CN109448197A - A kind of cloud intelligent lock system and key management method based on multi-enciphering mode - Google Patents

A kind of cloud intelligent lock system and key management method based on multi-enciphering mode Download PDF

Info

Publication number
CN109448197A
CN109448197A CN201811547647.0A CN201811547647A CN109448197A CN 109448197 A CN109448197 A CN 109448197A CN 201811547647 A CN201811547647 A CN 201811547647A CN 109448197 A CN109448197 A CN 109448197A
Authority
CN
China
Prior art keywords
key
smart lock
management platform
lock
card
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811547647.0A
Other languages
Chinese (zh)
Inventor
陈水明
范孜文
王成
周丹丹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
HANGZHOU GOGENIUS TECHNOLOGY Co Ltd
Original Assignee
HANGZHOU GOGENIUS TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by HANGZHOU GOGENIUS TECHNOLOGY Co Ltd filed Critical HANGZHOU GOGENIUS TECHNOLOGY Co Ltd
Priority to CN201811547647.0A priority Critical patent/CN109448197A/en
Publication of CN109448197A publication Critical patent/CN109448197A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00563Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys using personal physical data of the operator, e.g. finger prints, retinal images, voicepatterns
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00571Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Lock And Its Accessories (AREA)

Abstract

The present invention relates to a kind of cloud intelligent lock system and key management method based on multi-enciphering mode, including smart lock, cloud management platform, client, the smart lock is registered to cloud management platform using networking certification by NB-IOT network;The client matches the authority information of user bound fingerprint, access card and bluetooth according to subscriber identity information, and authority information generation ciphertext is sent to corresponding smart lock by smart lock communication key and Encryption Algorithm;The cloud management platform disperses corresponding root key using key decentralized algorithm, forms one key of lock, one key of card and one key of a bluetooth;Cloud management platform is registered to using networking certification mode, makes smart lock device network, convenient for centralized management, especially hotel and public affairs rents a house, and is convenient for personnel and safety management, encrypts code key using different door-opening mode differences, same door-opening mode difference encrypts code key, fully ensures that safety.

Description

A kind of cloud intelligent lock system and key management method based on multi-enciphering mode
Technical field: the present invention relates to smart lock technical fields more particularly to a kind of based on multi-enciphering mode Cloud intelligent lock system and key management method.
Background technique
There are many smart lock type to circulate currently on the market, except common password, fingerprint, common IC card, ID card enabling side Outside formula, there are also the wireless door-opening mode such as zigbee, wifi, bluetooth, however these smart locks still remain following problems, password, Fingerprint uses front end typing, and password, finger print information are resident locally, are easily lost after data input and are not easy to manage, deposit simultaneously In risk;Traditional IC card or ID card lack encryption mechanism, cause to be easy to be replicated, safety is low;Wifi, bluetooth or The networking mode of zigbee needs to increase the extras such as Tandem Gateway, and there is the security risk being cracked;The above is opened The smart lock of door mode all lacks safe encryption mechanism, although also having using software and hardware communication encryption, data encryption mode list One or encryption content it is single, and these intelligent lock devices are all individually present, and can not be made smart lock Networking, especially be existed Public affairs are rented a house or the fields such as apartment with hotel-styled services cannot achieve to smart lock carry out centralized management and data information cannot sort out control.
Summary of the invention
To solve the above-mentioned problems, the present invention provides a kind of cloud intelligent lock system and key pipe based on multi-enciphering mode Reason method, to achieve the above object, the present invention adopts the following technical scheme that:
A kind of cloud intelligent lock system based on multi-enciphering mode, including smart lock, cloud management platform, client, it is special Sign is that the smart lock is registered to cloud management platform using networking certification by NB-IOT network;The client according to Family identity information matches the authority information of user bound fingerprint, access card and bluetooth, and authority information is uploaded to cloud management and is put down Platform;Authority information generation ciphertext is sent to corresponding intelligence by smart lock communication key and Encryption Algorithm by the cloud management platform Lock;The communication key includes the lock key being stored in smart lock safety chip, card key and lock bluetooth key, the cloud pipe Platform disperses corresponding root key using key decentralized algorithm, forms one key of lock, one key of card and one key of a bluetooth.
Further, the networking certification uses bi-directional authentication, and the smart lock is to cloud management platform sending device Information, the cloud management platform verifies equipment validity according to the facility information, if legal, the cloud management platform is sent Encrypted result to the smart lock, the smart lock verifies encrypted result, completes verifying of the smart lock to cloud management platform;It is described Smart lock sends the encrypted encrypted result of key to cloud management platform, and cloud management platform validation encrypted result is correct, completes cloud Manage certification of the platform to smart lock.
Further, the access card is identity card, CPU card, and the CPU card is carried out close using PSAM card or safety chip Key is examined, and the CPU card unifies hair fastener by cloud management platform.
Further, fingerprint key is requested to fingerprint module when the smart lock initializes, for smart lock and fingerprint mould Communication encryption between block, client acquire user fingerprints information in user's registration to cloud management platform, cloud management platform system One all kinds of finger print informations of management, form finger print information storehouse;After the smart lock registration networking, cloud management platform issues corresponding fingerprint Information to smart lock, fingerprint carries out fingerprint recognition in intelligent lock end, and identifying can successfully unlock, while report the fingerprint pair of acquisition User information is answered, cloud management platform confirms essential information and the operating time of user.
Further, the smart lock completes authentication registration to cloud management platform by networking initial key, obtains simultaneously Lock key, card key, the lock bluetooth key of corresponding authority.
Further, the Encryption Algorithm includes 3des, des, sm1, sm4, sm7, aes.
A kind of key management method of the cloud intelligent lock system based on multi-enciphering mode, including the following steps:
Step S11, key generate:
Card key generates: acquisition card root key CMK first divides root key CMK according to dispersion factor card_id It dissipates, generates different sub-keys, form one key of card, CK1 to CKn;
It locks key to generate: obtaining lock root key LMK first, root key LMK is divided according to dispersion factor _ dev_sn It dissipates, generates different sub-keys, form one key of lock, LK1 to LKn;
It locks bluetooth key to generate: lock bluetooth root key BMK is obtained first, according to dispersion factor _ dev_sn to root key BMK Dispersed, generate different sub-keys, forms one key of a bluetooth, BK1 to BKn;
Step S12, key authentication:
Networking certification: smart lock transmission _ dev_sn+random1 to cloud management platform, cloud management platform by importing in advance Facility information dev_sn query facility legitimacy encrypt random1 using the communication key of corresponding dev_sn if legal And carry new random number random2, des (random1)+random2, illegal prompt registration failure;Smart lock verifying Random1 encrypted result completes verifying of the smart lock to cloud management platform, while sending the communication key LK encryption of smart lock The result des (random2) of random2, whether the encrypted result of cloud management platform validation random2 is correct, completes cloud management Certification of the platform to smart lock, if correctly, cloud management platform sends registering result clint_auth_result+dev_code Failure information is returned to smart lock if authentification failure, event reports task next time for smart lock waiting, reenters registration Process;
Bluetooth authentication: user mobile phone App passes through the keyword of bluetooth discovery smart lock, finds the keyword of corresponding smart lock After initiate the connection, after smart lock successful connection, user mobile phone App to smart lock request random number, smart lock reply Random1, user mobile phone App correspond to lock bluetooth key BKn to random number encryption using what cloud management platform authorization obtained, and will Encrypted result is sent to smart lock, and smart lock decrypts it by locking bluetooth key BKn, sends after successful decryption and is verified letter Breath continues to send the local permission of user UUID+ bluetooth token smart lock verifying, verifying to user mobile phone App, user mobile phone App By then opening the door, verifying is not by disconnecting bluetooth connection then;
Access card certification: access card use CPU card, using PSAM card or safety chip progress key verification, smart lock to CPU card requests random number, and CPU card replys random number random1, and smart lock uses safety chip according to the card_id of corresponding card Or the CMK in PSAM card generates counterpart keys CKn, after encrypting using ciphering key Kn to random number random1, returns to encrypted result It to CPU card, sends and is verified after CPU card successful decryption, smart lock starts to read the user right information in CPU card;
Step S13, delivering key:
Access card obtains the card root key CK with corresponding authority from cloud management platform by card sender;
The authentication registration on cloud management platform is completed by initial key when smart lock first time networking, while to cloud It manages platform and obtains the card key CKn with corresponding authority, lock key LKn, lock bluetooth key BKn;
Step S14, key modification:
Modification mode one: smart lock key is modified by replacing psam card mode;
Modification mode two: server obtains the original cipher key LKn in smart lock safety chip, after original cipher key LKn is encrypted LKm The ciphertext 3des (LKm) of obtained new key is sent to smart lock safety chip, replaces the original cipher key in smart lock safety chip LKn realizes key modification.
Beneficial effects of the present invention:
1, smart lock is registered to cloud management platform using networking certification mode by NB-IOT network, by smart lock facility network Network enables cloud management platform real-time monitoring smart lock equipment operation condition;
2, fingerprint typing, access card granting, mobile phone A pp connection bluetooth open the door permission authorize, all client according to The effective identity information of user carry out it is unified match and permission binding, convenient for centralized management, especially hotel and public affairs rents a house, convenient for into Administrative staff and safety management;
3, corresponding root key is dispersed using key decentralized algorithm, forms one key of lock, one key of card and a bluetooth one Key and fingerprint key guarantee that different door-opening mode difference encryption code keys, same door-opening mode difference encrypt code key, fully ensure that Safety.
Detailed description of the invention:
Fig. 1 is system construction drawing of the invention.
Fig. 2 is networking coded communication flow chart of the invention;
Fig. 3 is access card communication flow diagram of the invention;
Fig. 4 is Bluetooth encryption communication flow diagram of the invention;
Fig. 5 is fingerprint recognition communication flow diagram of the invention.
Fig. 6 is key management flow chart of the invention.
Specific embodiment:
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall within the protection scope of the present invention.
As shown in Figure 1, smart lock and smart lock management platform are combined together by the present invention, make smart lock cloud management platform Each smart lock is directly controlled, realizes Networking;Corresponding root key is dispersed using key decentralized algorithm, it is close to form a lock one Key, one key of card and one key of a bluetooth and fingerprint key guarantee different door-opening mode difference encryption code keys, same enabling side Formula difference encrypts code key, fully ensures that safety.
As cloud smart lock, by NB-IOT communication to operator base station (telecommunications, mobile, connection), by operator base station Forwarding communication manages platform to smart lock.
Smart lock is registered to cloud management platform by networking certification mode, and smart lock passes through networking initial key to cloud management Platform completes authentication registration, while obtaining the lock key, card key, lock bluetooth key of corresponding authority, and networking certification is using two-way Authentication mode, smart lock verify equipment validity according to facility information to cloud management platform sending device information, cloud management platform, If legal, cloud management platform sends encrypted result to the smart lock, and smart lock verifies encrypted result, completes smart lock to cloud Manage the verifying of platform;Smart lock sends the encrypted encrypted result of key, the encryption of cloud management platform validation to cloud management platform As a result correct, complete certification of the cloud management platform to smart lock.
Effective identity information matching user bound fingerprint, access card and the bluetooth submitted when client is according to user's registration Authority information, and user right information is uploaded to cloud management platform, cloud management platform utilizes smart lock corresponding to authority information Authority information is encrypted generation ciphertext and is issued to corresponding smart lock by communication key and Encryption Algorithm, and wherein Encryption Algorithm includes 3des, des, sm1, sm4, sm7, aes, communication key include the lock key being stored in smart lock safety chip, card key and Bluetooth key is locked, cloud management platform disperses corresponding root key using key decentralized algorithm, forms one key of lock, one key of card With one key of a bluetooth.
Safety chip is trusted console module, is the device that can independently carry out key generation, encryption and decryption, inside is gathered around There are independent processor and storage unit, key and characteristic can be stored, encryption and Security Authentication Service are provided;With safe core Piece is encrypted, and key is stored in hardware, and stolen data can not decrypt, so that business privacy and data safety are protected,
Access card is using identity card, CPU card etc., and wherein CPU card carries out key verification using PSAM card or safety chip, CPU card unifies hair fastener by cloud management platform, and identity card passes through identity card identification tool, the information in captured identity card.Access card Typing and granting are all carried out in client, and user submits effective identity information, handles the access card of anti-copying, which can With general with the access card of gate inhibition's platform below the Large Tube platform, realization one card for multiple uses.
User fills in effective identity information by mobile phone A pp and registers, and user mobile phone App passes through bluetooth discovery smart lock Keyword, initiate the connection after finding the keyword of corresponding smart lock, after smart lock successful connection, examined through property or public security Authority information in client by user information and corresponding smart lock binding, and is uploaded cloud management platform, by cloud management platform by core Unified management and permission issue, and open corresponding smart lock, realize that bluetooth is opened the door.
As shown in figure 5, request fingerprint key to fingerprint module when smart lock initializes, for smart lock and fingerprint module it Between communication encryption, client acquires user fingerprints information in user's registration to cloud management platform, and cloud management platform is unified to manage All kinds of finger print informations are managed, finger print information storehouse is formed;After the smart lock registration networking, cloud management platform issues corresponding finger print information To smart lock, fingerprint carries out fingerprint recognition in intelligent lock end, and identifying can successfully unlock, while report the fingerprint of acquisition to application Family information, cloud management platform confirm essential information and the operating time of user;On the one hand finger print information is avoided to lose, in addition a side Face user avoids that only corresponding authority need to be opened by cloud management platform in the multiple typing finger print information of different zones.
Cloud management platform may be implemented to update the firmware remote upgrade of smart lock simultaneously.
As shown in fig. 6, the key management method of the cloud intelligent lock system based on multi-enciphering mode, including the following steps:
Step S11, key generate:
Card key generates: acquisition card root key CMK (CardManagekey) first, according to dispersion factor card_id (card Sequence number) root key CMK (CardManagekey) is dispersed, different sub-keys are generated, form one key of card, CK1 is extremely CKn;
It locks key to generate: obtaining lock root key LMK (LockManageKey) first, according to dispersion factor _ dev_sn (lock Sequence number) root key LMK (LockManageKey) is dispersed, different sub-keys are generated, form one key of lock, LK1 is extremely LKn;
Lock bluetooth key generate: first obtain lock bluetooth root key BMK (BluetoothManageKey), according to dispersion because Son _ dev_sn (lock sequence number) disperses root key BMK (BluetoothManageKey), generates different sub-keys, shape At one key of a bluetooth, BK1 to BKn;
Step S12, key authentication:
Networking certification: as shown in Fig. 2, smart lock transmission _ dev_sn+random1, to cloud management platform, cloud management platform is logical After the facility information dev_sn query facility legitimacy imported in advance, if legal, the communication key of corresponding dev_sn is used Encryption random1 simultaneously carries new random number random2, des (random1)+random2, illegal prompt registration failure;Intelligence Verifying random1 encrypted result can be locked, completes verifying of the smart lock to cloud management platform, while sending the communication key of smart lock The result des (random2) of the random2 of LK encryption, whether the encrypted result of cloud management platform validation random2 is correct, complete Certification at cloud management platform to smart lock.If correct, cloud management platform sends registering result clint_auth_result+ Dev_code returns to failure information, event reports task next time for smart lock waiting, again if authentification failure to smart lock Into register flow path;
Bluetooth authentication: as shown in figure 4, user mobile phone App passes through the keyword of bluetooth discovery smart lock, corresponding intelligence is found It is initiated the connection after the keyword of lock, after smart lock successful connection, user mobile phone App requests random number, smart lock to smart lock Reply random1, the corresponding lock bluetooth key BKn that user mobile phone App is obtained using cloud management platform authorization to random number encryption, And encrypted result is sent to smart lock, smart lock decrypts it by locking bluetooth key BKn, and it is logical that verifying is sent after successful decryption Information is crossed to continue to send the local permission of user UUID+ bluetooth token smart lock verifying to user mobile phone App, user mobile phone App, It is verified, opens the door, verifying is not by disconnecting bluetooth connection then;
Access card certification: as shown in figure 3, access card uses CPU card, key inspection is carried out using PSAM card or safety chip It tests, smart lock requests random number to CPU card, and CPU card replys random number random1, the card_id that smart lock blocks according to correspondence, Counterpart keys CKn is generated using the CMK in safety chip or PSAM card, after being encrypted using ciphering key Kn to random number random1, Encrypted result is returned to CPU card, sends and is verified after CPU card successful decryption, the user that smart lock starts to read in CPU card weighs Limit information;
Step S13, delivering key:
Access card obtains the card root key CK with corresponding authority from cloud management platform by card sender;
The authentication registration on cloud management platform is completed by initial key when smart lock first time networking, while to cloud It manages platform and obtains the card key CKn with corresponding authority, lock key LKn, lock bluetooth key BKn;
Step S14, key modification:
Modification mode one: smart lock key is modified by replacing psam card mode;
Modification mode two: server obtains the original cipher key LKn in smart lock safety chip, after original cipher key LKn is encrypted LKm The ciphertext 3des (LKm) of obtained new key is sent to smart lock safety chip, replaces the original cipher key in smart lock safety chip LKn realizes key modification.
It is obvious to a person skilled in the art that invention is not limited to the details of the above exemplary embodiments, Er Qie In the case where without departing substantially from spirit or essential attributes of the invention, the present invention can be realized in other specific forms.Therefore, no matter From the point of view of which point, the present embodiments are to be considered as illustrative and not restrictive, and the scope of the present invention is by appended power Benefit requires rather than above description limits, it is intended that all by what is fallen within the meaning and scope of the equivalent elements of the claims Variation is included within the present invention.Any reference signs in the claims should not be construed as limiting the involved claims.
In addition, it should be understood that although this specification is described in terms of embodiments, but not each embodiment is only wrapped Containing an independent technical solution, this description of the specification is merely for the sake of clarity, and those skilled in the art should It considers the specification as a whole, the technical solutions in the various embodiments may also be suitably combined, forms those skilled in the art The other embodiments being understood that.

Claims (7)

1. a kind of cloud intelligent lock system based on multi-enciphering mode, including smart lock, cloud management platform, client, feature It is, the smart lock is registered to cloud management platform using networking certification by NB-IOT network;The client is according to user Identity information matches the authority information of user bound fingerprint, access card and bluetooth, and authority information is uploaded to cloud management platform; Authority information generation ciphertext is sent to corresponding smart lock by smart lock communication key and Encryption Algorithm by the cloud management platform; The communication key includes the lock key being stored in smart lock safety chip, card key and lock bluetooth key, the cloud management Platform disperses corresponding root key using key decentralized algorithm, forms one key of lock, one key of card and one key of a bluetooth.
2. as described in claim 1 based on the cloud intelligent lock system of multi-enciphering mode, it is characterised in that: the networking certification Using bi-directional authentication, the smart lock is set according to cloud management platform sending device information, the cloud management platform Standby Information Authentication equipment validity, if legal, the cloud management platform sends encrypted result to the smart lock, the intelligence Lock verifying encrypted result, completes verifying of the smart lock to cloud management platform;The smart lock sends key to cloud management platform and adds Encrypted result after close, cloud management platform validation encrypted result is correct, completes certification of the cloud management platform to smart lock.
3. as described in claim 1 based on the cloud intelligent lock system of multi-enciphering mode, it is characterised in that: the access card is Identity card, CPU card, the CPU card carry out key verification using PSAM card or safety chip, and the CPU card is by cloud management platform Unified hair fastener.
4. as described in claim 1 based on the cloud intelligent lock system of multi-enciphering mode, it is characterised in that: at the beginning of the smart lock Fingerprint key is requested to fingerprint module when beginningization, for the communication encryption between smart lock and fingerprint module, client is in user User fingerprints information is acquired when registration to cloud management platform, all kinds of finger print informations of cloud management platform uniform management form fingerprint letter Cease library;After smart lock registration networking, cloud management platform issues corresponding finger print information to smart lock, fingerprint intelligent lock end into Row fingerprint recognition, identifying can successfully unlock, while report the fingerprint corresponding user information of acquisition, and cloud management platform confirms user Essential information and the operating time.
5. as described in claim 1 based on the cloud intelligent lock system of multi-enciphering mode, it is characterised in that: the smart lock is logical It crosses networking initial key and completes authentication registration to cloud management platform, while obtaining the lock key, card key, lock bluetooth of corresponding authority Key.
6. as described in claim 1 based on the cloud intelligent lock system of multi-enciphering mode, it is characterised in that: the Encryption Algorithm Including 3des, des, sm1, sm4, sm7, aes.
7. the key management side of the cloud intelligent lock system based on multi-enciphering mode described in application any of the above-described claim Method, characterized in that it comprises the following steps:
Step S11, key generate:
Card key generates: acquisition card root key CMK first disperses root key CMK according to dispersion factor card_id, raw At different sub-keys, one key of card, CK1 to CKn are formed;
It locks key to generate: obtaining lock root key LMK first, root key LMK is dispersed according to dispersion factor _ dev_sn, it is raw At different sub-keys, one key of lock, LK1 to LKn are formed;
It locks bluetooth key to generate: obtaining lock bluetooth root key BMK first, root key BMK is carried out according to dispersion factor _ dev_sn Dispersion generates different sub-keys, forms one key of a bluetooth, BK1 to BKn;
Step S12, key authentication:
Networking certification: smart lock transmission _ dev_sn+random1 to cloud management platform, cloud management platform are set by what is imported in advance Standby information dev_sn query facility legitimacy encrypts random1 using the communication key of corresponding dev_sn and takes if legal With new random number random2, des (random1)+random2, illegal prompt registration failure;Smart lock verifies random1 Encrypted result completes verifying of the smart lock to cloud management platform, while sending the random2 of the communication key LK encryption of smart lock Result des (random2), whether the encrypted result of cloud management platform validation random2 correct, complete cloud management platform to intelligence The certification that can be locked, if correctly, cloud management platform transmission registering result clint_auth_result+dev_code to smart lock, If authentification failure, failure information is returned to, event reports task next time for smart lock waiting, reenters register flow path;
Bluetooth authentication: user mobile phone App passes through the keyword of bluetooth discovery smart lock, sends out after finding the keyword of corresponding smart lock Connection is played, after smart lock successful connection, user mobile phone App requests random number to smart lock, and smart lock replys random1, uses Family mobile phone A pp is sent out using the corresponding lock bluetooth key BKn that cloud management platform authorization obtains to random number encryption, and by encrypted result It send to smart lock, smart lock decrypts it by locking bluetooth key BKn, sends after successful decryption and is verified information to user hand Machine App, user mobile phone App continue to send the local permission of user UUID+ bluetooth token smart lock verifying, are verified, open the door, Verifying is not by disconnecting bluetooth connection then;
Access card certification: access card uses CPU card, and using PSAM card or safety chip progress key verification, smart lock is to CPU card Request random number, CPU card replys random number random1, smart lock according to the card_id of corresponding card, using safety chip or CMK in PSAM card generates counterpart keys CKn, after encrypting using ciphering key Kn to random number random1, returns to encrypted result extremely CPU card sends after CPU card successful decryption and is verified, and smart lock starts to read the user right information in CPU card;
Step S13, delivering key:
Access card obtains the card root key CK with corresponding authority from cloud management platform by card sender;
The authentication registration on cloud management platform is completed by initial key when smart lock first time networking, while to cloud management Platform obtains the card key CKn with corresponding authority, lock key LKn, lock bluetooth key BKn;
Step S14, key modification:
Modification mode one: smart lock key is modified by replacing psam card mode;
Modification mode two: server obtains the original cipher key LKn in smart lock safety chip, obtains after original cipher key LKn is encrypted LKm The ciphertext 3des (LKm) of new key be sent to smart lock safety chip, replace the original cipher key LKn in smart lock safety chip, Realize key modification.
CN201811547647.0A 2018-12-18 2018-12-18 A kind of cloud intelligent lock system and key management method based on multi-enciphering mode Pending CN109448197A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811547647.0A CN109448197A (en) 2018-12-18 2018-12-18 A kind of cloud intelligent lock system and key management method based on multi-enciphering mode

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811547647.0A CN109448197A (en) 2018-12-18 2018-12-18 A kind of cloud intelligent lock system and key management method based on multi-enciphering mode

Publications (1)

Publication Number Publication Date
CN109448197A true CN109448197A (en) 2019-03-08

Family

ID=65558933

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811547647.0A Pending CN109448197A (en) 2018-12-18 2018-12-18 A kind of cloud intelligent lock system and key management method based on multi-enciphering mode

Country Status (1)

Country Link
CN (1) CN109448197A (en)

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110300289A (en) * 2019-07-31 2019-10-01 北京中安国通科技有限公司 Video security management system and method
CN110321173A (en) * 2019-06-18 2019-10-11 广东汇泰龙科技股份有限公司 A kind of door lock is switched fast the method and intelligent cloud lock of wireless communication module and firmware
CN110324358A (en) * 2019-07-31 2019-10-11 北京中安国通科技有限公司 Video data manages authentication method, module, equipment and platform
CN110390746A (en) * 2019-06-16 2019-10-29 广州智慧城市发展研究院 A kind of implementation method of fingerprint anti-theft gate inhibition
CN110533816A (en) * 2019-09-03 2019-12-03 中国联合网络通信集团有限公司 A kind of remote encryption method and apparatus of the authorization fingerprint of electronic fingerprint lock
CN112152963A (en) * 2019-06-26 2020-12-29 国民技术股份有限公司 Intelligent lock, security platform and authentication method thereof
CN112350900A (en) * 2019-10-12 2021-02-09 广州市千博网络科技有限公司 Safety switch control method and module based on Bluetooth and WeChat applet
CN112598827A (en) * 2020-12-25 2021-04-02 北京智芯微电子科技有限公司 Intelligent lock authentication method, security chip, intelligent lock and management system thereof
CN113163381A (en) * 2021-04-16 2021-07-23 横店集团得邦照明股份有限公司 Intelligent lamp supporting rapid distribution network and implementation method thereof
CN113470224A (en) * 2021-06-16 2021-10-01 支付宝(杭州)信息技术有限公司 Unlocking method and system
CN113688187A (en) * 2021-10-26 2021-11-23 杭州宇链科技有限公司 Digital block chain supervision platform for hazardous chemical safety production
CN113781675A (en) * 2021-08-19 2021-12-10 杭州宇链科技有限公司 Credible polling and card punching method
CN114267100A (en) * 2021-11-11 2022-04-01 北京智芯微电子科技有限公司 Unlocking authentication method and device, security chip and electronic key management system
CN114299645A (en) * 2022-01-12 2022-04-08 初蓝物联科技(上海)有限公司 Encryption communication method for padlock of Internet of things
WO2022100658A1 (en) * 2020-11-16 2022-05-19 杭州海康威视数字技术股份有限公司 Method and system for changing key in security module
CN114999031A (en) * 2022-05-26 2022-09-02 重庆长安汽车股份有限公司 Key management method for Bluetooth key safety vehicle control

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103473844A (en) * 2013-10-12 2013-12-25 东信和平科技股份有限公司 Intelligent control method and intelligent control system for public rental housing
CN104022886A (en) * 2014-06-27 2014-09-03 深圳市捷顺科技实业股份有限公司 Safety authentication method applied to parking lot as well as related device and system
CN105261104A (en) * 2015-11-24 2016-01-20 重庆理工大学 Bluetooth door lock system based on intelligent terminal, and control method of Bluetooth door lock system
CN108055235A (en) * 2017-11-01 2018-05-18 华中科技大学 A kind of control method of smart lock, relevant device and system
CN108109242A (en) * 2017-12-21 2018-06-01 广东汇泰龙科技有限公司 A kind of hardware encryption method unlocked based on fingerprint, system, intelligent cloud lock

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103473844A (en) * 2013-10-12 2013-12-25 东信和平科技股份有限公司 Intelligent control method and intelligent control system for public rental housing
CN104022886A (en) * 2014-06-27 2014-09-03 深圳市捷顺科技实业股份有限公司 Safety authentication method applied to parking lot as well as related device and system
CN105261104A (en) * 2015-11-24 2016-01-20 重庆理工大学 Bluetooth door lock system based on intelligent terminal, and control method of Bluetooth door lock system
CN108055235A (en) * 2017-11-01 2018-05-18 华中科技大学 A kind of control method of smart lock, relevant device and system
CN108109242A (en) * 2017-12-21 2018-06-01 广东汇泰龙科技有限公司 A kind of hardware encryption method unlocked based on fingerprint, system, intelligent cloud lock

Cited By (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110390746A (en) * 2019-06-16 2019-10-29 广州智慧城市发展研究院 A kind of implementation method of fingerprint anti-theft gate inhibition
CN110321173A (en) * 2019-06-18 2019-10-11 广东汇泰龙科技股份有限公司 A kind of door lock is switched fast the method and intelligent cloud lock of wireless communication module and firmware
CN110321173B (en) * 2019-06-18 2022-05-27 广东汇泰龙科技股份有限公司 Method for rapidly switching wireless communication module and firmware of door lock and intelligent cloud lock
CN112152963B (en) * 2019-06-26 2024-04-09 国民技术股份有限公司 Intelligent lock, security platform and authentication method thereof
CN112152963A (en) * 2019-06-26 2020-12-29 国民技术股份有限公司 Intelligent lock, security platform and authentication method thereof
WO2020259397A1 (en) * 2019-06-26 2020-12-30 国民技术股份有限公司 Smart lock, security platform and authentication method therefor
CN110300289A (en) * 2019-07-31 2019-10-01 北京中安国通科技有限公司 Video security management system and method
CN110324358A (en) * 2019-07-31 2019-10-11 北京中安国通科技有限公司 Video data manages authentication method, module, equipment and platform
CN110324358B (en) * 2019-07-31 2020-05-05 北京中安国通科技有限公司 Video data management and control authentication method, module, equipment and platform
CN110300289B (en) * 2019-07-31 2020-08-21 北京中安国通科技有限公司 Video safety management system and method
CN110533816B (en) * 2019-09-03 2021-07-27 中国联合网络通信集团有限公司 Remote encryption method and device for authorized fingerprint of electronic fingerprint lock
CN110533816A (en) * 2019-09-03 2019-12-03 中国联合网络通信集团有限公司 A kind of remote encryption method and apparatus of the authorization fingerprint of electronic fingerprint lock
CN112350900B (en) * 2019-10-12 2022-02-15 广州市千博网络科技有限公司 Safety switch control method based on Bluetooth and WeChat applet
CN112350900A (en) * 2019-10-12 2021-02-09 广州市千博网络科技有限公司 Safety switch control method and module based on Bluetooth and WeChat applet
WO2022100658A1 (en) * 2020-11-16 2022-05-19 杭州海康威视数字技术股份有限公司 Method and system for changing key in security module
CN112598827A (en) * 2020-12-25 2021-04-02 北京智芯微电子科技有限公司 Intelligent lock authentication method, security chip, intelligent lock and management system thereof
CN113163381B (en) * 2021-04-16 2024-04-12 横店集团得邦照明股份有限公司 Intelligent lamp supporting rapid distribution network and implementation method thereof
CN113163381A (en) * 2021-04-16 2021-07-23 横店集团得邦照明股份有限公司 Intelligent lamp supporting rapid distribution network and implementation method thereof
CN113470224A (en) * 2021-06-16 2021-10-01 支付宝(杭州)信息技术有限公司 Unlocking method and system
CN113781675A (en) * 2021-08-19 2021-12-10 杭州宇链科技有限公司 Credible polling and card punching method
US11811956B2 (en) 2021-10-26 2023-11-07 Hangzhou Vastchain Technology Co., Ltd Blockchain-based supervision system of hazardous chemical production
CN113688187B (en) * 2021-10-26 2022-02-08 杭州宇链科技有限公司 Digital block chain supervision platform for hazardous chemical safety production
CN113688187A (en) * 2021-10-26 2021-11-23 杭州宇链科技有限公司 Digital block chain supervision platform for hazardous chemical safety production
CN114267100A (en) * 2021-11-11 2022-04-01 北京智芯微电子科技有限公司 Unlocking authentication method and device, security chip and electronic key management system
CN114267100B (en) * 2021-11-11 2024-05-14 北京智芯微电子科技有限公司 Unlocking authentication method and device, security chip and electronic key management system
CN114299645A (en) * 2022-01-12 2022-04-08 初蓝物联科技(上海)有限公司 Encryption communication method for padlock of Internet of things
CN114999031A (en) * 2022-05-26 2022-09-02 重庆长安汽车股份有限公司 Key management method for Bluetooth key safety vehicle control

Similar Documents

Publication Publication Date Title
CN109448197A (en) A kind of cloud intelligent lock system and key management method based on multi-enciphering mode
CN109410406B (en) Authorization method, device and system
CN111478917B (en) Background system for providing network service for access control device and user terminal
CN107978047B (en) Use the methods, devices and systems of password unlocking
US9654468B2 (en) System and method for secure remote biometric authentication
CN108712389B (en) Intelligent lock system
EP1866873B1 (en) Method, system, personal security device and computer program product for cryptographically secured biometric authentication
KR102514429B1 (en) Update of biometric data template
CN105122265B (en) Data safety service system
CN103544746A (en) Electronic access control system of dynamic bar code
CN106161402A (en) Encryption equipment key injected system based on cloud environment, method and device
CN104270338A (en) A method and system of electronic identity registration and authentication login
CN102217277A (en) Method and system for token-based authentication
CN1395776A (en) Method for issuing an electronic identity
JP6667371B2 (en) Communication system, communication device, communication method, and program
WO2019204954A1 (en) Smart lock system
JP7172716B2 (en) Authorization system, management server and authorization method
CN109889669A (en) A kind of unlocked by mobile telephone method and system based on secure cryptographic algorithm
CN1808975B (en) System and method of preventing network account from stolen
US10148433B1 (en) Private key/public key resource protection scheme
WO2022033959A1 (en) Method and system for authentication of a computing device
JPH05298174A (en) Remote file access system
JP6174796B2 (en) Security system, management device, permission device, terminal device, security method, and program
US20230412400A1 (en) Method for suspending protection of an object achieved by a protection device
TWI725623B (en) Point-to-point authority management method based on manager's self-issued tickets

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20190308