CN112422280B - Man-machine control interaction method, interaction system, computer equipment and storage medium - Google Patents
Man-machine control interaction method, interaction system, computer equipment and storage medium Download PDFInfo
- Publication number
- CN112422280B CN112422280B CN202011263161.1A CN202011263161A CN112422280B CN 112422280 B CN112422280 B CN 112422280B CN 202011263161 A CN202011263161 A CN 202011263161A CN 112422280 B CN112422280 B CN 112422280B
- Authority
- CN
- China
- Prior art keywords
- user
- instruction
- equipment
- key
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 230000003993 interaction Effects 0.000 title claims abstract description 38
- 230000004224 protection Effects 0.000 claims abstract description 41
- 230000005540 biological transmission Effects 0.000 claims abstract description 18
- 238000012795 verification Methods 0.000 claims abstract description 15
- 238000004422 calculation algorithm Methods 0.000 claims description 35
- 230000008569 process Effects 0.000 claims description 15
- 238000013475 authorization Methods 0.000 claims description 14
- 238000012790 confirmation Methods 0.000 claims description 8
- 101100059544 Arabidopsis thaliana CDC5 gene Proteins 0.000 claims description 7
- 101150115300 MAC1 gene Proteins 0.000 claims description 7
- 241000549435 Pria Species 0.000 claims description 6
- 238000010276 construction Methods 0.000 claims description 6
- 101100289995 Caenorhabditis elegans mac-1 gene Proteins 0.000 claims description 5
- GPUADMRJQVPIAS-QCVDVZFFSA-M cerivastatin sodium Chemical compound [Na+].COCC1=C(C(C)C)N=C(C(C)C)C(\C=C\[C@@H](O)C[C@@H](O)CC([O-])=O)=C1C1=CC=C(F)C=C1 GPUADMRJQVPIAS-QCVDVZFFSA-M 0.000 claims description 5
- 238000004590 computer program Methods 0.000 claims description 4
- 230000008520 organization Effects 0.000 claims description 4
- 101150015300 priB gene Proteins 0.000 claims description 4
- 101150047682 priL gene Proteins 0.000 claims description 4
- 230000004044 response Effects 0.000 claims description 4
- 238000000605 extraction Methods 0.000 claims description 3
- 238000005516 engineering process Methods 0.000 abstract description 17
- 239000006185 dispersion Substances 0.000 description 14
- 238000004364 calculation method Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 238000007726 management method Methods 0.000 description 4
- 230000007547 defect Effects 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000006399 behavior Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000012360 testing method Methods 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 238000010200 validation analysis Methods 0.000 description 2
- 206010063385 Intellectualisation Diseases 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 238000013467 fragmentation Methods 0.000 description 1
- 238000006062 fragmentation reaction Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000037081 physical activity Effects 0.000 description 1
- 230000008092 positive effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Power Engineering (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention belongs to the technical fields of equipment safety authentication and instruction safety protection, and discloses a man-machine control interaction method, an interaction system, computer equipment and a storage medium, wherein a user A authorizes equipment A and acquires a random number and an equipment ID of a user B; the user A authorizes the generation instruction; the equipment A performs transmission protection on the instruction; the equipment B interprets the instruction; device B presents the interpreted content to user B, which pings the interpreted content and authorizes device B to respond. The invention provides the authenticity verification of the data source through the IBC+PKI password technology, combines the password authentication with the key management, and provides the information security protection required by the instruction data. If the instruction data needs confidentiality protection, the management of the key required by the confidentiality protection of the data is increased in the authentication and key management stage, and the plaintext data is replaced by the ciphertext data in the data transmission stage, so that the aim of safety protection is fulfilled.
Description
Technical Field
The invention belongs to the technical fields of equipment security authentication and instruction security protection, and particularly relates to a man-machine control interaction method, an interaction system, computer equipment and a storage medium.
Background
At present, the network era brings intellectualization to a control system and also brings network potential safety hazard. When an internet of things device is invaded by a hacker, the original stability of the system is maliciously destroyed, in this case, IT is not enough to rely on the control technology of the system alone, and IT security and OT security protection are also required, wherein IT security protection is aimed at an information system, and OT security protection is aimed at malicious operation.
OT safety: the operation safety is mainly aimed at controlling physical equipment, and the protection against illegal control attacks is increased on the basis of the control safety.
And (3) control safety: the method refers to the safety problem of controlling the physical equipment, and emphasizes stability, real-time performance, robustness and controllability.
The OT security of the Internet of things is a security problem that information is converted into physical activity behaviors, and the aim of security protection is different from that of traditional information security protection, although a plurality of similar technologies exist in terms of implementation technology:
1. OT security emphasizes that the system of the Internet of things needs to protect information security and also needs to protect operation behaviors, and the technology is called OT security technology;
2. The traditional IT security protection is mainly information, and the importance of the data timeliness and the data freshness is relatively low, but is particularly important in the environment of the Internet of things;
3. Because the resources of the Internet of things equipment are limited, the supported security protection technology also needs to be specially customized, and in short, a lightweight information security protection technology, particularly a lightweight security authentication technology is needed.
In the internet of things, a process of sending an instruction from one device to another device is often encountered, for example, a recharging instruction is sent from a POS to an IC, and since the POS is a professional security device belonging to bank customization, in the conventional processing process, the security requirement of the recharging instruction itself is ignored due to the emphasis on the security of service data content. In the internet of things, the instruction is a center for carrying service data, and the instruction and the data should be distinguished to provide different protections respectively:
1) Transaction data, such as a pay 100-yuan to B, which embodies person-to-person transaction relationships. The security protection is characterized in that the identity authentication of the person and the transaction content cannot be tampered.
2) The instruction data, for example, A issues a data instruction for generating 100 yuan to B to the own mobile phone, A issues the instruction, and the mobile phone generates transaction data according to the result of the instruction.
The legitimacy of control instructions is the core of OT security, and is mainly embodied in:
1) The influence of the control instruction on the controlled object is ensured to be within a safe range, namely, the controlled only processes instruction data, but does not accept and process codes;
2) The authenticity of the control instruction looks much like the authentication of information security, but in the environment of the internet of things, the problem of the authenticity of the control instruction is not completely consistent with the traditional authentication technology.
3) Because the resources of the Internet of things equipment are limited, the supported security protection technology also needs to be specially customized, and in short, a lightweight information security protection technology, particularly a lightweight security authentication technology is needed.
It is very important to ensure the authenticity of the instruction data, protect the instruction data from illegal tampering, protect the timeliness of the instruction data, and the like. Thus, security protection of control instruction data should include data source authenticity, data integrity protection, data freshness protection, and the like.
Through the above analysis, the problems and defects existing in the prior art are as follows:
(1) In the prior art, in data transmission, security of network access of equipment, security of instructions based on people and people, anti-attack of instructions, and security guarantee effect of transmission between the equipment A, B are poor.
(2) The instruction is not strictly controlled in confidentiality, the format of the secure communication instruction is not limited, the validity of the control instruction is not considered, and the risks of disordered instruction format, easy tampering, replay and the like exist.
(3) Because of the limitation of computing resources, most of the devices of the Internet of things do not consider security and do not consider the light weight of encryption and decryption algorithms.
The difficulty of solving the problems and the defects is as follows: the difficulty in solving the problems is mainly that the fragmentation degree of the Internet of things equipment is high, the unified industry standard is lacked, and the unified industry standard cannot be formed. Meanwhile, due to the limitation of computing resources of the equipment of the Internet of things, most industry users only consider the continuity of the service, and the safety of the equipment is tolerated or ignored.
The meaning of solving the problems and the defects is as follows: by constructing the man-machine interaction method based on IBC+PKI, a control instruction format is defined, the safety of equipment is effectively improved, including but not limited to equipment network access safety authentication, equipment identification key issuing and equipment instruction safety transmission, and the equipment operation safety is improved. Meanwhile, the security protection of sensitive information such as keys, operation instructions and the like is realized by adopting a light encryption technology of combining IBC and PKI.
Disclosure of Invention
Aiming at the problems existing in the prior art, the invention provides a man-machine control interaction method, an interaction system, computer equipment and a storage medium.
The invention is realized in such a way that the IBC-PKI man-machine control interaction method based on the national cryptographic algorithm comprises the following steps:
step one, initializing an Internet of things device, wherein the initialization comprises prefabricating an initial master key IMK (Initial master key), a device root key and a management center public key Pubc in a device security module;
Step two, equipment network access authentication and related parameters and key acquisition, wherein equipment generates equipment unique fingerprints according to related attributes by adopting an SM3 algorithm, and the equipment completes identity authentication in the center by adopting a safe interaction mode of password protection, and acquires an identification key, an IBC parameter, an equipment public key and the like from the center safely.
And thirdly, the equipment A adopts a cryptographic algorithm to protect the operation instruction sent to the equipment B.
And step four, the equipment B decrypts the instruction and displays the instruction content to the user B, and the user B confirms and authorizes the equipment B to respond.
In a further step, before the user a performs the authorization of the device a, the method further includes:
(1) The method comprises the steps that an internet of things management center initializes a symmetric key in a security device, and an initial master key IMK, a device root key and a management center public key Pubc for identifying a device source are initially arranged in a device security module before the device is connected to the internet;
(2) The equipment is electrified, software and hardware information of the equipment is collected according to the characteristics of the equipment, the collected hardware information is used as characteristic information of the equipment, and a computing equipment fingerprint is used by the equipment security module based on the equipment characteristic information;
(3) Performing equipment network access verification and issuing SM9 public parameters; and updates the device authentication key.
Further, in step (3), the performing device network access verification includes:
Firstly, the security module generates a random number R1; the security module generates a device holder public-private key pair,
Secondly, assembling data request data na_req_data=device feature information device fingerprint holder public key holder personal information;
then, using R1 as a key, the SM4 algorithm encrypts to obtain ciphertext m1=sm4 encryption (R1, na_req_data)
Further, calculate ciphertext m2=sm2 encryption (Pubc, R1); calculate mac=sm4_mac (IMK, m2||m1);
finally, the step of obtaining the product, m=m2||m 1||MAC; and (5) feeding M to the center. The process is as in fig. 5.
Further, in step (3), the issuing SM9 disclosure parameters includes:
1) The center receives information M, verifies the MAC by using the IMK, decrypts (IMK, M2I M1) the MAC 1=SM 4, compares the MAC with the MAC1, reports errors and exits if the MAC is not equal to the MAC1, and confirms that the equipment is legal equipment if the MAC is equal to the MAC 1;
2) Decrypting R1 with the central private key, r1=sm2 decrypting (central private key, M2);
3) Decrypting na_req_data with R1, na_req_data=sm4 decryption (R1, M1);
4) Reading a device fingerprint from NA_Req_data, and if the device fingerprint does not exist in the device library, continuing to register the device; if the equipment exists in the library, repeating network access is not allowed;
5) The center issues a user public key certificate PubCert _user for the holder; the center generates a unique device identification ID for the device using SM9 algorithm;
6) Center extraction SM9 parameter ciphertext = SM4 encryption (shareKey, SM9 parameters); generating a random number R2 at the center, and calculating Rkey=R1≡R2;
7) Calculate m1=sm4 decryption (Rkey, shareKey); m1 is provided with a 16-stage shifter Q (primitive polynomial is X 16+X5+X3+X2 +1);
8) Order the Wherein X i is the i-th byte of the device fingerprint from left to right;
9) The shifter Q circularly shifts N beats to obtain the security parameters
10 Central computing device master key mk=sm4 encryption (device root key, device ID) device unique ID is encrypted with the device root key as the key; wherein the device root key is generated by the management center in advance and stored in the security device;
11 Center calculates MK ciphertext=sm4 encryption (Rkey, device ID MK) encrypts device ID MK with Rkey as key;
12 Central computing MR 2=sm4 encryption (R1, R2) R2 is encrypted with R1 as key; the central organization issues a message p=mr 2||mk ciphertext||secret parameters x||sm9 parameter ciphertext|| PubCert _use;
13 Calculating mac=sm4_mac (IMK, P); 18 P||mac is transmitted to the terminal.
Further, in step (3), the updating the device authentication key includes:
firstly, verifying MAC by using IMK; decrypting R2 with R1; calculate Rkey = R1≡R2; decrypting the device ID and MK using Rkey;
Step two, extracting equipment characteristics, calculating equipment fingerprints, and calculating an N value; loading the sample into a shift register Q, and reversely operating the sample by N beats to obtain M1;
Thirdly, shareKey =sm4 encryption (Rkey, M1) is calculated; calculate SM9 parameter = SM4 decrypt (shareKey, SM9 parameter ciphertext);
Fourth, calculating z1=sm4 encryption (MK, R2); calculating a z2=sm2 signature (pri_use, Z1); the Z1Z 2 is sent upwards, the center decrypts the Z1 by using MK to obtain R2 and compares the R2 with the R2 of the center, and the comparison confirms that the confirmation information is correct through confirming that the comparison fails and confirms that the confirmation information is wrong; and verifying the correctness of the Z2 signature through the public key of the user, and if the verification is passed, and the network access process is successfully ended. If one of the authentications fails, the authentication fails and the network access process ends.
Further, in the third step, the user a authorization generation instruction includes:
(1.1) user a inputs the PIN, and opens the user private key in the device security module and the use authority of the device SM 9.
(1.2) User a acquires the certificate and device ID of user B, which user a can acquire from the management center; the certificate and the device ID of the user B can also be obtained directly from the user B through NFC or two-dimensional codes.
(1.3) Acquiring a random number Rd of the user B; the user A generates instruction content information M;
(1.4) calculating keyAB = ECDH (CertB, priA); calculate work key workKey = SM4 encryption (keyAB, instruction generation time TB);
(1.5) calculate mc=sm4 encryption (workKey, rd M; calculate signature = SM2 signature (user a private key, MC);
(1.6) construction instruction content=mc the SM2 signs the a certificate.
Further, in the third step, the protecting the transmission of the instruction by the device a includes:
(2.1) generating a random number R, and signing the construction instruction content by using the SM9 private key of the device a;
(2.2) encrypting R by using the ID of the equipment B to obtain MR; let commandHeader = sender a device id||receiver B: device ID generation time TB failure time TD
(2.3) Calculate the instruction ciphertext = SM4 encryption (R, commandHeader); construct instruction = mr||instruction ciphertext I instruction content;
(2.4) signing the instruction completion with the SM9 private key of device a; and sending the instruction signature to B.
Further, in the fourth step, the device B interprets the instruction includes:
(3.1) verifying the SM9 signature with the ID of device a;
(3.2) decrypting the MR with the ID of device B to obtain commandHeader;
(3.3) calculating keyAB = ECDH (CertA, priB);
(3.4) calculate a working key workKey =sm4 encryption (keyAB, instruction generation time TB);
(3.5) verifying the SM2 signature using the user a certificate;
(3.6) calculate m=sm4 decryption (workKey, MC);
(3.7) presenting M to user B, and after authorization of user B is obtained, device B gives a response.
Another object of the present invention is to provide an IBC-PKI man-machine control interaction system based on a cryptographic algorithm for implementing the cryptographic algorithm-based IBC-PKI man-machine control interaction method, the cryptographic algorithm-based IBC-PKI man-machine control interaction system comprising:
the system comprises an Internet of things management center, a user and equipment;
The user is used for generating an instruction and performing equipment execution authorization;
The internet of things management center is used for managing all users and the corresponding relation of the devices owned by the users, generating and issuing SM2 certificates and security parameters of each user, and distributing SM9 sharing parameters to each device;
The equipment is provided with a safety module; the security module is used for storing and calculating the equipment key; generating and storing a private key and a public key certificate of the user SM 2; storing SM9 public parameters and providing an encryption and decryption algorithm based on the device ID; other types of keys are stored.
It is a further object of the invention to provide a computer device comprising a memory and a processor, the memory storing a computer program which, when executed by the processor, causes the processor to perform the method of man-machine control interaction.
It is a further object of the invention to provide a computer readable storage medium storing a computer program which, when executed by a processor, causes the processor to perform the method of man-machine control interaction.
By combining all the technical schemes, the invention has the advantages and positive effects that: the invention provides data source authenticity verification through the IBC+PKI password technology, combines password authentication with key management, performs integrity protection and data freshness protection on data according to the managed key, and provides information security protection required by instruction data. If the instruction data needs confidentiality protection, the management of the key required by the confidentiality protection of the data is increased in the authentication and key management stage, and the plaintext data is replaced by the ciphertext data in the data transmission stage, so that the aim of safety protection is fulfilled.
Advantages of the invention also include:
1. device access security
Through the MAC verification of the network access request information, the management center is ensured to ensure that the current network access equipment is equipment meeting the preset requirements. By presetting the center certificate, the replacement of the device management center certificate is avoided. The device random number R1 is encrypted and uploaded by a management center public key, and the management center random number R2 is encrypted and issued by R1. Rkey thus has security features.
SM9 sharing parameters are encrypted only once with shareKey, shareKey being the same for all devices. shareKey is the inverse of the key dispersion algorithm, i.e. any Rkey can find a dispersion parameter, so that shareKey =sm4 encryption (Rkey, dispersion parameter) holds, and therefore dispersion parameter=sm4 decryption (Rkey, shareKey).
Based on the principle of primitive polynomial in finite field, any memory shifter state can reach other specific states through a certain number of steps. Therefore, the dispersion parameter is used as a state, a specific step length is calculated according to the set fingerprint characteristics, and the state after the step length is rotated by the shifter is used as a secret parameter. Thus, different devices have different security parameters, and after a specific step length is moved reversely, the dispersion parameters with the same value can be obtained. The security of the secret parameters has two points: binding with the ID of the equipment to prevent error matching; the second is sent by encryption, and the encryption is one-time pad.
Confidentiality of the dispersion parameter depends on the step size and the confidentiality parameter. The step size information is calculated and is not reflected in the message, the calculation of the step size depends on the equipment fingerprint, the information is transmitted to the center by utilizing the digital envelope technology of the center public key, other safety is effectively ensured, and the step size is calculated and generated in a safety module when the terminal is processed, so that the safety of the step size is ensured to a certain extent.
2. Person-to-person based instruction security
Strong directivity: the invention adopts SM2 ECDH algorithm to negotiate the master keys of both sides of AB and disperse the working key, thus achieving the one-time pad characteristic. Only the receiver who holds the private key can decrypt the instruction and execute it.
Strong credibility: a cannot deny that the present instruction was sent.
Non-replayability: b, after decryption, verifying R2 and the validity period of the instruction, deleting Rd after execution, and if the execution is repeated, preventing the instruction from being executed again by double factors of Rd and the validity period.
Non-interceptability: since the instruction content is encrypted, anyone intercepting the instruction cannot decrypt and execute the instruction, and cannot independently intercept a piece of data from the ciphertext to reconstruct a new instruction.
3. Resistance to attack by instructions
1) The instruction transfer between the user A and the user B ensures that the two parties have a symmetric key keyAB closely related to the identities of the two parties through an ECDH algorithm, and ensures that the instruction can be decrypted only by the user B which grasps the private key, so that the instruction is received with exclusive credibility, and meanwhile, the attack of the middle person can be resisted. Other third parties cannot synthesize the correct keyAB with the a certificate.
2) When the instruction is transmitted, the user B can verify the signature of the user A of the instruction, so that the source of the instruction cannot be forged or tampered.
3) Working keys are calculated through a decentralized algorithm conforming to financial standards, and one-time pad of instruction transmission is guaranteed.
4) The device B returns a random number RD to the device A every time the device B executes the instruction, the device A encrypts the RD and gives the device B along with the instruction, so that the device B authenticates the identity A to execute the instruction again every time, and the RD updates the coverage after the execution is completed. Thus, the instruction of A can only be received by B, and an attacker can be effectively prevented from replaying the instruction.
4) Because the data transmitted by the internet of things is not necessarily completely reliable, error data may occur. The random numbers RA, RB and RD also test the correctness of the current data in each stage of flow so as to prevent the phenomenon of losing data.
5) The time factor is adopted in the protocol to disperse the working key, so that the one-time pad function is realized.
6) The establishment of the expiration time may require device B to force the update RD to ensure that the replay instruction is an invalidation.
4. Security for transmissions between devices A, B
The IBC is utilized to enhance the transaction experience based on the transmission mode of the device ID, and the method is more prone to friend type instruction interaction. The delivery protection based on the SM9 algorithm ensures that the source of the validation data is reliable. The SM 9-based digital envelope mechanism ensures that device A is sure that only device B can receive and decrypt the instruction header, thereby obtaining the generation time and completing the source work of the instruction, otherwise, any intermediate device cannot complete the decryption to obtain the generation time.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments of the present application will be briefly described below, and it is obvious that the drawings described below are only some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic diagram of an IBC-PKI man-machine control interaction method based on a cryptographic algorithm according to an embodiment of the present invention.
Fig. 2 is a flowchart of an IBC-PKI man-machine control interaction method based on a cryptographic algorithm according to an embodiment of the present invention.
Fig. 3 is a schematic diagram of an IBC-PKI man-machine control interaction system based on a cryptographic algorithm according to an embodiment of the present invention.
FIG. 4 is a schematic diagram of an IBC-PKI human-computer interaction system based on a cryptographic algorithm according to an embodiment of the invention;
In the figure: 1. the management center of the Internet of things; 2. an apparatus; 3. and (5) a user.
Fig. 5 is a schematic diagram of a process of sending M to the center according to an embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the following examples in order to make the objects, technical solutions and advantages of the present invention more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
Aiming at the problems existing in the prior art, the invention provides an IBC-PKI man-machine control interaction method based on a cryptographic algorithm, and the invention is described in detail below with reference to the accompanying drawings.
As shown in fig. 1-2, the IBC-PKI man-machine control interaction method based on the cryptographic algorithm provided by the embodiment of the invention includes the following steps:
S101, a user A authorizes a device A and acquires a random number and a device ID of a user B; the user A authorizes the generation instruction;
s102, the equipment A performs transmission protection on the instruction;
S103, the equipment B interprets the instruction; device B presents the interpreted content to user B, which pings the interpreted content and authorizes device B to respond.
The method provided by the embodiment of the invention further comprises the following steps before the user A performs the authorization of the equipment A:
(1) The method comprises the steps that an internet of things management center initializes a symmetric key in a security device, and an initial master key IMK, a device root key and a management center public key Pubc for identifying a device source are initially arranged in a device security module before the device is connected to the internet;
(2) The equipment is electrified, software and hardware information of the equipment is collected according to the characteristics of the equipment, the collected hardware information is used as characteristic information of the equipment, and the equipment security module calculates equipment fingerprints based on the equipment characteristic information;
(3) Performing equipment network access verification and issuing SM9 public parameters; and updates the device authentication key.
In step (3), the device network access verification provided by the embodiment of the invention comprises the following steps:
Firstly, the security module generates a random number R1; the security module generates a device holder public-private key pair,
Secondly, assembling data request data na_req_data=device feature information device fingerprint holder public key holder personal information;
then, using R1 as a key, the SM4 algorithm encrypts to obtain ciphertext m1=sm4 encryption (R1, na_req_data)
Further, calculate ciphertext m2=sm2 encryption (Pubc, R1); calculate mac=sm4mac (IMK, m2||m1);
finally, the step of obtaining the product, m=m2||m 1||MAC; and (5) feeding M to the center.
In step (3), the sending SM9 disclosure parameters provided by the embodiment of the present invention includes:
1) Receiving information M, verifying the MAC by using the IMK, decrypting (IMK, M2I M1) by using the MAC 1=SM 4, comparing the RMAC with the MAC1, and if the RMAC is not equal to the MAC1, reporting an error and exiting;
2) Decrypting R1 with the central private key, r1=sm2 decrypting (central private key, M2);
3) Decrypting na_req_data with R1, na_req_data=sm4 decryption (R1, M1);
4) Reading a device fingerprint from NA_Req_data, and if the device fingerprint does not exist in the device library, continuing to register the device; if the equipment exists in the library, repeating network access is not allowed;
5) The center issues a user public key certificate PubCert _user for the holder; the center generates a unique identification ID for the device;
6) Center extraction SM9 parameter ciphertext = SM4 encryption (shareKey, SM9 parameters); generating a random number R2 at the center, and calculating Rkey=R1≡R2;
7) Calculate m1=sm4 decryption (Rkey, shareKey); m1 is provided with a 16-stage shifter Q (primitive polynomial is X 16+X5+X3+X2 +1);
8) Order the Wherein X i is the i-th byte of the device fingerprint from left to right;
9) The shifter Q circularly shifts N beats to obtain the security parameters
10 Central computing device master key mk=sm4 encryption (device root key, device ID) device unique ID is encrypted with the device root key as the key; wherein the device root key is generated in advance by the management and stored in the security device;
11 Center calculates MK ciphertext=sm4 encryption (Rkey, device ID MK) encrypts device ID MK with Rkey as key;
12 Central computing MR 2=sm4 encryption (R1, R2) R2 is encrypted with R1 as key; the central organization issues a message p=mr 2||mk ciphertext||secret parameters x||sm9 parameter ciphertext|| PubCert _use;
13 Calculating mac=sm4_mac (IMK, P); 14 P||mac is transmitted to the terminal.
In step (3), the updating device authentication key provided by the embodiment of the invention comprises:
firstly, verifying MAC by using IMK; decrypting R2 with R1; calculate Rkey = R1≡R2; decrypting the device ID and MK using Rkey;
Step two, extracting equipment characteristics, calculating equipment fingerprints, and calculating an N value; loading the sample into a shift register Q, and reversely operating the sample by N beats to obtain M1;
Thirdly, shareKey =sm4 encryption (Rkey, M1) is calculated; calculate SM9 parameter = SM4 decrypt (shareKey, SM9 parameter ciphertext);
Fourth, calculating z1=sm4 encryption (MK, R2); calculating a z2=sm2 signature (pri_use, Z1); the Z1Z 2 is sent upwards, the center decrypts the Z1 by using MK to obtain R2 and compares the R2 with the R2 of the center, and the comparison confirms that the confirmation information is correct through confirming that the comparison fails and confirms that the confirmation information is wrong; and verifying the correctness of the Z2 signature through the public key of the user, and if the verification is passed, and the network access process is successfully ended. If one of the authentications fails, the authentication fails and the network access process ends.
In step S101, the user a authorization generation instruction provided in the embodiment of the present invention includes:
(1.1) user a inputs the PIN, and opens the user private key in the device security module and the use authority of the device SM 9.
(1.2) User a acquires the certificate and device ID of user B, which user a can acquire from the management center; the certificate and the device ID of the user B can also be obtained directly from the user B through NFC or two-dimensional codes.
(1.3) Acquiring a random number Rd of the user B; the user A generates instruction content information M;
(1.4) calculating keyAB = ECDH (CertB, priA); calculate work key workKey = SM4 encryption (keyAB, instruction generation time TB);
(1.5) calculate mc=sm4 encryption (workKey, rd M; calculate signature = SM2 signature (user a private key, MC);
(1.6) construction instruction content=mc the SM2 signs the a certificate.
In step S102, the device a according to the embodiment of the present invention performs transmission protection on the instruction
(2.1) Generating a random number R, and signing the construction instruction content by using the SM9 private key of the device a;
(2.2) encrypting R by using the ID of the equipment B to obtain MR; let commandHeader = sender a device ida||receiver B device IDB generation time TB failure time TD
(2.3) Calculate the instruction ciphertext = SM4 encryption (R, commandHeader); construct instruction = mr||instruction ciphertext I instruction content;
(2.4) signing the instruction completion with the SM9 private key of device a; and sending the instruction signature to B.
In step S103, the device B provided in the embodiment of the present invention interprets the instruction includes:
(3.1) verifying the SM9 signature with the ID of device a;
(3.2) decrypting the MR with the ID of device B to obtain commandHeader;
(3.3) calculating keyAB = ECDH (CertA, priB);
(3.4) calculate a working key workKey =sm4 encryption (keyAB, instruction generation time TB);
(3.5) verifying the sm2 signature using the user a certificate;
(3.6) calculate m=sm4 decryption (workKey, MC);
(3.7) presenting M to user B, and after authorization of user B is obtained, device B gives a response.
As shown in fig. 3 to fig. 4, the IBC-PKI man-machine control interaction system based on a cryptographic algorithm according to an embodiment of the present invention includes:
The system comprises an Internet of things management center 1, a user 3 and equipment 2;
A user 3 for generating an instruction and performing device execution authorization;
The internet of things management center 1 is used for managing all users and the corresponding relation of the devices owned by the users, generating and issuing SM2 certificates of each user and distributing SM9 sharing parameters to each device;
A device 2 provided with a security module; the security module is used for storing and calculating the equipment key; generating and storing a private key and a public key certificate of the user SM 2; storing SM9 public parameters and providing an encryption and decryption algorithm based on the device ID; other types of keys are stored.
The technical effects of the present invention will be further described with reference to specific examples.
Example 1:
1. IBC+PKI man-machine control instruction protection protocol based on cryptographic algorithm
1.1. Man-machine interaction scene
Assuming Allice to get to Bob's home to get to the guest, allic generates an instruction: when ' I get to, please open the door ', the door control system prompts Bob through the entrance guard of Bob's home transmitted by the NFC of the mobile phone, ' Allice has been visited, whether to open the door ', bob agrees, and then opens the door automatically.
Such a living scenario is abstracted as follows:
as shown in fig. 1, a user a generates an instruction, the instruction is sent to a device B through the device a, the instruction is returned to the user B after being interpreted by the device B, and the authorized device B responds after being checked by the user.
1.2. System logic architecture
The management center of the internet of things (hereinafter referred to as center) is shown in the above figure, and the responsibilities are as follows:
Is responsible for managing the correspondence relationship of all persons and the devices owned by the same, and allows one person to correspond to a plurality of devices, namely users Ui- > { Ai0, ai1, … … Aim } wherein 0< i < n;0< j < m;
Responsible for generating and issuing SM2 certificates for each user;
responsible for distributing SM9 co-switch parameters to each device;
The device responsibilities are as follows:
each device is fitted with a security module having:
a device key storage and calculation function;
Generating and storing a private key and a public key certificate of the user SM 2;
Storing SM9 public parameters and providing an encryption and decryption algorithm based on the device ID;
Other types of keys are stored.
1.3 Device network entry constraints
The internet of things management center initializes a symmetric key in the security device: IMK, shareKey, device root key, generating asymmetric key of user, device and management center, generating ID of device and dependent key of protection key issue.
The internet of things management center initially places an initial master key IMK (Initial master key), a device root key and a management center public key Pubc in the device security module before the device is networked to identify the source of the device.
1.4 Network entry
1.4.1 Generation of device fingerprints
When the device is powered on, according to the characteristics of the device, collecting software and hardware information of the device, such as CPU number, hard disk number, operating system version, id of certain key hardware and the like, and calculating device fingerprints by a security module as characteristic information of the device: device fingerprint f=sm3 (device characteristic information).
1.4.2 Network entry authentication of devices
1. The device performs the following tasks:
1) The security module generates a random number R1;
2) The security module generates a device holder public-private key pair,
3) Assembling data request data na_req data=device feature information||i device fingerprint holder public key holder personal information;
4) Encryption by using R1 as a key and SM4 algorithm to obtain ciphertext M1=SM 4 encryption (R1, NA_Req_data)
5) Calculating ciphertext m2=sm2 encryption (Pubc, R1);
6) Calculate mac=sm4mac (IMK, m2||m1);
7)M=M2||M1||MAC
8) Feeding M to the center
1.4.3SM9 issuing of public parameters
The center receives the information M and works as follows:
1) Using IMK to verify MAC, mac1=sm4 decrypts (IMK, m2||m1), compares MAC with MAC1, if not, misreports and exits. ;
2) Decrypting R1 with the central private key, r1=sm2 decrypting (central private key, M2);
3) Decrypting na_req_data with R1, na_req_data=sm4 decryption (R1, M1);
4) Reading a device fingerprint from NA_Req_data, and if the device fingerprint does not exist in the device library, continuing to register the device; if there are devices in the library, then no duplicate network entry is allowed.
5) The center issues a user public key certificate for a holder, pubCert _user;
6) The center generates a unique identification ID for the device;
7) The center extracts SM9 parameter ciphertext=SM 4 encryption (shareKey, SM9 parameters), the parameter ciphertext is stored in the center in advance, and shareKey is updated regularly and is irrelevant to equipment;
8) Generating a random number R2 at the center, and calculating Rkey=R1≡R2;
9) Calculate m1=sm4 decryption (Rkey, shareKey);
10 M1 is loaded with a 16-stage shifter Q (primitive polynomial X 16+X5+X3+X2 +1);
11 Instruction) command Where Xi is the i-th byte of the device fingerprint from left to right. If N < = 32, then N = the value of the nth byte of the device fingerprint from left to right;
12 Circularly moving the memory shifter Q by N beats to obtain the security parameters
13 Central computing device master key mk=sm4 encryption (device root key, device ID) device unique ID is encrypted with the device root key as the key; wherein the device root key is generated in advance by the management center and stored in the secure device.
14 The center calculates mkciphertext=sm4 encryption (Rkey, device ID MK) encrypts device ID MK with Rkey as key.
15 Central computing MR 2=sm4 encryption (R1, R2) R2 is encrypted with R1 as key;
16 Central organization issue the text p=mr 2| |MK ciphertext| secret parameter X SM9 parameter ciphertext PubCert _use
17 Calculating mac=sm4_mac (IMK, P);
18 P||mac is transmitted to the terminal.
1.4.4 Updating of device authentication keys
After the equipment receives the P I MAC, the following work is performed:
1) Verifying the MAC using the IMK;
2) Decrypting R2 with R1;
3) Calculate Rkey = R1≡R2;
4) Decrypting the device ID and MK using Rkey;
5) Extracting equipment characteristics, calculating equipment fingerprints, and calculating an N value;
6) loading the sample into a shift register Q, and reversely operating the sample by N beats to obtain M1;
7) Calculate shareKey = SM4 encryption (Rkey, M1);
8) Calculate SM9 parameter = SM4 decrypt (shareKey, SM9 parameter ciphertext);
9) Calculating z1=sm4 encryption (MK, R2);
10 Calculating a z2=sm2 signature (pri_use, Z1); private key of user's// Pri_use
11 The Z1I Z2 is sent upwards, the center decrypts the Z1 by using MK to obtain R2 and compares the R2 with the R2 of the center, and the comparison is carried out by determining that the confirmation information is correct and the comparison failure determines that the confirmation information is wrong; and verifying the correctness of the Z2 signature through the public key of the user, and if the verification is passed, and the network access process is successfully ended. If one of the authentications fails, the authentication fails and the network access process ends.
1.4.5 Command protection protocol based on national cryptographic algorithm
1.4.5.1 Target
1) The user A utilizes the device A to generate an instruction, and the instruction is issued to the device B for execution.
1.4.5.2 User A opens the device and authorizes
The user A inputs the PIN and opens the private key of the user and the use authority of the device SM9 in the device security module.
1.4.5.3 User A obtains user B's certificate and device ID
The user a may acquire the certificate and the device ID of the user B from the management center; the certificate and the device ID of the user B can also be obtained directly from the user B through NFC or two-dimensional codes.
1.4.5.4 User A authorization generation instruction
1) Acquiring a random number Rd of a user B; the user A generates instruction content information M;
2) Calculate keyAB = ECDH (CertB, priA); the// Pria is the user SM2 private key of A and CertB is the SM2 certificate of user B;
3) Calculate work key workKey = SM4 encryption (keyAB, instruction generation time TB);
4) The calculation mc=sm4 encryption (workKey, rd M;
5) Calculate signature = SM2 signature (user a private key, MC);
6) Construct instruction content = mc||sm2 signature||a certificate
1.4.5.5 Device A for transmission protection of instructions
1) Generating random number R
2) Signing construction instruction content with SM9 private key of device a
3) Encrypting R by using ID of device B to obtain MR
4) Let commandHeader = sender a device ida||receiver B device IDB generation time TB failure time TD
5) Calculation instruction ciphertext=sm4 encryption (R, commandHeader)
6) Construct instruction = mr||instruction ciphertext I instruction content;
7) Signing the instruction by using an SM9 private key of the equipment A;
8) Transmitting the instruction signature to B;
1.4.5.6 device B interprets instructions
1) Verifying the SM9 signature with the ID of device a;
2) Decrypting MR with its own ID yields commandHeader
3) Calculate keyAB = ECDH (CertA, priB); the SM2 private key of// PriB user B, certA being the certificate of user A;
4) Calculate work key workKey = SM4 encryption (keyAB, instruction generation time TB);
5) Verification of sm2 signature with user a certificate
6) Calculate m=sm4 decryption (workKey, MC)
7) And (3) displaying M to the user B, and after the authorization of the user B is obtained, giving a response by the equipment B.
The invention has the advantages that:
1. device access security
Through the MAC verification of the network access request information, the management center is ensured to ensure that the current network access equipment is equipment meeting the preset requirements. By presetting the center certificate, the replacement of the device management center certificate is avoided. The device random number R1 is encrypted and uploaded by a management center public key, and the management center random number R2 is encrypted and issued by R1. Rkey thus has security features.
SM9 sharing parameters are encrypted only once with shareKey, shareKey being the same for all devices. shareKey is the inverse of the key dispersion algorithm, i.e. any Rkey can find a dispersion parameter, so that shareKey =sm4 encryption (Rkey, dispersion parameter) holds, and therefore dispersion parameter=sm4 decryption (Rkey, shareKey).
Based on the principle of primitive polynomial in finite field, any memory shifter state can reach other specific states through a certain number of steps. Therefore, the dispersion parameter is used as a state, a specific step length is calculated according to the set fingerprint characteristics, and the state after the step length is rotated by the shifter is used as a secret parameter. Thus, different devices have different security parameters, and after a specific step length is moved reversely, the dispersion parameters with the same value can be obtained. The security of the secret parameters has two points: binding with the ID of the equipment to prevent error matching; the second is sent by encryption, and the encryption is one-time pad.
Confidentiality of the dispersion parameter depends on the step size and the confidentiality parameter. The step size information is calculated and is not reflected in the message, the calculation of the step size depends on the equipment fingerprint, the information is transmitted to the center by utilizing the digital envelope technology of the center public key, other safety is effectively ensured, and the step size is calculated and generated in a safety module when the terminal is processed, so that the safety of the step size is ensured to a certain extent.
2. Person-to-person based instruction security
Strong directivity: the invention adopts SM2 ECDH algorithm to negotiate the master keys of both sides of AB and disperse the working key, thus achieving the one-time pad characteristic. Only the receiver who holds the private key can decrypt the instruction and execute it.
Strong credibility: a cannot deny that the present instruction was sent.
Non-replayability: b, after decryption, verifying R2 and the validity period of the instruction, deleting Rd after execution, and if the execution is repeated, preventing the instruction from being executed again by double factors of Rd and the validity period.
Non-interceptability: since the instruction content is encrypted, anyone intercepting the instruction cannot decrypt and execute the instruction, and cannot independently intercept a piece of data from the ciphertext to reconstruct a new instruction.
3. Resistance to attack by instructions
1) The instruction transfer between the user A and the user B ensures that the two parties have a symmetric key keyAB closely related to the identities of the two parties through an ECDH algorithm, and ensures that the instruction can be decrypted only by the user B which grasps the private key, so that the instruction is received with exclusive credibility, and meanwhile, the attack of the middle person can be resisted. Other third parties cannot synthesize the correct keyAB with the a certificate.
2) When the instruction is transmitted, the user B can verify the signature of the user A of the instruction, so that the source of the instruction cannot be forged or tampered.
3) Working keys are calculated through a decentralized algorithm conforming to financial standards, and one-time pad of instruction transmission is guaranteed.
4) The device B returns a random number RD to the device A every time the device B executes the instruction, the device A encrypts the RD and gives the device B along with the instruction, so that the device B authenticates the identity A to execute the instruction again every time, and the RD updates the coverage after the execution is completed. Thus, the instruction of A can only be received by B, and an attacker can be effectively prevented from replaying the instruction.
4) Because the data transmitted by the internet of things is not necessarily completely reliable, the error data random numbers RA, RB and RD can also test the correctness of the current data in the process of each stage, so that the phenomenon of losing the data can be prevented.
5) The time factor is adopted in the protocol to disperse the working key, so that the one-time pad function is realized.
6) The establishment of the expiration time may require device B to force the update RD to ensure that the replay instruction is an invalidation.
4. Security for transmissions between devices A, B
The IBC is utilized to enhance the transaction experience based on the transmission mode of the device ID, and the method is more prone to friend type instruction interaction. The delivery protection based on the SM9 algorithm ensures that the source of the validation data is reliable. The SM 9-based digital envelope mechanism ensures that device A is sure that only device B can receive and decrypt the instruction header, thereby obtaining the generation time and completing the source work of the instruction, otherwise, any intermediate device cannot complete the decryption to obtain the generation time.
The case has been proved by practice in the application of the intelligent community of a certain financial institution, is used for remotely opening a door for a visitor by an owner, and realizes intelligent safety communication of the owner, a mobile phone, an access control and the visitor.
The foregoing is merely illustrative of specific embodiments of the present invention, and the scope of the invention is not limited thereto, but any modifications, equivalents, improvements and alternatives falling within the spirit and principles of the present invention will be apparent to those skilled in the art within the scope of the present invention.
Claims (7)
1. A human-machine interaction method, characterized in that the human-machine interaction method comprises:
The user A authorizes the device A and acquires the random number, the certificate and the device ID of the user B; generating an instruction after the user A authorizes;
the equipment A carries out transmission protection on the instruction;
device B interprets the instruction; the device B displays the interpreted content to the user B, and the user B verifies the interpreted content and authorizes the device B to respond;
Before the user a performs the authorization of the device a, the method further includes:
(1) The method comprises the steps that an internet of things management center initializes a symmetric key in a security device, and an initial master key IMK, a device root key and a management center public key Pubc for identifying a device source are initially arranged in a device security module before the device is connected to the internet;
(2) The equipment is electrified, software and hardware information of the equipment is collected according to the characteristics of the equipment, the collected hardware information is used as characteristic information of the equipment, and the equipment security module calculates equipment fingerprints based on the equipment characteristic information;
(3) Performing equipment network access verification and issuing SM9 public parameters; and updating the device authentication key;
In the step (3), the step of (c),
3.1 Specifically comprises:
Firstly, the security module generates a random number R1; the security module generates a device holder public-private key pair,
Secondly, assembling data request data na_req_data=device feature information device fingerprint holder public key holder personal information;
then, using R1 as a key, the SM4 algorithm encrypts to obtain ciphertext m1=sm4 encryption (R1, na_req_data)
Further, calculate ciphertext m2=sm2 encryption (Pubc, R1); calculate mac=sm4mac (IMK, m2||m1);
finally, the step of obtaining the product, m=m2||m 1||MAC; feeding M to a center;
3.2 specifically comprises:
1) Receiving information M, verifying the MAC by using the IMK, encrypting (IMK, M2I M1) by using the MAC 1=SM 4, comparing the MAC with the MAC1, and if the MAC is not equal to the MAC1, reporting an error and exiting;
2) Decrypting with the central private key to obtain R1, r1=sm2 decryption (central private key, M2);
3) Decrypting with R1 to obtain na_req_data, na_req_data=sm4 decrypting (R1, M1);
4) Reading a device fingerprint from NA_Req_data, and if the device fingerprint does not exist in the device library, continuing to register the device; if the equipment exists in the library, repeating network access is not allowed;
5) The center issues a user public key certificate PubCert _user for the holder; the center generates a unique identification ID for the device;
6) Center extraction SM9 parameter ciphertext = SM4 encryption (shareKey, SM9 parameters); generating a random number R2 at the center, and calculating Rkey=R1≡R2; shareKey are updated periodically and device independent;
7) Calculate m1=sm4 decryption (Rkey, shareKey); m1 is loaded with a 16-stage shifter Q (primitive polynomial x16+x5+x3+x2+1);
8) Order the Where Xi is the i-th byte of the device fingerprint from left to right;
9) The shifter Q circularly moves N beats to obtain
10 Central computing device master key mk=sm4 encryption (device root key, device ID) device unique ID is encrypted with the device root key as the key;
11 Center calculates MK ciphertext=sm4 encryption (Rkey, device ID MK) encrypts device ID MK with Rkey as key;
12 Central computing MR 2=sm4 encryption (R1, R2) R2 is encrypted with R1 as key; center organization issues messages p=mr 2| MK ciphertext | security parameter X SM9 parameter ciphertext PubCert _user;
13 Calculating mac=sm4_mac (IMK, P); 18 Transmitting the P MAC to the terminal;
3.3 specifically includes:
firstly, verifying MAC by using IMK; decrypting MR2 with R1 to obtain R2; calculate Rkey = R1≡R2; decrypting MK ciphertext by using Rkey to obtain equipment ID and MK;
Step two, extracting equipment characteristics, calculating equipment fingerprints, and calculating an N value; obtaining a memory shifter value through the security parameter X and the equipment ID, loading the memory shifter value into a memory shifter Q, and reversely operating for N beats to obtain M1;
Thirdly, shareKey =sm4 encryption (Rkey, M1) is calculated; calculate SM9 parameter = SM4 decrypt (shareKey, SM9 parameter ciphertext);
Fourth, calculating z1=sm4 encryption (MK, R2); calculating a z2=sm2 signature (pri_use, Z1), pri_use being the private key of the user; the Z1Z 2 is sent upwards, the center decrypts the Z1 by using MK to obtain R2 and compares the R2 with the R2 of the center, and the comparison confirms that the confirmation information is correct through confirming that the comparison fails and confirms that the confirmation information is wrong; verifying the correctness of the Z2 signature through the public key of the user, and if the verification is passed, verifying the verification is passed, and ending the network access process successfully; if one of the authentications fails, the authentication fails and the network access process ends.
2. The human-machine interaction method of claim 1, wherein generating the instruction after the user a authorization comprises:
(1.1) acquiring a random number Rd of a user B; the user A generates instruction content information M;
(1.2) calculate keyAB = ECDH (CertB, priA), priA is the SM2 private key of user a, certB is the SM2 certificate of user B; calculate work key workKey = SM4 encryption (keyAB, instruction generation time TB);
(1.3) calculating mc=sm4 encryption (workKey, rd M; calculate signature = SM2 signature (user a private key, MC);
(1.4) construct instruction content=mc| SM2 signature user a certificate.
3. The human-machine interaction method of claim 2, wherein the transmission protection of the instruction by the device a comprises:
(2.1) generating a random number R, and signing the construction instruction content by using the SM9 private key of the device a;
(2.2) encrypting R by using the ID of the equipment B to obtain MR; let commandHeader = sender a device ida||receiver B device idb||instruction generate time tb||expiration time TD
(2.3) Calculate the instruction ciphertext = SM4 encryption (R, commandHeader); construct instruction = mr||instruction ciphertext I instruction content;
(2.4) signing the instruction completion with the SM9 private key of device a; and sending the instruction signature to B.
4. A method of human-machine interaction as in claim 3, wherein the device B interpreting the instructions comprises:
(3.1) verifying the SM9 signature with the ID of device a;
(3.2) decrypting the MR by using the ID of the MR to obtain R, and decrypting the instruction ciphertext by using the R to obtain commandHeader;
(3.3) calculating keyAB = ECDH (CertA, priB);
(3.4) calculate a working key workKey =sm4 encryption (keyAB, instruction generation time TB);
(3.5) verifying the SM2 signature using the user a certificate;
(3.6) calculating rd|m=sm4 decryption (workKey, MC);
(3.7) presenting M to user B, and after authorization of user B is obtained, device B gives a response.
5. A human-machine interaction system applying the human-machine interaction method according to any one of claims 1 to 4, characterized in that the human-machine interaction system comprises:
the system comprises an Internet of things management center, a user and equipment;
The user is used for generating an instruction and performing equipment execution authorization;
The internet of things management center is used for managing all users and the corresponding relation of the devices owned by the users, generating and issuing SM2 certificates of each user and distributing SM9 sharing parameters to each device;
The equipment is provided with a safety module; the security module is used for storing and calculating the equipment key; generating and storing a private key and a public key certificate of the user SM 2; storing SM9 public parameters and providing an encryption and decryption algorithm based on the device ID; other types of keys are stored.
6. A computer device, characterized in that it comprises a memory and a processor, the memory storing a computer program which, when executed by the processor, causes the processor to perform the man-machine control interaction method of any of claims 1-4.
7. A computer readable storage medium storing a computer program which, when executed by a processor, causes the processor to perform the human-machine interaction method of any of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011263161.1A CN112422280B (en) | 2020-11-12 | 2020-11-12 | Man-machine control interaction method, interaction system, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011263161.1A CN112422280B (en) | 2020-11-12 | 2020-11-12 | Man-machine control interaction method, interaction system, computer equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112422280A CN112422280A (en) | 2021-02-26 |
| CN112422280B true CN112422280B (en) | 2024-09-17 |
Family
ID=74832131
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011263161.1A Active CN112422280B (en) | 2020-11-12 | 2020-11-12 | Man-machine control interaction method, interaction system, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112422280B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN118250307B (en) * | 2024-05-15 | 2024-07-23 | 深圳南亿科技股份有限公司 | Internet of things equipment interaction method and system |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107026874A (en) * | 2017-06-02 | 2017-08-08 | 李维刚 | One kind instruction signature and verification method and system |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103067401B (en) * | 2013-01-10 | 2015-07-01 | 天地融科技股份有限公司 | Method and system for key protection |
| KR102124413B1 (en) * | 2013-12-30 | 2020-06-19 | 삼성에스디에스 주식회사 | System and method for identity based key management |
| US10412098B2 (en) * | 2015-12-11 | 2019-09-10 | Amazon Technologies, Inc. | Signed envelope encryption |
| CN106452721A (en) * | 2016-10-14 | 2017-02-22 | 牛毅 | Method and system for instruction identification of intelligent device based on identification public key |
| CN111490871A (en) * | 2020-03-13 | 2020-08-04 | 南京南瑞国盾量子技术有限公司 | SM9 key authentication method and system based on quantum key cloud and storage medium |
| CN111586049A (en) * | 2020-05-08 | 2020-08-25 | 国网电子商务有限公司 | Lightweight key authentication method and device for mobile internet |
-
2020
- 2020-11-12 CN CN202011263161.1A patent/CN112422280B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107026874A (en) * | 2017-06-02 | 2017-08-08 | 李维刚 | One kind instruction signature and verification method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112422280A (en) | 2021-02-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10154021B1 (en) | Securitization of temporal digital communications with authentication and validation of user and access devices | |
| EP3661120B1 (en) | Method and apparatus for security authentication | |
| US9160732B2 (en) | System and methods for online authentication | |
| US6138239A (en) | Method and system for authenticating and utilizing secure resources in a computer system | |
| TWI497336B (en) | Data security devices and computer program | |
| CN114730420A (en) | System and method for generating signatures | |
| CN110519046B (en) | Quantum communication service station key negotiation method and system based on one-time asymmetric key pair and QKD | |
| CN106713279B (en) | video terminal identity authentication system | |
| CN111147432B (en) | KYC data sharing system with confidentiality and method thereof | |
| CN104660605A (en) | Multi-factor identity authentication method and system | |
| CN110381055B (en) | RFID system privacy protection authentication protocol method in medical supply chain | |
| CN110138548B (en) | Quantum communication service station key negotiation method and system based on asymmetric key pool pair and DH protocol | |
| CN110505055A (en) | Based on unsymmetrical key pond to and key card outer net access identity authentication method and system | |
| WO2023151427A1 (en) | Quantum key transmission method, device and system | |
| CN114270386A (en) | Authenticator application for consent framework | |
| CN110098925B (en) | Quantum communication service station key negotiation method and system based on asymmetric key pool pair and random number | |
| CN110365472B (en) | Quantum communication service station digital signature method and system based on asymmetric key pool pair | |
| KR20120072032A (en) | The system and method for performing mutual authentication of mobile terminal | |
| CN110519222A (en) | Outer net access identity authentication method and system based on disposable asymmetric key pair and key card | |
| CN112422280B (en) | Man-machine control interaction method, interaction system, computer equipment and storage medium | |
| CN110266483B (en) | Quantum communication service station key negotiation method, system and device based on asymmetric key pool pair and QKD | |
| CN110138547B (en) | Quantum communication service station key negotiation method and system based on asymmetric key pool pair and serial number | |
| CN110113152B (en) | Quantum communication service station key negotiation method and system based on asymmetric key pool pair and digital signature | |
| Nishimura et al. | Secure authentication key sharing between personal mobile devices based on owner identity | |
| CN110086627B (en) | Quantum communication service station key negotiation method and system based on asymmetric key pool pair and time stamp |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |