CN111147247B - Key updating method, device, computer equipment and storage medium - Google Patents

Key updating method, device, computer equipment and storage medium Download PDF

Info

Publication number
CN111147247B
CN111147247B CN202010156891.5A CN202010156891A CN111147247B CN 111147247 B CN111147247 B CN 111147247B CN 202010156891 A CN202010156891 A CN 202010156891A CN 111147247 B CN111147247 B CN 111147247B
Authority
CN
China
Prior art keywords
key
public key
private key
master station
station
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010156891.5A
Other languages
Chinese (zh)
Other versions
CN111147247A (en
Inventor
陈兴华
黄立贤
王延纬
陈锦昌
李新超
陈睿
杨振南
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Electric Power Dispatch Control Center of Guangdong Power Grid Co Ltd
Original Assignee
Electric Power Dispatch Control Center of Guangdong Power Grid Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Electric Power Dispatch Control Center of Guangdong Power Grid Co Ltd filed Critical Electric Power Dispatch Control Center of Guangdong Power Grid Co Ltd
Priority to CN202010156891.5A priority Critical patent/CN111147247B/en
Publication of CN111147247A publication Critical patent/CN111147247A/en
Application granted granted Critical
Publication of CN111147247B publication Critical patent/CN111147247B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The application relates to a key updating method, a key updating device, computer equipment and a storage medium. The method comprises the following steps: the management equipment generates a first public key and a first private key according to an asymmetric encryption algorithm; the management equipment encrypts the first private key according to a preset master station key to generate a private key update message, and sends the private key update message to the master station equipment; the private key updating message is used for controlling the indication master station equipment to decrypt the private key updating message according to the master station key to obtain a first private key; the management equipment encrypts the first public key according to a preset executive station key to generate a public key update message, and sends the public key update message to the executive station equipment; the public key update message is used for indicating the execution station equipment to decrypt the public key update message according to the execution station key to obtain a first public key. By adopting the method, the safety of key updating can be improved, and the normal operation of the power control system is ensured.

Description

Key updating method, device, computer equipment and storage medium
Technical Field
The present invention relates to the field of internet data processing technologies, and in particular, to a method, an apparatus, a computer device, and a storage medium for updating a key.
Background
In the existing power control system, a plaintext transmission mode is often used for transmitting command messages between the master station device and the execution station device. The command transmission mode enables the power control system to be easily invaded by a third party, simulates the master station to send commands, and causes the problem of misoperation of the executive station equipment.
In order to solve the above problem, the power control system encrypts the transmitted command message by using an encryption algorithm, so as to ensure the safety and reliability of the system. In the traditional encryption process, in order to maintain the security of the system, the master station device often needs to update a key and send the updated key to the execution station device, in the traditional key update process, the phenomenon that a third party platform invades the power control system easily occurs, the third party platform impersonates the master station device to send a key update command to the execution station device, and the execution station device hardly discovers that the key update command comes from the third party platform, so that the system is in fault.
Therefore, the traditional key updating method has low safety and cannot ensure the normal operation of the power control system.
Disclosure of Invention
In view of the above, it is necessary to provide a key updating method, apparatus, computer device, and storage medium with high security.
In a first aspect, an embodiment of the present invention provides a key updating method, including:
the management equipment generates a first public key and a first private key according to an asymmetric encryption algorithm; the first private key is used for signing a command message by the master station equipment, and the first public key is used for executing signing verification of the command message sent by the master station equipment;
the management device encrypts the first private key according to a preset master station key to generate a private key update message, and sends the private key update message to the master station device; the private key update message is used for controlling and indicating the master station equipment to decrypt the private key update message according to the master station key to obtain the first private key;
the management equipment encrypts the first public key according to a preset executive station key to generate a public key update message, and sends the public key update message to the executive station equipment; the public key update message is used for indicating the executive station equipment to decrypt the public key update message according to the executive station key to obtain the first public key.
In one embodiment of the present application, the master key includes a second private key and a second public key, where the second private key is stored in the master device, and the second public key is stored in the management device; the management device encrypts the first private key according to a preset master station key to generate a private key update message, and sends the private key update message to the master station device, including:
The management device encrypts the first private key according to the second public key to generate the private key update message, and sends the private key update message to the master station device; the private key update message is used for indicating the master station device to decrypt the private key update message according to the second private key to obtain the first private key.
In an embodiment of the present application, the private key update message further includes a master station feature code corresponding to the master station device; the management device encrypts the first private key according to the second public key to generate the private key update message, including:
the management equipment acquires a master station feature code corresponding to the master station equipment;
the management equipment encrypts the first private key and the master station feature code according to the second public key to generate the private key update message; the private key updating message is used for indicating the master station equipment to decrypt the private key updating message according to the second private key, and the first private key is obtained after verification of the master station feature code obtained through decryption is passed.
In one embodiment of the present application, the execution station key includes a third private key and a third public key, where the third private key is stored in the execution station device, and the third public key is stored in the management device; the management device encrypts the first public key according to a preset execution station key to generate a public key update message, and sends the public key update message to the execution station device, including:
The management device encrypts the first public key according to the third public key to generate the public key update message, and sends the public key update message to the executive station device; the public key update message is used for indicating the execution station device to decrypt the public key update message according to the third private key to obtain the first public key.
In one embodiment of the present application, the public key update message further includes an execution station feature code corresponding to the execution station device; the management device encrypts the first public key according to the third public key to generate the public key update message, including:
the management equipment acquires an execution station feature code corresponding to the execution station equipment;
the management device encrypts the first public key and the execution station feature code according to the third public key to generate the public key update message; the public key updating message is used for indicating the execution station equipment to decrypt the public key updating message according to the third private key, and the first public key is obtained after the execution station feature code obtained through decryption passes verification.
In one embodiment of the present application, the method further comprises:
The management equipment encrypts the test information according to the execution station key to generate first test information;
the management device sends the first test information to the execution station device; the first test information is used for indicating the execution station equipment to decrypt the first test information according to the execution station key, encrypting the test information obtained by decryption according to the first public key to generate second test information, and sending the second test information to the master station equipment; the second test information is used for indicating the master station equipment to decrypt the second test information according to the first private key to obtain third test information;
the management equipment receives the third test information sent by the master station equipment;
and the management equipment compares the third test information with the test information, and if the third test information is consistent with the test information, the management equipment respectively sends verification success information to the execution station equipment and the master station equipment, wherein the verification success information is used for indicating the master station equipment to start the first private key, and the verification success information is also used for indicating the execution station equipment to start the first public key.
In one embodiment of the present application, the step of generating, by the management device, the first public key and the first private key according to an asymmetric encryption algorithm includes:
when a preset key updating condition is met, the management equipment executes the step of generating a first public key and a first private key according to an asymmetric encryption algorithm;
wherein the key update condition includes at least one of: receiving a key updating instruction input by an administrator; the number of times of receiving the key updating failure alarm is larger than a preset threshold value; and detecting that the power control system receives external invasion.
In a second aspect, an embodiment of the present invention provides a key updating apparatus, including:
the key generation module is used for generating a first public key and a first private key according to an asymmetric encryption algorithm; the first private key is used for signing a command message by the master station equipment, and the first public key is used for executing signing verification of the command message sent by the master station equipment;
the private key updating module is used for encrypting the first private key according to a preset master station key to generate a private key updating message, and sending the private key updating message to the master station device; the private key update message is used for controlling and indicating the master station equipment to decrypt the private key update message according to the master station key to obtain the first private key;
The public key updating module is used for encrypting the first public key according to a preset executive station key to generate a public key updating message, and sending the public key updating message to the executive station device; the public key update message is used for indicating the executive station equipment to decrypt the public key update message according to the executive station key to obtain the first public key.
In a third aspect, an embodiment of the present invention provides a computer device, including a memory and a processor, the memory storing a computer program, the processor implementing the following steps when executing the computer program:
the management equipment generates a first public key and a first private key according to an asymmetric encryption algorithm; the first private key is used for signing a command message by the master station equipment, and the first public key is used for executing signing verification of the command message sent by the master station equipment;
the management device encrypts the first private key according to a preset master station key to generate a private key update message, and sends the private key update message to the master station device; the private key update message is used for controlling and indicating the master station equipment to decrypt the private key update message according to the master station key to obtain the first private key;
The management equipment encrypts the first public key according to a preset executive station key to generate a public key update message, and sends the public key update message to the executive station equipment; the public key update message is used for indicating the executive station equipment to decrypt the public key update message according to the executive station key to obtain the first public key.
In a fourth aspect, embodiments of the present invention provide a computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of:
the management equipment generates a first public key and a first private key according to an asymmetric encryption algorithm; the first private key is used for signing a command message by the master station equipment, and the first public key is used for executing signing verification of the command message sent by the master station equipment;
the management device encrypts the first private key according to a preset master station key to generate a private key update message, and sends the private key update message to the master station device; the private key update message is used for controlling and indicating the master station equipment to decrypt the private key update message according to the master station key to obtain the first private key;
The management equipment encrypts the first public key according to a preset executive station key to generate a public key update message, and sends the public key update message to the executive station equipment; the public key update message is used for indicating the executive station equipment to decrypt the public key update message according to the executive station key to obtain the first public key.
The key updating method, the device, the computer equipment and the storage medium generate a first public key and a first private key according to an asymmetric encryption algorithm through the management equipment; the first private key is used for signing a command message from the master station equipment, and the first public key is used for executing a signature verification process of the command message sent by the master station equipment from the master station equipment; the management equipment encrypts the first private key according to a preset master station key to generate a private key update message, and sends the private key update message to the master station equipment; the private key updating message is used for controlling the indication master station equipment to decrypt the private key updating message according to the master station key to obtain a first private key; the management equipment encrypts the first public key according to a preset executive station key to generate a public key update message, and sends the public key update message to the executive station equipment; the public key update message is used for indicating the execution station equipment to decrypt the public key update message according to the execution station key to obtain a first public key. According to the key updating method provided by the embodiment, the management equipment is adopted as the key updating device of the master station equipment and the execution station equipment, and when the first public key and the first private key are generated, the first public key and the first private key are respectively transmitted in an encryption mode through the execution station key and the master station key, so that the safety of a key updating process is improved, the safety of key updating is further improved, and the normal operation of the power control system is ensured.
Drawings
Fig. 1 is an implementation environment diagram of a key updating method provided in an embodiment of the present application;
fig. 2 is a flowchart of a method for updating a key according to an embodiment of the present application;
FIG. 3 is a flowchart of another method for updating a key according to an embodiment of the present application;
FIG. 4 is a flowchart of another method for updating a key according to an embodiment of the present application;
FIG. 5 is a flowchart of another method for updating a key according to an embodiment of the present application;
FIG. 6 is a block diagram of a key update system provided by an embodiment of the present application;
fig. 7 is a block diagram of a key updating device according to an embodiment of the present application;
FIG. 8 is a block diagram of another key updating apparatus according to an embodiment of the present application;
fig. 9 is a block diagram of a computer device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.
The key updating method provided by the application can be applied to an application environment shown in fig. 1. Wherein the management device 102 communicates with the master station device 104 via a network, while the management device 102 communicates with the executive station device 106 via a network. In one embodiment of the present application, the master station device 104 is a master station device of an electric power control system, and is configured to send a command packet to an execution station device, where the command packet is configured to instruct the corresponding execution station device to execute a corresponding control command; the executive station device 106 is an executive station device of the control system, and is configured to receive the command message sent by the master station device, and execute a corresponding control command.
The power control system is composed of a safety automatic device and/or a relay protection device with remote communication and control functions, and comprises a remote load shedding system, a remote power generation unit system, a remote spare power automatic switching system, a wide area out-of-step disconnection system and the like; the management device 102 may be implemented as a stand-alone server or a server cluster composed of a plurality of servers; the master station device 104 and the executive station device 106 may be safety automation devices or relay protection devices placed in different power plants or substations in the control system. The number of the master station device 104 and the execution station device 106 may be plural or one, respectively.
In one embodiment of the present application, when the management device 102 initially establishes a communication connection with the master device 104, the management device 102 performs master key initialization, generates a master key, and transmits the master key to the master device 104. Optionally, after the key is initialized, the validity of the master key needs to be confirmed manually; when the management apparatus 102 initially establishes a communication connection with the executive station apparatus 106, the management apparatus 102 performs executive station key initialization, generates an executive station key, and transmits the executive station key to the executive station apparatus 106. Optionally, after the key initialization, the validity of the executive station key needs to be manually confirmed. In one embodiment of the present application, an asymmetric encryption algorithm may be used to initialize the master and executive station keys, store the generated public keys, and send the generated private keys to the master and executive station devices 104 and 106.
Referring to fig. 2, a key updating method provided in this embodiment is illustrated by taking an example that the method is applied to the management device 102 in fig. 1, and includes the following steps:
step 202, the management device generates a first public key and a first private key according to an asymmetric encryption algorithm; the first private key is used for signing the command message by the master station equipment, and the first public key is used for executing signing verification of the command message sent by the master station equipment.
In one embodiment of the present application, the first public key and the first private key generated by the management device based on the asymmetric encryption algorithm may be one or more pairs. The first private key is a private key to be sent to the master station device 104, and after the master station device obtains the first private key, the master station device can sign the command message according to the first private key after the first private key is started and send the command message to the corresponding execution station device; the first public key is a public key to be sent to the executing station device 106, and after obtaining the first public key, the executing station device may perform signature verification on the received command message according to the first public key after the first public key is enabled.
In one embodiment of the present application, the asymmetric encryption algorithm may be one of an SM2 algorithm, an RSA algorithm, and the like.
Step 204, the management device encrypts the first private key according to the preset master station key to generate a private key update message, and sends the private key update message to the master station device; the private key update message is used for controlling the indication master station equipment to decrypt the private key update message according to the master station key to obtain a first private key.
In one embodiment of the present application, the management device and the master device both store a preset master key, where the master key is used to encrypt and decrypt a transmission packet between the management device and the master device. For the generated first private key, the management device may encrypt the first private key according to the master key to generate a private key update packet, and send the private key update packet to the master device.
In one embodiment of the present application, after receiving the private key update message, the master device decrypts the private key update message according to the master key, and after successful decryption, the first private key may be obtained.
In one embodiment of the present application, if the master station device receives the private key update message and the decryption fails, an update key failure alarm is sent to the management device. The master station counts the number of failed alarms to receive the updated key and re-executes step 204 when a preset threshold is exceeded.
Step 206, the management device encrypts the first public key according to the preset execution station key to generate a public key update message, and sends the public key update message to the execution station device; the public key update message is used for indicating the execution station equipment to decrypt the public key update message according to the execution station key to obtain a first public key.
In one embodiment of the present application, the management device and the executive station device each store a preset executive station key, where the executive station key is used for encrypting and decrypting a transmission message between the management device and the executive station device. For the generated first public key, the management device may encrypt the first public key according to the executive station key to generate a public key update message, and send the public key update message to the executive station device.
In one embodiment of the present application, after receiving the public key update message, the executing station device decrypts the public key update message according to the executing station key, and after the decryption is successful, the first public key may be obtained.
In one embodiment of the present application, if the executing station device receives the public key update message and the decryption fails, an update key failure alarm is sent to the management device. The enforcement station counts the number of failed alarms to receive the updated key and re-enforces this step 204 when a preset threshold is exceeded.
In the key updating method provided by the embodiment of the application, a first public key and a first private key are generated by management equipment according to an asymmetric encryption algorithm; the first private key is used for signing a command message from the master station equipment, and the first public key is used for executing a signature verification process of the command message sent by the master station equipment from the master station equipment; the management equipment encrypts the first private key according to a preset master station key to generate a private key update message, and sends the private key update message to the master station equipment; the private key updating message is used for controlling the indication master station equipment to decrypt the private key updating message according to the master station key to obtain a first private key; the management equipment encrypts the first public key according to a preset executive station key to generate a public key update message, and sends the public key update message to the executive station equipment; the public key update message is used for indicating the execution station equipment to decrypt the public key update message according to the execution station key to obtain a first public key. According to the key updating method provided by the embodiment, the management equipment is adopted as the key updating equipment of the master station equipment and the execution station equipment, and when the first public key and the first private key are generated, the first public key and the first private key are respectively transmitted in an encryption mode through the execution station key and the master station key, so that the safety of a key updating process is improved, the safety of key updating is further improved, and the normal operation of the power control system is ensured.
The present embodiment also provides another key updating method that can be applied to the management apparatus 102 in the implementation environment described above. On the basis of the embodiment shown in fig. 2, the master station key includes a second private key and a second public key, the second private key is stored in the master station device, and the second public key is stored in the management device; the step 204 may specifically include the following steps:
the management equipment encrypts the first private key according to the second public key to generate a private key update message, and sends the private key update message to the master station equipment; the private key update message is used for indicating the master station device to decrypt the private key update message according to the second private key to obtain the first private key.
In one embodiment of the present application, the master key may be a second private key and a second public key generated based on an asymmetric encryption algorithm, where the second private key is stored in the master device and the second public key is stored in the management device.
In one embodiment of the present application, for a generated first private key, a management device encrypts the first private key with a second public key stored in the management device, and sends a generated private key update message to a master device.
In one embodiment of the present application, after receiving the private key update message, the master station device decrypts the private key update message according to a second private key corresponding to the second public key stored in the master station device, and obtains the first private key after the decryption is successful; optionally, if decryption fails, an update key failure alarm is sent to the management device. The master station counts the number of failed alarms to receive the updated key and re-executes step 204 when a preset threshold is exceeded.
In the key updating method provided by the embodiment of the application, the first private key is encrypted by the management equipment according to the second public key to generate a private key updating message, and the private key updating message is sent to the master station equipment; the private key update message is used for indicating the master station device to decrypt the private key update message according to the second private key to obtain the first private key. According to the key updating method provided by the embodiment of the application, the first private key is encrypted by the second public key generated by the asymmetric encryption algorithm and the second private key is decrypted, so that the security of the private key updating process between the management equipment and the master station equipment is improved.
Referring to fig. 3, a flowchart of another key updating method provided in this embodiment is shown, and the key updating method may be applied to the management device 102 in the implementation environment described above. On the basis of the foregoing embodiment, the private key update packet further includes a master station feature code corresponding to the master station device, and the step of the management device encrypting the first private key according to the second public key to generate the private key update packet may specifically include the following steps:
In step 302, the management device acquires a master station feature code corresponding to the master station device.
In one embodiment of the present application, the master station feature code of the master station device is pre-stored in the management device, where the master station feature code may be, but is not limited to, a master station name, a master station installation location (longitude and latitude, etc.), and a software check code of the master station.
Step 304, the management device encrypts the first private key and the primary station feature code according to the second public key to generate a private key update message; the private key updating message is used for indicating the master station equipment to decrypt the private key updating message according to the second private key, and the first private key is obtained after verification of the master station feature code obtained through decryption is passed.
In one embodiment of the present application, the management device may encrypt the first private key and the master station feature code through the second public key at the same time, and generate the private key update message according to the encrypted first private key and the encrypted master station feature code.
In one embodiment of the present application, after the private key update packet is received by the master station device, the master station device decrypts the private key update packet according to a second private key corresponding to the second public key, and when the decryption is successful, the master station device verifies the decrypted master station feature code, and after the verification is successful, determines that the private key update packet is a legal packet sent by the management device, and uses the decrypted first private key as the first private key.
In the key updating method provided by the embodiment of the application, a master station feature code corresponding to a master station device is acquired through a management device; the management equipment encrypts the first private key and the primary station feature code according to the second public key to generate a private key update message; the private key updating message is used for indicating the master station equipment to decrypt the private key updating message according to the second private key, and the first private key is obtained after verification of the master station feature code obtained through decryption is passed. According to the key updating method provided by the embodiment of the application, the master station feature code is added in the private key updating message, so that the master station device can be instructed to verify the private key updating message for the second time by using the master station feature code obtained by decryption after the first verification of the private key updating message, and the security of key updating can be further improved.
The present embodiment also provides a flowchart of another key updating method that can be applied to the management apparatus 102 in the above-described implementation environment. On the basis of the embodiment shown in fig. 2, the execution station key includes a third private key and a third public key, the third private key is stored in the execution station device, and the third public key is stored in the management device; the step 206 may specifically include the following steps:
The management equipment encrypts the first public key according to the third public key to generate a public key update message, and sends the public key update message to the execution station equipment; the public key update message is used for indicating the execution station equipment to decrypt the public key update message according to the third private key to obtain the first public key.
In one embodiment of the present application, the execution station key may be a third private key and a third public key generated based on an asymmetric encryption algorithm, where the third private key is stored in the execution station device, and the third public key is stored in the management device.
In one embodiment of the present application, for the generated first public key, the management device encrypts the first public key with a third public key stored in the management device, and sends the generated public key update message to the executive station device.
In one embodiment of the present application, after receiving the public key update message, the execution station device decrypts the public key update message according to a third private key corresponding to the third public key stored in the execution station device, and obtains the first public key after the decryption is successful; optionally, if decryption fails, an update key failure alarm is sent to the management device. The enforcement station counts the number of failed alarms to receive the updated key and re-enforces this step 204 when a preset threshold is exceeded.
In the key updating method provided by the embodiment of the application, the first public key is encrypted by the management equipment according to the third public key to generate a public key updating message, and the public key updating message is sent to the execution station equipment; the public key update message is used for indicating the execution station equipment to decrypt the public key update message according to the third private key to obtain the first public key. According to the key updating method provided by the embodiment of the application, the first public key is encrypted by the third public key generated by the asymmetric encryption algorithm and decrypted by the third private key, so that the security of the public key updating process between the management equipment and the execution station equipment is improved.
Referring to fig. 4, a flowchart of another key updating method provided in this embodiment is shown, and the key updating method may be applied to the management device 102 in the implementation environment described above. On the basis of the foregoing embodiment, the step of encrypting, by the management device, the first public key according to the third public key to generate the public key update message may specifically include the following steps:
in step 402, the management device acquires the execution station feature code corresponding to the execution station device.
In one embodiment of the present application, the management device stores in advance an execution station feature code of the execution station device, which may be, but is not limited to, an execution station name, an execution station installation location (longitude and latitude, etc.), a software check code of the execution station.
Step 404, the management device encrypts the first public key and the execution station feature code according to the third public key to generate a public key update message; the public key updating message is used for indicating the execution station equipment to decrypt the public key updating message according to the third private key, and the first public key is obtained after the execution station feature code obtained through decryption passes verification.
In one embodiment of the present application, the management device may encrypt the first public key and the execution station feature code through the third public key at the same time, and generate the public key update message according to the encrypted first public key and the encrypted execution station feature code.
In one embodiment of the present application, after the public key update message is received by the execution station device, the execution station device decrypts the public key update message according to a third private key corresponding to the third public key, when the decryption is successful, the execution station device verifies the decrypted execution station feature code, after the verification is successful, it is determined that the public key update message is a legal message sent by the management device, and the decrypted first public key is used as the first public key.
In the key updating method provided by the embodiment of the application, the execution station feature codes corresponding to the execution station equipment are acquired through the management equipment; the management equipment encrypts the first public key and the executive station feature code according to the third public key to generate a public key update message; the public key updating message is used for indicating the execution station equipment to decrypt the public key updating message according to the third private key, and the first public key is obtained after the execution station feature code obtained through decryption passes verification. According to the key updating method provided by the embodiment of the application, the execution station feature code is added in the public key updating message, so that the execution station equipment can be instructed to perform the second verification on the public key updating message by using the decrypted execution station feature code after performing the first verification on the public key updating message, and the security of key updating can be further improved.
After the first private key and the first public key are sent to the master station device and the execution station device respectively, in order to ensure the communication reliability of the command message between the master station device and the execution station device, the first private key and the first public key need to be verified. Referring to fig. 5, a flowchart of another key updating method provided in this embodiment is shown, and the key updating method may be applied to the management device 102 in the implementation environment described above. Based on the embodiment shown in fig. 2, the step 202 may specifically include the following steps:
In step 502, the management device encrypts the test information according to the execution station key to generate first test information.
In one embodiment of the present application, when the primary station device obtains the first private key, a primary station update success message is sent to the management device, when the execution station device obtains the first public key, a secondary station update success message is sent to the management device, and after receiving the primary station update success message and the secondary station update message, the management device encrypts test information according to a preset execution station key and generates first test information. The test information is stored in the management device for comparative detection of the later obtained information to be detected.
Step 504, the management device sends first test information to the execution station device; the first test information is used for indicating the execution station equipment to decrypt the first test information according to the execution station key, encrypting the test information obtained by decryption according to the first public key to generate second test information, and sending the second test information to the master station equipment; the second test information is used for indicating the master station equipment to decrypt the second test information according to the first private key to obtain third test information.
In one embodiment of the present application, the management device may send the generated first test information to the execution station device. After receiving the first test information, the executive station device decrypts the first test information according to the stored executive station key, encrypts the decrypted test information according to the obtained first public key, generates second test information, and sends the second test information to the master station device.
In an embodiment of the present application, after receiving the second test information, the master station device decrypts the second test information according to the obtained second private key to obtain third test information.
In step 506, the management device receives the third test information sent by the master station device.
Step 508, the management device compares the third test information with the test information, and if the third test information is consistent with the test information, sends a verification success message to the execution station device and the master station device, where the verification success message is used to instruct the master station device to enable the first private key, and the verification success message is also used to instruct the execution station device to enable the first public key.
In one embodiment of the present application, by comparing the received third test information and the received test information, if the third test information and the test information are consistent, the first public key and the first private key issued by the management device are characterized to be valid, and a verification success message is sent to the execution station device and the master station device respectively. When the master station equipment receives the verification success message, starting to enable the first private key; when the authentication success message is received by the executing station device, the first public key starts to be enabled.
In the key updating method provided by the embodiment of the application, the test information is encrypted by the management equipment according to the execution station key to generate first test information; the management device sends first test information to the execution station device; the first test information is used for indicating the execution station equipment to decrypt the first test information according to the execution station key, encrypting the test information obtained by decryption according to the first public key to generate second test information, and sending the second test information to the master station equipment; the second test information is used for indicating the master station equipment to decrypt the second test information according to the first private key to obtain third test information; the management equipment receives third test information sent by the master station equipment; and the management equipment compares the third test information with the test information, and if the third test information is consistent with the test information, the management equipment respectively sends verification success information to the execution station equipment and the master station equipment, wherein the verification success information is used for indicating the master station equipment to start the first private key, and the verification success information is also used for indicating the execution station equipment to start the first public key. According to the key updating method provided by the embodiment of the application, the test information is sent to the execution station equipment, after the execution station equipment and the master station equipment carry out encryption transmission on the test information through the first public key and the first private key, the information to be detected sent by the master station equipment is received, the validity of the first public key and the first private key can be intuitively verified, the key updating management efficiency is improved, and when verification is valid, a verification success message is immediately sent to the master station equipment and the execution station equipment, so that the encryption key between the master station equipment and the execution station equipment can be timely switched, and the safety of an electric control system can be effectively ensured.
The present embodiment also provides another key updating method that can be applied to the management apparatus 102 in the implementation environment described above. Based on the embodiment shown in fig. 2, the step 202 may specifically include the following steps:
when the preset key updating condition is met, the management device executes the step of generating the first public key and the first private key according to the asymmetric encryption algorithm.
In one embodiment of the present application, the key update condition includes receiving a key update instruction input by an administrator. For example, an administrator inputs a key update instruction to the management device through various input devices to control the management device to perform the step of generating the first public key and the first private key according to the asymmetric encryption algorithm.
In one embodiment of the present application, the key update condition further includes a number of times that an update key failure alert is received being greater than a preset threshold. Optionally, the update key failure warning may be an update key failure warning sent to the management device after the private key update message and the public key update message sent to the management device by the master station device and the execution station device fail to be decrypted. For example, when the number of times the management apparatus receives the update key failure warning exceeds a preset threshold, the step of generating the first public key and the first private key according to the asymmetric encryption algorithm is performed.
In one embodiment of the present application, the key update condition further includes detecting that the power control system has received an external intrusion. For example, the management device, the master station device and the execution station device are all provided with an intrusion detection system, when the intrusion detection system detects that the current device receives external intrusion, intrusion alarm information is sent to the management device, and after receiving the intrusion alarm information, the management device executes the step of generating a first public key and a first private key according to an asymmetric encryption algorithm.
In the key updating method provided in the embodiment of the present application, when a preset key updating condition is satisfied, the management device executes a step of generating the first public key and the first private key according to an asymmetric encryption algorithm. According to the key updating method provided by the embodiment of the application, due to the fact that the updating conditions are set, unnecessary updating of the key can be avoided, and the key updating efficiency is improved; in addition, when the electric control system is detected to be invaded by the outside, the secret key can be updated in time, and the safety of the secret key updating method is improved.
It should be understood that, although the steps in the above-described flowcharts are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described above may include a plurality of sub-steps or stages that are not necessarily performed at the same time, but may be performed at different times, and the order of execution of the sub-steps or stages is not necessarily sequential, but may be performed alternately or alternately with at least a part of the sub-steps or stages of other steps or other steps.
Referring to fig. 6, a block diagram of a key update system 600 according to an embodiment of the present application is shown. As shown in fig. 6, the key update system 600 may include: a management device 601, a master device 602, and an executive station device 603, wherein:
the management device 601 is configured to generate a first public key and a first private key according to an asymmetric encryption algorithm; the first private key is used for signing a command message from the master station equipment, and the first public key is used for executing a signature verification process of the command message sent by the master station equipment from the master station equipment; encrypting the first private key according to a preset master station key to generate a private key update message, and sending the private key update message to master station equipment; the private key updating message is used for controlling the indication master station equipment to decrypt the private key updating message according to the master station key to obtain a first private key; encrypting the first public key according to a preset executive station key to generate a public key update message, and sending the public key update message to executive station equipment; the public key update message is used for indicating the execution station equipment to decrypt the public key update message according to the execution station key to obtain a first public key.
The master device 602 is configured to receive the private key update message, and decrypt the private key update message according to the master key to obtain the first private key.
The executive station device 603 is configured to receive the public key update message, and decrypt the public key update message according to the executive station key to obtain the first public key.
Referring to fig. 7, a block diagram of a key updating apparatus 700 according to an embodiment of the present application is shown. As shown in fig. 7, the key updating apparatus 700 may include: a key generation module 701, a private key update module 702, and a public key update module 703, wherein:
the key generation module 701 is configured to generate a first public key and a first private key according to an asymmetric encryption algorithm; the first private key is used for signing a command message by the master station equipment, and the first public key is used for executing signing verification of the command message sent by the master station equipment;
the private key updating module 702 is configured to encrypt the first private key according to a preset master key to generate a private key updating message, and send the private key updating message to the master device; the private key update message is used for controlling and indicating the master station equipment to decrypt the private key update message according to the master station key to obtain the first private key;
the public key updating module 703 is configured to encrypt the first public key according to a preset execution station key to generate a public key update message, and send the public key update message to the execution station device; the public key update message is used for indicating the executive station equipment to decrypt the public key update message according to the executive station key to obtain the first public key.
In one embodiment of the present application, the key generation module 701 is specifically configured to: when a preset key updating condition is met, the management equipment executes the step of generating a first public key and a first private key according to an asymmetric encryption algorithm; wherein the key update condition includes at least one of: receiving a key updating instruction input by an administrator; the number of times of receiving the failure alarm for updating the key is larger than a preset threshold value; and detecting that the power control system receives external invasion.
In one embodiment of the present application, the private key updating module 702 is specifically configured to: encrypting the first private key according to the second public key to generate a private key update message, and sending the private key update message to the master station equipment; the private key update message is used for indicating the master station device to decrypt the private key update message according to the second private key to obtain the first private key.
In one embodiment of the present application, the private key updating module 702 is further specifically configured to: acquiring a master station feature code corresponding to master station equipment; encrypting the first private key and the primary station feature code according to the second public key to generate a private key update message; the private key updating message is used for indicating the master station equipment to decrypt the private key updating message according to the second private key, and the first private key is obtained after verification of the master station feature code obtained through decryption is passed.
In one embodiment of the present application, the public key update module 703 is specifically configured to: encrypting the first public key according to the third public key to generate a public key update message, and sending the public key update message to the executive station equipment; the public key update message is used for indicating the execution station equipment to decrypt the public key update message according to the third private key to obtain the first public key.
In one embodiment of the present application, the public key update module 703 is further specifically configured to: acquiring an execution station feature code corresponding to execution station equipment; encrypting the first public key and the executive station feature code according to the third public key to generate a public key update message; the public key updating message is used for indicating the execution station equipment to decrypt the public key updating message according to the third private key, and the first public key is obtained after the execution station feature code obtained through decryption passes verification.
Referring to fig. 8, a block diagram of a key updating apparatus 800 according to an embodiment of the present application is shown. As shown in fig. 8, the key updating apparatus 800 may optionally further include, in addition to the modules included in the key updating apparatus 700: a verification module 704. Wherein:
the verification module 704 is configured to encrypt the test information according to the execution station key to generate first test information; transmitting first test information to the execution station equipment; the first test information is used for indicating the execution station equipment to decrypt the first test information according to the execution station key, encrypting the test information obtained by decryption according to the first public key to generate second test information, and sending the second test information to the master station equipment; the second test information is used for indicating the master station equipment to decrypt the second test information according to the first private key to obtain third test information; receiving third test information sent by the master station equipment; and comparing the third test information with the test information, and if the third test information is consistent with the test information, respectively sending a verification success message to the execution station equipment and the master station equipment, wherein the verification success message is used for indicating the master station equipment to start the first private key, and the verification success message is also used for indicating the execution station equipment to start the first public key.
For specific limitations on the key updating means, reference is made to the above limitations on the key updating method, and no further description is given here. The respective modules in the above-described key updating apparatus may be implemented in whole or in part by software, hardware, and combinations thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In one embodiment, a computer device is provided, which may be a terminal, and the internal structure thereof may be as shown in fig. 9. The computer device includes a processor, a memory, a network interface, a display screen, and an input device connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a key update method. The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, can also be keys, a track ball or a touch pad arranged on the shell of the computer equipment, and can also be an external keyboard, a touch pad or a mouse and the like.
It will be appreciated by those skilled in the art that the structure shown in fig. 9 is merely a block diagram of a portion of the structure associated with the present application and is not limiting of the computer device to which the present application applies, and that a particular computer device may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.
In one embodiment, a computer device is provided comprising a memory and a processor, the memory having stored therein a computer program, the processor when executing the computer program performing the steps of:
generating a first public key and a first private key according to an asymmetric encryption algorithm; the first private key is used for signing a command message from the master station equipment, and the first public key is used for executing a signature verification process of the command message sent by the master station equipment from the master station equipment;
encrypting the first private key according to a preset master station key to generate a private key update message, and sending the private key update message to master station equipment; the private key updating message is used for controlling the indication master station equipment to decrypt the private key updating message according to the master station key to obtain a first private key;
encrypting the first public key according to a preset executive station key to generate a public key update message, and sending the public key update message to executive station equipment; the public key update message is used for indicating the execution station equipment to decrypt the public key update message according to the execution station key to obtain a first public key.
In one embodiment, a computer readable storage medium is provided having a computer program stored thereon, which when executed by a processor, performs the steps of:
generating a first public key and a first private key according to an asymmetric encryption algorithm; the first private key is used for signing a command message from the master station equipment, and the first public key is used for executing a signature verification process of the command message sent by the master station equipment from the master station equipment;
encrypting the first private key according to a preset master station key to generate a private key update message, and sending the private key update message to master station equipment; the private key updating message is used for controlling the indication master station equipment to decrypt the private key updating message according to the master station key to obtain a first private key;
encrypting the first public key according to a preset executive station key to generate a public key update message, and sending the public key update message to executive station equipment; the public key update message is used for indicating the execution station equipment to decrypt the public key update message according to the execution station key to obtain a first public key.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the various embodiments provided herein may include non-volatile and/or volatile memory. The nonvolatile memory can include Read Only Memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double Data Rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous Link DRAM (SLDRAM), memory bus direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), among others.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The above examples merely represent a few embodiments of the present application, which are described in more detail and are not to be construed as limiting the scope of the invention. It should be noted that it would be apparent to those skilled in the art that various modifications and improvements could be made without departing from the spirit of the present application, which would be within the scope of the present application. Accordingly, the scope of protection of the present application is to be determined by the claims appended hereto.

Claims (10)

1. A method of key updating, the method comprising:
when a preset key updating condition is met, the management equipment generates a first public key and a first private key according to an asymmetric encryption algorithm; the first private key is used for signing a command message by the master station equipment, and the first public key is used for executing signing verification of the command message sent by the master station equipment; the key updating condition comprises at least one of receiving a key updating instruction input by an administrator, receiving a key updating failure alarm with the number of times larger than a preset threshold value, and detecting that the power control system receives external invasion;
The management device encrypts the first private key according to a preset master station key to generate a private key update message, and sends the private key update message to the master station device; the private key update message is used for controlling and indicating the master station equipment to decrypt the private key update message according to the master station key to obtain the first private key;
the management equipment encrypts the first public key according to a preset executive station key to generate a public key update message, and sends the public key update message to the executive station equipment; the public key update message is used for indicating the executive station equipment to decrypt the public key update message according to the executive station key to obtain the first public key;
after receiving the update success message of the master station and the update success message of the execution station, the management equipment encrypts test information according to a preset execution station key and generates first test information;
the management equipment encrypts the test information according to the execution station key to generate first test information; the management device sends the first test information to the execution station device; the first test information is used for indicating the execution station equipment to decrypt the first test information according to the execution station key, encrypting the test information obtained by decryption according to the first public key to generate second test information, and sending the second test information to the master station equipment; the second test information is used for indicating the master station equipment to decrypt the second test information according to the first private key to obtain third test information;
The management equipment receives the third test information sent by the master station equipment; and the management equipment compares the third test information with the test information, and if the third test information is consistent with the test information, the management equipment respectively sends verification success information to the execution station equipment and the master station equipment, wherein the verification success information is used for indicating the master station equipment to start the first private key, and the verification success information is also used for indicating the execution station equipment to start the first public key.
2. The method of claim 1, wherein the master key comprises a second private key and a second public key, the second private key stored at the master device and the second public key stored at the management device; the management device encrypts the first private key according to a preset master station key to generate a private key update message, and sends the private key update message to the master station device, including:
the management device encrypts the first private key according to the second public key to generate the private key update message, and sends the private key update message to the master station device; the private key update message is used for indicating the master station device to decrypt the private key update message according to the second private key to obtain the first private key.
3. The method of claim 2, wherein the private key update message further includes a master station feature code corresponding to the master station device; the management device encrypts the first private key according to the second public key to generate the private key update message, including:
the management equipment acquires a master station feature code corresponding to the master station equipment;
the management equipment encrypts the first private key and the master station feature code according to the second public key to generate the private key update message; the private key updating message is used for indicating the master station equipment to decrypt the private key updating message according to the second private key, and the first private key is obtained after verification of the master station feature code obtained through decryption is passed.
4. The method of claim 1, wherein the executive station key comprises a third private key and a third public key, the third private key stored at the executive station device and the third public key stored at the management device; the management device encrypts the first public key according to a preset execution station key to generate a public key update message, and sends the public key update message to the execution station device, including:
The management device encrypts the first public key according to the third public key to generate the public key update message, and sends the public key update message to the executive station device; the public key update message is used for indicating the execution station device to decrypt the public key update message according to the third private key to obtain the first public key.
5. The method of claim 4, wherein the public key update message further includes an execution station feature code corresponding to the execution station device; the management device encrypts the first public key according to the third public key to generate the public key update message, including:
the management equipment acquires an execution station feature code corresponding to the execution station equipment;
the management device encrypts the first public key and the execution station feature code according to the third public key to generate the public key update message; the public key updating message is used for indicating the execution station equipment to decrypt the public key updating message according to the third private key, and the first public key is obtained after the execution station feature code obtained through decryption passes verification.
6. The method according to claim 2, wherein when the primary station device obtains the first private key, the primary station device sends a primary station update success message to the management device; and when the execution station equipment acquires the first public key, the execution station equipment sends an execution station updating success message to the management equipment.
7. The method of claim 1, wherein the master station feature code of the master station device is pre-stored in the management device, and the master station feature code includes a master station name, a master station installation location, and a software check code of the master station.
8. A key updating apparatus, the apparatus comprising:
the key generation module is used for generating a first public key and a first private key according to an asymmetric encryption algorithm by the management equipment when a preset key updating condition is met; the first private key is used for signing a command message by the master station equipment, and the first public key is used for executing signing verification of the command message sent by the master station equipment; the key updating condition comprises at least one of receiving a key updating instruction input by an administrator, receiving a key updating failure alarm with the number of times larger than a preset threshold value, and detecting that the power control system receives external invasion;
the private key updating module is used for encrypting the first private key according to a preset master station key to generate a private key updating message, and sending the private key updating message to the master station device; the private key update message is used for controlling and indicating the master station equipment to decrypt the private key update message according to the master station key to obtain the first private key;
The public key updating module is used for encrypting the first public key according to a preset executive station key to generate a public key updating message, and sending the public key updating message to the executive station device; the public key update message is used for indicating the executive station equipment to decrypt the public key update message according to the executive station key to obtain the first public key;
the verification module is used for encrypting the test information according to a preset execution station key after receiving the update success message of the master station and the update success message of the execution station and generating first test information; encrypting the test information according to the execution station key to generate first test information; transmitting the first test information to the executive station equipment; the first test information is used for indicating the execution station equipment to decrypt the first test information according to the execution station key, encrypting the test information obtained by decryption according to the first public key to generate second test information, and sending the second test information to the master station equipment; the second test information is used for indicating the master station equipment to decrypt the second test information according to the first private key to obtain third test information; receiving the third test information sent by the master station equipment; and comparing the third test information with the test information, and if the third test information is consistent with the test information, respectively sending a verification success message to the execution station equipment and the master station equipment, wherein the verification success message is used for indicating the master station equipment to start the first private key, and the verification success message is also used for indicating the execution station equipment to start the first public key.
9. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the steps of the method of any of claims 1 to 7 when the computer program is executed.
10. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 7.
CN202010156891.5A 2020-03-09 2020-03-09 Key updating method, device, computer equipment and storage medium Active CN111147247B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010156891.5A CN111147247B (en) 2020-03-09 2020-03-09 Key updating method, device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010156891.5A CN111147247B (en) 2020-03-09 2020-03-09 Key updating method, device, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN111147247A CN111147247A (en) 2020-05-12
CN111147247B true CN111147247B (en) 2023-07-28

Family

ID=70528446

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010156891.5A Active CN111147247B (en) 2020-03-09 2020-03-09 Key updating method, device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN111147247B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113207121A (en) * 2021-03-31 2021-08-03 中国电力科学研究院有限公司 Key management method and system for intelligent power distribution network communication system
CN113556355B (en) * 2021-07-30 2023-04-28 广东电网有限责任公司 Key processing system and method for intelligent equipment of power distribution network
CN114095165B (en) * 2021-11-22 2024-04-26 中国建设银行股份有限公司 Key updating method, server device, client device and storage medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110535641A (en) * 2019-08-27 2019-12-03 中国神华能源股份有限公司神朔铁路分公司 Key management method and device, computer equipment and storage medium

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101286842B (en) * 2008-05-26 2011-04-06 西安西电捷通无线网络通信股份有限公司 Method for distributing key using public key cryptographic technique and on-line updating of the public key
CN101738516B (en) * 2008-11-25 2012-11-14 深圳市宝利达实业有限公司 Electronic electric energy meter and data secure transmission method thereof
CN102137393B (en) * 2010-12-28 2014-07-09 华为技术有限公司 Method and device for encrypting end-to-end
CN105721490A (en) * 2015-07-01 2016-06-29 北京东润环能科技股份有限公司 Intelligent collection terminal, master station system and data processing method

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110535641A (en) * 2019-08-27 2019-12-03 中国神华能源股份有限公司神朔铁路分公司 Key management method and device, computer equipment and storage medium

Also Published As

Publication number Publication date
CN111147247A (en) 2020-05-12

Similar Documents

Publication Publication Date Title
CN111147247B (en) Key updating method, device, computer equipment and storage medium
CN111556025A (en) Data transmission method, system and computer equipment based on encryption and decryption operations
CN108111497B (en) Mutual authentication method and device for camera and server
CN110535641B (en) Key management method and apparatus, computer device, and storage medium
CN106487659B (en) Information encryption method, information encryption device and terminal
CN111294203B (en) Information transmission method
CN110995729B (en) Control system communication method and device based on asymmetric encryption and computer equipment
US20210144130A1 (en) Method for securing communication without management of states
CN115065472B (en) Security chip encryption and decryption method and device based on multi-key encryption and decryption
CN111614548A (en) Message pushing method and device, computer equipment and storage medium
CN112115461B (en) Equipment authentication method and device, computer equipment and storage medium
CN110958266A (en) Data processing method, system, computer device and storage medium
CN114528602A (en) Security chip operation method and device based on attack detection behavior
CN110971610A (en) Control system identity verification method and device, computer equipment and storage medium
CN116527261A (en) Key recovery method, electronic device and storage medium
CN110995427A (en) Control system key management method and device based on asymmetric encryption
CN108270601B (en) Mobile terminal, alarm information acquisition method and device and alarm information sending method and device
CN113595982B (en) Data transmission method and device, electronic equipment and storage medium
CN113014545B (en) Data processing method and device, computer equipment and storage medium
CN211557285U (en) Control terminal, signature server and task server
CN112468493A (en) Data transmission method, identity recognition method and system based on field bus
CN111083164A (en) Safety protection method of industrial control system and related equipment
CN114301774B (en) Device configuration method, system, device, electronic device and storage medium
CN113572599B (en) Power data transmission method, data source equipment and data access equipment
US20170222810A1 (en) User permission check system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant