CN113194465A - BLE connection verification method and device between terminals and readable storage medium - Google Patents
BLE connection verification method and device between terminals and readable storage medium Download PDFInfo
- Publication number
- CN113194465A CN113194465A CN202110423755.2A CN202110423755A CN113194465A CN 113194465 A CN113194465 A CN 113194465A CN 202110423755 A CN202110423755 A CN 202110423755A CN 113194465 A CN113194465 A CN 113194465A
- Authority
- CN
- China
- Prior art keywords
- request
- random number
- authentication code
- character string
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000012795 verification Methods 0.000 title claims abstract description 201
- 238000000034 method Methods 0.000 title claims abstract description 91
- 238000005265 energy consumption Methods 0.000 claims description 4
- 244000300477 Gardenia carinata Species 0.000 description 8
- BSJGASKRWFKGMV-UHFFFAOYSA-L ammonia dichloroplatinum(2+) Chemical compound N.N.Cl[Pt+2]Cl BSJGASKRWFKGMV-UHFFFAOYSA-L 0.000 description 8
- 238000004891 communication Methods 0.000 description 7
- 230000005540 biological transmission Effects 0.000 description 6
- 230000002457 bidirectional effect Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 2
- 230000014759 maintenance of location Effects 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011982 device technology Methods 0.000 description 1
- 230000013011 mating Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000008054 signal transmission Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a BLE connection verification method between terminals. The BLE connection verification method between the terminals comprises the following steps: after being connected with a request end BLE, detecting whether an identity authentication request sent by the request end is received; when an identity verification request sent by a request end is detected, a first random number is generated and returned to the request end, and when a second random number and a first authentication code generated by the request end are received, a second authentication code is generated according to the first random number, the second random number and a first preset secret key; the first authentication code is generated by the request end according to the first random number, the second random number and a second preset key in the request end; comparing the first authentication code with the second authentication code; and when the comparison result is consistent, the BLE connection verification of the request end is successful. The invention also discloses a BLE connection verification device between terminals and a computer readable storage medium. The invention can solve the problems that the existing scheme is easily connected by malicious equipment and has safety risk.
Description
Technical Field
The present invention relates to the field of electronic device technologies, and in particular, to a method and an apparatus for verifying BLE connection between terminals, and a computer-readable storage medium.
Background
TWS (True Wireless headset) products are becoming more popular, and the TWS products support both conventional Bluetooth connections and BLE (Bluetooth Low Energy) connections, which can significantly reduce power consumption and cost while maintaining the same communication range as conventional Bluetooth. In terms of connection mechanism, the conventional bluetooth employs a pairing-first connection mechanism, so that the connection mechanism is relatively secure. And BLE connects and can directly be connected with the equipment of opposite terminal through not mating, and this kind of connected mode makes TWS product easily connected by malicious equipment, has the security risk.
Disclosure of Invention
The invention mainly aims to provide a BLE connection verification method and device between terminals and a computer readable storage medium, and aims to solve the problems that an existing scheme is easily connected by malicious equipment and has security risks.
In order to achieve the above object, the present invention provides a method for verifying BLE connection between terminals, which is applied to a TWS headset, and the method includes:
after the connection with the Bluetooth low energy BLE of the request end, setting the verification state corresponding to the request end as unknown, and detecting whether an identity verification request sent by the request end is received;
when an identity verification request sent by a request end is detected, generating and returning a first random number and a key use identifier to the request end, so that when a second random number and a first authentication code generated by the request end are received, a second authentication code is generated according to the first random number, the second random number and a first preset key corresponding to the key use identifier; the first authentication code is generated by the request end according to the first random number, the second random number and a second preset key corresponding to the key use identifier in the request end;
when the comparison result of the first authentication code and the second authentication code is consistent, the BLE connection of the request end is successfully verified, and a BLE connection authentication request is initiated to the request end;
when receiving connection verification success information and accumulated verification time fed back by a request end according to a connection authentication request, acquiring locally recorded unknown state accumulated holding time;
when the unknown state accumulated holding time is matched with the accumulated verification time, the BLE connection verification between the terminals is successful.
In order to achieve the above object, the present invention further provides a method for verifying BLE connection between terminals, which is applied to a verification terminal, and the method for verifying BLE connection between terminals includes the following steps:
after being connected with a request end Bluetooth low energy consumption BLE, detecting whether an identity verification request sent by the request end is received or not;
when an identity verification request sent by a request end is detected, a first random number is generated and returned to the request end, and when a second random number and a first authentication code generated by the request end are received, a second authentication code is generated according to the first random number, the second random number and a first preset secret key; the first authentication code is generated by the request end according to the first random number, the second random number and a second preset key in the request end;
comparing the first authentication code with the second authentication code;
and when the comparison result is consistent, the BLE connection verification of the request end is successful.
Optionally, the step of generating the second authentication code according to the first random number, the second random number, and the first preset key includes:
splicing the first preset key and the first preset field to obtain a first spliced character string, and splicing the first random number and the second random number to obtain a second spliced character string and a third spliced character string;
and correspondingly taking the first splicing character string, the second splicing character string and the third splicing character string as an algorithm key, a first input parameter and a second input parameter, inputting the algorithm key, the first input parameter and the second input parameter into a preset Hash Message Authentication Code (HMAC) arithmetic unit for operation, and outputting a second authentication code.
Optionally, the process of the request terminal generating the first authentication code according to the first random number, the second random number, and the second preset key in the request terminal includes:
the request terminal splices the second preset secret key and the first preset field to obtain a fourth spliced character string, and splices the first random number and the second random number to obtain a fifth spliced character string and a sixth spliced character string;
and the request terminal correspondingly uses the fourth splicing character string, the fifth splicing character string and the sixth splicing character string as an algorithm key, a first input parameter and a second input parameter, inputs the algorithm key, the first input parameter and the second input parameter into a preset HMAC arithmetic unit for operation, and outputs a first authentication code.
Optionally, the method further comprises:
generating a first request authentication code according to the first random number, the second random number and a first preset secret key;
the first request authentication code is sent to the request end, so that when the request end determines that the first request authentication code is consistent with the second request authentication code, the BLE connection of the verification end is verified successfully; the second request authentication code is generated by the request end according to the first random number, the second random number and a second preset secret key in the request end.
Optionally, the step of generating the first request authentication code according to the first random number, the second random number, and the first preset key includes:
splicing the first preset secret key and the second preset field to obtain a seventh spliced character string, and splicing the character strings according to the first random number and the second random number to obtain a second spliced character string and a third spliced character string;
and correspondingly taking the seventh splicing character string, the second splicing character string and the third splicing character string as an algorithm key, a first input parameter and a second input parameter, inputting the algorithm key, the first input parameter and the second input parameter into a preset HMAC arithmetic unit for operation, and outputting a first request authentication code.
Optionally, the process of the request terminal generating the second request authentication code according to the first random number, the second random number, and the second preset key in the request terminal includes:
the request terminal splices the first preset secret key and the second preset field to obtain an eighth spliced character string, and splices the character strings according to the first random number and the second random number to obtain a fifth spliced character string and a sixth spliced character string;
and the request terminal correspondingly uses the eighth splicing character string, the fifth splicing character string and the sixth splicing character string as an algorithm key, a first input parameter and a second input parameter, inputs the algorithm key, the first input parameter and the second input parameter into a preset HMAC arithmetic unit for operation, and outputs a second request authentication code.
Optionally, the step of inputting the algorithm key, the first input parameter, and the second input parameter into a preset HMAC operator for operation includes:
taking the algorithm key as a primary operation key, and performing primary HMAC operation on the first input parameter;
and taking the operation result of the primary HMAC operation as a secondary operation key, performing secondary HMAC operation on the second input parameter, and taking the output result of the secondary HMAC operation as the operation result of the HMAC operator.
In order to achieve the above object, the present invention also provides a BLE connection verification device between terminals, including: the method comprises the steps of realizing the BLE connection verification method between the terminals when the BLE connection verification program between the terminals is executed by the processor.
In addition, to achieve the above object, the present invention further provides a computer-readable storage medium having a BLE connection verification program between terminals stored thereon, where the BLE connection verification program between terminals implements the steps of the BLE connection verification method between terminals as described above when executed by a processor.
The invention provides a BLE connection verification method, a device and a computer readable storage medium between terminals, which detect whether an identity verification request sent by a request end is received or not after the BLE connection with the request end is carried out; when an identity verification request sent by a request end is detected, a first random number is generated and returned to the request end, and when a second random number and a first authentication code generated by the request end are received, a second authentication code is generated according to the first random number, the second random number and a first preset secret key; the first authentication code is generated by the request end according to the first random number, the second random number and a second preset key in the request end; comparing the first authentication code with the second authentication code; and when the comparison result is consistent, the BLE connection verification of the request end is successful. Namely, the invention designs a set of autonomous verification mechanism of Bluetooth low-power connection, and can perform security verification on the opposite-end connection equipment based on the verification end of the TWS earphone, so that the problems that the existing scheme is easily connected by malicious equipment and has security risk are solved. Furthermore, the verification end and the request end respectively preset a secret key, and the authentication code is generated by combining a random code and the secret key which are correspondingly generated by the two parties for comparison and verification.
Drawings
Fig. 1 is a schematic terminal structure diagram of a hardware operating environment according to an embodiment of the present invention;
figure 2 is a schematic flow chart of a BLE connection verification method between terminals according to a first embodiment of the present invention;
fig. 3 is a schematic flowchart illustrating a detailed process of generating a second authentication code according to the first random number, the second random number and the first preset key in step S20 in the BLE connection verification method between terminals according to the present invention;
figure 4 is a schematic flowchart of a BLE connection verification method between terminals according to a third embodiment of the present invention;
fig. 5 is a detailed flowchart of step S50 in the third embodiment of the method for verifying a BLE connection between terminals according to the present invention;
figure 6 is a schematic view of a detailed process of inputting an algorithm key, a first input parameter and a second input parameter into a preset HMAC arithmetic unit for arithmetic operation in a fourth embodiment of the BLE connection verification method between terminals according to the present invention;
figure 7 is a schematic flow chart of the BLE connection verification method between terminals according to the present invention applied to a TWS headset.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Referring to fig. 1, fig. 1 is a schematic terminal structure diagram of a hardware operating environment according to an embodiment of the present invention.
The terminal according to the embodiment of the present invention may be a BLE connection verification device between terminals, where the BLE connection verification device between terminals refers to one of terminals participating in BLE connection, and may be an earphone device, such as a TWS earphone, or a TWS earphone charging box, or a mobile phone. Of course, the terminal in the embodiment of the present invention may also be a control chip of a BLE connection verification device between terminals, and is configured to verify and further process the BLE connection of the terminal.
As shown in fig. 1, the terminal may include: a processor 1001, such as a CPU (Central Processing Unit), a communication bus 1002, a network interface 1003, and a memory 1004. Wherein a communication bus 1002 is used to enable connective communication between these components. The network interface 1003 may optionally include a standard wired interface (e.g., USB interface, Type-C interface). The memory 1004 may be a high-speed RAM memory or a non-volatile memory (e.g., a disk memory). The memory 1004 may alternatively be a storage device separate from the processor 1001.
Those skilled in the art will appreciate that the terminal structure shown in fig. 1 is not intended to be limiting and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components.
As shown in fig. 1, the memory 1004, which is a kind of computer storage medium, may include therein an operating system, a network communication module, and a BLE connection verification program between terminals.
In the terminal shown in fig. 1, the network interface 1003 is mainly used for connecting to a backend server and performing data communication with the backend server; and processor 1001 may be configured to invoke the BLE connection verification procedure between terminals stored in memory 1004 and perform the following operations:
after being connected with a request end Bluetooth low energy consumption BLE, detecting whether an identity verification request sent by the request end is received or not;
when an identity verification request sent by a request end is detected, a first random number is generated and returned to the request end, and when a second random number and a first authentication code generated by the request end are received, a second authentication code is generated according to the first random number, the second random number and a first preset secret key; the first authentication code is generated by the request end according to the first random number, the second random number and a second preset key in the request end;
comparing the first authentication code with the second authentication code;
and when the comparison result is consistent, the BLE connection verification of the request end is successful.
Further, processor 1001 may invoke a BLE connection verification procedure between terminals stored in memory 1004, and also perform the following operations:
splicing the first preset key and the first preset field to obtain a first spliced character string, and splicing the first random number and the second random number to obtain a second spliced character string and a third spliced character string;
and correspondingly taking the first splicing character string, the second splicing character string and the third splicing character string as an algorithm key, a first input parameter and a second input parameter, inputting the algorithm key, the first input parameter and the second input parameter into a preset Hash Message Authentication Code (HMAC) arithmetic unit for operation, and outputting a second authentication code.
Further, the processor 1001 may invoke a BLE connection verification procedure stored in the memory 1004, where a process of the requesting end generating the first authentication code according to the first random number, the second random number, and the second preset key in the requesting end includes:
the request terminal splices the second preset secret key and the first preset field to obtain a fourth spliced character string, and splices the first random number and the second random number to obtain a fifth spliced character string and a sixth spliced character string;
and the request terminal correspondingly uses the fourth splicing character string, the fifth splicing character string and the sixth splicing character string as an algorithm key, a first input parameter and a second input parameter, inputs the algorithm key, the first input parameter and the second input parameter into a preset HMAC arithmetic unit for operation, and outputs a first authentication code.
Further, processor 1001 may invoke a BLE connection verification procedure between terminals stored in memory 1004, and also perform the following operations:
generating a first request authentication code according to the first random number, the second random number and a first preset secret key;
the first request authentication code is sent to the request end, so that when the request end determines that the first request authentication code is consistent with the second request authentication code, the BLE connection of the verification end is verified successfully; the second request authentication code is generated by the request end according to the first random number, the second random number and a second preset secret key in the request end.
Further, processor 1001 may invoke a BLE connection verification procedure between terminals stored in memory 1004, and also perform the following operations:
splicing the first preset secret key and the second preset field to obtain a seventh spliced character string, and splicing the character strings according to the first random number and the second random number to obtain a second spliced character string and a third spliced character string;
and correspondingly taking the seventh splicing character string, the second splicing character string and the third splicing character string as an algorithm key, a first input parameter and a second input parameter, inputting the algorithm key, the first input parameter and the second input parameter into a preset HMAC arithmetic unit for operation, and outputting a first request authentication code.
Further, the processor 1001 may invoke a BLE connection verification procedure stored in the memory 1004, where a process of the requesting end generating a second request authentication code according to the first random number, the second random number, and a second preset key in the requesting end includes:
the request terminal splices the first preset secret key and the second preset field to obtain an eighth spliced character string, and splices the character strings according to the first random number and the second random number to obtain a fifth spliced character string and a sixth spliced character string;
and the request terminal correspondingly uses the eighth splicing character string, the fifth splicing character string and the sixth splicing character string as an algorithm key, a first input parameter and a second input parameter, inputs the algorithm key, the first input parameter and the second input parameter into a preset HMAC arithmetic unit for operation, and outputs a second request authentication code.
Further, processor 1001 may invoke a BLE connection verification procedure between terminals stored in memory 1004, and also perform the following operations:
taking the algorithm key as a primary operation key, and performing primary HMAC operation on the first input parameter;
and taking the operation result of the primary HMAC operation as a secondary operation key, performing secondary HMAC operation on the second input parameter, and taking the output result of the secondary HMAC operation as the operation result of the HMAC operator.
Further, processor 1001 may invoke a BLE connection verification procedure between terminals stored in memory 1004, and also perform the following operations:
and when the timing time reaches a preset value, if the BLE connection verification of the request end is still unsuccessful, disconnecting the BLE connection with the request end.
When the terminal shown in fig. 1 is a TWS headset, the network interface 1003 is mainly used to connect to a backend server and perform data communication with the backend server; and processor 1001 may be configured to invoke the BLE connection verification procedure between terminals stored in memory 1004 and perform the following operations:
after the connection with the Bluetooth low energy BLE of the request end, setting the verification state corresponding to the request end as unknown, and detecting whether an identity verification request sent by the request end is received;
when an identity verification request sent by a request end is detected, generating and returning a first random number and a key use identifier to the request end, so that when a second random number and a first authentication code generated by the request end are received, a second authentication code is generated according to the first random number, the second random number and a first preset key corresponding to the key use identifier; the first authentication code is generated by the request end according to the first random number, the second random number and a second preset key corresponding to the key use identifier in the request end;
when the comparison result of the first authentication code and the second authentication code is consistent, the BLE connection of the request end is successfully verified, and a BLE connection authentication request is initiated to the request end;
when receiving connection verification success information and accumulated verification time fed back by a request end according to a connection authentication request, acquiring locally recorded unknown state accumulated holding time;
when the unknown state accumulated holding time is matched with the accumulated verification time, the BLE connection verification between the terminals is successful.
Based on the above hardware structure, embodiments of a BLE connection verification method between terminals according to the present invention are provided.
Referring to fig. 2, fig. 2 is a flowchart illustrating a BLE connection verification method between terminals according to a first embodiment of the present invention.
In this embodiment, the method for verifying BLE connection between terminals is applied to a verification terminal, and the method includes:
step S10, after the connection with the Bluetooth low energy BLE of the request end, whether an identity verification request sent by the request end is received or not is detected;
the requesting end and the verifying end in the embodiment of the invention are opposite, and after the BLE connection, the identity verification request can be determined according to the identity verification request sent out in the terminal first, or can be specified in advance. Namely, when the verification end is an earphone and an intelligent wearable device, the request end is a mobile phone type mobile terminal with Bluetooth; when the verification end is a mobile terminal, the request end can be an earphone or a smart wearable device. In the embodiment of the present invention, the verification end is an earphone, and the request end is a mobile phone, for example, other types of terminals participating in the BLE connection verification may refer to execution, which is not described herein in detail.
After the verification end is connected with the request end through the BLE, the request end sends an identity verification request to the verification end to request the start of the BLE connection verification when the request end acquires the state of the BLE connection. The authentication end monitors the identity authentication request in real time or at regular time, namely the BLE connection authentication between the terminals can be started.
It can be understood that, because BLE connection does not need to be matched and then verified, and the BLE connection can be directly connected to the peer device, in fact, in the whole process of verification of BLE connection between terminals, the requesting terminal and the verifying terminal are actually in a connected state. If the identity authentication request is continuously detected, but the identity authentication request is not detected all the time, or the BLE connection authentication is not passed all the time, at this time, whether the request end is legal security equipment is unknown, the situation easily causes the authentication end to be subjected to greater and greater risks, therefore, the timing can be started when the detection is started after the connection, a preset value is correspondingly set, the preset value can be 10 seconds and is compared with the timing time generated by accumulated timing, when the timing time reaches the preset value, the BLE connection authentication state identification of the request end, which is locally recorded by the authentication end, can be obtained to determine whether the BLE connection authentication of the request end is successful, if the timing time reaches the preset value, the BLE connection authentication identification of the request end is not identified as successful, and at this time, the authentication end disconnects the BLE connection with the request end. Through the setting of timing time, the time limit limitation is increased for the BLE connection verification, and the safety risk caused by the fact that the verification end continuously keeps the BLE connection state due to long-time waiting verification is reduced.
Step S20, when detecting the identity verification request sent by the request end, generating and returning a first random number to the request end, so as to generate a second authentication code according to the first random number, the second random number and a first preset key when receiving a second random number and a first authentication code generated by the request end; the first authentication code is generated by the request end according to the first random number, the second random number and a second preset key in the request end;
after receiving the identity authentication request, the authentication end can generate a first random number (hereinafter referred to as "RandB") through a random number generator and return the first random number to the request end. After receiving the RandB, the request terminal can also generate a second random number (hereinafter referred to as "RandA") by a random number generator, and generate a first authentication Code (Code1) by combining a preset algorithm according to the RandB fed back by the verification terminal, the RandA generated by the request terminal and a second key preset by the verification terminal, wherein the first authentication Code can be generated by adopting a hash algorithm. The request end sends the generated randA and Code1 to the verification end, and the verification end can also generate a second authentication Code (Code2) by using a preset algorithm and a first secret key preset by the verification end and randA and randB, so as to compare Code1 and Code 2. It should be noted that, if the terminals of both parties are legal devices, both parties may agree in advance before BLE connection and share the secret key, that is, if the terminals of both parties are legal devices, the first preset secret key and the second preset secret key are shared in advance, and the sequence of the secret key fields is consistent.
In addition, when the first random number is returned to the request end, an encryption version number can also be returned to the request end, so that the request end can determine whether the version of the second preset secret key and/or the version of the HMAC arithmetic unit which generates the first authentication code in the encryption process needs to be updated or not according to the encryption version number, or the request end searches a correspondingly used secret key and the HAMC arithmetic unit according to the encryption version number, and the encryption version number can also be used during the subsequent verification of the BLE connection of the verification end, so that the encryption version numbers of the request end and the verification end are consistent, and the successful verification of the BLE connection between the legal terminals is ensured.
Step S30, comparing the first authentication code with the second authentication code;
in step S40, when the comparison result is consistent, the BLE connection verification of the requesting end is successful.
If the Code1 and the Code2 are consistent, the request end is a legal device, and if the Code1 and the Code2 are not consistent, the request end is an illegal device, the information security of the verification end is threatened, and the request end performs the operation of disconnecting the BLE connection.
It can be understood that in the whole verification process of the BLE connection to the request end, only the random number and the authentication code sent by the request end are required in the transmission process of the request end and the verification end, the abnormal third-party device can illegally intercept the secret keys of both BLE connection parties and only the random number and the verification code sent by the request end are required, the BLE connection verification can be realized only by the request end and the verification end reserving the first preset secret key and the second preset secret key in advance, the third-party device cannot obtain the secret keys, and therefore the BLE connection verification cannot be realized, and the illegal device can be identified.
In this embodiment, after the connection with the request end bluetooth low energy BLE, whether an identity authentication request sent by the request end is received is detected; when an identity verification request sent by a request end is detected, a first random number is generated and returned to the request end, and when a second random number and a first authentication code generated by the request end are received, a second authentication code is generated according to the first random number, the second random number and a first preset secret key; the first authentication code is generated by the request end according to the first random number, the second random number and a second preset key in the request end; comparing the first authentication code with the second authentication code; and when the comparison result is consistent, the BLE connection verification of the request end is successful. Namely, a set of Bluetooth low-power connection autonomous verification mechanism is designed, and the security verification can be performed on the opposite-end connection device based on the verification end of the TWS earphone, so that the problem that the existing scheme is easily connected by malicious devices and has security risks is solved. Further, the verification end and the request end respectively preset a secret key, for example, a manufacturer can negotiate to form a unified BLE connection verification mechanism before the verification end and the request end leave a factory, and set the device secret key and a preset field to be used in advance according to the verification mechanism, or the secret key and the preset field can be preset before the earphone end leaves the factory, when an application program required by earphone control is installed on an operation terminal, such as a mobile phone, the secret key and the preset field are obtained through earphone or application program version number matching, and an authentication code is generated through combination of a random code and the secret key generated by the two parties correspondingly for comparison and verification.
Further, referring to fig. 3, based on the above first embodiment, a second embodiment of the BLE connection verification method between terminals according to the present invention is proposed, in this embodiment, the generating a second authentication code according to the first random number, the second random number, and the first preset key in step S20 includes:
step S21, splicing the first preset key and the first preset field to obtain a first splicing character string, and splicing the first random number and the second random number to obtain a second splicing character string and a third splicing character string;
step S22, the first splicing character string, the second splicing character string, and the third splicing character string are used as an algorithm key, a first input parameter, and a second input parameter, and are input to a preset hash message authentication code HMAC operator for operation, so as to output a second authentication code.
The first preset field may be set according to actual needs, and may be any integer greater than 0, for example, 0X0110 and 0X0100, and when the first preset field is spliced with the first preset key, the first preset key and the character string of the first preset field may be arranged and combined according to a preset sequence, and the combined character string is the first spliced character string. Taking the first preset field as 0X0100 as an example, if the first preset key occupies 16 bytes, 0100 may be added after the data string of 16 bytes to form the string data of 18 bytes in length, that is, the first concatenated string. Similarly, RandA and RandB may be used to generate the second splicing character string and the third splicing character, but it should be mentioned that the second splicing character string and the third splicing character string are generally not consistent, but parameters used for splicing are consistent, so that the actual splicing sequence of the second splicing character string and the third splicing character string in the splicing generation process is different. The second spliced character string may be formed by sequentially splicing RandB and RandA, the third spliced character string may be formed by sequentially splicing RandA and RandB, although the character string positions corresponding to odd-numbered numerical numbers may be filled in the character sequence of RandA, and the character sequence of RandB is filled in the character string positions corresponding to even-numbered numerical numbers, so as to form the second spliced character string, and the generation process of the third character string is opposite to the generation sequence of the second character string. After the first, second and third splicing strings are obtained, the obtained first, second and third splicing strings may be used as an algorithm key, a first input parameter and a second input parameter, and input to a preset hash message authentication code HMAC operator for operation, so as to output a second authentication code.
It should be noted that the preset HMAC operator is an operation tool defined by a hash-based message check code algorithm, and an operation process is already set, and is also correspondingly set at the request end of the present solution. In addition, the number of the HMAC operators in the verifying end and the requesting end may be set to 2, one for performing operations when BLE connection verification is performed on the requesting end, and one for performing operations when BLE connection verification is performed on the verifying end. However, the two HMAC operators adopt different preset fields for distinguishing, so as to prevent the operation results of the two HMAC operators from being the same, but the lengths of the two preset fields are the same. And the preset fields and the secret keys adopted by the request end and the verification end when the BLE connection verification is carried out on the same terminal interactively are consistent, so that the consistency of the connection verification of both terminals is ensured.
The scheme provides the operation process of the second authentication code, the encryption performance of the authentication code is improved by means of splicing of character strings and a Hash-based message check code algorithm, and even if the authentication code and the random number are stolen by third-party equipment, a secret key is not provided, the operation logic is not clear, so that the safety of connection verification is improved.
In other embodiments, the process of generating the first authentication code by the specific request end according to the first random number, the second random number and a second key preset in the request end is that the request end splices the second preset key with the first preset field to obtain a fourth spliced character string, and splices the first random number and the second random number to obtain a fifth spliced character string and a sixth spliced character string; and the request terminal correspondingly uses the fourth splicing character string, the fifth splicing character string and the sixth splicing character string as an algorithm key, a first input parameter and a second input parameter, inputs the algorithm key, the first input parameter and the second input parameter into a preset HMAC arithmetic unit for operation, and outputs a first authentication code. The process of outputting the first authentication code by the request end is consistent with the process of outputting the second authentication code by the verification end, and redundant description is omitted. Through the generation of the first authentication code, basis is provided for the BLE connection verification of the request end.
Further, based on the first or second embodiment, a third embodiment of the BLE connection verification method between terminals according to the present invention is provided, referring to fig. 4, in this embodiment, the method further includes:
step S50, generating a first request authentication code according to the first random number, the second random number and the first preset key;
step S60, sending the first request authentication code to the requesting end, so that the BLE connection of the verifying end is verified successfully when the requesting end determines that the first request authentication code is consistent with the second request authentication code; the second request authentication code is generated by the request end according to the first random number, the second random number and a second preset secret key in the request end.
The above-mentioned processes of generating the first request authentication code and initiating the BLE connection verification to the verification end to the request end are that after the BLE connection verification to the request end is successful, the verification end feeds back the comparison result that the first authentication code is consistent with the second authentication code to the request end, and then returns the first request authentication code to the request end together, the return of the first request authentication code is equivalent to the identity verification request, and the request end can be triggered to start the verification of the BLE connection of the verification end, and the BLE connection verification to the verification end is initiated after the verification is completed to the request end, so that the error report rate of the verification process is reduced. Of course, the verification may be performed before the BLE connection verification on the requesting end is not completed, as long as the requesting end obtains the first random number and the second random number required for generating the first request authentication code.
It can be understood that, when the verification end verifies the BLE connection of the requesting end successfully, only the verification end unilaterally recognizes the requesting end as a legal device, and the verification end may not receive/send information to the requesting end due to the limitation of the requesting end in transmission. That is, any connection is bidirectional, the request terminal may also be used as a verification terminal, it is necessary to verify whether the TWS headset is a legal device, and only when the devices at both ends of the BLE connection recognize the device at the opposite terminal as a legal device, the information transfer after the BLE connection is smooth.
It should be further noted that, although the first request authentication code and the second authentication code are both generated according to the first random number, the second random number and the first preset secret key, the two numbers are different in practice, which can help to distinguish which end terminal is used for BLE connection verification, where the second authentication code is used for verifying end to perform BLE connection verification on the identity verification request initiated by the request end, and the first request authentication code is used for verifying end to initiate identity verification request to the request end, so that the request end verifies BLE connection of the verification end. The two codes may be generated in the same manner or in different manners, as long as the methods used by the request terminal and the verification terminal in the corresponding generation of the first request authentication code and the second request authentication code, and the second authentication code and the first authentication code are correspondingly consistent. The requesting end may refer to the verifying end to set the first request authentication code and the second authentication code for the second request authentication code and the first authentication code, which is not described in detail herein.
Referring to fig. 5, the process in which the verifying end generates the first request authentication code, i.e., step S50, may include:
step S51, splicing the first preset key and the second preset field to obtain a seventh spliced character string, and splicing the character strings according to the first random number and the second random number to obtain a second spliced character string and a third spliced character string;
and step S52, correspondingly taking the seventh splicing character string, the second splicing character string and the third splicing character string as an algorithm key, a first input parameter and a second input parameter, inputting the algorithm key, the first input parameter and the second input parameter into a preset HMAC arithmetic unit for operation, and outputting a first request authentication code.
The byte length of the second preset field is consistent with that of the first preset field, but the actual field content is inconsistent, and is used for distinguishing BLE connection verification of different terminals, the second preset field may be set according to actual needs, and may be any integer greater than 0, for example, 0X0110, when the second preset field is spliced with the first preset key, the character strings of the first preset key and the second preset field may be arranged and combined according to a preset sequence, and the combined character string is a seventh spliced character string. Taking the first preset field as 0X0110 as an example, if the first preset key occupies 16 bytes, 0110 may be added after the data string of 16 bytes to form 18-byte-length string data, that is, a seventh concatenation string.
When the first request authentication code is generated, the second splicing character string and the third splicing character string are also used, and the splicing mode can be the same as that of the second embodiment. Or, when the first request authentication code is actually generated, a third random number may be generated, the first random number, the second random number and the third random number are spliced again to obtain a second splicing character string and a third splicing character string used for generating the first request authentication code, and then the third random number and the generated first authentication code are fed back to the request terminal together for obtaining the second request authentication code.
The scheme provides a BLE connection verification process of the verification end, helps to realize full connection verification of BLE connection of both sides of terminal equipment, and ensures stable signal transmission between both sides of terminals.
In other embodiments, the process of generating the second request authentication code by the specific request end according to the first random number, the second random number and the second preset key in the request end is that the request end splices the first preset key and the second preset field to obtain an eighth spliced character string; and the request terminal correspondingly uses the eighth splicing character string, the fifth splicing character string and the sixth splicing character string as an algorithm key, a first input parameter and a second input parameter, inputs the algorithm key, the first input parameter and the second input parameter into a preset HMAC arithmetic unit for operation, and outputs a second request authentication code. The generation method of the fifth concatenation character string and the sixth concatenation character string may be set with reference to the second concatenation character string and the third concatenation character string used when the first request authentication code is generated. The process of the request end outputting the second request authentication code is also consistent with the process of the verifying end outputting the first request authentication code, and redundant description is omitted. Through the generation of the second request authentication code, basis is provided for the BLE connection verification of the verification end.
Further, based on the second embodiment or the third embodiment, a fourth embodiment of the BLE connection verification method between terminals according to the present invention is provided, referring to fig. 6, in this embodiment, the step of inputting the algorithm key, the first input parameter, and the second input parameter into a preset HMAC arithmetic unit for arithmetic operation includes:
step S70, taking the algorithm key as a primary operation key, and carrying out primary HMAC operation on the first input parameter;
and step S80, taking the operation result of the primary HMAC operation as a secondary operation key, and performing secondary HMAC operation on the second input parameter, wherein the output result of the secondary HMAC operation is the operation result of the HMAC operator.
The above operation process is expressed by formula:
MK=HMAC(M,K1)
Code=HMAC(MK,K2)
wherein MK is an output result obtained by primary HMAC operation and is also a secondary operation key; m is a primary operation key or an algorithm key; k1 is the first input parameter, K2 is the second input parameter, and Code is the output result of the second HMAC operation. By executing two times of HMAC operation and taking the result of the primary HMAC operation as the input operation key of the secondary HMAC operation, compared with the single HMAC operation, the encryption is improved.
Referring to fig. 7, fig. 7 is a schematic flow chart illustrating that the BLE connection verification method between terminals of the present invention is applied to a TWS headset. When applied to a TWS headset, the method comprises the steps of:
step S101, after the connection with the request end Bluetooth low energy BLE, setting the verification state corresponding to the request end as unknown, and detecting whether an identity verification request sent by the request end is received;
step S102, when an identity verification request sent by a request end is detected, a first random number and a key use identifier are generated and returned to the request end, and when a second random number and a first authentication code generated by the request end are received, a second authentication code is generated according to the first random number, the second random number and a first preset key corresponding to the key use identifier; the first authentication code is generated by the request end according to the first random number, the second random number and a second preset key corresponding to the key use identifier in the request end;
step S103, when the comparison result of the first authentication code and the second authentication code is consistent, the BLE connection of the request end is successfully verified, and a BLE connection authentication request is initiated to the request end;
step S104, when receiving the connection verification success information and the accumulated verification time fed back by the request end according to the connection authentication request, acquiring the accumulated holding time of the unknown state of the local record;
in step S105, when the unknown state accumulated retention time matches the accumulated verification time, the BLE connection verification between the terminals is successful.
It should be noted that, in addition to implementing all the schemes of the first to fourth embodiments, the present embodiment further defines BLE connection verification of the TWS headset, and of course, the further definition scheme proposed in the present embodiment can also be implemented at the verification end.
The TWS earphone can be connected with one or more terminals simultaneously when being connected with other BLE terminals, when the connection with any BLE terminal is determined, the verification state of the terminal can be set to be unknown, data transmission with the terminal can be refused at the moment, after the connection verification of the terminal and the TWS earphone is successful, the connection verification state is modified to be the verification state indicating the verification success, and the data transmission permission is set to be allowed at the moment, so that the safety of the TWS earphone before the connection verification of the BLE is improved.
In addition, the time when the verification state of the requester is unknown may be used as a starting point, and the count of the unknown state accumulated retention time may be continued. In a specific application, when the comparison result of the first authentication code and the second authentication code is consistent, the TWS headset may initiate a connection authentication request to the terminal, so as to request the terminal to allow data transmission from the TWS headset to the terminal, for example, feedback collected user voice, and when the terminal successfully completes verification of the TWS headset according to the connection authentication request, the terminal may feed back connection verification success information to the TWS headset, and may also feed back accumulated verification time, where the calculation of the accumulated verification time is started from the terminal serving as a request end initiating an identity verification request or from a BLE connection with the TWS headset. In the scheme, the accumulated actual accumulated verification time is consistent with the accumulated unknown state keeping time or has a small difference, for example, the difference value between the accumulated actual verification time and the accumulated unknown state keeping time is smaller than a preset value, the accumulated actual verification time and the accumulated unknown state keeping time are matched under the condition, the BLE connection verification between the terminals can be considered to be successful, and the scheme adds a time synchronization decision on the basis of performing algorithm verification by using a secret key and a random number, so that the safety of the BLE connection verification is facilitated.
When connected with a plurality of terminals BLE, the BLE may be verified by using a plurality of groups of first preset keys set in the TWS headset, where each group of first preset keys is different, and each group of first preset keys is used for performing connection verification on only one terminal at the same time. For example, the TWS headset is connected with two terminals BLE, and initially, there are five groups of first preset keys; when the terminal 1 is connected, the key use identifier "1" may be sent to the terminal 1 serving as a request end, so that the terminal 1 and the TWS headset both start the preset key corresponding to the identifier "1"; when connecting with the terminal 2, any one of the keys marked as "2" to "5" can be selected to use the mark because the mark "1" is occupied; the selected key usage identifier may be sent to the terminal 2 after the selected key usage identifier is determined, at this time, the selected key usage identifier is also occupied, and only when the transmission object of the occupied key usage identifier and the TWS headset complete bidirectional authentication (which may be bidirectional authentication failure, bidirectional authentication success, or unidirectional authentication success), the key usage identifier and the corresponding first preset key are idle, and may be used for BLE connection of a new terminal.
It should be further noted that each key usage identifier corresponds to a unique first preset key and a unique second preset key, and may be set in the TWS headset and the terminal before shipping or when installing and upgrading the connection firmware. Moreover, even if the illegal device knows one group of preset keys, the arrangement of multiple groups of keys also reduces the success rate of BLE matching connection of the illegal device.
The present invention also provides a computer-readable storage medium having stored thereon a BLE connection verification program between terminals, where the BLE connection verification program between terminals implements, when executed by a processor, the steps of the BLE connection verification method between terminals according to any one of the above embodiments.
The specific embodiment of the computer-readable storage medium of the present invention is substantially the same as the embodiments of the BLE connection verification method between terminals described above, and details thereof are not repeated herein.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.
Claims (10)
1. A BLE connection verification method between terminals is applied to TWS earphones, and the method comprises the following steps:
after being connected with a request end Bluetooth low energy consumption BLE, setting the verification state corresponding to the request end as unknown, and detecting whether an identity verification request sent by the request end is received or not;
when an identity verification request sent by the request terminal is detected, generating and returning a first random number and a key use identifier to the request terminal, so as to generate a second authentication code according to a first preset key corresponding to the first random number, the second random number and the key use identifier when a second random number and a first authentication code generated by the request terminal are received; the first authentication code is generated by the request end according to the first random number, the second random number and a second preset key corresponding to the key use identifier in the request end;
when the comparison result of the first authentication code and the second authentication code is consistent, the BLE connection of the request end is successfully verified, and a BLE connection authentication request is initiated to the request end;
when receiving connection verification success information and accumulated verification time fed back by the request end according to the connection authentication request, acquiring locally recorded unknown state accumulated holding time;
and when the unknown state accumulated holding time is matched with the accumulated verification time, the BLE connection verification between the terminals is successful.
2. A BLE connection verification method between terminals is characterized by being applied to a verification terminal and comprising the following steps:
after being connected with a request end Bluetooth low energy consumption BLE, detecting whether an identity verification request sent by the request end is received or not;
when an identity verification request sent by the request terminal is detected, generating and returning a first random number to the request terminal, so as to generate a second authentication code according to a first random number, a second random number and a first preset key when receiving a second random number and a first authentication code generated by the request terminal; the first authentication code is generated by the request terminal according to the first random number, the second random number and a second preset key in the request terminal;
comparing the first authentication code and the second authentication code;
and when the comparison result is consistent, the BLE connection verification of the request end is successful.
3. The method for BLE connection verification between terminals according to claim 2, wherein the step of generating a second authentication code according to the first random number, the second random number, and a first preset key includes:
splicing the first preset secret key and a first preset field to obtain a first spliced character string, and splicing the first random number and the second random number to obtain a second spliced character string and a third spliced character string;
and correspondingly taking the first splicing character string, the second splicing character string and the third splicing character string as an algorithm key, a first input parameter and a second input parameter, and inputting the algorithm key, the first input parameter and the second input parameter into a preset Hash Message Authentication Code (HMAC) arithmetic unit for operation so as to output the second authentication code.
4. The method for BLE connection verification between terminals according to claim 2, wherein the process of the requesting end generating the first authentication code according to the first random number, the second random number and the second pre-defined key in the requesting end comprises:
the request terminal splices the second preset secret key and the first preset field to obtain a fourth spliced character string, and splices the first random number and the second random number to obtain a fifth spliced character string and a sixth spliced character string;
and the request terminal correspondingly uses the fourth splicing character string, the fifth splicing character string and the sixth splicing character string as an algorithm key, a first input parameter and a second input parameter, inputs the algorithm key, the first input parameter and the second input parameter into a preset HMAC arithmetic unit for operation, and outputs the first authentication code.
5. The method for BLE connection verification between terminals according to claim 2, wherein the method further comprises:
generating a first request authentication code according to the first random number, the second random number and a first preset secret key;
sending the first request authentication code to a request end, so that when the request end determines that the first request authentication code is consistent with the second request authentication code, the BLE connection of the verification end is verified successfully; the second request authentication code is generated by the request end according to the first random number, the second random number and a second preset key in the request end.
6. The method for BLE connection verification between terminals according to claim 5, wherein the step of generating a first request authentication code according to the first random number, the second random number and a first preset key comprises:
splicing the first preset secret key and a second preset field to obtain a seventh spliced character string, and splicing the character strings according to the first random number and the second random number to obtain a second spliced character string and a third spliced character string;
and correspondingly taking the seventh splicing character string, the second splicing character string and the third splicing character string as an algorithm key, a first input parameter and a second input parameter, and inputting the algorithm key, the first input parameter and the second input parameter into a preset HMAC arithmetic unit for operation so as to output a first request authentication code.
7. The method for verifying BLE connection between terminals according to claim 5, wherein the step of the requesting end generating the second request authentication code according to the first random number, the second random number and a second preset key in the requesting end comprises:
the request terminal splices the first preset secret key and the second preset field to obtain an eighth spliced character string, and splices the character strings according to the first random number and the second random number to obtain a fifth spliced character string and a sixth spliced character string;
and the request terminal correspondingly uses the eighth splicing character string, the fifth splicing character string and the sixth splicing character string as an algorithm key, a first input parameter and a second input parameter, and inputs the algorithm key, the first input parameter and the second input parameter into a preset HMAC arithmetic unit for operation so as to output a second request authentication code.
8. A BLE connection verification method between terminals according to any one of claims 3 to 7, wherein the step of inputting the algorithm key, the first input parameter and the second input parameter into a preset HMAC operator for operation comprises:
taking the algorithm key as a primary operation key, and performing primary HMAC operation on the first input parameter;
and taking the operation result of the primary HMAC operation as a secondary operation key, and performing secondary HMAC operation on the second input parameter, wherein the output result of the secondary HMAC operation is the operation result of the HMAC operator.
9. A BLE connection verification device between terminals, the BLE connection verification device between terminals comprising: memory, a processor and an inter-terminal BLE connection verification program stored on the memory and executable on the processor, the inter-terminal BLE connection verification program, when executed by the processor, implementing the steps of the inter-terminal BLE connection verification method according to any one of claims 1 to 8.
10. A computer-readable storage medium, having stored thereon a BLE connection verification program between terminals, which when executed by a processor, implements the steps of the BLE connection verification method between terminals according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110423755.2A CN113194465B (en) | 2021-04-20 | 2021-04-20 | BLE connection verification method and device between terminals and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110423755.2A CN113194465B (en) | 2021-04-20 | 2021-04-20 | BLE connection verification method and device between terminals and readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113194465A true CN113194465A (en) | 2021-07-30 |
| CN113194465B CN113194465B (en) | 2023-11-24 |
Family
ID=76977663
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110423755.2A Active CN113194465B (en) | 2021-04-20 | 2021-04-20 | BLE connection verification method and device between terminals and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113194465B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115941204A (en) * | 2022-12-06 | 2023-04-07 | 镁佳(北京)科技有限公司 | Data anti-replay method and system based on HSE |
| CN116017455A (en) * | 2023-01-03 | 2023-04-25 | 高新兴物联科技股份有限公司 | Unidirectional security access method, unidirectional security access equipment and computer-readable storage medium |
| CN116056077A (en) * | 2022-08-04 | 2023-05-02 | 荣耀终端有限公司 | Bluetooth communication method and related electronic equipment |
| WO2023103425A1 (en) * | 2021-12-10 | 2023-06-15 | 青岛海尔科技有限公司 | Communicative connection method, system, and apparatus, storage medium, and processor |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103763356A (en) * | 2014-01-08 | 2014-04-30 | 深圳大学 | Establishment method, device and system for connection of secure sockets layers |
| CN103957196A (en) * | 2014-04-10 | 2014-07-30 | 飞天诚信科技股份有限公司 | Synchronization method and system for information security equipment |
| US20170272944A1 (en) * | 2016-03-17 | 2017-09-21 | M2MD Technologies, Inc. | Method and system for managing security keys for user and M2M devices in a wireless communication network environment |
| CN107733645A (en) * | 2017-11-28 | 2018-02-23 | 苏州朗捷通智能科技有限公司 | Coded communication authentication method and system |
| WO2018076365A1 (en) * | 2016-10-31 | 2018-05-03 | 美的智慧家居科技有限公司 | Key negotiation method and device |
| US20180219851A1 (en) * | 2016-04-25 | 2018-08-02 | eStorm Co., LTD | Method and system for authentication |
| CN110406414A (en) * | 2019-07-30 | 2019-11-05 | 广州小鹏汽车科技有限公司 | Vehicular charging method, mobile terminal and server based on household charging pile |
| US20200028672A1 (en) * | 2017-03-29 | 2020-01-23 | Yunding Network Technology (Beijing) Co., Ltd. | Secure communication method and smart lock system based thereof |
| CN111405537A (en) * | 2020-03-23 | 2020-07-10 | 杭州涂鸦信息技术有限公司 | Bidirectional security authentication method based on ble connection, system and equipment thereof |
| CN112351414A (en) * | 2020-10-26 | 2021-02-09 | 北京达佳互联信息技术有限公司 | Equipment control method, device, system and storage medium |
| CN112544052A (en) * | 2020-07-30 | 2021-03-23 | 华为技术有限公司 | Key agreement method and device |
-
2021
- 2021-04-20 CN CN202110423755.2A patent/CN113194465B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103763356A (en) * | 2014-01-08 | 2014-04-30 | 深圳大学 | Establishment method, device and system for connection of secure sockets layers |
| CN103957196A (en) * | 2014-04-10 | 2014-07-30 | 飞天诚信科技股份有限公司 | Synchronization method and system for information security equipment |
| US20170272944A1 (en) * | 2016-03-17 | 2017-09-21 | M2MD Technologies, Inc. | Method and system for managing security keys for user and M2M devices in a wireless communication network environment |
| US20180219851A1 (en) * | 2016-04-25 | 2018-08-02 | eStorm Co., LTD | Method and system for authentication |
| WO2018076365A1 (en) * | 2016-10-31 | 2018-05-03 | 美的智慧家居科技有限公司 | Key negotiation method and device |
| US20200028672A1 (en) * | 2017-03-29 | 2020-01-23 | Yunding Network Technology (Beijing) Co., Ltd. | Secure communication method and smart lock system based thereof |
| CN107733645A (en) * | 2017-11-28 | 2018-02-23 | 苏州朗捷通智能科技有限公司 | Coded communication authentication method and system |
| CN110406414A (en) * | 2019-07-30 | 2019-11-05 | 广州小鹏汽车科技有限公司 | Vehicular charging method, mobile terminal and server based on household charging pile |
| CN111405537A (en) * | 2020-03-23 | 2020-07-10 | 杭州涂鸦信息技术有限公司 | Bidirectional security authentication method based on ble connection, system and equipment thereof |
| CN112544052A (en) * | 2020-07-30 | 2021-03-23 | 华为技术有限公司 | Key agreement method and device |
| CN112351414A (en) * | 2020-10-26 | 2021-02-09 | 北京达佳互联信息技术有限公司 | Equipment control method, device, system and storage medium |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2023103425A1 (en) * | 2021-12-10 | 2023-06-15 | 青岛海尔科技有限公司 | Communicative connection method, system, and apparatus, storage medium, and processor |
| CN116056077A (en) * | 2022-08-04 | 2023-05-02 | 荣耀终端有限公司 | Bluetooth communication method and related electronic equipment |
| CN116056077B (en) * | 2022-08-04 | 2023-11-14 | 荣耀终端有限公司 | Bluetooth communication method, electronic equipment and computer readable storage medium |
| CN115941204A (en) * | 2022-12-06 | 2023-04-07 | 镁佳(北京)科技有限公司 | Data anti-replay method and system based on HSE |
| CN115941204B (en) * | 2022-12-06 | 2024-04-12 | 镁佳(北京)科技有限公司 | Data anti-replay method and system based on HSE |
| CN116017455A (en) * | 2023-01-03 | 2023-04-25 | 高新兴物联科技股份有限公司 | Unidirectional security access method, unidirectional security access equipment and computer-readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113194465B (en) | 2023-11-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113194465A (en) | BLE connection verification method and device between terminals and readable storage medium | |
| US11258792B2 (en) | Method, device, system for authenticating an accessing terminal by server, server and computer readable storage medium | |
| WO2017177383A1 (en) | Remote management method and device | |
| CN108768970B (en) | Binding method of intelligent equipment, identity authentication platform and storage medium | |
| CN101527630B (en) | Method, server and system for manufacturing certificate remotely | |
| US8645693B2 (en) | Zero-knowledge based authentication method, system, and apparatus | |
| KR101744747B1 (en) | Mobile terminal, terminal and method for authentication using security cookie | |
| CN110059089B (en) | Data synchronization method and device, storage medium and electronic equipment | |
| JP2007074700A (en) | Wireless communications system, terminal, method for reporting status of terminal, and program | |
| CN112632573B (en) | Intelligent contract execution method, device, system, storage medium and electronic equipment | |
| WO2020057314A1 (en) | Method, device and system for issuing esim certificate online | |
| CN115129332A (en) | Firmware burning method, computer equipment and readable storage medium | |
| CN110139274A (en) | A kind of method for authenticating of bluetooth equipment, electronic equipment and can storage medium | |
| WO2022257927A1 (en) | Key burning method and apparatus, electronic device board card, and storage medium | |
| CN110620776B (en) | Data transfer information transmission method and device | |
| CN111414640A (en) | Key access control method and device | |
| CN110191467A (en) | A kind of method for authenticating of internet of things equipment, unit and storage medium | |
| CN114362920A (en) | Message authentication method, system and medium based on HMAC control | |
| US9055058B2 (en) | Method and apparatus for serial device registration | |
| KR20130018397A (en) | System and method for performing commands from a remote source | |
| CN115879111A (en) | Method, device and system for safe starting | |
| KR101676846B1 (en) | Mutual verification system and method performing thereof | |
| CN110232570B (en) | Information supervision method and device | |
| CN116821918A (en) | Online upgrading method, chip device, computer terminal and storage medium | |
| JP2017169147A (en) | Verification device, electronic apparatus, program, and verification system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |