CN112134884A - Message serial number updating method - Google Patents
Message serial number updating method Download PDFInfo
- Publication number
- CN112134884A CN112134884A CN202011006987.XA CN202011006987A CN112134884A CN 112134884 A CN112134884 A CN 112134884A CN 202011006987 A CN202011006987 A CN 202011006987A CN 112134884 A CN112134884 A CN 112134884A
- Authority
- CN
- China
- Prior art keywords
- message
- serial number
- history
- equipment
- historical
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Abstract
The application is applicable to the technical field of equipment networking, and provides a message serial number updating method, which comprises the following steps: receiving a first message sent by historical equipment, and extracting a first message serial number in the first message; acquiring a first history message serial number corresponding to the prestored history equipment; if the first message serial number is smaller than the first historical message serial number, the first historical message serial number is sent to the historical equipment; and the first historical message serial number is used for controlling the historical equipment to update the current message serial number. Compared with the prior art, the history equipment in the application can obtain the history message serial number of each first equipment, so that the history maximum message serial number can be obtained, and the current message serial number can be updated. The problem that normal communication cannot be carried out with the first equipment due to the fact that the message sequence number of the historical equipment is too small is avoided, and replay attack can be effectively prevented.
Description
Technical Field
The application belongs to the technical field of equipment networking, and particularly relates to a message serial number updating method.
Background
Replay attacks are a common way to attack computers. Replay attack, also known as replay attack, replay attack or freshness attack, refers to an attacker sending a packet that a destination host has received to achieve the purpose of deceiving a system, and is mainly used in an identity authentication process to destroy the correctness of authentication. It is a type of attack that repeats an effective data transmission, either continuously maliciously or fraudulently, and replay attacks can be performed by the originator or by an adversary that intercepts and retransmits the data.
Common defense against replay attacks are: the message sequence number is used. The defense means based on the message serial number means that two communication parties need to negotiate an initial serial number in advance and negotiate an increasing method to decide whether to discard the corresponding message according to the size of the message serial number. After the historical device accesses the network again, the message serial number defaults to 0, and the defense mechanism of replay attack enables the historical device not to carry out normal encrypted communication with the first device before the message serial number is increased to the historical maximum message serial number.
Disclosure of Invention
In view of this, the embodiment of the present application provides a method and an apparatus for updating a message serial number, which can solve the technical problem that, after a historical device re-accesses a network, the message serial number defaults to 0, and a defense mechanism of replay attack causes that the historical device cannot perform normal encrypted communication with a first device before the message serial number increases to a historical maximum message serial number.
A first aspect of the embodiments of the present application provides an update method for a packet sequence number, where the update method is applied to a first device, and the first device is a device in a network except a historical device that accesses the network again, and the method includes:
receiving a first message sent by historical equipment, and extracting a first message serial number in the first message;
acquiring a first history message serial number corresponding to the prestored history equipment;
if the first message serial number is smaller than the first historical message serial number, the first historical message serial number is sent to the historical equipment; and the first historical message serial number is used for controlling the historical equipment to update the current message serial number.
A second aspect of the embodiments of the present application provides an update method for a packet sequence number, where the update method is applied to a history device, and the method includes:
sending a first message to first equipment; the first equipment is equipment except the historical equipment for re-accessing the network; the first message comprises a first message serial number;
receiving a first historical message serial number sent by the first equipment according to the first message serial number;
and updating the current message serial number according to the first historical message serial number.
A third aspect of the embodiments of the present application provides an apparatus for updating a packet sequence number, where the apparatus is applied to a first device, and the apparatus includes:
the first receiving unit is used for receiving a first message sent by historical equipment and extracting a first message serial number in the first message;
the first acquisition unit is used for acquiring a prestored first history message serial number corresponding to the history equipment;
a judging unit, configured to send the first history packet serial number to the history device if the first packet serial number is smaller than the first history packet serial number; and the first historical message serial number is used for controlling the historical equipment to update the current message serial number.
A fourth aspect of the present embodiment provides an apparatus for updating a packet sequence number, where the apparatus includes:
a sending unit, configured to send a first packet to a first device; the first equipment is equipment except the historical equipment for re-accessing the network; a first message serial number in the first message;
a second receiving unit, configured to receive a first history packet serial number sent by the first device according to the first packet serial number;
and the updating unit is used for updating the current message serial number according to the first historical message serial number.
A fifth aspect of embodiments of the present application provides a first device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the method of the first aspect when executing the computer program.
A sixth aspect of embodiments of the present application provides a historian comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, the processor implementing the steps of the method of the second aspect when executing the computer program.
A seventh aspect of the embodiments of the present application provides a history device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and the processor implements the steps of the method of the first aspect and the method of the second aspect when executing the computer program.
A fifth aspect of embodiments of the present application provides a computer-readable storage medium, which stores a computer program, and the computer program, when executed by a processor, implements the steps of the method according to the first aspect.
Compared with the prior art, the embodiment of the application has the advantages that: receiving a first message sent by historical equipment, and extracting a first message serial number in the first message; acquiring a first history message serial number corresponding to the prestored history equipment; if the first message serial number is smaller than the first historical message serial number, the first historical message serial number is sent to the historical equipment; and the first historical message serial number is used for controlling the historical equipment to update the current message serial number. By the scheme, when the historical device is communicated with the first device, the corresponding historical message serial number can be obtained, and the current message serial number is updated according to the historical message serial number. Compared with the prior art, the history equipment in the application can obtain the history message serial number of each first equipment, so that the history maximum message serial number can be obtained, and the current message serial number can be updated. The problem that normal communication cannot be carried out with the first equipment due to the fact that the message sequence number of the historical equipment is too small is avoided, and replay attack can be effectively prevented.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the embodiments or the related technical descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 shows an interactive flowchart of a method for updating a message serial number according to the present application;
fig. 2 is a schematic flow chart illustrating an updating method of a message serial number according to the present application;
FIG. 3 is a schematic flow chart diagram illustrating another message sequence number updating method provided by the present application;
fig. 4 is a schematic flow chart illustrating an updating method of a message serial number according to the present application;
FIG. 5 is a schematic flow chart diagram illustrating another message sequence number updating method provided by the present application;
FIG. 6 is a schematic flow chart diagram illustrating another message sequence number updating method provided by the present application;
FIG. 7 shows a schematic flow diagram of an authentication flow provided herein;
fig. 8 is a specific schematic flowchart illustrating a message serial number updating method provided in the present application;
fig. 9 is a schematic diagram illustrating an implementation of a message serial number updating method provided in the present application;
fig. 10 is a schematic diagram illustrating an apparatus for updating a message serial number according to the present application;
fig. 11 is a schematic diagram illustrating an apparatus for updating a message serial number according to the present application;
FIG. 12 is a schematic diagram of a first apparatus provided in accordance with an embodiment of the present invention;
fig. 13 is a schematic diagram of a history device according to an embodiment of the present invention.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system structures, techniques, etc. in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.
As used in this specification and the appended claims, the term "if" may be interpreted contextually as "when", "upon" or "in response to" determining "or" in response to monitoring ". Similarly, the phrase "if it is determined" or "if [ a described condition or event ] is monitored" may be interpreted depending on the context to mean "upon determining" or "in response to determining" or "upon monitoring [ a described condition or event ]" or "in response to monitoring [ a described condition or event ]".
Furthermore, in the description of the present application and the appended claims, the terms "first," "second," "third," and the like are used for distinguishing between descriptions and not necessarily for describing or implying relative importance.
Reference throughout this specification to "one embodiment" or "some embodiments," or the like, means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the present application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," or the like, in various places throughout this specification are not necessarily all referring to the same embodiment, but rather "one or more but not all embodiments" unless specifically stated otherwise. The terms "comprising," "including," "having," and variations thereof mean "including, but not limited to," unless expressly specified otherwise.
Since the defense means based on the message sequence number stipulates: if the current serial number in the message received by the receiving end is smaller than the historical message serial number, discarding the message (thereby defending against replay attack). After the historical device is re-accessed to the network, the message serial number defaults to 0, and the defense mechanism of the replay attack enables the historical device not to carry out normal encrypted communication with the first device before the message serial number is increased to the historical maximum message serial number. The first device is a device in the network except the historical device for re-accessing the network. The history device refers to a device that rejoins the network.
In view of this, embodiments of the present application provide a method and an apparatus for updating a message serial number, which can solve the above technical problem.
The application provides a message serial number updating method, which is an interactive execution step at two ends. In order to better explain the technical scheme, after the overall explanation is performed on the interactive flows at two ends, the execution steps at each end are specifically explained one by one. Taking fig. 1 as an example, the two-end interactive main body is divided into a history device 11 and a first device 12. Referring to fig. 1, fig. 1 is an interactive flowchart illustrating a method for updating a message serial number according to the present application.
The two-end interaction execution steps shown in fig. 1 are as follows: the historian device 11 sends a first message with a first message sequence number to the first device 12. The first device 12 receives the first packet and extracts a first packet sequence number in the first packet. The first device 12 obtains a pre-stored first history message serial number corresponding to the history device 11. And if the current message serial number is smaller than the first historical message serial number, sending the first historical message serial number to the historical device 11. The history device 11 receives the first history packet serial number sent by the first device 12, and updates the current packet serial number according to the first history packet serial number.
It can be understood that, when the history device 11 communicates with a plurality of first devices, the above steps are executed in a loop, that is, the maximum history packet serial number of the history device 11 can be obtained, so as to ensure that normal communication can be performed with all the first devices in the network. For example: "there are a first device a, a first device B, and a first device C in the network. The serial number of the history packet corresponding to the history device 11 prestored in the first device a is 10, the serial number of the history packet corresponding to the history device 11 prestored in the first device B is 15, and the serial number of the history packet corresponding to the history device 11 prestored in the first device C is 21. After the history device 11 and the first device B execute the above steps, the serial number of the history message is 15, and a random positive number is added to the serial number 15 to obtain the serial number of the current message. At this time, the historian device 11 can perform normal communication with the first device a, but cannot perform normal communication with the first device C (because the historical packet serial number corresponding to the first device C is greater than the current packet serial number of the historian device 11). If the history device 11 and the first device C execute the above steps, the current packet serial number is updated to 21, that is, the largest packet serial number, and then normal communication with all the first devices can be performed. The number of cycles for executing the above steps may be determined by an actual scenario, and the maximum packet sequence number may be obtained when the first execution is performed, or may be obtained for the second time, the third time, and so on.
Based on the above general explanation of the flow of interaction between two ends, the execution flow of each end is described in detail below.
Referring to fig. 2, fig. 2 is a schematic flow chart illustrating an updating method of a message serial number according to the present application. In order to better explain the technical solution of the present application, the present application explains the technical solution by taking fig. 1 as an example. The method is applied to the first device 12.
As shown in fig. 2, the method may include the steps of:
step 201, receiving a first message sent by a history device, and extracting a first message serial number in the first message.
The historian 11 also needs to obtain the initial message sequence number before executing step 201. The process of obtaining the initial message sequence number is as follows:
after the history device 11 performs an authentication procedure with the authentication device, it obtains a second history packet serial number sent by the authentication device. And adding a random positive number to the second historical message serial number to obtain an initial message serial number. The authentication device is a device performing authentication interaction with the history device, and the first device includes the authentication device. Each first device prestores a history packet serial number corresponding to the history device 11, where the history packet serial number is a packet serial number corresponding to the last communication between two end devices (it should be noted that, since the history communication times between different first devices and the history device 11 are different, the history packet serial numbers recorded by different first devices are also different). And the second history message serial number is a history message serial number corresponding to the history equipment prestored in the authentication equipment.
After acquiring the first message serial number, the history device 11 sends the first message to the first device 12 by using the first message serial number. After receiving the first packet, the first device 12 extracts a first packet serial number in the first packet.
The type of the message sequence number includes, but is not limited to, a unicast message sequence number, a multicast message sequence number, or a broadcast message sequence number.
Step 202, obtaining a pre-stored first history message serial number corresponding to the history device.
The first device 12 obtains a pre-stored first history packet serial number. The first historical packet sequence number is a historical packet sequence number stored when the first device 12 and the historical device 11 are in historical communication.
As an embodiment of the present application, all devices in the network pre-store the historical packet serial number of each device and the current packet serial number corresponding to the local device, so as to update the current packet serial numbers of other devices and prevent replay attack.
Step 203, if the first packet serial number is smaller than the first history packet serial number, sending the first history packet serial number to the history device; and the first historical message serial number is used for controlling the historical equipment to update the current message serial number.
If the first packet sequence number is smaller than the first history packet sequence number, the first device 12 encrypts the first history packet sequence number according to the pre-negotiated target key, and sends the encrypted first history packet sequence number to the history device 11. After receiving the first historical packet serial number, the historical device 11 adds a random positive number to the first historical packet serial number to obtain a current packet serial number.
As an embodiment of the present application, if the first packet sequence number is less than or equal to the first historical packet sequence number, the first device 12 discards the first packet.
As another embodiment of the present application, if the first packet serial number is greater than the first historical packet serial number, the data in the first packet is obtained to perform normal communication.
In this embodiment, a first message sent by a history device is received, and a first message serial number in the first message is extracted; acquiring a first history message serial number corresponding to the prestored history equipment; if the first message serial number is smaller than the first historical message serial number, the first historical message serial number is sent to the historical equipment; and the first historical message serial number is used for controlling the historical equipment to update the current message serial number. By the scheme, when the historical device is communicated with the first device, the corresponding historical message serial number can be obtained, and the current message serial number is updated according to the historical message serial number. Compared with the prior art, the history equipment in the application can obtain the history message serial number of each first equipment, so that the history maximum message serial number can be obtained, and the current message serial number can be updated. The problem that normal communication cannot be carried out with the first equipment due to the fact that the message sequence number of the historical equipment is too small is avoided, and replay attack can be effectively prevented.
Optionally, on the basis of the embodiment shown in fig. 2, before receiving the first packet sent by the history device, the following steps are further included, please refer to fig. 3, and fig. 3 shows a schematic flowchart of another method for updating a serial number of a packet provided by the present application. In this embodiment, step 303 and step 305 are the same as step 201 to step 203 in the embodiment shown in fig. 2, and please refer to the related description of step 201 to step 203 in the embodiment shown in fig. 2, which is not repeated herein.
Step 301, receiving a history message sent by the history device, and extracting a first history message serial number in the history message; the history message is a message sent by the history equipment before the network is accessed again.
The first device 12 receives the history message sent by the history device 11. The history packet refers to a packet corresponding to the last communication with the first device 12, that is, the first history packet serial number is a history packet serial number corresponding to the last communication between the first device 12 and the history device 11.
Step 302, storing the first historical packet sequence number.
The first device 12 stores the first history packet sequence number for subsequent updating of the sequence number of the history device 11.
Step 303, receiving a first message sent by the history device, and extracting a first message serial number in the first message.
And step 304, acquiring a pre-stored first history message serial number corresponding to the history device.
Step 305, if the first packet serial number is smaller than the first historical packet serial number, sending the first historical packet serial number to the historical device; and the first historical message serial number is used for controlling the historical equipment to update the current message serial number.
In this embodiment, the first device receives a history packet sent by the history device, and extracts a first history packet serial number in the history packet. And storing the first historical message serial number. When the historical equipment rejoins the network, the historical equipment is controlled to update the message serial number according to the first historical message serial number.
The application provides a message serial number updating method which is applied to historical equipment 11. Referring to fig. 4, fig. 4 is a schematic flow chart illustrating an updating method of a message serial number according to the present application.
As shown in fig. 4, the method may include the steps of:
step 401, sending a first message to a first device; the first equipment is equipment except the historical equipment for re-accessing the network; the first message comprises a first message serial number.
When the historian 11 needs to communicate with the first device 12, the historian 11 sends a first message to the first device 11. The first message comprises a first message serial number.
As an embodiment of the present application, the current packet serial number may be a second history packet serial number corresponding to the history device 11 sent by the authentication device in the authentication process (the second history packet serial number is a history packet serial number corresponding to the last communication pre-stored by the authentication device when the history device 11 is not off-line).
As another embodiment of the present application, the current message serial number may also default to 0. And continuously updating the serial number of the current message by circularly executing the steps 401 to 403 with different first equipment so as to carry out normal communication.
Step 402, receiving a first historical packet serial number sent by the first device according to the first packet serial number.
If the first packet serial number is greater than the first history packet serial number, the history device 11 may perform normal communication with the first device 12.
If the first packet sequence number is smaller than the first history packet sequence number, the history device 11 receives the first history packet sequence number sent by the first device 12. The first history packet serial number is a history packet serial number corresponding to the last communication, which is prestored by the first device 12 when the history device 11 is not off-network.
Step 403, updating the current packet serial number according to the first historical packet serial number.
Specifically, the updating the current packet sequence number includes: and adding a random positive number to the first historical message serial number to obtain the current message serial number.
In this embodiment, the history device sends a first message to the first device; the first equipment is equipment except the historical equipment for re-accessing the network; receiving a first historical message serial number sent by the first equipment according to the first message serial number; and updating the current message serial number according to the first historical message serial number. By the scheme, when the historical device is communicated with the first device, the corresponding historical message serial number can be obtained, and the current message serial number is updated according to the historical message serial number. Compared with the prior art, the history equipment in the application can obtain the history message serial number of each first equipment, so that the history maximum message serial number can be obtained, and the current message serial number can be updated. The problem that normal communication cannot be carried out with the first equipment due to the fact that the message sequence number of the historical equipment is too small is avoided, and replay attack can be effectively prevented.
Optionally, on the basis of the embodiment shown in fig. 4, before sending the first packet to the first device, the following steps are further included, please refer to fig. 5, and fig. 5 shows a schematic flowchart of another method for updating a serial number of a packet provided by the present application. Step 503 and step 505 in this embodiment are the same as step 401 to step 403 in the embodiment shown in fig. 4, and please refer to the related description of step 401 to step 403 in the embodiment shown in fig. 4, which is not repeated herein.
Step 501, acquiring a second history message serial number sent by the authentication equipment; the authentication equipment refers to equipment for performing authentication interaction with historical equipment; and the second history message serial number is a history message serial number corresponding to the history device and pre-stored in the authentication device.
The authentication device prestores a second history message serial number of the history device 11. The history device 11 acquires the target key after completing the authentication process with the authentication device. The authentication device encrypts the second history packet serial number by the target key and sends it to the history device 11. And the history equipment 11 decrypts according to the secret key and obtains a second history message serial number.
Step 502, updating the current message serial number according to the second historical message serial number.
Specifically, the updating the current packet sequence number includes: and adding a random positive number to the second historical message serial number to obtain the current message serial number.
As an embodiment of the present application, the second historical packet sequence number may also be directly used as the current packet sequence number.
It is understood that the current packet sequence number may be the maximum packet sequence number corresponding to the history device 11, i.e. normal communication may be performed with all the first devices in the network. If the current packet sequence number may not be the maximum packet sequence number corresponding to the history device 11, step 503 to step 505 are executed to update the current packet sequence number to the maximum packet sequence number.
Step 503, sending a first message to the first device; the first equipment is equipment except the historical equipment for re-accessing the network; the first message comprises a first message serial number.
Step 504, receiving a first historical packet sequence number sent by the first device according to the first packet sequence number.
And 505, updating the current message serial number according to the first historical message serial number.
In this embodiment, the history device obtains the serial number of the second history packet sent by the authentication device. And updating the current message serial number according to the second historical message serial number. By the scheme, the historical equipment obtains the current message serial number. To enable normal communication with the first device.
Optionally, on the basis of the embodiment shown in fig. 4, before sending the first packet to the first device, the following steps are further included, please refer to fig. 6, and fig. 6 shows a schematic flowchart of another method for updating a serial number of a packet provided by the present application. Step 611 and step 613 in this embodiment are the same as steps 401 to 403 in the embodiment shown in fig. 4, and please refer to the related description of steps 401 to 403 in the embodiment shown in fig. 4, which is not repeated herein.
Step 601, a first key is obtained.
Steps 601 to 609 are an authentication flow between the history device 11 and the authentication device 13. In order to better explain the authentication flow of the present embodiment, the present embodiment is explained with reference to fig. 7. Referring to fig. 7, fig. 7 shows a schematic flow chart of the authentication flow provided by the present application. Any one of the first devices may be an authentication device, that is, the first device includes the authentication device.
The history device 11 interacts with the authentication device 13 to obtain a first key.
Specifically, step 601 specifically includes the following steps, please refer to fig. 8, and fig. 8 shows a specific schematic flowchart of a message serial number updating method provided in the present application.
Step 6011, a pre-stored network token is obtained.
The network token is a token that the authentication device 13 sends when the history device 11 first joins the network, and stores the network token. After the historical device 11 is subsequently re-networked, the pre-stored network token can be directly acquired, and the network token does not need to be acquired from the authentication device again. The authentication device 13 also has a network token prestored therein.
Step 6012, a service set identifier is obtained.
Service Set Identifier (SSID) a SSID refers to a string of characters that uniquely names a wlan. The historian 11 obtains a service set identifier in the network.
Step 6013, the network token and the service set identifier are calculated through a first preset algorithm to obtain a target token.
The history device 11 calculates a new parameter by using the network token and the service set identifier through a first preset algorithm, and uses the parameter as a target token.
The authentication device 13 calculates a new parameter by using a first preset algorithm for the network token and the service set identifier, and uses the parameter as a target token.
The first preset algorithm includes, but is not limited to, a hash algorithm, etc. For example: and calculating the network token and the service set identifier through a passhash algorithm to obtain the target token.
Step 6014, the target token is used as the first key.
The history device 11 and the authentication device 13 use the target token as the first key.
In this embodiment, the first key is obtained through the network token, and the first key does not need to be generated through the authentication server or a pre-assigned temporary key. The method and the device have the advantages that keys maintained in the authentication process are fewer, and the authentication process is simplified.
Step 602, a first random value is generated and sent to an authentication device via a first message.
The historian 11 generates a first random value. And sends the first random value to the authentication device 13 through the first message. The authentication device 13 randomly generates a second random value after receiving the first random value. And the authentication device 13 obtains a second key by using the first random value, the second random value and the first key through a second preset algorithm. The second preset algorithm includes, but is not limited to, a hash algorithm, etc. For example: and calculating the first random value, the second random value and the first key by a keyed Hash algorithm (Hash-based Message Authentication Code sha1, HMACSHA1) to obtain a second key.
The authentication device 13 encrypts the second message by the second key, and sends the encrypted second message to the history device 11. The second message comprises a second random value and a first check value corresponding to the second message.
Step 603, receiving a second message sent by the authentication device, where the second message includes a second random value and a first check value corresponding to the second message.
The history device 11 receives the second message sent by the authentication device 13, and extracts a second random value in the second message and a first check value corresponding to the second message.
And step 604, obtaining a second secret key by using the first random value, the second random value and the first secret key through a second preset algorithm.
At this time, the history device 11 has acquired the first random value, the second random value, and the first key. The authentication device 13 also obtains the first random value, the second random value, and the first key. Both the history device 11 and the authentication device 13 can calculate the same second key by the second preset algorithm according to the same input parameters.
And the history device 11 obtains a second key by using the first random value, the second random value and the first key through a second preset algorithm.
Step 605, decrypting the second packet by using a second key, and calculating a second check value of the second packet.
The history device 11 decrypts the second packet using the second key and calculates a second check value of the second packet. The process of calculating the check value is an existing algorithm, and is not described herein again.
Step 606, extracting the first check value in the second message.
The history device 11 extracts the first check value in the second message.
Step 607, if the first check value is the same as the second check value, a third packet is sent to the authentication device, where the third packet includes a third check value corresponding to the third packet.
The historian 11 validates the sender identity with the first check value and the second check value.
If the first check value is the same as the second check value, the history device 11 sends a third message to the authentication device 13. The third message includes a third check value corresponding to the third message.
If the first check value is different from the second check value, authentication fails.
Step 608, receiving a fourth message sent by the authentication device according to the third check value, where the fourth message includes a target key.
The authentication device 13 receives the third message and decrypts the third message by the second key. The authentication device 13 calculates a fourth check value of the decrypted third packet. The authentication device 13 obtains the third check value in the decrypted third message.
The authentication device 13 confirms the identity of the sender by the third check value and the fourth check value.
If the third check value is the same as the fourth check value, the authentication device 13 sends a fourth message to the history device 11, where the fourth message includes the target key.
And if the third check value is different from the fourth check value, the authentication fails.
The history device 11 receives a fourth message sent by the authentication device 13, where the fourth message includes the target key.
Step 609, decrypting the fourth message by using a second key to obtain a target key in the fourth message.
The history device 11 decrypts the fourth packet using the second key, and calculates a fifth check value of the decrypted fourth packet. The history device 11 obtains the sixth check value in the decrypted fourth message.
The history device 11 confirms the identity of the sender through the fifth check value and the sixth check value.
And if the fifth check value is the same as the sixth check value, acquiring the target key in the decrypted fourth message to perform encrypted communication with the first device. The target key includes, but is not limited to, one or more combinations of a unicast key, a multicast key, and a broadcast key.
And if the fifth check value is different from the sixth check value, the authentication fails.
Step 610, performing encrypted communication with the first device according to the target key.
The history device 11 performs encrypted communication with the first device according to the target key, and thus, the authentication process is completed.
After obtaining the target key, the authentication device 13 encrypts the second history packet serial number through the target key, and sends the encrypted second history packet serial number to the history device 11, so that the history device 11 can communicate normally.
It is emphasized that the authentication process in fig. 7 occurs before the update message sequence number process as shown in fig. 1. That is, after the history device 11 obtains the current packet serial number according to the second history packet serial number, it may not be ensured that the current packet serial number is the largest packet serial number of the history device 11 (because the history packet serial numbers stored in different first devices are different). Therefore, the procedure of updating the message sequence numbers as shown in fig. 1 needs to be performed to ensure normal communication with all the first devices.
Step 611, sending a first message to the first device; the first equipment is equipment except the historical equipment for re-accessing the network; the first message comprises a current message serial number corresponding to the historical device.
Step 612, receiving a first historical packet sequence number sent by the first device according to the current packet sequence number.
Step 613, updating the current packet sequence number to the first historical packet sequence number.
In this embodiment, the history device performs authentication interaction with the authentication device to obtain the target key. And the second history message serial number is encrypted through the target key, so that the normal communication between the history equipment and the first equipment is ensured.
Fig. 9 shows a schematic implementation diagram of a method for updating a message serial number provided by the present application, which includes all interactive processes corresponding to all the embodiments described above. As for the contents of all embodiments disclosed herein, the same applies in the embodiments of the present application, and the implementation principle of the interaction process in the embodiments of the present application is consistent with the implementation principle of the update method of the message sequence number shown in fig. 2 to fig. 8, so that only the implementation method corresponding to the interaction process is described briefly, and details are not repeated.
In step 901, the history device obtains a first key.
Step 902, the history device generates a first random value, and sends the first random value to the authentication device through a first message.
Step 903, the history device receives a second message sent by the authentication device, where the second message includes a second random value and a first check value corresponding to the second message.
Step 904, the history device obtains a second key by using a second preset algorithm on the first random value, the second random value and the first key.
Step 905, the history device decrypts the second packet by using a second key, and calculates a second check value of the second packet.
Step 906, the history device extracts the first check value in the second message.
Step 907, if the first check value is the same as the second check value, the history device sends a third packet to the authentication device.
Step 908, the history device receives a fourth message sent by the authentication device according to the third check value, where the fourth message includes the target key.
In step 909, the history device decrypts the fourth message by using the second key, so as to obtain the target key in the fourth message.
And step 910, the history device performs encrypted communication with the first device according to the target key.
Step 911, the history device obtains a serial number of a second history message sent by the authentication device.
Step 912, the history device updates the current message serial number according to the second history message serial number to obtain the first message serial number.
Step 913, the history device sends the first message to the first device.
Step 914, the first device receives the first packet sent by the history device, and extracts the first packet serial number in the first packet.
Step 915, the first device obtains a pre-stored first history message serial number corresponding to the history device.
Step 916, if the first packet sequence number is smaller than the first history packet sequence number, the first device sends the first history packet sequence number to the history device.
Step 917, the history device receives a first history packet sequence number sent by the first device according to the first packet sequence number.
Step 918, the history device updates the current message serial number according to the first history message serial number.
In this embodiment, by the above scheme, the current packet sequence number of the history device is updated, so that normal communication between the history device and the first device is ensured, and replay attack can be effectively defended.
Fig. 10 shows a schematic diagram of an apparatus for updating a message serial number according to the present application, where fig. 10 shows a schematic diagram of an apparatus for updating a message serial number according to the present application, and the apparatus for updating a message serial number shown in fig. 10 includes:
a first receiving unit 101, configured to receive a first packet sent by a history device, and extract a first packet serial number in the first packet;
a first obtaining unit 102, configured to obtain a first history packet serial number corresponding to the prestored history device;
a determining unit 103, configured to send the first history packet serial number to the history device if the first packet serial number is smaller than the first history packet serial number; and the first historical message serial number is used for controlling the historical equipment to update the current message serial number.
According to the message serial number updating device provided by the application, a first message sent by historical equipment is received, and a first message serial number in the first message is extracted; acquiring a first history message serial number corresponding to the prestored history equipment; if the first message serial number is smaller than the first historical message serial number, the first historical message serial number is sent to the historical equipment; and the first historical message serial number is used for controlling the historical equipment to update the current message serial number. By the scheme, when the historical device is communicated with the first device, the corresponding historical message serial number can be obtained, and the current message serial number is updated according to the historical message serial number. Compared with the prior art, the history equipment in the application can obtain the history message serial number of each first equipment, so that the history maximum message serial number can be obtained, and the current message serial number can be updated. The problem that normal communication cannot be carried out with the first equipment due to the fact that the message sequence number of the historical equipment is too small is avoided, and replay attack can be effectively prevented.
Fig. 11 shows a schematic diagram of an apparatus 11 for updating a message serial number according to the present application, where fig. 11 shows a schematic diagram of an apparatus for updating a message serial number according to the present application, and the apparatus for updating a message serial number shown in fig. 11 includes:
a sending unit 111, configured to send a first packet to a first device; the first equipment is equipment except the historical equipment for re-accessing the network; the first message comprises a first message serial number corresponding to the historical equipment;
a second receiving unit 112, configured to receive a first historical packet sequence number sent by the first device according to the first packet sequence number;
an updating unit 113, configured to update the current packet sequence number according to the first historical packet sequence number.
The application provides an updating device of a message serial number, which sends a first message to a first device; the first equipment is equipment except the historical equipment for re-accessing the network; receiving a first historical message serial number sent by the first equipment according to the first message serial number; and updating the current message serial number according to the first historical message serial number. By the scheme, when the historical device is communicated with the first device, the corresponding historical message serial number can be obtained, and the current message serial number is updated according to the historical message serial number. Compared with the prior art, the history equipment in the application can obtain the history message serial number of each first equipment, so that the history maximum message serial number can be obtained, and the current message serial number can be updated. The problem that normal communication cannot be carried out with the first equipment due to the fact that the message sequence number of the historical equipment is too small is avoided, and replay attack can be effectively prevented.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present application.
Fig. 12 is a schematic diagram of a first apparatus according to an embodiment of the present invention. As shown in fig. 12, a first device 12 of this embodiment includes: a processor 120, a memory 121, and a computer program 122, such as an update program of a message sequence number, stored in the memory 121 and executable on the processor 120. The processor 120 executes the computer program 122 to implement the steps in each of the above-described method embodiments for updating a message sequence number, such as the steps 201 to 203 shown in fig. 2. Alternatively, the processor 120, when executing the computer program 122, implements the functions of the units in the above-described device embodiments, such as the functions of the units 101 to 103 shown in fig. 10.
Illustratively, the computer program 122 may be divided into one or more units, which are stored in the memory 121 and executed by the processor 120 to accomplish the present invention. The one or more units may be a series of computer program instruction segments capable of performing specific functions, which are used to describe the execution of the computer program 122 in the first device 12 of the kind described. For example, the computer program 122 may be divided into an acquisition unit and a calculation unit, each unit having the following specific functions:
the first receiving unit is used for receiving a first message sent by historical equipment and extracting a first message serial number in the first message;
the first acquisition unit is used for acquiring a prestored first history message serial number corresponding to the history equipment;
a judging unit, configured to send the first history packet serial number to the history device if the first packet serial number is smaller than the first history packet serial number; and the first historical message serial number is used for controlling the historical equipment to update the current message serial number.
The first device 12 may be a desktop computer, a notebook, a palm top computer, a cloud server, or other computing devices. The first device may include, but is not limited to, a processor 120, a memory 121. Those skilled in the art will appreciate that fig. 12 is merely an example of one type of first device 12 and is not intended to be limiting of one type of first device 12 and may include more or fewer components than shown, or some components may be combined, or different components, for example, the one type of first device may also include input output devices, network access devices, buses, etc.
The Processor 120 may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The storage 121 may be an internal storage unit of the first device 12, such as a hard disk or a memory of the first device 12. The memory 121 may also be an external storage device of the first device 12, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), etc. provided on the first device 11. Further, the memory 121 may also include both an internal storage unit and an external storage device of the first device 12. The memory 121 is used for storing the computer program and other programs and data required by the kind of terminal equipment. The memory 121 may also be used to temporarily store data that has been output or is to be output.
Fig. 13 is a schematic diagram of a history device according to an embodiment of the present invention. As shown in fig. 13, a history device 13 of this embodiment includes: a processor 130, a memory 131, and a computer program 132, such as an update program of a message sequence number, stored in the memory 131 and operable on the processor 130. The processor 130 executes the computer program 132 to implement the steps in each of the above-described method embodiments for updating a message sequence number, such as steps 401 to 403 shown in fig. 4. Alternatively, the processor 120, when executing the computer program 122, implements the functions of the units in the above-mentioned device embodiments, such as the functions of the units 121 to 123 shown in fig. 11.
Illustratively, the computer program 132 may be divided into one or more units, which are stored in the memory 131 and executed by the processor 130 to accomplish the present invention. The one or more elements may be a series of computer program instruction segments capable of performing specific functions, which are used to describe the execution of the computer program 132 in the one of the historians 12. For example, the computer program 132 may be divided into an acquisition unit and a calculation unit, each unit having the following specific functions:
a sending unit, configured to send a first packet to a first device; the first equipment is equipment except the historical equipment for re-accessing the network; a first message serial number in the first message;
a second receiving unit, configured to receive a first history packet serial number sent by the first device according to the first packet serial number;
and the updating unit is used for updating the current message serial number according to the first historical message serial number.
The one history device 13 may be a network device such as a wireless router, a wireless gateway or a wireless bridge. The history device may include, but is not limited to, a processor 130, a memory 131. Those skilled in the art will appreciate that fig. 13 is merely an example of one type of historian 13 and is not intended to be limiting of one type of historian 13 and may include more or fewer components than shown, or some components may be combined, or different components, for example, the one type of end device may also include input-output devices, network access devices, buses, etc.
The Processor 130 may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The storage 131 may be an internal storage unit of the history device 13, such as a hard disk or a memory of the history device 13. The memory 131 may also be an external storage device of the type of history device 13, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), etc. provided on the type of history device 13. Further, the memory 131 may also include both an internal storage unit and an external storage device of the history device 12. The memory 131 is used to store the computer program and other programs and data required by the one historical device. The memory 121 may also be used to temporarily store data that has been output or is to be output.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present application.
It should be noted that, for the information interaction, execution process, and other contents between the above-mentioned devices/units, the specific functions and technical effects thereof are based on the same concept as those of the embodiment of the method of the present application, and specific reference may be made to the part of the embodiment of the method, which is not described herein again.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-mentioned functions. Each functional unit and module in the embodiments may be integrated in one processing unit, or each unit may exist alone physically, or two or more units are integrated in one unit, and the integrated unit may be implemented in a form of hardware, or in a form of software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working processes of the units and modules in the system may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The embodiments of the present application further provide a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the computer program implements the steps in the above-mentioned method embodiments.
The embodiments of the present application provide a computer program product, which when running on a mobile terminal, enables the mobile terminal to implement the steps in the above method embodiments when executed.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, all or part of the processes in the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium and can implement the steps of the embodiments of the methods described above when the computer program is executed by a processor. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer readable medium may include at least: any entity or device capable of carrying computer program code to a photographing apparatus/terminal apparatus, a recording medium, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signal, telecommunication signal, and software distribution medium. Such as a usb-disk, a removable hard disk, a magnetic or optical disk, etc. In certain jurisdictions, computer-readable media may not be an electrical carrier signal or a telecommunications signal in accordance with legislative and patent practice.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to the related descriptions of other embodiments for parts that are not described or illustrated in a certain embodiment.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus/network device and method may be implemented in other ways. For example, the above-described apparatus/network device embodiments are merely illustrative, and for example, the division of the modules or units is only one logical division, and there may be other divisions when actually implementing, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not implemented. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present application and are intended to be included within the scope of the present application.
Claims (10)
1. A message sequence number updating method is applied to a first device, wherein the first device is a device except a historical device for network re-access in a network, and the method comprises the following steps:
receiving a first message sent by historical equipment, and extracting a first message serial number in the first message;
acquiring a first history message serial number corresponding to the prestored history equipment;
if the first message serial number is smaller than the first historical message serial number, the first historical message serial number is sent to the historical equipment; and the first historical message serial number is used for controlling the historical equipment to update the current message serial number.
2. The updating method of claim 1, wherein before receiving the first message sent by the history device, further comprising:
receiving a history message sent by the history equipment, and extracting a first history message serial number in the history message; the history message is a message sent by the history equipment before the history equipment is re-accessed to the network;
and storing the first historical message serial number.
3. A message serial number updating method is applied to historical equipment, and is characterized by comprising the following steps:
sending a first message to first equipment; the first equipment is equipment except the historical equipment for re-accessing the network; the first message comprises a first message serial number;
receiving a first historical message serial number sent by the first equipment according to the first message serial number;
and updating the current message serial number according to the first historical message serial number.
4. The updating method of claim 3, wherein prior to said sending the first message to the first device, further comprising:
acquiring a second history message serial number sent by the authentication equipment; the authentication equipment is equipment for performing authentication interaction with historical equipment, and the first equipment comprises authentication equipment; the second history message serial number is a history message serial number corresponding to the history device and pre-stored in the authentication device;
and updating the current message serial number according to the second historical message serial number.
5. The updating method according to any one of claims 3 or 4, wherein the updating of the current packet sequence number includes:
and adding a random positive number to the historical message serial number to obtain the current message serial number.
6. The updating method of claim 3, wherein before said obtaining the current packet sequence number, further comprising:
acquiring a first secret key;
generating a first random value, and sending the first random value to authentication equipment through a first message;
receiving a second message sent by the authentication device according to the first message, wherein the second message comprises a second random value and a first check value corresponding to the second message;
generating a second key according to the first random value, the second random value and the first key;
decrypting the second message by using a second key and calculating a second check value of the second message;
extracting the first check value in the second message;
if the first check value is the same as the second check value, sending a third message to the authentication device, wherein the third message comprises a third check value corresponding to the third message;
receiving a fourth message sent by the authentication device according to the third check value, wherein the fourth message comprises a target key;
decrypting the fourth message by using a second key to obtain a target key in the fourth message;
and carrying out encrypted communication with the first equipment according to the target key.
7. The updating method of claim 6, wherein said obtaining the first key comprises:
acquiring a prestored network token;
acquiring a service set identifier;
calculating the network token and the service set identifier through a first preset algorithm to obtain a target token;
the target token is used as the first key.
8. A first device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the steps of the method according to any of claims 1 to 2 when executing the computer program.
9. A historian comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the steps of the method as recited in any of claims 3 to 7 when executing the computer program.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 2 or claims 3 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011006987.XA CN112134884B (en) | 2020-09-23 | 2020-09-23 | Message serial number updating method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011006987.XA CN112134884B (en) | 2020-09-23 | 2020-09-23 | Message serial number updating method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112134884A true CN112134884A (en) | 2020-12-25 |
| CN112134884B CN112134884B (en) | 2022-10-14 |
Family
ID=73842671
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011006987.XA Active CN112134884B (en) | 2020-09-23 | 2020-09-23 | Message serial number updating method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112134884B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114598465A (en) * | 2022-03-08 | 2022-06-07 | 潍柴动力股份有限公司 | Data updating method and controller |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120323786A1 (en) * | 2011-06-16 | 2012-12-20 | OneID Inc. | Method and system for delayed authorization of online transactions |
| CN105791307A (en) * | 2016-04-06 | 2016-07-20 | 杭州华三通信技术有限公司 | Network time protocol message security authentication method and network time protocol message security authentication device |
| CN109428867A (en) * | 2017-08-30 | 2019-03-05 | 华为技术有限公司 | A kind of message encipher-decipher method, network equipment and system |
| US20190246272A1 (en) * | 2016-10-04 | 2019-08-08 | Orange | Method for mutual authentication between user equipment and a communication network |
| CN110543465A (en) * | 2019-07-18 | 2019-12-06 | 数字广东网络建设有限公司 | directory operation method and device, computer equipment and storage medium |
| CN111314358A (en) * | 2020-02-21 | 2020-06-19 | 深圳市腾讯计算机系统有限公司 | Attack protection method, device, system, computer storage medium and electronic equipment |
| CN111614509A (en) * | 2020-04-01 | 2020-09-01 | 视联动力信息技术股份有限公司 | Packet loss statistical method and device and readable storage medium |
-
2020
- 2020-09-23 CN CN202011006987.XA patent/CN112134884B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120323786A1 (en) * | 2011-06-16 | 2012-12-20 | OneID Inc. | Method and system for delayed authorization of online transactions |
| CN105791307A (en) * | 2016-04-06 | 2016-07-20 | 杭州华三通信技术有限公司 | Network time protocol message security authentication method and network time protocol message security authentication device |
| US20190246272A1 (en) * | 2016-10-04 | 2019-08-08 | Orange | Method for mutual authentication between user equipment and a communication network |
| CN109428867A (en) * | 2017-08-30 | 2019-03-05 | 华为技术有限公司 | A kind of message encipher-decipher method, network equipment and system |
| CN110543465A (en) * | 2019-07-18 | 2019-12-06 | 数字广东网络建设有限公司 | directory operation method and device, computer equipment and storage medium |
| CN111314358A (en) * | 2020-02-21 | 2020-06-19 | 深圳市腾讯计算机系统有限公司 | Attack protection method, device, system, computer storage medium and electronic equipment |
| CN111614509A (en) * | 2020-04-01 | 2020-09-01 | 视联动力信息技术股份有限公司 | Packet loss statistical method and device and readable storage medium |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114598465A (en) * | 2022-03-08 | 2022-06-07 | 潍柴动力股份有限公司 | Data updating method and controller |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112134884B (en) | 2022-10-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109639642B (en) | MQTT-based security authentication method, device and storage medium | |
| US10594479B2 (en) | Method for managing smart home environment, method for joining smart home environment and method for connecting communication session with smart device | |
| CN110381055B (en) | RFID system privacy protection authentication protocol method in medical supply chain | |
| CN112637836A (en) | Data processing method and device, electronic equipment and storage medium | |
| CN110708164B (en) | Control method and device for Internet of things equipment, storage medium and electronic device | |
| JP2019517067A5 (en) | ||
| CN109729000B (en) | Instant messaging method and device | |
| CN112968910B (en) | Replay attack prevention method and device | |
| CN113992354A (en) | Identity authentication method, device, equipment and machine readable storage medium | |
| CN110191467A (en) | A kind of method for authenticating of internet of things equipment, unit and storage medium | |
| CN112311769A (en) | Method, system, electronic device and medium for security authentication | |
| US10491570B2 (en) | Method for transmitting data, method for receiving data, corresponding devices and programs | |
| CN112134884B (en) | Message serial number updating method | |
| CN113055357B (en) | Method and device for verifying credibility of communication link by single packet, computing equipment and storage medium | |
| GB2488753A (en) | Encrypted communication | |
| CN111901116B (en) | Identity authentication method and system based on EAP-MD5 improved protocol | |
| CN109951417B (en) | Identity authentication method, system and terminal equipment | |
| CN109379344B (en) | Authentication method and authentication server for access request | |
| CN114598724B (en) | Security protection method, device, equipment and storage medium for electric power Internet of things | |
| CN114499969B (en) | Communication message processing method and device, electronic equipment and storage medium | |
| CN113141333A (en) | Communication method, device, server, system and storage medium for network access device | |
| CN105100030A (en) | Access control method, system and device | |
| CN111163466B (en) | Method for 5G user terminal to access block chain, user terminal equipment and medium | |
| CN114036478A (en) | Block chain cross-chain method and device, storage medium and electronic equipment | |
| CN111404901A (en) | Information verification method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |