CN115333753A - Internet protocol address generation method and device, storage medium and electronic equipment - Google Patents
Internet protocol address generation method and device, storage medium and electronic equipment Download PDFInfo
- Publication number
- CN115333753A CN115333753A CN202210970445.7A CN202210970445A CN115333753A CN 115333753 A CN115333753 A CN 115333753A CN 202210970445 A CN202210970445 A CN 202210970445A CN 115333753 A CN115333753 A CN 115333753A
- Authority
- CN
- China
- Prior art keywords
- address
- character string
- string
- terminal
- internet protocol
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 41
- 238000007781 pre-processing Methods 0.000 claims abstract description 12
- 230000006870 function Effects 0.000 claims description 10
- 229910002056 binary alloy Inorganic materials 0.000 claims description 5
- 238000004590 computer program Methods 0.000 claims description 2
- 238000004891 communication Methods 0.000 abstract description 4
- 238000006243 chemical reaction Methods 0.000 description 8
- 238000010586 diagram Methods 0.000 description 7
- 238000012545 processing Methods 0.000 description 7
- 230000008569 process Effects 0.000 description 5
- 238000004519 manufacturing process Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000001413 cellular effect Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000000605 extraction Methods 0.000 description 2
- 238000010295 mobile communication Methods 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 239000000243 solution Substances 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000006978 adaptation Effects 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000005286 illumination Methods 0.000 description 1
- 238000002347 injection Methods 0.000 description 1
- 239000007924 injection Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
- H04L9/3278—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/30—Managing network names, e.g. use of aliases or nicknames
- H04L61/3015—Name registration, generation or assignment
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The disclosure provides an internet protocol address generation method, an internet protocol address generation device, a storage medium and electronic equipment, and relates to the technical field of communication. The Internet protocol address generation method comprises the following steps: receiving an address prefix issued by a network side; acquiring identity information of a terminal; the identity information of the terminal comprises: the system comprises an international mobile subscriber identity IMSI, an international mobile equipment identity IMEI and a physical unclonable function PUF; preprocessing the identity information of the terminal to obtain a first character string; and generating an address suffix according to the first character string, and generating the internet protocol address according to the address prefix and the address suffix. The method and the device can improve the safety of the Internet protocol address to a certain extent.
Description
Technical Field
The present disclosure relates to the field of communications technologies, and in particular, to a method and an apparatus for generating an internet protocol address, a storage medium, and an electronic device.
Background
The Internet Protocol Version 6 (IPv 6) solves the problem of insufficient IPv4 address by a 128-bit address. The IPv6 address resource is rich, and each IP device can be allocated with an address; and then, various security problems also occur, and a network hacker can find all the IP equipment by means of the Internet according to the allocated addresses, so that any IP equipment can be illegally invaded, and great threat is caused to the privacy security of the user.
In the related art, the 5G terminal IPv6 address mainly consists of a 64-bit prefix allocated by a network and a 64-bit suffix generated by a terminal, the address generation has randomness and is possibly tampered, and the security of the address generation cannot meet the use of a private network.
Disclosure of Invention
The present disclosure provides an internet protocol address generating method, an internet protocol address generating apparatus, a computer-readable storage medium, and an electronic device, in order to improve security of an internet protocol address to a certain extent.
According to a first aspect of the present disclosure, there is provided an internet protocol address generating method, including: receiving an address prefix issued by a network side; acquiring identity information of a terminal; the identity information of the terminal comprises: the system comprises an international mobile subscriber identity IMSI, an international mobile equipment identity IMEI and a physical unclonable function PUF; preprocessing the identity information of the terminal to obtain a first character string; and generating an address suffix according to the first character string, and generating the internet protocol address according to the address prefix and the address suffix.
In one embodiment, the obtaining identity information of the terminal includes: and acquiring the eSIM information of the terminal to obtain the identity information of the terminal.
In an embodiment, the preprocessing the identity information of the terminal to obtain a first character string includes: converting the IMSI from decimal into binary to obtain a second character string; converting the IMEI and the PUF from decimal system to binary system to obtain a third character string; generating the first string based on the second string and the third string.
In one embodiment, the generating the first string based on the second string and the third string includes: and under the condition that the sum of the digits of the second character string and the third character string exceeds a preset digit, selecting a part of character strings from the second character string and the third character string to be combined into the first character string.
In one embodiment, the generating the first string based on the second string and the third string includes: and adding characters to the second character string and the third character string according to a preset digit under the condition that the sum of the digits of the second character string and the third character string is smaller than the preset digit, so as to obtain the first character string.
In one embodiment, the generating an address suffix from the first string comprises: and encrypting the first character string by adopting an encryption algorithm to obtain the address suffix.
In one embodiment, the generating an address suffix from the first string comprises: converting the first character string from binary system to hexadecimal system to obtain a fourth character string; taking the fourth character string as the address suffix; or, the fourth character string is encrypted by adopting an encryption algorithm to obtain the address suffix.
According to a second aspect of the present disclosure, an ip address generating apparatus is provided, which includes an address prefix receiving module configured to receive an address prefix delivered by a network side; the identity information acquisition module is configured to acquire identity information of the terminal; the identity information of the terminal comprises: IMSI, IMEI, and PUF; the terminal comprises a preprocessing module, a first string module and a second string module, wherein the preprocessing module is configured to preprocess the identity information of the terminal to obtain the first string; an address generation module configured to generate an address suffix from the first string and generate the internet protocol address from the address prefix and the address suffix.
According to a third aspect of the present disclosure, there is provided a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the internet protocol address generating method of the first aspect described above and possible implementations thereof.
According to a fourth aspect of the present disclosure, there is provided an electronic device comprising: a processor; and a memory for storing executable instructions of the processor; wherein the processor is configured to perform the above-described internet protocol address generation method of the first aspect and possible implementations thereof via execution of executable instructions.
The technical scheme of the disclosure has the following beneficial effects:
in the scheme, an address suffix is obtained by processing the acquired identity information of the terminal; and then, an internet protocol address (such as an IPv6 address) is generated according to the address suffix and the received address prefix issued by the network side. Therefore, the identity information of the terminal comprises the International Mobile Subscriber Identity (IMSI), the International Mobile Equipment Identity (IMEI) and the Physical Unclonable Function (PUF), so that the generated internet protocol address is related to the identity, the identity can be identified, and the safety of the internet protocol address is improved.
Drawings
Fig. 1 is a schematic diagram of a system architecture provided by an embodiment of the present disclosure;
fig. 2 is a schematic flow chart illustrating an implementation of a method for generating an internet protocol address according to an embodiment of the present disclosure;
fig. 3 is a schematic flow chart illustrating an implementation of a method for generating an internet protocol address according to an embodiment of the present disclosure;
fig. 4 is a schematic diagram of an implementation flow of a method for generating an internet protocol address according to an embodiment of the present disclosure;
fig. 5 is a schematic structural diagram of an internet protocol address generating apparatus according to an embodiment of the present disclosure;
fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure.
Detailed Description
Exemplary embodiments of the present disclosure will be described more fully hereinafter with reference to the accompanying drawings.
The drawings are schematic illustrations of the present disclosure and are not necessarily drawn to scale. Some of the block diagrams shown in the figures may be functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be implemented in the form of software, or in hardware modules or integrated circuits, or in a network, processor or microcontroller. Embodiments may be embodied in many different forms and should not be construed as limited to the examples set forth herein. The described features, structures, or characteristics of the disclosure may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough explanation of embodiments of the disclosure. One skilled in the relevant art will recognize, however, that one or more of the specific details can be omitted, or one or more of the specific details can be replaced with other methods, components, devices, steps, etc., in implementing the aspects of the disclosure.
The eSIM is in a development stage at present, and the applied terminals are limited, but for three operators, on one hand, the card manufacturing cost of the entity card can be saved; on the other hand, the most critical is that the eSIM service is closely related to the 5G internet of things era, and the equipment is not provided with an external card slot, so that the market prospect is very wide; the eSIM has the technical characteristics of a security algorithm, identity identification, traceability and the like, and mainly follows GSMA SGP.02 and SGP.22 standards.
The IPv6 solves the problem of insufficient IPv4 addresses through 128-bit addresses. The IPv6 address has the advantages of rich and reliable resources and the like, so that the IPv6 address becomes an effective means for solving the development bottleneck of the current Internet and is highly emphasized by the industry and governments of various countries. IPv6 mainly complies with relevant standards like RCF 8200.
At present, IPv6 related devices are rapidly expanded worldwide, and global IPv6 deployment presents a sudden and violent situation. The number of IPv6 addresses is huge, each IP device can be allocated with a universal address all over the world, various security problems also occur, and a network hacker can find all the IP devices by means of the Internet according to the allocated addresses, so that illegal intrusion is carried out on any IP device, and great threats are caused to the privacy security of a user.
In the related art, the 5G terminal IPv6 address mainly consists of a 64-bit prefix allocated by a network and a 64-bit suffix generated by a terminal, the address generation has randomness and is possibly tampered, and the security of the address generation cannot meet the use of a private network.
In view of the above problems, exemplary embodiments of the present disclosure provide an internet protocol address generating method capable of improving security of an internet protocol address to some extent.
The system architecture and application scenario of an operating environment of the above information transmission method are exemplarily described below with reference to fig. 1.
Fig. 1 shows a schematic diagram of a system architecture, and the system architecture 100 may include a terminal 101 and a 5G core network 102. Among them, the terminal 101 may be a mobile terminal, such as: a terminal 101 can receive a 64-bit address prefix issued by a 5G core network 102, and a 128-bit IPv6 address is formed by combining a 64-bit address suffix generated by the terminal with the address prefix; the 5G core network 102 may issue a 64-bit address prefix to the terminal 101.
Fig. 2 is a schematic implementation flow diagram of an internet protocol address generating method provided in the embodiment of the present disclosure, which may be executed by the terminal 101, as shown in fig. 2, the method includes the following steps S201 to S204:
step S201, receiving an address prefix issued by a network side;
step S202, acquiring identity information of a terminal; the identity information of the terminal includes: the system comprises an international mobile subscriber identity IMSI, an international mobile equipment identity IMEI and a physical unclonable function PUF;
step S203, preprocessing the identity information of the terminal to obtain a first character string;
and step S204, generating an address suffix according to the first character string, and generating an Internet protocol address according to the address prefix and the address suffix.
In the internet protocol address generation method, an address suffix is obtained by processing the acquired identity information of the terminal; and then, generating an internet protocol address (such as an IPv6 address) according to the address suffix and the received address prefix issued by the network side. Therefore, the identity information of the terminal comprises the international mobile subscriber identity IMSI, the international mobile equipment identity IMEI and the physical unclonable function PUF, so that the generated internet protocol address is related to the identity, the identity can be identified, and the safety of the internet protocol address is improved.
Each step in fig. 2 is explained in detail below.
Referring to fig. 2, in step S201, an address prefix issued by the network side is received.
The network is composed of a plurality of nodes and links connecting the nodes, and represents a plurality of objects and mutual connection of the objects; here, the network may be a 4G network, a 5G network, etc., and is not limited herein.
The Address, i.e., an Internet Protocol Address (IP Address), is a uniform Address format provided by the IP Protocol, and allocates a logical Address to each network and each host on the Internet, so as to mask the difference of physical addresses. The address prefix refers to an address portion of the IP address corresponding to the network portion, i.e., a network address of the IP address, thereby indicating a network number of a network accessing the internet.
In an embodiment, the address prefix may be issued by a 4G network or a 5G network, which is not limited herein. Further, the address prefix may be issued by a 4G core network, or may be issued by a 5G core network, which is not limited herein. Furthermore, under the condition that the address prefix is issued by the 4G core network, the address prefix can be the address prefix of an IPv4 address or the address prefix of an IPv6 address; under the condition that the address prefix is issued by the 5G core network, the address prefix may be an address prefix of an IPv4 address, or an address prefix of an IPv6 address, which is not limited herein.
In addition, the IPv4 address differs from the IPv6 address in that: IPv6 increases IPv4 address from 32 bits to 128 bits; that is, the IPv4 address is a 32-bit address, and the IPv6 address is a 128-bit address. Under the condition that the address prefix is an IPv4 address, the address prefix can be 16 bits, also can be 8 bits, and also can be 24 bits without limitation; in the case where the address prefix is an IPv6 address, the address prefix may be 64 bits.
With continued reference to fig. 2, in step S202, identity information of the terminal is acquired.
Wherein, the identity information of the terminal comprises: an international mobile subscriber identity IMSI, an international mobile equipment identity IMEI and a physical unclonable function PUF.
The International Mobile Subscriber Identity (IMSI) is an Identity that is used to distinguish different subscribers in a cellular network and is not repeated in all cellular networks.
The International Mobile Equipment Identity (IMEI), which is commonly called a Mobile phone serial number and a Mobile phone serial number, is used to identify Mobile communication Equipment such as each independent Mobile phone in a Mobile phone network, and is equivalent to an Identity card of a Mobile phone.
Physical Unclonable Functions (PUFs) are unique "fingerprint" information generated by using random process deviations of processes such as injection and illumination in the chip manufacturing process, and can be used as unique identification information of a chip after being extracted by a special technology.
The identity information of the terminal can be stored in a chip of the terminal; furthermore, the identity information of the terminal can be obtained by reading the information in the chip.
With reference to fig. 2, in step S203, the identity information of the terminal is preprocessed to obtain a first character string.
Wherein, the identity information obtained in step S202 is a decimal character string; here, the identity information of the terminal is preprocessed, which may be that the system of the identity information is converted to accelerate the processing speed; such as: the identity information of the terminal may be converted from decimal to binary, or may be converted from decimal to hexadecimal, which is not limited herein.
With continued reference to fig. 2, in step S204, an address suffix is generated from the first string, and an internet protocol address is generated from the address prefix and the address suffix.
The address suffix refers to an address part corresponding to a device (such as a terminal) part in the IP address, that is, a device address of the IP address, so as to represent an address number of the device.
In one embodiment, the first string may be encrypted by an encryption algorithm to generate an address suffix to improve the security of the address suffix; other processing may also be performed on the first string to generate an address suffix; of course, the first character string may also be directly used as an address suffix, which is not limited herein.
The number of bits of the address suffix and the address prefix may be the same or different, and is not limited herein; such as: the 32-bit IPv4 address can take the first 8 bits as an address prefix and the last 24 bits as an address suffix; or the first 16 bits can be used as address prefix, and the last 16 bits can be used as address suffix; the first 24 bits may also be used as an address prefix, and the last 8 bits may be used as an address suffix, which is not limited herein; the IPv6 address is the same, and is not described herein.
In one embodiment, in order to save the card manufacturing cost of the physical card, the terminal may be a mobile terminal carrying an eSIM card, and thus the step S202 further includes the following steps:
and acquiring the eSIM information of the terminal to obtain the identity information of the terminal.
Among them, eSIM (Embedded-SIM), i.e., eSIM card; meaning that the conventional SIM card is embedded directly on the device chip rather than being added to the device as a separate removable component, so that the user does not have to insert a physical SIM card. In an embodiment, the "the identity information of the terminal may be stored in a chip of the terminal" may be that the identity information of the terminal is stored in an eSIM card of the terminal, and then the identity information of the terminal is obtained by reading information in the eSIM card.
In one embodiment, the terminal may also carry a SIM card. Under the condition that the terminal carries the SIM card, the identity information of the terminal can be obtained by reading the chip of the terminal and the information in the SIM card of the terminal; generally, the international mobile subscriber identity IMSI is stored in the SIM card, and the international mobile equipment identity IMEI and the physical unclonable function PUF are stored in the chip of the terminal.
In one embodiment, in order to increase the processing speed, the identity information of the terminal may be preprocessed; fig. 3 is a schematic view of an implementation flow of an internet protocol address generating method provided in an embodiment of the present disclosure, and as shown in fig. 3, the step S203 includes the following steps S301 to S303:
step S301, the IMSI is converted into binary from decimal to obtain a second character string.
In the data processing process, the equipment identifies binary data; therefore, the device needs to convert the data from decimal to binary before processing the data. Decimal conversion to binary integers adopts a method of dividing 2 and obtaining the remainder, and arranging in a reverse order; the decimal conversion to binary decimal is performed by multiplying by 2 and rounding, and the sequence arrangement method is not described herein.
And step S302, converting the IMEI and the PUF from decimal to binary to obtain a third character string.
The IMSI is subjected to binary conversion, the IMEI and the PUF are subjected to binary conversion, and the binary conversion is not carried out on the IMSI and the PUF at the same time, because the subsequent generation process of the first character string involves the extraction of the second character string and the third character string, and the extraction rules are different; therefore, in order to extract the second character string and the third character string, the IMSI is subjected to binary conversion, and the IMEI and the PUF are subjected to binary conversion, rather than performing binary conversion on the three characters at the same time.
Step S303 generates a first character string based on the second character string and the third character string.
The first character string is obtained by extracting the second character string and the third character string; namely, selecting a part of character strings from the second character string and the third character string to obtain a first character string; in order to extract the IMSI, IMEI, and PUF, in one embodiment, a partial string in the front of the first string may be extracted, and a string in the middle of the second string may be extracted, where the string in the middle of the second string includes a string of a partial IMEI and a partial PUF.
In one embodiment, the address suffix and the address prefix together generate an internet protocol address (IP address), and therefore the number of bits of the address suffix (the preset number of bits) is determined according to the number of bits of the address prefix and the number of bits of the IP address; then, there may be a case where the sum of the numbers of bits of the second character string and the third character string exceeds the preset number of bits, and there may also be a case where the sum of the numbers of bits of the second character string and the third character string is less than the preset number of bits, that is, the step S303 includes the following steps:
and under the condition that the sum of the number of bits of the second character string and the third character string exceeds the preset number of bits, selecting a part of character strings from the second character string and the third character string to be combined into the first character string.
Wherein, since the second character string and the third character string are both binary character strings, the first character string is also a binary character string; because the address suffix generated based on the first character string and the address prefix issued by the network side jointly generate the IP address, the sum of the number of bits of the address prefix and the number of bits of the address suffix is the number of bits of the IP address.
The preset number of bits, namely the number of bits of the address suffix, is determined according to the number of bits of the address prefix and the number of bits of the IP address; such as: the IPv6 address is 128 bits, the address prefix issued by the network side is 64 bits, and then the address suffix is also 64 (128-64) bits. Therefore, the IP address can be generated by the address suffix and the address prefix. It should be noted that: the number of bits of the address is for binary (the device recognizes binary data).
In one embodiment, in the case that the address prefix issued by the network side is a 64-bit address prefix of an IPv6 address (128 bits), the first character string for generating the address suffix should be 64 bits, and therefore, the preset number of bits is 64, and a 64-bit character string is selected from the second character string and the third character string to obtain the first character string; in an embodiment, the second character string and a part of the third character string may be selected, or a part of the second character string and a part of the third character string may be selected, which is not limited herein.
Under the condition of selecting part of the third character strings, the selected part should comprise part of IMSI and part of PUF; such as: including the back of the IMSI and the front of the PUF, or, including the front of the IMSI and the back of the PUF, this is not limited here. In the case of including the back of the IMSI and the front of the PUF, the third string may be arranged in the order IMSI first and PUF second; in the case of including the front part of the IMSI and the rear part of the PUF, the third string may be arranged in the order PUF is first and IMSI is second, thus facilitating the selection of a partial string from the third string.
In one embodiment, the step S303 further includes the following steps:
and adding characters to the second character string and the third character string according to the preset digit under the condition that the sum of the digits of the second character string and the third character string is less than the preset digit to obtain the first character string.
The situation that the sum of the digits of the second character string and the third character string is less than the preset digit is opposite to the situation that the sum of the digits of the second character string and the third character string exceeds the preset digit, and the recalling part is not repeated here.
In one embodiment, the number of bits of the first character string is equal to a preset number of bits by adding characters to the second character string and the third character string, so that the IP address can be generated based on the address suffix generated by the first character string and the address prefix issued by the network side. Here, a character may be added to the second character string, a character may also be added to the third character string, a character may also be added to both the second character string and the third character string, and there is no limitation here, and the number of bits of the first character string obtained after the character string is added is equal to the preset number of bits; such as: in the case that the address prefix issued by the network side is a 64-bit address prefix of an IPv6 address (128 bits), the first character string for generating the address suffix should be 64 bits, and therefore the preset number of bits is 64, and the sum of the number of bits of the second character string and the third character string is 50, then 14 characters are added to the second character string and the third character string, so as to obtain a 64-bit first character string.
In an embodiment, the character 0, the character 1, and the like may be added to the second character string and the third character string, which is not limited herein.
In one embodiment, to improve the security of the address suffix, the first string may be encrypted to generate the address suffix; the step S204 includes the following steps:
and encrypting the first character string by adopting an encryption algorithm to obtain an address suffix.
Wherein, the encryption algorithm refers to a security algorithm; security algorithms are classified into symmetric and asymmetric, and relate to encryption, decryption, authentication, access control, and the like. The symmetric algorithm comprises the following steps: DES, AES, etc., such as AES-128/192/256 (ECB, CBC), DES-32, DES-128, 3DES; the asymmetric algorithm comprises the following steps: RSA, ECC, etc., such as RSA-1024, RSA2048, RSA3072, RSA4096, ECC-133, ECC-256, ECIES, RSA OAEP; here, the encryption algorithm may employ any of the above-described security algorithms; in one embodiment, as the AES security algorithm supports keys with three lengths of 128 bits, 192 bits and 256 bits; thus, the first string may be encrypted using the AES security algorithm.
In one embodiment, because the identity information of the terminal can perform identity identification, the identity information of the terminal can improve the security of the IP address to a certain extent; fig. 4 is a schematic flow chart illustrating an implementation process of a method for generating an internet protocol address according to an embodiment of the present disclosure, and as shown in fig. 4, the step S204 includes the following steps S401 and S402:
step S401, the first character string is converted from binary system to hexadecimal system, and a fourth character string is obtained.
Since the binary first character string is too long, the first character string can be converted from binary to hexadecimal to simplify the character string when the address suffix is finally generated.
Step S402, taking the fourth character string as an address suffix; or, encrypting the fourth character string by adopting an encryption algorithm to obtain an address suffix.
The fourth character string which improves the security of the IP address itself may be directly used as an address suffix, or the fourth character string obtained by simplifying the first character string may be encrypted, and the encrypted character string may be used as an address suffix. Here, the selection may be made according to actual needs.
The exemplary embodiment of the present disclosure also provides an internet protocol address generating apparatus 500. The internet protocol address generating apparatus can be applied to the above-mentioned terminal 101; referring to fig. 5, the internet protocol address generating apparatus 500 may include:
an address prefix receiving module 501 configured to receive an address prefix issued by a network side;
an identity information obtaining module 502 configured to obtain identity information of a terminal; the identity information of the terminal includes: IMSI, IMEI, and PUF;
the preprocessing module 503 is configured to preprocess the identity information of the terminal to obtain a first character string;
an address generation module 504 configured to generate an address suffix from the first string and generate an internet protocol address from the address prefix and the address suffix.
In one embodiment, acquiring identity information of a terminal includes: and acquiring the eSIM information of the terminal to obtain the identity information of the terminal.
In one embodiment, the preprocessing the identity information of the terminal to obtain a first character string includes: converting the IMSI from a decimal system into a binary system to obtain a second character string; converting the IMEI and the PUF from decimal to binary to obtain a third character string; and generating the first character string based on the second character string and the third character string.
In one embodiment, the generating the first character string based on the second character string and the third character string includes: and under the condition that the sum of the digits of the second character string and the third character string exceeds the preset digit, selecting a part of character strings in the second character string and the third character string to be combined into the first character string.
In one embodiment, generating the first string based on the second string and the third string includes: and adding characters to the second character string and the third character string according to the preset digit under the condition that the sum of the digits of the second character string and the third character string is less than the preset digit, so as to obtain the first character string.
In one embodiment, the generating an address suffix from a first string comprises: and encrypting the first character string by adopting an encryption algorithm to obtain an address suffix.
In one embodiment, generating an address suffix from a first string comprises: converting the first character string from binary to hexadecimal to obtain a fourth character string; taking the fourth character string as an address suffix; or, the fourth character string is encrypted by adopting an encryption algorithm to obtain an address suffix.
Exemplary embodiments of the present disclosure also provide a computer-readable storage medium, which may be implemented in the form of a program product, including program code for causing an electronic device to perform the steps according to various exemplary embodiments of the present disclosure described in the above-mentioned "exemplary method" section of this specification, when the program product is run on the electronic device. In an alternative embodiment, the program product may be embodied as a portable compact disc read only memory (CD-ROM) and include program code, and may be run on an electronic device, such as a personal computer. However, the program product of the present disclosure is not so limited, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
A computer readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
Exemplary embodiments of the present disclosure also provide an electronic device, which may be, for example, the PON management monitoring system 101 and the OLT102 described above. The electronic device may include a processor and a memory. The memory stores executable instructions of the processor, such as may be program code. The processor performs the internet protocol generation method in the exemplary embodiment by executing the executable instructions, as the method steps of fig. 2 may be performed.
Referring now to FIG. 6, an electronic device in the form of a general purpose computing device is illustrated. It should be understood that the electronic device 600 shown in fig. 6 is only one example and should not limit the functionality or scope of use of embodiments of the present disclosure.
As shown in fig. 6, the electronic device 600 may include: a processor 610, a memory 620, a bus 630, an I/O (input/output) interface 640, a network adapter 650.
The memory 620 may include a volatile memory such as a RAM621, a cache unit 622, and a nonvolatile memory such as a ROM623. Memory 620 may also include one or more program modules 624, such program modules 624 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which or some combination thereof may comprise an implementation of a network environment. For example, the program modules 624 may include modules of the internet protocol generating apparatus 500 described above.
The bus 630 is used to enable connections between different components of the electronic device 600 and may include a data bus, an address bus, and a control bus.
The electronic device 600 may communicate with one or more external devices 2000 (e.g., keyboard, mouse, external controller, etc.) via the I/O interface 640.
The electronic device 600 may communicate with one or more networks through the network adapter 650, for example, the network adapter 650 may provide a mobile communication solution such as 3G/4G/5G, or a wireless communication solution such as wireless local area network, bluetooth, near field communication, etc. The network adapter 650 may communicate with other modules of the electronic device 600 via the bus 630.
Although not shown in FIG. 6, other hardware and/or software modules may also be provided in the electronic device 600, including but not limited to: displays, microcode, device drivers, redundant processors, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functions of two or more modules or units described above may be embodied in one module or unit, according to exemplary embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
As will be appreciated by one skilled in the art, aspects of the present disclosure may be embodied as a system, method or program product. Accordingly, various aspects of the present disclosure may be embodied in the form of: an entirely hardware embodiment, an entirely software embodiment (including firmware, microcode, etc.) or an embodiment combining hardware and software aspects that may all generally be referred to herein as a "circuit," module "or" system. Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is to be limited only by the following claims.
Claims (10)
1. An internet protocol address generating method, comprising:
receiving an address prefix issued by a network side;
acquiring identity information of a terminal; the identity information of the terminal comprises: the system comprises an international mobile subscriber identity IMSI, an international mobile equipment identity IMEI and a physical unclonable function PUF;
preprocessing the identity information of the terminal to obtain a first character string;
and generating an address suffix according to the first character string, and generating the internet protocol address according to the address prefix and the address suffix.
2. The method of claim 1, wherein the obtaining identity information of the terminal comprises:
and acquiring the eSIM information of the terminal to obtain the identity information of the terminal.
3. The method of claim 1, wherein the preprocessing the identity information of the terminal to obtain a first string comprises:
converting the IMSI from decimal into binary to obtain a second character string;
converting the IMEI and the PUF from decimal system to binary system to obtain a third character string;
generating the first string based on the second string and the third string.
4. The internet protocol address generation method of claim 3, the generating the first string based on the second string and the third string, comprising:
and under the condition that the sum of the digits of the second character string and the third character string exceeds a preset digit, selecting a part of character strings from the second character string and the third character string to be combined into the first character string.
5. The internet protocol address generating method of claim 3, the generating the first string based on the second string and the third string, comprising:
and adding characters to the second character string and the third character string according to a preset digit under the condition that the sum of the digits of the second character string and the third character string is smaller than the preset digit to obtain the first character string.
6. The internet protocol address generation method of claim 1, wherein generating an address suffix from the first string comprises:
and encrypting the first character string by adopting an encryption algorithm to obtain the address suffix.
7. The internet protocol address generation method of claim 1, wherein generating an address suffix from the first string comprises:
converting the first character string from binary to hexadecimal to obtain a fourth character string;
taking the fourth character string as the address suffix; or, the fourth character string is encrypted by adopting an encryption algorithm to obtain the address suffix.
8. An internet protocol address generating apparatus, comprising:
the address prefix receiving module is configured to receive an address prefix issued by a network side;
the identity information acquisition module is configured to acquire identity information of the terminal; the identity information of the terminal comprises: IMSI, IMEI, and PUF;
the terminal comprises a preprocessing module, a first string module and a second string module, wherein the preprocessing module is configured to preprocess the identity information of the terminal to obtain the first string;
an address generation module configured to generate an address suffix from the first string and generate the internet protocol address from the address prefix and the address suffix.
9. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the method of any one of claims 1 to 7.
10. An electronic device, comprising:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the method of any of claims 1 to 7 via execution of the executable instructions.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210970445.7A CN115333753A (en) | 2022-08-12 | 2022-08-12 | Internet protocol address generation method and device, storage medium and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210970445.7A CN115333753A (en) | 2022-08-12 | 2022-08-12 | Internet protocol address generation method and device, storage medium and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115333753A true CN115333753A (en) | 2022-11-11 |
Family
ID=83923180
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210970445.7A Pending CN115333753A (en) | 2022-08-12 | 2022-08-12 | Internet protocol address generation method and device, storage medium and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115333753A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115604229A (en) * | 2022-11-28 | 2023-01-13 | 北京连星科技有限公司(Cn) | Method and system for constructing flexible networking framework based on IPv6 characteristics |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104769907A (en) * | 2012-10-04 | 2015-07-08 | 西门子公司 | Apparatus and method for transmitting data |
| CN113055176A (en) * | 2019-12-26 | 2021-06-29 | 中国电信股份有限公司 | Terminal authentication method and system, terminal device, P2P verification platform and medium |
| US20210319894A1 (en) * | 2020-04-08 | 2021-10-14 | CareBand Inc. | Wearable electronic device and system using low-power cellular telecommunication protocols |
| CN114301670A (en) * | 2021-12-28 | 2022-04-08 | 天翼物联科技有限公司 | Terminal authentication method, device, equipment and medium based on IPV6 address |
| CN114339755A (en) * | 2021-12-31 | 2022-04-12 | 中国电信股份有限公司 | Registration verification method and device, electronic equipment and computer readable storage medium |
| CN114338527A (en) * | 2021-12-30 | 2022-04-12 | 中国电信股份有限公司 | IPv6 active identifier processing method and system |
-
2022
- 2022-08-12 CN CN202210970445.7A patent/CN115333753A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104769907A (en) * | 2012-10-04 | 2015-07-08 | 西门子公司 | Apparatus and method for transmitting data |
| CN113055176A (en) * | 2019-12-26 | 2021-06-29 | 中国电信股份有限公司 | Terminal authentication method and system, terminal device, P2P verification platform and medium |
| US20210319894A1 (en) * | 2020-04-08 | 2021-10-14 | CareBand Inc. | Wearable electronic device and system using low-power cellular telecommunication protocols |
| CN114301670A (en) * | 2021-12-28 | 2022-04-08 | 天翼物联科技有限公司 | Terminal authentication method, device, equipment and medium based on IPV6 address |
| CN114338527A (en) * | 2021-12-30 | 2022-04-12 | 中国电信股份有限公司 | IPv6 active identifier processing method and system |
| CN114339755A (en) * | 2021-12-31 | 2022-04-12 | 中国电信股份有限公司 | Registration verification method and device, electronic equipment and computer readable storage medium |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115604229A (en) * | 2022-11-28 | 2023-01-13 | 北京连星科技有限公司(Cn) | Method and system for constructing flexible networking framework based on IPv6 characteristics |
| CN115604229B (en) * | 2022-11-28 | 2023-03-10 | 北京连星科技有限公司 | Method and system for constructing flexible networking framework based on IPv6 characteristics |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110324143B (en) | Data transmission method, electronic device and storage medium | |
| CN107078904B (en) | Hybrid cryptographic key derivation | |
| KR101213984B1 (en) | A Hybrid Cloud with Multi-Factor Authentication System | |
| US20150163065A1 (en) | Identity authentication method and apparatus and server | |
| CN107590396B (en) | Data processing method and device, storage medium and electronic equipment | |
| CN111475543A (en) | Fuzzy search method and device, computer equipment and storage medium | |
| CN112469036A (en) | Message encryption and decryption method and device, mobile terminal and storage medium | |
| CN111246407B (en) | Data encryption and decryption method and device for short message transmission | |
| US20190260583A1 (en) | Encryption device, search device, computer readable medium, encryption method, and search method | |
| CN110266653B (en) | Authentication method, system and terminal equipment | |
| CN115333753A (en) | Internet protocol address generation method and device, storage medium and electronic equipment | |
| CN109299944B (en) | Data encryption method, system and terminal in transaction process | |
| CN111949996B (en) | Method, system, equipment and medium for generating and encrypting security private key | |
| CN107070666A (en) | A kind of encryption and decryption method and device | |
| CN115481440B (en) | Data processing method, device, electronic equipment and medium | |
| CN116886391A (en) | Internet of things equipment authentication method and device, storage medium and electronic equipment | |
| CN115344848B (en) | Identification acquisition method, device, equipment and computer readable storage medium | |
| CN113378147A (en) | Method for user to log in service platform | |
| US9203607B2 (en) | Keyless challenge and response system | |
| CN113037760B (en) | Message sending method and device | |
| CN113922972B (en) | Data forwarding method and device based on MD5 identification code | |
| CN108512657B (en) | Password generation method and device | |
| CN113343269B (en) | Encryption method and device | |
| CN115086428B (en) | Network request sending method and device and electronic equipment | |
| CN111339578A (en) | Key access method, device, system, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |