CN110519760A - Method for network access, device, equipment and storage medium - Google Patents

Method for network access, device, equipment and storage medium Download PDF

Info

Publication number
CN110519760A
CN110519760A CN201910670264.0A CN201910670264A CN110519760A CN 110519760 A CN110519760 A CN 110519760A CN 201910670264 A CN201910670264 A CN 201910670264A CN 110519760 A CN110519760 A CN 110519760A
Authority
CN
China
Prior art keywords
iot equipment
terminal device
signature
public key
app
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910670264.0A
Other languages
Chinese (zh)
Other versions
CN110519760B (en
Inventor
王德海
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201910670264.0A priority Critical patent/CN110519760B/en
Publication of CN110519760A publication Critical patent/CN110519760A/en
Application granted granted Critical
Publication of CN110519760B publication Critical patent/CN110519760B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The application provides a kind of method for network access, device, equipment and storage medium, comprising: terminal device obtains updated WiFi information.Terminal device sends the link information of the terminal device to IoT equipment.IoT equipment establishes the connection between terminal device and IoT equipment according to the link information.IoT equipment sends the first signature to terminal device.The first signature of the first public key verification that terminal device passes through IoT equipment.If terminal device sends the WiFi information to IoT equipment to the success of the first signature check, terminal device.IoT equipment passes through WiFi information access WiFi network.The case where so as to reduce WiFi information leakage, and then network security can be improved.

Description

Method for network access, device, equipment and storage medium
Technical field
The application is applied to field of communication technology more particularly to a kind of method for network access, device, equipment and storage are situated between Matter.
Background technique
Internet of Things (The Internet of Things, IoT) is the information based on internet, conventional telecommunications net etc. Supporting body, it allows all IoT equipment to form the network to interconnect.
Usual IoT equipment can get the letter of Wireless Fidelity (Wireless Fidelity, WiFi) network from router Breath, i.e., WiFi information, the WiFi information include: the account and/or password of WiFi network.The account of WiFi network can be WiFi The service set (Service Set Identifier, SSID) of network.With popularizing for IoT equipment, WiFi password holds very much It is easily leaked, it is therefore desirable to which user updates WiFi password, or user is needed to replace router, is based on this, and IoT equipment needs weight New access WiFi network.Accessing the mode of WiFi network again at present includes: to need using special installation, as HiLink is routed Device, which obtains updated WiFi information, and updated WiFi information is transmitted directly to each IoT equipment, Which can be referred to as batch and match net mode.However, the problem of this batch still causes WiFi information leakage with net mode.
Summary of the invention
The application provides a kind of method for network access, device, equipment and storage medium.It is let out so as to reduce WiFi information The case where dew, and then network security can be improved.
In a first aspect, the application provides a kind of method for network access, method is applied to some or all of of terminal device, Method includes: to obtain updated Wireless Fidelity WiFi information.The link information of terminal device is sent to Internet of Things IoT equipment, Link information establishes the connection between IoT equipment for terminal device.Receive the first signature that IoT equipment is sent, the first label The signature that entitled the first private key by IoT equipment carries out the information of IoT equipment.It is verified by the first public key of IoT equipment First signature, the first private key and the first public key of IoT equipment are a secret key pair of IoT equipment.If to the success of the first signature check, WiFi information then is sent to IoT equipment, WiFi information accesses WiFi network for IoT equipment.Even terminal device is signed to first Name verifies successfully, i.e. expression IoT equipment is legal, then terminal device sends WiFi information to IoT equipment.So that IoT equipment passes through WiFi information access WiFi network.On the contrary, terminal device does not send WiFi information to IoT equipment if IoT equipment is illegal. The case where so as to reduce WiFi information leakage, and then network security can be improved.
Optionally, before sending WiFi information to IoT equipment, method further include: send the second signature to IoT equipment.Its In, the second signature is the label by the private key of application APP login account to the public key of APP and the second public key progress of IoT equipment Name is equipped with APP, APP is for eventually so that IoT equipment is signed by the public key verification second of APP login account on terminal device End equipment controls IoT equipment, and the private key and public key of APP login account are a secret key pair.I.e. terminal device not only will be to IoT equipment Legitimacy verified, IoT equipment will also verify APP login account.To further decrease WiFi information leakage The case where, and then network security can be improved.
Optionally, WiFi information and/or the second signature are sent by terminal device shared code key encryption generated. The case where so as to further reduce WiFi information leakage, and then network security can be improved.
Optionally, link information is the hot information of terminal device, correspondingly, method further include: with IoT equipment and terminal Equipment establishes the time of this connection as initial time, after preset time period, closes the hot spot of terminal device.Alternatively, If terminal device receives response success message, the hot spot of terminal device is closed, response success message has been used to indicate IoT equipment It is successfully accessed WiFi network.By closing the hot spot of terminal device in time, the power consumption of terminal device can be reduced.
Optionally, method further include: obtain the first public key of IoT equipment.
Optionally, method further include: the first public key of APP login account and IoT equipment is sent to server, so that other The first public key of IoT equipment is obtained from server using the terminal device of APP login account.Each IoT equipment is led to It crosses mutual first public key and realizes communication.
The method for network access and network access device, equipment, storage medium of the execution of IoT equipment side is explained below And computer program product.Its effect can refer to method for network access performed by above-mentioned terminal equipment side, repeat no more to this.
Second aspect, the application provide a kind of method for network access, and method is applied to some or all of of IoT equipment, It include: the link information that receiving terminal apparatus is sent.The connection between terminal device and IoT equipment is established according to link information. It sends first to terminal device to sign, for the first signature of terminal device verification, first signs to pass through the first of IoT equipment the private The signature that key carries out the information of IoT equipment, the first private key and the first public key of IoT equipment are a secret key pair of IoT equipment.It connects The updated Wireless Fidelity WiFi information that terminal device is sent is received, and passes through WiFi information access WiFi network.
Optionally, before the updated Wireless Fidelity WiFi information that receiving terminal apparatus is sent, method further include: receive The second signature that terminal device is sent, the second signature is by setting using the private key of APP login account to the public key and IoT of APP The signature that standby the second public key carries out is equipped with APP on terminal device, and APP controls IoT equipment for terminal device, and APP is logged in The private key and public key of account are a secret key pair.Pass through the second signature of public key verification of APP login account.Correspondingly, passing through WiFi Information access WiFi network, comprising: if passing through WiFi information access WiFi network to the success of the second signature check.
Optionally, WiFi information and/or the second signature are sent by terminal device shared code key encryption generated.
Optionally, method further include: if IoT equipment has been successfully accessed WiFi network, responded into terminal device transmission Function message.
The third aspect, the application provide a kind of network access device, and device is some or all of of terminal device, packet It includes:
First obtains module, for obtaining updated Wireless Fidelity WiFi information.
First sending module, for sending the link information of terminal device to Internet of Things IoT equipment, link information is for eventually End equipment establishes the connection between IoT equipment.
First receiving module, for receiving the first signature of IoT equipment transmission, the first signature is passes through the of IoT equipment The signature that one private key carries out the information of IoT equipment.
Correction verification module, for by the first signature of the first public key of IoT equipment verification, the first private key of IoT equipment and the One public key is a secret key pair of IoT equipment.
Second sending module, if sending WiFi letter to IoT equipment for correction verification module to the success of the first signature check Breath, WiFi information access WiFi network for IoT equipment.
Fourth aspect, the application provide a kind of network access device, and device is some or all of of IoT equipment, comprising:
First receiving module, the link information sent for receiving terminal apparatus.
Module is established, for establishing the connection between terminal device and IoT equipment according to link information.
First sending module, for sending the first signature to terminal device, so that terminal device verification first is signed, first Signature is the signature by the first private key of IoT equipment to the information progress of IoT equipment, the first private key of IoT equipment and first Public key is a secret key pair of IoT equipment.
Second receiving module, the updated Wireless Fidelity WiFi information sent for receiving terminal apparatus.
AM access module, for passing through WiFi information access WiFi network.
5th aspect, the application provide a kind of terminal device, comprising: transceiver, processor and memory.Memory is used for Computer executable instructions are stored, device for processing executes computer executable instructions, and processor and transceiver are for realizing such as The method for network access of the optional way of first aspect or first aspect.
6th aspect, the application provide a kind of IoT equipment, comprising: transceiver, processor and memory.Memory is used for Computer executable instructions are stored, device for processing executes computer executable instructions, and processor and transceiver are for realizing such as The method for network access of the optional way of second aspect or second aspect.
7th aspect, the application provide a kind of computer storage medium, comprising: computer executable instructions, computer can Execute instruction the method for network access of the optional way for realizing such as first aspect or first aspect.
Eighth aspect, the application provide a kind of computer storage medium, comprising: computer executable instructions, computer can Execute instruction the method for network access of the optional way for realizing such as second aspect or second aspect.
9th aspect, the application provide a kind of computer program product, comprising: computer executable instructions, computer can Execute instruction the method for network access of the optional way for realizing such as first aspect or first aspect.
Tenth aspect, the application provide a kind of computer program product, comprising: computer executable instructions, computer can Execute instruction the method for network access of the optional way for realizing such as second aspect or second aspect.
The application provides a kind of method for network access, device, equipment and storage medium, has accessed before IoT equipment In WiFi network, but since the password in WiFi network is easy leakage, it is therefore desirable to update WiFi information, terminal device can be with Updated WiFi information is obtained, and sends the link information of terminal device to IoT equipment.IoT equipment is according to the link information Establish the connection between terminal device and IoT equipment.IoT equipment sends the first signature to terminal device.Terminal device passes through IoT The first signature of the first public key verification of equipment.If terminal device is to the success of the first signature check, i.e. expression IoT equipment is legal, then Terminal device sends WiFi information to IoT equipment.So that IoT equipment passes through WiFi information access WiFi network.On the contrary, if IoT equipment is illegal, then terminal device does not send WiFi information to IoT equipment.The case where so as to reduce WiFi information leakage, And then network security can be improved.Further, terminal device passes through WiFi information after authenticating successfully to IoT equipment Shared code key encryption between terminal device and IoT equipment is sent to IoT equipment, so as to further reduce WiFi information The case where leakage, and then network security can be improved.
Detailed description of the invention
Fig. 1 is the application scenario diagram that one embodiment of the application provides;
Fig. 2 is the interaction diagrams for the method for network access that one embodiment of the application provides;
Fig. 3 is the schematic diagram for the trust ring that one embodiment of the application provides;
Fig. 4 is the interaction diagrams for the method for network access that another embodiment of the application provides;
Fig. 5 is the interaction diagrams for the method for network access that the application another embodiment provides;
Fig. 6 is the interaction diagrams for the method for network access that the another embodiment of the application provides;
Fig. 7 is the interaction diagrams for the method for network access that the application another embodiment provides;
Fig. 8 is a kind of schematic diagram for network access device 800 that one embodiment of the application provides;
Fig. 9 is a kind of schematic diagram for network access device 900 that one embodiment of the application provides;
Figure 10 is a kind of schematic diagram for terminal device 1000 that one embodiment of the application provides;
Figure 11 is a kind of schematic diagram for IoT equipment 1100 that one embodiment of the application provides.
Specific embodiment
As above, the mode for accessing WiFi network again at present includes: to need using special installation, such as HiLink router, The special installation obtains updated WiFi information, and updated WiFi information is transmitted directly to each IoT equipment, the party Formula can be referred to as batch and match net mode.However, the problem of this batch still causes WiFi information leakage with net mode.This Outside, due to needing then to need when currently used is not this kind of special installation using special installation, such as HiLink router Manually each IoT equipment is carried out with net operation, in order to solve the above-mentioned technical problem, the application provides a kind of network access side Method, device, equipment and storage medium.
This application involves terminal device can be directed to user the equipment of voice and/or data connectivity is provided, have The handheld device of wireless connecting function or the other processing equipments for being connected to radio modem.Terminal device can be through Wireless access network (Radio Access Network, RAN) is communicated at least one core net.Terminal device can be shifting Dynamic terminal, such as mobile phone (or being " honeycomb " phone) and the computer with mobile terminal, for example, it may be portable, Pocket, hand-held, built-in computer or vehicle-mounted mobile device, they exchange voice and/or number with wireless access network According to.Terminal device is referred to as subscriber unit (Subscriber Unit), subscriber station (Subscriber Station), moves Dynamic station (Mobile Station), mobile station (Mobile Station), distant station (Remote Station), access point (Access Point), remote terminal (Remote Terminal), access terminal (Access Terminal), user terminal (User Terminal), user agent (User Agent) or user equipment (User Equipment), are not limited thereto.
It can be printer, refrigerator, robot, sensor, ammeter, water meter, sweeper this application involves the IoT equipment arrived Device people, socket, mouse, camera etc. can be linked into the terminal device in IoT.
Optionally, Fig. 1 is the application scenario diagram that one embodiment of the application provides, as shown in Figure 1, what the application scenarios were related to Network element includes: at least one terminal device 11 (in Fig. 1 for including a terminal device 11) and at least one IoT equipment 12 (in Fig. 1 for including a camera, a mouse, a socket and a sweeping robot), wherein IoT equipment 12 It has accessed in WiFi network before, but since the password in WiFi network is easy leakage, it is therefore desirable to WiFi information is updated, eventually The available updated WiFi information of end equipment 11, and in the case where IoT equipment 12 is legal, by updated WiFi information It is sent to IoT equipment 12.
Fig. 2 is the interaction diagrams for the method for network access that one embodiment of the application provides, optionally, what this method was related to Executing subject includes: some or all of of terminal device, IoT equipment it is some or all of, the part of terminal device can be with It is the processor inside terminal device, the part of IoT equipment can be the processor inside IoT equipment.Below in this way For executing subject is terminal device and IoT equipment, as shown in Fig. 2, this method comprises the following steps:
Step S201: terminal device obtains updated WiFi information.
Step S202: terminal device sends the link information of terminal device to IoT equipment.
Step S203:IoT equipment establishes the connection between terminal device and IoT equipment according to the link information.
Step S204:IoT equipment sends the first signature to terminal device.
First signature is the signature by the first private key of IoT equipment to the information progress of IoT equipment.
Step S205: the first signature of the first public key verification that terminal device passes through IoT equipment.
Wherein the first private key and the first public key of IoT equipment are a secret key pair of the IoT equipment.
Step S206: if terminal device, to the success of the first signature check, terminal device sends WiFi letter to IoT equipment Breath.
Step S207:IoT equipment passes through WiFi information access WiFi network.
Optionally, updated WiFi information include: updated WiFi network account and/or updated WiFi net The password of network.Such as: when router is not replaced, the password of WiFi network is only had modified, in this case, terminal device can Modified password is sent to IoT equipment.Alternatively, terminal device can WiFi network by modified password and before Account be sent to IoT equipment.For another example: when router has been replaced, the password of WiFi network is not modified, such case Under, modified password can be sent to IoT equipment by terminal device.Alternatively, terminal device can by modified password and The account of WiFi network before is sent to IoT equipment.For another example: when router has been replaced, and the password of WiFi network It is modified, in this case, the account of modified password and modified WiFi network can be sent to by terminal device IoT equipment.
Optionally, link information can be sent to IoT equipment by multicast mode by terminal device.Alternatively, IoT Supervision The multicast message for listening terminal device to send obtains the link information of terminal device by the multicast message.
Optionally, the link information of terminal device includes the hot information of terminal device.The hot information includes hot spot Title.IoT equipment is got after the hot information, it may be connected on the hot spot that terminal device is opened, after successful connection, Terminal device can distribute Internet protocol (Internet Protocol, IP) to IoT equipment.Alternatively, the connection of terminal device Information includes the bluetooth title and bluetooth password of terminal device.It, can after IoT equipment gets the bluetooth title and bluetooth password To be connected on terminal device by bluetooth approach.It should be noted that the application is to the company between terminal device and IoT equipment Connect mode with no restrictions.
Optionally, after terminal device and IoT equipment establish connection, IoT equipment sends request message to terminal device, Request message is used for request WiFi information, which can carry the first signature.Wherein, IoT equipment can use One secret key pair of Ed25519 algorithm generation IoT equipment, comprising: (i.e. the Ed25519 of IoT equipment is private for the first private key of IoT equipment Key) and the first public key (i.e. the Ed25519 public key of IoT equipment), and the first private key that IoT equipment is passed through using Ed25519 algorithm Pair the information of IoT equipment sign, obtain the first signature, optionally, the information of the IoT equipment includes the mark of IoT equipment Know.Terminal device is after getting the first signature, using Ed25519 algorithm, by the first public key of the IoT equipment got The first signature of verification.If terminal device is to the success of the first signature check, then it represents that IoT equipment is legal, otherwise, then it represents that IoT is set It is standby illegal.
Optionally, after IoT equipment and terminal device pin code distribution for the first time are completed, between IoT equipment and terminal device Trusting relationship is established, at this moment the first public key of the available IoT equipment of terminal device, for terminal device to IoT equipment body The certification of part.Similarly, after other IoT equipment and terminal device pin code distribution for the first time are completed, the IoT equipment and terminal Also trusting relationship is established between equipment, at this moment the first public key of the available IoT equipment of terminal device, be used for terminal device Certification to the IoT equipment identities.To available the first public key to multiple IoT equipment of terminal device.Fig. 3 is the application The schematic diagram for the trust ring that one embodiment provides, as shown in figure 3, being identical to shape between multiple IoT equipment 12 and terminal device 11 At a trust ring 13, which can be sent to trust for the first public key of APP login account and IoT equipment 12 Server (Fig. 3 is not shown) in ring 13 is equipped with APP on terminal device, which controls IoT equipment for terminal device.Only Want terminal device 11 or other terminal device to be added in the trust ring 13, and using the same APP login account into After row logs in, these terminal devices can get the first public key of each IoT equipment 12 from server.So as to logical The first public key for crossing IoT equipment 12 authenticates the identity of IoT equipment, if authenticating successfully, terminal device is subsequent to incite somebody to action WiFi information, which is sent to, is certified successful IoT equipment.
Optionally, terminal device is set WiFi information by terminal device and IoT after authenticating successfully to IoT equipment Shared code key encryption between standby is sent to IoT equipment.Wherein, the second public key of the available IoT equipment of terminal device and The private key of APP, and shared code key is generated according to the private key of the second public key of IoT equipment and APP.It is noted that IoT is set Second private key of standby the second public key and IoT equipment is a secret key pair of IoT equipment, and the second public key of IoT equipment can be IoT The public key (i.e. the Curve25519 public key of IoT equipment) that equipment is generated based on Curve25519 algorithm, the second private key of IoT equipment It can be the private key (i.e. the Curve25519 private key of IoT equipment) that IoT equipment is generated based on Curve25519 algorithm.The private of APP The public key of key and APP are a secret key pairs of APP, and the public key of APP can be what terminal device was generated based on Curve25519 algorithm Public key (i.e. the Curve25519 public key of APP), the private key of APP can be the private that terminal device is generated based on Curve25519 algorithm Key (i.e. the Curve25519 private key of APP).In addition, how the application is to generating the method for shared code key with no restrictions.
Optionally, if link information is the hot information of terminal device, correspondingly, being built with IoT equipment with terminal device The time of this connection is stood as initial time, after preset time period (such as 3 minutes), terminal device closes the heat of oneself Point;Alternatively, closing the hot spot of terminal device if terminal device receives response success message, which is used for Instruction IoT equipment has been successfully accessed WiFi network.
Optionally, if link information is the Bluetooth information of terminal device, correspondingly, being built with IoT equipment with terminal device The time of this connection is stood as initial time, after preset time period (such as 3 minutes), terminal device closes bluetooth;Or Person closes the bluetooth of terminal device if terminal device receives response success message, which is used to indicate IoT equipment has been successfully accessed WiFi network.
To sum up, the application provides a kind of method for network access, has accessed in WiFi network before IoT equipment, but by Password in WiFi network is easy leakage, it is therefore desirable to update WiFi information, the available updated WiFi of terminal device Information, and to IoT equipment send terminal device link information.IoT equipment establishes terminal device and IoT according to the link information Connection between equipment.IoT equipment sends the first signature to terminal device.Terminal device passes through the first public key school of IoT equipment Test the first signature.If terminal device is to the success of the first signature check, i.e. expression IoT equipment is legal, then terminal device is to IoT equipment Send WiFi information.So that IoT equipment passes through WiFi information access WiFi network.On the contrary, if IoT equipment is illegal, terminal Equipment does not send WiFi information to IoT equipment.The case where so as to reduce WiFi information leakage, and then network peace can be improved Entirely.Further, terminal device is after authenticating successfully IoT equipment, by WiFi information by terminal device and IoT equipment it Between the encryption of shared code key be sent to IoT equipment, the case where so as to further reduce WiFi information leakage, and then can be with Improve network security.Further, when there are multiple IoT equipment, terminal device can be set to multiple IoT in batch fashion Preparation send WiFi information, so as to improve the efficiency of IoT equipment access WiFi network.
Fig. 4 is the interaction diagrams for the method for network access that another embodiment of the application provides, and optionally, this method is related to Executing subject include: some or all of of terminal device, IoT equipment it is some or all of, the part of terminal device can To be the processor inside terminal device, the part of IoT equipment can be the processor inside IoT equipment.Below in this way Executing subject be terminal device and IoT equipment for, as shown in figure 4, this method comprises the following steps:
Step S401: terminal device obtains updated WiFi information.
Step S402: terminal device sends the link information of terminal device to IoT equipment.
Step S403:IoT equipment establishes the connection between terminal device and IoT equipment according to the link information.
Step S404:IoT equipment sends the first signature to terminal device.
First signature is the signature by the first private key of IoT equipment to the information progress of IoT equipment.
Step S405: the first signature of the first public key verification that terminal device passes through IoT equipment.
Wherein the first private key and the first public key of IoT equipment are a secret key pair of the IoT equipment.
Step S406: if terminal device, to the success of the first signature check, terminal device sends the second label to IoT equipment Name.
Second signature is to be carried out by the private key of application APP login account to the public key of APP and the second public key of IoT equipment Signature.
The second signature of public key verification that step S407:IoT equipment passes through APP login account.
Step 408: if IoT equipment sends instruction message to the success of the second signature check, to terminal device.
The instruction message is used to indicate IoT equipment to the success of the second signature check.
Step S409: terminal device sends WiFi information to IoT equipment.
Step S410:IoT equipment passes through WiFi information access WiFi network.
Wherein, the present embodiment and a upper embodiment the difference is that: in the present embodiment, terminal device is not only right The legitimacy of IoT equipment is verified, i.e. step S401- step 405.IoT equipment will also verify APP login account. Therefore, to the present embodiment and the upper duplicate content of an embodiment, details are not described herein.
It is carried out for step S406 to step S410 as described below:
Wherein, terminal device can use Ed25519 algorithm, pass through private key (the i.e. APP login account of APP login account Ed25519 private key) to the second public key (i.e. IoT equipment of public key (i.e. the Curve25519 public key of APP) and IoT equipment of APP Curve25519 public key) sign, to obtain the second signature.
Optionally, terminal device can also be encrypted by the shared signature of secret key pair second, to send encrypted the Two signatures.Wherein, the second public affairs of the private key (i.e. the Curve25519 private key of APP) of the available APP of terminal device and IoT equipment Key (i.e. the Curve25519 public key of IoT equipment), and shared code key is generated according to the private key of APP and the second public key of IoT equipment. How the application is to generating the method for shared code key with no restrictions.It should be noted that the public key of APP login account and its private key For a secret key pair, the public key of APP and its private key are a secret key pair, and the first public key of IoT equipment and its first private key are a code key Right, the second public key of IoT equipment and its second private key are a secret key pair.
Optionally, IoT equipment is after getting the second signature, using Ed25519 algorithm, but not limited to this, by obtaining The second signature of public key verification for the APP login account got.If IoT equipment is to the success of the second signature check, then it represents that APP is logged in Account is legal, otherwise, then it represents that APP login account is illegal.
Optionally, IoT equipment sends instruction message to terminal device, works as end after authenticating successfully to APP login account After end equipment receives the instruction message, WiFi information is encrypted into hair by the shared code key between terminal device and IoT equipment Give IoT equipment.Wherein, the private key of the second public key and APP of the available IoT equipment of terminal device, and according to IoT equipment The second public key and the private key of APP generate shared code key.Similarly, the application does not do the method for how generating shared code key Limitation.
Optionally, if link information is the hot information of terminal device, correspondingly, being built with IoT equipment with terminal device The time of this connection is stood as initial time, after preset time period (such as 3 minutes), terminal device closes the heat of oneself Point;Alternatively, closing the hot spot of terminal device if terminal device receives response success message, which is used for Instruction IoT equipment has been successfully accessed WiFi network.
Optionally, if link information is the Bluetooth information of terminal device, correspondingly, being built with IoT equipment with terminal device The time of this connection is stood as initial time, after preset time period (such as 3 minutes), terminal device closes bluetooth;Or Person closes the bluetooth of terminal device if terminal device receives response success message, which is used to indicate IoT equipment has been successfully accessed WiFi network.
To sum up, in the present embodiment, if terminal device is to the success of the first signature check, i.e. expression IoT equipment is legal, then IoT equipment continues to verify APP login account.If IoT equipment is proved to be successful APP login account, IoT equipment passes through WiFi information access WiFi network.On the contrary, terminal device is not set to IoT if IoT equipment and/or APP login account are illegal Preparation send WiFi information.The case where so as to reduce WiFi information leakage, and then network security can be improved.Further, Terminal device passes through terminal device and IoT equipment after authenticating successfully to IoT equipment, by WiFi information and/or the second signature Between shared code key encryption be sent to IoT equipment, so as to further reduce WiFi information and/or second signature leakage The case where, and then network security can be improved.Further, when there are multiple IoT equipment, terminal device can be with batch Mode sends WiFi information to multiple IoT equipment, so as to improve the efficiency of IoT equipment access WiFi network.
Fig. 5 is the interaction diagrams for the method for network access that the application another embodiment provides, and optionally, this method is related to Executing subject include: some or all of of terminal device, IoT equipment it is some or all of, the part of terminal device can To be the processor inside terminal device, the part of IoT equipment can be the processor inside IoT equipment.Below in this way Executing subject be terminal device and IoT equipment for, as shown in figure 5, this method comprises the following steps:
Step S501: terminal device obtains updated WiFi information.
Step S502: terminal device sends the link information of terminal device to IoT equipment.
Step S503:IoT equipment establishes the connection between terminal device and IoT equipment according to the link information.
Step S504:IoT equipment sends the first signature to terminal device.
First signature is the signature by the first private key of IoT equipment to the information progress of IoT equipment.
Step S505: the first signature of the first public key verification that terminal device passes through IoT equipment.
Wherein the first private key and the first public key of IoT equipment are a secret key pair of the IoT equipment.
Step S506: if terminal device, to the success of the first signature check, terminal device generates the public key and private key of APP.
Step S507: terminal device sends the public key of APP to IoT equipment.
The second public key and the second private key of step S508:IoT equipment generation IoT equipment.
Step S509:IoT equipment generates shared key according to the second private key of IoT equipment and the public key of APP.
Step S510:IoT equipment by the first private key of IoT equipment to the public key of the second public key of IoT equipment and APP into Row signature, to obtain third signature.And third signature is encrypted by shared key.
Step S511:IoT equipment sends the first public key of third signature and IoT equipment to terminal device.
Step S512: terminal device verifies third signature by the first public key of IoT equipment.
Step S513: if to the success of third signature check, terminal device sends the second signature to IoT equipment.
Second signature is to be carried out by the private key of application APP login account to the public key of APP and the second public key of IoT equipment Signature.
The second signature of public key verification that step S514:IoT equipment passes through APP login account.
Step 515: if IoT equipment sends instruction message to the success of the second signature check, to terminal device.
The instruction message is used to indicate IoT equipment to the success of the second signature check.
Step S516: terminal device sends WiFi information to IoT equipment.
Step S517:IoT equipment passes through WiFi information access WiFi network.
Wherein, the present embodiment and a upper embodiment the difference is that: in the present embodiment, IoT equipment passes through IoT equipment The first private key sign to the second public key of IoT equipment and the public key of APP, with obtain third signature.And it is close by sharing Key encrypts third signature.Terminal device can verify third signature by the first public key of IoT equipment.At end After end equipment is to the success of third signature check, the second signature is sent to IoT equipment.In addition, to the present embodiment and both the above The duplicate content of embodiment, details are not described herein.
Optionally, terminal device can generate the public key and private key of APP using Curve25519 algorithm.IoT equipment can also To generate the second public key and the second private key of IoT equipment using Curve25519 algorithm.
Step S509 is optional step, and when IoT equipment does not execute step S509, in step S510, IoT equipment is not necessarily to Third signature is encrypted by shared key.
Optionally, terminal device can sign to third by the first public key of IoT equipment using Ed25519 algorithm and carry out Verification.
It is noted that the shared code key that the shared code key of above-mentioned terminal device generation and IoT equipment generate is identical.
In short, in the embodiment of the present application, terminal device and IoT equipment realize two-way authentication, may further improve Network security.
Fig. 6 is the interaction diagrams for the method for network access that the another embodiment of the application provides, and optionally, this method is related to Executing subject include: some or all of of terminal device, IoT equipment it is some or all of, the part of terminal device can To be the processor inside terminal device, the part of IoT equipment can be the processor inside IoT equipment.Below in this way Executing subject be terminal device and IoT equipment for, as shown in fig. 6, this method comprises the following steps:
Step S601: terminal device obtains updated WiFi information.
Step S602: terminal device sends the link information of terminal device to IoT equipment.
Step S603:IoT equipment establishes the connection between terminal device and IoT equipment according to the link information.
Step S604:IoT equipment sends the first signature to terminal device.
First signature is the signature by the first private key of IoT equipment to the information progress of IoT equipment.
Step S605: the first signature of the first public key verification that terminal device passes through IoT equipment.
Step S606: if terminal device, to the success of the first signature check, terminal device sends WiFi information to IoT equipment And second signature.
The second signature of public key verification that step S607:IoT equipment passes through APP login account.
Step 608: if IoT equipment, to the success of the second signature check, IoT equipment passes through WiFi information access WiFi net Network.
Wherein, the present embodiment and Fig. 4 corresponding embodiment the difference is that: in the present embodiment, if terminal device is to the The success of one signature check, then terminal device sends WiFi information and the second signature to IoT equipment.If IoT equipment is signed to second Name verifies successfully, then IoT equipment passes through WiFi information access WiFi network.Therefore, in duplicate to the present embodiment and above-mentioned example Hold, details are not described herein.
Fig. 7 is the interaction diagrams for the method for network access that the application another embodiment provides, and optionally, this method is related to Executing subject include: some or all of of terminal device, IoT equipment it is some or all of, the part of terminal device can To be the processor inside terminal device, the part of IoT equipment can be the processor inside IoT equipment.Below in this way Executing subject be terminal device and IoT equipment for, as shown in fig. 7, this method comprises the following steps:
Step S701: terminal device obtains updated WiFi information.
Step S702: terminal device sends the link information of terminal device to IoT equipment.
Step S703:IoT equipment establishes the connection between terminal device and IoT equipment according to the link information.
Step S704:IoT equipment sends the first signature to terminal device.
First signature is the signature by the first private key of IoT equipment to the information progress of IoT equipment.
Step S705: the first signature of the first public key verification that terminal device passes through IoT equipment.
Step S706: if terminal device, to the success of the first signature check, terminal device generates the public key and private key of APP.
Step S707: terminal device sends the public key of APP to IoT equipment.
The second public key and the second private key of step S708:IoT equipment generation IoT equipment.
Step S709:IoT equipment generates shared key according to the second private key of IoT equipment and the public key of APP.
Step S710:IoT equipment by the first private key of IoT equipment to the public key of the second public key of IoT equipment and APP into Row signature, to obtain third signature.And third signature is encrypted by shared key.
Step S711:IoT equipment sends the first public key of third signature and IoT equipment to terminal device.
Step S712: terminal device verifies third signature by the first public key of IoT equipment.
Step S713: if to the success of third signature check, terminal device sends the second signature and WiFi letter to IoT equipment Breath.
The second signature of public key verification that step S714:IoT equipment passes through APP login account.
Step 715: if IoT equipment, to the success of the second signature check, IoT equipment passes through WiFi information access WiFi net Network.
Wherein, the present embodiment and a upper embodiment the difference is that: in the present embodiment, IoT equipment passes through IoT equipment The first private key sign to the second public key of IoT equipment and the public key of APP, with obtain third signature.If signing to third It verifies successfully, then terminal device sends the second signature and WiFi information to IoT equipment.In addition, to the present embodiment and both the above The duplicate content of embodiment, details are not described herein.
Fig. 8 is a kind of schematic diagram for network access device 800 that one embodiment of the application provides, and device is terminal device It is some or all of, as shown in figure 8, device 800 includes:
First obtains module 801, for obtaining updated Wireless Fidelity WiFi information.
First sending module 802, for sending the link information of terminal device to Internet of Things IoT equipment, link information is used The connection between IoT equipment is established in terminal device.
First receiving module 803, for receiving the first signature of IoT equipment transmission, the first signature is to pass through IoT equipment The signature that first private key carries out the information of IoT equipment.
Correction verification module 804, for by the first signature of the first public key of IoT equipment verification, the first private key of IoT equipment and First public key is a secret key pair of IoT equipment.
Second sending module 805, if sending WiFi to IoT equipment for correction verification module to the success of the first signature check Information, WiFi information access WiFi network for IoT equipment.
Optionally, device 800 further include: third sending module 806, for being sent out in the second sending module 805 to IoT equipment Before sending WiFi information, the second signature is sent to IoT equipment.Wherein, the second signature is the private key for passing through application APP login account The signature that second public key of public key and IoT equipment to APP carries out, so that IoT equipment is verified by the public key of APP login account Second signs, and APP is equipped on terminal device, and APP controls IoT equipment, the private key and public affairs of APP login account for terminal device Key is a secret key pair.
Optionally, WiFi information and/or the second signature are sent by terminal device shared code key encryption generated.
Optionally, link information is the hot information of terminal device, correspondingly, device 800 further include: closedown module 807, For establishing time that this connect as initial time using IoT equipment and terminal device, after preset time period, close eventually The hot spot of end equipment.
Alternatively,
Device 800 further include: the second receiving module 808 and closedown module 807, if the second receiving module 808 receives sound Success message is answered, then closedown module 807 closes the hot spot of terminal device, and response success message is used to indicate IoT equipment and has succeeded Access WiFi network.
Optionally, device 800 further include: second obtains module 809, for obtaining the first public key of IoT equipment.
Optionally, device 800 further include: the 4th sending module 810, for sending APP login account and IoT to server First public key of equipment, so that other obtain the first public affairs of IoT equipment using the terminal device of APP login account from server Key.
Network access device provided by the embodiments of the present application can be used for executing network performed by above-mentioned terminal equipment side and connect Enter method, content and effect can refer to embodiment of the method part, repeat no more to this.
Fig. 9 is a kind of schematic diagram for network access device 900 that one embodiment of the application provides, and device 900 is IoT equipment It is some or all of, as shown in figure 9, device 900 includes:
First receiving module 901, the link information sent for receiving terminal apparatus.
Module 902 is established, for establishing the connection between terminal device and IoT equipment according to link information.
First sending module 903, for sending the first signature to terminal device, so that terminal device verification first is signed, First signature is the signature that is carried out by the information of the first private key of IoT equipment to IoT equipment, the first private key of IoT equipment and First public key is a secret key pair of IoT equipment.
Second receiving module 904, the updated Wireless Fidelity WiFi information sent for receiving terminal apparatus.
AM access module 905, for passing through WiFi information access WiFi network.
Optionally, device 900 further include:
Third receiving module 906, the updated wireless guarantor for being sent in 904 receiving terminal apparatus of the second receiving module Before true WiFi information, the second signature that receiving terminal apparatus is sent, the second signature is the private key for passing through application APP login account The signature that second public key of public key and IoT equipment to APP carries out is equipped with APP on terminal device, and APP is used for terminal device IoT equipment is controlled, the private key and public key of APP login account are a secret key pair.
Correction verification module 907, for the second signature of public key verification by APP login account.
Correspondingly, AM access module 905 is specifically used for: if passing through WiFi information access to the success of the second signature check WiFi network.
Optionally, WiFi information and/or the second signature are sent by terminal device shared code key encryption generated.
Optionally, device 900 further include: the second sending module 908, if being successfully accessed WiFi network for IoT equipment, Then response success message is sent to terminal device.
Network access device provided by the embodiments of the present application can be used for executing network insertion performed by above-mentioned IoT equipment side Method, content and effect can refer to embodiment of the method part, repeat no more to this.
Figure 10 is a kind of schematic diagram for terminal device 1000 that one embodiment of the application provides, and as shown in Figure 10, terminal is set Standby 1000 include: transceiver 1001, memory 1002 and one or more processors 1003, and processor 1003 is referred to as locating Unit is managed, certain control or processing function may be implemented.Processor 1003 can be general processor or dedicated processes Device etc..Such as it can be baseband processor or central processing unit.Baseband processor can be used for communication protocol and communication number According to being handled, central processing unit can be used for controlling communication equipment, execute software program, the number of processing software program According to, wherein memory 1002 is for storing computer executable instructions so that transceiver 1001 and processor 1003 realize it is above-mentioned The method for network access that terminal device executes.
Processor 1003 and transceiver 1001 described in this application may be implemented in integrated circuit (integrated Circuit, IC), analog IC, RF IC (radio frequency integrated circuit, RFIC), mixing Signal IC, specific integrated circuit (application specific integrated circuit, ASIC), printed circuit board On (printed circuit board, PCB), electronic equipment etc..The processor and transceiver can also use various 1C technique skills Art manufactures, such as complementary metal oxide semiconductor (complementary metal oxide semiconductor, CMOS), N-type metal-oxide semiconductor (MOS) (nMetal-oxide-semiconductor, NMOS), p-type metal oxide are partly led Body (positive channel metal oxide semiconductor, PMOS), bipolar junction transistor (Bipolar Junction Transistor, BJT), bipolar CMOS (BiCMOS), SiGe (SiGe), GaAs (GaAs) etc..
Terminal device provided by the embodiments of the present application can be used for executing network access side performed by above-mentioned terminal equipment side Method, content and effect can refer to embodiment of the method part, repeat no more to this.
Figure 11 is a kind of schematic diagram for IoT equipment 1100 that one embodiment of the application provides, as shown in figure 11, IoT equipment 1100 include: transceiver 1101, memory 1102 and one or more processors 1103, and processor 1103 is referred to as handling Certain control or processing function may be implemented in unit.Processor 1103 can be general processor or application specific processor Deng.Such as it can be baseband processor or central processing unit.Baseband processor can be used for communication protocol and communication data It is handled, central processing unit can be used for controlling communication equipment, execute software program, the number of processing software program According to, wherein memory 1102 is for storing computer executable instructions so that transceiver 1101 and processor 1103 realize it is above-mentioned Method for network access performed by IoT equipment.
Processor 1103 and transceiver 1101 described in this application may be implemented in IC, analog IC, RFIC, mixed signal On IC, ASIC, PCB, electronic equipment etc..The processor and transceiver can also be manufactured with various 1C technologies, such as CMOS, NMOS, PMOS, BJT, bipolar CMOS (BiCMOS), SiGe (SiGe), GaAs (GaAs) etc..
IoT equipment provided by the embodiments of the present application can be used for executing method for network access performed by above-mentioned IoT equipment side, Its content and effect can refer to embodiment of the method part, repeat no more to this.
The application also provides a kind of computer storage medium, and storage medium includes computer executable instructions, when instruction quilt When computer executes, so that computer realizes above-mentioned method for network access, content and effect can refer to embodiment of the method.
The application also provides a kind of computer program product, which includes computer executable instructions, works as instruction When being computer-executed, so that computer realizes above-mentioned method for network access, content and effect can refer to embodiment of the method.
Based on this understanding, the technical solution of the application substantially in other words the part that contributes to existing technology or The all or part of person's technical solution can be embodied in the form of software products, which is stored in one In a storage medium, including some instructions are used so that computer equipment (it can be personal computer, server, or Network equipment etc.) or processor (processor) execute each embodiment method of the application all or part of the steps.And it is aforementioned Storage medium include: USB flash disk, mobile hard disk, read-only memory (Read-Only Memory, ROM), random access memory The various media that can store program code such as (Random Access Memory, RAM), magnetic or disk.
In the above-described embodiments, can come wholly or partly by software, hardware, firmware or any combination thereof real It is existing.When implemented in software, it can entirely or partly realize in the form of a computer program product.Computer program product Including one or more computer executable instructions.When loading on computers and executing computer program instructions, whole or portion Ground is divided to generate process or function according to the embodiment of the present application.Computer can be general purpose computer, special purpose computer, computer Network or other programmable devices.Computer executable instructions may be stored in a computer readable storage medium, Huo Zhecong One computer readable storage medium is transmitted to another computer readable storage medium, for example, computer executable instructions can To pass through wired (such as coaxial cable, optical fiber, Digital Subscriber Line from a web-site, computer, server or data center (DSL)) or wireless (such as infrared, wireless, microwave etc.) mode is into another web-site, computer, server or data The heart is transmitted.Computer readable storage medium can be any usable medium or include one that computer can access Or the data storage devices such as integrated server, data center of multiple usable mediums.Usable medium can be magnetic medium, (example Such as, floppy disk, hard disk, tape), optical medium (for example, DVD) or semiconductor medium (such as solid state hard disk Solid State Disk (SSD)) etc..
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description, The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.Separately Outside, can also be referred to mutually between each embodiment of the method, between each Installation practice, in different embodiments identical or Corresponding content can be quoted mutually, not repeat them here.

Claims (24)

1. a kind of method for network access, which is characterized in that the method is applied to some or all of, the side of terminal device Method includes:
Obtain updated Wireless Fidelity WiFi information;
The link information of the terminal device is sent to Internet of Things IoT equipment, the link information is built for the terminal device Connection between the vertical and described IoT equipment;
Receive the first signature that the IoT equipment is sent, first signature for by the first private key of the IoT equipment to institute State the signature that the information of IoT equipment carries out;
First signature, the first private key and the first public key of the IoT equipment are verified by the first public key of the IoT equipment For a secret key pair of the IoT equipment;
If sending the WiFi information to the IoT equipment, the WiFi information is used for first signature check success The IoT equipment accesses WiFi network.
2. the method according to claim 1, wherein it is described to the IoT equipment send the WiFi information it Before further include:
The second signature is sent to the IoT equipment;
Wherein, second signature is the public key and the IoT equipment by the private key of application APP login account to the APP The signature that carries out of the second public key so that the IoT equipment verifies second label by the public key of the APP login account , the APP is installed, the APP controls the IoT equipment, the APP for the terminal device on the terminal device The private key and public key of login account are a secret key pair.
3. according to the method described in claim 2, it is characterized in that, the WiFi information and/or second signature are to pass through What the terminal device shared code key encryption generated was sent.
4. method according to claim 1-3, which is characterized in that the link information is the terminal device Hot information, correspondingly, the method also includes:
Establish time that this connect as initial time using the IoT equipment and the terminal device, preset time period it Afterwards, the hot spot of the terminal device is closed;
Alternatively,
If the terminal device receives response success message, the hot spot of the terminal device is closed, described respond successfully disappears Breath is used to indicate the IoT equipment and has been successfully accessed the WiFi network.
5. method according to claim 1-4, which is characterized in that further include:
Obtain the first public key of the IoT equipment.
6. according to the method in claim 2 or 3, which is characterized in that further include:
The first public key of the APP login account and the IoT equipment is sent to server, so that other are stepped on using the APP The terminal device of record account obtains the first public key of the IoT equipment from the server.
7. a kind of method for network access, which is characterized in that the method is applied to some or all of of IoT equipment, comprising:
The link information that receiving terminal apparatus is sent;
The connection between the terminal device and the IoT equipment is established according to the link information;
The first signature is sent to the terminal device, for terminal device verification first signature, first signature For the signature carried out by information of the first private key of the IoT equipment to the IoT equipment, the first private of the IoT equipment Key and the first public key are a secret key pair of the IoT equipment;
The updated Wireless Fidelity WiFi information that the terminal device is sent is received, and passes through the WiFi information access WiFi Network.
8. the method according to the description of claim 7 is characterized in that the updated nothing for receiving the terminal device and sending Before line fidelity WiFi information, further includes:
The second signature that receiving terminal apparatus is sent, second signature are the private key by application APP login account to described The signature that the public key of APP and the second public key of the IoT equipment carry out is equipped with the APP on the terminal device, described APP controls the IoT equipment for the terminal device, and the private key and public key of APP login account are a secret key pair;
Second signature is verified by the public key of the APP login account;
Correspondingly, described pass through the WiFi information access WiFi network, comprising:
If passing through the WiFi information access WiFi network to second signature check success.
9. method according to claim 7 or 8, which is characterized in that the WiFi information and/or it is described second signature be logical Cross what the terminal device shared code key encryption generated was sent.
10. according to the described in any item methods of claim 7-9, which is characterized in that further include:
If the IoT equipment has been successfully accessed the WiFi network, response success message is sent to the terminal device.
11. a kind of network access device, which is characterized in that described device is some or all of of terminal device, comprising:
First obtains module, for obtaining updated Wireless Fidelity WiFi information;
First sending module, for sending the link information of the terminal device to Internet of Things IoT equipment, the link information is used The connection between the IoT equipment is established in the terminal device;
First receiving module, the first signature sent for receiving the IoT equipment, first signature is to pass through the IoT The signature that first private key of equipment carries out the information of the IoT equipment;
Correction verification module verifies described first for the first public key by the IoT equipment and signs, and the first of the IoT equipment Private key and the first public key are a secret key pair of the IoT equipment;
Second sending module, if being sent to first signature check success to the IoT equipment for the correction verification module The WiFi information, the WiFi information access WiFi network for the IoT equipment.
12. device according to claim 11, which is characterized in that further include:
Third sending module is used for before second sending module sends the WiFi information to the IoT equipment, to institute It states IoT equipment and sends the second signature;
Wherein, second signature is the public key and the IoT equipment by the private key of application APP login account to the APP The signature that carries out of the second public key so that the IoT equipment verifies second label by the public key of the APP login account , the APP is installed, the APP controls the IoT equipment, the APP for the terminal device on the terminal device The private key and public key of login account are a secret key pair.
13. device according to claim 12, which is characterized in that the WiFi information and/or it is described second signature be logical Cross what the terminal device shared code key encryption generated was sent.
14. the described in any item devices of 1-13 according to claim 1, which is characterized in that the link information is that the terminal is set Standby hot information, correspondingly,
Described device further include: closedown module, for establishing this time connecting with the terminal device with the IoT equipment As initial time, after preset time period, the hot spot of the terminal device is closed;
Alternatively,
Described device further include: the second receiving module and closedown module successfully disappear if second receiving module receives to respond Breath, then the closedown module closes the hot spot of the terminal device, and the response success message has been used to indicate the IoT equipment It is successfully accessed the WiFi network.
15. the described in any item devices of 1-14 according to claim 1, which is characterized in that further include:
Second obtains module, for obtaining the first public key of the IoT equipment.
16. device according to claim 12 or 13, which is characterized in that further include:
4th sending module, for sending the first public key of the APP login account and the IoT equipment to server, so that Other obtain the first public key of the IoT equipment using the terminal device of the APP login account from the server.
17. a kind of network access device, which is characterized in that described device is some or all of of IoT equipment, comprising:
First receiving module, the link information sent for receiving terminal apparatus;
Module is established, for establishing the connection between the terminal device and the IoT equipment according to the link information;
First sending module, for sending the first signature to the terminal device, for terminal device verification described first Signature, first signature are the signature by the first private key of the IoT equipment to the information progress of the IoT equipment, institute The first private key and the first public key of stating IoT equipment are a secret key pair of the IoT equipment;
Second receiving module, the updated Wireless Fidelity WiFi information sent for receiving the terminal device;
AM access module, for passing through the WiFi information access WiFi network.
18. device according to claim 17, which is characterized in that further include:
Third receiving module, for receiving the updated Wireless Fidelity that the terminal device is sent in second receiving module Before WiFi information, the second signature that receiving terminal apparatus is sent, second signature is the private for passing through application APP login account The signature that key carries out the second public key of the public key of the APP and the IoT equipment is equipped on the terminal device described APP, the APP control the IoT equipment for the terminal device, and the private key and public key of the APP login account are first secretary Key pair;
Correction verification module verifies second signature for the public key by the APP login account;
Correspondingly, the AM access module is specifically used for:
If passing through the WiFi information access WiFi network to second signature check success.
19. device described in 7 or 18 according to claim 1, which is characterized in that the WiFi information and/or second signature It is to be sent by the terminal device shared code key encryption generated.
20. the described in any item devices of 7-19 according to claim 1, which is characterized in that further include:
Second sending module is sent if being successfully accessed the WiFi network for the IoT equipment to the terminal device Respond success message.
21. a kind of terminal device characterized by comprising transceiver, processor and memory;
The memory is for storing computer executable instructions, and so that the processor executes, the computer is executable to be referred to It enables, the processor and the transceiver are for realizing method for network access as claimed in any one of claims 1 to 6.
22. a kind of IoT equipment characterized by comprising transceiver, processor and memory;
The memory is for storing computer executable instructions, and so that the processor executes, the computer is executable to be referred to It enables, the processor and the transceiver are for realizing such as described in any item method for network access of claim 7-10.
23. a kind of computer storage medium characterized by comprising computer executable instructions, the computer is executable to be referred to It enables for realizing method for network access as claimed in any one of claims 1 to 6.
24. a kind of computer storage medium characterized by comprising computer executable instructions, the computer is executable to be referred to It enables for realizing such as described in any item method for network access of claim 7-10.
CN201910670264.0A 2019-07-24 2019-07-24 Network access method, device, equipment and storage medium Active CN110519760B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910670264.0A CN110519760B (en) 2019-07-24 2019-07-24 Network access method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910670264.0A CN110519760B (en) 2019-07-24 2019-07-24 Network access method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN110519760A true CN110519760A (en) 2019-11-29
CN110519760B CN110519760B (en) 2021-02-09

Family

ID=68623936

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910670264.0A Active CN110519760B (en) 2019-07-24 2019-07-24 Network access method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN110519760B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113242550A (en) * 2020-01-22 2021-08-10 阿里巴巴集团控股有限公司 Network distribution method, device, equipment and storage medium
WO2021213463A1 (en) * 2020-04-22 2021-10-28 中兴通讯股份有限公司 Network configuration method and apparatus for intelligent device, and electronic device and computer-readable medium
CN114172692A (en) * 2021-11-12 2022-03-11 新开普电子股份有限公司 Security authentication method for accessing terminal to Internet of things
CN114339787A (en) * 2021-12-31 2022-04-12 深圳市优必选科技股份有限公司 Network distribution method of intelligent device, terminal device and computer readable storage medium
CN114697017A (en) * 2020-12-31 2022-07-01 华为技术有限公司 Key agreement method and related equipment thereof
WO2022166636A1 (en) * 2021-02-05 2022-08-11 Oppo广东移动通信有限公司 Device network configuration method and apparatus, devices and storage medium
WO2022213760A1 (en) * 2021-04-09 2022-10-13 北京石头世纪科技股份有限公司 Information transmission method, storage medium and electronic device

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100070771A1 (en) * 2008-09-17 2010-03-18 Alcatel-Lucent Authentication of access points in wireless local area networks
CN102215226A (en) * 2011-05-31 2011-10-12 北京虎符科技有限公司 Self-organized network
CN102325322A (en) * 2011-05-18 2012-01-18 西安电子科技大学 Multi-way access gateway device supporting wireless network and certification method
CN102571702A (en) * 2010-12-22 2012-07-11 中兴通讯股份有限公司 Key generation method, system and equipment in Internet of things
US20140122878A1 (en) * 2012-10-30 2014-05-01 Kt Corporation Security management in m2m area network
CN104349320A (en) * 2013-08-09 2015-02-11 联想(北京)有限公司 Sharing method and electronic equipment
CN105207790A (en) * 2015-08-29 2015-12-30 宇龙计算机通信科技(深圳)有限公司 Information processing method, device and system
CN105245552A (en) * 2015-11-18 2016-01-13 北京京东世纪贸易有限公司 Intelligent equipment, terminal equipment and method for implementing safe control authorization
CN105791272A (en) * 2016-02-23 2016-07-20 青岛海尔智能家电科技有限公司 Method and device for secure communication in Internet of Things
CN107241679A (en) * 2016-03-29 2017-10-10 阿里巴巴集团控股有限公司 One kind connection method for building up, method for sending information, message method and device
CN108391323A (en) * 2018-02-02 2018-08-10 北京小米移动软件有限公司 Equipment interconnected method, device and electronic equipment

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100070771A1 (en) * 2008-09-17 2010-03-18 Alcatel-Lucent Authentication of access points in wireless local area networks
CN102571702A (en) * 2010-12-22 2012-07-11 中兴通讯股份有限公司 Key generation method, system and equipment in Internet of things
CN102325322A (en) * 2011-05-18 2012-01-18 西安电子科技大学 Multi-way access gateway device supporting wireless network and certification method
CN102215226A (en) * 2011-05-31 2011-10-12 北京虎符科技有限公司 Self-organized network
US20140122878A1 (en) * 2012-10-30 2014-05-01 Kt Corporation Security management in m2m area network
CN104349320A (en) * 2013-08-09 2015-02-11 联想(北京)有限公司 Sharing method and electronic equipment
CN105207790A (en) * 2015-08-29 2015-12-30 宇龙计算机通信科技(深圳)有限公司 Information processing method, device and system
CN105245552A (en) * 2015-11-18 2016-01-13 北京京东世纪贸易有限公司 Intelligent equipment, terminal equipment and method for implementing safe control authorization
CN105791272A (en) * 2016-02-23 2016-07-20 青岛海尔智能家电科技有限公司 Method and device for secure communication in Internet of Things
CN107241679A (en) * 2016-03-29 2017-10-10 阿里巴巴集团控股有限公司 One kind connection method for building up, method for sending information, message method and device
CN108391323A (en) * 2018-02-02 2018-08-10 北京小米移动软件有限公司 Equipment interconnected method, device and electronic equipment

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113242550A (en) * 2020-01-22 2021-08-10 阿里巴巴集团控股有限公司 Network distribution method, device, equipment and storage medium
WO2021213463A1 (en) * 2020-04-22 2021-10-28 中兴通讯股份有限公司 Network configuration method and apparatus for intelligent device, and electronic device and computer-readable medium
CN114697017A (en) * 2020-12-31 2022-07-01 华为技术有限公司 Key agreement method and related equipment thereof
CN114697017B (en) * 2020-12-31 2024-01-16 华为技术有限公司 Key negotiation method and related equipment thereof
WO2022166636A1 (en) * 2021-02-05 2022-08-11 Oppo广东移动通信有限公司 Device network configuration method and apparatus, devices and storage medium
WO2022213760A1 (en) * 2021-04-09 2022-10-13 北京石头世纪科技股份有限公司 Information transmission method, storage medium and electronic device
CN114172692A (en) * 2021-11-12 2022-03-11 新开普电子股份有限公司 Security authentication method for accessing terminal to Internet of things
CN114339787A (en) * 2021-12-31 2022-04-12 深圳市优必选科技股份有限公司 Network distribution method of intelligent device, terminal device and computer readable storage medium

Also Published As

Publication number Publication date
CN110519760B (en) 2021-02-09

Similar Documents

Publication Publication Date Title
CN110519760A (en) Method for network access, device, equipment and storage medium
CN102215487B (en) Method and system safely accessing to a private network through a public wireless network
US9954679B2 (en) Using end-user federated login to detect a breach in a key exchange encrypted channel
WO2020048512A1 (en) Communication method and apparatus
CN105379190B (en) The system and method for being used to indicate service set identifier
TWI336197B (en) Systems and methods for negotiating security parameters for protecting management frames in wireless networks
CN105474677B (en) The position of safety management and follow-up service access
US20170257819A1 (en) Provisioning a device in a network
EP2814273A1 (en) Method of connecting an appliance to a WIFI network
CN107667554A (en) Decentralized configuration device entity
WO2019089164A1 (en) Secure device onboarding techniques
CN108781366A (en) Authentication mechanism for 5g technologies
CN109804651A (en) It is attached by the core network of independent non-3GPP access network
US10958446B2 (en) Secure wireless network association
CN105684389A (en) Peer based authentication
KR20120055683A (en) Methods and apparatus for deriving, communicating and/or verifying ownership of expressions
CN108012264A (en) The scheme based on encrypted IMSI for 802.1x carriers hot spot and Wi-Fi call authorizations
CN108183803A (en) For the limited certificate registration of the unknown device in hot spot networks
CN102137401A (en) Centralized 802.1X authentication method, device and system of wireless local area network
CN104871511A (en) Device authentication by tagging
CN106031120B (en) Key management
Xu et al. BE-RAN: Blockchain-enabled open RAN with decentralized identity management and privacy-preserving communication
US10097555B2 (en) Device-to-device network membership confirmation
CN103609154A (en) Method, apparatus and system for WLAN access authentication
CN106101122A (en) A kind of login method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant