CN109448197A - A kind of cloud intelligent lock system and key management method based on multi-enciphering mode - Google Patents
A kind of cloud intelligent lock system and key management method based on multi-enciphering mode Download PDFInfo
- Publication number
- CN109448197A CN109448197A CN201811547647.0A CN201811547647A CN109448197A CN 109448197 A CN109448197 A CN 109448197A CN 201811547647 A CN201811547647 A CN 201811547647A CN 109448197 A CN109448197 A CN 109448197A
- Authority
- CN
- China
- Prior art keywords
- key
- smart lock
- management platform
- lock
- card
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title abstract description 76
- 230000006855 networking Effects 0.000 claims abstract description 25
- 238000004891 communication Methods 0.000 claims abstract description 23
- 238000012986 modification Methods 0.000 claims description 12
- 230000004048 modification Effects 0.000 claims description 12
- 239000006185 dispersion Substances 0.000 claims description 10
- 238000010200 validation analysis Methods 0.000 claims description 6
- 230000005540 biological transmission Effects 0.000 claims description 4
- 238000000034 method Methods 0.000 claims description 4
- 238000012795 verification Methods 0.000 claims description 4
- 238000013475 authorization Methods 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000005764 inhibitory process Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00563—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys using personal physical data of the operator, e.g. finger prints, retinal images, voicepatterns
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00571—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Lock And Its Accessories (AREA)
Abstract
The present invention relates to a kind of cloud intelligent lock system and key management method based on multi-enciphering mode, including smart lock, cloud management platform, client, the smart lock is registered to cloud management platform using networking certification by NB-IOT network;The client matches the authority information of user bound fingerprint, access card and bluetooth according to subscriber identity information, and authority information generation ciphertext is sent to corresponding smart lock by smart lock communication key and Encryption Algorithm;The cloud management platform disperses corresponding root key using key decentralized algorithm, forms one key of lock, one key of card and one key of a bluetooth;Cloud management platform is registered to using networking certification mode, makes smart lock device network, convenient for centralized management, especially hotel and public affairs rents a house, and is convenient for personnel and safety management, encrypts code key using different door-opening mode differences, same door-opening mode difference encrypts code key, fully ensures that safety.
Description
Technical field: the present invention relates to smart lock technical fields more particularly to a kind of based on multi-enciphering mode
Cloud intelligent lock system and key management method.
Background technique
There are many smart lock type to circulate currently on the market, except common password, fingerprint, common IC card, ID card enabling side
Outside formula, there are also the wireless door-opening mode such as zigbee, wifi, bluetooth, however these smart locks still remain following problems, password,
Fingerprint uses front end typing, and password, finger print information are resident locally, are easily lost after data input and are not easy to manage, deposit simultaneously
In risk;Traditional IC card or ID card lack encryption mechanism, cause to be easy to be replicated, safety is low;Wifi, bluetooth or
The networking mode of zigbee needs to increase the extras such as Tandem Gateway, and there is the security risk being cracked;The above is opened
The smart lock of door mode all lacks safe encryption mechanism, although also having using software and hardware communication encryption, data encryption mode list
One or encryption content it is single, and these intelligent lock devices are all individually present, and can not be made smart lock Networking, especially be existed
Public affairs are rented a house or the fields such as apartment with hotel-styled services cannot achieve to smart lock carry out centralized management and data information cannot sort out control.
Summary of the invention
To solve the above-mentioned problems, the present invention provides a kind of cloud intelligent lock system and key pipe based on multi-enciphering mode
Reason method, to achieve the above object, the present invention adopts the following technical scheme that:
A kind of cloud intelligent lock system based on multi-enciphering mode, including smart lock, cloud management platform, client, it is special
Sign is that the smart lock is registered to cloud management platform using networking certification by NB-IOT network;The client according to
Family identity information matches the authority information of user bound fingerprint, access card and bluetooth, and authority information is uploaded to cloud management and is put down
Platform;Authority information generation ciphertext is sent to corresponding intelligence by smart lock communication key and Encryption Algorithm by the cloud management platform
Lock;The communication key includes the lock key being stored in smart lock safety chip, card key and lock bluetooth key, the cloud pipe
Platform disperses corresponding root key using key decentralized algorithm, forms one key of lock, one key of card and one key of a bluetooth.
Further, the networking certification uses bi-directional authentication, and the smart lock is to cloud management platform sending device
Information, the cloud management platform verifies equipment validity according to the facility information, if legal, the cloud management platform is sent
Encrypted result to the smart lock, the smart lock verifies encrypted result, completes verifying of the smart lock to cloud management platform;It is described
Smart lock sends the encrypted encrypted result of key to cloud management platform, and cloud management platform validation encrypted result is correct, completes cloud
Manage certification of the platform to smart lock.
Further, the access card is identity card, CPU card, and the CPU card is carried out close using PSAM card or safety chip
Key is examined, and the CPU card unifies hair fastener by cloud management platform.
Further, fingerprint key is requested to fingerprint module when the smart lock initializes, for smart lock and fingerprint mould
Communication encryption between block, client acquire user fingerprints information in user's registration to cloud management platform, cloud management platform system
One all kinds of finger print informations of management, form finger print information storehouse;After the smart lock registration networking, cloud management platform issues corresponding fingerprint
Information to smart lock, fingerprint carries out fingerprint recognition in intelligent lock end, and identifying can successfully unlock, while report the fingerprint pair of acquisition
User information is answered, cloud management platform confirms essential information and the operating time of user.
Further, the smart lock completes authentication registration to cloud management platform by networking initial key, obtains simultaneously
Lock key, card key, the lock bluetooth key of corresponding authority.
Further, the Encryption Algorithm includes 3des, des, sm1, sm4, sm7, aes.
A kind of key management method of the cloud intelligent lock system based on multi-enciphering mode, including the following steps:
Step S11, key generate:
Card key generates: acquisition card root key CMK first divides root key CMK according to dispersion factor card_id
It dissipates, generates different sub-keys, form one key of card, CK1 to CKn;
It locks key to generate: obtaining lock root key LMK first, root key LMK is divided according to dispersion factor _ dev_sn
It dissipates, generates different sub-keys, form one key of lock, LK1 to LKn;
It locks bluetooth key to generate: lock bluetooth root key BMK is obtained first, according to dispersion factor _ dev_sn to root key BMK
Dispersed, generate different sub-keys, forms one key of a bluetooth, BK1 to BKn;
Step S12, key authentication:
Networking certification: smart lock transmission _ dev_sn+random1 to cloud management platform, cloud management platform by importing in advance
Facility information dev_sn query facility legitimacy encrypt random1 using the communication key of corresponding dev_sn if legal
And carry new random number random2, des (random1)+random2, illegal prompt registration failure;Smart lock verifying
Random1 encrypted result completes verifying of the smart lock to cloud management platform, while sending the communication key LK encryption of smart lock
The result des (random2) of random2, whether the encrypted result of cloud management platform validation random2 is correct, completes cloud management
Certification of the platform to smart lock, if correctly, cloud management platform sends registering result clint_auth_result+dev_code
Failure information is returned to smart lock if authentification failure, event reports task next time for smart lock waiting, reenters registration
Process;
Bluetooth authentication: user mobile phone App passes through the keyword of bluetooth discovery smart lock, finds the keyword of corresponding smart lock
After initiate the connection, after smart lock successful connection, user mobile phone App to smart lock request random number, smart lock reply
Random1, user mobile phone App correspond to lock bluetooth key BKn to random number encryption using what cloud management platform authorization obtained, and will
Encrypted result is sent to smart lock, and smart lock decrypts it by locking bluetooth key BKn, sends after successful decryption and is verified letter
Breath continues to send the local permission of user UUID+ bluetooth token smart lock verifying, verifying to user mobile phone App, user mobile phone App
By then opening the door, verifying is not by disconnecting bluetooth connection then;
Access card certification: access card use CPU card, using PSAM card or safety chip progress key verification, smart lock to
CPU card requests random number, and CPU card replys random number random1, and smart lock uses safety chip according to the card_id of corresponding card
Or the CMK in PSAM card generates counterpart keys CKn, after encrypting using ciphering key Kn to random number random1, returns to encrypted result
It to CPU card, sends and is verified after CPU card successful decryption, smart lock starts to read the user right information in CPU card;
Step S13, delivering key:
Access card obtains the card root key CK with corresponding authority from cloud management platform by card sender;
The authentication registration on cloud management platform is completed by initial key when smart lock first time networking, while to cloud
It manages platform and obtains the card key CKn with corresponding authority, lock key LKn, lock bluetooth key BKn;
Step S14, key modification:
Modification mode one: smart lock key is modified by replacing psam card mode;
Modification mode two: server obtains the original cipher key LKn in smart lock safety chip, after original cipher key LKn is encrypted LKm
The ciphertext 3des (LKm) of obtained new key is sent to smart lock safety chip, replaces the original cipher key in smart lock safety chip
LKn realizes key modification.
Beneficial effects of the present invention:
1, smart lock is registered to cloud management platform using networking certification mode by NB-IOT network, by smart lock facility network
Network enables cloud management platform real-time monitoring smart lock equipment operation condition;
2, fingerprint typing, access card granting, mobile phone A pp connection bluetooth open the door permission authorize, all client according to
The effective identity information of user carry out it is unified match and permission binding, convenient for centralized management, especially hotel and public affairs rents a house, convenient for into
Administrative staff and safety management;
3, corresponding root key is dispersed using key decentralized algorithm, forms one key of lock, one key of card and a bluetooth one
Key and fingerprint key guarantee that different door-opening mode difference encryption code keys, same door-opening mode difference encrypt code key, fully ensure that
Safety.
Detailed description of the invention:
Fig. 1 is system construction drawing of the invention.
Fig. 2 is networking coded communication flow chart of the invention;
Fig. 3 is access card communication flow diagram of the invention;
Fig. 4 is Bluetooth encryption communication flow diagram of the invention;
Fig. 5 is fingerprint recognition communication flow diagram of the invention.
Fig. 6 is key management flow chart of the invention.
Specific embodiment:
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
As shown in Figure 1, smart lock and smart lock management platform are combined together by the present invention, make smart lock cloud management platform
Each smart lock is directly controlled, realizes Networking;Corresponding root key is dispersed using key decentralized algorithm, it is close to form a lock one
Key, one key of card and one key of a bluetooth and fingerprint key guarantee different door-opening mode difference encryption code keys, same enabling side
Formula difference encrypts code key, fully ensures that safety.
As cloud smart lock, by NB-IOT communication to operator base station (telecommunications, mobile, connection), by operator base station
Forwarding communication manages platform to smart lock.
Smart lock is registered to cloud management platform by networking certification mode, and smart lock passes through networking initial key to cloud management
Platform completes authentication registration, while obtaining the lock key, card key, lock bluetooth key of corresponding authority, and networking certification is using two-way
Authentication mode, smart lock verify equipment validity according to facility information to cloud management platform sending device information, cloud management platform,
If legal, cloud management platform sends encrypted result to the smart lock, and smart lock verifies encrypted result, completes smart lock to cloud
Manage the verifying of platform;Smart lock sends the encrypted encrypted result of key, the encryption of cloud management platform validation to cloud management platform
As a result correct, complete certification of the cloud management platform to smart lock.
Effective identity information matching user bound fingerprint, access card and the bluetooth submitted when client is according to user's registration
Authority information, and user right information is uploaded to cloud management platform, cloud management platform utilizes smart lock corresponding to authority information
Authority information is encrypted generation ciphertext and is issued to corresponding smart lock by communication key and Encryption Algorithm, and wherein Encryption Algorithm includes
3des, des, sm1, sm4, sm7, aes, communication key include the lock key being stored in smart lock safety chip, card key and
Bluetooth key is locked, cloud management platform disperses corresponding root key using key decentralized algorithm, forms one key of lock, one key of card
With one key of a bluetooth.
Safety chip is trusted console module, is the device that can independently carry out key generation, encryption and decryption, inside is gathered around
There are independent processor and storage unit, key and characteristic can be stored, encryption and Security Authentication Service are provided;With safe core
Piece is encrypted, and key is stored in hardware, and stolen data can not decrypt, so that business privacy and data safety are protected,
Access card is using identity card, CPU card etc., and wherein CPU card carries out key verification using PSAM card or safety chip,
CPU card unifies hair fastener by cloud management platform, and identity card passes through identity card identification tool, the information in captured identity card.Access card
Typing and granting are all carried out in client, and user submits effective identity information, handles the access card of anti-copying, which can
With general with the access card of gate inhibition's platform below the Large Tube platform, realization one card for multiple uses.
User fills in effective identity information by mobile phone A pp and registers, and user mobile phone App passes through bluetooth discovery smart lock
Keyword, initiate the connection after finding the keyword of corresponding smart lock, after smart lock successful connection, examined through property or public security
Authority information in client by user information and corresponding smart lock binding, and is uploaded cloud management platform, by cloud management platform by core
Unified management and permission issue, and open corresponding smart lock, realize that bluetooth is opened the door.
As shown in figure 5, request fingerprint key to fingerprint module when smart lock initializes, for smart lock and fingerprint module it
Between communication encryption, client acquires user fingerprints information in user's registration to cloud management platform, and cloud management platform is unified to manage
All kinds of finger print informations are managed, finger print information storehouse is formed;After the smart lock registration networking, cloud management platform issues corresponding finger print information
To smart lock, fingerprint carries out fingerprint recognition in intelligent lock end, and identifying can successfully unlock, while report the fingerprint of acquisition to application
Family information, cloud management platform confirm essential information and the operating time of user;On the one hand finger print information is avoided to lose, in addition a side
Face user avoids that only corresponding authority need to be opened by cloud management platform in the multiple typing finger print information of different zones.
Cloud management platform may be implemented to update the firmware remote upgrade of smart lock simultaneously.
As shown in fig. 6, the key management method of the cloud intelligent lock system based on multi-enciphering mode, including the following steps:
Step S11, key generate:
Card key generates: acquisition card root key CMK (CardManagekey) first, according to dispersion factor card_id (card
Sequence number) root key CMK (CardManagekey) is dispersed, different sub-keys are generated, form one key of card, CK1 is extremely
CKn;
It locks key to generate: obtaining lock root key LMK (LockManageKey) first, according to dispersion factor _ dev_sn (lock
Sequence number) root key LMK (LockManageKey) is dispersed, different sub-keys are generated, form one key of lock, LK1 is extremely
LKn;
Lock bluetooth key generate: first obtain lock bluetooth root key BMK (BluetoothManageKey), according to dispersion because
Son _ dev_sn (lock sequence number) disperses root key BMK (BluetoothManageKey), generates different sub-keys, shape
At one key of a bluetooth, BK1 to BKn;
Step S12, key authentication:
Networking certification: as shown in Fig. 2, smart lock transmission _ dev_sn+random1, to cloud management platform, cloud management platform is logical
After the facility information dev_sn query facility legitimacy imported in advance, if legal, the communication key of corresponding dev_sn is used
Encryption random1 simultaneously carries new random number random2, des (random1)+random2, illegal prompt registration failure;Intelligence
Verifying random1 encrypted result can be locked, completes verifying of the smart lock to cloud management platform, while sending the communication key of smart lock
The result des (random2) of the random2 of LK encryption, whether the encrypted result of cloud management platform validation random2 is correct, complete
Certification at cloud management platform to smart lock.If correct, cloud management platform sends registering result clint_auth_result+
Dev_code returns to failure information, event reports task next time for smart lock waiting, again if authentification failure to smart lock
Into register flow path;
Bluetooth authentication: as shown in figure 4, user mobile phone App passes through the keyword of bluetooth discovery smart lock, corresponding intelligence is found
It is initiated the connection after the keyword of lock, after smart lock successful connection, user mobile phone App requests random number, smart lock to smart lock
Reply random1, the corresponding lock bluetooth key BKn that user mobile phone App is obtained using cloud management platform authorization to random number encryption,
And encrypted result is sent to smart lock, smart lock decrypts it by locking bluetooth key BKn, and it is logical that verifying is sent after successful decryption
Information is crossed to continue to send the local permission of user UUID+ bluetooth token smart lock verifying to user mobile phone App, user mobile phone App,
It is verified, opens the door, verifying is not by disconnecting bluetooth connection then;
Access card certification: as shown in figure 3, access card uses CPU card, key inspection is carried out using PSAM card or safety chip
It tests, smart lock requests random number to CPU card, and CPU card replys random number random1, the card_id that smart lock blocks according to correspondence,
Counterpart keys CKn is generated using the CMK in safety chip or PSAM card, after being encrypted using ciphering key Kn to random number random1,
Encrypted result is returned to CPU card, sends and is verified after CPU card successful decryption, the user that smart lock starts to read in CPU card weighs
Limit information;
Step S13, delivering key:
Access card obtains the card root key CK with corresponding authority from cloud management platform by card sender;
The authentication registration on cloud management platform is completed by initial key when smart lock first time networking, while to cloud
It manages platform and obtains the card key CKn with corresponding authority, lock key LKn, lock bluetooth key BKn;
Step S14, key modification:
Modification mode one: smart lock key is modified by replacing psam card mode;
Modification mode two: server obtains the original cipher key LKn in smart lock safety chip, after original cipher key LKn is encrypted LKm
The ciphertext 3des (LKm) of obtained new key is sent to smart lock safety chip, replaces the original cipher key in smart lock safety chip
LKn realizes key modification.
It is obvious to a person skilled in the art that invention is not limited to the details of the above exemplary embodiments, Er Qie
In the case where without departing substantially from spirit or essential attributes of the invention, the present invention can be realized in other specific forms.Therefore, no matter
From the point of view of which point, the present embodiments are to be considered as illustrative and not restrictive, and the scope of the present invention is by appended power
Benefit requires rather than above description limits, it is intended that all by what is fallen within the meaning and scope of the equivalent elements of the claims
Variation is included within the present invention.Any reference signs in the claims should not be construed as limiting the involved claims.
In addition, it should be understood that although this specification is described in terms of embodiments, but not each embodiment is only wrapped
Containing an independent technical solution, this description of the specification is merely for the sake of clarity, and those skilled in the art should
It considers the specification as a whole, the technical solutions in the various embodiments may also be suitably combined, forms those skilled in the art
The other embodiments being understood that.
Claims (7)
1. a kind of cloud intelligent lock system based on multi-enciphering mode, including smart lock, cloud management platform, client, feature
It is, the smart lock is registered to cloud management platform using networking certification by NB-IOT network;The client is according to user
Identity information matches the authority information of user bound fingerprint, access card and bluetooth, and authority information is uploaded to cloud management platform;
Authority information generation ciphertext is sent to corresponding smart lock by smart lock communication key and Encryption Algorithm by the cloud management platform;
The communication key includes the lock key being stored in smart lock safety chip, card key and lock bluetooth key, the cloud management
Platform disperses corresponding root key using key decentralized algorithm, forms one key of lock, one key of card and one key of a bluetooth.
2. as described in claim 1 based on the cloud intelligent lock system of multi-enciphering mode, it is characterised in that: the networking certification
Using bi-directional authentication, the smart lock is set according to cloud management platform sending device information, the cloud management platform
Standby Information Authentication equipment validity, if legal, the cloud management platform sends encrypted result to the smart lock, the intelligence
Lock verifying encrypted result, completes verifying of the smart lock to cloud management platform;The smart lock sends key to cloud management platform and adds
Encrypted result after close, cloud management platform validation encrypted result is correct, completes certification of the cloud management platform to smart lock.
3. as described in claim 1 based on the cloud intelligent lock system of multi-enciphering mode, it is characterised in that: the access card is
Identity card, CPU card, the CPU card carry out key verification using PSAM card or safety chip, and the CPU card is by cloud management platform
Unified hair fastener.
4. as described in claim 1 based on the cloud intelligent lock system of multi-enciphering mode, it is characterised in that: at the beginning of the smart lock
Fingerprint key is requested to fingerprint module when beginningization, for the communication encryption between smart lock and fingerprint module, client is in user
User fingerprints information is acquired when registration to cloud management platform, all kinds of finger print informations of cloud management platform uniform management form fingerprint letter
Cease library;After smart lock registration networking, cloud management platform issues corresponding finger print information to smart lock, fingerprint intelligent lock end into
Row fingerprint recognition, identifying can successfully unlock, while report the fingerprint corresponding user information of acquisition, and cloud management platform confirms user
Essential information and the operating time.
5. as described in claim 1 based on the cloud intelligent lock system of multi-enciphering mode, it is characterised in that: the smart lock is logical
It crosses networking initial key and completes authentication registration to cloud management platform, while obtaining the lock key, card key, lock bluetooth of corresponding authority
Key.
6. as described in claim 1 based on the cloud intelligent lock system of multi-enciphering mode, it is characterised in that: the Encryption Algorithm
Including 3des, des, sm1, sm4, sm7, aes.
7. the key management side of the cloud intelligent lock system based on multi-enciphering mode described in application any of the above-described claim
Method, characterized in that it comprises the following steps:
Step S11, key generate:
Card key generates: acquisition card root key CMK first disperses root key CMK according to dispersion factor card_id, raw
At different sub-keys, one key of card, CK1 to CKn are formed;
It locks key to generate: obtaining lock root key LMK first, root key LMK is dispersed according to dispersion factor _ dev_sn, it is raw
At different sub-keys, one key of lock, LK1 to LKn are formed;
It locks bluetooth key to generate: obtaining lock bluetooth root key BMK first, root key BMK is carried out according to dispersion factor _ dev_sn
Dispersion generates different sub-keys, forms one key of a bluetooth, BK1 to BKn;
Step S12, key authentication:
Networking certification: smart lock transmission _ dev_sn+random1 to cloud management platform, cloud management platform are set by what is imported in advance
Standby information dev_sn query facility legitimacy encrypts random1 using the communication key of corresponding dev_sn and takes if legal
With new random number random2, des (random1)+random2, illegal prompt registration failure;Smart lock verifies random1
Encrypted result completes verifying of the smart lock to cloud management platform, while sending the random2 of the communication key LK encryption of smart lock
Result des (random2), whether the encrypted result of cloud management platform validation random2 correct, complete cloud management platform to intelligence
The certification that can be locked, if correctly, cloud management platform transmission registering result clint_auth_result+dev_code to smart lock,
If authentification failure, failure information is returned to, event reports task next time for smart lock waiting, reenters register flow path;
Bluetooth authentication: user mobile phone App passes through the keyword of bluetooth discovery smart lock, sends out after finding the keyword of corresponding smart lock
Connection is played, after smart lock successful connection, user mobile phone App requests random number to smart lock, and smart lock replys random1, uses
Family mobile phone A pp is sent out using the corresponding lock bluetooth key BKn that cloud management platform authorization obtains to random number encryption, and by encrypted result
It send to smart lock, smart lock decrypts it by locking bluetooth key BKn, sends after successful decryption and is verified information to user hand
Machine App, user mobile phone App continue to send the local permission of user UUID+ bluetooth token smart lock verifying, are verified, open the door,
Verifying is not by disconnecting bluetooth connection then;
Access card certification: access card uses CPU card, and using PSAM card or safety chip progress key verification, smart lock is to CPU card
Request random number, CPU card replys random number random1, smart lock according to the card_id of corresponding card, using safety chip or
CMK in PSAM card generates counterpart keys CKn, after encrypting using ciphering key Kn to random number random1, returns to encrypted result extremely
CPU card sends after CPU card successful decryption and is verified, and smart lock starts to read the user right information in CPU card;
Step S13, delivering key:
Access card obtains the card root key CK with corresponding authority from cloud management platform by card sender;
The authentication registration on cloud management platform is completed by initial key when smart lock first time networking, while to cloud management
Platform obtains the card key CKn with corresponding authority, lock key LKn, lock bluetooth key BKn;
Step S14, key modification:
Modification mode one: smart lock key is modified by replacing psam card mode;
Modification mode two: server obtains the original cipher key LKn in smart lock safety chip, obtains after original cipher key LKn is encrypted LKm
The ciphertext 3des (LKm) of new key be sent to smart lock safety chip, replace the original cipher key LKn in smart lock safety chip,
Realize key modification.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811547647.0A CN109448197A (en) | 2018-12-18 | 2018-12-18 | A kind of cloud intelligent lock system and key management method based on multi-enciphering mode |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811547647.0A CN109448197A (en) | 2018-12-18 | 2018-12-18 | A kind of cloud intelligent lock system and key management method based on multi-enciphering mode |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109448197A true CN109448197A (en) | 2019-03-08 |
Family
ID=65558933
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811547647.0A Pending CN109448197A (en) | 2018-12-18 | 2018-12-18 | A kind of cloud intelligent lock system and key management method based on multi-enciphering mode |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109448197A (en) |
Cited By (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110300289A (en) * | 2019-07-31 | 2019-10-01 | 北京中安国通科技有限公司 | Video security management system and method |
CN110321173A (en) * | 2019-06-18 | 2019-10-11 | 广东汇泰龙科技股份有限公司 | A kind of door lock is switched fast the method and intelligent cloud lock of wireless communication module and firmware |
CN110324358A (en) * | 2019-07-31 | 2019-10-11 | 北京中安国通科技有限公司 | Video data manages authentication method, module, equipment and platform |
CN110390746A (en) * | 2019-06-16 | 2019-10-29 | 广州智慧城市发展研究院 | A kind of implementation method of fingerprint anti-theft gate inhibition |
CN110533816A (en) * | 2019-09-03 | 2019-12-03 | 中国联合网络通信集团有限公司 | A kind of remote encryption method and apparatus of the authorization fingerprint of electronic fingerprint lock |
CN112152963A (en) * | 2019-06-26 | 2020-12-29 | 国民技术股份有限公司 | Intelligent lock, security platform and authentication method thereof |
CN112350900A (en) * | 2019-10-12 | 2021-02-09 | 广州市千博网络科技有限公司 | Safety switch control method and module based on Bluetooth and WeChat applet |
CN112598827A (en) * | 2020-12-25 | 2021-04-02 | 北京智芯微电子科技有限公司 | Intelligent lock authentication method, security chip, intelligent lock and management system thereof |
CN113163381A (en) * | 2021-04-16 | 2021-07-23 | 横店集团得邦照明股份有限公司 | Intelligent lamp supporting rapid distribution network and implementation method thereof |
CN113470224A (en) * | 2021-06-16 | 2021-10-01 | 支付宝(杭州)信息技术有限公司 | Unlocking method and system |
CN113688187A (en) * | 2021-10-26 | 2021-11-23 | 杭州宇链科技有限公司 | Digital block chain supervision platform for hazardous chemical safety production |
CN113781675A (en) * | 2021-08-19 | 2021-12-10 | 杭州宇链科技有限公司 | Credible polling and card punching method |
CN114267100A (en) * | 2021-11-11 | 2022-04-01 | 北京智芯微电子科技有限公司 | Unlocking authentication method and device, security chip and electronic key management system |
CN114299645A (en) * | 2022-01-12 | 2022-04-08 | 初蓝物联科技(上海)有限公司 | Encryption communication method for padlock of Internet of things |
WO2022100658A1 (en) * | 2020-11-16 | 2022-05-19 | 杭州海康威视数字技术股份有限公司 | Method and system for changing key in security module |
CN114999031A (en) * | 2022-05-26 | 2022-09-02 | 重庆长安汽车股份有限公司 | Key management method for Bluetooth key safety vehicle control |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103473844A (en) * | 2013-10-12 | 2013-12-25 | 东信和平科技股份有限公司 | Intelligent control method and intelligent control system for public rental housing |
CN104022886A (en) * | 2014-06-27 | 2014-09-03 | 深圳市捷顺科技实业股份有限公司 | Safety authentication method applied to parking lot as well as related device and system |
CN105261104A (en) * | 2015-11-24 | 2016-01-20 | 重庆理工大学 | Bluetooth door lock system based on intelligent terminal, and control method of Bluetooth door lock system |
CN108055235A (en) * | 2017-11-01 | 2018-05-18 | 华中科技大学 | A kind of control method of smart lock, relevant device and system |
CN108109242A (en) * | 2017-12-21 | 2018-06-01 | 广东汇泰龙科技有限公司 | A kind of hardware encryption method unlocked based on fingerprint, system, intelligent cloud lock |
-
2018
- 2018-12-18 CN CN201811547647.0A patent/CN109448197A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103473844A (en) * | 2013-10-12 | 2013-12-25 | 东信和平科技股份有限公司 | Intelligent control method and intelligent control system for public rental housing |
CN104022886A (en) * | 2014-06-27 | 2014-09-03 | 深圳市捷顺科技实业股份有限公司 | Safety authentication method applied to parking lot as well as related device and system |
CN105261104A (en) * | 2015-11-24 | 2016-01-20 | 重庆理工大学 | Bluetooth door lock system based on intelligent terminal, and control method of Bluetooth door lock system |
CN108055235A (en) * | 2017-11-01 | 2018-05-18 | 华中科技大学 | A kind of control method of smart lock, relevant device and system |
CN108109242A (en) * | 2017-12-21 | 2018-06-01 | 广东汇泰龙科技有限公司 | A kind of hardware encryption method unlocked based on fingerprint, system, intelligent cloud lock |
Cited By (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110390746A (en) * | 2019-06-16 | 2019-10-29 | 广州智慧城市发展研究院 | A kind of implementation method of fingerprint anti-theft gate inhibition |
CN110321173A (en) * | 2019-06-18 | 2019-10-11 | 广东汇泰龙科技股份有限公司 | A kind of door lock is switched fast the method and intelligent cloud lock of wireless communication module and firmware |
CN110321173B (en) * | 2019-06-18 | 2022-05-27 | 广东汇泰龙科技股份有限公司 | Method for rapidly switching wireless communication module and firmware of door lock and intelligent cloud lock |
CN112152963B (en) * | 2019-06-26 | 2024-04-09 | 国民技术股份有限公司 | Intelligent lock, security platform and authentication method thereof |
CN112152963A (en) * | 2019-06-26 | 2020-12-29 | 国民技术股份有限公司 | Intelligent lock, security platform and authentication method thereof |
WO2020259397A1 (en) * | 2019-06-26 | 2020-12-30 | 国民技术股份有限公司 | Smart lock, security platform and authentication method therefor |
CN110300289A (en) * | 2019-07-31 | 2019-10-01 | 北京中安国通科技有限公司 | Video security management system and method |
CN110324358A (en) * | 2019-07-31 | 2019-10-11 | 北京中安国通科技有限公司 | Video data manages authentication method, module, equipment and platform |
CN110324358B (en) * | 2019-07-31 | 2020-05-05 | 北京中安国通科技有限公司 | Video data management and control authentication method, module, equipment and platform |
CN110300289B (en) * | 2019-07-31 | 2020-08-21 | 北京中安国通科技有限公司 | Video safety management system and method |
CN110533816B (en) * | 2019-09-03 | 2021-07-27 | 中国联合网络通信集团有限公司 | Remote encryption method and device for authorized fingerprint of electronic fingerprint lock |
CN110533816A (en) * | 2019-09-03 | 2019-12-03 | 中国联合网络通信集团有限公司 | A kind of remote encryption method and apparatus of the authorization fingerprint of electronic fingerprint lock |
CN112350900B (en) * | 2019-10-12 | 2022-02-15 | 广州市千博网络科技有限公司 | Safety switch control method based on Bluetooth and WeChat applet |
CN112350900A (en) * | 2019-10-12 | 2021-02-09 | 广州市千博网络科技有限公司 | Safety switch control method and module based on Bluetooth and WeChat applet |
WO2022100658A1 (en) * | 2020-11-16 | 2022-05-19 | 杭州海康威视数字技术股份有限公司 | Method and system for changing key in security module |
CN112598827A (en) * | 2020-12-25 | 2021-04-02 | 北京智芯微电子科技有限公司 | Intelligent lock authentication method, security chip, intelligent lock and management system thereof |
CN113163381B (en) * | 2021-04-16 | 2024-04-12 | 横店集团得邦照明股份有限公司 | Intelligent lamp supporting rapid distribution network and implementation method thereof |
CN113163381A (en) * | 2021-04-16 | 2021-07-23 | 横店集团得邦照明股份有限公司 | Intelligent lamp supporting rapid distribution network and implementation method thereof |
CN113470224A (en) * | 2021-06-16 | 2021-10-01 | 支付宝(杭州)信息技术有限公司 | Unlocking method and system |
CN113781675A (en) * | 2021-08-19 | 2021-12-10 | 杭州宇链科技有限公司 | Credible polling and card punching method |
US11811956B2 (en) | 2021-10-26 | 2023-11-07 | Hangzhou Vastchain Technology Co., Ltd | Blockchain-based supervision system of hazardous chemical production |
CN113688187B (en) * | 2021-10-26 | 2022-02-08 | 杭州宇链科技有限公司 | Digital block chain supervision platform for hazardous chemical safety production |
CN113688187A (en) * | 2021-10-26 | 2021-11-23 | 杭州宇链科技有限公司 | Digital block chain supervision platform for hazardous chemical safety production |
CN114267100A (en) * | 2021-11-11 | 2022-04-01 | 北京智芯微电子科技有限公司 | Unlocking authentication method and device, security chip and electronic key management system |
CN114267100B (en) * | 2021-11-11 | 2024-05-14 | 北京智芯微电子科技有限公司 | Unlocking authentication method and device, security chip and electronic key management system |
CN114299645A (en) * | 2022-01-12 | 2022-04-08 | 初蓝物联科技(上海)有限公司 | Encryption communication method for padlock of Internet of things |
CN114999031A (en) * | 2022-05-26 | 2022-09-02 | 重庆长安汽车股份有限公司 | Key management method for Bluetooth key safety vehicle control |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109448197A (en) | A kind of cloud intelligent lock system and key management method based on multi-enciphering mode | |
CN109410406B (en) | Authorization method, device and system | |
CN111478917B (en) | Background system for providing network service for access control device and user terminal | |
CN107978047B (en) | Use the methods, devices and systems of password unlocking | |
US9654468B2 (en) | System and method for secure remote biometric authentication | |
CN108712389B (en) | Intelligent lock system | |
EP1866873B1 (en) | Method, system, personal security device and computer program product for cryptographically secured biometric authentication | |
KR102514429B1 (en) | Update of biometric data template | |
CN105122265B (en) | Data safety service system | |
CN103544746A (en) | Electronic access control system of dynamic bar code | |
CN106161402A (en) | Encryption equipment key injected system based on cloud environment, method and device | |
CN104270338A (en) | A method and system of electronic identity registration and authentication login | |
CN102217277A (en) | Method and system for token-based authentication | |
CN1395776A (en) | Method for issuing an electronic identity | |
JP6667371B2 (en) | Communication system, communication device, communication method, and program | |
WO2019204954A1 (en) | Smart lock system | |
JP7172716B2 (en) | Authorization system, management server and authorization method | |
CN109889669A (en) | A kind of unlocked by mobile telephone method and system based on secure cryptographic algorithm | |
CN1808975B (en) | System and method of preventing network account from stolen | |
US10148433B1 (en) | Private key/public key resource protection scheme | |
WO2022033959A1 (en) | Method and system for authentication of a computing device | |
JPH05298174A (en) | Remote file access system | |
JP6174796B2 (en) | Security system, management device, permission device, terminal device, security method, and program | |
US20230412400A1 (en) | Method for suspending protection of an object achieved by a protection device | |
TWI725623B (en) | Point-to-point authority management method based on manager's self-issued tickets |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20190308 |