CN109150503A - Authentication method in Electric Power Marketing System interface calling based on RSA Algorithm - Google Patents
Authentication method in Electric Power Marketing System interface calling based on RSA Algorithm Download PDFInfo
- Publication number
- CN109150503A CN109150503A CN201811398731.0A CN201811398731A CN109150503A CN 109150503 A CN109150503 A CN 109150503A CN 201811398731 A CN201811398731 A CN 201811398731A CN 109150503 A CN109150503 A CN 109150503A
- Authority
- CN
- China
- Prior art keywords
- interface
- client
- digital signature
- server
- calls
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3249—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
The present invention provide a kind of Electric Power Marketing System interface based on RSA Algorithm call in authentication method, interface calls client to be based on RSA Algorithm and generates digital signature, RSA digital signature provides the method for the acknowledged identity an of safety, that is the authenticity of digital signature is guaranteed, prevent it is third-party pretend to be and distort, affirmed the authenticity of digital signature.One is added safety lock to the interface of electric system, guarantees the safety of power system interface, refusal guarantees the interactive safety of electric power system data because illegal interface calls the generation for causing leaking data phenomenon.
Description
Technical field
The invention belongs to digital signature identification technical field more particularly to a kind of Electric Power Marketing Systems based on RSA Algorithm
Authentication method in interface calling.
Background technique
Data interaction is realized by interactive interfacing between electric system, to ensure the efficient, reliable of each system
Operation, and the generally existing safety issue of interface requests between electric system, system interface be all it is in the air, do not verify calling
Legitimacy, nowadays electric system has spread to electric power enterprise production, in all links of operation and management, therefore electric system
The safety of data is safe operation of power system and the guarantee to social reliable power supply.
Existing interface requests verifying solution has these types: 1, server-side generates authorization key, client to request segment
End carries authorization key when sending request;2, server-side is taken when sending request to client access username and password, client
Band username and password, server-side are called legitimacy verifies to username and password.
Current Electric Power Marketing System interface calls authentication missing, and interface requests verification mode is not safe enough, can not
Recipient or other third parties is avoided to forge, to influence the authenticity of verifying, and sender is because to the unfavorable and no of oneself
In the case where recognizing, the question at issue of interactive both sides can not be solved.
Summary of the invention
In order to solve the above technical problems, the present invention is provided during a kind of Electric Power Marketing System interface based on RSA Algorithm calls
Authentication method.In order to which some aspects of the embodiment to disclosure have a basic understanding, simple summary is shown below.
The summarized section is not extensive overview, nor to determine key/critical component or describe the protection model of these embodiments
It encloses.Its sole purpose is that some concepts are presented with simple form, in this, as the preamble of following detailed description.
The present invention adopts the following technical scheme:
In some alternative embodiments, provide a kind of Electric Power Marketing System interface based on RSA Algorithm call in recognize
Card method, comprising: interface server using itself private key to interface call client send encrypted digital signature into
Row decryption, obtains digital signature;The interface server calls the public key of client to sign obtained number with the interface
Name is decrypted, and obtains client ends relative;The interface server connects according to client ends relative verification
Whether mouth calls the call request of client legal, then allows to call if legal, otherwise forbids calling.
In some alternative embodiments, before this method further include: the interface server and the interface call visitor
Family end generates respective public key and private key;The interface calls client to generate digital signature and sends out encrypted digital signature
It send to the interface server.
In some alternative embodiments, the interface calls client to generate digital signature and sign encrypted number
The process that name is sent to the interface server includes: that the interface calls client to obtain the client ends relative of itself;
The interface calls client to encrypt using the private key of itself to the client ends relative and the information that asks for an autograph, raw
At digital signature;The interface calls client to add using the public key of the interface server to the digital signature of generation
It is close;The interface calls client that encrypted digital signature is sent to the interface server.
In some alternative embodiments, the client ends relative includes: server ip, client coding, MAC
Location and timestamp.
In some alternative embodiments, the interface server verifies the interface according to the client ends relative
Calling the call request of client, whether legal process includes: in the interface server client ends relative
Timestamp and server time difference whether less than 5 minutes;If being judged less than 5 minutes according to the client ends relative
Whether calling interface service is had permission;Related data to the interface is returned if having permission and calls client, is otherwise returned and is adjusted
Client is called with failure error code to the interface.
The utility model has the advantages that interface of the invention, which calls client to be based on RSA Algorithm, generates digital signature brought by of the invention,
Authenticity is guaranteed, it is therefore prevented that and it is third-party to pretend to be and distort, affirm the authenticity of digital signature;Interface can be called
Person's legitimacy verifies, and guarantees the safety of power system interface, and refusal is because illegal interface calling causes leaking data existing
The generation of elephant guarantees the safety of electric power system data interaction, reinforces the safety for establishing system data, further promotes data peace
Full protection ability.
For the above and related purposes, one or more embodiments include being particularly described below and in claim
In the feature that particularly points out.Certain illustrative aspects are described in detail in the following description and the annexed drawings, and its instruction is only
Some modes in the utilizable various modes of the principle of each embodiment.Other benefits and novel features will be under
The detailed description in face is considered in conjunction with the accompanying and becomes obvious, the disclosed embodiments be all such aspects to be included and they
Be equal.
Detailed description of the invention
Fig. 1 is that the process of the authentication method during a kind of Electric Power Marketing System interface based on RSA Algorithm of the present invention calls is shown
It is intended to;
Fig. 2 is principle of the invention figure.
Specific embodiment
The following description and drawings fully show specific embodiments of the present invention, to enable those skilled in the art to
Practice them.Other embodiments may include structure, logic, it is electrical, process and other change.Embodiment
Only represent possible variation.Unless explicitly requested, otherwise individual components and functionality is optional, and the sequence operated can be with
Variation.The part of some embodiments and feature can be included in or replace part and the feature of other embodiments.This hair
The range of bright embodiment includes equivalent obtained by the entire scope of claims and all of claims
Object.
As illustrated in fig. 1 and 2, in some illustrative embodiments, a kind of Electric Power Marketing System based on RSA Algorithm is provided
Authentication method in interface calling.
RSA public-key encryptosystem has used RSA Algorithm to be digitally signed, in practice in view of RSA Algorithm
The safety being proved to, RSA public-key encryptosystem are widely applied in many safety standards.RSA Algorithm, including
Signature algorithm and verifying signature algorithm, RSA public-key encryptosystem is the original of the algorithms for encryption and decryption of the RSA Algorithm utilized
A kind of digital signature carried out is managed, is realized indeed through a hash function.The present invention be by MD5 message pluck
The institute's object to be encrypted for wanting algorithm to generate eap-message digest to realize.
Authentication method in Electric Power Marketing System interface calling based on RSA Algorithm of the invention, comprising:
101: interface server and interface call client to generate respective public key and private key.
102: interface calling client obtains the client ends relative of itself.
Wherein, client ends relative includes: server ip, client coding, MAC Address and timestamp.
103: interface calls client to add using the private key of itself to client ends relative and the information that asks for an autograph
It is close, generate digital signature.
104: interface calls client to encrypt using the public key of interface server to the digital signature of generation, and will add
Digital signature after close is sent to interface server.
105: the encrypted digital signature that interface server receiving interface calls client to send, and using the private of itself
Key is decrypted, and obtains digital signature.
106: interface server calls the public key of client that obtained digital signature is decrypted with interface, obtains visitor
Family end relevant information.
After interface server obtains client ends relative, client is called according to client ends relative validation interface
Whether call request is legal, then allows to call if legal, otherwise forbids calling, and the mode of legal verifying promotes the standard of interface calling
True property, and verification mode is simple and fast, accelerates whole calling processing speed,
Wherein, interface server according to the client ends relative validation interface call client call request whether
Legal process includes:
107: whether interface server compares the timestamp in institute's client ends relative with server time difference less than 5 points
Clock;If carrying out step 108 less than 5 minutes, step 110 is otherwise carried out.
108: interface server judges whether there is permission calling interface service according to client ends relative, if having permission
Step 109 is carried out, step 110 is otherwise carried out.
109: interface server returns to related data to interface and calls client.
110: interface server returns to malloc failure malloc error code to interface and calls client.
The characteristics of digital signature is that it represents the feature of message, and message in case of changing, also will by the value of digital signature
It changes, different message will obtain different digital signature.The digital signature of safety makes the available guarantee of recipient: disappearing
Breath is actually from sender.Because the private key of signature only has sender oneself preservation, other people can not do the same digital signature, such as
Fruit third party pretends to be sender to issue a message, and recipient uses sender's when digital signature is decrypted
Public-key cryptography encrypts the digital signature come and the number by calculating as long as third party does not know the private cipher key of sender
It signs necessarily different, which provides the methods of the acknowledged identity of a safety, i.e., digital signature is true
Property is guaranteed.
For digital signature similar to manual signature, it has property below: being able to verify that the identity of signature producer, and produces
The date and time of raw signature;It can be used to confirm by label message content;Digital signature can be by third-party authentication, so as to solve
The dispute of interaction both sides.
Therefore, interface of the invention calls client to be based on RSA Algorithm and generates digital signature, and authenticity is guaranteed,
Prevent it is third-party pretend to be and distort, affirmed the authenticity of digital signature;Interface caller legitimacy can be verified,
Guarantee the safety of power system interface, refusal guarantees electric power because illegal interface calls the generation for causing leaking data phenomenon
The safety of system data interaction reinforces the safety for establishing system data, further promotes data safety protective capacities.
It should also be appreciated by one skilled in the art that various illustrative logical boxs, mould in conjunction with the embodiments herein description
Electronic hardware, computer software or combinations thereof may be implemented into block, circuit and algorithm steps.In order to clearly demonstrate hardware and
Interchangeability between software surrounds its function to various illustrative components, frame, module, circuit and step above and carries out
It is generally described.Hardware is implemented as this function and is also implemented as software, depends on specific application and to entire
The design constraint that system is applied.Those skilled in the art can be directed to each specific application, be realized in a manner of flexible
Described function, still, this realization decision should not be construed as a departure from the scope of protection of this disclosure.
Claims (5)
1. the authentication method in the Electric Power Marketing System interface calling based on RSA Algorithm characterized by comprising
Interface server is decrypted using the encrypted digital signature that the private key of itself calls client to send interface, is obtained
To digital signature;
The interface server calls the public key of client that obtained digital signature is decrypted with the interface, obtains visitor
Family end relevant information;
The interface server according to the client ends relative verify the interface call client call request whether
It is legal, then allow to call if legal, otherwise forbids calling.
2. the authentication method in the Electric Power Marketing System interface calling according to claim 1 based on RSA Algorithm, this method
Before further include:
The interface server and the interface call client to generate respective public key and private key;
The interface calls client to generate digital signature and encrypted digital signature is sent to the interface server.
3. the authentication method in the Electric Power Marketing System interface calling according to claim 2 based on RSA Algorithm, feature
It is, the interface calls client to generate digital signature and encrypted digital signature is sent to the interface server
Process includes:
The interface calling client obtains the client ends relative of itself;
The interface calls client to add using the private key of itself to the client ends relative and the information that asks for an autograph
It is close, generate digital signature;
The interface calls client to encrypt using the public key of the interface server to the digital signature of generation;
The interface calls client that encrypted digital signature is sent to the interface server.
4. the authentication method in the Electric Power Marketing System interface calling according to claim 3 based on RSA Algorithm, feature
It is, the client ends relative includes: server ip, client coding, MAC Address and timestamp.
5. the authenticating party in the Electric Power Marketing System interface calling according to any one of claims 1 to 4 based on RSA Algorithm
Method, which is characterized in that the interface server verifies the tune that the interface calls client according to the client ends relative
With request, whether legal process includes:
Whether the timestamp and server time difference in the interface server client ends relative are less than 5 points
Clock;
If judging whether there is permission calling interface service according to the client ends relative less than 5 minutes;
Related data to the interface is returned if having permission and calls client, is otherwise returned to malloc failure malloc error code and is connect to described
Mouth calls client.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811398731.0A CN109150503A (en) | 2018-11-22 | 2018-11-22 | Authentication method in Electric Power Marketing System interface calling based on RSA Algorithm |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811398731.0A CN109150503A (en) | 2018-11-22 | 2018-11-22 | Authentication method in Electric Power Marketing System interface calling based on RSA Algorithm |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109150503A true CN109150503A (en) | 2019-01-04 |
Family
ID=64806146
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811398731.0A Pending CN109150503A (en) | 2018-11-22 | 2018-11-22 | Authentication method in Electric Power Marketing System interface calling based on RSA Algorithm |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109150503A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112328415A (en) * | 2020-11-27 | 2021-02-05 | 杭州安恒信息技术股份有限公司 | Interface calling method and device, computer equipment and readable storage medium |
| CN113938328A (en) * | 2021-12-18 | 2022-01-14 | 中建电子商务有限责任公司 | Interface label checking method and system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103618610A (en) * | 2013-12-06 | 2014-03-05 | 上海千贯节能科技有限公司 | Information safety algorithm based on energy information gateway in smart power grid |
| CN103679062A (en) * | 2013-12-23 | 2014-03-26 | 上海贝岭股份有限公司 | Intelligent electric meter main control chip and security encryption method |
| US20160277179A1 (en) * | 2015-03-20 | 2016-09-22 | Cryptography Research, Inc. | Multiplicative blinding for cryptographic operations |
-
2018
- 2018-11-22 CN CN201811398731.0A patent/CN109150503A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103618610A (en) * | 2013-12-06 | 2014-03-05 | 上海千贯节能科技有限公司 | Information safety algorithm based on energy information gateway in smart power grid |
| CN103679062A (en) * | 2013-12-23 | 2014-03-26 | 上海贝岭股份有限公司 | Intelligent electric meter main control chip and security encryption method |
| US20160277179A1 (en) * | 2015-03-20 | 2016-09-22 | Cryptography Research, Inc. | Multiplicative blinding for cryptographic operations |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112328415A (en) * | 2020-11-27 | 2021-02-05 | 杭州安恒信息技术股份有限公司 | Interface calling method and device, computer equipment and readable storage medium |
| CN113938328A (en) * | 2021-12-18 | 2022-01-14 | 中建电子商务有限责任公司 | Interface label checking method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108092776B (en) | System based on identity authentication server and identity authentication token | |
| US7974415B2 (en) | System and method for updating keys used for public key cryptography | |
| US20210367753A1 (en) | Trusted measurement and control network authentication method based on double cryptographic values and chaotic encryption | |
| CN111224788B (en) | Electronic contract management method, device and system based on block chain | |
| CN110401615B (en) | Identity authentication method, device, equipment, system and readable storage medium | |
| CN102916971B (en) | Electronic data curing system and method | |
| CN110048849B (en) | Multi-layer protection session key negotiation method | |
| CN109728909A (en) | Identity identifying method and system based on USBKey | |
| CN106790064B (en) | The method that both sides are communicated in credible root server-cloud computing server model | |
| CN109474419A (en) | A kind of living body portrait photo encryption and decryption method and encrypting and deciphering system | |
| CN111526023A (en) | Block chain uplink data security authentication method and system based on IPK | |
| CN103078742A (en) | Generation method and system of digital certificate | |
| CN110086659A (en) | A kind of security update System and method for of FPGA configuration file | |
| CN111130798A (en) | Request authentication method and related equipment | |
| CN113886771A (en) | Software authorization authentication method | |
| CN112765626A (en) | Authorization signature method, device and system based on escrow key and storage medium | |
| CN110929231A (en) | Digital asset authorization method and device and server | |
| CN114553441B (en) | Electronic contract signing method and system | |
| CN109150503A (en) | Authentication method in Electric Power Marketing System interface calling based on RSA Algorithm | |
| CN111241492A (en) | Product multi-tenant secure credit granting method, system and electronic equipment | |
| CN117335989A (en) | Safety application method in internet system based on national cryptographic algorithm | |
| CN104065483B (en) | Identity-based cryptograph (IBC) classified using method of electronic communication identities | |
| KR20130100032A (en) | Method for distributting smartphone application by using code-signing scheme | |
| CN114125158B (en) | Anti-harassment method, device, equipment and storage medium based on trusted telephone | |
| CN114372241A (en) | Internet of things terminal identity authentication method, system, device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190104 |
|
| RJ01 | Rejection of invention patent application after publication |