CN110322600B - Control method of electronic lock and electronic lock - Google Patents

Control method of electronic lock and electronic lock Download PDF

Info

Publication number
CN110322600B
CN110322600B CN201910485598.0A CN201910485598A CN110322600B CN 110322600 B CN110322600 B CN 110322600B CN 201910485598 A CN201910485598 A CN 201910485598A CN 110322600 B CN110322600 B CN 110322600B
Authority
CN
China
Prior art keywords
subsystem
key
door lock
key factor
electronic door
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910485598.0A
Other languages
Chinese (zh)
Other versions
CN110322600A (en
Inventor
孙吉平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Senseshield Technology Co Ltd
Original Assignee
Beijing Senseshield Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Senseshield Technology Co Ltd filed Critical Beijing Senseshield Technology Co Ltd
Priority to CN201910485598.0A priority Critical patent/CN110322600B/en
Publication of CN110322600A publication Critical patent/CN110322600A/en
Application granted granted Critical
Publication of CN110322600B publication Critical patent/CN110322600B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Lock And Its Accessories (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a control method of an electronic lock and the electronic lock, and relates to the technical field of electronic locks. The invention mainly solves the problem of low safety of the electronic lock in the prior art. The electronic lock comprises an electronic door lock subsystem and a split type control subsystem, and the method comprises the following steps: a safe communication channel is established between the electronic door lock subsystem and the split type control subsystem; the electronic door lock subsystem and the split type control subsystem exchange key factors; when the electronic door lock subsystem and the split control subsystem exchange data through the secure communication channel, the exchange data is encrypted and decrypted by using the session key generated based on the key factor. The invention can be widely applied to the scene of controlling the electronic lock.

Description

Control method of electronic lock and electronic lock
Technical Field
The invention relates to the technical field of electronic locks, in particular to a control method of an electronic lock and the electronic lock.
Background
The electronic lock is an electronic product which can control the opening and closing of a mechanical switch through a control circuit or a chip to complete the unlocking and locking tasks. Because the electronic lock can identify the person who enters or exits during unlocking by inputting the password and the like, compared with the traditional mechanical lock, the electronic lock has higher safety, and the electronic lock can replace the mechanical lock to become the lock type selected by the user.
However, due to the volume limitation of the electronic lock, the operation space of a user is small, management operation is inconvenient, the battery capacity is small, the electronic lock is easy to lose power during use, and the potential safety hazard of the electronic lock is increased.
Disclosure of Invention
In view of the above problems, the present invention provides a control method for an electronic lock and an electronic lock, and mainly aims to solve the problem of low security of the electronic lock in the prior art.
In order to solve the technical problem, in a first aspect, the present invention provides a method for controlling an electronic lock, where the electronic lock includes an electronic lock subsystem and a split control subsystem, and the method includes:
a safe communication channel is established between the electronic door lock subsystem and the split type control subsystem;
the electronic door lock subsystem and the split type control subsystem exchange key factors;
when the electronic door lock subsystem and the split control subsystem exchange data through the secure communication channel, the exchange data is encrypted and decrypted by using the session key generated based on the key factor.
Optionally, exchanging the key factor between the electronic door lock subsystem and the split control subsystem includes:
the first key factor generated by the electronic door lock subsystem is encrypted by using a public key of the split control subsystem and is sent to the split control subsystem through the secure communication channel;
the second key factor generated by the split control subsystem is encrypted by using a public key of the electronic door lock subsystem and is sent to the electronic door lock subsystem through the secure communication channel;
after receiving the encrypted second key factor, the electronic door lock subsystem decrypts and stores the encrypted second key factor by using a private key of the electronic door lock subsystem;
and after receiving the encrypted first key factor, the split control subsystem decrypts and stores the encrypted first key factor by using a private key of the split control subsystem.
Optionally, encrypting and decrypting the interactive data by using the session key generated based on the key factor includes:
encrypting the interactive data to be sent by using a first session key generated based on the first key factor and the second key factor;
decrypting the received interaction data using a second session key generated based on the first key factor and the second key factor.
Optionally, the method further includes:
the electronic door lock subsystem and the split control subsystem use own private key signature for interactive data to be sent;
and the electronic door lock subsystem and the split control subsystem use the public key signature of a sender for the received interactive data.
Optionally, the method further includes:
the electronic door lock subsystem and the split control subsystem add a timestamp of the current time in interactive data to be sent;
the electronic door lock subsystem and the split control subsystem verify whether the timestamp in the received interactive data is greater than the timestamp in the last received interactive data.
In a second aspect, the present invention provides an electronic lock, comprising:
the electronic door lock system comprises an electronic door lock subsystem and a split type control subsystem, wherein the electronic door lock subsystem comprises a first safety module, and the split type control subsystem comprises a second safety module;
the first safety module and the second safety module are used for establishing a safety communication channel between the electronic door lock subsystem and the split type control subsystem;
the electronic door lock subsystem and the split control subsystem are used for exchanging key factors based on the secure communication channel;
the first security module and the second security module are further configured to encrypt and decrypt interactive data using a session key generated based on the key factor when the data is interacted through the secure communication channel.
Optionally, the first security module is further configured to generate a first key factor, encrypt the first key factor using a public key of the split control subsystem, and send the encrypted first key factor to the second security module through a secure communication channel; the second security module is further configured to generate a second key factor, encrypt the second key factor using a public key of the electronic door lock subsystem, and send the encrypted second key factor to the first security module through a secure communication channel;
after receiving the encrypted second key factor, the first security module decrypts and stores the encrypted second key factor by using a private key of the electronic door lock subsystem; and after receiving the encrypted first key factor, the second security module decrypts and stores the encrypted first key factor by using a private key of the split type control subsystem.
Optionally, the first security module and the second security module are further configured to encrypt, when data is exchanged through the secure communication channel, to-be-sent exchange data using a first session key generated based on the first key factor and the second key factor; and decrypting the received interaction data using a second session key generated based on the first key factor and the second key factor.
Optionally, the first security module is further configured to sign the interactive data to be sent by using a private key of the electronic door lock subsystem, and check the received interactive data by using a public key of the sender;
the second security module is also used for signing the interactive data to be sent by using a private key of the split control subsystem and checking the received interactive data by using a public key of a sender.
Optionally, the first security module and the second security module are further configured to add a timestamp of a current time to the interactive data to be sent;
the first security module and the second security module are further configured to verify whether a timestamp in the received interaction data is greater than a timestamp in the last received interaction data.
By means of the technical scheme, the control method of the electronic lock and the electronic lock provided by the invention aim at the technical defect that the electronic lock in the prior art is easy to lose efficacy and generates potential safety hazards, the electronic lock is improved, and the control system and the electronic lock body are separated, so that the operation space of the control system and the space for arranging the battery are increased. In addition, after the electronic door lock subsystem and the split control subsystem are separately installed, a safe communication channel is also established between the electronic door lock subsystem and the split control subsystem to complete identity mutual identification, and the interactive data sent to the other side by the electronic door lock subsystem and the split control subsystem are ensured to be transmitted in the safe communication channel. Before data transmission, the two subsystems exchange key factors, and a session key jointly generated based on the exchanged key factors is used for encrypting and decrypting the interactive data, so that the two subsystems of the electronic lock can correctly encrypt and decrypt the interactive data, and the safety of the electronic lock is improved.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 is a flowchart illustrating a control method of an electronic lock according to an embodiment of the present invention;
FIG. 2 is a flow chart illustrating a method for controlling an electronic lock according to another embodiment of the present invention;
FIG. 3 is a block diagram illustrating an electronic lock according to an embodiment of the present invention;
fig. 4 is a block diagram illustrating another electronic lock according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present invention will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the invention are shown in the drawings, it should be understood that the invention can be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art.
In order to improve the security of the electronic lock, an embodiment of the present invention provides a method for controlling an electronic lock, as shown in fig. 1, the method includes:
101. and a safe communication channel is established between the electronic door lock subsystem and the split type control subsystem.
