CN109041052A - A kind of safety communicating method and system based on marking algorithm - Google Patents
A kind of safety communicating method and system based on marking algorithm Download PDFInfo
- Publication number
- CN109041052A CN109041052A CN201810708003.9A CN201810708003A CN109041052A CN 109041052 A CN109041052 A CN 109041052A CN 201810708003 A CN201810708003 A CN 201810708003A CN 109041052 A CN109041052 A CN 109041052A
- Authority
- CN
- China
- Prior art keywords
- data
- terminal
- backstage
- key
- ciphertext
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Selective Calling Equipment (AREA)
- Arrangements For Transmission Of Measured Signals (AREA)
Abstract
The present invention provides a kind of safety communicating method and system based on marking algorithm, wherein method includes: that safety chip and NB-IoT communications module are packaged into a safe mould group and are arranged in the terminal;When networking for the first time, request activation message is sent to backstage by terminal, and backstage receives request activation message, verifies the authenticity of identification signature data, if being verified, is generated according to combustion gas label and is updated distribution of information, and APDU instruction packet is sent to terminal;Terminal authentication update signed data authenticity decrypt secondary offering message ciphertext if being verified, obtain update distribution of information, and will for the first time distribution of information replace with update distribution of information save;Terminal is according to the grade of reported data, it is sent to backstage by the plaintext of general data and to the MAC value that general data is calculated, or the critical data ciphertext encrypted to the plaintext of critical data and the critical data signature signed to critical data ciphertext are sent to backstage.
Description
Technical field
The present invention relates to the communications field more particularly to a kind of safety communicating methods and system based on marking algorithm.
Background technique
Narrowband Internet of Things (Narrow Band Internet of Things, NB-IoT) is implemented in cellular network, only needs
The bandwidth for consuming about 180KHz, can be deployed directly into GSM network, UMTS network or LTE network, have become one of Internet of Things
Important branch.NB-IoT network has the characteristics that big connection, low-power consumption, low cost, wide covering, meets the need of intelligent gas terminal
It asks.The application of NB-IoT technology of Internet of things will promote " internet+" informatization of novel gas management, push combustion
Gas Technical specifications, industrial scale make the industry mark post of wisdom combustion gas jointly.
NB-IoT mould group is the communication module based on NB-IoT baseband chip after encapsulation, meets the frequency in 3GPP standard
Duan Yaoqiu.It has the characteristics that small in size, low in energy consumption, long transmission distance, strong antijamming capability.User need to only pass through the AT of standard
Instruction, can operate NB-IoT mould group, realize the function of terminal management.
However existing NB-IoT mould group do not ensure that enough safety, there may be held as a hostage in use
Risk leads to the loss of user so that there are security risks for intelligent gas terminal.
Summary of the invention
The present invention is intended to provide a kind of one kind for overcoming the above problem or at least being partially solved the above problem is based on mark
The safety communicating method and system for knowing algorithm, can be realized the data security transmission of NB-IoT network end-to-end.
In order to achieve the above objectives, technical solution of the present invention is specifically achieved in that
One aspect of the present invention provides a kind of safety communicating method based on marking algorithm, comprising: by safety chip
It is packaged into a safe mould group with NB-IoT communications module, and in the terminal by the setting of safe mould group;When networking for the first time, terminal will
Request activation message is sent to backstage, wherein request activation message includes at least the issue terminal for the first time in distribution of information for the first time
Identity and terminal using the private key for user of issue terminal for the first time in the distribution of information for the first time prestored in safety chip at least
To the identification signature data that issue terminal identity for the first time is signed, issue terminal identity for the first time is at least wrapped
It includes: safety chip mark, combustion gas table number, NB-SIM card IMSI in NB-SIM card international mobile equipment identity number and safe mould group in safe mould group
Number;Backstage receives request activation message, the authenticity of identification signature data is verified, if being verified, according to combustion gas label
It generates and updates distribution of information, wherein updating distribution of information includes: to update publishing system mark, update publishing system public key, update
Terminal identity mark and update terminal user's private key;Backstage carries out update distribution of information and issue terminal identity for the first time
Encryption obtains secondary offering message ciphertext, and is signed using distribution backstage signature private key for the first time to secondary offering message ciphertext
It obtains updating signed data;Backstage is packaged secondary offering message ciphertext and update signed data, obtains APDU instruction packet,
And APDU instruction packet is sent to terminal;Terminal receives APDU instruction packet, and verifying updates the authenticity of signed data, if verifying is logical
It crosses, then decrypts secondary offering message ciphertext, obtain updating distribution of information, and distribution of information will replace with update distribution of information for the first time
It is saved;Terminal by the plaintext of general data and is calculated general data according to the grade of reported data
MAC value is sent to backstage, or by the critical data ciphertext encrypted to the plaintext of critical data and to crucial number
The critical data signature signed according to ciphertext is sent to backstage;The grade for the reported data that backstage basis receives is right
MAC value is verified, or is verified to critical data signature.
In addition, method further include: will treat issue data ciphertext to be issued that data are encrypted and right from the background
The data signature to be issued that data to be issued are signed is sent to terminal;Terminal, which is treated, to be issued data ciphertext and is decrypted
Data clear text to be issued is obtained, and is treated using data clear text to be issued and to be issued the authenticity of data signature and verified.
In addition, method further include: encrypted to obtain key ciphertext to be updated from the background to key to be updated, and to be updated
Key ciphertext is signed to obtain key signature to be updated, and key ciphertext to be updated and key signature to be updated are sent to end
End;Terminal is decrypted key ciphertext to be updated to obtain key to be updated, and verifies to key signature to be updated.
In addition, safety chip is signed using IBC algorithm.
In addition, method further include: terminal and backstage determine gas industry business datum, and establish gas industry business datum
Data format.
Another aspect of the present invention provides a kind of safe communication system based on marking algorithm, comprising: terminal, wherein eventually
Safe mould group is set in end, and safety chip and NB-IoT communications module are packaged by safe mould group;When networking for the first time, terminal,
It is also used to that activation message will be requested to be sent to backstage, wherein request activation message includes at least in distribution of information for the first time for the first time
Issue terminal identity and terminal utilize the issue terminal user for the first time in the distribution of information for the first time prestored in safety chip
The identification signature data that private key at least signs to issue terminal identity for the first time, for the first time issue terminal identity
It includes at least: safety chip mark, combustion gas table number, NB-SIM in NB-SIM card international mobile equipment identity number and safe mould group in safe mould group
Card IMSI number;From the background, for receiving request activation message, the authenticity of identification signature data, if being verified, root are verified
It is generated according to combustion gas label and updates distribution of information, wherein updating distribution of information includes: to update publishing system mark, more new issue system
System public key updates terminal identity mark and updates terminal user's private key;From the background, it is also used to send out to update distribution of information and for the first time
Row terminal identity mark is encrypted to obtain secondary offering message ciphertext, and using distribution backstage signature private key for the first time to secondary hair
Row message ciphertext, which is signed to obtain, updates signed data;From the background, it is also used to secondary offering message ciphertext and updates number of signature
According to being packaged, APDU instruction packet is obtained, and APDU instruction packet is sent to terminal;Terminal is also used to receive APDU instruction packet,
The authenticity that verifying updates signed data decrypts secondary offering message ciphertext if being verified, and obtains updating distribution of information,
And will for the first time distribution of information replace with update distribution of information save;Terminal is also used to the grade according to reported data, will be general
The plaintext of logical data and the MAC value that general data is calculated are sent to backstage, or will be to the bright of critical data
The critical data ciphertext and the critical data signature transmission signed to critical data ciphertext that text is encrypted
To backstage;From the background, it is also used to verify MAC value, or according to the grade of the reported data received to critical data label
Name is verified.
In addition, backstage, is also used to treat the data ciphertext to be issued and treat down for issuing that data are encrypted
The data signature to be issued that hair data are signed is sent to terminal;Terminal is also used to treat issuing the progress of data ciphertext
Decryption obtains data clear text to be issued, and is treated using data clear text to be issued and to issue the authenticity of data signature and verified.
In addition, backstage, is also used to encrypt key to be updated to obtain key ciphertext to be updated, and to key to be updated
Ciphertext is signed to obtain key signature to be updated, and key ciphertext to be updated and key signature to be updated are sent to terminal;Eventually
End, is also used to that key ciphertext to be updated is decrypted to obtain key to be updated, and verify key signature to be updated.
In addition, safety chip is signed using IBC algorithm.
In addition, terminal and backstage, are also used to determine gas industry business datum, and establish the number of gas industry business datum
According to format.
It can be seen that a kind of safety communicating method and system based on marking algorithm provided through the invention, it can be achieved that
End-by-end security transmission.Safe mould group stores separate type storage mode using safety chip storage and communications module, will be crucial
Key information be stored in safety chip, can only by safety chip obtain use, outside not directly read, avoid key
The risk of leakage.Symmetric encipherment algorithm built in safety chip (such as SM4 algorithm) and IBC algorithm (such as SM9 algorithm) function
Energy.The data that safe mould group is sent are signed and (or) encrypted by safety chip to be transmitted again, and safe mould group is from rear
The data that platform receives are decrypted by safety chip and (or) sign test carries out subsequent processing again later.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, required use in being described below to embodiment
Attached drawing be briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for this
For the those of ordinary skill in field, without creative efforts, it can also be obtained according to these attached drawings other
Attached drawing.
Fig. 1 is the structural schematic diagram of the safe communication system provided in an embodiment of the present invention based on marking algorithm;
Fig. 2 is the terminal structure schematic diagram of the safe communication system provided in an embodiment of the present invention based on marking algorithm;
Fig. 3 is the terminal another kind structural representation of the safe communication system provided in an embodiment of the present invention based on marking algorithm
Figure;
Fig. 4 is the knot of the safe mould group of terminal in the safe communication system provided in an embodiment of the present invention based on marking algorithm
Structure schematic diagram;
Fig. 5 is the flow chart of the safety communicating method provided in an embodiment of the present invention based on marking algorithm;
Fig. 6 is gas meter terminal activation process in the safety communicating method provided in an embodiment of the present invention based on marking algorithm
Figure;
It is that gas meter terminal commonly counts that Fig. 7, which is in the safety communicating method provided in an embodiment of the present invention based on marking algorithm,
According to report flow;
Fig. 8 is gas meter terminal critical data in the safety communicating method provided in an embodiment of the present invention based on marking algorithm
Report flow;
Fig. 9 is that Batch Processing instruction issues stream in the safety communicating method provided in an embodiment of the present invention based on marking algorithm
Journey;
Figure 10 is terminal key more new technological process in the safety communicating method provided in an embodiment of the present invention based on marking algorithm.
Specific embodiment
Exemplary embodiments of the present disclosure are described in more detail below with reference to accompanying drawings.Although showing the disclosure in attached drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure
It is fully disclosed to those skilled in the art.
The technical problem to be solved in the present invention is that the characteristics of for Internet of Things gas industry, provide a kind of safe mould
Group and corresponding secure communication protocols realize business datum encryption end to end and entity authentication.
Fig. 1 is the structural schematic diagram of the safe communication system provided in an embodiment of the present invention based on marking algorithm, referring to figure
1, the safe communication system provided in an embodiment of the present invention based on marking algorithm includes: terminal 1 and backstage 2.
Wherein: referring to fig. 2 to Fig. 4, terminal 1 includes safe mould group 10, gas meter terminal 20 and NB-SIM 30, safety
Mould group includes safety chip 11 and NB-IoT communications module 12.
Use symmetry algorithm combination IBC algorithm between terminal 1 and backstage 2, realization to the encryption of different data stream type and
Certification.Wherein, for different data stream type, encryption and certification include following one or a combination set of any: being based on symmetry algorithm
MAC verification, the encryption and decryption based on symmetry algorithm, the encryption and decryption based on IBC algorithm and the signature authentication based on IBC algorithm etc..
The present invention realizes NB-IoT terminal device by integrating NB-IoT communications module 12 and safety chip 11
Safety data transmission provides safeguard for NB-IoT Network Communicate Security.Safety chip 11 has secure data store function, symmetrical
Algorithm function, IBC algorithm function, all keys can only use inside safety chip 11, and all cipher key related informations can only be by
Safety chip obtains, and NB-IoT communications module 12 can not obtain;NB-IoT communications module 12 has NB-IoT network communicating function.
Safety chip 11 and NB- are controlled by MCU when NB-IoT communications module 12 is used in combination safe mould group 10 with safety chip 11
IoT communications module 12 is used cooperatively, safety chip 11 is combined to formation one with NB-IoT communications module 12 by packing forms
Safe mould group 10, NB-IoT communications module 12 are interacted with safety chip 11, and NB-IoT communications module 12 is made to have safety chip 11
Function, become new safe mould group 10.
Specifically, Fig. 2 is a kind of implementation of safe mould group 10, wherein NB-IoT mould group 12 and 11 shape of safety chip
It can separate in formula, be interacted respectively with NB-IoT mould group 12 and safety chip 11 by gas meter terminal MCU 20, be realized
Data security transmission function.Or NB-IoT mould group 12 and safety chip 11 are in form a new safe mould group 10, logic
It is upper to separate, it is interacted respectively with NB-IoT mould group 12 and safety chip 11 by gas meter terminal MCU 20, realizes data peace
Full transfer function.
Fig. 3 is another implementation of safe mould group 10.NB-IoT mould group 12 and safety chip 11 are one in form
New safe mould group 10 realizes interaction in logic between NB-IoT mould group 12 and safety chip 11, and uniformly by safe mould group 10
Data security transmission function is provided.
Based on the above-mentioned safe communication system based on marking algorithm, the present invention provides a kind of peaces based on marking algorithm
Full communication method, referring to Fig. 5, the safety communicating method provided in an embodiment of the present invention based on marking algorithm, comprising:
Safety chip and NB-IoT communications module are packaged into a safe mould group, and the setting of safe mould group are existed by S501
In terminal;
S502, when networking for the first time, request activation message is sent to backstage by terminal, wherein request activation message at least wraps
The identity of issue terminal for the first time and terminal included in distribution of information for the first time is believed using the distribution for the first time prestored in safety chip
The identification signature number that the private key for user of issue terminal for the first time in breath at least signs to issue terminal identity for the first time
According to issue terminal identity for the first time includes at least: safety chip mark, combustion gas table number, NB-SIM card IMEI in safe mould group
NB-SIM card IMSI number in number and safe mould group;
Specifically, the safe mould group of the present invention towards gas industry, when networking for the first time, terminal need to be by following information
It is sent to backstage: safety chip mark, table number, NB-SIM card international mobile equipment identity number in safe mould group, NB-SIM card in safe mould group
IMSI number.Safe mould group of the invention has unique identification, this mark is combustion gas table number.In safe mould group of the invention
Safety chip has unique identification.
S503, backstage receive request activation message, verify the authenticity of identification signature data, if being verified, basis
Combustion gas label, which generates, updates distribution of information, wherein updating distribution of information includes: to update publishing system mark, update publishing system
Public key updates terminal identity mark and updates terminal user's private key;
S504 is encrypted to obtain secondary offering message to update distribution of information and issue terminal identity for the first time from the background
Ciphertext, and secondary offering message ciphertext is signed to obtain using distribution backstage signature private key for the first time and updates signed data;
S505 is from the background packaged secondary offering message ciphertext and update signed data, obtains APDU instruction packet, and will
APDU instruction packet is sent to terminal;
Gas meter terminal described in the invention need to execute activation relevant operation when networking for the first time.The stream of activation operation
Journey may is that terminal signs to self identification using IBC algorithm, and equipment of itself mark is reported to backstage with signature.
Backstage first verifies that the authenticity of this signature, if being verified, issues a set of completely new key replacement original key of terminal
And (or) mark.Data are issued by encapsulation, APDU instruction packet is formed and is directly handed down to safety chip.
Wherein, terminal activation be related to two associated safety chip APDU instruction can be with are as follows: first APDU instruction for
Report terminal correlated identities information.
A kind of preferred APDU instruction format is as follows:
The new data packet that Article 2 APDU instruction is issued for parsing verifying backstage, if verifying and successfully resolved, make
The original distribution key of safety chip is replaced with the new key parsed.
A kind of preferred APDU instruction format is as follows:
S506, terminal receive APDU instruction packet, and the authenticity that verifying updates signed data decrypts two if being verified
Secondary distribution message ciphertext, obtain update distribution of information, and will for the first time distribution of information replace with update distribution of information save;
S507, terminal calculate by the plaintext of general data and to general data according to the grade of reported data
To MAC value be sent to backstage, or by the critical data ciphertext encrypted to the plaintext of critical data and to pass
The critical data signature that key data ciphertext is signed is sent to backstage;
S508 verifies MAC value, or from the background according to the grade of the reported data received to critical data label
Name is verified.
The demand that daily meter reading is needed for gas industry, sums up a Terminal Type general data reporting functions out.Terminal is common
The process that data report is: terminal carries out MAC calculating to data are uploaded using symmetry algorithm, and by data to be uploaded and MAC value
It reports together.It is related to terminal time that MAC calculates used IV.
A kind of preferred safety chip terminal general data reports encapsulation APDU instruction format as follows:
Coding | It is worth (Hex) |
CLA | 80 |
INS | 4A |
P1 | 00 |
P2 | 00 |
Lc | The length of data field |
DATA | Data packet to be uploaded in plain text, is started with FA, FB ending |
Le | It is determined according to data field length |
Response Data | FA F558 20 | | table number | | B0 | | the length of ciphertext | | ciphertext | | C0 60 | | signature FB |
It can be seen that the safe passing method based on marking algorithm provided through the embodiment of the present invention is, it can be achieved that end is arrived
The safe transmission at end.Safe mould group stores separate type storage mode using safety chip storage and communications module, by the close of key
Key information is stored in safety chip, can only be obtained and be used by safety chip, and outside is not directly read, and Key Exposure is avoided
Risk.Symmetric encipherment algorithm built in safety chip (such as SM4 algorithm) and IBC algorithm (such as SM9 algorithm) function.Peace
The data that full mould group is sent are signed and (or) encrypted by safety chip to be transmitted again, and safe mould group is received from backstage
To data be decrypted by safety chip and (or) sign test after carry out subsequent processing again.
As an optional embodiment of the embodiment of the present invention, method further include: will treat issue data progress from the background
It encrypts obtained data ciphertext to be issued and treats and issue the data signature to be issued that data are signed and be sent to end
End;Terminal, which is treated, to be issued data ciphertext and is decrypted to obtain data clear text to be issued, and is treated down using data clear text to be issued
The authenticity of hair data signature is verified.Thereby guarantee that backstage issues the safety of data.
Backstage instruction issues function, i.e., backstage sends instructions under signs, and instruction and signature are issued together.Signature
Used algorithm is IBC algorithm.
Safety chip indicates whether sign test passes through by returning to different return codes.
As an optional embodiment of the embodiment of the present invention, method further include: add from the background to key to be updated
It is close to obtain key ciphertext to be updated, and key ciphertext to be updated is signed to obtain key signature to be updated, it will be to be updated close
Key ciphertext and key signature to be updated are sent to terminal;Terminal is decrypted to obtain key to be updated to key ciphertext to be updated,
And key signature to be updated is verified.Thereby guarantee that the safety of terminal more new key.
Key to be updated is encrypted and is signed jointly by key updating function, i.e. backstage.And by encrypted result and label
Name is encapsulated into the executable APDU instruction of safety chip.Safe mould group receive this instruction packet after directly transfer to safety chip into
Row processing.Backstage encrypts association key using based on IBC Encryption Algorithm.Backstage is using IBC signature algorithm to association key or phase
The ciphertext for closing key is signed.
As first optional embodiment of the embodiment of the present invention, safety chip is signed using IBC algorithm.Thus it protects
Demonstrate,prove the authenticity and safety of safe mould group data transmission.
As an optional embodiment of the embodiment of the present invention, method further include: terminal and backstage determine gas industry
Business datum, and establish the data format of gas industry business datum.Specifically, it by gas industry business datum, is configured to
The data format of complete set, comprising: gas meter terminal status data, business datum, control instruction and response.And by combustion gas row
Industry NB-IoT network function is divided into five classes, formulates different secure transfer protocols for these five types of different functions, specifically may be used
To realize five kinds of different security protocols automatically by safe mould group.
Specifically, it is involved in the present invention to NB-IoT network data flow in all data type can for 16 into
System.The length mark involved in the present invention arrived is byte length.
Data flow in gas industry NB-IoT network uses TLV data format, and detailed data format is as follows:
Following data need to be included between ' FA ' and ' FB '
The present invention is to parse data structure by the TAG in data flow.
FA-FE is general identifications, the beginning of FA identification data packet, FB mark data inclusion tail.General identifications must be in plain text
Form occurs, and FC, FD, FE can not be included between FA and FB.
Other identifier in addition to general identifications may include between FA and FB.
The data of A0 mark thereafter are an APDU instruction, need to directly pass through safety chip.The mark must be in plain text
Form occurs.
The data of B0 mark thereafter are ciphertext.The mark must occur with plaintext version.
C0 identifies the digital signature to ciphertext.The mark must occur with plaintext version.
First byte is the mark of F5, is gas meter terminal uplink state/identity information mark.Such mark must be in plain text
Form occurs.
First byte is the mark of F6, is backstage downstream state/identity information mark.Such mark must be gone out with plaintext version
It is existing.
First byte is the mark of F0, is Background control command identification.Such mark can occur with plaintext version, or with close
Literary form is included in ciphertext.The hit of this hair is not related to including the situation in ciphertext with ciphertext form.
First byte is the mark of F2, is returned data/status indicator that gas meter terminal instructs Background control.The category
Knowledge can occur with plaintext version, or be included in ciphertext with ciphertext form.
First byte is the mark of FA, is Batch Processing command identification.Such mark can occur with plaintext version, or with close
Literary form is included in ciphertext.The hit of this hair is not related to including the situation in ciphertext with ciphertext form.
First byte is the mark of F8, is returned data/status indicator that gas meter terminal instructs Batch Processing.The category
Knowledge can occur with plaintext version, or be included in ciphertext with ciphertext form.
First byte is the mark of F9, is gas meter terminal active reporting business datum mark.Such mark can plaintext shape
Formula occurs, or is included in ciphertext with ciphertext form.
For the business characteristic of gas industry, business function involved by gas industry is divided into five classes by the present invention,
Such as: terminal activation, backstage instruction issues, terminal general data reports, terminal key data report, key updating.And it can be with
Five kinds of different secure transfer protocols are provided, the functions such as intelligent metering, long-range monitoring, aerial Stored Value are able to achieve.Hereinafter, passing through figure
6 to Figure 10 are respectively briefly described each business function:
It is the activation process figure of NB-IoT combustion gas terminal referring to Fig. 6.NB-IoT combustion gas terminal includes safe mould group 10,
Before NB-IoT combustion gas terminal networks for the first time, connection, safe mould group 10 are established between safe mould group 10 and backstage by other means
In include following release data for the first time and key: IBC algorithmic system encrypted public key, IBC algorithmic system verification public key, rear logo
Knowledge, terminal iidentification, table number, IMSI number, IBC algorithm terminal signature private key, IBC algorithm terminal deciphering private key.In addition to this, eventually
The international mobile equipment identity number at end can sets itself before terminal networking.
When combustion gas terminal networks for the first time, NB-SIM 30IMSI number and NB-SIM 30IMEI number are sent to safe mould
Group 10, safe mould group 10 can organize associated terminal to identify, and complete to sign by safety chip 11, and will by NB-IoT communications module 12
Data are uploaded to backstage automatically.In the process, Digital Signature Algorithm used by safety chip 11 is IBC signature algorithm, safety
Key used in chip 11 is the IBC signature private key of issue terminal for the first time of 11 storages in safety chip.
After backstage receives terminal iidentification and signature, the signature is first verified that.Parameter used in verification process is for the first time
Issue the mark of IBC system public key and corresponding user.
If being verified, from the background according to terminal iidentification prepare corresponding secret key, including new IBC algorithmic system encrypted public key,
New IBC algorithmic system verification public key, new rear station identification (optional), new terminal iidentification, new table number, new IBC algorithm
Terminal signature private key, new IBC algorithm terminal deciphering private key.The above key is arranged as burst of data, carry out encryption and will plus
Result after close carries out signature and obtains a string of new data.Algorithm used in encrypting is IBC Encryption Algorithm, and cryptographic calculation is made
Parameter is the table number of distribution for the first time of counterpart terminal, issues IBC algorithm public key for the first time.Algorithm used in signing is IBC label
Name algorithm, parameter used in signature algorithm are to issue backstage IBC signature private key for the first time.
New serial data need to be split and be encapsulated by backstage, and each data packet after being passed through encapsulation is no more than NB-IoT net
Network allows the maximum data frame length transmitted.
After terminal receives all data packets, all instruction packets for passing through safety chip 11 are pieced together, according to
It is secondary to be sent to safety chip 11.Safety chip 11 first verifies that signature after having received all instructions, if being verified,
Ciphertext data obtains new key, and issues key for the first time using original in new key replacement safety chip.In the process
Used verification algorithm is IBC verification algorithm, verifies parameter used in operation and is the rear station identification issued for the first time, sends out for the first time
Capable IBC proof of algorithm public key.Decipherment algorithm used in the process is IBC decipherment algorithm.
It is the flow chart that NB-IoT combustion gas terminal general data reports with reference to Fig. 7.Gas meter terminal need to upload the category information
When, clear data to be uploaded is sent to safe mould group 10 by gas meter terminal MCU 20, and safety chip 11 calculates corresponding MAC
Check value, and after encapsulating and returning to gas meter terminal MCU 20 or be transmitted directly to by NB-IoT communications module 12 after the data packet
Platform.MAC calculation method used in the process is symmetry algorithm, and used parameter includes that terminal counter or timestamp are made
For initial vector, used key is terminal symmetric key.After backstage receives data packet, parsed in the data packet first
Then whether correct contained timestamp verifies the MAC value.
It is the flow chart that NB-IoT combustion gas terminal key data report with reference to Fig. 8.It is NB-IoT combustion gas terminal with reference to Fig. 5
The flow chart that general data reports.When gas meter terminal need to upload the category information, gas meter terminal MCU 20 will be to be uploaded bright
Literary data are sent to safe mould group 10, and safety chip 11 is encrypted first, then sign to encrypted ciphertext.Later
Above-mentioned ciphertext and signature are packaged, and returns to gas meter terminal MCU 20 after encapsulating the data packet or is communicated by NB-IoT
Mould group 12 is transmitted directly to backstage.Encryption Algorithm used in the process is symmetric encipherment algorithm, used in Encryption Algorithm
Key is the symmetric key of terminal.Signature algorithm used in the process is IBC signature algorithm, close used in signature algorithm
Key is the IBC algorithm signature private key of terminal.After backstage receives this data packet, first verifies that signature, then decrypt.
It is the flow chart of backstage issuing service instruction with reference to Fig. 9.The instruction that terminal issues band is signed, and will be referred to
It enables in plain text and is issued after signature encapsulation, signature algorithm used in the process is IBC signature algorithm, used in signature algorithm
Key is the IBC algorithm signature private key on backstage.After terminal receives data packet, signature need to be first verified that, if verifying is correct, terminal
The response instruction issued under after execution.Parameter used in verifying is system banner and system verification public key.
It is the data flow that backstage issues the instruction of NB-IoT combustion gas terminal more new key with reference to Figure 10.After terminal networks, on need
Self identification information is reported, corresponding terminal symmetry algorithm key is prepared according to terminal iidentification from the background.The symmetric key is encrypted
And encrypted result is subjected to signature and obtains a string of new data.Algorithm used in encrypting is IBC Encryption Algorithm, encryption fortune
Parameter used in calculating is counterpart terminal table number, IBC algorithm public key.Algorithm used in signing is IBC signature algorithm, and signature is calculated
Parameter backstage IBC signature private key used in method.
After terminal receives all data packets, parses APDU and instruct and give safety chip 11.Safety chip 11 exists
After receiving instruction, signature is first verified that, if being verified, ciphertext data obtains new key, and replaces using new key
Original symmetry algorithm key in safety chip 11.Verification algorithm used in the process is IBC verification algorithm, verifies operation
Used parameter is rear station identification, IBC proof of algorithm public key.Decipherment algorithm used in the process is IBC decipherment algorithm.
For the above-mentioned five classes major function for realizing gas industry, the present invention provides a kind of by NB-IoT mould group and safety chip
In conjunction with safe mould group.Preferably, built-in safe mould group in gas meter terminal, platform issues one kind upon receipt
Data packet after, parse the mark of sender first and judge whether comprising the instruction packet of safety chip need to be transferred directly to,
If comprising packet will be instructed to split and be sent to safety chip according to safety chip communication specification and handled;Next judgement
Whether contain ciphertext or signature in data packet, if to be resolved containing ciphertext in data packet, terminal needs to refer to according to safety chip
It enables specification that ciphertext is sent to safety chip to parse.If to be verified containing signing in data packet, terminal is needed according to safety
Data and signature to be verified are sent to safety chip and verified by chip instruction specification.Label are being decrypted or verified to safety chip
Name after, no matter success or not, will all return to implementing result.Gas meter terminal continues to execute phase further according to decryption or verification result
Close process.
If gas meter terminal needs active reporting data or passive returned data, data to be reported need to be only sent to by terminal
Safe mould group.Safe mould group is first depending on the configuration in safety chip to be uploaded after receiving data to be sent
Data carry out MAC calculating or ciphering signature.And actively by safety chip treated result data is reported to backstage.
The following provide the brief descriptions of the safe communication system based on marking algorithm, should be led to based on the safety of marking algorithm
Letter system is applied to the above method, other unaccomplished matters please refer to the phase in the above-mentioned safety communicating method based on marking algorithm
Close description, safe communication system of the embodiment of the present invention based on marking algorithm, comprising:
Terminal 1, wherein safe mould group is set in terminal 1, and safe mould group carries out safety chip and NB-IoT communications module
Encapsulation;
When networking for the first time, terminal 1 is also used to that activation message will be requested to be sent to backstage 2, wherein request activation message is extremely
Few includes 1 identity of issue terminal for the first time in distribution of information for the first time and terminal 1 using prestoring for the first time in safety chip
The mark that 1 private key for user of issue terminal for the first time in distribution of information at least signs to 1 identity of issue terminal for the first time
Know signed data, 1 identity of issue terminal for the first time includes at least: safety chip mark, combustion gas table number, NB- in safe mould group
NB-SIM card IMSI number in SIM card international mobile equipment identity number and safe mould group;
From the background 2, for receiving request activation message, verify the authenticity of identification signature data, if being verified, basis
Combustion gas label, which generates, updates distribution of information, wherein updating distribution of information includes: to update publishing system mark, update publishing system
Public key, more 1 identity of new terminal and more 1 private key for user of new terminal;
From the background 2, it is also used to updating distribution of information and 1 identity of issue terminal for the first time is encrypted to obtain secondary offering
Message ciphertext, and secondary offering message ciphertext is signed to obtain using distribution 2 signature private key of backstage for the first time and updates number of signature
According to;
From the background 2, it is also used to secondary offering message ciphertext and updates signed data and be packaged, obtain APDU instruction packet,
And APDU instruction packet is sent to terminal 1;
Terminal 1, is also used to receive APDU instruction packet, and the authenticity that verifying updates signed data is decrypted if being verified
Secondary offering message ciphertext, obtain update distribution of information, and will for the first time distribution of information replace with update distribution of information save;
Terminal 1 is also used to the grade according to reported data, calculates the plaintext of general data and to general data
Obtained MAC value is sent to backstage 2, or by the critical data ciphertext encrypted to the plaintext of critical data and right
The critical data signature that critical data ciphertext is signed is sent to backstage 2;
From the background 2, it is also used to verify MAC value, or according to the grade of the reported data received to critical data
Signature is verified.
It can be seen that the safe passing system based on marking algorithm provided through the embodiment of the present invention is, it can be achieved that end is arrived
The safe transmission at end.Safe mould group stores separate type storage mode using safety chip storage and communications module, by the close of key
Key information is stored in safety chip, can only be obtained and be used by safety chip, and outside is not directly read, and Key Exposure is avoided
Risk.Symmetric encipherment algorithm built in safety chip (such as SM4 algorithm) and IBC algorithm (such as SM9 algorithm) function.Peace
The data that full mould group is sent are signed and (or) encrypted by safety chip to be transmitted again, and safe mould group is received from backstage
To data be decrypted by safety chip and (or) sign test after carry out subsequent processing again.
As an optional embodiment of the embodiment of the present invention, backstage 2 is also used to treat issuing data and encrypt
It obtained data ciphertext to be issued and treats and issues the data signature to be issued that data are signed and be sent to terminal 1;
Terminal 1 is also used to treat issuing data ciphertext and be decrypted to obtain data clear text to be issued, and utilizes data clear text pair to be issued
The authenticity of data signature to be issued is verified.Thereby guarantee that backstage issues the safety of data.
As an optional embodiment of the embodiment of the present invention, backstage 2 is also used to encrypt to key to be updated
It is signed to obtain key signature to be updated to key ciphertext to be updated, and to key ciphertext to be updated, key to be updated is close
Key signature literary and to be updated is sent to terminal 1;Terminal 1 is also used to be decrypted to obtain to key ciphertext to be updated to be updated
Key, and key signature to be updated is verified.Thereby guarantee that the safety of terminal more new key.
As an optional embodiment of the embodiment of the present invention, safety chip is signed using IBC algorithm.Thus it protects
Demonstrate,prove the authenticity and safety of safe mould group data transmission.
As an optional embodiment of the embodiment of the present invention, terminal 1 and backstage 2 are also used to determine gas industry industry
Business data, and establish the data format of gas industry business datum.
It should be understood by those skilled in the art that, embodiments herein can provide as method, system or computer program
Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the application
Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the application, which can be used in one or more,
The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces
The form of product.
The application is referring to method, the process of equipment (system) and computer program product according to the embodiment of the present application
Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions
The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs
Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce
A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real
The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates,
Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or
The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one
The step of function of being specified in a box or multiple boxes.
In a typical configuration, calculating equipment includes one or more processors (CPU), input/output interface, net
Network interface and memory.
Memory may include the non-volatile memory in computer-readable medium, random access memory (RAM) and/
Or the forms such as Nonvolatile memory, such as read-only memory (ROM) or flash memory (flash RAM).Memory is computer-readable Jie
The example of matter.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method
Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable
Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),
Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devices
Or any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculates
Machine readable medium does not include temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
The above is only embodiments herein, are not intended to limit this application.To those skilled in the art,
Various changes and changes are possible in this application.It is all within the spirit and principles of the present application made by any modification, equivalent replacement,
Improve etc., it should be included within the scope of the claims of this application.
Claims (10)
1. a kind of safety communicating method based on marking algorithm characterized by comprising
Safety chip and NB-IoT communications module are packaged into a safe mould group, and the safe mould group is arranged in terminal
In;
When networking for the first time, request activation message is sent to backstage by the terminal, wherein the request activation message includes at least
The identity of issue terminal for the first time in distribution of information for the first time and the terminal in the safety chip using prestoring for the first time
What the private key for user of issue terminal for the first time in distribution of information at least signed to the identity of issue terminal for the first time
Identification signature data, the identity of issue terminal for the first time include at least: safety chip mark, combustion gas table number, safe mould group
NB-SIM card IMSI number in middle NB-SIM card international mobile equipment identity number and safe mould group;
The backstage receives the request and activates message, verifies the authenticity of the identification signature data, if being verified, root
It is generated according to the combustion gas label and updates distribution of information, wherein the update distribution of information includes: to update publishing system to identify, more
New issue system public key updates terminal identity mark and updates terminal user's private key;
The backstage is encrypted to obtain secondary offering to the update distribution of information and the identity of issue terminal for the first time
Message ciphertext, and the secondary offering message ciphertext is signed using distribution backstage signature private key for the first time to obtain update signature
Data;
The backstage is packaged the secondary offering message ciphertext and the update signed data, obtains APDU instruction packet,
And APDU instruction packet is sent to the terminal;
The terminal receives the APDU instruction packet, verifies the authenticity for updating signed data and decrypts if being verified
The secondary offering message ciphertext obtains the update distribution of information, and the distribution of information for the first time is replaced with the update
Distribution of information is saved;
The terminal is calculated according to the grade of reported data by the plaintext of general data and to the general data
MAC value be sent to the backstage, or by the critical data ciphertext encrypted to the plaintext of critical data and right
The critical data signature that the critical data ciphertext is signed is sent to the backstage;
MAC value is verified according to the grade of the reported data received in the backstage, or signs to the critical data
It is verified.
2. the method according to claim 1, wherein further include:
The backstage will treat issue data ciphertext to be issued that data are encrypted and to the data to be issued into
The data signature to be issued that row signature obtains is sent to the terminal;
The terminal is decrypted the data ciphertext to be issued to obtain the data clear text to be issued, and using described under
Hair data clear text verifies the authenticity of the data signature to be issued.
3. the method according to claim 1, wherein further include:
The backstage encrypts key to be updated to obtain key ciphertext to be updated, and carries out to the key ciphertext to be updated
Signature obtains key signature to be updated, and the key ciphertext to be updated and the key signature to be updated are sent to the end
End;
The terminal is decrypted the key ciphertext to be updated to obtain the key to be updated, and to the key to be updated
Signature is verified.
4. the method according to claim 1, wherein the safety chip is signed using IBC algorithm.
5. the method according to claim 1, wherein further include:
The terminal and the backstage determine gas industry business datum, and establish the data lattice of the gas industry business datum
Formula.
6. a kind of safe communication system based on marking algorithm characterized by comprising
Terminal, wherein safe mould group is set in the terminal, the safe mould group by safety chip and NB-IoT communications module into
Row encapsulation;
When networking for the first time, the terminal is also used to that activation message will be requested to be sent to backstage, wherein the request activates message
Including at least in distribution of information for the first time the identity of issue terminal for the first time and the terminal using pre- in the safety chip
The private key for user of issue terminal for the first time in the distribution of information for the first time deposited at least signs the identity of issue terminal for the first time
The obtained identification signature data of name, the identity of issue terminal for the first time include at least: safety chip mark, combustion gas table number,
NB-SIM card IMSI number in NB-SIM card international mobile equipment identity number and safe mould group in safe mould group;
The authenticity of the identification signature data is verified, if verifying is logical for receiving the request activation message in the backstage
It crosses, is then generated according to the combustion gas label and update distribution of information, wherein the update distribution of information includes: update publishing system
Mark updates publishing system public key, updates terminal identity mark and updates terminal user's private key;
The backstage is also used to be encrypted to obtain two to the update distribution of information and the identity of issue terminal for the first time
Secondary distribution message ciphertext, and the secondary offering message ciphertext is signed to obtain more using distribution backstage signature private key for the first time
New signed data;
The backstage is also used to be packaged the secondary offering message ciphertext and the update signed data, obtains APDU
Instruction packet, and APDU instruction packet is sent to the terminal;
The terminal is also used to receive the APDU instruction packet, verifies the authenticity for updating signed data, if verifying is logical
It crosses, then decrypts the secondary offering message ciphertext, obtain the update distribution of information, and the distribution of information for the first time is replaced with
The update distribution of information is saved;
The terminal is also used to the grade according to reported data, carries out by the plaintext of general data and to the general data
The MAC value being calculated is sent to the backstage, or the critical data encrypted to the plaintext of critical data is close
Text and the critical data signature signed to the critical data ciphertext are sent to the backstage;
The backstage is also used to verify MAC value, or according to the grade of the reported data received to the key
Data signature is verified.
7. system according to claim 6, which is characterized in that
The backstage is also used to treat issuing data ciphertext to be issued that data are encrypted and to described wait issue
The data signature to be issued that data are signed is sent to the terminal;
The terminal is also used to that the data ciphertext to be issued is decrypted to obtain the data clear text to be issued, and utilizes
The data clear text to be issued verifies the authenticity of the data signature to be issued.
8. system according to claim 6, which is characterized in that
The backstage is also used to be encrypted to obtain key ciphertext to be updated to key to be updated, and to the key to be updated
Ciphertext is signed to obtain key signature to be updated, and the key ciphertext to be updated and the key signature to be updated are sent to
The terminal;
The terminal, is also used to that the key ciphertext to be updated is decrypted to obtain the key to be updated, and to it is described to
Key signature is updated to be verified.
9. system according to claim 6, which is characterized in that the safety chip is signed using IBC algorithm.
10. system according to claim 6, which is characterized in that
The terminal and the backstage are also used to determine gas industry business datum, and establish the gas industry business datum
Data format.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810708003.9A CN109041052B (en) | 2018-07-02 | 2018-07-02 | Safe communication method and system based on identification algorithm |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810708003.9A CN109041052B (en) | 2018-07-02 | 2018-07-02 | Safe communication method and system based on identification algorithm |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109041052A true CN109041052A (en) | 2018-12-18 |
CN109041052B CN109041052B (en) | 2021-03-30 |
Family
ID=65522169
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810708003.9A Active CN109041052B (en) | 2018-07-02 | 2018-07-02 | Safe communication method and system based on identification algorithm |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109041052B (en) |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109982288A (en) * | 2019-04-10 | 2019-07-05 | 宁夏隆基宁光仪表股份有限公司 | It is a kind of that algorithm is reported based on avoiding the peak hour for NB-IoT Internet of Things gas meter, flow meter |
CN110213764A (en) * | 2019-06-12 | 2019-09-06 | 深圳奥联信息安全技术有限公司 | The wireless security means of communication and device |
CN110401530A (en) * | 2019-07-25 | 2019-11-01 | 金卡智能集团股份有限公司 | A kind of safety communicating method of gas meter, flow meter, system, equipment and storage medium |
CN110632875A (en) * | 2019-09-24 | 2019-12-31 | 武汉亚为电子科技有限公司 | Equipment health monitoring method and device based on AIoT intelligent Internet of things |
CN110650016A (en) * | 2019-09-02 | 2020-01-03 | 南京南瑞继保电气有限公司 | Method for realizing network data security of AC/DC control protection system |
CN110650477A (en) * | 2019-08-19 | 2020-01-03 | 中移(杭州)信息技术有限公司 | Interaction method, platform, server and storage medium of NB-IOT (NB-IOT) equipment |
CN111552270A (en) * | 2020-04-29 | 2020-08-18 | 北京汽车股份有限公司 | Safety authentication and data transmission method and device for vehicle-mounted diagnosis |
CN112437087A (en) * | 2020-11-24 | 2021-03-02 | 重庆市山城燃气设备有限公司 | Encryption and decryption method and system for gas meter with safety chip and gas meter system |
CN112767667A (en) * | 2020-12-25 | 2021-05-07 | 深圳市燃气集团股份有限公司 | Safety module based on NB-IoT (NB-IoT), gas meter reading system and method |
CN112866989A (en) * | 2019-11-28 | 2021-05-28 | 北京亚华意诺斯新能源科技有限公司 | Communication equipment based on narrowband thing networking |
CN113099448A (en) * | 2019-12-20 | 2021-07-09 | 北京紫光青藤微系统有限公司 | Terminal identity authentication method suitable for high-capacity SIM card |
CN114221759A (en) * | 2021-11-29 | 2022-03-22 | 成都卫士通信息产业股份有限公司 | Remote monitoring deployment method and device, electronic equipment and storage medium |
CN114598464A (en) * | 2022-03-08 | 2022-06-07 | 潍柴动力股份有限公司 | Data updating method and controller |
CN114666074A (en) * | 2020-12-04 | 2022-06-24 | 中移物联网有限公司 | Product identification authentication method and device |
CN115098227A (en) * | 2022-08-24 | 2022-09-23 | 中诚华隆计算机技术有限公司 | Method and device for updating dynamic information of security equipment |
CN115633338A (en) * | 2022-08-18 | 2023-01-20 | 芯电智联(北京)科技有限公司 | Data updating processing method of NFC label |
CN115734211A (en) * | 2021-08-30 | 2023-03-03 | 中移物联网有限公司 | Identification analysis method and system, and storage medium |
CN117118756A (en) * | 2023-10-23 | 2023-11-24 | 中关村芯海择优科技有限公司 | Data interaction method, device, computer equipment and computer readable storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020198748A1 (en) * | 2001-05-25 | 2002-12-26 | Eden Thomas M. | System and method for implementing an employee-rights-sensitive drug free workplace policy |
CN101369360A (en) * | 2008-09-27 | 2009-02-18 | 北京双得利科工贸有限责任公司 | Machine-card separation method for digital measuring apparatus and its card sending system |
CN103106744A (en) * | 2013-01-31 | 2013-05-15 | 成都秦川科技发展有限公司 | Internet of things intelligent gas meter embedded with information security management module |
CN104393993A (en) * | 2014-10-24 | 2015-03-04 | 国家电网公司 | A security chip for electricity selling terminal and the realizing method |
CN106656999A (en) * | 2016-11-10 | 2017-05-10 | 济南浪潮高新科技投资发展有限公司 | Secure transmission authentication method and device of IoT (Internet of Things) terminal equipment |
-
2018
- 2018-07-02 CN CN201810708003.9A patent/CN109041052B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020198748A1 (en) * | 2001-05-25 | 2002-12-26 | Eden Thomas M. | System and method for implementing an employee-rights-sensitive drug free workplace policy |
CN101369360A (en) * | 2008-09-27 | 2009-02-18 | 北京双得利科工贸有限责任公司 | Machine-card separation method for digital measuring apparatus and its card sending system |
CN103106744A (en) * | 2013-01-31 | 2013-05-15 | 成都秦川科技发展有限公司 | Internet of things intelligent gas meter embedded with information security management module |
CN104393993A (en) * | 2014-10-24 | 2015-03-04 | 国家电网公司 | A security chip for electricity selling terminal and the realizing method |
CN106656999A (en) * | 2016-11-10 | 2017-05-10 | 济南浪潮高新科技投资发展有限公司 | Secure transmission authentication method and device of IoT (Internet of Things) terminal equipment |
Non-Patent Citations (2)
Title |
---|
支晓晔 等: "城市智能燃气网技术构架探讨", 《城市燃气》 * |
杨忠义 等: "基于NB-IoT技术的燃气非居民用计量收费系统", 《煤气与热力》 * |
Cited By (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109982288A (en) * | 2019-04-10 | 2019-07-05 | 宁夏隆基宁光仪表股份有限公司 | It is a kind of that algorithm is reported based on avoiding the peak hour for NB-IoT Internet of Things gas meter, flow meter |
CN110213764A (en) * | 2019-06-12 | 2019-09-06 | 深圳奥联信息安全技术有限公司 | The wireless security means of communication and device |
CN110401530A (en) * | 2019-07-25 | 2019-11-01 | 金卡智能集团股份有限公司 | A kind of safety communicating method of gas meter, flow meter, system, equipment and storage medium |
CN110650477B (en) * | 2019-08-19 | 2023-07-11 | 中移(杭州)信息技术有限公司 | Interaction method, platform, server and storage medium of NB-IOT equipment |
CN110650477A (en) * | 2019-08-19 | 2020-01-03 | 中移(杭州)信息技术有限公司 | Interaction method, platform, server and storage medium of NB-IOT (NB-IOT) equipment |
CN110650016A (en) * | 2019-09-02 | 2020-01-03 | 南京南瑞继保电气有限公司 | Method for realizing network data security of AC/DC control protection system |
CN110650016B (en) * | 2019-09-02 | 2022-09-23 | 南京南瑞继保电气有限公司 | Method for realizing network data security of AC/DC control protection system |
CN110632875A (en) * | 2019-09-24 | 2019-12-31 | 武汉亚为电子科技有限公司 | Equipment health monitoring method and device based on AIoT intelligent Internet of things |
CN112866989A (en) * | 2019-11-28 | 2021-05-28 | 北京亚华意诺斯新能源科技有限公司 | Communication equipment based on narrowband thing networking |
CN113099448B (en) * | 2019-12-20 | 2022-07-19 | 紫光同芯微电子有限公司 | Terminal identity authentication method suitable for high-capacity SIM card |
CN113099448A (en) * | 2019-12-20 | 2021-07-09 | 北京紫光青藤微系统有限公司 | Terminal identity authentication method suitable for high-capacity SIM card |
CN111552270A (en) * | 2020-04-29 | 2020-08-18 | 北京汽车股份有限公司 | Safety authentication and data transmission method and device for vehicle-mounted diagnosis |
CN112437087A (en) * | 2020-11-24 | 2021-03-02 | 重庆市山城燃气设备有限公司 | Encryption and decryption method and system for gas meter with safety chip and gas meter system |
CN114666074B (en) * | 2020-12-04 | 2024-04-09 | 中移物联网有限公司 | Product identification authentication method and device |
CN114666074A (en) * | 2020-12-04 | 2022-06-24 | 中移物联网有限公司 | Product identification authentication method and device |
CN112767667B (en) * | 2020-12-25 | 2022-04-19 | 深圳市燃气集团股份有限公司 | Safety module based on NB-IoT (NB-IoT), gas meter reading system and method |
CN112767667A (en) * | 2020-12-25 | 2021-05-07 | 深圳市燃气集团股份有限公司 | Safety module based on NB-IoT (NB-IoT), gas meter reading system and method |
CN115734211A (en) * | 2021-08-30 | 2023-03-03 | 中移物联网有限公司 | Identification analysis method and system, and storage medium |
CN114221759A (en) * | 2021-11-29 | 2022-03-22 | 成都卫士通信息产业股份有限公司 | Remote monitoring deployment method and device, electronic equipment and storage medium |
CN114221759B (en) * | 2021-11-29 | 2024-04-12 | 成都卫士通信息产业股份有限公司 | Remote monitoring deployment method and device, electronic equipment and storage medium |
CN114598464A (en) * | 2022-03-08 | 2022-06-07 | 潍柴动力股份有限公司 | Data updating method and controller |
CN114598464B (en) * | 2022-03-08 | 2024-04-16 | 潍柴动力股份有限公司 | Data updating method and controller |
CN115633338A (en) * | 2022-08-18 | 2023-01-20 | 芯电智联(北京)科技有限公司 | Data updating processing method of NFC label |
CN115098227A (en) * | 2022-08-24 | 2022-09-23 | 中诚华隆计算机技术有限公司 | Method and device for updating dynamic information of security equipment |
CN117118756A (en) * | 2023-10-23 | 2023-11-24 | 中关村芯海择优科技有限公司 | Data interaction method, device, computer equipment and computer readable storage medium |
CN117118756B (en) * | 2023-10-23 | 2024-01-16 | 中关村芯海择优科技有限公司 | Data interaction method, device, computer equipment and computer readable storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN109041052B (en) | 2021-03-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109041052A (en) | A kind of safety communicating method and system based on marking algorithm | |
CN107770182B (en) | Data storage method of home gateway and home gateway | |
CN105577364B (en) | A kind of encryption method, decryption method and relevant apparatus | |
CN109559122A (en) | Block chain data transmission method and block chain data transmission system | |
CN105430640B (en) | A kind of SMS encryption authentication method, terminal and system | |
CN106357396A (en) | Digital signature method, digital signature system and quantum key card | |
JP6417036B2 (en) | Entity authentication method and apparatus based on pre-shared key | |
US9264404B1 (en) | Encrypting data using time stamps | |
CN109309650B (en) | Data processing method, terminal equipment and network equipment | |
CN104579679B (en) | Wireless public network data forwarding method for agriculture distribution communication equipment | |
EP4258593A1 (en) | Ota update method and apparatus | |
CN105208551B (en) | Transmission, the method and device for obtaining bootstrap information | |
CN103430478A (en) | Method and apparatus for encrypting short data in wireless communication system | |
JP2020530726A (en) | NFC tag authentication to remote servers with applications that protect supply chain asset management | |
CN112311533B (en) | Terminal identity authentication method, system and storage medium | |
EP3128696B1 (en) | Entity authentication method and device | |
CN103209389A (en) | Method, system and cloud server for short message pushing | |
Urien | Introducing TLS/DTLS secure access modules for IoT frameworks: concepts and experiments | |
Li et al. | A formal security analysis of ZigBee (1.0 and 3.0) | |
CN114666040B (en) | Radio frequency identification authentication system and method based on quantum cryptography network | |
CN111818492B (en) | Bluetooth beacon, data transmission method thereof, and readable storage medium | |
CN109995519A (en) | A kind of quantum key traffic service method and system | |
CN113302961B (en) | Safety beacon | |
CN108307324A (en) | A kind of broadcast message safe transmission method and device | |
CN111310211A (en) | Method for encrypting database by using SM4 algorithm |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |