CN112235100B - Electric energy meter soft encryption authentication method and remote authentication system thereof - Google Patents
Electric energy meter soft encryption authentication method and remote authentication system thereof Download PDFInfo
- Publication number
- CN112235100B CN112235100B CN201911321986.1A CN201911321986A CN112235100B CN 112235100 B CN112235100 B CN 112235100B CN 201911321986 A CN201911321986 A CN 201911321986A CN 112235100 B CN112235100 B CN 112235100B
- Authority
- CN
- China
- Prior art keywords
- key
- electric energy
- energy meter
- authentication
- authentication system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention provides a soft encryption authentication method and a remote authentication system for an electric energy meter, wherein the method comprises a key matching relation between the soft encryption electric energy meter and the authentication system, and a processing flow of soft encryption authentication, wherein each authentication interaction process is realized by adopting a dynamic key, and the data security interaction process has data verification information, so that the security and the reliability of data communication are improved. And the authentication method does not adopt an encryption chip for processing, and can ensure that the authentication process is faster. Meanwhile, the authentication system carries out key management, thereby solving the limitation of the number of keys of the security chip, being suitable for the requirement of self-account prepayment in multiple regions, reducing the difficulty of key management and distribution and improving the security of the system.
Description
Technical Field
The invention relates to the technical field of electric energy meter communication, in particular to a soft encryption method and an authentication system for an electric energy meter.
Background
With the development of digital electric energy meters, the functions of the electric energy meters are more and more abundant and perfect, and meanwhile, the requirements on the safety and reliability of meter information are higher and higher. The prepayment intelligent electric energy meter needs operations such as recharging and parameter configuration in the operation process, the operations are important indexes for reliable operation of the electric energy meter, and an interaction mode with communication encryption is needed in order to ensure the safety of information interaction and prevent data from being forged and falsified in the communication process.
The national network introduces a security chip (ESAM) in the process of bidding, charging and controlling the intelligent electric energy meter for ensuring the security of data interaction, the security chip is internally provided with an independent processor and a storage unit, the main functions are the safe storage of data and the encryption and decryption of the data, and the security chip is a device which can independently run and process data encryption and decryption tasks and store some important small data. But the data storage capacity of the security chip is small, so that a large amount of data information cannot be stored.
Disclosure of Invention
The invention aims to solve the problems that the communication safety of the intelligent electric energy meter and the storage capacity of a safety chip are small, and a large amount of key information cannot be stored.
The technical scheme of the invention is as follows: the method for soft encryption of the electric energy meter is characterized by comprising the following steps:
1: and acquiring the version number of the preset key at the table end.
2: and the remote electricity selling system acquires the key according to the current version number of the preset key, and generates a current time scale 1 and a temporary key 1 at the same time.
3: the remote electricity selling system generates a random number 1.
4: the remote electricity selling system generates a ciphertext 1 according to the random number 1 and the dispersion factor 1.
5: and the table terminal generates a temporary key 2 according to the current time scale 1 and the preset key 1 of the table terminal.
6: and the table terminal generates a ciphertext 2 by adopting the temporary secret key 2 according to the issued random number 1 and the self dispersion factor.
7: and comparing the ciphertext 1 with the ciphertext 2, if the ciphertext 1 is the same as the ciphertext 2, replying the random number 2, matching the remote electricity selling system with the table, and simultaneously enabling a communication link between the electricity selling system and the table to pass through safety certification.
The table end key version number is uniquely determined, and the table meter solidifies the key corresponding to the key version number when leaving the factory.
The method comprises the steps that a table end soft encryption authentication process increases current time mark information, a preset secret key and a current time mark are adopted in the soft encryption authentication process to generate a temporary secret key, distribution of a dynamic secret key is guaranteed, only an authentication message in a valid range of the time mark is legal, and certain timeliness of message communication at this time is guaranteed.
And the data verification information generated by the subsequent data communication of the table terminal is generated by adopting the random number 2 after the interactive authentication.
The invention also provides an authentication system matched with the soft encryption algorithm of the meter end, which is characterized in that the authentication system has the same encryption algorithm as the soft encryption algorithm of the electric energy meter, and the issued data all have verification information
The authentication system and the key version number of the preset meter end of the electric energy meter have a matching requirement, and the authentication can be passed only if the configuration is consistent.
The authentication system adopts a database to store a key system, each key is processed through a decentralized algorithm before being stored, key restoration is carried out when the key is read out from the database, and different keys are restored by different decentralized factors.
After the authentication system and the data of the meter end pass the soft encryption authentication, subsequent data reading and authentication can be carried out.
Drawings
Fig. 1 is an authentication process for providing table-side soft encryption according to the present invention.
Fig. 2 is a procedure for acquiring a key of the authentication system.
Fig. 3 shows a data authentication process of the authentication system.
Detailed Description
The following detailed description of specific embodiments of the invention is provided in connection with the accompanying drawings.
The table end soft encryption authentication process provided by the invention is shown in figure 1, the table end acquires an original key from an EEPROM, a real key is obtained by adopting a key version number to carry out scattered reduction, a current time scale is issued by an authentication system to carry out scattered reduction on the real key to obtain a temporary dynamic key, a random number 1 is subjected to dynamic key pair, a dispersion factor is adopted to generate a ciphertext 2, the ciphertext 2 generated by the table end is compared with the issued ciphertext 1, if the random number 2 generated by the same table end is uploaded to the authentication system, the authentication of soft encryption is completed, otherwise, the authentication is returned to fail.
The authentication system key acquisition process provided by the invention is shown in fig. 2, the authentication system acquires the key version number of the table end, searches the key base system, finds the original key after the scattered encryption, adopts the key version number to generate the dispersion factor data, adopts the dispersion factor data, and acquires the real key according to the reduction dispersion algorithm.
The authentication system data authentication process provided by the invention is shown in fig. 3, after the authentication is passed, the data issued by the authentication system needs to pass through the random number 2 replied by the table end and the dispersion factor to carry out data encryption verification by adopting a temporary dynamic key, and the table end receives the data which needs to pass the verification and is approved to be issued.
Claims (9)
1. A soft encryption authentication method for remote authentication of an electric energy meter, the method comprising:
the electric energy meter end acquires a first ciphertext sent by the authentication system; the first ciphertext is generated by an authentication system according to a first temporary dynamic key, a first random number and a dispersion factor, and the dispersion factor is generated by the authentication system according to a preset key version number acquired from the electric energy meter end; the first temporary dynamic key is generated by the authentication system according to the current time scale and the first key; the first secret key is obtained by the authentication system acquiring a preset secret key version number from the electric energy meter, generating the dispersion factor according to the preset secret key version number and dispersing a first original secret key based on the dispersion factor and a reduction dispersion algorithm;
the electric energy meter end acquires the first random number and the current time scale generated by the authentication system;
the electric energy meter end obtains a second secret key according to the preset secret key version number and a second original secret key; generating a second temporary dynamic key according to the current time scale and the second key;
the electric energy meter end encrypts the random number and the dispersion factor issued by the authentication system by adopting the second temporary dynamic key to generate a second ciphertext;
and the electric energy meter end compares the first ciphertext with the second ciphertext, if the first ciphertext and the second ciphertext are the same, a second random number is generated and sent to the authentication system for confirming that the authentication system is matched with the meter end, and simultaneously, the electric energy meter end is used for confirming that a communication link between the authentication system and the electric energy meter end also passes safety authentication.
2. The method according to claim 1, wherein the preset key version number of the meter end and the second original key of the electric energy meter end have one-to-one correspondence requirement.
3. The method of claim 1, wherein the authentication system and the electric energy meter have a matching requirement according to a key version number of a preset meter end, and must be configured consistently to pass the authentication.
4. The method of claim 1, wherein the soft encryption authentication procedure adds the current time stamp information, and the authentication can be passed only if the authentication message in the valid range of the current time stamp is legal.
5. The method of claim 1, wherein the authentication system generates the first temporary dynamic key based on a current time stamp and the first key; and the electric energy meter end generates a second temporary dynamic key according to the current time scale and the second key, so as to ensure the distribution of the dynamic key.
6. The method of claim 1, wherein after the soft encryption authentication is passed, a subsequent data authentication process uses the second random number for data verification.
7. The soft encryption authentication system is characterized in that the system is used for acquiring a preset key version number from an electric energy meter, generating a dispersion factor according to the preset key version number, and dispersing a first original key based on the dispersion factor and a reduction dispersion algorithm to obtain a first key; generating a first temporary dynamic key according to the current time scale and the first key; generating a dispersion factor according to the version number of the preset key; generating a first ciphertext according to the first temporary dynamic key, the first random number and the dispersion factor;
the system is also used for receiving a second random number generated by the electric energy meter end;
the system has the same encryption algorithm as the soft-encrypted electric energy meter end, and the data issued by the system to the electric energy meter end all have verification information.
8. The system according to claim 7, wherein the system must be authenticated to interact with the data on the electric energy meter side.
9. The system of claim 7, wherein the system contains all the key information, and finds the first original key used by the key index; and the key index is matched with a preset key version number sent by the electric energy meter end.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911321986.1A CN112235100B (en) | 2019-12-20 | 2019-12-20 | Electric energy meter soft encryption authentication method and remote authentication system thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911321986.1A CN112235100B (en) | 2019-12-20 | 2019-12-20 | Electric energy meter soft encryption authentication method and remote authentication system thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112235100A CN112235100A (en) | 2021-01-15 |
CN112235100B true CN112235100B (en) | 2022-10-14 |
Family
ID=74111256
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911321986.1A Active CN112235100B (en) | 2019-12-20 | 2019-12-20 | Electric energy meter soft encryption authentication method and remote authentication system thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112235100B (en) |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN100561916C (en) * | 2006-12-28 | 2009-11-18 | 北京飞天诚信科技有限公司 | A kind of method and system that upgrades authenticate key |
US8719572B2 (en) * | 2008-07-16 | 2014-05-06 | Disney Enterprises, Inc. | System and method for managing authentication cookie encryption keys |
CN101483654A (en) * | 2009-02-09 | 2009-07-15 | 北京华大智宝电子系统有限公司 | Method and system for implementing authentication and data safe transmission |
CN102404329A (en) * | 2011-11-28 | 2012-04-04 | 苏州英福迈升信息技术有限公司 | Method for validating and encrypting interaction between user terminal and virtual community platform |
CN102890757B (en) * | 2012-09-11 | 2015-08-05 | 中国电力科学研究院 | A kind of comparison method of electric energy meter software and Compare System thereof |
CN103001771B (en) * | 2012-11-14 | 2015-06-10 | 广东电网公司电力科学研究院 | Data transmission security encryption method for metering automation system |
CN107833032A (en) * | 2017-10-26 | 2018-03-23 | 胡祥义 | It is a kind of based on mobile phone without card Bank Account Number implementation method |
CN108737449B (en) * | 2018-06-26 | 2021-05-28 | 华立科技股份有限公司 | Soft encryption authentication method and device and electronic equipment |
-
2019
- 2019-12-20 CN CN201911321986.1A patent/CN112235100B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN112235100A (en) | 2021-01-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Zhuang et al. | Blockchain for cybersecurity in smart grid: A comprehensive survey | |
CN103001771B (en) | Data transmission security encryption method for metering automation system | |
CN104486075B (en) | A kind of verification method of intelligent substation ICD model file digital signature | |
CN103716167A (en) | Method and device for safely collecting and distributing transmission keys | |
CN113704780A (en) | Model-driven-based power distribution network user side information adaptive encryption method | |
CN109617675A (en) | Both sides' identification authentication method and system between a kind of charge-discharge facility and user terminal | |
CN104579659A (en) | Device for safety information interaction | |
CN112235100B (en) | Electric energy meter soft encryption authentication method and remote authentication system thereof | |
CN111435389A (en) | Power distribution terminal operation and maintenance tool safety protection system | |
CN108599932A (en) | A kind of identity identifying method for electric system | |
CN112087301A (en) | Gas meter safety certification system based on state cryptographic algorithm | |
CN113992336B (en) | Encryption network offline data trusted exchange method and device based on block chain | |
CN115347675A (en) | Smart power grid data secure access method and system | |
CN101873213B (en) | End-to-end authentication method and system as well as business end intelligent card | |
CN111222883A (en) | Multi-point metering system based on block chain technology and implementation method | |
CN108848089B (en) | Data encryption method and data transmission system | |
KR102131495B1 (en) | Security method of electric energy | |
CN110765475A (en) | Virtual electric meter data encryption method, encryption device and encryption system | |
CN113794780B (en) | Site real-time control method and system for platform area edge terminal | |
CN114389839B (en) | PMS data transmission system and method based on 5G network module | |
CN117349812B (en) | Charging management method, system and storage medium based on edge calculation | |
CN115118439B (en) | Method and system for verifying terminal digital identity | |
CN109698815A (en) | Embedded chip card, card application server and application data transmission system and method | |
CN113644737A (en) | Power distribution system based on block chain | |
CN106203563A (en) | The raw code method and system of Quick Response Code |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |