node;Authenticate node The second random number is generated, is deposited according to the first random number, the second random number and in the authentication method embodiment of above-mentioned wireless network The PMK key information of storage generates the 2nd PTK (Pairwise Transient Key, pair temporal key) key information, uses First 128 of 2nd PTK key information and using SM3 algorithm to the first random number and the second random number encryption, generate slender acanthopanax Confidential information, and the 5th encryption information and the second random number are sent to access points;Access points according to the first random number, Second random number and the PMK key information stored in the authentication method of above-mentioned wireless network generate the first PTK key information, make With first 128 of the first PTK key information and using SM3 algorithm to the first random number and the second random number encryption, the 6th is generated Encryption information, and judge whether the 6th encryption information and the 5th encryption information are identical;When the 6th encryption information and slender acanthopanax secret letter Simultaneously, access points generate GTK according to the first PTK key information to manner of breathing (Group Transient Key organizes temporary key) Key information encrypts GTK key information using 128~256 of the first PTK key information and using SM4 algorithm, generates and add GTK key information after close, using first 128 of the first PTK key information and using SM3 algorithm to encrypted GTK key Information encryption generates the 7th encryption information, and encrypted GTK key information and the 7th encryption information is sent to certification section Point;Certification node adds encrypted GTK key information using first 128 of the 2nd PTK key information and using SM3 algorithm It is close, the 8th encryption information is generated, and judge whether the 8th encryption information and the 7th encryption information are identical;When the 8th encryption information with When 7th encryption information is identical, certification node is using 128~256 of the 2nd PTK key information and using SM4 algorithm to encryption GTK key information decryption afterwards, obtains GTK key information, and generate cipher key acknowledgement message, uses the 2nd PTK key information First 128 and using SM3 algorithm to cipher key acknowledgement message encrypt, generate the 9th encryption information, and by the 2nd PTK key information, Cipher key acknowledgement message and the 9th encryption information are sent to access points;Before access points use the first PTK key information 128 and cipher key acknowledgement message is encrypted using SM3 algorithm, generates the tenth encryption information, and judge the tenth encryption information and the Whether nine encryption information are identical;When the tenth encryption information is identical as the 9th encryption information, it is available that access points generate key Information generates PTK key information according to the first PTK key information and the 2nd PTK key information, stores PTK key information and GTK Key information, and PTK key information and key available information are sent to certification node;It authenticates node and receives PTK key information With key available information, PTK key information and GTK key information are stored.
It should be noted that by the above-mentioned process for carrying out encryption key distribution to certification node and access points, certification section Point and access points store PTK key information and GTK key information, wherein except the algorithm used is the close SM3 algorithm of state Outside the close SM4 algorithm of state, remaining step is same as the prior art.Wireless network safety communication side provided in an embodiment of the present invention Method uses the close SM4 algorithm of the close SM3 algorithm of state and state when carrying out encryption key distribution to certification node and access points, unrestricted In external enciphering and deciphering algorithm, convenient for modifying to algorithm, the initiative of operation is improved.
Step S303: node and access points are authenticated using the key distributed in step S302 and use SM3 algorithm and SM4 Algorithm carries out data communication.
Specifically, it authenticates between node and access points and carries out data communication, when one of them is to Data Encryption Transmission When to another, encrypted data are decrypted in another.
Wherein, ciphering process are as follows: generate the sequence number of be-encrypted data, sequence number circulation is incremented by, according to the sequence number The header information of encryption data is generated, and third random number is generated according to sequence number and the MAC Address of sender;According to be encrypted The frame header information of data generates the first additional authentication data (AAD, additional authentication data);According to SSID and PTK key information generates the first temporary key;Using the first temporary key and using SM3 algorithm to the first Additional Verification Data, third random number and MAC Service Data Unit (MSDU, MAC Service Data Unit) are encrypted, and generate the tenth One encryption information;MAC Service Data Unit is encrypted using SM4 algorithm using the first temporary key, the 12nd is generated and adds Confidential information;11st encryption information, the 12nd encryption information and SMx Header are packaged, encryption data is generated.
Decrypting process are as follows: the header information of encryption data is parsed, sequence number is obtained, and whether judges the sequence number Meet progressive law, if the sequence number is unsatisfactory for progressive law, abandons the frame;If the sequence number meets progressive law, according to SSID and PTK key information generates the second temporary key;The 4th random number is generated according to the MAC Address of sender and sequence number; The second additional authentication data is generated according to the frame header information of encryption data;Using the second temporary key and use SM4 algorithm pair MAC Service Data Unit is decrypted, the MAC Service Data Unit after being decrypted;Using the second temporary key and use SM3 Algorithm encrypts the second additional authentication data, the 4th random number, MAC Service Data Unit, generates the 13rd encryption information; Judge whether the value of the 13rd encryption information equal with the value of the 11st encryption information;When the 13rd encryption information value with When the value of 11st encryption information is equal, terminate decrypting process;When the value and the 11st encryption information of the 13rd encryption information When being worth unequal, the frame is abandoned.
It should be noted that during above-mentioned certification node and access points carry out data communication, except the calculation of use Method is outside the close SM4 algorithm of the close SM3 algorithm of state and state, remaining step is same as the prior art.It is provided in an embodiment of the present invention wireless Secure communication of network method uses the close SM3 algorithm of state and the close SM4 of state when authenticating node and access points carry out data communication Algorithm is not only restricted to external enciphering and deciphering algorithm, convenient for modifying to algorithm, improves the initiative of operation.
Wireless network safety communication method provided in an embodiment of the present invention, S301 is realized to wireless network through the above steps The identity two-way identification of middle certification node and certificate server, S302, which is realized, through the above steps accesses certification node and access The encryption key distribution of point, it is logical to realize that certification node and access points use the key of distribution to carry out data by S303 through the above steps Letter improves the safety of wireless network data transmission, and since what is wherein used is national secret algorithm, is not only restricted to foreign countries Enciphering and deciphering algorithm improves the initiative of operation convenient for modifying to algorithm.
The embodiment of the invention also provides a kind of authentication device of wireless network, wireless network includes: certification node and recognizes Server is demonstrate,proved, certification node prestores the first public key and the first private key, and certificate server prestores the second public key and the second private key, As shown in fig. 6, the authentication device of the wireless network includes: identity information sending module 1, for sending the first identity information to recognizing Demonstrate,prove server;Encryption information receiving module 2, for receiving the first encryption information of certificate server transmission, the first encryption information For certificate server using the second private key to certification node the first identity information and certificate server the second identity information into Row encryption generates;Deciphering module 3 obtains the of certification node for the first encryption information to be decrypted using the second public key Three identity informations, and judge whether tiers e'tat information is identical as the first identity information;Determination module 4, for working as tiers e'tat When information is identical as the first identity information, judgement passes through the certification of certificate server.
The authentication device of wireless network provided in an embodiment of the present invention realizes certification node and recognizes certificate server Card, the mobile terminal which holds access again after the authentication to certificate server passes through Wireless network avoids the property damage that causes the leakage of personal information after user logins the Wi-Fi network of forgery and can not retrieve It loses.
The embodiment of the invention also provides a kind of authentication device of wireless network, wireless network includes: certification node and recognizes Server is demonstrate,proved, certification node prestores the first public key and the first private key, and certificate server prestores the second public key and the second private key, As shown in fig. 7, the authentication device of the wireless network includes: identity information receiving module 5, for receiving certification node transmission First identity information;Encryption information generation module 6, for using first identity information and certification of second private key to certification node Second identity information of server is encrypted, and generates the first encryption information, and the first encryption information is sent to certification node.
The authentication device of wireless network provided in an embodiment of the present invention realizes certification node and recognizes certificate server Card, the mobile terminal which holds access again after the authentication to certificate server passes through Wireless network avoids the property damage that causes the leakage of personal information after user logins the Wi-Fi network of forgery and can not retrieve It loses.
The embodiment of the invention also provides a kind of wireless network safety communication device, wireless network includes: certification node, recognizes Server is demonstrate,proved, certificate server is communicated by access points with certification node, as shown in figure 8, the wireless network secure Communication device includes: authentication module 7, for being recognized using the authentication method of wireless network in above-described embodiment wireless network Card;Secret key distribution module 8, for when certification passes through, using SM3 algorithm and SM4 algorithm to certification node and access points Carry out encryption key distribution;Data communication module 9 is calculated using key using SM3 algorithm and SM4 for authenticating node and access points Method carries out data communication.
Wireless network safety communication device provided in an embodiment of the present invention is realized by above-mentioned authentication module to wireless network The identity two-way identification of middle certification node and certificate server, is realized by above-mentioned secret key distribution module to certification node and access The encryption key distribution of access point realizes that certification node and access points are counted using the key of distribution by data communication module According to communication, the safety of wireless network data transmission is improved, and since what is wherein used is national secret algorithm, is not only restricted to External enciphering and deciphering algorithm improves the initiative of operation convenient for modifying to algorithm.
The embodiment of the invention also provides a kind of electronic equipment, as shown in figure 9, the electronic equipment may include processor 10 With memory 11, wherein processor 10 can be connected with memory 11 by bus or other modes, to pass through bus in Fig. 9 For connection.
Processor 10 can be central processing unit (Central Processing Unit, CPU).Processor 10 can be with For other general processors, digital signal processor (Digital Signal Processor, DSP), specific integrated circuit (Application Specific Integrated Circuit, ASIC), field programmable gate array (Field- Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic, The combination of the chips such as discrete hardware components or above-mentioned all kinds of chips.
Memory 11 is used as a kind of non-transient computer readable storage medium, can be used for storing non-transient software program, non- Transient computer executable program and module, as the corresponding program of the authentication method of the wireless network in the embodiment of the present invention refers to Order/module is (for example, identity information sending module 1 shown in fig. 6, encryption information receiving module 2, deciphering module 3 and determination module 4) the corresponding program instruction/module of wireless network safety communication method or in the embodiment of the present invention is (for example, shown in Fig. 8 recognize Demonstrate,prove module 7, secret key distribution module 8 and data communication module 9).Processor 10 is stored in non-temporary in memory 11 by operation State software program, instruction and module realize above-mentioned side thereby executing the various function application and data processing of processor The authentication method or wireless network safety communication method of wireless network in method embodiment.
Memory 11 may include storing program area and storage data area, wherein storing program area can storage program area, Application program required at least one function;It storage data area can the data etc. that are created of storage processor 10.In addition, storage Device 11 may include high-speed random access memory, can also include non-transient memory, for example, at least a magnetic disk storage Part, flush memory device or other non-transient solid-state memories.In some embodiments, it includes relative to place that memory 11 is optional The remotely located memory of device 10 is managed, these remote memories can pass through network connection to processor 10.The reality of above-mentioned network Example includes but is not limited to internet, intranet, local area network, mobile radio communication and combinations thereof.
One or more of modules are stored in the memory 11, when being executed by the processor 10, are executed The authentication method or wireless network safety communication method as shown in Figure 5 of wireless network in embodiment as in Figure 2-4.
Above-mentioned electronic equipment detail can be corresponded to refering to associated description corresponding in embodiment shown in Fig. 2 to Fig. 5 Understood with effect, details are not described herein again.
It is that can lead to it will be understood by those skilled in the art that realizing all or part of the process in above-described embodiment method Computer program is crossed to instruct relevant hardware and complete, the program can be stored in a computer-readable storage medium In, the program is when being executed, it may include such as the process of the embodiment of above-mentioned each method.Wherein, the storage medium can for magnetic disk, CD, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), flash memory (Flash Memory), hard disk (Hard Disk Drive, abbreviation: HDD) or solid state hard disk (Solid-State Drive, SSD) etc.;The storage medium can also include the combination of the memory of mentioned kind.
Although being described in conjunction with the accompanying the embodiment of the present invention, those skilled in the art can not depart from the present invention Spirit and scope in the case where various modifications and variations can be made, such modifications and variations are each fallen within by appended claims institute Within the scope of restriction.

Claims (16)

1. a kind of authentication method of wireless network, the wireless network includes: certification node and certificate server, the certification section Point prestores the first public key and the first private key, and the certificate server prestores the second public key and the second private key, which is characterized in that Include:
The first identity information is sent to the certificate server;
The first encryption information that the certificate server is sent is received, first encryption information is certificate server use Second private key carries out encryption life to the first identity information of the certification node and the second identity information of certificate server At;
First encryption information is decrypted using second public key, obtains the tiers e'tat letter of the certification node Breath, and judge whether the tiers e'tat information and first identity information are identical;
When the tiers e'tat information is identical as first identity information, determine that the certification to the certificate server is logical It crosses.
2. the authentication method of wireless network according to claim 1, which is characterized in that using second public key to described First encryption information is decrypted, and also decryption obtains the second identity information of the certificate server,
The method also includes:
The second identity information of certificate server that first identity information and decryption are obtained using first private key into Row encryption, generates the second encryption information, and second encryption information is sent to the certificate server.
3. the authentication method of wireless network according to claim 2, which is characterized in that the tiers e'tat information is described Certification node is decrypted to obtain using SM2 algorithm using second public key to first encryption information;
Second encryption information is that the certification node uses first private key using the SM2 algorithm to first body Second identity information of the certificate server that part information and decryption obtain carries out encryption generation.
4. the authentication method of wireless network according to claim 2, which is characterized in that further include:
Receive the third encryption information that the certificate server is sent, the third encryption information be the certificate server according to First wildcard of the service set of corresponding access points and the certification node and certificate server generates the One PMK key information carries out encryption generation to the first PMK key information using first public key;
The third encryption information is decrypted using first private key, obtains the 3rd PMK key information, judges described Whether the second wildcard and first wildcard in three PMK key informations are identical;
When second wildcard is identical as first wildcard, determine the 3rd PMK key information with The first PMK key information is identical;
According to the service set of the corresponding access points of the certificate server and the certification node and certificate server The first wildcard generate the 2nd PMK key information;
The 2nd PMK key information is encrypted using second public key, generates the 4th encryption information, and by described the Four encryption information are sent to the certificate server;
Receive PMK available information and PMK key information that the certificate server is sent, the PMK available information and PMK key Information is that the certificate server is decrypted the 4th encryption information using second private key, and it is close to obtain the 4th PMK Key information judges whether third wildcard in the 4th PMK key information and first wildcard are identical, When the third wildcard is identical as first wildcard, determine the 4th PMK key information with it is described It is generated after 2nd PMK key information is identical according to the first PMK key information and the 4th PMK key information;
Store the PMK key information.
5. the authentication method of wireless network according to claim 4, which is characterized in that the 3rd PMK key information is The certification node is obtained after the third encryption information is decrypted using SM2 algorithm using first private key;
4th encryption information is that the certification node uses second public key using the SM2 algorithm to described second PMK key information carries out encryption generation.
6. a kind of authentication method of wireless network, the wireless network includes: certification node and certificate server, the certification section Point prestores the first public key and the first private key, and the certificate server prestores the second public key and the second private key, which is characterized in that Include:
Receive the first identity information that the certification node is sent;
Using second private key to it is described certification node the first identity information and certificate server the second identity information into Row encryption, generates the first encryption information, and first encryption information is sent to the certification node.
7. the authentication method of wireless network according to claim 6, which is characterized in that further include:
The second encryption information that the certification node is sent is received, second encryption information is described in the certification node use First encryption information is decrypted in second public key, obtains the tiers e'tat information for authenticating node and the server The second identity information, and judge whether the tiers e'tat information and first identity information identical, when the third body When part information is identical as first identity information, the certification node is using first private key to first identity information Encryption generation is carried out with second identity information;
Second encryption information is decrypted using first public key, obtains the 4th identity letter of the certificate server Breath, and judge whether the 4th identity information and second identity information are identical;
When the 4th identity information is identical as second identity information, determine that the certification to the certification node passes through.
8. the authentication method of wireless network according to claim 7, which is characterized in that first encryption information is described Certificate server is using second private key using SM2 algorithm to the first identity information and certificate server of the certification node The second identity information carry out encryption generation;
4th identity information is that the certificate server uses first public key using the SM2 algorithm to described second Encryption information is decrypted to obtain.
9. the authentication method of wireless network according to claim 7, which is characterized in that further include:
According to the service set of the corresponding access points of the certificate server and the certification node and certificate server The first wildcard generate the first PMK key information, the first PMK key information is carried out using first public key Encryption generates third encryption information, and the third encryption information is sent to the certification node;
The 4th encryption information that the certification node is sent is received, the 4th encryption information is described in the certification node use The third encryption information is decrypted in first private key, obtains the 3rd PMK key information, judges the 3rd PMK key letter Whether the second wildcard and first wildcard in breath are identical, when second wildcard and described the When one wildcard is identical, determine that the 3rd PMK key information is identical as the first PMK key information, according to described First pre-share of the service set of the corresponding access points of certificate server and the certification node and certificate server Key generates the 2nd PMK key information, carries out encryption generation to the 2nd PMK key information using second public key;
The 4th encryption information is decrypted using second private key, obtains the 4th PMK key information, judges described Whether the third wildcard and first wildcard in four PMK key informations are identical, when the third pre-share When key is identical as first wildcard, the 4th PMK key information and the 2nd PMK key information phase are determined Together, PMK key information and PMK available information are generated according to the first PMK key information and the 4th PMK key information, The PMK key information is stored, and the PMK available information and the PMK key information are sent to the certification node.
10. the authentication method of wireless network according to claim 9, which is characterized in that the third encryption information is institute It states certificate server and encryption generation is carried out to the first PMK key information using SM2 algorithm using first public key;
The PMK available information and PMK key information are that the certificate server is calculated using second private key using the SM2 Method is raw according to the first PMK key information and the 4th PMK key information after the 4th encryption information is decrypted At.
11. a kind of wireless network safety communication method, the wireless network includes: certification node, certificate server, the certification Server is communicated by access points with the certification node characterized by comprising
The wireless network is authenticated using the authentication method of such as described in any item wireless networks of claim 1-10;
When certification passes through, encryption key distribution is carried out to the certification node and access points using SM3 algorithm and SM4 algorithm;
The certification node and access points use the key to carry out data communication using SM3 algorithm and SM4 algorithm.
12. a kind of authentication device of wireless network, the wireless network includes: certification node and certificate server, the certification Node prestores the first public key and the first private key, and the certificate server prestores the second public key and the second private key, and feature exists In, comprising:
Identity information sending module, for sending the first identity information to the certificate server;
Encryption information receiving module, the first encryption information sent for receiving the certificate server, the first encryption letter Breath is first identity information and certificate server of the certificate server using second private key to the certification node Second identity information carries out encryption generation;
Deciphering module obtains the certification node for first encryption information to be decrypted using second public key Tiers e'tat information, and judge whether the tiers e'tat information and first identity information identical;
Determination module takes the certification for determining when the tiers e'tat information is identical as first identity information The certification of business device passes through.
13. a kind of authentication device of wireless network, the wireless network includes: certification node and certificate server, the certification Node prestores the first public key and the first private key, and the certificate server prestores the second public key and the second private key, and feature exists In, comprising:
Identity information receiving module, the first identity information sent for receiving the certification node;
Encryption information generation module, for using second private key to take the first identity information of the certification node and certification Second identity information of business device is encrypted, and generates the first encryption information, and first encryption information is sent to and described is recognized Demonstrate,prove node.
14. a kind of wireless network safety communication device, the wireless network includes: certification node, certificate server, the certification Server is communicated by access points with the certification node characterized by comprising
Authentication module, for using the authentication method such as the described in any item wireless networks of claim 1-10 to the wireless network Network is authenticated;
Secret key distribution module, for being connect to the certification node and access using SM3 algorithm and SM4 algorithm when certification passes through Access point carries out encryption key distribution;
Data communication module uses SM3 algorithm and SM4 algorithm using the key for the certification node and access points Carry out data communication.
15. a kind of electronic equipment characterized by comprising memory and processor, between the memory and the processor Connection is communicated with each other, computer instruction is stored in the memory, the processor, which passes through, executes the computer instruction, from And the authentication method such as the described in any item wireless networks of claim 1-10 is executed, or, executing as claimed in claim 11 Wireless network safety communication method.
16. a kind of computer readable storage medium, which is characterized in that the computer-readable recording medium storage has computer to refer to It enables, the authenticating party that the computer instruction is used to that the computer perform claim to be made to require the described in any item wireless networks of 1-10 Method, or, the computer is made to execute wireless network safety communication method as claimed in claim 11.
CN201810848032.5A 2018-07-27 2018-07-27 Authentication method of wireless network, and secure communication method and system of wireless network Active CN108966214B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810848032.5A CN108966214B (en) 2018-07-27 2018-07-27 Authentication method of wireless network, and secure communication method and system of wireless network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810848032.5A CN108966214B (en) 2018-07-27 2018-07-27 Authentication method of wireless network, and secure communication method and system of wireless network

Publications (2)

Publication Number Publication Date
CN108966214A true CN108966214A (en) 2018-12-07
CN108966214B CN108966214B (en) 2021-09-28

Family

ID=64466106

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810848032.5A Active CN108966214B (en) 2018-07-27 2018-07-27 Authentication method of wireless network, and secure communication method and system of wireless network

Country Status (1)

Country Link
CN (1) CN108966214B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109361669A (en) * 2018-10-19 2019-02-19 铂有限公司 Identity identifying method, device and the equipment of communication equipment
CN110784870A (en) * 2019-11-05 2020-02-11 北京智芯微电子科技有限公司 Wireless local area network secure communication method and system and authentication server
CN112039898A (en) * 2020-09-01 2020-12-04 广州小鹏汽车科技有限公司 Encrypted communication method, encrypted communication device and vehicle

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101420694A (en) * 2008-12-16 2009-04-29 天津工业大学 WAPI-XG1 access and fast switch authentication method
CN102820968A (en) * 2012-07-10 2012-12-12 中国电力科学研究院 One-time pad transmission system for measurement and control signals between transformer stations based on quantum key distribution
CN102843687A (en) * 2012-09-18 2012-12-26 惠州Tcl移动通信有限公司 Smartphone portable point safe access system and method
CN103456323A (en) * 2013-08-15 2013-12-18 广东南方信息安全产业基地有限公司 Optical disk recording and authorized using method
CN105636037A (en) * 2015-06-29 2016-06-01 宇龙计算机通信科技(深圳)有限公司 Authentication method and apparatus and electronic device
CN106211281A (en) * 2016-08-26 2016-12-07 北京小米移动软件有限公司 WLAN starting guide method and device
EP3104659A4 (en) * 2014-02-03 2017-10-11 Sony Corporation Apparatus and method

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101420694A (en) * 2008-12-16 2009-04-29 天津工业大学 WAPI-XG1 access and fast switch authentication method
CN102820968A (en) * 2012-07-10 2012-12-12 中国电力科学研究院 One-time pad transmission system for measurement and control signals between transformer stations based on quantum key distribution
CN102843687A (en) * 2012-09-18 2012-12-26 惠州Tcl移动通信有限公司 Smartphone portable point safe access system and method
CN103456323A (en) * 2013-08-15 2013-12-18 广东南方信息安全产业基地有限公司 Optical disk recording and authorized using method
EP3104659A4 (en) * 2014-02-03 2017-10-11 Sony Corporation Apparatus and method
CN105636037A (en) * 2015-06-29 2016-06-01 宇龙计算机通信科技(深圳)有限公司 Authentication method and apparatus and electronic device
CN106211281A (en) * 2016-08-26 2016-12-07 北京小米移动软件有限公司 WLAN starting guide method and device

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109361669A (en) * 2018-10-19 2019-02-19 铂有限公司 Identity identifying method, device and the equipment of communication equipment
CN109361669B (en) * 2018-10-19 2022-03-18 深圳数粉科技有限公司 Identity authentication method, device and equipment of communication equipment
CN110784870A (en) * 2019-11-05 2020-02-11 北京智芯微电子科技有限公司 Wireless local area network secure communication method and system and authentication server
CN112039898A (en) * 2020-09-01 2020-12-04 广州小鹏汽车科技有限公司 Encrypted communication method, encrypted communication device and vehicle

Also Published As

Publication number Publication date
CN108966214B (en) 2021-09-28

Similar Documents

Publication Publication Date Title
ES2672340T3 (en) System and method to ensure machine-to-machine communications
US10567165B2 (en) Secure key transmission protocol without certificates or pre-shared symmetrical keys
JP4649513B2 (en) Authentication method for wireless portable internet system and related key generation method
US8467532B2 (en) System and method for secure transaction of data between a wireless communication device and a server
US7370350B1 (en) Method and apparatus for re-authenticating computing devices
US20060094401A1 (en) Method and apparatus for authentication of mobile devices
EP3051744A1 (en) Key configuration method and apparatus
US20100031029A1 (en) Techniques to provide access point authentication for wireless network
JP2012110009A (en) Methods and arrangements for secure linking of entity authentication and ciphering key generation
CN103427992A (en) Method for establishing secure communication between nodes in a network, network node, key manager, installation device and computer program product
CN110138772A (en) A kind of communication means, device, system, equipment and storage medium
US20180013832A1 (en) Health device, gateway device and method for securing protocol using the same
CN110087240A (en) Wireless network secure data transmission method and system based on WPA2-PSK mode
CN112566119A (en) Terminal authentication method and device, computer equipment and storage medium
CN108966214A (en) Authentication method, the wireless network safety communication method and device of wireless network
CN112040485A (en) Local area network key agreement method, system and computer readable storage medium
WO2020216047A1 (en) Authentication information processing method, terminal, and network device
Lin et al. Research on PUF-based security enhancement of narrow-band Internet of Things
CN111541642B (en) Bluetooth encryption communication method and device based on dynamic secret key
Li et al. Security and vulnerability in the Internet of Things
KR101451163B1 (en) System and method for access authentication for wireless network
KR20040088137A (en) Method for generating encoded transmission key and Mutual authentication method using the same
Gupta et al. Security mechanisms of Internet of things (IoT) for reliable communication: a comparative review
WO2008004174A2 (en) Establishing a secure authenticated channel
RU2278477C2 (en) Authentication method for stationary regional wireless broadband access systems

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20200420

Address after: 100192 Beijing, Haidian District West Road, No. 66, Zhongguancun Dongsheng science and Technology Park, building A, building No. 3

Applicant after: BEIJING SMARTCHIP MICROELECTRONICS TECHNOLOGY Co.,Ltd.

Applicant after: STATE GRID INFORMATION A TELECOMMUNICATION GROUP Co.,Ltd.

Address before: 102209 Beijing City, the future of science and Technology City Binhe Road, No. 18, No.

Applicant before: GLOBAL ENERGY INTERCONNECTION RESEARCH INSTITUTE Co.,Ltd.

Applicant before: STATE GRID SHANGHAI MUNICIPAL ELECTRIC POWER Co.

Applicant before: STATE GRID CORPORATION OF CHINA

GR01 Patent grant
GR01 Patent grant