The electronic lock body and the control system thereof are arranged in a split manner, so that the split type electronic lock comprises a split type control subsystem and an electronic door lock subsystem. Before the electronic door lock system and the corresponding split type control subsystem are used for data interaction, in order to improve the data transmission safety of the electronic door lock system and the corresponding split type control subsystem, the two corresponding subsystems need to be mutually identified, so that the subsequent electronic door lock subsystem and the split type control subsystem only respond to interaction data sent by the mutually identified subsystems. An exclusive safety communication channel is established between the electronic door lock subsystem and the corresponding split type control subsystem, so that all data needing interaction between the electronic door lock subsystem and the split type control subsystem are transmitted by using the safety communication channel, and the safety of the data is ensured.
102. And the electronic door lock subsystem and the split type control subsystem exchange key factors.
After the electronic door lock subsystem and the corresponding split control subsystem perform identity mutual identification, the exchange of key factors is performed through the established secure communication channel. The key factor is only known by the sender and the receiver, so that the session key generated by the key factor calculation only has the corresponding electronic door lock subsystem and the split control subsystem. The key factor may be a verification code, an identification, a random number, etc. representing an identity. The present embodiment does not specifically limit the key factor.
103. When the electronic door lock subsystem and the split control subsystem exchange data through the secure communication channel, the exchange data is encrypted and decrypted by using the session key generated based on the key factor.
When data are interacted between the electronic door lock subsystem and the split type control subsystem through a safe communication channel, the subsystem serving as a sender generates a session key based on a key factor and encrypts interactive data to be sent by using the session key, and the encrypted interactive data are sent to the subsystem serving as a receiver through the safe communication channel. When the subsystem as the receiving party receives the interactive data through the secure communication channel, the received interactive data is decrypted by using the session key generated based on the key factor, if the decryption is successful, the interactive data sent by the mutually identified subsystem is received, and further operation can be performed according to the interactive data.
Furthermore, after the electronic door lock subsystem and the split control subsystem correctly decrypt the interactive data, corresponding operations such as unlocking, information acquisition and information reading can be performed according to the received interactive data. For example, after receiving an unlocking request of a user, the split control subsystem generates an unlocking command, encrypts the unlocking command by using a session key generated based on a key factor, and sends the encrypted unlocking command to the electronic door lock subsystem through the secure communication channel. After receiving an unlocking command sent through a secure communication channel, the electronic door lock subsystem decrypts the unlocking command according to a session key generated based on the key factor, and if decryption is successful, unlocking is carried out according to the command. For another example, after the fingerprint information collecting command sent by the split control subsystem is correctly decrypted, the electronic door lock subsystem controls the fingerprint identification sensor to collect the current fingerprint information of the user. For another example, the split control subsystem may receive and store or identify the fingerprint information sent by the electronic door lock subsystem after correctly decrypting the fingerprint information. For another example, after the electronic door lock subsystem correctly decrypts the access card information reading command sent by the split control subsystem, the electronic door lock subsystem controls the radio frequency card reader to read the current access card information. For another example, the electronic door lock subsystem drives the motor to unlock the door lock after the unlocking command sent by the split control subsystem is correctly decrypted. For another example, after correctly decrypting the facial recognition instruction sent by the electronic door lock subsystem, the split control subsystem starts the optical camera to recognize the facial image of the current user. For another example, after the split control subsystem correctly decrypts the iris identification instruction sent by the electronic door lock subsystem, the infrared camera is started to identify the facial image of the current user.
Further, in this embodiment, the split control subsystem may authenticate the identity of the user after receiving a request such as unlocking of the user, and after the authentication passes, the split control subsystem may send corresponding interactive data to the electronic door lock subsystem. For example, when a user unlocks the lock, the user needs to input a password into the electronic door lock subsystem, the electronic door lock subsystem verifies the password, and after the password passes the verification, the electronic door lock subsystem sends the ID number of the user to the split control subsystem through the secure communication channel to request the split control subsystem to perform further identification on the current user. After receiving the request, the split control subsystem performs face image acquisition and/or iris image acquisition on the user, matches the acquired face image and/or iris image with the stored identity identification information, and judges whether the current user has the unlocking authority or not according to the matching result, namely whether the request of the current user is legal or not. And when the unlocking command is judged to be legal, the split control subsystem encrypts the unlocking command comprising the matching result through the session key, and sends the unlocking command to the electronic door lock subsystem through the secure communication channel to command the electronic door lock subsystem to unlock.
Further, in this embodiment, a user account is added through the split control subsystem, and corresponding identification information is set in the account. For example, before receiving an unlocking request from a user, the electronic lock needs to establish an account number for the user authorized to unlock the electronic lock. Specifically, the split control subsystem sends an account number of a user to the electronic door lock subsystem through a secure communication channel and sends a fingerprint acquisition command to control the electronic door lock subsystem to acquire fingerprint information of the user; after the electronic door lock subsystem finishes fingerprint information acquisition, the acquired information is sent to the split type control subsystem through a safety communication channel, and the split type control subsystem stores the received fingerprint information into a corresponding account so as to finish the setting of a user account. For another example, the split control subsystem sends a card reading command to control the electronic door lock subsystem to read the access card information of the user; and after the electronic door lock subsystem finishes the information reading of the access card, the information of the access card is sent to the split control subsystem through a safety communication channel, and the split control subsystem stores the received information of the access card into a corresponding account so as to finish the setting of the user account. For example, when the account of the user is added, the split control subsystem may further acquire a face image and/or an iris image of the user through the camera, and then store the face image and/or the iris image to complete the setting of the account of the user. Further, the user can complete the addition of the account number in the split control subsystem through the operation on the touch screen. In the process of adding the user account, all interactive data between the electronic door lock subsystem and the split control subsystem are transmitted by using a secure communication channel, and are encrypted and decrypted by using a session key generated based on a key factor, so that the security of the data of the user account is ensured.
The control method of the electronic lock provided by the invention aims at the technical defect that the electronic lock is easy to lose efficacy and generates potential safety hazard in the prior art, the improved split type electronic lock is controlled, after the electronic lock subsystem and the split type control subsystem are separately installed, a safe communication channel is also established between the electronic lock subsystem and the split type control subsystem to complete identity mutual identification, and the interactive data sent to the opposite side by the electronic lock subsystem and the split type control subsystem are ensured to be transmitted in the safe communication channel. Before data is transmitted, the two subsystems exchange key factors, and interactive data is encrypted and decrypted by a session key jointly generated based on the exchanged key factors so as to ensure that only the two subsystems of the electronic lock can correctly encrypt and decrypt the interactive data.
Further, as a refinement and an expansion of the embodiment shown in fig. 1, an embodiment of the present invention further provides another control method of an electronic lock, as shown in fig. 2, where the specific steps are as follows:
201. and a safe communication channel is established between the electronic door lock subsystem and the split type control subsystem.
The implementation manner of step 201 is the same as that of step 101 in the above embodiment, and is not described herein again.
202. And the first key factor generated by the electronic door lock subsystem is encrypted by using a public key of the split control subsystem and is sent to the split control subsystem through a secure communication channel.
203. And after receiving the encrypted first key factor, the split control subsystem decrypts and stores the encrypted first key factor by using a private key of the split control subsystem.
204. And the second key factor generated by the split control subsystem is encrypted by using a public key of the electronic door lock subsystem and is sent to the electronic door lock subsystem through a secure communication channel.
205. And after receiving the encrypted second key factor, the electronic door lock subsystem decrypts and stores the encrypted second key factor by using a private key of the electronic door lock subsystem.
After the two subsystems of the split electronic lock mutually identify identities, key factors are respectively generated and exchanged, so that the two subsystems both have the key factors of the two subsystems and the key factor of the other side, and only the corresponding electronic door lock subsystem and the split control subsystem can have the key factors of the two subsystems.
Further, the specific way of exchanging the key factor may be to exchange generated random numbers (i.e. key factors) between the electronic door lock subsystem and the split control subsystem. The electronic door lock subsystem and the split type control subsystem mutually acquire a public key of the other side, the electronic door lock subsystem generates a random number RND1 (namely a first key factor), and the split type control subsystem generates a random number RND2 (namely a second key factor). The electronic door lock subsystem encrypts the random number RND1 by using a public key PubB of the split type control subsystem, and the split type control subsystem encrypts the random number RND2 by using a public key PubA of the electronic door lock subsystem. The electronic door lock subsystem sends the encrypted random number RND1 to the split control subsystem, and the split control subsystem sends the encrypted random number RND2 to the electronic door lock subsystem. The electronic door lock subsystem decrypts the data by using a private key PrIA of the electronic door lock subsystem after receiving the encrypted data to obtain a random number RND2 of the split control subsystem; and the split control subsystem decrypts the data by using a private key PrIB of the split control subsystem after receiving the encrypted data to obtain a random number RND1 of the electronic door lock subsystem. And finally, the electronic door lock subsystem and the split control subsystem store the random numbers generated by the other side, so that the mutual identification of the identities of the two subsystems and the exchange of the random numbers are completed.
It should be noted that, the step 202-203 is a transmission step of the first key factor between the electronic door lock subsystem and the split-type control subsystem, and the step 204-205 is a transmission step of the second key factor between the electronic door lock subsystem and the split-type control subsystem, and the step 202-203 and the step 204-205 may be executed sequentially or in parallel, and the execution sequence does not affect the execution result. The execution sequence of steps 202-.
206. When the electronic door lock subsystem and the split type control subsystem exchange data through the secure communication channel, the first session key generated based on the first key factor and the second key factor is used for encrypting the exchange data to be sent.
Due to the fact that the data and the commands are transmitted in a plaintext mode, the data are easy to steal and replace, the communicated data need to be encrypted, and the safety of the electronic lock with the split type design can be guaranteed. And in order to ensure that the set password can only be calculated by the electronic door lock subsystem and the split control subsystem, the exchanged key factors are used for generating the session key. The generated first session key and the second session key may be the same or different. Specifically, based on the first key factor and the second key factor, a first session key and a second session key are generated by a calculation method, the first session key and the second session key are the same, and the electronic door lock subsystem and the split control subsystem encrypt and decrypt the interactive data by using the session keys; or, based on the first key factor and the second key factor, generating a first session key and a second session key by different calculation methods, wherein the first session key is different from the second session key, the electronic door lock subsystem and the split type control subsystem encrypt the interactive data to be sent by using the first session key, and the electronic door lock subsystem and the split type control subsystem decrypt the received interactive data by using the second session key; or, the first key factors and the second key factors are multiple, based on the first key factors and the second key factors of different pairs, a first session key and a second session key are generated by a calculation method, the first session key and the second session key are different, the electronic door lock subsystem and the split type control subsystem encrypt the interaction data to be sent by using the first session key, and the electronic door lock subsystem and the split type control subsystem decrypt the received interaction data by using the second session key; or the first key factors and the second key factors are multiple, the first session keys and the second session keys are generated by different calculation methods based on the first key factors and the second key factors of different pairs, the first session keys and the second session keys are different, the electronic door lock subsystem and the split type control subsystem encrypt the interaction data to be sent by using the first session keys, and the electronic door lock subsystem and the split type control subsystem decrypt the received interaction data by using the second session keys. For example, after the electronic door lock subsystem and the split type control subsystem exchange the generated random numbers RND1 and RND2 with each other, the session key KeyS1 (i.e., the first session key) and the session key KeyS2 (i.e., the second session key) are calculated and generated based on the RND1 and the RND2, and the data encrypted by using the KeyS1 is agreed to be decrypted by using the KeyS 2. When the electronic door lock subsystem and the split type control subsystem exchange data, the KeyS1 is used for encrypting the interactive data to be sent, and the KeyS2 is used for decrypting the received interactive data.
207. And the electronic door lock subsystem and the split control subsystem add a time stamp of the current time in the interactive data to be sent.
In order to prevent the receipt of the replayed interactive data, the electronic door lock subsystem and the split control subsystem add 4 bytes to the header of the interactive data before sending the interactive data for storing the timestamp of the current time, so that the receiver can obtain the corresponding transmission time when receiving the interactive data, and determine whether the currently received interactive data is the replayed interactive data according to the time.
208. The electronic door lock subsystem and the split type control subsystem use own private key signature for interactive data to be sent.
Before sending interactive data, the electronic door lock subsystem and the split control subsystem carry out digital signature on the data by using a private key of the electronic door lock subsystem and the split control subsystem, so that a receiver can identify the identity of a sender through the digital signature after receiving the data.
Further, a digital signature of the sender is added at the tail part of the interactive data for verifying the validity and the integrity of the interactive data. For example, the electronic door lock subsystem signs the interaction data to be transmitted by using PriA based on RSA algorithm or SM2 algorithm; the split type control subsystem uses PrIB to sign communication data to be sent based on an RSA algorithm or an SM2 algorithm; to ensure that the communication data cannot be tampered and forged.
It should be noted that encrypting the interactive data, adding the digital signature, and adding the timestamp are execution steps that are not mutually affected, and this embodiment does not specifically limit the execution sequence of steps 206, 207, and 208, and fig. 2 shows only one of the execution sequences. The order of execution of steps 206, 207 and 208 may be as follows:
the first execution order: and encrypting the interactive data to be sent by using the first session key, adding the digital signature of the sender, and adding the timestamp of the current time.
The second execution order: and encrypting the interactive data to be sent by using the first session key, adding the timestamp of the current time, and then adding the digital signature of the sender.
The third execution order: and adding the digital signature of the sender to the interactive data to be sent, adding the timestamp of the current time, and encrypting the interactive data by using the first session key.
The fourth execution order: and adding a digital signature of a sender to interactive data to be sent, encrypting the interactive data by using the first session key, and adding a timestamp of the current time.
The fifth execution sequence: and adding a timestamp of the current time to interactive data to be sent, then adding a digital signature of a sender, and then encrypting the interactive data by using the first session key.
Sixth execution order: and adding a timestamp of the current time to interactive data to be sent, encrypting the interactive data by using the first session key, and adding a digital signature of a sender.
209. The electronic door lock subsystem and the split type control subsystem verify whether the time stamp in the received interactive data is larger than the time stamp in the last received interactive data.
After the electronic door lock subsystem and the split control subsystem receive the interactive data through the secure communication channel, anti-replay check needs to be continuously performed on the interactive data. The specific implementation mode is as follows: acquiring a timestamp carried in the interactive data, comparing the timestamp with a timestamp acquired when the interactive data is received last time, and if the currently acquired timestamp is later than the last acquired timestamp, indicating that the currently received interactive data is not replayed, and continuously carrying out further verification on the interactive data or executing operation according to the interactive data; if the timestamp of the current acquisition is earlier than or equal to the timestamp of the last acquisition, the currently received interactive data is replayed, and no further verification is needed on the interactive data or operation is executed according to the interactive data.
210. And the electronic door lock subsystem and the split control subsystem use the public key of a sender to check and sign the received interactive data.
After the electronic door lock subsystem and the split control subsystem receive the interactive data through the secure communication channel, identity authentication and integrity verification of a sender need to be continuously performed on the interactive data. The specific implementation mode is as follows: the electronic door lock subsystem checks the received interactive data by using a public key PubB of the split type control subsystem, and the split type control subsystem checks the received interactive data by using a public key PubA of the electronic door lock subsystem. If the verification passes, further verifying the interactive data or executing operation according to the interactive data; if the signature verification fails, further verification of the interactive data or operation execution according to the interactive data is not needed.
211. The electronic door lock subsystem and the split control subsystem decrypt the received interactive data using a second session key generated based on the first key factor and the second key factor.
Corresponding to step 206, after receiving the interactive data, the electronic door lock subsystem and the split control subsystem decrypt the interactive data by using the second session key corresponding to the first session key used for encrypting the interactive data, and after the decryption is successful, execute corresponding operations according to the interactive data.
It should be noted that step 209 corresponds to step 207, step 210 corresponds to step 208, and step 211 corresponds to step 206, so that the execution sequence of steps 209, 210, and 211 depends on the execution sequence of steps 206, 207, and 208, and only one of the execution sequences is shown in fig. 2. The order of execution of steps 209, 210 and 211 may be a variety of:
the first execution order: and decrypting the interactive data to be transmitted by using the second session key, verifying the digital signature, and comparing the timestamp.
The second execution order: and decrypting the received interactive data by using the second session key, comparing the timestamp, and verifying the digital signature.
The third execution order: and verifying the digital signature of the received interactive data, comparing the timestamp, and then decrypting the interactive data by using the second session key.
The fourth execution order: and verifying the digital signature of the received interactive data, decrypting the interactive data by using the second session key, and comparing the timestamp.
The fifth execution sequence: and comparing the received interactive data with the timestamp, verifying the digital signature, and decrypting by using the second session key.
Sixth execution order: and comparing the received interactive data with the timestamp, decrypting the interactive data by using the second session key, and verifying the digital signature.
According to the control method of the split-type electronic lock provided by the embodiment of the invention, the electronic door lock subsystem and the split-type control subsystem generate the first session key for encrypting the interactive data and the second session key for decrypting the interactive data according to the exchanged key factors, so that the electronic door lock subsystem and the split-type control subsystem can use the key only known by the opposite side to encrypt and decrypt the interactive data, and the safety of the data during transmission is ensured. In addition, in order to enable the transmitted information content to meet the safety requirements of integrity verification and sender identity authentication, the embodiment adopts a mode of adding a sender digital signature in data transmitted by an electronic lock comprising an electronic lock subsystem and a split type control subsystem to realize integrity verification and sender identity authentication. In order to enable the transmitted information content to meet the safety requirement of anti-replay, the embodiment adopts a mode of increasing the time stamp of the current transmission time in the data transmitted by the electronic door lock subsystem and the split type control subsystem to realize anti-replay. Therefore, in the secure communication channel, the transmitted forged and replayed data are invalid.
Further, as an implementation of the method shown in fig. 1, an embodiment of the present invention further provides an electronic lock, which is used for implementing the method shown in fig. 1. The embodiment of the apparatus corresponds to the embodiment of the method, and for convenience of reading, details in the embodiment of the apparatus are not repeated one by one, but it should be clear that the apparatus in the embodiment can correspondingly implement all the contents in the embodiment of the method.
As shown in fig. 3, the electronic lock comprises an electronic door lock subsystem 31 and a split control subsystem 32, the electronic door lock subsystem 31 comprises a first security module 311, and the split control subsystem 32 comprises a second security module 321. The first security module 311 and the second security module 321 are used to establish a secure communication channel, on which the electronic door lock subsystem 31 and the split control subsystem 32 exchange key factors, and exchange data through the secure communication channel.
In an alternative design, the first security module 311 in the electronic door lock subsystem 31 and/or the second security module 321 in the distributed control subsystem 32 may be a code-based integrated functional module in a control chip, or may be a special security chip, such as an encryption chip, for storing, encrypting, decrypting, and performing security verification on important interaction data.
The electronic door lock subsystem 31 sends the interactive data to the second security module 321 through the first security module 311, and the split control subsystem 32 sends the interactive data to the first security module 311 through the second security module 321. Further, the first security module 311 and the second security module 321 encrypt and decrypt the interactive data using the session key generated based on the key factor when the interactive data is interacted.
Optionally, the first security module 311 in the electronic door lock subsystem 31 is configured to generate a first key factor, the second security module 321 in the split control subsystem 32 is configured to generate a second key factor, and the first key factor RND1 and the second key factor RND2 are interchanged, specifically: after encrypting the RND1 by using the public key PubB of the split control subsystem 32, the first security module 311 sends the encrypted RND1 to the second security module 321; the second security module 321 encrypts the RND2 using the public key PubA of the electronic door lock subsystem 31, and then transmits the encrypted RND2 to the first security module 311. The first security module 311 decrypts the received encrypted RND2 by using its own private key PriA to obtain RND2 and stores it; the second security module 321 decrypts the received encrypted RND1 by using its own private key PriB to obtain and store RND 1; thereby completing the exchange of the two subsystem key factors. The first key factor may be a random number to be generated by the electronic door lock subsystem 31, and the second key factor may be a random number generated by the split control subsystem 32; however, the present embodiment does not specifically limit the key factor.
Alternatively, the first security module 311 and the second security module 321 generate the session key KeyS according to the RND1 and the RND2, so that all interaction data sent between the first security module 311 and the second security module 321 are encrypted using the KeyS that is only known to each other. For example, when the electronic door lock subsystem 31 transmits the interaction data to the split control subsystem 32, the first security module 311 generates a first session key KeyS1 based on the RND1 and the RND2, encrypts the interaction data to be transmitted through the KeyS1, and then transmits the encrypted interaction data to the second security module 321. The second security module 321 generates a second session key KeyS2 based on the RND1 and the RND2 and decrypts the received interaction data through KeyS 2. The split control subsystem 32 also adopts session key encryption and decryption in the same way in the process of sending the interactive data to the electronic door lock subsystem, which is not described in detail.
Optionally, the first security module 311 is further configured to add a digital signature of the electronic door lock subsystem 31 to the interaction data to be sent before sending the interaction data. The second security module 321 is further configured to add a digital signature of the split control subsystem 32 to the interactive data to be transmitted before transmitting the interactive data.
The first security module 311 is further configured to use the public key PubB of the split control subsystem to check the received interactive data, and the second security module 321 is further configured to use the public key PubA of the electronic door lock subsystem to check the received interactive data.
Optionally, the first security module 311 is further configured to add a timestamp of a current time of the electronic door lock subsystem 31 to the interactive data to be sent before sending the interactive data. The second security module 321 is further configured to add a timestamp of the current time to the interactive data to be sent before sending the interactive data.
The first security module 311 and the second security module 321 are further configured to verify whether a timestamp in the received interaction data is greater than a timestamp in the last received interaction data.
Optionally, as shown in fig. 4, the electronic door lock subsystem 31 further includes a first control module 312 and an action driving module 313. The first control module 312 is used for executing the established codes and policies, and performing control and data interaction with other modules in the electronic door lock subsystem 31. For example, after determining that the received unlocking command is legal, the first security module 311 may notify the first control module 312, and the first control module 312 may control the motion driving module 313 to drive the motor, the electromagnet, and other components to complete unlocking according to the command; alternatively, after determining that the received unlocking command is valid, the first security module 311 directly communicates 313 with the operation driving module, so that the operation driving module communicates 313 to complete the unlocking operation according to the command.
Optionally, the electronic door lock subsystem 31 further includes an input module and a first communication module. The input module comprises at least one of a physical keyboard, a touch keyboard, a fingerprint identification sensor and a radio frequency card reader. The entity keyboard and the touch keyboard are used for receiving a password input by a user when a user account is established or the user carries out unlocking operation, the fingerprint identification sensor is used for collecting fingerprint information of the user when the user account is established or the user carries out unlocking operation, and the radio frequency card reader is used for collecting information of an access control card shown by the user when the user account is established or the user carries out unlocking operation. The first communication module is used for being in communication connection with other external equipment comprising a split type control subsystem, and the communication mode of the first communication module comprises wired/WIFI/Bluetooth/Zigbee/2.4G/RS 232/RS 485/mobile network modes and the like.
Optionally, the split control subsystem 32 includes an image acquisition module, a display screen, a second communication module, and a second control module. The image acquisition module comprises at least one of an optical camera, an infrared camera, a visible light illuminating device and an infrared illuminating device. The optical camera is used for collecting a facial image of a user when a user account is established or the user carries out unlocking operation; the infrared camera is used for acquiring an iris image of the user when a user account is established or the user carries out unlocking operation; the visible light illuminating device is used for providing an additional light source for the optical camera, so that the quality of the acquired image is improved; the infrared lighting device is used for providing an additional light source for the infrared camera, and the quality of the collected image is improved. The second communication module is used for being in communication connection with other external equipment comprising a split type control subsystem, and the communication mode comprises wired/WIFI/Bluetooth/Zigbee/2.4G/RS 232/RS 485/mobile network modes and the like. The second control module is used to execute the established codes and policies for control and data interaction with other modules in the split control subsystem 32.
By means of the technical scheme, the electronic lock provided by the embodiment of the invention is improved aiming at the technical defect that the electronic lock in the prior art is easy to lose efficacy and generates potential safety hazards, and the electronic door lock subsystem 31 and the split type control subsystem 32 are separated, so that the operation space of the control system and the space for arranging the battery are increased. In addition, after the electronic door lock subsystem and the split-type control subsystem are separately installed, a secure communication channel is established by using the first security module 311 of the electronic door lock subsystem 31 and the second security module 321 of the split-type control subsystem 32, so that data sent to the opposite side by the electronic door lock subsystem 31 and the split-type control subsystem 32 are transmitted in the secure communication channel. Before receiving a command sent by the other side, the two subsystems carry out key factor exchange, and a session key jointly generated by the exchanged keys carries out encryption and decryption on the interactive data so as to ensure that only the two subsystems of the electronic lock can correctly encrypt and decrypt the interactive data. Furthermore, the electronic door lock subsystem 31 and the split control subsystem 32 generate a first session key for encrypting the interactive data and a second session key for decrypting the interactive data, and can encrypt and decrypt the interactive data using a password known only by the other party, thereby ensuring the security of the data during transmission. Moreover, the first security module 311 and the second security module 321 implement integrity check of data and identity authentication of the sender by adding a digital signature of the sender to the interactive data. The first security module 311 and the second security module 321 also implement the security requirement of data against replay in a manner of adding a timestamp of the current time of transmission in the interactive data. Therefore, in the secure communication channel, the transmitted forged and replayed data are invalid.
In the foregoing embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
It will be appreciated that the relevant features of the devices described above may be referred to one another. In addition, "first", "second", and the like in the above embodiments are for distinguishing the embodiments, and do not represent merits of the embodiments.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed apparatus should not be construed to reflect the intent as follows: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Those skilled in the art will appreciate that the components of the apparatus of the embodiments may be adapted and arranged in one or more arrangements different from the embodiments. The components of the embodiments may be combined into one component and, in addition, they may be divided into a plurality of sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the components of any apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments described herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination. The various component embodiments of the present invention may be implemented in hardware, or in a combination thereof.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or components not listed in a claim. The word "a" or "an" preceding a component or element does not exclude the presence of a plurality of such components or elements. The invention may be implemented by means of an apparatus comprising several distinct elements. In the claims enumerating several means, several of these means may be embodied by one and the same item. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the present invention in any way, and any simple modification, equivalent change and modification made to the above embodiment according to the technical spirit of the present invention are still within the scope of the technical solution of the present invention.

Claims (8)

1. A control method of an electronic lock, wherein the electronic lock comprises an electronic door lock subsystem and a split control subsystem, the method comprising:
a safe communication channel is established between the electronic door lock subsystem and the split type control subsystem;
the electronic door lock subsystem and the split type control subsystem exchange key factors;
when the electronic door lock subsystem and the split type control subsystem exchange data through the secure communication channel, encrypting and decrypting the exchange data by using a session key generated based on the key factor;
the encrypting and decrypting the interactive data using the session key generated based on the key factor includes:
the electronic door lock subsystem and the split control subsystem add a timestamp of the current time to interactive data to be sent, and encrypt the interactive data by using a first session key to obtain an interactive data ciphertext;
the electronic door lock subsystem and the split control subsystem decrypt the received interactive data ciphertext by using a second session key to obtain an interactive data plaintext; verifying whether the timestamp in the clear text of the interaction data is larger than the timestamp in the interaction data received last time; if yes, executing operation according to the interactive data;
the first session key is a session key which is generated by the electronic door lock subsystem and the split control subsystem respectively based on a first key factor and a second key factor and used for encryption; the second session key is a session key for decryption, which is generated by the electronic door lock subsystem and the split control subsystem respectively based on the first key factor and the second key factor; the first key factor is generated by the electronic lock subsystem, the second key factor is generated by the split control subsystem, the first key factor and the second key factor are multiple, and the first session key and the second session key are generated based on different pairs of the first key factor and the second key factor.
2. The method of claim 1, wherein exchanging key factors between the electronic door lock subsystem and the split control subsystem comprises:
the first key factor generated by the electronic door lock subsystem is encrypted by using a public key of the split control subsystem and is sent to the split control subsystem through the secure communication channel;
the second secret key factor generated by the split type control subsystem is encrypted by using a public key of the electronic door lock subsystem and is sent to the electronic door lock subsystem through the secure communication channel;
after receiving the encrypted second key factor, the electronic door lock subsystem decrypts and stores the encrypted second key factor by using a private key of the electronic door lock subsystem;
and after receiving the encrypted first key factor, the split control subsystem decrypts and stores the encrypted first key factor by using a private key of the split control subsystem.
3. The method of claim 2, wherein encrypting and decrypting the interaction data using the session key generated based on the key factor comprises:
encrypting the interactive data to be sent by using a first session key generated based on the first key factor and the second key factor;
decrypting the received interaction data using a second session key generated based on the first key factor and the second key factor.
4. The method of claim 1, further comprising:
the electronic door lock subsystem and the split control subsystem use own private key signature for interactive data to be sent;
and the electronic door lock subsystem and the split control subsystem use the public key signature of a sender for the received interactive data.
5. An electronic lock, characterized in that the electronic lock comprises:
the electronic door lock system comprises an electronic door lock subsystem and a split type control subsystem, wherein the electronic door lock subsystem comprises a first safety module, and the split type control subsystem comprises a second safety module;
the first safety module and the second safety module are used for establishing a safety communication channel between the electronic door lock subsystem and the split type control subsystem;
the electronic door lock subsystem and the split control subsystem exchange key factors based on the secure communication channel;
the first security module and the second security module are further used for encrypting and decrypting interactive data by using a session key generated based on the key factor when the data is interacted through the secure communication channel;
the encrypting and decrypting the interactive data using the session key generated based on the key factor includes:
the electronic door lock subsystem and the split control subsystem add a timestamp of the current time to interactive data to be sent, and encrypt the interactive data by using a first session key to obtain an interactive data ciphertext;
the electronic door lock subsystem and the split control subsystem decrypt the received interactive data ciphertext by using a second session key to obtain an interactive data plaintext; verifying whether the timestamp in the clear text of the interaction data is larger than the timestamp in the interaction data received last time; if yes, executing operation according to the interactive data;
the first session key is a session key which is generated by the electronic door lock subsystem and the split control subsystem respectively based on a first key factor and a second key factor and used for encryption; the second session key is a session key for decryption, which is generated by the electronic door lock subsystem and the split control subsystem respectively based on the first key factor and the second key factor; the first key factor is generated by the electronic lock subsystem, the second key factor is generated by the split control subsystem, the first key factor and the second key factor are multiple, and the first session key and the second session key are generated based on different pairs of the first key factor and the second key factor.
6. The electronic lock of claim 5,
the first security module is further configured to generate a first key factor, encrypt the first key factor using a public key of the split control subsystem, and send the encrypted first key factor to the second security module through a secure communication channel;
the second security module is further configured to generate a second key factor, encrypt the second key factor using a public key of the electronic door lock subsystem, and send the encrypted second key factor to the first security module through a secure communication channel;
after receiving the encrypted second key factor, the first security module decrypts and stores the encrypted second key factor by using a private key of the electronic door lock subsystem;
and after receiving the encrypted first key factor, the second security module decrypts and stores the encrypted first key factor by using a private key of the split type control subsystem.
7. The electronic lock of claim 6,
the first security module and the second security module are further configured to encrypt interaction data to be sent by using a first session key generated based on the first key factor and the second key factor when data is interacted through the secure communication channel; and decrypting the received interaction data using a second session key generated based on the first key factor and the second key factor.
8. The electronic lock of claim 5,
the first security module is also used for signing the interactive data to be sent by using a private key of the electronic door lock subsystem and checking the received interactive data by using a public key of a sender;
the second security module is also used for signing the interactive data to be sent by using a private key of the split control subsystem and checking the received interactive data by using a public key of a sender.
CN201910485598.0A 2019-06-05 2019-06-05 Control method of electronic lock and electronic lock Active CN110322600B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910485598.0A CN110322600B (en) 2019-06-05 2019-06-05 Control method of electronic lock and electronic lock

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910485598.0A CN110322600B (en) 2019-06-05 2019-06-05 Control method of electronic lock and electronic lock

Publications (2)

Publication Number Publication Date
CN110322600A CN110322600A (en) 2019-10-11
CN110322600B true CN110322600B (en) 2021-02-26

Family

ID=68120269

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910485598.0A Active CN110322600B (en) 2019-06-05 2019-06-05 Control method of electronic lock and electronic lock

Country Status (1)

Country Link
CN (1) CN110322600B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110762007B (en) * 2019-10-31 2021-05-25 上海斯可络压缩机有限公司 Automatic identification system for variable-frequency screw compressor controller
CN111147452B (en) * 2019-12-10 2020-12-25 珠海格力电器股份有限公司 Door lock instruction response method and device, door lock and storage medium
CN111508114B (en) * 2020-04-17 2022-04-22 上海钧正网络科技有限公司 Bicycle unlocking method and device, storage medium and hub lock
CN112232363B (en) * 2020-11-05 2021-04-30 北京三维天地科技股份有限公司 5G-based non-contact sample information acquisition equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102324127A (en) * 2011-09-28 2012-01-18 成都方程式电子有限公司 Split-type electronic fingerprint safety lock
CN106682459A (en) * 2017-02-28 2017-05-17 北京深思数盾科技股份有限公司 Information safety device production method, information safety device production equipment and information safety device production system
CN106936588A (en) * 2017-04-13 2017-07-07 北京深思数盾科技股份有限公司 A kind of trustship method, the apparatus and system of hardware controls lock
CN107978047A (en) * 2017-12-04 2018-05-01 北京深思数盾科技股份有限公司 Use the methods, devices and systems of password unlocking

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106712962B (en) * 2016-12-23 2019-12-24 西安电子科技大学 Bidirectional authentication method and system for mobile RFID system
CN109712278B (en) * 2018-11-27 2021-07-13 深圳市小石安防科技有限公司 Intelligent door lock identity authentication method and system, readable storage medium and mobile terminal

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102324127A (en) * 2011-09-28 2012-01-18 成都方程式电子有限公司 Split-type electronic fingerprint safety lock
CN106682459A (en) * 2017-02-28 2017-05-17 北京深思数盾科技股份有限公司 Information safety device production method, information safety device production equipment and information safety device production system
CN106936588A (en) * 2017-04-13 2017-07-07 北京深思数盾科技股份有限公司 A kind of trustship method, the apparatus and system of hardware controls lock
CN107978047A (en) * 2017-12-04 2018-05-01 北京深思数盾科技股份有限公司 Use the methods, devices and systems of password unlocking

Also Published As

Publication number Publication date
CN110322600A (en) 2019-10-11

Similar Documents

Publication Publication Date Title
CN110322600B (en) Control method of electronic lock and electronic lock
CN108055235B (en) Control method of intelligent lock, related equipment and system
US9716698B2 (en) Methods for secure enrollment and backup of personal identity credentials into electronic devices
US8070061B2 (en) Card credential method and system
CN111194028B (en) Safety control method based on vehicle
US8526606B2 (en) On-demand secure key generation in a vehicle-to-vehicle communication network
US5144667A (en) Method of secure remote access
CN105871874A (en) Mobile Internet virtual key authorizing system and hardware door lock control method thereof
EP1882346B1 (en) Communication protocol and electronic communication system, in particular authentication control system, as well as corresponding method
US20110084799A1 (en) Lock system including an electronic key and a passive lock
CN107978047A (en) Use the methods, devices and systems of password unlocking
CN113965328B (en) Authority transfer method and system for digital key offline condition of trusted execution environment
EP1050134A1 (en) Secure one-way authentication communication system
CN106912046A (en) One-pass key card and vehicle pairs
CN110163998A (en) A kind of intelligent door lock application method of intelligent door lock system and offline authentication
CN108650219B (en) User identity identification method, related device, equipment and system
CN112530053B (en) Control method and system of intelligent lock, lock equipment, server and storage medium
KR102521936B1 (en) Method of secured sharing of vehicle key
CN111063070B (en) Digital key sharing method, digital key verification method and digital key verification equipment
CN107888376A (en) NFC Verification Systems based on quantum communication network
CN111263360A (en) Wireless encryption device and method for protecting variable mechanical authentication password by adopting public key
CN110113153A (en) NFC secret key updating method, terminal and system
US8953804B2 (en) Method for establishing a secure communication channel
CN211630397U (en) Wireless encryption device adopting public key to protect variable mechanical authentication password
JP5985845B2 (en) Electronic key registration method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP01 Change in the name or title of a patent holder
CP01 Change in the name or title of a patent holder

Address after: 100193 5th floor 510, No. 5 Building, East Yard, No. 10 Wangdong Road, Northwest Haidian District, Beijing

Patentee after: Beijing Shendun Technology Co.,Ltd.

Address before: 100193 5th floor 510, No. 5 Building, East Yard, No. 10 Wangdong Road, Northwest Haidian District, Beijing

Patentee before: BEIJING SENSESHIELD TECHNOLOGY Co.,Ltd.