CN112235100B - Electric energy meter soft encryption authentication method and remote authentication system thereof - Google Patents

Electric energy meter soft encryption authentication method and remote authentication system thereof Download PDF

Info

Publication number
CN112235100B
CN112235100B CN201911321986.1A CN201911321986A CN112235100B CN 112235100 B CN112235100 B CN 112235100B CN 201911321986 A CN201911321986 A CN 201911321986A CN 112235100 B CN112235100 B CN 112235100B
Authority
CN
China
Prior art keywords
key
electric energy
energy meter
authentication
authentication system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911321986.1A
Other languages
Chinese (zh)
Other versions
CN112235100A (en
Inventor
刁瑞朋
刘大专
董强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qingdao Topscomm Communication Co Ltd
Original Assignee
Qingdao Topscomm Communication Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qingdao Topscomm Communication Co Ltd filed Critical Qingdao Topscomm Communication Co Ltd
Priority to CN201911321986.1A priority Critical patent/CN112235100B/en
Publication of CN112235100A publication Critical patent/CN112235100A/en
Application granted granted Critical
Publication of CN112235100B publication Critical patent/CN112235100B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a soft encryption authentication method and a remote authentication system for an electric energy meter, wherein the method comprises a key matching relation between the soft encryption electric energy meter and the authentication system, and a processing flow of soft encryption authentication, wherein each authentication interaction process is realized by adopting a dynamic key, and the data security interaction process has data verification information, so that the security and the reliability of data communication are improved. And the authentication method does not adopt an encryption chip for processing, and can ensure that the authentication process is faster. Meanwhile, the authentication system carries out key management, thereby solving the limitation of the number of keys of the security chip, being suitable for the requirement of self-account prepayment in multiple regions, reducing the difficulty of key management and distribution and improving the security of the system.

Description

Electric energy meter soft encryption authentication method and remote authentication system thereof
Technical Field
The invention relates to the technical field of electric energy meter communication, in particular to a soft encryption method and an authentication system for an electric energy meter.
Background
With the development of digital electric energy meters, the functions of the electric energy meters are more and more abundant and perfect, and meanwhile, the requirements on the safety and reliability of meter information are higher and higher. The prepayment intelligent electric energy meter needs operations such as recharging and parameter configuration in the operation process, the operations are important indexes for reliable operation of the electric energy meter, and an interaction mode with communication encryption is needed in order to ensure the safety of information interaction and prevent data from being forged and falsified in the communication process.
The national network introduces a security chip (ESAM) in the process of bidding, charging and controlling the intelligent electric energy meter for ensuring the security of data interaction, the security chip is internally provided with an independent processor and a storage unit, the main functions are the safe storage of data and the encryption and decryption of the data, and the security chip is a device which can independently run and process data encryption and decryption tasks and store some important small data. But the data storage capacity of the security chip is small, so that a large amount of data information cannot be stored.
Disclosure of Invention
The invention aims to solve the problems that the communication safety of the intelligent electric energy meter and the storage capacity of a safety chip are small, and a large amount of key information cannot be stored.
The technical scheme of the invention is as follows: the method for soft encryption of the electric energy meter is characterized by comprising the following steps:
1: and acquiring the version number of the preset key at the table end.
2: and the remote electricity selling system acquires the key according to the current version number of the preset key, and generates a current time scale 1 and a temporary key 1 at the same time.
3: the remote electricity selling system generates a random number 1.
4: the remote electricity selling system generates a ciphertext 1 according to the random number 1 and the dispersion factor 1.
5: and the table terminal generates a temporary key 2 according to the current time scale 1 and the preset key 1 of the table terminal.
6: and the table terminal generates a ciphertext 2 by adopting the temporary secret key 2 according to the issued random number 1 and the self dispersion factor.
7: and comparing the ciphertext 1 with the ciphertext 2, if the ciphertext 1 is the same as the ciphertext 2, replying the random number 2, matching the remote electricity selling system with the table, and simultaneously enabling a communication link between the electricity selling system and the table to pass through safety certification.
The table end key version number is uniquely determined, and the table meter solidifies the key corresponding to the key version number when leaving the factory.
The method comprises the steps that a table end soft encryption authentication process increases current time mark information, a preset secret key and a current time mark are adopted in the soft encryption authentication process to generate a temporary secret key, distribution of a dynamic secret key is guaranteed, only an authentication message in a valid range of the time mark is legal, and certain timeliness of message communication at this time is guaranteed.
And the data verification information generated by the subsequent data communication of the table terminal is generated by adopting the random number 2 after the interactive authentication.
The invention also provides an authentication system matched with the soft encryption algorithm of the meter end, which is characterized in that the authentication system has the same encryption algorithm as the soft encryption algorithm of the electric energy meter, and the issued data all have verification information
The authentication system and the key version number of the preset meter end of the electric energy meter have a matching requirement, and the authentication can be passed only if the configuration is consistent.
The authentication system adopts a database to store a key system, each key is processed through a decentralized algorithm before being stored, key restoration is carried out when the key is read out from the database, and different keys are restored by different decentralized factors.
After the authentication system and the data of the meter end pass the soft encryption authentication, subsequent data reading and authentication can be carried out.
Drawings
Fig. 1 is an authentication process for providing table-side soft encryption according to the present invention.
Fig. 2 is a procedure for acquiring a key of the authentication system.
Fig. 3 shows a data authentication process of the authentication system.
Detailed Description
The following detailed description of specific embodiments of the invention is provided in connection with the accompanying drawings.
The table end soft encryption authentication process provided by the invention is shown in figure 1, the table end acquires an original key from an EEPROM, a real key is obtained by adopting a key version number to carry out scattered reduction, a current time scale is issued by an authentication system to carry out scattered reduction on the real key to obtain a temporary dynamic key, a random number 1 is subjected to dynamic key pair, a dispersion factor is adopted to generate a ciphertext 2, the ciphertext 2 generated by the table end is compared with the issued ciphertext 1, if the random number 2 generated by the same table end is uploaded to the authentication system, the authentication of soft encryption is completed, otherwise, the authentication is returned to fail.
The authentication system key acquisition process provided by the invention is shown in fig. 2, the authentication system acquires the key version number of the table end, searches the key base system, finds the original key after the scattered encryption, adopts the key version number to generate the dispersion factor data, adopts the dispersion factor data, and acquires the real key according to the reduction dispersion algorithm.
The authentication system data authentication process provided by the invention is shown in fig. 3, after the authentication is passed, the data issued by the authentication system needs to pass through the random number 2 replied by the table end and the dispersion factor to carry out data encryption verification by adopting a temporary dynamic key, and the table end receives the data which needs to pass the verification and is approved to be issued.

Claims (9)

1. A soft encryption authentication method for remote authentication of an electric energy meter, the method comprising:
the electric energy meter end acquires a first ciphertext sent by the authentication system; the first ciphertext is generated by an authentication system according to a first temporary dynamic key, a first random number and a dispersion factor, and the dispersion factor is generated by the authentication system according to a preset key version number acquired from the electric energy meter end; the first temporary dynamic key is generated by the authentication system according to the current time scale and the first key; the first secret key is obtained by the authentication system acquiring a preset secret key version number from the electric energy meter, generating the dispersion factor according to the preset secret key version number and dispersing a first original secret key based on the dispersion factor and a reduction dispersion algorithm;
the electric energy meter end acquires the first random number and the current time scale generated by the authentication system;
the electric energy meter end obtains a second secret key according to the preset secret key version number and a second original secret key; generating a second temporary dynamic key according to the current time scale and the second key;
the electric energy meter end encrypts the random number and the dispersion factor issued by the authentication system by adopting the second temporary dynamic key to generate a second ciphertext;
and the electric energy meter end compares the first ciphertext with the second ciphertext, if the first ciphertext and the second ciphertext are the same, a second random number is generated and sent to the authentication system for confirming that the authentication system is matched with the meter end, and simultaneously, the electric energy meter end is used for confirming that a communication link between the authentication system and the electric energy meter end also passes safety authentication.
2. The method according to claim 1, wherein the preset key version number of the meter end and the second original key of the electric energy meter end have one-to-one correspondence requirement.
3. The method of claim 1, wherein the authentication system and the electric energy meter have a matching requirement according to a key version number of a preset meter end, and must be configured consistently to pass the authentication.
4. The method of claim 1, wherein the soft encryption authentication procedure adds the current time stamp information, and the authentication can be passed only if the authentication message in the valid range of the current time stamp is legal.
5. The method of claim 1, wherein the authentication system generates the first temporary dynamic key based on a current time stamp and the first key; and the electric energy meter end generates a second temporary dynamic key according to the current time scale and the second key, so as to ensure the distribution of the dynamic key.
6. The method of claim 1, wherein after the soft encryption authentication is passed, a subsequent data authentication process uses the second random number for data verification.
7. The soft encryption authentication system is characterized in that the system is used for acquiring a preset key version number from an electric energy meter, generating a dispersion factor according to the preset key version number, and dispersing a first original key based on the dispersion factor and a reduction dispersion algorithm to obtain a first key; generating a first temporary dynamic key according to the current time scale and the first key; generating a dispersion factor according to the version number of the preset key; generating a first ciphertext according to the first temporary dynamic key, the first random number and the dispersion factor;
the system is also used for receiving a second random number generated by the electric energy meter end;
the system has the same encryption algorithm as the soft-encrypted electric energy meter end, and the data issued by the system to the electric energy meter end all have verification information.
8. The system according to claim 7, wherein the system must be authenticated to interact with the data on the electric energy meter side.
9. The system of claim 7, wherein the system contains all the key information, and finds the first original key used by the key index; and the key index is matched with a preset key version number sent by the electric energy meter end.
CN201911321986.1A 2019-12-20 2019-12-20 Electric energy meter soft encryption authentication method and remote authentication system thereof Active CN112235100B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911321986.1A CN112235100B (en) 2019-12-20 2019-12-20 Electric energy meter soft encryption authentication method and remote authentication system thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911321986.1A CN112235100B (en) 2019-12-20 2019-12-20 Electric energy meter soft encryption authentication method and remote authentication system thereof

Publications (2)

Publication Number Publication Date
CN112235100A CN112235100A (en) 2021-01-15
CN112235100B true CN112235100B (en) 2022-10-14

Family

ID=74111256

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911321986.1A Active CN112235100B (en) 2019-12-20 2019-12-20 Electric energy meter soft encryption authentication method and remote authentication system thereof

Country Status (1)

Country Link
CN (1) CN112235100B (en)

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100561916C (en) * 2006-12-28 2009-11-18 北京飞天诚信科技有限公司 A kind of method and system that upgrades authenticate key
US8719572B2 (en) * 2008-07-16 2014-05-06 Disney Enterprises, Inc. System and method for managing authentication cookie encryption keys
CN101483654A (en) * 2009-02-09 2009-07-15 北京华大智宝电子系统有限公司 Method and system for implementing authentication and data safe transmission
CN102404329A (en) * 2011-11-28 2012-04-04 苏州英福迈升信息技术有限公司 Method for validating and encrypting interaction between user terminal and virtual community platform
CN102890757B (en) * 2012-09-11 2015-08-05 中国电力科学研究院 A kind of comparison method of electric energy meter software and Compare System thereof
CN103001771B (en) * 2012-11-14 2015-06-10 广东电网公司电力科学研究院 Data transmission security encryption method for metering automation system
CN107833032A (en) * 2017-10-26 2018-03-23 胡祥义 It is a kind of based on mobile phone without card Bank Account Number implementation method
CN108737449B (en) * 2018-06-26 2021-05-28 华立科技股份有限公司 Soft encryption authentication method and device and electronic equipment

Also Published As

Publication number Publication date
CN112235100A (en) 2021-01-15

Similar Documents

Publication Publication Date Title
Zhuang et al. Blockchain for cybersecurity in smart grid: A comprehensive survey
CN103001771B (en) Data transmission security encryption method for metering automation system
CN104486075B (en) A kind of verification method of intelligent substation ICD model file digital signature
CN103716167A (en) Method and device for safely collecting and distributing transmission keys
CN113704780A (en) Model-driven-based power distribution network user side information adaptive encryption method
CN109617675A (en) Both sides' identification authentication method and system between a kind of charge-discharge facility and user terminal
CN104579659A (en) Device for safety information interaction
CN112235100B (en) Electric energy meter soft encryption authentication method and remote authentication system thereof
CN111435389A (en) Power distribution terminal operation and maintenance tool safety protection system
CN108599932A (en) A kind of identity identifying method for electric system
CN112087301A (en) Gas meter safety certification system based on state cryptographic algorithm
CN113992336B (en) Encryption network offline data trusted exchange method and device based on block chain
CN115347675A (en) Smart power grid data secure access method and system
CN101873213B (en) End-to-end authentication method and system as well as business end intelligent card
CN111222883A (en) Multi-point metering system based on block chain technology and implementation method
CN108848089B (en) Data encryption method and data transmission system
KR102131495B1 (en) Security method of electric energy
CN110765475A (en) Virtual electric meter data encryption method, encryption device and encryption system
CN113794780B (en) Site real-time control method and system for platform area edge terminal
CN114389839B (en) PMS data transmission system and method based on 5G network module
CN117349812B (en) Charging management method, system and storage medium based on edge calculation
CN115118439B (en) Method and system for verifying terminal digital identity
CN109698815A (en) Embedded chip card, card application server and application data transmission system and method
CN113644737A (en) Power distribution system based on block chain
CN106203563A (en) The raw code method and system of Quick Response Code

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant