CN109547303B - Control method and related equipment - Google Patents

Control method and related equipment Download PDF

Info

Publication number
CN109547303B
CN109547303B CN201811390756.6A CN201811390756A CN109547303B CN 109547303 B CN109547303 B CN 109547303B CN 201811390756 A CN201811390756 A CN 201811390756A CN 109547303 B CN109547303 B CN 109547303B
Authority
CN
China
Prior art keywords
control
calculation factor
equipment end
channel
channel calculation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811390756.6A
Other languages
Chinese (zh)
Other versions
CN109547303A (en
Inventor
靳松
胡庆格
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Huada Zhibao Electronic System Co Ltd
Original Assignee
Beijing Huada Zhibao Electronic System Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Huada Zhibao Electronic System Co Ltd filed Critical Beijing Huada Zhibao Electronic System Co Ltd
Priority to CN201811390756.6A priority Critical patent/CN109547303B/en
Publication of CN109547303A publication Critical patent/CN109547303A/en
Application granted granted Critical
Publication of CN109547303B publication Critical patent/CN109547303B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2803Home automation networks
    • H04L12/2816Controlling appliance services of a home automation network by calling their functionalities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Automation & Control Theory (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides a control method, which comprises the following steps: when a control instruction is received, sending an instruction data transmission request to an equipment end, and triggering the equipment end to perform identity authentication on the control end; when the control end passes the identity authentication of the equipment end, determining a first transmission key, and encrypting instruction data to be transmitted; transmitting the encrypted instruction data to the equipment end so that the equipment end executes control operation corresponding to the instruction data after acquiring the instruction data; by applying the method of the invention, the equipment terminal improves the safety of data in the transmission process by authenticating the identity of the control terminal; the transmission key for encrypting and decrypting the instruction data during transmission is determined, and the instruction data is encrypted during transmission, so that the safety of the data during transmission is realized, and the confidentiality of data transmission is ensured.

Description

Control method and related equipment
Technical Field
The present invention relates to the field of data information security, and in particular, to a control method and related device.
Background
With the rapid development of scientific technology, the intelligent equipment is applied to aspects of our life, can be connected through remote internet or connected through Bluetooth and NFC of a local area network and a near field, and realizes remote control of the intelligent equipment through plaintext transmission of data, intelligent home life is realized, and our life is more convenient.
The inventor finds that digital information is easily stolen by lawless persons in the transmission process and has low security through the research of the prior art, so that the transmitted data needs to be encrypted to protect the data information to be transmitted and improve the security of the data information urgently.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide a control method, which can improve the security of digital information during the transmission of the digital information, reduce the possibility of stealing the information, and improve the security of data transmission.
The invention also provides a control device for ensuring the realization and the application of the method in practice.
A control method, comprising:
when a control instruction is received, sending an instruction data transmission instruction to an equipment end, and triggering the equipment end to perform identity authentication on the control end;
when the control end passes the identity authentication of the equipment end, determining a first channel calculation factor;
generating a first transmission key for data transmission with the equipment terminal according to the first channel calculation factor;
encrypting the first channel calculation factor by applying the first transmission key to generate an encrypted ciphertext;
sending the encrypted ciphertext to the equipment end to trigger the equipment end to decrypt the encrypted ciphertext to obtain the first channel calculation factor, and comparing the first channel calculation factor with a pre-generated second channel calculation factor;
when the first channel calculation factor is consistent with the second channel calculation factor in comparison, the first transmission key is applied to encrypt instruction data to be transmitted;
and transmitting the encrypted instruction data to the equipment end so that the equipment end executes control operation corresponding to the instruction data after acquiring the instruction data.
In the foregoing method, optionally, the triggering the device end to perform identity authentication on the control end includes:
triggering the equipment end to send an identification character string and a random character string to the control end;
when the identification character string is received, calling a preset authentication root key to perform decentralized operation on the identification character string to obtain a first authentication key;
encrypting the random character string according to the first authentication key to obtain an authentication ciphertext;
and sending the authentication ciphertext to the equipment end so that the equipment end decrypts the authentication ciphertext to obtain a random character string contained in the authentication ciphertext, matching the random character string contained in the authentication ciphertext with the random character string sent to the control end, and authenticating the identity of the control end when the random character string contained in the authentication ciphertext is matched with the random character string sent to the control end.
In the foregoing method, optionally, the determining the first channel calculation factor includes:
and calculating the identification character string according to a preset channel root key to obtain the first channel calculation factor.
In the foregoing method, optionally, the generating a first transmission key for data transmission with the device side includes:
acquiring a channel encryption factor;
and carrying out encryption operation on the channel encryption factor according to the first channel calculation factor to obtain the first transmission key.
In the foregoing method, optionally, the triggering the device end to decrypt the encrypted ciphertext to obtain the first channel calculation factor includes:
triggering the equipment end to call a pre-generated second transmission key, decrypting the encrypted ciphertext to obtain the first channel calculation factor, wherein the second transmission key is a transmission key calculated and obtained by the equipment end according to the second channel calculation factor.
A control device is applied to a control end and comprises:
the triggering unit is used for sending an instruction data transmission request to an equipment end when receiving a control instruction, and triggering the equipment end to perform identity authentication on the control end;
the determining unit is used for determining a first channel calculation factor when the control end passes the identity authentication of the equipment end;
a generating unit, configured to generate a first transmission key for data transmission with the device side according to the first channel calculation factor;
the first encryption unit is used for encrypting the first channel calculation factor by applying the first transmission key to generate an encrypted ciphertext;
the sending unit is used for sending the encrypted ciphertext to the equipment end so as to trigger the equipment end to decrypt the encrypted ciphertext to obtain the first channel calculation factor, and comparing the first channel calculation factor with a pre-generated second channel calculation factor;
the second encryption unit is used for applying the first transmission key to encrypt the instruction data to be transmitted when the first channel calculation factor is consistent with the second channel calculation factor in comparison;
and the first control unit is used for transmitting the encrypted instruction data to the equipment end so that the equipment end executes control operation corresponding to the instruction data after acquiring the instruction data.
A control method is applied to a device side and comprises the following steps:
when encrypted instruction data sent by a control end are received, decrypting the encrypted instruction data according to a preset second transmission key to obtain the instruction data;
and controlling the equipment terminal according to the instruction data.
Optionally, the method for setting the second transmission key in advance includes:
and applying a preset second channel calculation factor to perform encryption operation on a channel encryption factor contained in the equipment end to obtain the second transmission key.
A control unit is applied to a device side and comprises:
the decryption unit is used for decrypting the encrypted instruction data according to a preset second transmission key when the encrypted instruction data sent by the control end are received, so as to obtain the instruction data;
and the second control unit is used for controlling the equipment terminal according to the instruction data.
A control system, comprising:
a control end and an equipment end;
wherein:
the control terminal is used for executing the control method applied to the control terminal;
the device side is used for executing the control method applied to the device side.
Compared with the prior art, the invention has the following advantages:
the method provided by the embodiment of the invention comprises the following steps: when a control instruction is received, sending an instruction data transmission request to an equipment end, and triggering the equipment end to perform identity authentication on the control end; when the control end passes the identity authentication of the equipment end, a first transmission key is determined, and a ciphertext encrypted according to the first transmission key is sent to the equipment end to trigger the equipment end to decrypt the encrypted ciphertext.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
FIG. 1 is a flow chart of a control method provided by the present invention;
FIG. 2 is another flow chart of a control method provided by the present invention;
FIG. 3 is another flow chart of a control method provided by the present invention;
FIG. 4 is another flow chart of a control method provided by the present invention;
FIG. 5 is another flow chart of a control method provided by the present invention;
FIG. 6 is a schematic structural diagram of a control device according to the present invention;
FIG. 7 is a schematic view of another structure of a control device according to the present invention;
fig. 8 is a schematic structural diagram of a control system according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In this application, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions, and the terms "comprises", "comprising", or any other variation thereof are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The present invention is operational with numerous general purpose or special purpose network device environments or configurations. For example: personal computers, server computers, internet appliances, intelligent door locks, intelligent air conditioners, electronic products including any of the above devices or intelligence, and the like.
An embodiment of the present invention provides a control method, which may be applied to a plurality of intelligent electronic products, where an execution subject of the control method may be a server of the intelligent electronic product, or an intelligent electronic product subject, such as a personal computer, a tablet computer, a smart phone, and the like, and a flowchart of the method is shown in fig. 1, and specifically includes:
s101: when a control instruction is received, sending an instruction data transmission instruction to an equipment end, and triggering the equipment end to perform identity authentication on the control end;
in the method provided by the embodiment of the invention, when a control end receives a control instruction for operating an equipment end by a user, the control end sends a data transmission request of the control instruction to the equipment end, thereby triggering an identity authentication process of the equipment end to the control end;
it should be noted that the control end and the device end may be an intelligent device end having a wireless connection function, for example, the control end and the device end may both be connected to a wireless network such as the internet, a local area network, bluetooth, or NFC, and may transmit and receive data through an electronic channel, the control end may be a smart phone, a tablet computer, or the like, and the device end may be an air conditioner, a refrigerator, an intelligent door lock, or the like that may be connected to the bluetooth or the internet.
S102: when the control end passes the identity authentication of the equipment end, determining a first channel calculation factor;
in the method provided by the embodiment of the invention, when the control end passes the identity authentication of the equipment end, the control end sends an acquisition instruction to the equipment end, the equipment end sends an identification character string to the control end when receiving the acquisition instruction, and the control end calculates the identification character string to obtain the first channel calculation factor when receiving the identification character string. In the method provided by the embodiment of the present invention, the identification character string may be a device ID of the device side.
S103: generating a first transmission key for data transmission with the equipment terminal according to the first channel calculation factor;
in the method provided by the embodiment of the invention, the control end acquires the channel encryption factor, and calculates the acquired channel encryption factor according to the first channel calculation factor to obtain the first transmission key for data transmission with the equipment end, wherein the first transmission key is used for encrypting the instruction data to ensure the safety of data transmission.
In the method provided by the embodiment of the present invention, the channel encryption factor may be obtained from the device side, and the channel encryption factor may be a random number generated by the device side, or may be data that is pre-agreed and synchronously generated by the control side and the device side.
S104: encrypting the first channel calculation factor by applying the first transmission key to generate an encrypted ciphertext;
s105: sending the encrypted ciphertext to the equipment end to trigger the equipment end to decrypt the encrypted ciphertext to obtain the first channel calculation factor, and comparing the first channel calculation factor with a pre-generated second channel calculation factor;
in the method provided by the embodiment of the invention, the control end sends an encrypted ciphertext generated by encrypting a first channel calculation factor to the equipment end, the control end is triggered to decrypt the encrypted ciphertext, when the equipment end decrypts the encrypted ciphertext to obtain a first channel calculation factor, the equipment end compares the first channel calculation factor with a pre-generated second channel calculation factor, and when the comparison is consistent, a key for encrypting the instruction data to be transmitted by the control end is determined; the pre-generated second channel calculation factor is generated by the device side according to a preset mode.
S106: when the first channel calculation factor is consistent with the second channel calculation factor in comparison, the first transmission key is applied to encrypt instruction data to be transmitted;
in the method provided by the embodiment of the invention, when a first channel calculation factor obtained by decryption of an equipment end is compared with a second channel factor preset at the equipment end, and when the first channel calculation factor and the second channel calculation factor are consistent, the control end applies the first transmission key to encrypt instruction data to be transmitted so as to realize the confidentiality of the data; it should be noted that, when the first channel calculation factor obtained by the device side through decryption is consistent with the second channel calculation factor through comparison, the consistent information through comparison is fed back to the control side; this determines the key, i.e. the first transmission key, by which the control end encrypts the command data to be transmitted.
S107: transmitting the encrypted instruction data to the equipment end so that the equipment end executes control operation corresponding to the instruction data after acquiring the instruction data;
in the method provided by the embodiment of the invention, the encrypted instruction data of the control end is sent to the equipment end, decryption processing is carried out after the equipment end receives the encrypted instruction to obtain the instruction data, and corresponding instruction control operation is executed according to the instruction data.
In the method provided by the embodiment of the invention, when a control instruction is received, a transmission instruction data request is sent to an equipment end, and the equipment end is triggered to carry out identity authentication on the control end; when the control end passes the identity authentication of the equipment end, the control end sends the encrypted instruction data to the equipment end, the equipment end carries out decryption processing, and corresponding instruction control operation is executed according to the obtained instruction data; in the method provided by the embodiment of the invention, the identity authentication of the control end is carried out through the equipment end, so that the safety of data in transmission is improved, the encryption key for encrypting the instruction data in transmission is determined when the instruction data is transmitted, the data is encrypted, and the confidentiality of the data is ensured.
In the method provided by the embodiment of the present invention, the device side needs to perform identity authentication on the control side to avoid the loss caused by the attack of a lawbreaker on the device side, and an identity authentication process for the control side is shown in fig. 2, and the specific process is as follows:
s201: triggering the equipment end to send an identification character string and a random character string to the control end;
in the method provided by the embodiment of the invention, when the identity authentication needs to be carried out on the control terminal, the control terminal sends an instruction for acquiring an identification character string and a random character string to the equipment terminal; the equipment end receives the acquisition instruction and feeds back an identification character string and a random character string to the control end, wherein the identification character string can be a unique identification number of the equipment end or equivalent data such as a Serial Number (SN); it should be noted that the unique identification number of the equipment end is a unique and unrepeated identification number character string written in advance during production of the equipment end; the random character string is an 8-byte random character string randomly generated by the device side, and the generated random character string can also be 16 bytes, 32 bytes and the like, and is not limited to the 8-byte random character string; it should be noted that, when the device side sends the identification character string and the random character string to the control side, the identification character string and the random character string may be sent simultaneously or sequentially.
It should be noted that, in this step, the identification character string and the random character string sent by the device side may be encrypted for transmission, for example, the identification character string and the random character string are transmitted to the control side after being encrypted by using the public key of the control side, so that the security of transmission of the identification character string and the random character string is ensured.
S202: when the identification character string is received, calling a preset authentication root key to perform decentralized operation on the identification character string to obtain a first authentication key;
in the method provided by the embodiment of the invention, when an identification character string fed back by the equipment end is received, the control end calls a preset authentication root key to perform decentralized operation on the identification character string to obtain a first authentication key;
it should be noted that the preset authentication root key is a 16-byte symmetric key, and the authentication root key performs a decentralized operation on the unique identification number to obtain a unique authentication key, where the authentication keys of each device end are different; the authentication key is used to authenticate the identity of an external access node, such as an authentication control.
S203: encrypting the random character string according to the first authentication key to obtain an authentication ciphertext;
in the method provided by the embodiment of the present invention, after the authentication root key performs a distributed operation on the identification character string to obtain a first authentication key, an encryption operation is performed on the obtained random character string according to the first authentication key to obtain an authentication ciphertext.
S204: sending the authentication ciphertext to the equipment end so that the equipment end decrypts the authentication ciphertext to obtain a random character string contained in the authentication ciphertext, matching the random character string contained in the authentication ciphertext with the random character string sent to the control end, and authenticating the identity of the control end when the random character string contained in the authentication ciphertext is matched with the random character string sent to the control end;
in the method provided by the embodiment of the present invention, when the device end receives the authentication ciphertext sent by the control end, the authentication ciphertext is decrypted by using the authentication key preset at the device end to obtain the identification character string, and when the random character string is consistent with the random character string at the device end, the identity of the control end is legal, that is, the identity authentication of the control end is passed.
It should be noted that, when the device end sends the unique identification number written in the device end in advance to the control end, the device end receives the authentication ciphertext encrypted by the control end, and the device end performs decryption operation by using the authentication key written in by the production system during production; the authentication key is obtained by the production system performing scattered operation on the unique identification number of the equipment end by using the authentication root key;
it should be noted that the authentication key preset at the device end is that, in the production process of the device end, the authentication root key performs a decentralized operation on the unique identification number of the device end to obtain a unique authentication key, and writes the unique authentication key into the device end, where the device end may be an intelligent door lock, an intelligent air conditioner, an intelligent water heater, or the like.
In the method provided by the embodiment of the invention, when the instruction data is sent to the equipment end, the equipment end firstly authenticates the identity of the control end, so that the possibility that the equipment end is attacked by lawbreakers is reduced, and the safety of data transmission is improved; after the control end passes the authentication of the device end, the control end also needs to authenticate the device end, so as to avoid data transmission errors and improve the security and the correctness of data transmission, and the encryption and decryption algorithm adopted in the embodiment can be an international general algorithm 3DES, a national secret SM4 algorithm and an equivalent symmetric key algorithm.
In the method provided by the embodiment of the present invention, after the device side passes the identity authentication of the control side, the control side calls the channel encryption factor to perform operation, so as to obtain the first channel calculation factor, and the specific process is as follows:
acquiring a channel encryption factor;
according to the first channel calculation factor, carrying out encryption operation on the channel encryption factor to obtain the first transmission key;
in the method provided by the embodiment of the invention, a control end uses a first channel calculation factor to carry out encryption operation on a channel encryption factor by acquiring the channel encryption factor, thereby obtaining a first transmission key; the channel encryption factor can be not only a random number generated by the equipment terminal, but also a random number generated by the control terminal; or synchronously generated data predetermined by the control end and the equipment end, such as a synchronous time factor and a count value generated by a synchronous counter; when the control end obtains the channel encryption factor, the control end can call the middleware of the control end to perform subsequent processes after obtaining the channel encryption factor in the middle.
In the method provided in the embodiment of the present invention, when the control end passes through the identity authentication of the device end, the transmission key for data transmission needs to be determined, the specific process is shown in fig. 3, and the specific operation shown in fig. 3 may be performed by a middleware in the control end, and the specific content is as follows:
s301: calling the identification character string of the equipment end and the channel encryption factor generated by the equipment end;
in the method provided by the embodiment of the present invention, the identification character string sent by the device side is the identification character string related in fig. 2, and the identification character string is sent to the control side when the device side authenticates the identity of the control side; optionally, in the scheme, after the control end passes the identity authentication of the equipment end, the control end may request to obtain the identification character string of the equipment end again; optionally, the scheme may further use an identification character string sent to the control end when the device end authenticates the identity of the control end; the identification character string is a unique identification number of the equipment end, can also be equivalent data such as a Serial Number (SN) and the like, and is equal to an ID number of the equipment end;
the channel encryption factor generated by the device side is a group of random numbers generated by the device side, and when the control side sends an acquisition instruction to the control side, the device side generates a group of random numbers, optionally, the random numbers are 16 bytes.
The channel encryption factor is not limited to a random number in practical application, but may also be data that is pre-agreed and synchronously generated by the control terminal and the device terminal, such as a synchronous time factor and a count value generated by a synchronous counter.
S302: calculating the identification character string according to a preset channel root key to obtain the first channel calculation factor;
in the method provided by the embodiment of the invention, a channel root key preset at a control end is used for carrying out scattered operation on the obtained identification character string by using a scattered algorithm to obtain a first channel calculation factor; it should be noted that the channel root key is stored in the control end, that is, preset; the channel root key is a 16 byte symmetric key.
S303: calculating the channel encryption factor according to the first channel calculation factor to obtain the first transmission key;
in the method provided by the embodiment of the invention, a first transmission key is obtained by using a first channel calculation factor to calculate the channel encryption factor by using an encryption algorithm, wherein the channel encryption factor is a random number generated by a device end; the encryption algorithm can be an international common algorithm 3DES, a national secret SM4 algorithm and an equivalent symmetric key algorithm;
in the method provided by the embodiment of the invention, a control end sends an acquisition instruction to an equipment end, the equipment end responds to the instruction and feeds back a random number of 16 bytes to the equipment end, wherein the random number of 16 bytes is a channel encryption factor; for example, the smart phone and the smart door lock thereof need to authenticate the identity of the smart door lock at present, the smart phone sends an instruction for acquiring a channel calculation factor to the smart door lock, and the smart door lock responds to the instruction after receiving the instruction and sends a group of channel encryption factors to the smart phone; optionally, the number of bytes of the group of channel encryption factors may be 8 bytes, 16 bytes, and the like, and in the method provided in the embodiment of the present invention, the preferred scheme is that the device side sends a self-generated random number of 16 bytes;
it should be noted that the random number of the channel encryption factor here is not identical to the random character string described in fig. 2, where the random number is generated again at random by the device side when the identity of the control side passes the authentication of the device side, and the random number here is used for performing an operation to generate a transmission key; while the random character string in fig. 2 is generated when the identity of the control terminal needs to be authenticated, and the random character string is used for authenticating the identity of the control terminal.
In practical application, the channel encryption factor is not limited to a random number, but may also be data that is generated synchronously and is predetermined by the control end and the device end, such as a synchronous time factor and a count value generated by a synchronous counter.
S304: encrypting the first channel calculation factor by using the first transmission key to generate an encrypted ciphertext, sending the encrypted ciphertext to the equipment end, and triggering the equipment end to decrypt the encrypted ciphertext;
in the method provided by the embodiment of the invention, an equipment end encrypts a first channel calculation factor by using a generated first transmission key, sends an encrypted ciphertext to the equipment end, triggers the equipment end to decrypt the ciphertext by using a pre-generated second transmission key, compares the decrypted first channel calculation factor with a second channel factor preset at the equipment end, and establishes a safe transmission channel between a control end and the equipment end if the comparison is consistent; the control end encrypts the instruction data to be transmitted by using the first transmission key and sends the encrypted instruction data to the equipment end, and the equipment end decrypts the encrypted instruction data by using the second transmission key and executes corresponding control operation according to the decrypted instruction data;
it should be noted that, when the control segment receives a message that the comparison of the first channel calculation factor and the second channel calculation factor by the device side is consistent, an encryption key of the command data to be transmitted, i.e. a first transmission key, by the control side is determined; a decryption key of the encrypted instruction data, namely a second transmission key, by the equipment end is also determined; and when determining the key for encrypting and decrypting the instruction data, the control end authenticates the identity of the equipment end.
It should be noted that the second transmission key at the device end is obtained by performing encryption operation on a channel encryption factor according to a second channel calculation factor preset at the device end; the second channel calculation factor preset at the equipment end is obtained by the production system by using a channel root key to perform scattered operation on the unique identification number of the equipment end in the production process of the equipment end, and then the unique identification number is written into the equipment end; the channel root key is provided with three different keys with different keys according to the security and secrecy rule, and three different channel calculation factors are correspondingly generated.
In the method provided by the embodiment of the invention, a first channel calculation factor is obtained by carrying out dispersive operation on the identification character string of the equipment end by using a dispersive algorithm; the method comprises the steps that a first channel factor is used for operating a channel encryption factor by using an encryption algorithm to obtain a first transmission key, the first transmission key is used for encrypting the first channel factor and is sent to an equipment end, a decryption process of the equipment end is triggered, when the equipment end can use a preset second transmission key to decrypt a ciphertext, the decrypted first channel calculation factor is compared with a preset second channel calculation factor at the equipment end, if the comparison is consistent, the first transmission key is a key for encrypting when transmission instruction data is transmitted, and the second transmission key is a key for decrypting when the equipment end receives the encrypted instruction data;
it should be noted that the second transmission key in the present invention may also be used as a key for encrypting when the device transmits the instruction data to the control end.
The method provided by the embodiment of the invention further comprises the following steps: and when the equipment terminal sends the instruction data to the control terminal, the second transmission key is applied to encrypt the instruction data sent by the equipment terminal.
In the method provided by the embodiment of the invention, a secure transmission channel is established between a control end and an equipment end, and when data transmission is carried out, a first transmission key generated by the control end and a second transmission key generated by the equipment end are the same transmission key; the control end can encrypt the instruction data to be transmitted to the equipment end by using the first transmission key, and the equipment end decrypts the encrypted instruction data by using the second transmission key when receiving the encrypted instruction data. In the method provided by the embodiment of the invention, when the device end needs to transmit data to the control end, the device end can encrypt the data to be transmitted through the second transmission key so as to ensure the security of the data transmitted to the control end.
The method ensures the security of the data during transmission, ensures the confidentiality of the instruction data during transmission by encrypting the instruction data to be transmitted, and further improves the security of the data during transmission.
The method provided by the embodiment of the invention is applied to an equipment end; when the device side receives the encrypted instruction data from the control side, decryption operation is required, and the control process of decrypting the device side and executing the instruction is shown in fig. 4, which is specifically described as follows:
s401: when encrypted instruction data sent by a control end are received, decrypting the encrypted instruction data according to a preset second transmission key to obtain the instruction data;
in the method provided by the embodiment of the invention, when the equipment end receives encrypted instruction data sent by the control end, a decryption process in the equipment end is triggered, the equipment end decrypts by using a preset second transmission key, the preset second transmission key is obtained by calculating a channel encryption factor by using an encryption algorithm by using a preset second channel factor, and the equipment end decrypts the encrypted instruction data according to the second transmission key; the channel encryption factor is generated by the device side, namely the channel encryption factor sent to the control side.
S402: controlling the equipment terminal according to the instruction data;
in the method provided by the embodiment of the invention, the encrypted instruction data is decrypted by using the second transmission key to obtain the instruction data, and corresponding control operation is executed according to the instruction data.
In the method provided by the embodiment of the invention, by authenticating the identities of the two parties, the safety of the data in sending is improved, the data is prevented from being attacked by lawless persons, and when the instruction data is transmitted, the instruction data is encrypted by using the confirmed transmission key, so that the instruction data is further encrypted and protected, the instruction data is further prevented from being leaked, and the safety of data transmission is improved.
In the method provided by the embodiment of the invention, when the equipment end receives encrypted instruction data sent by the control end, the encrypted instruction data is decrypted by using a preset second transmission key; the decryption process is as follows:
applying a preset second channel calculation factor to perform encryption operation on a channel encryption factor contained in the equipment end to obtain a second transmission key;
in the method provided by the embodiment of the invention, an equipment end carries out encryption operation on a channel encryption factor generated by the equipment end by using a preset second channel calculation factor to obtain a second transmission key; the channel encryption factor is a group of random numbers generated by the equipment end, and is sent to the control end, so that the control end can generate a first transmission key; the equipment end uses a second channel calculation factor to carry out encryption operation on a channel encryption factor sent to the control end to obtain a second transmission key, decrypts the encrypted instruction data by using the second transmission key to obtain the instruction data, and executes corresponding control operation according to the instruction data.
In the method provided by the embodiment of the invention, the encrypted channel calculation factor sent by the control end is decrypted to determine the decryption key of the encrypted instruction data, so that the transmitted instruction data is prevented from being intercepted or cracked, the safety of data transmission is improved, and the safety of data transmission is ensured; among the methods provided by the examples of the present invention, to further illustrate the methods provided by the present invention, a more detailed discussion is provided in the following examples.
The control method provided by the embodiment of the invention is applied to a control system, the control system comprises a control end and a sending end, when the control end receives a control instruction, a data transmission request is sent to an equipment end, the equipment end is triggered to authenticate the identity of the control end, an authentication key is generated by acquiring an identification character string and a random character string sent by the equipment end and using a preset operation flow, the random character string is encrypted by using the authentication key and sent to the equipment end, and then the decryption flow of an authentication ciphertext by the equipment end is triggered, wherein the specific authentication process is as follows;
the control end sends an acquisition instruction to the equipment end, the acquisition instruction is an instruction for acquiring an identification character string and a random character string, and the instruction transmission request sent by the control end to the equipment end comprises the instruction for acquiring the identification character string; the equipment end receives the acquisition instruction, and returns the identification character string and the random character string to the equipment end in response to the acquisition instruction; when the control end receives the identification character string, the identification character string is equivalent data such as a unique identification number or a serial number SN preset at the equipment end, the unique identification number is calculated by using a preset authentication root key to obtain a first authentication key, encryption operation is carried out on the random character string according to the first authentication key to obtain ciphertext data D1, and the control end sends an authentication ciphertext to the equipment end; the equipment end decrypts the ciphertext data D1 by using an authentication key preset at the equipment end to obtain authentication data D2, the equipment end compares a random character string obtained by decryption with a random character string sent to the control end, and if the comparison is consistent, the equipment end passes the identity authentication of the control end;
optionally, when the device end receives the obtaining instruction, the device end responds to the instruction and sends the identification character string to the control end, and the control end performs a decentralized operation on the obtained identification character string by using a preset authentication root key to obtain a first authentication root key; the equipment end sends the random character string to the control end, the control end uses the generated first authentication key to carry out encryption operation on the obtained random character string to obtain an encrypted authentication ciphertext, and the encrypted authentication ciphertext is sent to the equipment end; the device side compares whether the random character string obtained by decryption is consistent with the random character string sent to the control side, and if so, the identity of the control side passes authentication; it should be noted that, the device side responds to the control instruction sent by the control side, and when the device side sends the identification character string and the random character string to the control side, the two can be sent at the same time; or sequentially transmitted without any order.
The authentication key preset at the equipment end is that when the equipment end is in production, the authentication root key in the production system performs scattered operation on the unique identification number of the equipment end to form the authentication key corresponding to each identification number, and the authentication key is written into the corresponding equipment end, and the authentication key of each equipment end is different.
After the identity of the control end passes the authentication of the equipment end, a transmission key for encrypting the transmission instruction data and a corresponding key for decrypting the encrypted instruction data need to be determined; the control end obtains a unique identification character string sent by the equipment end, and performs dispersion operation on the unique identification character string according to a preset channel root key to obtain a first channel calculation factor; carrying out encryption operation on the channel encryption factor by using the first channel calculation factor to obtain a first transmission key; encrypting the first channel calculation factor by using a first transmission key, sending the first channel calculation factor to an equipment end, decrypting the first channel calculation factor by the equipment end according to a pre-generated second transmission key, comparing the obtained channel calculation factor with a channel encryption factor preset at the equipment end, and determining a key for encrypting the instruction data and decrypting the encrypted instruction data if the comparison is consistent;
when the identity authentication of the equipment end passes, the control end encrypts the instruction data by using the first transmission key and sends the instruction data to the equipment end, and the equipment end decrypts the instruction data by using the second transmission key and executes the instruction data to obtain the corresponding instruction data.
The specific flow chart is shown in fig. 5, and the specific contents are as follows:
the control end sends an acquisition instruction to the equipment end, wherein the acquisition instruction is '008400010', the equipment end responds to the acquisition instruction and feeds back a channel encryption factor to the control end, and preferably, in the method provided by the embodiment of the invention, the channel encryption factor is a random number of 16 bytes randomly generated by the equipment end; optionally, when the device side responds to the acquisition instruction, the device side may send the channel encryption factor and the identification character string to the control side, and the channel encryption factor and the identification character string may be sent simultaneously or sequentially when the channel encryption factor and the identification character string are sent; it is also possible to transmit only the channel encryption factor.
When the equipment end only sends the channel encryption factor to the control end, the control end uses a preset channel root key to perform dispersion operation on the originally obtained identification character string of the equipment end to obtain a first channel calculation factor, wherein the originally obtained identification character string of the equipment end is an identification character symbol sent to the control end when the equipment end authenticates the identity of the control end; the channel root key is a 16-byte symmetric key; the first channel calculation factor calculates a channel encryption factor by using an encryption algorithm to obtain a first transmission key, encrypts the first channel calculation factor by using the first transmission key, and sends the first channel calculation factor to an equipment end;
when the equipment end sends a channel encryption factor and an identification character string to the control end, the control end uses a preset channel root key to perform scattered operation on the obtained identification character string of the equipment end to obtain a first channel calculation factor, wherein the channel root key is a 16-byte symmetric key; the first channel calculation factor calculates a channel encryption factor by using an encryption algorithm to obtain a first transmission key, encrypts the channel calculation factor by using the first transmission key, and sends the channel calculation factor to an equipment end;
the device side decrypts the encrypted first channel calculation factor by using a pre-generated second transmission key, and determines a key for encrypting the transmission instruction and a key for decrypting the encrypted transmission instruction when the decrypted first channel calculation factor is consistent with a pre-set second channel calculation factor;
the pre-generated second transmission key is obtained by the equipment end through carrying out encryption operation on the channel encryption factor by using a preset second channel calculation factor, and the preset second channel calculation factor is obtained by carrying out dispersion operation on the unique identification number of the equipment end by using a channel root key by the production system when the equipment end is in production, so as to obtain a unique second channel calculation factor and writing the unique second channel calculation factor into the equipment end; the channel calculation factors of each equipment end are different;
the equipment end feeds back a comparison result to the control end, if the authentication is passed, the current control end encrypts the instruction data by using the first transmission key and sends the instruction data to the current equipment end, and the current equipment end decrypts the encrypted instruction data by using the second transmission key and executes corresponding instruction operation according to the obtained instruction;
preferably, when the control end determines the first transmission key and the equipment end determines the second transmission key, and the equipment end subsequently transmits data to the control end, the second transmission key can be used for encrypting the data to be transmitted and sending the encrypted data to the control end; and the control terminal decrypts the encrypted data by using the determined second transmission key.
For example, the intelligent door lock receives encrypted instruction data sent remotely by a mobile phone, the intelligent door lock decrypts the encrypted instruction data through a second transmission key, the decrypted instruction data is a password for opening the intelligent door lock, and the intelligent door lock decrypts the encrypted instruction data and then executes corresponding instruction control, namely, opens the door lock; the intelligent air conditioner can also receive encrypted instruction data sent by the mobile phone, the air conditioner is turned on after ten minutes, and the temperature is set at 24 ℃; after receiving an encryption instruction remotely sent by the mobile phone, the intelligent air conditioner performs decryption operation, and opens the air conditioner after ten minutes, and sets the temperature at 24 ℃;
after the data transmission between the control end and the equipment end is finished, namely after the channel for transmitting data between the control end and the receiving end is interrupted, when the control end sends instruction data to the equipment end again, the identities of the control end and the equipment end need to be authenticated again, the transmission key needs to be determined again, and one-time pad is realized.
By applying the method provided by the embodiment of the invention, the safety of data transmission is ensured through mutual authentication of identities of two parties, the confidentiality of instruction data in transmission is ensured through encryption of the instruction data to be transmitted, the safety of the data in the transmission process is further improved, when the control end and the data end transmit the control instruction again after the channel for transmitting the data is interrupted, the control end needs to authenticate the identities of the two parties again and determine the transmission key again, so that the possibility of successful replay attack by a lawless person is reduced.
Corresponding to fig. 1, the embodiment of the present invention further provides a control device corresponding to the control end, which is applied to the control end, and a schematic structural diagram of the control device is shown in fig. 6, and specifically includes:
the triggering unit 601 is configured to send an instruction data transmission request to an equipment end when receiving a control instruction, and trigger the equipment end to perform identity authentication on the control end;
a determining unit 602, configured to determine a first channel calculation factor when the control end passes the identity authentication of the device end;
a generating unit 603, configured to generate a first transmission key for performing data transmission with the device side according to the first channel calculation factor;
a first encrypting unit 604, configured to encrypt the first channel calculation factor by applying the first transmission key, and generate an encrypted ciphertext;
a sending unit 605, configured to send the encrypted ciphertext to the device end, so as to trigger the device end to decrypt the encrypted ciphertext, obtain the first channel calculation factor, and compare the first channel calculation factor with a second channel calculation factor generated in advance;
a second encrypting unit 606, configured to apply the first transmission key to encrypt the instruction data to be transmitted when the first channel calculation factor is consistent with the second channel calculation factor in comparison;
the first control unit 607 is configured to transmit the encrypted instruction data to the device side, so that the device side executes a control operation corresponding to the instruction data after acquiring the instruction data.
Corresponding to fig. 4, an embodiment of the present invention further provides a control device corresponding to an equipment end, where the structural schematic diagram of the control device is shown in fig. 7, and the control device specifically includes:
a decryption unit 701, configured to, when encrypted instruction data sent by a control end is received, decrypt the encrypted instruction data according to a preset second transmission key to obtain the instruction data;
a second control unit 702, configured to control the device side according to the instruction data.
In the method provided by the embodiment of the invention, the identity of the control end is authenticated by the equipment end, so that the identity of the external equipment is authenticated by the equipment end when the instruction data is transmitted, and the security of the data is improved; by this, the confidentiality of data at the time of transmission is improved. By applying the method of the invention, the security of the data during transmission is ensured through the identity authentication of the control end by the equipment end, and the confidentiality of the instruction data during transmission is ensured by encrypting the instruction data to be transmitted, thereby improving the security of the data during transmission.
The embodiment of the present invention further provides a control system, a schematic structural diagram of which is shown in fig. 8, and specifically includes a control end 801 and an equipment end 802;
the control terminal 801 and the device terminal 802 perform the following operations:
when a control instruction is received, sending an instruction data transmission request to an equipment end, and triggering the equipment end to perform identity authentication on the control end; when the control end passes the identity authentication of the equipment end, determining a first channel calculation factor; generating a first transmission key for data transmission with the equipment terminal according to the first channel calculation factor; encrypting the first channel calculation factor by applying the first transmission key to generate an encrypted ciphertext; sending the encrypted ciphertext to the equipment end to trigger the equipment end to decrypt the encrypted ciphertext to obtain the first channel calculation factor, and comparing the first channel calculation factor with a pre-generated second channel calculation factor; when the first channel calculation factor is consistent with the second channel calculation factor in comparison, the first transmission key is applied to encrypt instruction data to be transmitted; and transmitting the encrypted instruction data to the equipment end so that the equipment end executes control operation corresponding to the instruction data after acquiring the instruction data.
It should be noted that, in the present specification, the embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other. For the device type, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, refer to the partial description of the method embodiment.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, the system or system embodiments are substantially similar to the method embodiments and therefore are described in a relatively simple manner, and reference may be made to some of the descriptions of the method embodiments for related points. The above-described system and system embodiments are only illustrative, wherein the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (9)

1. A control method is applied to a control end and comprises the following steps:
when a control instruction is received, sending an instruction data transmission request to an equipment end, and triggering the equipment end to perform identity authentication on the control end;
when the control end passes the identity authentication of the equipment end, determining a first channel calculation factor; the first channel calculation factor is an operation result obtained by operating an identification character string sent by a control terminal to a device terminal;
generating a first transmission key for data transmission with the equipment terminal according to the first channel calculation factor;
encrypting the first channel calculation factor by applying the first transmission key to generate an encrypted ciphertext;
sending the encrypted ciphertext to the equipment end to trigger the equipment end to decrypt the encrypted ciphertext to obtain the first channel calculation factor, and comparing the first channel calculation factor with a pre-generated second channel calculation factor; the second channel calculation factor is a calculation factor generated by the equipment end in a preset mode and corresponds to the first channel calculation factor;
when the first channel calculation factor is consistent with the second channel calculation factor in comparison, the first transmission key is applied to encrypt instruction data to be transmitted;
and transmitting the encrypted instruction data to the equipment end so that the equipment end executes control operation corresponding to the instruction data after acquiring the instruction data.
2. The method of claim 1, wherein the triggering the device side to authenticate the control side comprises:
triggering the equipment end to send the identification character string and the random character string to the control end;
when the identification character string is received, calling a preset authentication root key to perform decentralized operation on the identification character string to obtain a first authentication key;
encrypting the random character string according to the first authentication key to obtain an authentication ciphertext;
and sending the authentication ciphertext to the equipment end so that the equipment end decrypts the authentication ciphertext to obtain a random character string contained in the authentication ciphertext, matching the random character string contained in the authentication ciphertext with the random character string sent to the control end, and authenticating the identity of the control end when the random character string contained in the authentication ciphertext is matched with the random character string sent to the control end.
3. The method of claim 2, wherein determining the first channel calculation factor comprises:
and calculating the identification character string according to a preset channel root key to obtain the first channel calculation factor.
4. The method according to claim 1 or 3, wherein the generating a first transmission key for data transmission with the device side comprises:
acquiring a channel encryption factor; the channel encryption factor is an encryption parameter generated by a control end and/or an equipment end and is used for generating a transmission key;
and carrying out encryption operation on the channel encryption factor according to the first channel calculation factor to obtain the first transmission key.
5. The method of claim 1, wherein triggering the device to decrypt the encrypted ciphertext to obtain the first channel calculation factor comprises:
triggering the equipment end to call a pre-generated second transmission key, decrypting the encrypted ciphertext to obtain the first channel calculation factor, wherein the second transmission key is a transmission key calculated and obtained by the equipment end according to the second channel calculation factor.
6. A control device is applied to a control end and comprises:
the triggering unit is used for sending an instruction data transmission request to an equipment end when receiving a control instruction, and triggering the equipment end to perform identity authentication on the control end;
the determining unit is used for determining a first channel calculation factor when the control end passes the identity authentication of the equipment end; the first channel calculation factor is an operation result obtained by operating an identification character string sent by a control terminal to a device terminal;
a generating unit, configured to generate a first transmission key for data transmission with the device side according to the first channel calculation factor;
the first encryption unit is used for encrypting the first channel calculation factor by applying the first transmission key to generate an encrypted ciphertext;
the sending unit is used for sending the encrypted ciphertext to the equipment end so as to trigger the equipment end to decrypt the encrypted ciphertext to obtain the first channel calculation factor, and comparing the first channel calculation factor with a pre-generated second channel calculation factor; the second channel calculation factor is a calculation factor generated by the equipment end in a preset mode and corresponds to the first channel calculation factor;
the second encryption unit is used for applying the first transmission key to encrypt the instruction data to be transmitted when the first channel calculation factor is consistent with the second channel calculation factor in comparison;
and the first control unit is used for transmitting the encrypted instruction data to the equipment end so that the equipment end executes control operation corresponding to the instruction data after acquiring the instruction data.
7. A control method is applied to a device side and comprises the following steps:
when encrypted instruction data sent by a control end are received, decrypting the encrypted instruction data according to a preset second transmission key to obtain the instruction data;
controlling the equipment terminal according to the instruction data;
wherein, the presetting process of the second transmission key comprises the following steps:
applying a preset second channel calculation factor to perform encryption operation on a channel encryption factor in the equipment end to obtain a second transmission key; the second channel calculation factor is a calculation factor generated by the equipment end in a preset mode and corresponds to the first channel calculation factor; the first channel calculation factor is an operation result obtained by operating the identification character string sent by the equipment terminal by the control terminal.
8. A control device is characterized by being applied to an equipment side and comprising:
the decryption unit is used for decrypting the encrypted instruction data according to a preset second transmission key when the encrypted instruction data sent by the control end are received, so as to obtain the instruction data;
the second control unit is used for controlling the equipment terminal according to the instruction data;
wherein, the presetting process of the second transmission key comprises the following steps:
applying a preset second channel calculation factor to perform encryption operation on a channel encryption factor in the equipment end to obtain a second transmission key; the second channel calculation factor is a calculation factor generated by the equipment end in a preset mode and corresponds to the first channel calculation factor; the first channel calculation factor is an operation result obtained by operating the identification character string sent by the equipment terminal by the control terminal.
9. A control system, comprising:
a control end and an equipment end;
wherein:
the control end is used for executing the control method of any one of claims 1-5;
the device side is configured to execute the control method according to claim 7.
CN201811390756.6A 2018-11-21 2018-11-21 Control method and related equipment Active CN109547303B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811390756.6A CN109547303B (en) 2018-11-21 2018-11-21 Control method and related equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811390756.6A CN109547303B (en) 2018-11-21 2018-11-21 Control method and related equipment

Publications (2)

Publication Number Publication Date
CN109547303A CN109547303A (en) 2019-03-29
CN109547303B true CN109547303B (en) 2021-06-25

Family

ID=65848806

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811390756.6A Active CN109547303B (en) 2018-11-21 2018-11-21 Control method and related equipment

Country Status (1)

Country Link
CN (1) CN109547303B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110366183B (en) * 2019-08-02 2023-01-24 中国工商银行股份有限公司 Short message safety protection method and device
CN112751872B (en) * 2020-12-30 2023-05-23 Tcl空调器(中山)有限公司 Control method of air conditioner, control authority request method, air conditioner and communication module
CN115065522A (en) * 2022-06-09 2022-09-16 北谷电子有限公司 Security authentication method, vehicle-mounted controller, remote communication terminal, and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102421096A (en) * 2011-12-22 2012-04-18 厦门雅迅网络股份有限公司 Method for safely transmitting data based on wireless network
CN104993981A (en) * 2015-05-14 2015-10-21 小米科技有限责任公司 Method and apparatus for controlling access of device
CN106658488A (en) * 2016-09-30 2017-05-10 海尔优家智能科技(北京)有限公司 Intelligent household electric appliance, method and apparatus for safely accessing the intelligent household electric appliance
CN106790156A (en) * 2016-12-29 2017-05-31 海尔优家智能科技(北京)有限公司 A kind of smart machine binding method and device
US9853977B1 (en) * 2015-01-26 2017-12-26 Winklevoss Ip, Llc System, method, and program product for processing secure transactions within a cloud computing system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102421096A (en) * 2011-12-22 2012-04-18 厦门雅迅网络股份有限公司 Method for safely transmitting data based on wireless network
US9853977B1 (en) * 2015-01-26 2017-12-26 Winklevoss Ip, Llc System, method, and program product for processing secure transactions within a cloud computing system
CN104993981A (en) * 2015-05-14 2015-10-21 小米科技有限责任公司 Method and apparatus for controlling access of device
CN106658488A (en) * 2016-09-30 2017-05-10 海尔优家智能科技(北京)有限公司 Intelligent household electric appliance, method and apparatus for safely accessing the intelligent household electric appliance
CN106790156A (en) * 2016-12-29 2017-05-31 海尔优家智能科技(北京)有限公司 A kind of smart machine binding method and device

Also Published As

Publication number Publication date
CN109547303A (en) 2019-03-29

Similar Documents

Publication Publication Date Title
US11070364B2 (en) Secure communication method and smart lock system based thereof
CN109618334B (en) Control method and related equipment
CN109150835B (en) Cloud data access method, device, equipment and computer readable storage medium
CN108512846B (en) Bidirectional authentication method and device between terminal and server
CN106130982B (en) Intelligent household appliance remote control method based on PKI system
CN110365484B (en) Data processing method, device and system for equipment authentication
CN108111497B (en) Mutual authentication method and device for camera and server
CN105634737B (en) Data transmission method, terminal and system
CN109547303B (en) Control method and related equipment
CN113114668B (en) Information transmission method, mobile terminal, storage medium and electronic equipment
CN107682152B (en) Group key negotiation method based on symmetric cipher
US20210351920A1 (en) Secure communication method and smart lock system based thereof
CN107707562B (en) Method and device for encrypting and decrypting algorithm of asymmetric dynamic token
CN112672342B (en) Data transmission method, device, equipment, system and storage medium
CN112003697A (en) Encryption and decryption method and device for cryptographic module, electronic equipment and computer storage medium
JP7064653B2 (en) Communications system
CN109922022A (en) Internet of Things communication means, platform, terminal and system
Diallo et al. A secure authentication scheme for bluetooth connection
CN112184960B (en) Intelligent lock control method and device, intelligent lock system and storage medium
CN107920097B (en) Unlocking method and device
CN112487455A (en) Data processing method and device and data interaction system
CN111865565B (en) Key management method, intelligent device, server and mobile terminal
KR101790121B1 (en) Method and System for certificating electronic machines
CN113726720B (en) Internet of things equipment communication method, equipment, server and communication system
US20230297708A1 (en) System and method for managing data-file transmission and access right to data files

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant