CN109041052A - A kind of safety communicating method and system based on marking algorithm - Google Patents

A kind of safety communicating method and system based on marking algorithm Download PDF

Info

Publication number
CN109041052A
CN109041052A CN201810708003.9A CN201810708003A CN109041052A CN 109041052 A CN109041052 A CN 109041052A CN 201810708003 A CN201810708003 A CN 201810708003A CN 109041052 A CN109041052 A CN 109041052A
Authority
CN
China
Prior art keywords
data
terminal
backstage
key
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810708003.9A
Other languages
Chinese (zh)
Other versions
CN109041052B (en
Inventor
高顺利
王嵩梅
黄冬虹
籍瑞春
张耀辉
柴家凤
王林
董新利
金沙
涂航
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Gas Group Co Ltd
Original Assignee
Beijing Gas Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Gas Group Co Ltd filed Critical Beijing Gas Group Co Ltd
Priority to CN201810708003.9A priority Critical patent/CN109041052B/en
Publication of CN109041052A publication Critical patent/CN109041052A/en
Application granted granted Critical
Publication of CN109041052B publication Critical patent/CN109041052B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Selective Calling Equipment (AREA)
  • Arrangements For Transmission Of Measured Signals (AREA)

Abstract

The present invention provides a kind of safety communicating method and system based on marking algorithm, wherein method includes: that safety chip and NB-IoT communications module are packaged into a safe mould group and are arranged in the terminal;When networking for the first time, request activation message is sent to backstage by terminal, and backstage receives request activation message, verifies the authenticity of identification signature data, if being verified, is generated according to combustion gas label and is updated distribution of information, and APDU instruction packet is sent to terminal;Terminal authentication update signed data authenticity decrypt secondary offering message ciphertext if being verified, obtain update distribution of information, and will for the first time distribution of information replace with update distribution of information save;Terminal is according to the grade of reported data, it is sent to backstage by the plaintext of general data and to the MAC value that general data is calculated, or the critical data ciphertext encrypted to the plaintext of critical data and the critical data signature signed to critical data ciphertext are sent to backstage.

Description

A kind of safety communicating method and system based on marking algorithm
Technical field
The present invention relates to the communications field more particularly to a kind of safety communicating methods and system based on marking algorithm.
Background technique
Narrowband Internet of Things (Narrow Band Internet of Things, NB-IoT) is implemented in cellular network, only needs The bandwidth for consuming about 180KHz, can be deployed directly into GSM network, UMTS network or LTE network, have become one of Internet of Things Important branch.NB-IoT network has the characteristics that big connection, low-power consumption, low cost, wide covering, meets the need of intelligent gas terminal It asks.The application of NB-IoT technology of Internet of things will promote " internet+" informatization of novel gas management, push combustion Gas Technical specifications, industrial scale make the industry mark post of wisdom combustion gas jointly.
NB-IoT mould group is the communication module based on NB-IoT baseband chip after encapsulation, meets the frequency in 3GPP standard Duan Yaoqiu.It has the characteristics that small in size, low in energy consumption, long transmission distance, strong antijamming capability.User need to only pass through the AT of standard Instruction, can operate NB-IoT mould group, realize the function of terminal management.
However existing NB-IoT mould group do not ensure that enough safety, there may be held as a hostage in use Risk leads to the loss of user so that there are security risks for intelligent gas terminal.
Summary of the invention
The present invention is intended to provide a kind of one kind for overcoming the above problem or at least being partially solved the above problem is based on mark The safety communicating method and system for knowing algorithm, can be realized the data security transmission of NB-IoT network end-to-end.
In order to achieve the above objectives, technical solution of the present invention is specifically achieved in that
One aspect of the present invention provides a kind of safety communicating method based on marking algorithm, comprising: by safety chip It is packaged into a safe mould group with NB-IoT communications module, and in the terminal by the setting of safe mould group;When networking for the first time, terminal will Request activation message is sent to backstage, wherein request activation message includes at least the issue terminal for the first time in distribution of information for the first time Identity and terminal using the private key for user of issue terminal for the first time in the distribution of information for the first time prestored in safety chip at least To the identification signature data that issue terminal identity for the first time is signed, issue terminal identity for the first time is at least wrapped It includes: safety chip mark, combustion gas table number, NB-SIM card IMSI in NB-SIM card international mobile equipment identity number and safe mould group in safe mould group Number;Backstage receives request activation message, the authenticity of identification signature data is verified, if being verified, according to combustion gas label It generates and updates distribution of information, wherein updating distribution of information includes: to update publishing system mark, update publishing system public key, update Terminal identity mark and update terminal user's private key;Backstage carries out update distribution of information and issue terminal identity for the first time Encryption obtains secondary offering message ciphertext, and is signed using distribution backstage signature private key for the first time to secondary offering message ciphertext It obtains updating signed data;Backstage is packaged secondary offering message ciphertext and update signed data, obtains APDU instruction packet, And APDU instruction packet is sent to terminal;Terminal receives APDU instruction packet, and verifying updates the authenticity of signed data, if verifying is logical It crosses, then decrypts secondary offering message ciphertext, obtain updating distribution of information, and distribution of information will replace with update distribution of information for the first time It is saved;Terminal by the plaintext of general data and is calculated general data according to the grade of reported data MAC value is sent to backstage, or by the critical data ciphertext encrypted to the plaintext of critical data and to crucial number The critical data signature signed according to ciphertext is sent to backstage;The grade for the reported data that backstage basis receives is right MAC value is verified, or is verified to critical data signature.
In addition, method further include: will treat issue data ciphertext to be issued that data are encrypted and right from the background The data signature to be issued that data to be issued are signed is sent to terminal;Terminal, which is treated, to be issued data ciphertext and is decrypted Data clear text to be issued is obtained, and is treated using data clear text to be issued and to be issued the authenticity of data signature and verified.
In addition, method further include: encrypted to obtain key ciphertext to be updated from the background to key to be updated, and to be updated Key ciphertext is signed to obtain key signature to be updated, and key ciphertext to be updated and key signature to be updated are sent to end End;Terminal is decrypted key ciphertext to be updated to obtain key to be updated, and verifies to key signature to be updated.
In addition, safety chip is signed using IBC algorithm.
In addition, method further include: terminal and backstage determine gas industry business datum, and establish gas industry business datum Data format.
Another aspect of the present invention provides a kind of safe communication system based on marking algorithm, comprising: terminal, wherein eventually Safe mould group is set in end, and safety chip and NB-IoT communications module are packaged by safe mould group;When networking for the first time, terminal, It is also used to that activation message will be requested to be sent to backstage, wherein request activation message includes at least in distribution of information for the first time for the first time Issue terminal identity and terminal utilize the issue terminal user for the first time in the distribution of information for the first time prestored in safety chip The identification signature data that private key at least signs to issue terminal identity for the first time, for the first time issue terminal identity It includes at least: safety chip mark, combustion gas table number, NB-SIM in NB-SIM card international mobile equipment identity number and safe mould group in safe mould group Card IMSI number;From the background, for receiving request activation message, the authenticity of identification signature data, if being verified, root are verified It is generated according to combustion gas label and updates distribution of information, wherein updating distribution of information includes: to update publishing system mark, more new issue system System public key updates terminal identity mark and updates terminal user's private key;From the background, it is also used to send out to update distribution of information and for the first time Row terminal identity mark is encrypted to obtain secondary offering message ciphertext, and using distribution backstage signature private key for the first time to secondary hair Row message ciphertext, which is signed to obtain, updates signed data;From the background, it is also used to secondary offering message ciphertext and updates number of signature According to being packaged, APDU instruction packet is obtained, and APDU instruction packet is sent to terminal;Terminal is also used to receive APDU instruction packet, The authenticity that verifying updates signed data decrypts secondary offering message ciphertext if being verified, and obtains updating distribution of information, And will for the first time distribution of information replace with update distribution of information save;Terminal is also used to the grade according to reported data, will be general The plaintext of logical data and the MAC value that general data is calculated are sent to backstage, or will be to the bright of critical data The critical data ciphertext and the critical data signature transmission signed to critical data ciphertext that text is encrypted To backstage;From the background, it is also used to verify MAC value, or according to the grade of the reported data received to critical data label Name is verified.
In addition, backstage, is also used to treat the data ciphertext to be issued and treat down for issuing that data are encrypted The data signature to be issued that hair data are signed is sent to terminal;Terminal is also used to treat issuing the progress of data ciphertext Decryption obtains data clear text to be issued, and is treated using data clear text to be issued and to issue the authenticity of data signature and verified.
In addition, backstage, is also used to encrypt key to be updated to obtain key ciphertext to be updated, and to key to be updated Ciphertext is signed to obtain key signature to be updated, and key ciphertext to be updated and key signature to be updated are sent to terminal;Eventually End, is also used to that key ciphertext to be updated is decrypted to obtain key to be updated, and verify key signature to be updated.
In addition, safety chip is signed using IBC algorithm.
In addition, terminal and backstage, are also used to determine gas industry business datum, and establish the number of gas industry business datum According to format.
It can be seen that a kind of safety communicating method and system based on marking algorithm provided through the invention, it can be achieved that End-by-end security transmission.Safe mould group stores separate type storage mode using safety chip storage and communications module, will be crucial Key information be stored in safety chip, can only by safety chip obtain use, outside not directly read, avoid key The risk of leakage.Symmetric encipherment algorithm built in safety chip (such as SM4 algorithm) and IBC algorithm (such as SM9 algorithm) function Energy.The data that safe mould group is sent are signed and (or) encrypted by safety chip to be transmitted again, and safe mould group is from rear The data that platform receives are decrypted by safety chip and (or) sign test carries out subsequent processing again later.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, required use in being described below to embodiment Attached drawing be briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for this For the those of ordinary skill in field, without creative efforts, it can also be obtained according to these attached drawings other Attached drawing.
Fig. 1 is the structural schematic diagram of the safe communication system provided in an embodiment of the present invention based on marking algorithm;
Fig. 2 is the terminal structure schematic diagram of the safe communication system provided in an embodiment of the present invention based on marking algorithm;
Fig. 3 is the terminal another kind structural representation of the safe communication system provided in an embodiment of the present invention based on marking algorithm Figure;
Fig. 4 is the knot of the safe mould group of terminal in the safe communication system provided in an embodiment of the present invention based on marking algorithm Structure schematic diagram;
Fig. 5 is the flow chart of the safety communicating method provided in an embodiment of the present invention based on marking algorithm;
Fig. 6 is gas meter terminal activation process in the safety communicating method provided in an embodiment of the present invention based on marking algorithm Figure;
It is that gas meter terminal commonly counts that Fig. 7, which is in the safety communicating method provided in an embodiment of the present invention based on marking algorithm, According to report flow;
Fig. 8 is gas meter terminal critical data in the safety communicating method provided in an embodiment of the present invention based on marking algorithm Report flow;
Fig. 9 is that Batch Processing instruction issues stream in the safety communicating method provided in an embodiment of the present invention based on marking algorithm Journey;
Figure 10 is terminal key more new technological process in the safety communicating method provided in an embodiment of the present invention based on marking algorithm.
Specific embodiment
Exemplary embodiments of the present disclosure are described in more detail below with reference to accompanying drawings.Although showing the disclosure in attached drawing Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure It is fully disclosed to those skilled in the art.
The technical problem to be solved in the present invention is that the characteristics of for Internet of Things gas industry, provide a kind of safe mould Group and corresponding secure communication protocols realize business datum encryption end to end and entity authentication.
Fig. 1 is the structural schematic diagram of the safe communication system provided in an embodiment of the present invention based on marking algorithm, referring to figure 1, the safe communication system provided in an embodiment of the present invention based on marking algorithm includes: terminal 1 and backstage 2.
Wherein: referring to fig. 2 to Fig. 4, terminal 1 includes safe mould group 10, gas meter terminal 20 and NB-SIM 30, safety Mould group includes safety chip 11 and NB-IoT communications module 12.
Use symmetry algorithm combination IBC algorithm between terminal 1 and backstage 2, realization to the encryption of different data stream type and Certification.Wherein, for different data stream type, encryption and certification include following one or a combination set of any: being based on symmetry algorithm MAC verification, the encryption and decryption based on symmetry algorithm, the encryption and decryption based on IBC algorithm and the signature authentication based on IBC algorithm etc..
The present invention realizes NB-IoT terminal device by integrating NB-IoT communications module 12 and safety chip 11 Safety data transmission provides safeguard for NB-IoT Network Communicate Security.Safety chip 11 has secure data store function, symmetrical Algorithm function, IBC algorithm function, all keys can only use inside safety chip 11, and all cipher key related informations can only be by Safety chip obtains, and NB-IoT communications module 12 can not obtain;NB-IoT communications module 12 has NB-IoT network communicating function. Safety chip 11 and NB- are controlled by MCU when NB-IoT communications module 12 is used in combination safe mould group 10 with safety chip 11 IoT communications module 12 is used cooperatively, safety chip 11 is combined to formation one with NB-IoT communications module 12 by packing forms Safe mould group 10, NB-IoT communications module 12 are interacted with safety chip 11, and NB-IoT communications module 12 is made to have safety chip 11 Function, become new safe mould group 10.
Specifically, Fig. 2 is a kind of implementation of safe mould group 10, wherein NB-IoT mould group 12 and 11 shape of safety chip It can separate in formula, be interacted respectively with NB-IoT mould group 12 and safety chip 11 by gas meter terminal MCU 20, be realized Data security transmission function.Or NB-IoT mould group 12 and safety chip 11 are in form a new safe mould group 10, logic It is upper to separate, it is interacted respectively with NB-IoT mould group 12 and safety chip 11 by gas meter terminal MCU 20, realizes data peace Full transfer function.
Fig. 3 is another implementation of safe mould group 10.NB-IoT mould group 12 and safety chip 11 are one in form New safe mould group 10 realizes interaction in logic between NB-IoT mould group 12 and safety chip 11, and uniformly by safe mould group 10 Data security transmission function is provided.
Based on the above-mentioned safe communication system based on marking algorithm, the present invention provides a kind of peaces based on marking algorithm Full communication method, referring to Fig. 5, the safety communicating method provided in an embodiment of the present invention based on marking algorithm, comprising:
Safety chip and NB-IoT communications module are packaged into a safe mould group, and the setting of safe mould group are existed by S501 In terminal;
S502, when networking for the first time, request activation message is sent to backstage by terminal, wherein request activation message at least wraps The identity of issue terminal for the first time and terminal included in distribution of information for the first time is believed using the distribution for the first time prestored in safety chip The identification signature number that the private key for user of issue terminal for the first time in breath at least signs to issue terminal identity for the first time According to issue terminal identity for the first time includes at least: safety chip mark, combustion gas table number, NB-SIM card IMEI in safe mould group NB-SIM card IMSI number in number and safe mould group;
Specifically, the safe mould group of the present invention towards gas industry, when networking for the first time, terminal need to be by following information It is sent to backstage: safety chip mark, table number, NB-SIM card international mobile equipment identity number in safe mould group, NB-SIM card in safe mould group IMSI number.Safe mould group of the invention has unique identification, this mark is combustion gas table number.In safe mould group of the invention Safety chip has unique identification.
S503, backstage receive request activation message, verify the authenticity of identification signature data, if being verified, basis Combustion gas label, which generates, updates distribution of information, wherein updating distribution of information includes: to update publishing system mark, update publishing system Public key updates terminal identity mark and updates terminal user's private key;
S504 is encrypted to obtain secondary offering message to update distribution of information and issue terminal identity for the first time from the background Ciphertext, and secondary offering message ciphertext is signed to obtain using distribution backstage signature private key for the first time and updates signed data;
S505 is from the background packaged secondary offering message ciphertext and update signed data, obtains APDU instruction packet, and will APDU instruction packet is sent to terminal;
Gas meter terminal described in the invention need to execute activation relevant operation when networking for the first time.The stream of activation operation Journey may is that terminal signs to self identification using IBC algorithm, and equipment of itself mark is reported to backstage with signature. Backstage first verifies that the authenticity of this signature, if being verified, issues a set of completely new key replacement original key of terminal And (or) mark.Data are issued by encapsulation, APDU instruction packet is formed and is directly handed down to safety chip.
Wherein, terminal activation be related to two associated safety chip APDU instruction can be with are as follows: first APDU instruction for Report terminal correlated identities information.
A kind of preferred APDU instruction format is as follows:
The new data packet that Article 2 APDU instruction is issued for parsing verifying backstage, if verifying and successfully resolved, make The original distribution key of safety chip is replaced with the new key parsed.
A kind of preferred APDU instruction format is as follows:
S506, terminal receive APDU instruction packet, and the authenticity that verifying updates signed data decrypts two if being verified Secondary distribution message ciphertext, obtain update distribution of information, and will for the first time distribution of information replace with update distribution of information save;
S507, terminal calculate by the plaintext of general data and to general data according to the grade of reported data To MAC value be sent to backstage, or by the critical data ciphertext encrypted to the plaintext of critical data and to pass The critical data signature that key data ciphertext is signed is sent to backstage;
S508 verifies MAC value, or from the background according to the grade of the reported data received to critical data label Name is verified.
The demand that daily meter reading is needed for gas industry, sums up a Terminal Type general data reporting functions out.Terminal is common The process that data report is: terminal carries out MAC calculating to data are uploaded using symmetry algorithm, and by data to be uploaded and MAC value It reports together.It is related to terminal time that MAC calculates used IV.
A kind of preferred safety chip terminal general data reports encapsulation APDU instruction format as follows:
Coding It is worth (Hex)
CLA 80
INS 4A
P1 00
P2 00
Lc The length of data field
DATA Data packet to be uploaded in plain text, is started with FA, FB ending
Le It is determined according to data field length
Response Data FA F558 20 | | table number | | B0 | | the length of ciphertext | | ciphertext | | C0 60 | | signature FB
It can be seen that the safe passing method based on marking algorithm provided through the embodiment of the present invention is, it can be achieved that end is arrived The safe transmission at end.Safe mould group stores separate type storage mode using safety chip storage and communications module, by the close of key Key information is stored in safety chip, can only be obtained and be used by safety chip, and outside is not directly read, and Key Exposure is avoided Risk.Symmetric encipherment algorithm built in safety chip (such as SM4 algorithm) and IBC algorithm (such as SM9 algorithm) function.Peace The data that full mould group is sent are signed and (or) encrypted by safety chip to be transmitted again, and safe mould group is received from backstage To data be decrypted by safety chip and (or) sign test after carry out subsequent processing again.
As an optional embodiment of the embodiment of the present invention, method further include: will treat issue data progress from the background It encrypts obtained data ciphertext to be issued and treats and issue the data signature to be issued that data are signed and be sent to end End;Terminal, which is treated, to be issued data ciphertext and is decrypted to obtain data clear text to be issued, and is treated down using data clear text to be issued The authenticity of hair data signature is verified.Thereby guarantee that backstage issues the safety of data.
Backstage instruction issues function, i.e., backstage sends instructions under signs, and instruction and signature are issued together.Signature Used algorithm is IBC algorithm.
Safety chip indicates whether sign test passes through by returning to different return codes.
As an optional embodiment of the embodiment of the present invention, method further include: add from the background to key to be updated It is close to obtain key ciphertext to be updated, and key ciphertext to be updated is signed to obtain key signature to be updated, it will be to be updated close Key ciphertext and key signature to be updated are sent to terminal;Terminal is decrypted to obtain key to be updated to key ciphertext to be updated, And key signature to be updated is verified.Thereby guarantee that the safety of terminal more new key.
Key to be updated is encrypted and is signed jointly by key updating function, i.e. backstage.And by encrypted result and label Name is encapsulated into the executable APDU instruction of safety chip.Safe mould group receive this instruction packet after directly transfer to safety chip into Row processing.Backstage encrypts association key using based on IBC Encryption Algorithm.Backstage is using IBC signature algorithm to association key or phase The ciphertext for closing key is signed.
As first optional embodiment of the embodiment of the present invention, safety chip is signed using IBC algorithm.Thus it protects Demonstrate,prove the authenticity and safety of safe mould group data transmission.
As an optional embodiment of the embodiment of the present invention, method further include: terminal and backstage determine gas industry Business datum, and establish the data format of gas industry business datum.Specifically, it by gas industry business datum, is configured to The data format of complete set, comprising: gas meter terminal status data, business datum, control instruction and response.And by combustion gas row Industry NB-IoT network function is divided into five classes, formulates different secure transfer protocols for these five types of different functions, specifically may be used To realize five kinds of different security protocols automatically by safe mould group.
Specifically, it is involved in the present invention to NB-IoT network data flow in all data type can for 16 into System.The length mark involved in the present invention arrived is byte length.
Data flow in gas industry NB-IoT network uses TLV data format, and detailed data format is as follows:
Following data need to be included between ' FA ' and ' FB '
The present invention is to parse data structure by the TAG in data flow.
FA-FE is general identifications, the beginning of FA identification data packet, FB mark data inclusion tail.General identifications must be in plain text Form occurs, and FC, FD, FE can not be included between FA and FB.
Other identifier in addition to general identifications may include between FA and FB.
The data of A0 mark thereafter are an APDU instruction, need to directly pass through safety chip.The mark must be in plain text Form occurs.
The data of B0 mark thereafter are ciphertext.The mark must occur with plaintext version.
C0 identifies the digital signature to ciphertext.The mark must occur with plaintext version.
First byte is the mark of F5, is gas meter terminal uplink state/identity information mark.Such mark must be in plain text Form occurs.
First byte is the mark of F6, is backstage downstream state/identity information mark.Such mark must be gone out with plaintext version It is existing.
First byte is the mark of F0, is Background control command identification.Such mark can occur with plaintext version, or with close Literary form is included in ciphertext.The hit of this hair is not related to including the situation in ciphertext with ciphertext form.
First byte is the mark of F2, is returned data/status indicator that gas meter terminal instructs Background control.The category Knowledge can occur with plaintext version, or be included in ciphertext with ciphertext form.
First byte is the mark of FA, is Batch Processing command identification.Such mark can occur with plaintext version, or with close Literary form is included in ciphertext.The hit of this hair is not related to including the situation in ciphertext with ciphertext form.
First byte is the mark of F8, is returned data/status indicator that gas meter terminal instructs Batch Processing.The category Knowledge can occur with plaintext version, or be included in ciphertext with ciphertext form.
First byte is the mark of F9, is gas meter terminal active reporting business datum mark.Such mark can plaintext shape Formula occurs, or is included in ciphertext with ciphertext form.
For the business characteristic of gas industry, business function involved by gas industry is divided into five classes by the present invention, Such as: terminal activation, backstage instruction issues, terminal general data reports, terminal key data report, key updating.And it can be with Five kinds of different secure transfer protocols are provided, the functions such as intelligent metering, long-range monitoring, aerial Stored Value are able to achieve.Hereinafter, passing through figure 6 to Figure 10 are respectively briefly described each business function:
It is the activation process figure of NB-IoT combustion gas terminal referring to Fig. 6.NB-IoT combustion gas terminal includes safe mould group 10, Before NB-IoT combustion gas terminal networks for the first time, connection, safe mould group 10 are established between safe mould group 10 and backstage by other means In include following release data for the first time and key: IBC algorithmic system encrypted public key, IBC algorithmic system verification public key, rear logo Knowledge, terminal iidentification, table number, IMSI number, IBC algorithm terminal signature private key, IBC algorithm terminal deciphering private key.In addition to this, eventually The international mobile equipment identity number at end can sets itself before terminal networking.
When combustion gas terminal networks for the first time, NB-SIM 30IMSI number and NB-SIM 30IMEI number are sent to safe mould Group 10, safe mould group 10 can organize associated terminal to identify, and complete to sign by safety chip 11, and will by NB-IoT communications module 12 Data are uploaded to backstage automatically.In the process, Digital Signature Algorithm used by safety chip 11 is IBC signature algorithm, safety Key used in chip 11 is the IBC signature private key of issue terminal for the first time of 11 storages in safety chip.
After backstage receives terminal iidentification and signature, the signature is first verified that.Parameter used in verification process is for the first time Issue the mark of IBC system public key and corresponding user.
If being verified, from the background according to terminal iidentification prepare corresponding secret key, including new IBC algorithmic system encrypted public key, New IBC algorithmic system verification public key, new rear station identification (optional), new terminal iidentification, new table number, new IBC algorithm Terminal signature private key, new IBC algorithm terminal deciphering private key.The above key is arranged as burst of data, carry out encryption and will plus Result after close carries out signature and obtains a string of new data.Algorithm used in encrypting is IBC Encryption Algorithm, and cryptographic calculation is made Parameter is the table number of distribution for the first time of counterpart terminal, issues IBC algorithm public key for the first time.Algorithm used in signing is IBC label Name algorithm, parameter used in signature algorithm are to issue backstage IBC signature private key for the first time.
New serial data need to be split and be encapsulated by backstage, and each data packet after being passed through encapsulation is no more than NB-IoT net Network allows the maximum data frame length transmitted.
After terminal receives all data packets, all instruction packets for passing through safety chip 11 are pieced together, according to It is secondary to be sent to safety chip 11.Safety chip 11 first verifies that signature after having received all instructions, if being verified, Ciphertext data obtains new key, and issues key for the first time using original in new key replacement safety chip.In the process Used verification algorithm is IBC verification algorithm, verifies parameter used in operation and is the rear station identification issued for the first time, sends out for the first time Capable IBC proof of algorithm public key.Decipherment algorithm used in the process is IBC decipherment algorithm.
It is the flow chart that NB-IoT combustion gas terminal general data reports with reference to Fig. 7.Gas meter terminal need to upload the category information When, clear data to be uploaded is sent to safe mould group 10 by gas meter terminal MCU 20, and safety chip 11 calculates corresponding MAC Check value, and after encapsulating and returning to gas meter terminal MCU 20 or be transmitted directly to by NB-IoT communications module 12 after the data packet Platform.MAC calculation method used in the process is symmetry algorithm, and used parameter includes that terminal counter or timestamp are made For initial vector, used key is terminal symmetric key.After backstage receives data packet, parsed in the data packet first Then whether correct contained timestamp verifies the MAC value.
It is the flow chart that NB-IoT combustion gas terminal key data report with reference to Fig. 8.It is NB-IoT combustion gas terminal with reference to Fig. 5 The flow chart that general data reports.When gas meter terminal need to upload the category information, gas meter terminal MCU 20 will be to be uploaded bright Literary data are sent to safe mould group 10, and safety chip 11 is encrypted first, then sign to encrypted ciphertext.Later Above-mentioned ciphertext and signature are packaged, and returns to gas meter terminal MCU 20 after encapsulating the data packet or is communicated by NB-IoT Mould group 12 is transmitted directly to backstage.Encryption Algorithm used in the process is symmetric encipherment algorithm, used in Encryption Algorithm Key is the symmetric key of terminal.Signature algorithm used in the process is IBC signature algorithm, close used in signature algorithm Key is the IBC algorithm signature private key of terminal.After backstage receives this data packet, first verifies that signature, then decrypt.
It is the flow chart of backstage issuing service instruction with reference to Fig. 9.The instruction that terminal issues band is signed, and will be referred to It enables in plain text and is issued after signature encapsulation, signature algorithm used in the process is IBC signature algorithm, used in signature algorithm Key is the IBC algorithm signature private key on backstage.After terminal receives data packet, signature need to be first verified that, if verifying is correct, terminal The response instruction issued under after execution.Parameter used in verifying is system banner and system verification public key.
It is the data flow that backstage issues the instruction of NB-IoT combustion gas terminal more new key with reference to Figure 10.After terminal networks, on need Self identification information is reported, corresponding terminal symmetry algorithm key is prepared according to terminal iidentification from the background.The symmetric key is encrypted And encrypted result is subjected to signature and obtains a string of new data.Algorithm used in encrypting is IBC Encryption Algorithm, encryption fortune Parameter used in calculating is counterpart terminal table number, IBC algorithm public key.Algorithm used in signing is IBC signature algorithm, and signature is calculated Parameter backstage IBC signature private key used in method.
After terminal receives all data packets, parses APDU and instruct and give safety chip 11.Safety chip 11 exists After receiving instruction, signature is first verified that, if being verified, ciphertext data obtains new key, and replaces using new key Original symmetry algorithm key in safety chip 11.Verification algorithm used in the process is IBC verification algorithm, verifies operation Used parameter is rear station identification, IBC proof of algorithm public key.Decipherment algorithm used in the process is IBC decipherment algorithm.
For the above-mentioned five classes major function for realizing gas industry, the present invention provides a kind of by NB-IoT mould group and safety chip In conjunction with safe mould group.Preferably, built-in safe mould group in gas meter terminal, platform issues one kind upon receipt Data packet after, parse the mark of sender first and judge whether comprising the instruction packet of safety chip need to be transferred directly to, If comprising packet will be instructed to split and be sent to safety chip according to safety chip communication specification and handled;Next judgement Whether contain ciphertext or signature in data packet, if to be resolved containing ciphertext in data packet, terminal needs to refer to according to safety chip It enables specification that ciphertext is sent to safety chip to parse.If to be verified containing signing in data packet, terminal is needed according to safety Data and signature to be verified are sent to safety chip and verified by chip instruction specification.Label are being decrypted or verified to safety chip Name after, no matter success or not, will all return to implementing result.Gas meter terminal continues to execute phase further according to decryption or verification result Close process.
If gas meter terminal needs active reporting data or passive returned data, data to be reported need to be only sent to by terminal Safe mould group.Safe mould group is first depending on the configuration in safety chip to be uploaded after receiving data to be sent Data carry out MAC calculating or ciphering signature.And actively by safety chip treated result data is reported to backstage.
The following provide the brief descriptions of the safe communication system based on marking algorithm, should be led to based on the safety of marking algorithm Letter system is applied to the above method, other unaccomplished matters please refer to the phase in the above-mentioned safety communicating method based on marking algorithm Close description, safe communication system of the embodiment of the present invention based on marking algorithm, comprising:
Terminal 1, wherein safe mould group is set in terminal 1, and safe mould group carries out safety chip and NB-IoT communications module Encapsulation;
When networking for the first time, terminal 1 is also used to that activation message will be requested to be sent to backstage 2, wherein request activation message is extremely Few includes 1 identity of issue terminal for the first time in distribution of information for the first time and terminal 1 using prestoring for the first time in safety chip The mark that 1 private key for user of issue terminal for the first time in distribution of information at least signs to 1 identity of issue terminal for the first time Know signed data, 1 identity of issue terminal for the first time includes at least: safety chip mark, combustion gas table number, NB- in safe mould group NB-SIM card IMSI number in SIM card international mobile equipment identity number and safe mould group;
From the background 2, for receiving request activation message, verify the authenticity of identification signature data, if being verified, basis Combustion gas label, which generates, updates distribution of information, wherein updating distribution of information includes: to update publishing system mark, update publishing system Public key, more 1 identity of new terminal and more 1 private key for user of new terminal;
From the background 2, it is also used to updating distribution of information and 1 identity of issue terminal for the first time is encrypted to obtain secondary offering Message ciphertext, and secondary offering message ciphertext is signed to obtain using distribution 2 signature private key of backstage for the first time and updates number of signature According to;
From the background 2, it is also used to secondary offering message ciphertext and updates signed data and be packaged, obtain APDU instruction packet, And APDU instruction packet is sent to terminal 1;
Terminal 1, is also used to receive APDU instruction packet, and the authenticity that verifying updates signed data is decrypted if being verified Secondary offering message ciphertext, obtain update distribution of information, and will for the first time distribution of information replace with update distribution of information save;
Terminal 1 is also used to the grade according to reported data, calculates the plaintext of general data and to general data Obtained MAC value is sent to backstage 2, or by the critical data ciphertext encrypted to the plaintext of critical data and right The critical data signature that critical data ciphertext is signed is sent to backstage 2;
From the background 2, it is also used to verify MAC value, or according to the grade of the reported data received to critical data Signature is verified.
It can be seen that the safe passing system based on marking algorithm provided through the embodiment of the present invention is, it can be achieved that end is arrived The safe transmission at end.Safe mould group stores separate type storage mode using safety chip storage and communications module, by the close of key Key information is stored in safety chip, can only be obtained and be used by safety chip, and outside is not directly read, and Key Exposure is avoided Risk.Symmetric encipherment algorithm built in safety chip (such as SM4 algorithm) and IBC algorithm (such as SM9 algorithm) function.Peace The data that full mould group is sent are signed and (or) encrypted by safety chip to be transmitted again, and safe mould group is received from backstage To data be decrypted by safety chip and (or) sign test after carry out subsequent processing again.
As an optional embodiment of the embodiment of the present invention, backstage 2 is also used to treat issuing data and encrypt It obtained data ciphertext to be issued and treats and issues the data signature to be issued that data are signed and be sent to terminal 1; Terminal 1 is also used to treat issuing data ciphertext and be decrypted to obtain data clear text to be issued, and utilizes data clear text pair to be issued The authenticity of data signature to be issued is verified.Thereby guarantee that backstage issues the safety of data.
As an optional embodiment of the embodiment of the present invention, backstage 2 is also used to encrypt to key to be updated It is signed to obtain key signature to be updated to key ciphertext to be updated, and to key ciphertext to be updated, key to be updated is close Key signature literary and to be updated is sent to terminal 1;Terminal 1 is also used to be decrypted to obtain to key ciphertext to be updated to be updated Key, and key signature to be updated is verified.Thereby guarantee that the safety of terminal more new key.
As an optional embodiment of the embodiment of the present invention, safety chip is signed using IBC algorithm.Thus it protects Demonstrate,prove the authenticity and safety of safe mould group data transmission.
As an optional embodiment of the embodiment of the present invention, terminal 1 and backstage 2 are also used to determine gas industry industry Business data, and establish the data format of gas industry business datum.
It should be understood by those skilled in the art that, embodiments herein can provide as method, system or computer program Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the application Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the application, which can be used in one or more, The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces The form of product.
The application is referring to method, the process of equipment (system) and computer program product according to the embodiment of the present application Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates, Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one The step of function of being specified in a box or multiple boxes.
In a typical configuration, calculating equipment includes one or more processors (CPU), input/output interface, net Network interface and memory.
Memory may include the non-volatile memory in computer-readable medium, random access memory (RAM) and/ Or the forms such as Nonvolatile memory, such as read-only memory (ROM) or flash memory (flash RAM).Memory is computer-readable Jie The example of matter.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data. The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM), Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devices Or any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculates Machine readable medium does not include temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
The above is only embodiments herein, are not intended to limit this application.To those skilled in the art, Various changes and changes are possible in this application.It is all within the spirit and principles of the present application made by any modification, equivalent replacement, Improve etc., it should be included within the scope of the claims of this application.

Claims (10)

1. a kind of safety communicating method based on marking algorithm characterized by comprising
Safety chip and NB-IoT communications module are packaged into a safe mould group, and the safe mould group is arranged in terminal In;
When networking for the first time, request activation message is sent to backstage by the terminal, wherein the request activation message includes at least The identity of issue terminal for the first time in distribution of information for the first time and the terminal in the safety chip using prestoring for the first time What the private key for user of issue terminal for the first time in distribution of information at least signed to the identity of issue terminal for the first time Identification signature data, the identity of issue terminal for the first time include at least: safety chip mark, combustion gas table number, safe mould group NB-SIM card IMSI number in middle NB-SIM card international mobile equipment identity number and safe mould group;
The backstage receives the request and activates message, verifies the authenticity of the identification signature data, if being verified, root It is generated according to the combustion gas label and updates distribution of information, wherein the update distribution of information includes: to update publishing system to identify, more New issue system public key updates terminal identity mark and updates terminal user's private key;
The backstage is encrypted to obtain secondary offering to the update distribution of information and the identity of issue terminal for the first time Message ciphertext, and the secondary offering message ciphertext is signed using distribution backstage signature private key for the first time to obtain update signature Data;
The backstage is packaged the secondary offering message ciphertext and the update signed data, obtains APDU instruction packet, And APDU instruction packet is sent to the terminal;
The terminal receives the APDU instruction packet, verifies the authenticity for updating signed data and decrypts if being verified The secondary offering message ciphertext obtains the update distribution of information, and the distribution of information for the first time is replaced with the update Distribution of information is saved;
The terminal is calculated according to the grade of reported data by the plaintext of general data and to the general data MAC value be sent to the backstage, or by the critical data ciphertext encrypted to the plaintext of critical data and right The critical data signature that the critical data ciphertext is signed is sent to the backstage;
MAC value is verified according to the grade of the reported data received in the backstage, or signs to the critical data It is verified.
2. the method according to claim 1, wherein further include:
The backstage will treat issue data ciphertext to be issued that data are encrypted and to the data to be issued into The data signature to be issued that row signature obtains is sent to the terminal;
The terminal is decrypted the data ciphertext to be issued to obtain the data clear text to be issued, and using described under Hair data clear text verifies the authenticity of the data signature to be issued.
3. the method according to claim 1, wherein further include:
The backstage encrypts key to be updated to obtain key ciphertext to be updated, and carries out to the key ciphertext to be updated Signature obtains key signature to be updated, and the key ciphertext to be updated and the key signature to be updated are sent to the end End;
The terminal is decrypted the key ciphertext to be updated to obtain the key to be updated, and to the key to be updated Signature is verified.
4. the method according to claim 1, wherein the safety chip is signed using IBC algorithm.
5. the method according to claim 1, wherein further include:
The terminal and the backstage determine gas industry business datum, and establish the data lattice of the gas industry business datum Formula.
6. a kind of safe communication system based on marking algorithm characterized by comprising
Terminal, wherein safe mould group is set in the terminal, the safe mould group by safety chip and NB-IoT communications module into Row encapsulation;
When networking for the first time, the terminal is also used to that activation message will be requested to be sent to backstage, wherein the request activates message Including at least in distribution of information for the first time the identity of issue terminal for the first time and the terminal using pre- in the safety chip The private key for user of issue terminal for the first time in the distribution of information for the first time deposited at least signs the identity of issue terminal for the first time The obtained identification signature data of name, the identity of issue terminal for the first time include at least: safety chip mark, combustion gas table number, NB-SIM card IMSI number in NB-SIM card international mobile equipment identity number and safe mould group in safe mould group;
The authenticity of the identification signature data is verified, if verifying is logical for receiving the request activation message in the backstage It crosses, is then generated according to the combustion gas label and update distribution of information, wherein the update distribution of information includes: update publishing system Mark updates publishing system public key, updates terminal identity mark and updates terminal user's private key;
The backstage is also used to be encrypted to obtain two to the update distribution of information and the identity of issue terminal for the first time Secondary distribution message ciphertext, and the secondary offering message ciphertext is signed to obtain more using distribution backstage signature private key for the first time New signed data;
The backstage is also used to be packaged the secondary offering message ciphertext and the update signed data, obtains APDU Instruction packet, and APDU instruction packet is sent to the terminal;
The terminal is also used to receive the APDU instruction packet, verifies the authenticity for updating signed data, if verifying is logical It crosses, then decrypts the secondary offering message ciphertext, obtain the update distribution of information, and the distribution of information for the first time is replaced with The update distribution of information is saved;
The terminal is also used to the grade according to reported data, carries out by the plaintext of general data and to the general data The MAC value being calculated is sent to the backstage, or the critical data encrypted to the plaintext of critical data is close Text and the critical data signature signed to the critical data ciphertext are sent to the backstage;
The backstage is also used to verify MAC value, or according to the grade of the reported data received to the key Data signature is verified.
7. system according to claim 6, which is characterized in that
The backstage is also used to treat issuing data ciphertext to be issued that data are encrypted and to described wait issue The data signature to be issued that data are signed is sent to the terminal;
The terminal is also used to that the data ciphertext to be issued is decrypted to obtain the data clear text to be issued, and utilizes The data clear text to be issued verifies the authenticity of the data signature to be issued.
8. system according to claim 6, which is characterized in that
The backstage is also used to be encrypted to obtain key ciphertext to be updated to key to be updated, and to the key to be updated Ciphertext is signed to obtain key signature to be updated, and the key ciphertext to be updated and the key signature to be updated are sent to The terminal;
The terminal, is also used to that the key ciphertext to be updated is decrypted to obtain the key to be updated, and to it is described to Key signature is updated to be verified.
9. system according to claim 6, which is characterized in that the safety chip is signed using IBC algorithm.
10. system according to claim 6, which is characterized in that
The terminal and the backstage are also used to determine gas industry business datum, and establish the gas industry business datum Data format.
CN201810708003.9A 2018-07-02 2018-07-02 Safe communication method and system based on identification algorithm Active CN109041052B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810708003.9A CN109041052B (en) 2018-07-02 2018-07-02 Safe communication method and system based on identification algorithm

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810708003.9A CN109041052B (en) 2018-07-02 2018-07-02 Safe communication method and system based on identification algorithm

Publications (2)

Publication Number Publication Date
CN109041052A true CN109041052A (en) 2018-12-18
CN109041052B CN109041052B (en) 2021-03-30

Family

ID=65522169

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810708003.9A Active CN109041052B (en) 2018-07-02 2018-07-02 Safe communication method and system based on identification algorithm

Country Status (1)

Country Link
CN (1) CN109041052B (en)

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109982288A (en) * 2019-04-10 2019-07-05 宁夏隆基宁光仪表股份有限公司 It is a kind of that algorithm is reported based on avoiding the peak hour for NB-IoT Internet of Things gas meter, flow meter
CN110213764A (en) * 2019-06-12 2019-09-06 深圳奥联信息安全技术有限公司 The wireless security means of communication and device
CN110401530A (en) * 2019-07-25 2019-11-01 金卡智能集团股份有限公司 A kind of safety communicating method of gas meter, flow meter, system, equipment and storage medium
CN110632875A (en) * 2019-09-24 2019-12-31 武汉亚为电子科技有限公司 Equipment health monitoring method and device based on AIoT intelligent Internet of things
CN110650016A (en) * 2019-09-02 2020-01-03 南京南瑞继保电气有限公司 Method for realizing network data security of AC/DC control protection system
CN110650477A (en) * 2019-08-19 2020-01-03 中移(杭州)信息技术有限公司 Interaction method, platform, server and storage medium of NB-IOT (NB-IOT) equipment
CN111552270A (en) * 2020-04-29 2020-08-18 北京汽车股份有限公司 Safety authentication and data transmission method and device for vehicle-mounted diagnosis
CN112437087A (en) * 2020-11-24 2021-03-02 重庆市山城燃气设备有限公司 Encryption and decryption method and system for gas meter with safety chip and gas meter system
CN112767667A (en) * 2020-12-25 2021-05-07 深圳市燃气集团股份有限公司 Safety module based on NB-IoT (NB-IoT), gas meter reading system and method
CN112866989A (en) * 2019-11-28 2021-05-28 北京亚华意诺斯新能源科技有限公司 Communication equipment based on narrowband thing networking
CN113099448A (en) * 2019-12-20 2021-07-09 北京紫光青藤微系统有限公司 Terminal identity authentication method suitable for high-capacity SIM card
CN114221759A (en) * 2021-11-29 2022-03-22 成都卫士通信息产业股份有限公司 Remote monitoring deployment method and device, electronic equipment and storage medium
CN114598464A (en) * 2022-03-08 2022-06-07 潍柴动力股份有限公司 Data updating method and controller
CN114666074A (en) * 2020-12-04 2022-06-24 中移物联网有限公司 Product identification authentication method and device
CN115098227A (en) * 2022-08-24 2022-09-23 中诚华隆计算机技术有限公司 Method and device for updating dynamic information of security equipment
CN115633338A (en) * 2022-08-18 2023-01-20 芯电智联(北京)科技有限公司 Data updating processing method of NFC label
CN115734211A (en) * 2021-08-30 2023-03-03 中移物联网有限公司 Identification analysis method and system, and storage medium
CN117118756A (en) * 2023-10-23 2023-11-24 中关村芯海择优科技有限公司 Data interaction method, device, computer equipment and computer readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020198748A1 (en) * 2001-05-25 2002-12-26 Eden Thomas M. System and method for implementing an employee-rights-sensitive drug free workplace policy
CN101369360A (en) * 2008-09-27 2009-02-18 北京双得利科工贸有限责任公司 Machine-card separation method for digital measuring apparatus and its card sending system
CN103106744A (en) * 2013-01-31 2013-05-15 成都秦川科技发展有限公司 Internet of things intelligent gas meter embedded with information security management module
CN104393993A (en) * 2014-10-24 2015-03-04 国家电网公司 A security chip for electricity selling terminal and the realizing method
CN106656999A (en) * 2016-11-10 2017-05-10 济南浪潮高新科技投资发展有限公司 Secure transmission authentication method and device of IoT (Internet of Things) terminal equipment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020198748A1 (en) * 2001-05-25 2002-12-26 Eden Thomas M. System and method for implementing an employee-rights-sensitive drug free workplace policy
CN101369360A (en) * 2008-09-27 2009-02-18 北京双得利科工贸有限责任公司 Machine-card separation method for digital measuring apparatus and its card sending system
CN103106744A (en) * 2013-01-31 2013-05-15 成都秦川科技发展有限公司 Internet of things intelligent gas meter embedded with information security management module
CN104393993A (en) * 2014-10-24 2015-03-04 国家电网公司 A security chip for electricity selling terminal and the realizing method
CN106656999A (en) * 2016-11-10 2017-05-10 济南浪潮高新科技投资发展有限公司 Secure transmission authentication method and device of IoT (Internet of Things) terminal equipment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
支晓晔 等: "城市智能燃气网技术构架探讨", 《城市燃气》 *
杨忠义 等: "基于NB-IoT技术的燃气非居民用计量收费系统", 《煤气与热力》 *

Cited By (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109982288A (en) * 2019-04-10 2019-07-05 宁夏隆基宁光仪表股份有限公司 It is a kind of that algorithm is reported based on avoiding the peak hour for NB-IoT Internet of Things gas meter, flow meter
CN110213764A (en) * 2019-06-12 2019-09-06 深圳奥联信息安全技术有限公司 The wireless security means of communication and device
CN110401530A (en) * 2019-07-25 2019-11-01 金卡智能集团股份有限公司 A kind of safety communicating method of gas meter, flow meter, system, equipment and storage medium
CN110650477B (en) * 2019-08-19 2023-07-11 中移(杭州)信息技术有限公司 Interaction method, platform, server and storage medium of NB-IOT equipment
CN110650477A (en) * 2019-08-19 2020-01-03 中移(杭州)信息技术有限公司 Interaction method, platform, server and storage medium of NB-IOT (NB-IOT) equipment
CN110650016A (en) * 2019-09-02 2020-01-03 南京南瑞继保电气有限公司 Method for realizing network data security of AC/DC control protection system
CN110650016B (en) * 2019-09-02 2022-09-23 南京南瑞继保电气有限公司 Method for realizing network data security of AC/DC control protection system
CN110632875A (en) * 2019-09-24 2019-12-31 武汉亚为电子科技有限公司 Equipment health monitoring method and device based on AIoT intelligent Internet of things
CN112866989A (en) * 2019-11-28 2021-05-28 北京亚华意诺斯新能源科技有限公司 Communication equipment based on narrowband thing networking
CN113099448B (en) * 2019-12-20 2022-07-19 紫光同芯微电子有限公司 Terminal identity authentication method suitable for high-capacity SIM card
CN113099448A (en) * 2019-12-20 2021-07-09 北京紫光青藤微系统有限公司 Terminal identity authentication method suitable for high-capacity SIM card
CN111552270A (en) * 2020-04-29 2020-08-18 北京汽车股份有限公司 Safety authentication and data transmission method and device for vehicle-mounted diagnosis
CN112437087A (en) * 2020-11-24 2021-03-02 重庆市山城燃气设备有限公司 Encryption and decryption method and system for gas meter with safety chip and gas meter system
CN114666074B (en) * 2020-12-04 2024-04-09 中移物联网有限公司 Product identification authentication method and device
CN114666074A (en) * 2020-12-04 2022-06-24 中移物联网有限公司 Product identification authentication method and device
CN112767667B (en) * 2020-12-25 2022-04-19 深圳市燃气集团股份有限公司 Safety module based on NB-IoT (NB-IoT), gas meter reading system and method
CN112767667A (en) * 2020-12-25 2021-05-07 深圳市燃气集团股份有限公司 Safety module based on NB-IoT (NB-IoT), gas meter reading system and method
CN115734211A (en) * 2021-08-30 2023-03-03 中移物联网有限公司 Identification analysis method and system, and storage medium
CN114221759A (en) * 2021-11-29 2022-03-22 成都卫士通信息产业股份有限公司 Remote monitoring deployment method and device, electronic equipment and storage medium
CN114221759B (en) * 2021-11-29 2024-04-12 成都卫士通信息产业股份有限公司 Remote monitoring deployment method and device, electronic equipment and storage medium
CN114598464A (en) * 2022-03-08 2022-06-07 潍柴动力股份有限公司 Data updating method and controller
CN114598464B (en) * 2022-03-08 2024-04-16 潍柴动力股份有限公司 Data updating method and controller
CN115633338A (en) * 2022-08-18 2023-01-20 芯电智联(北京)科技有限公司 Data updating processing method of NFC label
CN115098227A (en) * 2022-08-24 2022-09-23 中诚华隆计算机技术有限公司 Method and device for updating dynamic information of security equipment
CN117118756A (en) * 2023-10-23 2023-11-24 中关村芯海择优科技有限公司 Data interaction method, device, computer equipment and computer readable storage medium
CN117118756B (en) * 2023-10-23 2024-01-16 中关村芯海择优科技有限公司 Data interaction method, device, computer equipment and computer readable storage medium

Also Published As

Publication number Publication date
CN109041052B (en) 2021-03-30

Similar Documents

Publication Publication Date Title
CN109041052A (en) A kind of safety communicating method and system based on marking algorithm
CN107770182B (en) Data storage method of home gateway and home gateway
CN105577364B (en) A kind of encryption method, decryption method and relevant apparatus
CN109559122A (en) Block chain data transmission method and block chain data transmission system
CN105430640B (en) A kind of SMS encryption authentication method, terminal and system
CN106357396A (en) Digital signature method, digital signature system and quantum key card
JP6417036B2 (en) Entity authentication method and apparatus based on pre-shared key
US9264404B1 (en) Encrypting data using time stamps
CN109309650B (en) Data processing method, terminal equipment and network equipment
CN104579679B (en) Wireless public network data forwarding method for agriculture distribution communication equipment
EP4258593A1 (en) Ota update method and apparatus
CN105208551B (en) Transmission, the method and device for obtaining bootstrap information
CN103430478A (en) Method and apparatus for encrypting short data in wireless communication system
JP2020530726A (en) NFC tag authentication to remote servers with applications that protect supply chain asset management
CN112311533B (en) Terminal identity authentication method, system and storage medium
EP3128696B1 (en) Entity authentication method and device
CN103209389A (en) Method, system and cloud server for short message pushing
Urien Introducing TLS/DTLS secure access modules for IoT frameworks: concepts and experiments
Li et al. A formal security analysis of ZigBee (1.0 and 3.0)
CN114666040B (en) Radio frequency identification authentication system and method based on quantum cryptography network
CN111818492B (en) Bluetooth beacon, data transmission method thereof, and readable storage medium
CN109995519A (en) A kind of quantum key traffic service method and system
CN113302961B (en) Safety beacon
CN108307324A (en) A kind of broadcast message safe transmission method and device
CN111310211A (en) Method for encrypting database by using SM4 algorithm

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant