CN113808303B - Composite encryption method, door lock system and storage medium - Google Patents
Composite encryption method, door lock system and storage medium Download PDFInfo
- Publication number
- CN113808303B CN113808303B CN202110975660.1A CN202110975660A CN113808303B CN 113808303 B CN113808303 B CN 113808303B CN 202110975660 A CN202110975660 A CN 202110975660A CN 113808303 B CN113808303 B CN 113808303B
- Authority
- CN
- China
- Prior art keywords
- ciphertext
- information
- encryption information
- encryption
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00309—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00571—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/067—Network architectures or network communication protocols for network security for supporting key management in a packet data network using one-time keys
Abstract
The invention discloses a composite encryption method, a door lock system and a storage medium, wherein the method enables a control end and a user end to carry out pairing processing by utilizing a first user password, first encryption information and second encryption information so as to enable the control end and the user end to obtain third encryption information, thereby enabling the communication process to be encrypted by utilizing the second encryption information and the third encryption information when a subsequent user end is communicated with the control end; and after the pairing processing is finished, the control terminal performs iterative processing on the third encryption information, so that the third encryption information is in a dynamic change state, and when the user terminal performs encryption communication with the control terminal by using the second encryption information and the third encryption information, fourth encryption information is generated and sent to the control terminal, so that the control terminal updates the third encryption information according to the fourth encryption information. The composite encryption method, the door lock system and the storage medium disclosed by the invention carry out encryption communication through the dynamically updated third encryption information, thereby being beneficial to improving the safety.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a composite encryption method, a door lock system and a storage medium.
Background
In a conventional door lock system, a relay is generally used to control the opening and closing of a lock, that is, a simple switching value is used as an unlocking signal to control the unlocking. Usually, lawless persons make the signal line of opening the door expose through demolising or destroying entrance guard's host computer, just can open the door signal line short circuit in order to realize unblanking, consequently, there is great potential safety hazard in traditional lock system. In addition, a scheme of transmitting an unlocking signal by adopting an encryption method exists, but the scheme also has the possibility of being cracked and completed by lawless persons in a short time, so that the current scheme still has greater potential safety hazard, and the safety is poorer.
Disclosure of Invention
The present invention is directed to solving at least one of the problems of the prior art. Therefore, the invention provides a composite encryption method which can improve the safety.
The invention also provides a door lock system comprising the composite encryption method.
The invention also provides a storage medium comprising the composite encryption method.
The composite encryption method according to the embodiment of the first aspect of the invention comprises the following steps: the control end responds to a pairing signal, acquires and verifies whether a first user password is correct, and when the first user password is correct, the control end generates and sends a pairing request comprising first encryption information to the user end so as to enable the control end and the user end to carry out pairing processing; when the pairing processing is completed, the user side responds to an execution request to generate fourth encryption information, generates a fourth ciphertext according to the fourth encryption information and third encryption information generated in the pairing processing, and sends the fourth ciphertext to the control side; the control end receives and verifies the fourth ciphertext, and when the fourth ciphertext is verified to be passed, the control end updates the third encryption information according to the fourth encryption information and sends an execution signal to an execution device so as to enable the execution device to act; when the pairing processing is completed, the control end performs iterative processing on the third encryption information to update the third encryption information and synchronize the third encryption information to the user end; the pairing process includes the steps of: the user side responds to the pairing request, acquires the first user password and the second user password and generates second encryption information; the user side generates a first ciphertext according to the first encryption information, the second encryption information and the second user password, generates a second ciphertext according to the first encryption information and the first user password, and sends the first ciphertext and the second ciphertext to the control side; the control terminal receives the first ciphertext and the second ciphertext and verifies the second ciphertext; when the second ciphertext passes the verification, the control end decodes the first ciphertext according to the first encryption information to obtain second encryption information and a second user password; and the control end generates third encrypted information according to the second user password, generates a third ciphertext according to the second encrypted information and the third encrypted information, and sends the third ciphertext to the user end, so that the control end and the user end complete pairing.
The composite encryption method provided by the embodiment of the invention at least has the following beneficial effects: the method has the advantages that the control end and the user end are paired, the first encryption information and the second encryption information are exchanged in the process of re-pairing the control end and the user end, so that the security of the pairing process is higher, and the third encryption information is also exchanged in the process of pairing, so that data generated in the process of action can be encrypted by using the third encryption information in the process of follow-up action, the data leakage is avoided, and the security is improved. In addition, after the pairing processing is completed, the control end updates the third encryption information according to a fourth ciphertext sent by the user end in each action process, or the control end updates the third encryption information through iteration processing, so that the third encryption information is in dynamic change, the cracking difficulty is favorably improved, and the security is favorably improved.
According to some embodiments of the invention, the first encrypted information comprises a randomly generated first asymmetric key and a randomly generated first string, the generating a first ciphertext from the first encrypted information, the second encrypted information, and the second user password, and generating a second ciphertext from the first encrypted information and the first user password, comprising: the user side splices the second encrypted information and the second user password to obtain a first structure, and encrypts the first structure by using the first asymmetric key to obtain a first ciphertext; and the user side splices the first character string and the first user password to obtain the second structure, and encrypts the second structure by using the first asymmetric key to obtain the second ciphertext.
According to some embodiments of the invention, the generating third encrypted information according to the second user password comprises: the control terminal acquires and stores password information according to the second user password and a preset first template file; and the control terminal randomly generates and stores a third asymmetric key, a second random number and a second character string, and splices the third asymmetric key, the second random number, the second character string and the password information to obtain third encrypted information.
According to some embodiments of the invention, the password information comprises at least one password symbol in the second user password, a CRC8 check value of the second user password and a unique identifier of the control terminal.
According to some embodiments of the present invention, the second encryption information includes a second asymmetric key and a first symmetric key randomly generated by the user side, and the generating a third ciphertext according to the second encryption information and the third encryption information includes: and the control terminal encrypts the third encrypted information by using the second asymmetric key and the first asymmetric key to obtain a third ciphertext.
According to some embodiments of the present invention, the second encrypted information further includes a first random number randomly generated by the user side, and the control side encrypts the third encrypted information by using the second asymmetric key and the first symmetric key to obtain a third ciphertext, including the following steps: the control end encrypts the third encryption information by using the second asymmetric key and the first symmetric key to obtain a ciphertext M1; the control end obtains first length information of the ciphertext M1, encrypts the first length information by using the second asymmetric key and the first symmetric key to obtain a ciphertext M2, and splices the ciphertext M2 with the ciphertext M1 to obtain a ciphertext M3; when the second ciphertext passes the verification, the control end randomly generates a first insertion character string, and encrypts the first insertion character string by using the first symmetric key to obtain a ciphertext M4; and the control end inserts the ciphertext M3 into the ciphertext M4 according to the first random number to obtain the third ciphertext.
According to some embodiments of the invention, the fourth cryptographic information comprises a third random number and a second insertion string, the second cryptographic information comprises a first symmetric key, and the generating of the fourth ciphertext from the fourth cryptographic information and third cryptographic information generated in the pairing process comprises: the user side splices the third random number and the password information to obtain a third structure, and encrypts the third structure by using the third asymmetric key and the first symmetric key to obtain a ciphertext M5; the user side acquires second length information of the ciphertext M5, and splices the second length information and the second character string to obtain a fourth structure; the user side encrypts the fourth structure according to the first symmetric key to obtain a ciphertext M6, and the ciphertext M6 and the ciphertext M5 are spliced to obtain a ciphertext M7; the user side encrypts the second insertion character string according to the first symmetric key to obtain a ciphertext M8; and the user side inserts the ciphertext M7 into the ciphertext M8 according to the second random number to obtain the fourth ciphertext.
According to some embodiments of the present invention, the updating, by the control end, the third encryption information according to the fourth encryption information includes: and the control terminal updates the second random number according to the third random number.
According to some embodiments of the invention, the second encryption information comprises a first symmetric key, the iterative process comprising the steps of: the control end randomly generates a fourth asymmetric key and a third insertion character string according to a preset time interval or when the control end sends the execution signal, and encrypts the fourth asymmetric key by using the first symmetric key to obtain a ciphertext M9; the control end updates the third asymmetric key according to the fourth asymmetric key; the control end acquires third length information of the ciphertext M9, and splices the third length information with the second character string to obtain a fifth construct; the control end encrypts the fifth construct according to the first symmetric key to obtain a ciphertext M10, and splices the ciphertext M10 and the ciphertext M9 to obtain a ciphertext M11; the control end encrypts the third insertion character string according to the first symmetric key to obtain a ciphertext M12; and the control end inserts the ciphertext M11 into the ciphertext M12 according to the second random number to obtain and send a ciphertext M13 to the user end, so that the user end synchronizes the third asymmetric key according to the ciphertext M13.
According to some embodiments of the invention, further comprising the steps of: when the pairing process is completed and the user side does not update the third encryption information, the user side splices the second encryption information and the third encryption information to obtain a sixth structure, and encrypts the sixth structure by using preset fifth encryption information to obtain and store a ciphertext M16; when the pairing process is completed, and the user side loses the third encrypted information, and when the user side responds to the execution signal, the user side reads and decodes the ciphertext M16 to obtain the second encrypted information and the third encrypted information, generates sixth encrypted information, and generates and sends a fifth ciphertext to the control side according to the second encrypted information, the third encrypted information and the sixth encrypted information; and the control end receives and verifies the fifth ciphertext, and when the fifth ciphertext passes the verification, the control end updates the third encryption information according to the sixth encryption information and sends the execution signal to the execution device so as to enable the execution device to act.
According to some embodiments of the present invention, the fifth encryption information includes a fifth asymmetric key, a second symmetric key and partition information randomly generated by the user side, and the encrypting the sixth structure with the preset fifth encryption information to obtain and store a ciphertext M16 includes the following steps: the user side encrypts the sixth structure according to a fifth asymmetric key and the second symmetric key to obtain a ciphertext M14; the user side divides the ciphertext M14 according to the division information to obtain a plurality of ciphertext fragments; the user side randomly generates a fourth insertion character string, and encrypts the fourth insertion character string by using the second symmetric key to obtain a ciphertext M15; and the user side inserts all the ciphertext fragments into the ciphertext M15 according to the segmentation information to obtain and store the ciphertext M16.
According to some embodiments of the present invention, the second encryption information includes a first symmetric key randomly generated by the user side, the sixth encryption information includes a fourth random number and a fifth insertion string randomly generated by the user side, and the generating and sending a fifth ciphertext to the control side according to the second encryption information, the third encryption information, and the sixth encryption information includes: the user side splices the password information and the fourth random number to obtain a seventh structure, and encrypts the seventh structure by using the third asymmetric key and the first symmetric key to obtain a ciphertext M17; the user side acquires fourth length information of the ciphertext M17, and splices the fourth length information and the second character string to obtain an eighth construct; the user side encrypts the eighth construct according to the first symmetric key to obtain a ciphertext M18, and the ciphertext M18 and the ciphertext M17 are spliced to obtain a ciphertext M19; the user side encrypts the fifth insertion character string according to the first symmetric key to obtain a ciphertext M20; and the user side inserts the ciphertext M19 into the ciphertext M20 according to the second random number to obtain a fifth ciphertext, and sends the fifth ciphertext to the control side.
According to some embodiments of the present invention, the updating, by the control terminal, the third encryption information according to the sixth encryption information includes: and the control terminal updates the second random number according to the fourth random number.
A door lock system according to an embodiment of a second aspect of the present invention includes: a control end comprising a first processor, a first memory, and a first computer program stored on the first memory and running on the first processor, the first processor implementing the composite encryption method according to the first aspect when executing the first computer program; a user side, comprising a second processor, a second memory, and a second computer program stored on the second memory and running on the second processor, wherein the second processor implements the composite encryption method according to the first aspect when executing the second computer program; and the door lock device is used for unlocking under the control of an unlocking signal of the control end.
The door lock system provided by the embodiment of the invention at least has the following beneficial effects: the composite encryption method of the first aspect is realized through the control end and the user end, so that encrypted communication needs to be carried out between the control end and the user end by using the second encryption information and the third encryption information in dynamic change, the improvement of safety is facilitated, the control end sends an unlocking signal after encrypted communication, the door lock device is unlocked, and the improvement of safety is facilitated.
A storage medium according to an embodiment of the third aspect of the present invention stores computer-executable instructions for causing a computer to perform the composite encryption method according to the first aspect.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
FIG. 1 is a flow chart of a composite encryption method according to an embodiment of the present invention;
FIG. 2 is a detailed flowchart of the composite encryption method shown in FIG. 1;
FIG. 3 is a second flowchart of the composite encryption method shown in FIG. 2;
FIG. 4 is a third flowchart of the composite encryption method shown in FIG. 2;
FIG. 5 is a fourth flowchart illustrating the composite encryption method shown in FIG. 4;
FIG. 6 is a fifth flowchart illustrating the composite encryption method shown in FIG. 1;
FIG. 7 is a sixth flowchart of the composite encryption method shown in FIG. 1;
FIG. 8 is a flow chart of additional steps of the compound encryption method shown in FIG. 1;
FIG. 9 is a seventh flowchart of the composite encryption method shown in FIG. 8;
FIG. 10 is an eighth flowchart of the composite encryption method shown in FIG. 8;
fig. 11 is a schematic view of a door lock system according to an embodiment of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the accompanying drawings are illustrative only for the purpose of explaining the present invention and are not to be construed as limiting the present invention.
In the description of the present invention, the meaning of a plurality of means is one or more, the meaning of a plurality of means is two or more, and more than, less than, more than, etc. are understood as excluding the present number, and more than, less than, etc. are understood as including the present number. If there is a description of the first, second, third, fourth, fifth, sixth, seventh, eighth features for the purpose of distinguishing between features, it is not intended to indicate or imply relative importance or to implicitly indicate the number of features indicated or to implicitly indicate the precedence of the features indicated.
In the description of the present invention, unless otherwise explicitly limited, terms such as arrangement, installation, connection and the like should be understood in a broad sense, and those skilled in the art can reasonably determine the specific meanings of the above terms in the present invention in combination with the specific contents of the technical solutions.
In the prior art, a communication encryption mode adopting a fixed key is adopted to realize the transmission of an unlocking signal, but the encryption mode is easy to be cracked by an intruder, and the cracking difficulty is low; certainly, a communication encryption mode using a fixed key with higher cracking difficulty exists, but because the key is fixed and the encryption mode is also fixed, when the communication encryption mode is applied to a door lock system, an intruder only needs to crack one set of door lock system to crack other same door lock systems in a joint way, so that the safety is poor.
First aspect
Referring to fig. 1, a composite encryption method includes steps S1000, S2000, S3000, and S4000.
Step S1000, the control end responds to the pairing signal, obtains and verifies whether the first user password is correct, and when the first user password is correct, the control end generates and sends a pairing request comprising first encryption information to the user end so that the control end and the user end can carry out pairing processing.
Specifically, the pairing signal is input externally, for example, by an operator; the first user password is input by an operator, that is, before the control end performs pairing processing with the user end, a pairing signal needs to be input from the outside, and whether the first user password input to the control end is correct or not is verified. The first encryption information is used for enabling the user terminal to utilize the first encryption information to carry out communication encryption when responding to the pairing request and returning data, so that the safety of the communication process is improved. In addition, the pairing process is used for pairing the control end and the user end and appointing an encryption mode which is needed to be used in subsequent communication.
It should be noted that the first encryption information may be generated by the control end according to a preset second template file.
Step S2000, when the pairing process is completed, the user side generates fourth encrypted information in response to the execution request, generates a fourth ciphertext according to the fourth encrypted information and the third encrypted information generated in the pairing process, and sends the fourth ciphertext to the control side.
Specifically, after the pairing process is completed, the user side and the control side can perform encrypted communication, which is beneficial to improving the security. The third encryption information is generated in the pairing processing process and is used for encryption communication between the control end and the user end; the fourth encryption information is used for auxiliary encryption and used for updating the third encryption information by the subsequent control end according to the fourth encryption information. Further, the execution request is input from the outside, for example, by the operator.
It should be noted that the fourth encryption information may be generated by the user side according to a preset third template file.
And step S3000, the control end receives and verifies the fourth ciphertext, and when the fourth ciphertext is verified to be passed, the control end updates the third encryption information according to the fourth encryption information and sends an execution signal to the execution device so as to enable the execution device to act.
Specifically, the third encrypted information is generated by the pairing process, that is, the control end and the user end agree with the third encrypted information in advance, the control end checks the fourth ciphertext by using the third encrypted information after receiving the fourth ciphertext, and when the check result meets the requirement of the third encrypted information agreed in advance, the check is passed, so that the control end enables the execution device to act.
It should be noted that the actuating device may be an electronic lock, and the actuating device is used for unlocking, that is, the method may be used for a door lock system.
And step S4000, when the pairing process is completed, the control terminal performs an iterative process on the third encryption information to update the third encryption information and synchronize the third encryption information to the user terminal.
Specifically, after the pairing process is completed, the control end updates the third encryption information through iterative processing, so that the third encryption information is in a dynamically changing state, and the security of encryption communication is improved.
The method ensures that the control end and the user end agree the encryption mode in advance through pairing processing, so that the communication process can be encrypted by utilizing the agreed encryption mode in advance when the subsequent user end and the control end communicate, and in the encryption mode, dynamically-changed third encryption information is utilized, thereby being beneficial to improving the security of encrypted communication.
Referring to fig. 2, the pairing process described above includes step S1100, step S1200, step S1300, step S1400, and step S1500.
Step S1100, the user side, in response to the pairing request, acquires the first user password and the second user password, and generates second encrypted information.
The first user password and the second user password are input from the outside, for example, by an operator, that is, the operator needs to input the same first user password input by the control end at the user end, so as to facilitate the subsequent verification by the control end, that is, the first user password can be used as a basis for pairing the control end and the user end; and the second user password is used for replacing the first user password by the subsequent control end so as to modify the password. In addition, the second encryption information is used for appointing an encryption mode of communication between the subsequent control end and the user end, and the second encryption information can be generated by the user end according to a preset fourth template file.
Step S1200, the user side generates a first ciphertext according to the first encryption information, the second encryption information, and the second user password, generates a second ciphertext according to the first encryption information and the first user password, and sends the first ciphertext and the second ciphertext to the control side.
Specifically, the first ciphertext and the second ciphertext are obtained by encrypting the first encryption information by the user side, wherein the first ciphertext is used for providing an encryption mode of next communication, an encryption mode after pairing processing is completed and a second user password for the control side; the second ciphertext is used for verifying the control end so as to prove that the user end communicates with the control end.
In step S1300, the control end receives the first ciphertext and the second ciphertext, and verifies the second ciphertext.
The first ciphertext and the second ciphertext are obtained by encrypting the user side by using the first encryption information, so that the control side can verify the second ciphertext by using the first encryption information to verify whether the first user password is correct.
And S1400, when the second ciphertext passes the verification, the control end decodes the first ciphertext according to the first encryption information to obtain second encryption information and a second user password.
And S1500, the control end generates third encrypted information according to the second user password, generates a third ciphertext according to the second encrypted information and the third encrypted information, and sends the third ciphertext to the user end, so that the control end and the user end complete pairing.
Specifically, the control end obtains the second encrypted information and the second user password through the first ciphertext, so that the control end generates third encrypted information according to a preset fifth template file and the second user password, and the third encrypted information is used for appointing an encryption mode for communication between the control end and the user end after the pairing process is completed. And the third ciphertext generated by the control end is encrypted by using the second encryption information, so that the third encryption information is conveniently and safely sent to the user end, and the pairing is conveniently completed.
In the pairing process, the communication between the control end and the user end needs to be performed by using a pre-agreed encryption mode, that is, the control end and the user end respectively use the first encryption information and the second encryption information to perform encryption communication, so that the security of the pairing process is improved.
Referring to fig. 3, the first encryption information includes a randomly generated first asymmetric key and a randomly generated first character string, and in step S1200, the user terminal obtains a first ciphertext through step S1210 and obtains a second ciphertext through step S1220.
Step S1210, the user splices the second encrypted information and the second user password to obtain a first structure, and encrypts the first structure by using the first asymmetric key to obtain a first ciphertext.
In step S1220, the user splices the first character string and the first user password to obtain a second structure, and encrypts the second structure using the first asymmetric key to obtain a second ciphertext.
Specifically, the first encryption information generated by the control end according to the preset second template includes a first asymmetric key and a first character string randomly generated by the control end; and the user side encrypts the first construct through the first asymmetric key to obtain a first ciphertext, and encrypts the second construct through the first asymmetric key to obtain a second ciphertext.
The first asymmetric key comprises a public key and a private key, the control end reserves the public key and the private key of the first asymmetric key, the public key of the first asymmetric key is used for being provided for the user end, so that the user end can encrypt data by using the public key of the first asymmetric key, and the control end can decode the data by using the private key of the first asymmetric key. The first character string is used for auxiliary encryption so as to hide the first user password, and the first character string is generated by the control terminal, so that the control terminal can find the first user password hidden in the first character string in the process of checking the second ciphertext. The first encryption information is beneficial to improving the communication safety.
Referring to fig. 4, in step S1500, the control end obtains third encryption information through steps S1510 and S1520, and obtains a third ciphertext through step S1530.
In step S1510, the control terminal obtains and stores the password information according to the second user password and the preset first template file.
Specifically, the password information comprises at least one password symbol in the second user password, a CRC8 check value of the second user password and a unique identifier of the control end. The password information is used for assisting in encrypting a subsequent communication process, that is, after the control end and the user end are paired, encryption communication needs to be performed according to the password information. For example, when the second user password is "a123", the "a" is a password symbol, and "1", "2", and "3" are also password symbols, in addition, "A1" may be selected as a component of the password information, or "123" may be selected as a component of the password information, or "12" may be selected as a component of the password information, that is, the password symbol in the password information may be set according to actual requirements. In addition, the length of the second user password can be customized according to actual requirements.
Step S1520, the control end randomly generates and stores the third asymmetric key, the second random number, and the second character string, and splices the third asymmetric key, the second random number, the second character string, and the password information to obtain third encrypted information.
Specifically, the third asymmetric key, the second random number, and the second string are all used for encryption during subsequent communication between the control end and the user end. And the third asymmetric key, the second random number and the second character string are utilized to carry out multiple encryption on the communication process, thereby being beneficial to improving the safety.
In step S1530, the control end encrypts the third encrypted information by using the second asymmetric key and the first symmetric key to obtain a third ciphertext.
The control end can encrypt the third encrypted information by using the public key of the second asymmetric key, and then encrypt the third encrypted information by using the first asymmetric key to obtain a third ciphertext, that is, the control end encrypts the third encrypted information twice to obtain the third ciphertext, which is beneficial to improving the security.
Referring to fig. 5, the second encryption information further includes a first random number randomly generated by the user terminal, and step S1530 includes step S1531, step S1532, step S1533, and step S1534.
In step S1531, the control end encrypts the third encrypted information by using the second asymmetric key and the first symmetric key to obtain a ciphertext M1.
Step S1532, the control end obtains the first length information of the ciphertext M1, encrypts the first length information by using the second asymmetric key and the first symmetric key to obtain a ciphertext M2, and concatenates the ciphertext M2 and the ciphertext M1 to obtain a ciphertext M3.
Step S1533, when the second ciphertext passes the verification, the control end randomly generates a first insertion string, and encrypts the first insertion string by using the first symmetric key to obtain a ciphertext M4.
In step S1534, the control end inserts the ciphertext M3 into the ciphertext M4 according to the first random number, so as to obtain a third ciphertext.
Specifically, the user side randomly generates a first random number and transmits the first random number to the control side through the second encryption information, so that the control side can insert the ciphertext M1 into the ciphertext M4 obtained by encrypting the first insertion string according to the first random number agreed with the user side in advance, thereby realizing triple encryption of the third encryption information. For example, the first random number has a length of 16 bits, and the insertion position is determined by 8 higher bits, so that the control end inserts the ciphertext M3 into the ciphertext M4 according to the insertion position to obtain a third ciphertext. The ciphertext M3 is obtained by splicing the ciphertext M1 and the ciphertext M2, and the ciphertext M2 is used for describing the length of the ciphertext M1, so that the user side can find the ciphertext M1 according to the ciphertext M2. By inserting the ciphertext M1 recording the key data into the ciphertext M4, an invader not only needs to know the second asymmetric key and the first symmetric key in the cracking process, but also needs to crack to obtain the first random number, so that the cracking difficulty is favorably improved, and the safety is improved.
It should be noted that both the first random number and the first insertion string may be randomly generated according to actual requirements.
Referring to fig. 6, the fourth encryption information includes a third random number and a second insertion string, and the second encryption information includes the first symmetric key. In step S2000, the user side generates a fourth ciphertext according to step S2100, step S2200, step S2300, step S2400, and step S2500.
Step S2100, the user side splices the third random number and the password information to obtain a third structure, and encrypts the third structure by using a third asymmetric key and the first symmetric key to obtain a ciphertext M5;
step S2200, the user side obtains the second length information of the ciphertext M5, and splices the second length information and the second character string to obtain a fourth construct;
step S2300, encrypting the fourth construct by the user side according to the first symmetric key to obtain a ciphertext M6, and splicing the ciphertext M6 and the ciphertext M5 to obtain a ciphertext M7;
step S2400, the user side encrypts the second insertion character string according to the first symmetric key to obtain a ciphertext M8;
in step S2500, the user side inserts the ciphertext M7 into the ciphertext M8 according to the second random number, so as to obtain a fourth ciphertext.
Specifically, the user terminal generates fourth encryption information in response to the execution signal, and the fourth encryption information includes a third random number randomly generated by the user terminal and a second insertion string randomly generated by the user terminal. The third random number is used for updating third encryption information by a subsequent control end, and the second insertion character string is used for auxiliary encryption.
The user side performs double encryption on the third structure body by using the third asymmetric key obtained from the third encryption information and the first symmetric key in the second encryption information to obtain a ciphertext M5, and generates a ciphertext M6 for describing the length of the ciphertext M5, so that a ciphertext M7 obtained by splicing the ciphertext M5 and the ciphertext M6 is inserted into the ciphertext M8, triple encryption on the third structure body is realized, the third structure body is prevented from being leaked, and the safety is improved. In addition, by inserting the ciphertext M7 recording the key data into the ciphertext M8, an intruder not only needs to know the first asymmetric key and the third asymmetric key in the cracking process, but also needs to crack to obtain a second random number, so that the cracking difficulty is favorably improved, and the safety is improved.
Wherein the third structure is obtained by splicing a third random number and password information. And the ciphertext M8 is obtained by encrypting the second insertion character string by the user end. The user end inserts the ciphertext M7 into the ciphertext M8 according to the second random number obtained from the third encryption information, for example, the length of the second random number is 16 bits, so the user end may determine the insertion position of the ciphertext M7 into the ciphertext M8 according to the lower eight bits of the second random number. In addition, the ciphertext M5 is obtained by sequentially encrypting the third asymmetric key and the first symmetric key by the third structure, and then the ciphertext M5, the ciphertext M6 and the ciphertext M8 are all obtained by encrypting the first symmetric key, so that after the ciphertext M7 obtained by splicing the ciphertext M5 and the ciphertext M6 is inserted into the ciphertext M8, if an intruder does not crack to obtain the second random number, the intruder cannot directly find the ciphertext M7 from the fourth ciphertext, which is beneficial to improving the security.
In addition, the fourth encrypted information generated by the user side includes a third random number, and the control end can update the second random number according to the third random number after checking the fourth ciphertext transmitted by the user side, so that the control end can change the second random number for auxiliary encryption after transmitting the execution signal every time, and the second random number is in dynamic change, so that the cracking difficulty is further improved, and the security is improved. For example, the control end uses the third random number acquired from the user end as the new second random number.
Referring to fig. 7, the second encryption information includes a first symmetric key. The iterative process in step S4000 includes step S4100, step S4200, step S4300, step S4400, step S4500, and step S4600.
Step S4100, the control end randomly generates a fourth asymmetric key and a third insertion string according to a preset time interval or when the control end sends an execution signal, and encrypts the fourth asymmetric key with the first asymmetric key to obtain a ciphertext M9.
In step S4200, the control end updates the third asymmetric key according to the fourth asymmetric key.
Step S4300, the control end obtains the third length information of the ciphertext M9, and concatenates the third length information with the second character string to obtain a fifth structure.
In step S4400, the control end encrypts the fifth structure according to the first symmetric key to obtain a ciphertext M10, and concatenates the ciphertext M10 and the ciphertext M9 to obtain a ciphertext M11.
In step S4500, the control end encrypts the third insertion string according to the first symmetric key to obtain the ciphertext M12.
In step S4600, the control end inserts the ciphertext M11 into the ciphertext M12 according to the second random number, obtains and sends the ciphertext M13 to the user end, so that the user end synchronizes the third asymmetric key according to the ciphertext M13.
Specifically, in the iterative process, the control terminal updates the third asymmetric key according to a preset time interval, or updates the third asymmetric key every time the control terminal sends an execution signal; and after the control end updates the third asymmetric key, the control end sends the updated third asymmetric key to the user end so that the user end synchronizes the third asymmetric key, and therefore the third asymmetric key is in dynamic change, the cracking difficulty is improved, and the safety is improved.
The fourth asymmetric key is a new third asymmetric key, that is, the control end uses the fourth asymmetric key as a new third asymmetric key to update the third asymmetric key. In the process of updating and synchronizing the third asymmetric key, the control end encrypts the fourth asymmetric key by using the first symmetric key in the second encryption information, and splices a ciphertext M9 encrypted by the fourth asymmetric key and a ciphertext M10 used for describing the length of the ciphertext M9 to obtain a ciphertext M11, so that the ciphertext M11 is inserted into the ciphertext M12 according to a second random number, thereby realizing double encryption of the fourth asymmetric key, improving the security in the process of updating and synchronizing the third asymmetric key, being beneficial to ensuring that the dynamic change of the third asymmetric key is difficult to be cracked by an intruder, and improving the security.
In the composite encryption method, in the pairing process, the first user password, the first encryption information and the second encryption information are used for realizing encryption communication, in the processes of responding to the execution signal and updating and synchronizing the third encryption information, the second encryption information and the dynamically-changed third encryption information are used for realizing encryption communication, the security of the control end and the user end in the communication process is favorably improved, and when the composite encryption method is applied to a door lock system, an intruder is difficult to crack a set of door lock system to crack other same door lock systems, so that the security is favorably improved.
Referring to fig. 8, the composite encryption method further includes step S5000, step S6000, and step S7000.
And step S5000, when the pairing process is completed and the user side does not update the third encryption information, the user side splices the second encryption information and the third encryption information to obtain a sixth structure, encrypts the sixth structure by using preset fifth encryption information to obtain and store a ciphertext M16.
Specifically, after the control end and the user end are paired, the user end stores the second encryption information and the third encryption information obtained in the pairing process in the memory, so as to avoid the situation that communication cannot be performed due to data loss.
Step S6000, when the pairing process is completed, and when the user side responds to the execution signal, and when the user side loses the third encrypted information, the user side reads and decodes the ciphertext M16 to obtain the second encrypted information and the third encrypted information, and generates sixth encrypted information, and generates and sends a fifth ciphertext to the control side according to the second encrypted information, the third encrypted information, and the sixth encrypted information.
And S7000, the control end receives and verifies the fifth ciphertext, and when the fifth ciphertext passes the verification, the control end updates the third encryption information according to the sixth encryption information and sends an execution signal to the execution device so as to enable the execution device to act.
Specifically, after the pairing is completed, the third encryption information is in a dynamically changing state, and in order to improve security, the user side does not store the dynamically changing third encryption information in the ROM memory, but places the third encryption information in the RAM, and if the user side accidentally loses the third encryption information, for example, the power failure is restarted, the user side can read the ciphertext M16 from the ROM memory when responding to the execution signal, so as to obtain the second encryption information and the third encryption information generated in the pairing process, thereby performing encryption communication, and being beneficial to improving reliability.
It should be noted that the fifth confidential information is obtained by the control end and the user end in advance, for example, the same fifth confidential information is preset in the control end and the user end in advance.
Referring to fig. 9, the fifth encryption information includes a fifth asymmetric key, a second symmetric key, and division information randomly generated by the user terminal, and the user terminal stores the sixth structure in step S5000 through step S5100, step S5200, step S5300, and step S5400.
In step S5100, the user side encrypts the sixth construct according to the fifth asymmetric key and the second symmetric key to obtain a ciphertext M14.
In step S5200, the user divides the ciphertext M14 according to the division information to obtain a plurality of ciphertext fragments.
In step S5300, the user side randomly generates a fourth insertion string, and encrypts the fourth insertion string with the second symmetric key to obtain the ciphertext M15.
In step S5400, the user side inserts all the ciphertext fragments into the ciphertext M15 according to the segmentation information, and obtains and stores the ciphertext M16.
Specifically, the user side performs triple encryption on a sixth structure obtained by splicing the second encryption information and the third encryption information by using a fifth asymmetric key, a second symmetric key and the segmentation information in the fifth encryption information, and then stores the sixth structure, which is favorable for improving the security. The segmentation information is used to describe how to segment the ciphertext M14 to obtain ciphertext fragments, describe the length of each ciphertext fragment, and describe the insertion positions of all ciphertext fragments inserted into the ciphertext M15, so that the segmentation information may be set according to actual requirements.
Referring to fig. 10, the second encryption information includes a first symmetric key randomly generated by the user side, and the sixth encryption information includes a fourth random number and a fifth insertion string randomly generated by the user side. In step S6000, the user side transmits the fifth ciphertext to the control side through step S6100, step S6200, step S6300, step S6400, and step S6500.
Step S6100, the user splices the password information with the fourth random number to obtain a seventh structure, and encrypts the seventh structure with the third asymmetric key and the first symmetric key to obtain a ciphertext M17.
In step S6200, the user side obtains the fourth length information of the ciphertext M17, and concatenates the fourth length information and the second character string to obtain an eighth structure.
In step S6300, the user side encrypts the eighth construct according to the first symmetric key to obtain the ciphertext M18, and concatenates the ciphertext M18 and the ciphertext M17 to obtain the ciphertext M19.
Step S6400, the user side encrypts the fifth insertion string according to the first symmetric key to obtain a ciphertext M20.
And step S6500, the user end inserts the ciphertext M19 into the ciphertext M20 according to the second random number to obtain a fifth ciphertext, and sends the fifth ciphertext to the control end.
Specifically, the user side decodes the ciphertext M16 to obtain the second encryption information and the third encryption information obtained in the pairing process, that is, the user side obtains the third encryption information before the control side updates. The user side generates sixth encryption information, triple-encrypts the password information and the fourth random number by using the third asymmetric key, the first symmetric key and the fifth insertion character string to obtain a fifth ciphertext, and sends the fifth ciphertext to the control side, so that the user side can still perform encryption communication with the control side after losing the third encryption information and reacquiring the third encryption information, and the security and reliability can be improved.
In addition, after the control end receives the fifth ciphertext and passes the verification, the control end updates the second random number by using the fourth random number in the sixth encryption information.
It should be noted that, the control end generates a first asymmetric key, a third asymmetric key, and a fourth asymmetric key (i.e., a new third asymmetric key), and retains a private key of the first asymmetric key, a private key of the third asymmetric key, and a private key of the fourth asymmetric key, that is, the user end obtains a public key of the first asymmetric key and a public key of the third asymmetric key; the user side generates a second asymmetric key and a fifth asymmetric key, and retains a private key of the second asymmetric key and a private key of the fifth asymmetric key, that is, the control side obtains a public key of the second asymmetric key and a public key of the fifth asymmetric key.
It should be noted that the asymmetric key has better security than the symmetric key, and the symmetric key has faster encryption and decryption speed than the asymmetric key, and encrypts important data (such as cryptographic information, a first random number, a second random number, a third random number, a fourth random number, and the like) by the asymmetric key, and matches the symmetric key to perform double encryption, which is beneficial to ensuring that the control end and the user end have better security while maintaining a certain encryption and decryption speed. The asymmetric key can adopt an RSA key, and the RSA key has better safety performance and is beneficial to improving the safety; the symmetric key can adopt an RC4 key, the encryption and decryption speed of the RC4 key is high, and the security is improved, and meanwhile, the communication speed between the control end and the user end is improved.
Second aspect of the invention
Referring to fig. 11, a door lock system includes a control terminal, a user terminal, and a door lock device. The control end comprises a first processor, a first memory and a first computer program which is stored on the first memory and runs on the first processor, and the first processor realizes the composite encryption method in the first aspect when executing the first computer program; the user side comprises a second processor, a second memory and a second computer program which is stored on the second memory and runs on the second processor, and the composite encryption method of the first aspect is realized when the second processor executes the second computer program; the door lock device is used for unlocking under the control of the execution signal of the control end.
The door lock system applies the composite encryption method of the first aspect, and the door lock device in the door lock system corresponds to the execution device mentioned in the composite encryption method. In the door lock system, a door is taken as a boundary, the outer side of the door is taken as an outdoor side, the inner side of the door is taken as an indoor side, the control end and the door lock device are located indoors, and the user end is located outdoors. The user side carries out encryption communication with the control side through a composite encryption method so as to enable the door lock device to act and unlock the door, and therefore the door is opened. In the process, the user side and the control side carry out encryption communication by using a composite encryption method, so that an intruder is prevented from cracking the door lock system in a short time, and the security is improved.
Third aspect of the invention
A storage medium storing computer-executable instructions for causing a computer to perform the composite encryption method of the first aspect.
It should be recognized that the method steps in embodiments of the present invention may be embodied or carried out by computer hardware, a combination of hardware and software, or by computer instructions stored in a non-transitory computer readable memory. The method may use standard programming techniques. Each program may be implemented in a high level procedural or object oriented programming language to communicate with a computer system. However, the program(s) can be implemented in assembly or machine language, if desired. In any case, the language may be a compiled or interpreted language. Furthermore, the program can be run on a programmed application specific integrated circuit for this purpose.
Further, the operations of processes described herein can be performed in any suitable order unless otherwise indicated herein or otherwise clearly contradicted by context. The processes described herein (or variations and/or combinations thereof) may be performed under the control of one or more computer systems configured with executable instructions, and may be implemented as code (e.g., executable instructions, one or more computer programs, or one or more applications) collectively executed on one or more processors, by hardware, or combinations thereof. The computer program includes a plurality of instructions executable by one or more processors.
Further, the method may be implemented in any type of computing platform operatively connected to a suitable interface, including but not limited to a personal computer, mini computer, mainframe, workstation, networked or distributed computing environment, separate or integrated computer platform, or in communication with a charged particle tool or other imaging device, and the like. Aspects of the invention may be embodied in machine-readable code stored on a non-transitory storage medium or device, whether removable or integrated into a computing platform, such as a hard disk, optically read and/or write storage medium, RAM, ROM, or the like, such that it may be read by a programmable computer, which when read by the storage medium or device, is operative to configure and operate the computer to perform the procedures described herein. Further, the machine-readable code, or portions thereof, may be transmitted over a wired or wireless network. The invention described herein includes these and other different types of non-transitory computer-readable storage media when such media include instructions or programs that implement the steps described above in conjunction with a microprocessor or other data processor. The invention also includes the computer itself when programmed according to the methods and techniques described herein.
A computer program can be applied to input data to perform the functions described herein to transform the input data to generate output data that is stored to non-volatile memory. The output information may also be applied to one or more output devices, such as a display. In a preferred embodiment of the invention, the transformed data represents physical and tangible objects, including particular visual depictions of physical and tangible objects produced on a display.
The embodiments of the present invention have been described in detail with reference to the drawings, but the present invention is not limited to the embodiments, and various changes can be made within the knowledge of those skilled in the art without departing from the gist of the present invention.
Claims (13)
1. A composite encryption method, comprising the steps of:
the control end responds to a pairing signal, acquires and verifies whether a first user password is correct, and when the first user password is correct, the control end generates and sends a pairing request comprising first encryption information to the user end so as to enable the control end and the user end to carry out pairing processing;
when the pairing processing is completed, the user side responds to an execution request to generate fourth encryption information, generates a fourth ciphertext according to the fourth encryption information and third encryption information generated in the pairing processing, and sends the fourth ciphertext to the control side;
the control end receives and verifies the fourth ciphertext, and when the fourth ciphertext passes the verification, the control end updates the third encryption information according to the fourth encryption information and sends an execution signal to an execution device so as to enable the execution device to act;
when the pairing processing is completed, the control end performs iterative processing on the third encryption information to update the third encryption information and synchronize the third encryption information to the user end;
the pairing process includes the steps of:
the user side responds to the pairing request, acquires the first user password and the second user password and generates second encryption information;
the user side generates a first ciphertext according to the first encryption information, the second encryption information and the second user password, generates a second ciphertext according to the first encryption information and the first user password, and sends the first ciphertext and the second ciphertext to the control side;
the control terminal receives the first ciphertext and the second ciphertext and verifies the second ciphertext;
when the second ciphertext passes the verification, the control end decodes the first ciphertext according to the first encryption information to obtain second encryption information and a second user password;
the second encrypted information comprises a second asymmetric key, a first symmetric key and a first random number which are randomly generated by the user side, the control end generates third encrypted information according to a second user password, and the control end encrypts the third encrypted information by using the second asymmetric key and the first symmetric key to obtain a ciphertext M1; the control end obtains first length information of the ciphertext M1, encrypts the first length information by using the second asymmetric key and the first symmetric key to obtain a ciphertext M2, and splices the ciphertext M2 with the ciphertext M1 to obtain a ciphertext M3;
when the second ciphertext passes the verification, the control end randomly generates a first insertion character string, and encrypts the first insertion character string by using the first symmetric key to obtain a ciphertext M4;
the control end inserts the ciphertext M3 into the ciphertext M4 according to the first random number to obtain a third ciphertext;
and sending the third ciphertext to the user side so that the control side and the user side complete pairing.
2. The composite encryption method according to claim 1, wherein the first encryption information includes a first asymmetric key generated randomly and a first character string generated randomly, the first ciphertext is generated based on the first encryption information, the second encryption information, and the second user password, and the second ciphertext is generated based on the first encryption information and the first user password, comprising:
the user side splices the second encrypted information and the second user password to obtain a first structure, and encrypts the first structure by using the first asymmetric key to obtain a first ciphertext;
and the user side splices the first character string and the first user password to obtain a second structure, and encrypts the second structure by using the first asymmetric key to obtain the second ciphertext.
3. The composite encryption method according to claim 1, wherein the generating of the third encryption information according to the second user password comprises the steps of:
the control terminal acquires and stores password information according to the second user password and a preset first template file;
and the control terminal randomly generates and stores a third asymmetric key, a second random number and a second character string, and splices the third asymmetric key, the second random number, the second character string and the password information to obtain third encrypted information.
4. The composite encryption method of claim 3, wherein the password information comprises at least one password symbol in the second user password, a CRC8 check value of the second user password, and a unique identification of the control terminal.
5. The composite encryption method according to claim 3, wherein the fourth encryption information includes a third random number and a second insertion string, the second encryption information includes a first symmetric key, and the generating of the fourth ciphertext from the fourth encryption information and the third encryption information generated in the pairing process includes:
the user side splices the third random number and the password information to obtain a third structure, and encrypts the third structure by using the third asymmetric key and the first symmetric key to obtain a ciphertext M5;
the user side acquires second length information of the ciphertext M5, and splices the second length information and the second character string to obtain a fourth structure;
the user side encrypts the fourth construct according to the first symmetric key to obtain a ciphertext M6, and the ciphertext M6 and the ciphertext M5 are spliced to obtain a ciphertext M7;
the user side encrypts the second insertion character string according to the first symmetric key to obtain a ciphertext M8;
and the user side inserts the ciphertext M7 into the ciphertext M8 according to the second random number to obtain the fourth ciphertext.
6. The composite encryption method according to claim 5, wherein the control end updates the third encryption information according to the fourth encryption information, comprising the steps of:
and the control terminal updates the second random number according to the third random number.
7. The composite encryption method of claim 3, wherein the second encryption information comprises a first symmetric key, and wherein the iterative process comprises the steps of:
the control end randomly generates a fourth asymmetric key and a third insertion character string according to a preset time interval or when the control end sends the execution signal, and encrypts the fourth asymmetric key by using the first symmetric key to obtain a ciphertext M9;
the control end updates the third asymmetric key according to the fourth asymmetric key;
the control end acquires third length information of the ciphertext M9, and splices the third length information with the second character string to obtain a fifth construct;
the control end encrypts the fifth construct according to the first symmetric key to obtain a ciphertext M10, and splices the ciphertext M10 and the ciphertext M9 to obtain a ciphertext M11;
the control end encrypts the third insertion character string according to the first symmetric key to obtain a ciphertext M12;
and the control end inserts the ciphertext M11 into the ciphertext M12 according to the second random number to obtain and send a ciphertext M13 to the user end, so that the user end synchronizes the third asymmetric key according to the ciphertext M13.
8. The composite encryption method according to claim 3, further comprising the steps of:
when the pairing process is completed and the user side does not update the third encryption information, the user side splices the second encryption information and the third encryption information to obtain a sixth structure, and encrypts the sixth structure by using preset fifth encryption information to obtain and store a ciphertext M16;
when the pairing process is completed, and the user side loses the third encrypted information, and when the user side responds to the execution signal, the user side reads and decodes the ciphertext M16 to obtain the second encrypted information and the third encrypted information, generates sixth encrypted information, and generates and sends a fifth ciphertext to the control side according to the second encrypted information, the third encrypted information and the sixth encrypted information;
and the control end receives and verifies the fifth ciphertext, and when the fifth ciphertext passes the verification, the control end updates the third encryption information according to the sixth encryption information and sends the execution signal to the execution device so as to enable the execution device to act.
9. The composite encryption method according to claim 8, wherein the fifth encryption information comprises a fifth asymmetric key, a second symmetric key and split information randomly generated by the user side, and the encrypting the sixth structure by using the preset fifth encryption information to obtain and store a ciphertext M16 comprises the following steps:
the user side encrypts the sixth structure according to a fifth asymmetric key and the second symmetric key to obtain a ciphertext M14;
the user side divides the ciphertext M14 according to the division information to obtain a plurality of ciphertext fragments;
the user side randomly generates a fourth insertion character string, and encrypts the fourth insertion character string by using the second symmetric key to obtain a ciphertext M15;
and the user side inserts all the ciphertext fragments into the ciphertext M15 according to the segmentation information to obtain and store the ciphertext M16.
10. The composite encryption method according to claim 8, wherein the second encryption information includes a first symmetric key randomly generated by the user side, the sixth encryption information includes a fourth random number and a fifth insertion string randomly generated by the user side, and the generating and sending a fifth ciphertext to the control side according to the second encryption information, the third encryption information, and the sixth encryption information includes:
the user side splices the password information and the fourth random number to obtain a seventh structure, and encrypts the seventh structure by using the third asymmetric key and the first symmetric key to obtain a ciphertext M17;
the user side acquires fourth length information of the ciphertext M17, and splices the fourth length information and the second character string to obtain an eighth construct;
the user side encrypts the eighth construct according to the first symmetric key to obtain a ciphertext M18, and the ciphertext M18 and the ciphertext M17 are spliced to obtain a ciphertext M19;
the user side encrypts the fifth insertion character string according to the first symmetric key to obtain a ciphertext M20;
and the user side inserts the ciphertext M19 into the ciphertext M20 according to the second random number to obtain a fifth ciphertext, and sends the fifth ciphertext to the control side.
11. The composite encryption method according to claim 10, wherein the control end updates the third encryption information according to the sixth encryption information, comprising the steps of:
and the control terminal updates the second random number according to the fourth random number.
12. A door lock system, comprising:
a control terminal comprising a first processor, a first memory, and a first computer program stored on the first memory and running on the first processor, the first processor implementing the composite encryption method of any one of claims 1 to 11 when executing the first computer program;
a user terminal comprising a second processor, a second memory, and a second computer program stored on the second memory and running on the second processor, the second processor implementing the composite encryption method of any of claims 1 to 11 when executing the second computer program;
and the door lock device is used for unlocking under the control of the execution signal of the control end.
13. A storage medium storing computer-executable instructions for causing a computer to perform the composite encryption method of any one of claims 1 to 11.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110975660.1A CN113808303B (en) | 2021-08-24 | 2021-08-24 | Composite encryption method, door lock system and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110975660.1A CN113808303B (en) | 2021-08-24 | 2021-08-24 | Composite encryption method, door lock system and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113808303A CN113808303A (en) | 2021-12-17 |
| CN113808303B true CN113808303B (en) | 2023-04-07 |
Family
ID=78941648
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110975660.1A Active CN113808303B (en) | 2021-08-24 | 2021-08-24 | Composite encryption method, door lock system and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113808303B (en) |
Family Cites Families (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107038777B (en) * | 2017-03-29 | 2020-08-18 | 云丁网络技术(北京)有限公司 | Safety communication method based on intelligent door lock system and intelligent door lock system thereof |
| US10755500B2 (en) * | 2017-11-06 | 2020-08-25 | Moca System Inc. | Access control system and access control method using the same |
| CN107948155A (en) * | 2017-11-24 | 2018-04-20 | 重庆金融资产交易所有限责任公司 | Cryptographic check method, apparatus, computer equipment and computer-readable recording medium |
| CN108122316B (en) * | 2017-12-21 | 2020-02-04 | 美智光电科技有限公司 | Door lock communication system and method based on security chip |
| WO2019183097A2 (en) * | 2018-03-20 | 2019-09-26 | Apple Inc. | Sharing system access using a mobile device |
| CN109792451B (en) * | 2018-08-22 | 2022-11-18 | 袁振南 | Communication channel encryption, decryption and establishment method and device, memory and terminal |
| CN109523672B (en) * | 2018-11-20 | 2021-09-21 | 北京千丁互联科技有限公司 | Access control method and device |
| CN109889669A (en) * | 2019-03-07 | 2019-06-14 | 广东汇泰龙科技有限公司 | A kind of unlocked by mobile telephone method and system based on secure cryptographic algorithm |
| CN110602703B (en) * | 2019-09-17 | 2021-04-27 | 深圳市太美亚电子科技有限公司 | Bluetooth communication data encryption method, terminal and system for BLE |
| CN111815814B (en) * | 2020-06-22 | 2022-06-10 | 合肥智辉空间科技有限责任公司 | Electronic lock security system and binding authentication method thereof |
-
2021
- 2021-08-24 CN CN202110975660.1A patent/CN113808303B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN113808303A (en) | 2021-12-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103873440B (en) | Application program upgrading method and system | |
| US8250373B2 (en) | Authenticating and verifying an authenticable and verifiable module | |
| WO2020192406A1 (en) | Method and apparatus for data storage and verification | |
| EP4081921B1 (en) | Contactless card personal identification system | |
| EP2879327A1 (en) | Encryption and decryption processing method, apparatus and device | |
| CN107430658B (en) | Security software certification and verifying | |
| CN104636444B (en) | A kind of encryption and decryption method and device of database | |
| EP2442601A1 (en) | Method and system for automatically logging in client | |
| CN109560931B (en) | Equipment remote upgrading method based on certificate-free system | |
| CN105871558B (en) | A kind of digital control system right management method based on USB flash disk physical serial numbers | |
| CN114218592A (en) | Sensitive data encryption and decryption method and device, computer equipment and storage medium | |
| CN106302379A (en) | The authentication method of vehicle mounted electrical apparatus, system and its apparatus | |
| EP3732609A1 (en) | Secure crypto system attributes | |
| US20070160202A1 (en) | Cipher method and system for verifying a decryption of an encrypted user data key | |
| CN103269271A (en) | Method and system for back-upping private key in electronic signature token | |
| US20110016298A1 (en) | Configuration File | |
| CN110853191A (en) | Intelligent door lock unlocking method, equipment and medium | |
| EP3610399B1 (en) | Enabling program code on target data processing devices | |
| CN104050398A (en) | Multifunctional encryption lock and operating method thereof | |
| CN113808303B (en) | Composite encryption method, door lock system and storage medium | |
| CN107968764B (en) | Authentication method and device | |
| CN112287312A (en) | Method and system for logging in Windows operating system | |
| CN112417422A (en) | Security chip upgrading method and computer readable storage medium | |
| CN114040221B (en) | Anti-copy method for security authentication based on double signatures of set top box server side | |
| CN113489723B (en) | Data transmission method, system, computer device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |