CN109087412A - The connection method of door lock terminal and gateway in a kind of Wireless Networking door-locking system - Google Patents

The connection method of door lock terminal and gateway in a kind of Wireless Networking door-locking system Download PDF

Info

Publication number
CN109087412A
CN109087412A CN201810573991.0A CN201810573991A CN109087412A CN 109087412 A CN109087412 A CN 109087412A CN 201810573991 A CN201810573991 A CN 201810573991A CN 109087412 A CN109087412 A CN 109087412A
Authority
CN
China
Prior art keywords
gateway
data
server
verification information
validation value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810573991.0A
Other languages
Chinese (zh)
Inventor
严辉
杨根
李冠鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Plump Network (beijing) Co Ltd Hunan Branch
Plump Network (beijing) Co Ltd
Original Assignee
Plump Network (beijing) Co Ltd Hunan Branch
Plump Network (beijing) Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Plump Network (beijing) Co Ltd Hunan Branch, Plump Network (beijing) Co Ltd filed Critical Plump Network (beijing) Co Ltd Hunan Branch
Priority to CN201810573991.0A priority Critical patent/CN109087412A/en
Publication of CN109087412A publication Critical patent/CN109087412A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00571Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/0042Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal containing a code which is changed
    • G07C2009/00476Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal containing a code which is changed dynamically
    • G07C2009/005Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal containing a code which is changed dynamically whereby the code is a random code

Abstract

The invention belongs to fields of communication technology, and in particular in a kind of Wireless Networking door-locking system in the connection method of door lock terminal and gateway and a kind of Wireless Networking door-locking system gateway and server connection method.Include: one group of handshake of setting, then judges whether gateway and door lock terminal, server and gateway establish a connection using the validation value of handshake and generation.Connection method of the invention is provided with many places verifying process, it is therefore prevented that enemy passes through false gateway control door lock terminal, enemy is prevented to pass through false Servers control gateway;Meanwhile communication interaction times are few between gateway and door lock terminal, server and gateway, while strengthening security intensity, reduce the number of communications of equipment room, not only solved the problems, such as that equipment is easy the power consumption for being attacked, being controlled but also reducing equipment.

Description

The connection method of door lock terminal and gateway in a kind of Wireless Networking door-locking system
Technical field
The invention belongs to fields of communication technology, and in particular to door lock terminal and gateway in a kind of Wireless Networking door-locking system Connection method.
Background technique
With the development of technology, possess more preferably safety and convenience, electronic gate compared to mechanical door lock because of electronic lock Lock is more and more applied to various places on the market.Currently, in such as campus, hotel, intelligent door lock security protection System is more and more applied, to manage concentratedly to intelligent door lock.
But at present in campus apartment security system, data transmission mostly uses the form of plaintext to transmit, and passes in this way in data Data are very easy to monitored, forgery and attack during defeated, there are great security risk, are easy to cause to student and school Property loss.Common place under attack is door lock terminal and gateway, gateway and service in campus apartment security system at present Among data transmission procedure between device, enemy manipulates gateway using false gateway manipulation door lock terminal or using false server, into And cause economic loss.
Summary of the invention
(1) technical problems to be solved
Enemy manipulates gateway using false gateway manipulation door lock terminal or using false server in order to prevent, and the present invention provides one The connection method of door lock terminal and gateway in kind Wireless Networking door-locking system.
(2) technical solution
To achieve the above object, the main technical schemes that the present invention uses include:
The connection method of door lock terminal and gateway in a kind of Wireless Networking door-locking system, which comprises
101, after door lock terminal powers on, the door lock terminal sends connection life to the gateway of the door lock terminal region It enables;
102, bind command generates the verification information for verifying the Gateway identity to the gateway based on the received;
The verification information includes: the first data of encryption, the first random array and the first accidental validation value;
103, the verification information is sent the door lock terminal by the gateway;
104, the door lock terminal verifies the verification information according to proof rule, if being verified, to institute It states gateway transmission and is verified information, and establish connection with the gateway.
Further, the step 102 includes:
The gateway bind command based on the received generates the first random array;
The first accidental validation value is generated using the described first random array;And
The first data are formed according to the format of the first handshake, first data are encrypted, the encryption First data, the first random array and the first accidental validation value form the verification information;
Wherein, the format of first handshake is the format stored in the gateway in advance.
Further, the step 104 includes:
The first data encrypted in received verification information are decrypted the door lock terminal, and judge after decryption the Whether the format of one data is identical as the format of the first handshake;
Do not pass through if it is different, then verifying;
Otherwise, the second accidental validation value is generated with the first random array in the verification information;
Judge whether the first accidental validation value and the second accidental validation value are identical, if they are the same, are then verified;
Wherein, the format of first handshake is set in the door lock terminal in advance, and with the gateway In the first handshake format it is identical.
A kind of Wireless Networking door-locking system, the system comprises at least one gateways and at least one door lock terminal:
The gateway includes: the first chip and the second chip;
The AES128 program for being encrypted to the first data in verification information is built-in in first chip;
The AES128 program is also used to when the gateway receives bind command, generates the first random array;
It is built-in in second chip for generating the first accidental validation value respectively and generating the SHA256 of the first data Program;
Wherein, the first data of the encryption, the first random array and the first accidental validation value composition are for being sent to door Lock the verification information of terminal;
The door lock terminal includes: third chip and fourth chip;
The AES128 program for the first data of encryption to be decrypted is built-in in the third chip;
It is built-in in the fourth chip for generating the first accidental validation using the first random array in verification information The SHA256 program of value;
Wherein, the gateway and the door lock terminal interaction are to execute the connection method of above-mentioned door lock terminal and gateway.
The connection method of gateway and server in a kind of Wireless Networking door-locking system, which comprises
201, after gateway powers on, the gateway sends bind command to the server of the gateway region;
202, bind command generates the first verifying letter for verifying the server identity to the server based on the received Breath;
First verification information includes: the second data of encryption, the second random array and third accidental validation value;
203, first verification information is sent the gateway by the server;
204, the gateway verifies first verification information according to proof rule, if being verified, to institute It states server and sends a return information;
205, the server based on the received test for verifying described the second of the server identity by return information generation Demonstrate,prove information;
Second verification information includes: the random array of third data, third and the 4th accidental validation value of encryption;
206, second verification information is sent the gateway by the server;
207, the gateway verifies second verification information according to proof rule, if being verified, to institute It states server transmission and is verified information, and establish connection with the gateway.
Further, the step 202 includes:
The server bind command that the gateway is sent based on the received, generates the second random array;
Third accidental validation value is generated using the described second random array;And
The second data are formed according to the format of the second handshake, second data are encrypted, the encryption Second data, the second random array and third accidental validation value form first verification information;
Wherein, the format of second handshake is in advance in format stored in the server.
Further, the step 204 includes:
The second data encrypted in received first verification information are decrypted the gateway, and judge after decryption the Whether the format of two data is identical as the format of the second handshake;
Do not pass through if it is different, then verifying;
Otherwise, the 5th accidental validation value is generated with the second random array in first verification information;
Judge whether the third accidental validation value and the 5th accidental validation value are identical, if they are the same, are then verified;
Wherein, the format of second handshake is set in the gateway in advance, and in the server The second handshake format it is identical.
Further, which is characterized in that the step 205 includes:
The server return information that the gateway is sent based on the received, generates the random array of third;
The 4th accidental validation value is generated using the random array of the third;And
Third data are formed according to the format of third handshake, the third data are encrypted, the encryption The random array of third data, third and the 4th accidental validation value form second verification information;
Wherein, the format of the third handshake is in advance in format stored in the server.
Further, which is characterized in that the step 207 includes:
The third data encrypted in received second verification information are decrypted the gateway, and judge after decryption the Whether the format of three data is identical as the format of third handshake;
Do not pass through if it is different, then verifying;
Otherwise, the 6th accidental validation value is generated with the random array of third in second verification information;
Judge whether the 4th accidental validation value and the 6th accidental validation value are identical, if they are the same, are then verified;
Wherein, the format of the third handshake is set in the gateway in advance, and in the server Third handshake format it is identical.
A kind of Wireless Networking door-locking system, the system comprises at least one servers and at least one gateway:
The server includes: fifth chip and the 6th chip;
Be built-in in the fifth chip for in verification information the second data and third data encrypted AES128 program;
The AES128 program is also used to when the server receives bind command, generates the second random array;
The AES128 program is also used to when the gateway receives return information, generates the random array of third;
It is built-in in 6th chip for generating third accidental validation value respectively, generating the second data, the 4th at random Validation value, the SHA256 program for generating third data;
Wherein, the second data of the encryption, the second random array and third accidental validation value composition are for being sent to net The first verification information closed;
The random array of third data, third of the encryption and the 4th accidental validation value composition are for being sent to the of gateway Two verification informations;
The gateway includes: the 7th chip and the 8th chip;
It is built-in in 7th chip and is decrypted for the third data of the second data and encryption to encryption AES128 program;
The SHA256 journey for generating the 5th accidental validation value using the second random array is built-in in 8th chip Sequence;
The SHA256 program is also used to generate the 6th accidental validation value using the random array of third;
Wherein, the server and the interactive connection method to execute above-mentioned gateway and server of the gateway.
(3) beneficial effect
The beneficial effects of the present invention are: the present invention provides the company of door lock terminal and gateway in a kind of Wireless Networking door-locking system Connect method, comprising: after door lock terminal powers on, door lock terminal sends bind command to the gateway of the door lock terminal region; Bind command generates the verification information for verifying the Gateway identity to gateway based on the received;Verification information is sent door lock by gateway Terminal;Door lock terminal verifies verification information according to proof rule, if being verified, is verified letter to gateway transmission Breath, and connection is established with gateway.
The present invention provides the connection method of gateway and server in a kind of Wireless Networking door-locking system, comprising: on gateway After electricity, gateway sends bind command to the server of the gateway region;Bind command generates use to server based on the received In the first verification information for verifying the server identity;First verification information is sent gateway by server;Gateway is advised according to verifying Then verification information is verified, if being verified, sends a return information to server;Server returns based on the received Breath of writing in reply generates the second verification information for verifying the server identity;Second verification information is sent gateway by server;Net Verification information is verified according to proof rule in pass, if being verified, is verified information to server transmission, and with net Connection is established in pass.
Connection method of the invention is provided with many places verifying process, it is therefore prevented that enemy is whole by false gateway control door lock It holds, enemy is prevented to pass through false Servers control gateway;Meanwhile it being communicated between gateway and door lock terminal, server and gateway Interaction times are few, while strengthening security intensity, reduce the number of communications of equipment room, have both solved equipment and have been easy to be attacked The problem of hitting, being controlled reduces the power consumption of equipment again.
Detailed description of the invention
Fig. 1 is the connection method process of door lock terminal and gateway in a kind of Wireless Networking door-locking system of the embodiment of the present invention Figure;
Fig. 2 is the connection method flow chart of gateway and server in a kind of Wireless Networking door-locking system of the embodiment of the present invention.
Specific embodiment
In order to better explain the present invention, in order to understand, with reference to the accompanying drawing, by specific embodiment, to this hair It is bright to be described in detail.
Embodiment 1
A kind of Wireless Networking door-locking system, system include at least one gateway and at least one door lock terminal.Gateway includes: First chip and the second chip, door lock terminal include: third chip and fourth chip;It is built-in in first chip and third chip AES128 program;Built-in SHA256 program in second chip and fourth chip.
As shown in Figure 1, for the stream of the connection method of door lock terminal and gateway in a kind of Wireless Networking door-locking system of the present invention Cheng Tu, connection method are specific as follows:
101, after door lock terminal powers on, door lock terminal sends bind command to the gateway of the door lock terminal region.
It should be noted that bind command carries the equipment mark code of door lock terminal, for triggering gateway when default Connection process is opened in long.In general, door lock terminal region is in apartment same floor.
102, bind command generates the verification information for verifying the Gateway identity to gateway based on the received;Verification information packet It includes: the first data Data1, the first random array and the first accidental validation value MAC1 of encryption;
It is specific:
Gateway bind command based on the received, it is random using the AES128 Program Generating first of the first built-in chip type in gateway Array, the SHA256 program of the second built-in chip type generates the first accidental validation value MAC1 using the first random array in gateway, together When, the SHA256 program of the second built-in chip type forms the first data according to the data frame format of the first handshake in gateway Then Data1 is encrypted the first data Data1 by the AES128 program of the first built-in chip type, the first data of encryption Data1, the first random array and the first accidental validation value MAC1 form verification information;Wherein, the first handshake is to exist in advance It is stored in gateway.
103, verification information is sent door lock terminal by gateway.
104, door lock terminal verifies verification information according to proof rule, if being verified, tests to gateway transmission Card establishes connection with gateway by information;
It is specific:
The the first data Data1 encrypted in received verification information is decrypted door lock terminal, here to the of encryption The decryption of one data Data1 be completed by the AES128 program being arranged in third chip, and judge decryption after first Whether the format of data Data1 is identical as the format of the first handshake stored in door lock terminal in advance;
Do not pass through if it is different, then verifying;
Otherwise, the SHA256 program in door lock terminal built in fourth chip, it is raw with the first random array in verification information At the second accidental validation value;
Judge whether the first accidental validation value and the second accidental validation value are identical, if they are the same, are then verified, door lock terminal And connection is established with gateway;
Wherein, the first handshake set in door lock terminal in advance, the format with the first handshake in gateway It is identical.
It should be noted that in step 104 determine the first data Data1 format whether with the first handshake data frame Format it is identical, specifically include:
Firstly, determining whether syringe needle data are equal, if unequal, verify and do not pass through;
If equal, continue verifying adder data and verify and do not pass through if not passing through.
In the present embodiment, if false gateway, then the decryption of first data Data1 is unable to complete in step 104, meanwhile, it is false Do not prestore the first handshake in gateway, that is, the first data Data1 after decrypting will not by the verifying of door lock terminal, into One step, false gateway cannot obtain the first random array for generating the second accidental validation value MAC2, so first tests at random Card value MAC1 and the verifying of the second accidental validation value MAC2 will not pass through, and door lock is whole in a kind of Wireless Networking door-locking system of the present invention End and the connection method of gateway are provided with verifying process in terms of three, strengthen the safety of equipment.
In the present embodiment, door lock terminal and gateway are connected by way of wireless telecommunications;Door lock terminal and gateway respectively wrap The wireless transport module to match is included, wireless transport module includes: zigbee module or bluetooth module.
Embodiment 2
A kind of Wireless Networking door-locking system, system include at least one server and at least one gateway:
Server includes: fifth chip and the 6th chip;The gateway includes: the 7th chip and the 8th chip;5th core Built-in AES128 program in piece and the 7th chip;Built-in SHA256 program in 6th chip and the 8th chip.
As shown in Fig. 2, for the process of the connection method of server and gateway in a kind of Wireless Networking door-locking system of the present invention Figure, connection method are specific as follows:
201, after gateway powers on, gateway sends bind command to the server of the gateway region;
It should be noted that bind command carries the equipment mark code of gateway, for trigger the server in preset duration Interior unlatching connects process.In general, gateway region is an apartment.
202, bind command generates the first verification information for verifying the server identity to server based on the received;The One verification information includes: the second data of encryption, the second random array and third accidental validation value;
It is specific:
The server bind command that gateway is sent based on the received, utilizes the AES128 journey built in fifth chip in server Sequence generates the second random array, in server the SHA256 program of the 6th built-in chip type using the second random array generate third with Machine validation value MAC3, meanwhile, in server the SHA256 program of the 6th built-in chip type according to the second handshake data frame lattice Formula forms the second data Data2, then encrypts the second data Data2 as the AES128 program built in fifth chip, adds Close the second data Data2, the second random array and third accidental validation value MAC3 forms verification information;Wherein, it second shakes hands Signal stores in a gateway in advance.
203, the first verification information is sent gateway by server.
204, gateway verifies the first verification information according to proof rule, if being verified, sends to server One return information;
It is specific:
The the second data Data2 encrypted in received first verification information is decrypted gateway, here to the of encryption The decryption of two data Data2 is completed by the AES128 program being arranged in the 7th chip;And judge decryption after second Whether the format of data Data2 is identical as the format of the second handshake stored in a gateway in advance;
Do not pass through if it is different, then verifying;
Otherwise, in gateway the 8th built-in chip type SHA256 program, it is raw with the second random array in the first verification information At the 4th accidental validation value MAC4;
Judge whether third accidental validation value MAC3 and the 4th accidental validation value MAC4 are identical, if they are the same, then verifying is logical It crosses, gateway sends a return information to server;
Wherein, the format of the second handshake is set in a gateway in advance, and is shaken hands letter with second in server Number format it is identical;
It should be noted that in step 204 determine the second data Data1 format whether with the second handshake data frame Format it is identical, specifically include:
Firstly, determining whether syringe needle data are equal, if unequal, verify and do not pass through;
If equal, continue verifying adder data and verify and do not pass through if not passing through;
It should be noted that the equipment mark code for carrying gateway in the return information that gateway is sent to server is tested with this Demonstrate,prove process as a result, for trigger the server open binding process in next verifying process.
205, return information generates the second verification information for verifying the server identity to server based on the received;The Two verification informations include: the random array of third data, third and the 4th accidental validation value of encryption;
The server return information that gateway is sent based on the received, utilizes the AES128 journey built in fifth chip in server Sequence generates the random array of third, in server the SHA256 program of the 6th built-in chip type using the random array of third generate the 5th with Machine validation value MAC5, meanwhile, in server the SHA256 program of the 6th built-in chip type according to third handshake data frame lattice Formula forms third data Data3, then encrypts third data Data3 as the AES128 program built in fifth chip, adds Close third data Data3, the random array of third and the 5th accidental validation value MAC5 forms the second verification information;Wherein, third Handshake stores in a gateway in advance.
206, the second verification information is sent gateway by server.
207, gateway verifies the second verification information according to proof rule, if being verified, sends to server It is verified information, and establishes connection with gateway;
It is specific:
The third data Data3 encrypted in received second verification information is decrypted gateway, here to the of encryption The decryption of three data Data3 is completed by the AES128 program being arranged in the 7th chip;And judge the third after decryption Whether the format of data Data3 is identical as the format of the third handshake stored in a gateway in advance;
Do not pass through if it is different, then verifying;
Otherwise, in gateway the 8th built-in chip type SHA256 program, it is raw with the random array of third in the second verification information At the 6th accidental validation value MAC6;
Judge whether the 5th accidental validation value MAC5 and the 6th accidental validation value MAC6 are identical, if they are the same, then verifying is logical It crosses, gateway and server establish connection;
Wherein, the format of third handshake is set in a gateway in advance, and is shaken hands letter with the third in server Number format it is identical;
It should be noted that in step 207 determine third data Data3 format whether with third handshake data frame Format it is identical, specifically include:
Firstly, determining whether syringe needle data are equal, if unequal, verify and do not pass through;
If equal, continue verifying adder data and verify and do not pass through if not passing through;Server and gateway pass through wireless And/or the mode of wire communication connects;
Gateway and server respectively include the wireless transport module to match, and wireless transport module includes: zigbee module And/or bluetooth module.
In the present embodiment, if false server, then the decryption of second data Data2 is unable to complete in step 204, step The decryption of third data Data3 is unable to complete in 207, meanwhile, the second handshake is not prestored in false server and third is held Hand signal, that is, the third data Data3 after the second data Data2 and decryption after decrypting will not pass through the verifying of gateway.This It invents in a kind of Wireless Networking door-locking system in the connection method of server and gateway, the verification process of gateway and server includes Process is verified twice, any one verifying process does not pass through, then gateway and server cannot be bound, and double verification process enhances Security intensity.
It is to be appreciated that describing the skill simply to illustrate that of the invention to what specific embodiments of the present invention carried out above Art route and feature, its object is to allow those skilled in the art to can understand the content of the present invention and implement it accordingly, but The present invention is not limited to above-mentioned particular implementations.All various changes made within the scope of the claims are repaired Decorations, should be covered by the scope of protection of the present invention.

Claims (10)

1. the connection method of door lock terminal and gateway in a kind of Wireless Networking door-locking system, which is characterized in that the described method includes:
101, after door lock terminal powers on, the door lock terminal sends bind command to the gateway of the door lock terminal region;
102, bind command generates the verification information for verifying the Gateway identity to the gateway based on the received;
The verification information includes: the first data of encryption, the first random array and the first accidental validation value;
103, the verification information is sent the door lock terminal by the gateway;
104, the door lock terminal verifies the verification information according to proof rule, if being verified, to the net It closes to send and is verified information, and establish connection with the gateway.
2. the method according to claim 1, wherein the step 102 includes:
The gateway bind command based on the received generates the first random array;
The first accidental validation value is generated using the described first random array;And
The first data are formed according to the format of the first handshake, first data are encrypted, the first of the encryption Data, the first random array and the first accidental validation value form the verification information;
Wherein, the format of first handshake is the format stored in the gateway in advance.
3. according to the method described in claim 2, it is characterized in that, the step 104 includes:
The first data encrypted in received verification information are decrypted the door lock terminal, and judge the first number after decryption According to format it is whether identical as the format of the first handshake;
Do not pass through if it is different, then verifying;
Otherwise, the second accidental validation value is generated with the first random array in the verification information;
Judge whether the first accidental validation value and the second accidental validation value are identical, if they are the same, are then verified;
Wherein, the format of first handshake is set in the door lock terminal in advance, and in the gateway The format of first handshake is identical.
4. a kind of Wireless Networking door-locking system, the system comprises at least one gateway and at least one door lock terminal, features It is:
The gateway includes: the first chip and the second chip;
The AES128 program for being encrypted to the first data in verification information is built-in in first chip;
The AES128 program is also used to when the gateway receives bind command, generates the first random array;
It is built-in in second chip for generating the first accidental validation value respectively and generating the SHA256 program of the first data;
Wherein, the first data of the encryption, the first random array and the first accidental validation value composition are for being sent to door lock end The verification information at end;
The door lock terminal includes: third chip and fourth chip;
The AES128 program for the first data of encryption to be decrypted is built-in in the third chip;
It is built-in in the fourth chip for generating the first accidental validation value using the first random array in verification information SHA256 program;
Wherein, the gateway and the door lock terminal interaction are to execute any method of the claims 1 to 3.
5. the connection method of gateway and server in a kind of Wireless Networking door-locking system, which is characterized in that the described method includes:
201, after gateway powers on, the gateway sends bind command to the server of the gateway region;
202, bind command generates the first verification information for verifying the server identity to the server based on the received;
First verification information includes: the second data of encryption, the second random array and third accidental validation value;
203, first verification information is sent the gateway by the server;
204, the gateway verifies first verification information according to proof rule, if being verified, to the clothes Business device sends a return information;
205, return information generates the second verifying letter for verifying the server identity to the server based on the received Breath;
Second verification information includes: the random array of third data, third and the 4th accidental validation value of encryption;
206, second verification information is sent the gateway by the server;
207, the gateway verifies second verification information according to proof rule, if being verified, to the clothes Business device transmission is verified information, and establishes connection with the gateway.
6. according to the method described in claim 5, it is characterized in that, the step 202 includes:
The server bind command that the gateway is sent based on the received, generates the second random array;
Third accidental validation value is generated using the described second random array;And
The second data are formed according to the format of the second handshake, second data are encrypted, the second of the encryption Data, the second random array and third accidental validation value form first verification information;
Wherein, the format of second handshake is in advance in format stored in the server.
7. according to the method described in claim 6, it is characterized in that, the step 204 includes:
The second data encrypted in received first verification information are decrypted the gateway, and judge the second number after decryption According to format it is whether identical as the format of the second handshake;
Do not pass through if it is different, then verifying;
Otherwise, the 5th accidental validation value is generated with the second random array in first verification information;
Judge whether the third accidental validation value and the 5th accidental validation value are identical, if they are the same, are then verified;
Wherein, the format of second handshake is set in the gateway in advance, and in the server The format of two handshake is identical.
8. the method according to the description of claim 7 is characterized in that the step 205 includes:
The server return information that the gateway is sent based on the received, generates the random array of third;
The 4th accidental validation value is generated using the random array of the third;And
Third data are formed according to the format of third handshake, the third data are encrypted, the third of the encryption The random array of data, third and the 4th accidental validation value form second verification information;
Wherein, the format of the third handshake is in advance in format stored in the server.
9. according to the method described in claim 8, it is characterized in that, the step 207 includes:
The third data encrypted in received second verification information are decrypted the gateway, and judge the third number after decryption According to format it is whether identical as the format of third handshake;
Do not pass through if it is different, then verifying;
Otherwise, the 6th accidental validation value is generated with the random array of third in second verification information;
Judge whether the 4th accidental validation value and the 6th accidental validation value are identical, if they are the same, are then verified;
Wherein, the format of the third handshake is set in the gateway in advance, and in the server The format of three handshake is identical.
10. a kind of Wireless Networking door-locking system, the system comprises at least one server and at least one gateway, feature exists In:
The server includes: fifth chip and the 6th chip;
It is built-in in the fifth chip for the second data and the AES128 that is encrypted of third data in verification information Program;
The AES128 program is also used to when the server receives bind command, generates the second random array;
The AES128 program is also used to when the gateway receives return information, generates the random array of third;
It is built-in in 6th chip for generating third accidental validation value respectively, generating the second data, the 4th accidental validation Value, the SHA256 program for generating third data;
Wherein, the second data of the encryption, the second random array and third accidental validation value composition are for being sent to gateway First verification information;
The random array of third data, third of the encryption and the 4th accidental validation value composition are tested for being sent to the second of gateway Demonstrate,prove information;
The gateway includes: the 7th chip and the 8th chip;
The AES128 being decrypted for the third data of the second data and encryption to encryption is built-in in 7th chip Program;
The SHA256 program for generating the 5th accidental validation value using the second random array is built-in in 8th chip;
The SHA256 program is also used to generate the 6th accidental validation value using the random array of third;
Wherein, the server and gateway interaction are to execute any method of the claims 5 to 9.
CN201810573991.0A 2018-06-06 2018-06-06 The connection method of door lock terminal and gateway in a kind of Wireless Networking door-locking system Pending CN109087412A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810573991.0A CN109087412A (en) 2018-06-06 2018-06-06 The connection method of door lock terminal and gateway in a kind of Wireless Networking door-locking system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810573991.0A CN109087412A (en) 2018-06-06 2018-06-06 The connection method of door lock terminal and gateway in a kind of Wireless Networking door-locking system

Publications (1)

Publication Number Publication Date
CN109087412A true CN109087412A (en) 2018-12-25

Family

ID=64839404

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810573991.0A Pending CN109087412A (en) 2018-06-06 2018-06-06 The connection method of door lock terminal and gateway in a kind of Wireless Networking door-locking system

Country Status (1)

Country Link
CN (1) CN109087412A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110335375A (en) * 2019-05-23 2019-10-15 深圳市易流科技股份有限公司 Lead sealing solution encapsulation method, lead sealing and computer equipment
CN110460446A (en) * 2019-07-10 2019-11-15 北京信安世纪科技股份有限公司 The acquisition methods and device of message authentication code
CN114448727A (en) * 2022-04-02 2022-05-06 中国信息通信研究院 Information processing method and system based on industrial internet identification analysis system

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1571407A (en) * 2003-07-14 2005-01-26 华为技术有限公司 A safety authentication method based on media gateway control protocol
CN102629908A (en) * 2012-03-24 2012-08-08 北京天润融通科技有限公司 Data real-time calling method of WEB server
CN102843678A (en) * 2011-06-21 2012-12-26 中兴通讯股份有限公司 Access control method, device, interface and security gateway
CN103701797A (en) * 2013-12-23 2014-04-02 江苏物联网研究发展中心 Light-weight node and gateway two-way identity authentication method
US20150149781A1 (en) * 2013-06-25 2015-05-28 Google Inc. Authenticated session establishment
CN105072110A (en) * 2015-08-06 2015-11-18 山东科技大学 Two-factor remote identity authentication method based on smart card
CN105282179A (en) * 2015-11-27 2016-01-27 中国电子科技集团公司第五十四研究所 Family Internet of things security control method based on CPK
CN105635231A (en) * 2014-11-06 2016-06-01 阿里巴巴集团控股有限公司 Calling method and apparatus of distributed system

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1571407A (en) * 2003-07-14 2005-01-26 华为技术有限公司 A safety authentication method based on media gateway control protocol
CN102843678A (en) * 2011-06-21 2012-12-26 中兴通讯股份有限公司 Access control method, device, interface and security gateway
CN102629908A (en) * 2012-03-24 2012-08-08 北京天润融通科技有限公司 Data real-time calling method of WEB server
US20150149781A1 (en) * 2013-06-25 2015-05-28 Google Inc. Authenticated session establishment
CN103701797A (en) * 2013-12-23 2014-04-02 江苏物联网研究发展中心 Light-weight node and gateway two-way identity authentication method
CN105635231A (en) * 2014-11-06 2016-06-01 阿里巴巴集团控股有限公司 Calling method and apparatus of distributed system
CN105072110A (en) * 2015-08-06 2015-11-18 山东科技大学 Two-factor remote identity authentication method based on smart card
CN105282179A (en) * 2015-11-27 2016-01-27 中国电子科技集团公司第五十四研究所 Family Internet of things security control method based on CPK

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110335375A (en) * 2019-05-23 2019-10-15 深圳市易流科技股份有限公司 Lead sealing solution encapsulation method, lead sealing and computer equipment
CN110460446A (en) * 2019-07-10 2019-11-15 北京信安世纪科技股份有限公司 The acquisition methods and device of message authentication code
CN110460446B (en) * 2019-07-10 2022-03-18 北京信安世纪科技股份有限公司 Method and device for acquiring message authentication code
CN114448727A (en) * 2022-04-02 2022-05-06 中国信息通信研究院 Information processing method and system based on industrial internet identification analysis system

Similar Documents

Publication Publication Date Title
CN105376216B (en) A kind of remote access method, proxy server and client
CN105069876B (en) The method and system of intelligent entrance guard control
CN105654580B (en) Access control method and system, electronic lock, management and visitor's terminal
CN103685323B (en) A kind of Smart Home safe network implementation method based on intelligent cloud television gateway
CN110177354A (en) A kind of wireless control method and system of vehicle
CN106658493A (en) Key management method, device and system
CN109087412A (en) The connection method of door lock terminal and gateway in a kind of Wireless Networking door-locking system
CN106549940B (en) Vehicle data transmission method and system
CN108551455A (en) The configuration method and device of smart card
CN204856630U (en) Electron ticketing system
CN106130982A (en) Intelligent household appliance remote control method based on PKI system
CN106683245B (en) NFC mobile intelligent terminal safety access control system and control method thereof
CN105812367A (en) Authentication system and authentication method of network access device in quantum network
CN106034028A (en) Terminal equipment authentication method, apparatus and system thereof
CN105551118A (en) Electronic key opening access control method, and apparatus and system thereof
CN109218263A (en) A kind of control method and device
CN106027250B (en) A kind of ID card information safe transmission method and system
CN101784049A (en) Method and system thereof for controlling cars through mobile terminal
CN108769007A (en) Gateway security authentication method, server and gateway
CN109949461A (en) Method for unlocking and device
CN106302422A (en) Business encryption and decryption method and device
CN110121170A (en) Mobile network's auth method based on encryption technology
CN110163998A (en) A kind of intelligent door lock application method of intelligent door lock system and offline authentication
CN105634884B (en) A kind of control instruction wiring method, intelligent home furnishing control method and relevant apparatus
CN106027457A (en) Identity card information transmission method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20181225

RJ01 Rejection of invention patent application after publication