CN115604700A - Network distribution method based on Wi-Fi perception, embedded chip system and medium - Google Patents

Network distribution method based on Wi-Fi perception, embedded chip system and medium Download PDF

Info

Publication number
CN115604700A
CN115604700A CN202211298116.9A CN202211298116A CN115604700A CN 115604700 A CN115604700 A CN 115604700A CN 202211298116 A CN202211298116 A CN 202211298116A CN 115604700 A CN115604700 A CN 115604700A
Authority
CN
China
Prior art keywords
distributed
key
distribution network
ciphertext
mobile terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211298116.9A
Other languages
Chinese (zh)
Inventor
陈文�
巫建刚
刘晗
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Espressif Systems Shanghai Co Ltd
Original Assignee
Espressif Systems Shanghai Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Espressif Systems Shanghai Co Ltd filed Critical Espressif Systems Shanghai Co Ltd
Priority to CN202211298116.9A priority Critical patent/CN115604700A/en
Publication of CN115604700A publication Critical patent/CN115604700A/en
Priority to PCT/CN2023/125721 priority patent/WO2024083235A1/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A Wi-Fi perception based distribution network method is executed in a proximity perception network cluster formed by networking a plurality of devices to be distributed, one of the devices to be distributed is selected as an anchoring main device, and the method comprises the following steps: a) At least one device to be distributed negotiates with an anchoring main device to obtain a first shared key; b) The method comprises the steps that at least one device to be distributed with the network obtains a first encryption ciphertext from an anchoring main device, wherein the first encryption ciphertext comprises a ciphertext obtained by encrypting a distribution network key generated by the anchoring main device according to a first shared key; c) The at least one device to be distributed with the network acquires a third encryption ciphertext from the mobile terminal, wherein the third encryption ciphertext is a ciphertext obtained by encrypting the distribution network information acquired by the mobile terminal according to the distribution network key; d) The at least one device to be distributed with the network decrypts the first encrypted ciphertext according to the first shared key to obtain a distribution network key; e) And the at least one device to be distributed with the network decrypts the third encrypted ciphertext according to the distribution network key to obtain the distribution network information.

Description

Network distribution method based on Wi-Fi perception, embedded chip system and medium
Technical Field
Embodiments of the present disclosure generally relate to the field of wireless communications, and more particularly, to a network distribution method based on Wi-Fi awareness.
Background
The intelligent hardware products on the market are mostly in the product category based on Wi-Fi communication. These Wi-Fi hardware devices are not typically configured with a human-computer interface, and cannot have an interface that can be provided to a user to select a Wi-Fi hotspot for connection, as with smart korean products such as personal computers, cell phones, and the like. In order for such intelligent devices lacking a human-machine interface to connect to a network, the problem of properly connecting them to a router must first be solved. That is, a problem of how to securely and reliably transmit information such as an SSID (Service Set Identifier) and an access password of a wireless network for connecting to a router to such a smart device needs to be solved, and the present invention is directed to solving this problem.
For the above intelligent hardware without a human-computer interaction interface, there are two main ways for the network distribution at present:
the first mode is to set the intelligent hardware to be in a Soft AP mode, namely, set the mobile phone to be in a Station mode, then use the mobile phone to connect the Soft AP at the intelligent hardware, after the connection is successful, the SSID and the password of the wireless access point are transmitted to the intelligent equipment, after the intelligent equipment receives the SSID and the password of the wireless access point, the intelligent equipment is switched back to the Station mode from the Soft AP mode, and the received SSID and the password of the wireless access point are used for connecting with the wireless access point to complete the distribution network.
The second way is to set the intelligent hardware to promiscuous mode, in which it can receive wireless messages that meet the conditions in the air. The SSID and the access password are encoded into a UDP (User Datagram Protocol) message at the mobile phone end, and the UDP message is transmitted through a wireless broadcast message or a multicast message. And the intelligent hardware correspondingly decodes the received wireless message to acquire a correct SSID and an access password, and is connected with the wireless access point through the acquired SSID and password to complete the distribution network.
The traditional Soft AP distribution network and the hybrid distribution network have the advantages that the distribution network speed is low, the safety is poor, especially when the requirement of simultaneously distributing the network for a plurality of intelligent devices is met, the distribution network efficiency is very low, and the main defects comprise the following steps:
the user experience is poor: the successful configuration can be ensured by the distribution network mode based on the Soft AP, but the user experience is not friendly, because the method requires that the mobile phone is connected to the Soft AP firstly, and the mobile phone is switched back after the configuration is completed no matter the mobile phone is manual (iOS) or automatic (Android), the whole operation process is very complicated and complex.
Poor safety and low success rate: although the intelligent configuration is convenient, under the condition that the Wi-Fi environment is complex, certain failure probability exists, the mobile phone needs to transmit the password of the router to the Wi-Fi module, and if the password is plaintext, the password is easily intercepted, so that great potential safety hazards are brought to the Wi-Fi network.
The speed is slow: when the Soft AP and the hybrid mode are adopted for distribution, each device needs to interact with the cloud one by one, binding and other operations are completed, the distribution time for one time is usually about 10 seconds, and if the number of the devices to be distributed is dozens or even hundreds, the distribution time can be very long.
Disclosure of Invention
Therefore, it is desirable to provide a method and a system for distributing networks in batches based on Wi-Fi perception, and the method and the system are used for solving the problems that the existing intelligent device is complex in operation, poor in safety and low in success rate of distribution networks when a single device is used for distributing networks or the networks are distributed in batches.
In a first aspect, a Wi-Fi aware-based network distribution method is disclosed that is performed in a proximity-aware network cluster formed by networking a plurality of devices to be distributed, one of which is selected as an anchor master device, the method comprising: a) At least one device to be distributed negotiates with an anchoring main device to obtain a first shared key; b) The method comprises the steps that at least one device to be distributed with the network obtains a first encryption ciphertext from an anchoring main device, wherein the first encryption ciphertext comprises a ciphertext obtained by encrypting a distribution network key generated by the anchoring main device according to a first shared key; c) The at least one device to be distributed acquires a third encryption ciphertext from the mobile terminal, wherein the third encryption ciphertext is a ciphertext obtained by encrypting the distribution network information acquired by the mobile terminal according to the distribution network key; d) The at least one device to be distributed with the network decrypts the first encrypted ciphertext according to the first shared key to obtain a distribution network key; e) And the at least one device to be distributed with the network decrypts the third encrypted ciphertext according to the distribution network key to obtain the distribution network information.
Preferably, step a) further comprises: and the at least one device to be distributed sends configuration information to the anchoring main device, wherein the configuration information indicates whether the at least one device to be distributed is configured with encryption admission or not.
Further preferably, if at least one device to be networked is configured with encryption admission, at least one device to be networked is configured with a private key, and the private key is obtained by scanning a two-dimensional code on the device to be networked by the mobile terminal or input by a user on the mobile terminal or obtained by anchoring the main device.
Further preferably, if at least one device to be configured with encrypted admission is configured, the step c) further includes: and the at least one to-be-distributed network device acquires a third encryption ciphertext from the mobile terminal, wherein the third encryption ciphertext is a ciphertext obtained by encrypting the distribution network information acquired by the mobile terminal by using the distribution network key updated according to the private key and the distribution network key.
Further preferably, if at least one device to be configured with encrypted admission is configured, step e) further comprises: and the at least one to-be-distributed network device decrypts the third encrypted ciphertext according to the private key and the distribution network key so as to obtain distribution network information.
In a second aspect, a Wi-Fi aware-based network distribution method is disclosed that is performed in a proximity-aware network cluster formed by networking a plurality of devices to be distributed, one of which is selected as an anchor master device, the method comprising: a) The anchoring main equipment and at least one equipment to be networked negotiate to obtain a first shared key; b) The anchoring main equipment sends a first encryption ciphertext to at least one to-be-configured network equipment, wherein the first encryption ciphertext is a ciphertext obtained by encrypting a distribution network key generated by the anchoring main equipment according to a first shared key; c) The anchoring main equipment and the mobile terminal negotiate to obtain a second shared key; d) And the anchoring main equipment sends a second encrypted ciphertext to the mobile terminal, wherein the second encrypted ciphertext is a ciphertext obtained by encrypting the distribution network key according to the second shared key.
Preferably, step a) further comprises: the anchoring main device obtains configuration information from at least one device to be configured, wherein the configuration information indicates whether the at least one device to be configured is configured with encryption admission.
Preferably, step d) further comprises: and the anchoring main equipment sends a second encrypted ciphertext to the mobile terminal, wherein the second encrypted ciphertext is a ciphertext obtained by encrypting the configuration information and the distribution network key according to a second shared key.
In a third aspect, a Wi-Fi aware-based network distribution method is disclosed, performed in a proximity-aware network cluster formed by networking a plurality of devices to be distributed, one of the plurality of devices to be distributed being selected as an anchor master device, the method comprising: a) The mobile terminal negotiates with the anchoring main device to obtain a second shared key; b) The mobile terminal acquires a second encrypted ciphertext from the anchoring main device, wherein the second encrypted ciphertext is a ciphertext obtained by encrypting the distribution network key according to a second shared key; c) The mobile terminal decrypts the second encrypted ciphertext according to the second shared key to obtain a distribution network key; d) And the mobile terminal sends a third encryption ciphertext to the at least one to-be-distributed network device, wherein the third encryption ciphertext is a ciphertext obtained by encrypting the distribution network information obtained by the mobile terminal according to the distribution network key.
Preferably, step b) further comprises: the mobile terminal acquires a second encrypted ciphertext from the anchoring main device, wherein the second encrypted ciphertext is a ciphertext obtained by encrypting the configuration information and the distribution network key according to a second shared key; the configuration information indicates whether at least one network device to be distributed is configured with encryption access, wherein if the at least one network device to be distributed is configured with the encryption access, the at least one network device to be distributed is configured with a private key.
Further preferably, step c) further comprises: and the mobile terminal decrypts the second encrypted ciphertext according to the second shared key to acquire the configuration information and the distribution network key.
Further preferably, if at least one device to be configured with encrypted admission is configured, step d) further includes: the mobile terminal acquires a private key of the equipment to be distributed, and calculates the private key and the distribution network key to acquire an updated distribution network key; and encrypting the distribution network information according to the updated distribution network key to obtain a third encryption ciphertext.
In a fourth aspect, a computer-readable storage medium is disclosed, having stored thereon a computer program which, when run, causes an apparatus to perform the method of the first aspect as set forth above, or causes an apparatus to perform the method of the second aspect as set forth above, or causes an apparatus to perform the method of the third aspect as set forth above.
In a fifth aspect, an embedded chip system is disclosed, comprising: a processor configured to call and run the computer program from the memory, so that the communication apparatus with the embedded chip system installed therein executes the method of the first aspect, the second aspect, or the third aspect.
It is to be noted that any feature of any of the embodiments disclosed herein may be applied to any other embodiment, wherever appropriate. Likewise, any advantage of any of the embodiments may apply to other embodiments, and vice versa. Other objects, features and advantages of the appended embodiments will be apparent from the following description.
It is an object of some embodiments to address or mitigate, alleviate or eliminate at least some of the above or other disadvantages.
In particular, aiming at the problems, the Wi-Fi perception-based distribution network method provided by the disclosure can realize a distribution network with high security. On the other hand, the distribution network target is accurately selected, so that the distribution network success rate can be effectively improved, and the operation stability is high. In addition, the method provided by the disclosure can realize batch distribution of the network when a plurality of devices to be distributed which do not need to be encrypted for admission exist. For the equipment to be configured which needs to be encrypted for admission, the method disclosed by the invention can also effectively prevent the operation of network misconfiguration. Therefore, the technical scheme of the disclosure can serve different distribution network application scenes, reduces the manual distribution network operation steps of users in the whole process, and improves the user experience. According to the technical scheme, the distribution network of the Wi-Fi equipment can be effectively and quickly realized, data exchange in the distribution network process is encrypted, and only the equipment to be distributed can decrypt the data, so that the safety of the distribution network is guaranteed. In addition, the Wi-Fi sensing technology is utilized, and the distribution of all equipment can be completed in tens of seconds at the shortest time.
Drawings
Fig. 1 shows a schematic diagram of a proximity-aware network cluster composed of a plurality of devices to be networked.
Fig. 2 shows a schematic diagram of a mobile terminal joining a proximity-aware network cluster composed of a plurality of devices to be distributed as shown in fig. 1.
Fig. 3 is a diagram illustrating a communication procedure between any one of the devices to be networked and the anchor master device and the mobile terminal in one embodiment.
Fig. 4 shows a schematic diagram of a device to be configured in a proximity-aware network cluster sending configuration information to an anchoring master device through a Wi-Fi aware frame.
Fig. 5 is a diagram illustrating a communication procedure between any device to be networked and the anchor master device and the mobile terminal in another embodiment.
Fig. 6 shows a schematic flow diagram of a distribution network method based on Wi-Fi awareness according to one embodiment of the present disclosure.
Fig. 7 shows a schematic flow diagram of a Wi-Fi aware based distribution network method according to another embodiment of the present disclosure.
Fig. 8 shows a schematic flow diagram of a Wi-Fi aware based distribution network method according to yet another embodiment of the present disclosure.
Fig. 9 shows a schematic block diagram of a device 900 to be networked according to an embodiment.
Fig. 10 shows a schematic diagram of a hardware structure of a device to be networked 1000 according to an embodiment.
Detailed Description
The present disclosure will now be discussed with reference to several example embodiments. It should be understood that these examples are discussed only for the purpose of enabling those skilled in the art to better understand the present disclosure and thus to practice the present disclosure, and do not imply any limitations on the scope of the present disclosure.
It will be understood that, although the terms first, second, etc. may be used herein to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another. For example, a first element could be termed a second element, and, similarly, a second element could be termed a first element, without departing from the scope of example embodiments. As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises," "comprising," "has," "having," "contains," "containing," and/or "incorporating," when used herein, specify the presence of stated features, elements, and/or components, but do not preclude the presence or addition of one or more other features, elements, components, and/or groups thereof.
In the following description and claims, unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure belongs. Some exemplary embodiments of the present disclosure will be described below with reference to the accompanying drawings.
Before describing aspects of embodiments of the present disclosure, a basic concept to be applied in the present disclosure is first explained in order to better explain an implementation process of aspects of the present disclosure.
Wi-Fi Aware (Wi-Fi Aware) protocol: the Wi-Fi aware protocol is a neighbor discovery protocol customized by the Wi-Fi alliance over the IEEE802.11 protocol. The protocol works with IEEE802.11 devices, but does not belong to IEEE802.11 standard enhancement or revision, and Wi-Fi perception only needs IEEE802.11 terminal equipment vendors to upgrade the drive software. Wi-Fi aware functionality enables devices to discover each other and connect directly without any other type of connection between them Wi-Fi awareness is also known as a proximity aware network (NAN).
Neighbor Awareness Network Cluster ("NAN Cluster"): a neighbor aware network Cluster is a collection of multiple neighboring devices that share a common set of NAN parameters, are synchronized to the same Discovery Window (Discovery Window) time procedure, and possess a NAN Cluster ID unique identification.
NAN equipment: and supporting equipment for realizing the NAN protocol function. The NAN device may serve either a Master (Master) or a Non-Master (Non-Master) role. The Master with the highest priority in the NAN cluster is the Anchor Master (Anchor Master), which can maintain timing for a synchronous cluster, and other NAN devices in the cluster must comply with their time synchronization TSF. In a NAN cluster, each NAN device should be capable of becoming an anchor master. The original TSF should be maintained for inheritance to the anchor master.
Furthermore, for a device supporting Wi-Fi awareness, it can autonomously detect, alert, and connect other devices without going through a Wi-Fi Access Point (AP). In particular, the Wi-Fi aware application may be configured to alert the user of devices in the vicinity that are running the same application. The Wi-Fi aware discovery function may be performed based on various parameters such as distance, for example, to alert the user when another device running the same application is less than 10 feet (about 3.048 meters) away. The application may also be configured to establish a point-to-point secure data connection with another device for application data exchange.
Example one
Fig. 1 shows a schematic diagram of a proximity-aware network cluster formed by a plurality of devices to be networked supporting Wi-Fi awareness. As shown in fig. 1, a plurality of devices to be distributed start Wi-Fi aware services, and form a neighbor aware network cluster through negotiation. The device with the highest Master priority among the devices to be distributed is promoted to be an anchoring Master device (Anchor Master), and the other devices to be distributed (such as device A to be distributed, device B to be distributed, \8230; device N to be distributed) are non-anchoring Master devices. The anchoring master device may discover other devices to join the near-aware network cluster by sending beacon frames (beacon frames), and these other devices may discover the anchoring master device by replying to Wi-Fi aware frames.
Fig. 2 shows a schematic diagram of a mobile terminal joining a cluster of proximity-aware networks as shown in fig. 1. The mobile terminal starts Wi-Fi sensing service, and after receiving a Beacon frame (Beacon) in the proximity sensing network cluster, the mobile terminal is added into the proximity sensing network cluster formed by the plurality of to-be-distributed network devices. By way of example and not limitation, the mobile terminal may be a mobile terminal device such as a smart phone, smart tablet, laptop, etc. that supports Wi-Fi aware services.
By way of example and not limitation, the mobile terminal obtains distribution network information. The mobile terminal can acquire the distribution network information in advance in a man-machine interaction mode, or acquire the distribution network information in any other applicable mode.
Fig. 3 is a schematic diagram illustrating a communication process between any device to be network-connected and the anchor master device and the mobile terminal, so as to finally achieve the purpose of network-connection.
A. Distribution network key distribution from anchoring main device to be distributed
Step S110: and the equipment to be distributed negotiates with the anchoring main equipment to obtain a first shared key. And the device to be distributed does not acquire the distribution network key. By way of example and not limitation, the anchoring master device and the device to be networked obtain the first shared key through a symmetric key algorithm negotiation calculation.
Step S114: the anchoring master device generates a distribution network key. By way of example and not limitation, the anchoring master device may generate the distribution network key in a random manner.
Step S116: and the anchoring main equipment encrypts the distribution network key according to the first shared key to obtain a first encryption ciphertext.
Step S118: and the anchoring main equipment sends a first encrypted ciphertext to the equipment to be networked.
Step S134: and the equipment to be distributed decrypts the received first encrypted ciphertext according to the first shared key, so as to obtain a distribution network key.
As an example and not by way of limitation, the process of the anchoring master device distributing the distribution network key to the device to be distributed may further include the following steps:
step S112: and the equipment to be distributed sends configuration information to the anchoring main equipment.
It is noted that the steps of the above-described methods are not limited to the order of execution unless otherwise specified. For example, step S112 may be performed before or after any of steps S114 to S134.
By way of example and not limitation, step S112 may be performed when the device to be networked just joins the proximity-aware network cluster. Alternatively, this step may be performed at any other suitable time. Fig. 4 is a schematic diagram illustrating that a device to be configured in a proximity-aware network cluster sends configuration information to an anchor master device through a Wi-Fi aware frame.
For example, the anchoring master device may sort and save the configuration information of all the devices to be networked after receiving the Wi-Fi aware frames from the devices to be networked.
In some embodiments, the Wi-Fi aware frames may be Publish (Publish) frames, follow-up frames, or Subscribe (Subscribe) frames, each of which may carry custom information.
By way of example and not limitation, in step S110, the negotiating, by the device to be networked with the anchor master device, a first shared key includes: establishing a data channel, and calculating a first shared key through a key negotiation algorithm; the key agreement may negotiate the key based on four handshakes of the paired secure key agreement process in the NAN, or may be generated by asymmetric cryptographic algorithm agreement such as DH or RSA, or ECC.
By way of example and not limitation, the configuration information may include address information, e.g., MAC address information, for each device to be networked. By way of example and not limitation, the configuration information may further include encryption admission information indicating whether the current device to be networked is configured with encryption admission. And if the equipment to be distributed is configured with the encryption access, indicating that the equipment to be distributed is configured with the private key. Further, the configuration information may also include configuration information that is acquired by the anchor master device from other devices to be networked in the proximity-aware network cluster, for example, address information of the other devices to be networked, encryption admission information, and the like.
As an example and not by way of limitation, the method steps of the anchoring master device distributing the distribution network key to the device to be distributed may be further generalized to that any device to be distributed that has obtained the distribution network key distributes the distribution network key to the device to be distributed, and after the device to be distributed decrypts the first encrypted ciphertext according to the first shared key to obtain the distribution network key and address information of at least one device to be distributed that does not obtain the distribution network key, the following steps are performed to distribute the distribution network key to the at least one device to be distributed that does not obtain the distribution network key:
(1) At least one device to be distributed without the distribution network key and at least one device to be distributed with the distribution network key are negotiated to obtain a corresponding first shared key;
(2) The method comprises the steps that at least one to-be-distributed network device which does not obtain a distribution network key obtains a corresponding first encryption ciphertext from the at least one to-be-distributed network device which obtains the distribution network key, wherein the corresponding first encryption ciphertext is a ciphertext obtained by encrypting the distribution network key according to a corresponding first shared key;
(3) And at least one device to be distributed with the network key which is obtained decrypts the corresponding first encrypted ciphertext according to the corresponding first shared key to obtain the network key.
As described above, in this case, first, the device that has obtained the distribution network key negotiates with the device to be distributed to obtain the first shared key. Secondly, the equipment which has obtained the distribution network key encrypts the distribution network key according to the first shared key to obtain a first encryption ciphertext. And then, the equipment which has obtained the distribution network key sends a first encryption ciphertext to the equipment to be distributed. And the equipment to be distributed decrypts the received first encrypted ciphertext according to the first shared key, so as to obtain a distribution network key. Further optimally, the device that has obtained the distribution network key may also send, to the device to be configured, configuration information, such as address information, encryption admission information, and the like, of other devices to be configured in the proximity-aware network cluster, which is obtained from the anchor master device. Through the distribution mode, the acquisition of the distribution network key by a plurality of devices to be distributed in the proximity perception network cluster can be completed quickly, and compared with the situation that the anchoring main device is required to be connected with the devices to be distributed and the distribution network key is required to be sent every time, the distribution network key distribution speed can be improved exponentially by the optimization method.
B. The anchoring main equipment sends configuration information and a distribution network key to the mobile terminal
Step S120: the anchoring main equipment and the mobile terminal negotiate to obtain a second shared secret key.
Step S122: and the anchoring main equipment encrypts the distribution network key according to the second shared key to obtain a second encrypted ciphertext.
Step S124: and the anchoring main equipment sends the second encrypted ciphertext to the mobile terminal.
Step S126: and the mobile terminal decrypts the second encrypted ciphertext according to the second shared key to obtain the distribution network key.
Further optimally, in step S126, the mobile terminal decrypts the second encrypted ciphertext according to the second shared key to obtain the distribution network key and the distribution network information. By way of example and not limitation, the configuration information may include address information, e.g., MAC address information, of each device to be networked. By way of example and not limitation, the configuration information may further include encryption admission information indicating whether the current device to be networked is configured with encryption admission. And if the equipment to be distributed is configured with the encryption access, indicating that the equipment to be distributed is configured with the private key.
It is noted that the steps of the above-described methods are not limited to the order of execution unless otherwise specified. The communication steps between the mobile terminal and the anchoring host device described above may be performed, for example, by Wi-Fi aware frames.
C. Mobile terminal sends distribution network information to equipment to be distributed
Step S128: and the mobile terminal acquires the distribution network information.
Step S130: and the mobile terminal encrypts the acquired distribution network information according to the distribution network key to obtain a third encryption ciphertext.
Step S132: and the mobile terminal sends a third encryption ciphertext to at least one device to be distributed.
By way of example and not limitation, the mobile terminal may acquire the distribution network information in a human-computer interaction manner.
In another embodiment, after the mobile terminal performs step S132, if the network device to be configured is configured with encrypted admission, the mobile terminal further performs the steps of: acquiring a private key of the equipment to be distributed, and calculating the private key and a distribution network key to acquire an updated distribution network key; and encrypting the distribution network information according to the updated distribution network key to obtain a third encryption ciphertext. If the equipment to be distributed is not configured with encryption admission, executing the following steps: and encrypting the distribution network information according to the distribution network key to obtain a third encryption ciphertext.
By way of example and not limitation, the mobile terminal may obtain the private key of the device to be networked by scanning the two-dimensional code on the device to be networked or inputting the private key on the mobile terminal by a user or by the anchoring master device. Alternatively, the mobile terminal may also scan other identifiable code patterns on the device to be networked to obtain the private key of the device to be networked. For each device to be networked configured with encrypted admission, the device has a private key unique to the device.
It is noted that the steps of the above-described methods are not limited to the order of execution unless otherwise specified. Exemplarily, the communication step between the mobile terminal and the device to be networked may be performed through a Wi-Fi aware frame.
D. To-be-distributed network equipment acquires distribution network information
As described above, the device to be configured performs step S134 to obtain the distribution network key: and the at least one device to be distributed with the network acquires a third encryption ciphertext from the mobile terminal, wherein the third encryption ciphertext is a ciphertext obtained by encrypting the distribution network information acquired by the mobile terminal according to the distribution network key.
After the network-to-be-distributed device receives the third encrypted ciphertext sent from the mobile terminal, the step S136 is further executed: and the at least one device to be distributed with the network decrypts the third encrypted ciphertext according to the distribution network key to obtain the distribution network information.
In another embodiment, after the device to be configured with the network receives the third encryption ciphertext sent from the mobile terminal, if the device to be configured with the network is configured with the encryption admission, the method further performs the following steps: and calculating the private key and the distribution network key to obtain an updated distribution network key, and decrypting the third encrypted ciphertext according to the updated distribution network key to obtain distribution network information. If the equipment to be distributed is not configured with encryption admission, executing the following steps: and decrypting the third encrypted ciphertext according to the distribution network key to acquire distribution network information.
By way of example and not limitation, after the device to be configured acquires the distribution network information, the device to be configured scans the target router and connects to the target router through the distribution network information, so as to complete distribution network. Optionally, the device to be networked may send a Wi-Fi aware frame to the mobile terminal to notify the mobile terminal to stop sending other Wi-Fi aware frames.
Example two
Fig. 5 is a schematic diagram illustrating a communication process between any one of the devices to be networked and the anchor master device and the mobile terminal in another embodiment, so as to finally achieve the purpose of the network distribution.
Step S210: the device to be distributed negotiates with the anchoring main device to obtain a first shared key. And the device to be distributed does not acquire the distribution network key. By way of example and not limitation, the anchoring master device and the device to be networked obtain the first shared key through a symmetric key algorithm negotiation calculation.
Step S212: and the equipment to be distributed sends configuration information to the anchoring main equipment. By way of example and not limitation, the configuration information may include address information, e.g., MAC address information, of each device to be networked. The configuration information also includes encryption admission information, which indicates whether the current network device to be configured is configured with encryption admission. And if the equipment to be distributed is configured with the encryption access, indicating that the equipment to be distributed is configured with the private key.
Step S214: the anchoring master device generates a distribution network key. By way of example and not limitation, the anchoring master device may generate the distribution network key in a random manner.
Step S216: and the anchoring main equipment encrypts the distribution network key according to the first shared key to obtain a first encryption ciphertext.
Step S218: and the anchoring main equipment sends a first encrypted ciphertext to the equipment to be networked.
Step S220: the anchoring main equipment and the mobile terminal negotiate to obtain a second shared secret key.
Step S222: and the anchoring main equipment encrypts the configuration information and the distribution network key according to the second shared key to obtain a second encryption ciphertext.
Step S224: and the anchoring main equipment sends a second encryption ciphertext to the mobile terminal.
Step S226: and the mobile terminal decrypts the second encrypted ciphertext according to the second shared key to acquire the configuration information and the distribution network key.
Step S228: the mobile terminal acquires distribution network information.
Step S230: and the mobile terminal judges whether the equipment to be distributed is configured with encryption access or not according to the configuration information.
If the network-to-be-distributed equipment is configured with encryption admission, step S230a is executed: acquiring a private key of the equipment to be distributed, and calculating the private key and a distribution network key to acquire an updated distribution network key; and encrypting the distribution network information according to the updated distribution network key to obtain a third encryption ciphertext.
If the network to be distributed is not configured with encryption admission, executing step S230b: and encrypting the distribution network information according to the distribution network key to obtain a third encryption ciphertext.
Step S232: and the mobile terminal sends a third encrypted ciphertext to the equipment to be networked.
Step S234: and the equipment to be distributed decrypts the received first encrypted ciphertext according to the first shared key, so as to obtain a distribution network key.
If the network device to be distributed is configured with encryption admission, step S236a is executed: and the equipment to be distributed calculates the private key and the distribution network key to obtain an updated distribution network key, and decrypts the third encrypted ciphertext according to the updated distribution network key to obtain distribution network information.
If the network to be distributed is not configured with encryption admission, step S236b is executed: and the equipment to be distributed decrypts the third encrypted ciphertext according to the distribution network key so as to obtain distribution network information.
By way of example and not limitation, after the device to be configured acquires the distribution network information, the device to be configured scans the target router and connects to the target router through the distribution network information, so as to complete distribution network. Optionally, the device to be networked may send a Wi-Fi aware frame to the mobile terminal to notify the mobile terminal to stop sending other Wi-Fi aware frames.
It is noted that the steps of the above-described methods are not limited to the order of execution unless otherwise specified.
Illustratively, the communication steps between the network device to be configured, the anchor master device and the mobile terminal may be performed through Wi-Fi aware frames. For example, in step S234, the device to be networked may analyze a customized payload portion in a Wi-Fi aware frame received from the anchor master device to obtain a first encrypted ciphertext, and further decrypt the received first encrypted ciphertext according to the first shared key, thereby obtaining the key for the network distribution.
EXAMPLE III
According to a third aspect of the present disclosure, a network distribution method based on Wi-Fi awareness is disclosed, which is performed in a proximity awareness network cluster formed by networking a plurality of devices to be distributed, one of the plurality of devices to be distributed being selected as an anchor master device, as shown in fig. 6, the method includes:
a) At least one device to be distributed negotiates with an anchoring main device to obtain a first shared key;
b) The method comprises the steps that at least one device to be distributed acquires a first encryption ciphertext from an anchoring main device, wherein the first encryption ciphertext comprises a ciphertext obtained by encrypting a distribution network key generated by the anchoring main device according to a first shared key;
c) The at least one device to be distributed with the network acquires a third encryption ciphertext from the mobile terminal, wherein the third encryption ciphertext is a ciphertext obtained by encrypting the distribution network information acquired by the mobile terminal according to the distribution network key;
d) The at least one device to be distributed with the network decrypts the first encrypted ciphertext according to the first shared key to obtain a distribution network key;
e) And the at least one device to be distributed with the network decrypts the third encrypted ciphertext according to the distribution network key to obtain the distribution network information.
Optionally, step a) further comprises: and the at least one device to be distributed sends configuration information to the anchoring main device, wherein the configuration information indicates whether the at least one device to be distributed is configured with encryption admission or not.
Further optionally, if at least one device to be configured with network to be configured is configured with encryption admission, at least one device to be configured with a private key, where the private key is obtained by the mobile terminal by scanning a two-dimensional code on the device to be configured or by being input by a user on the mobile terminal or by being obtained by the anchor master device.
Further optionally, if at least one device to be configured with encrypted admission is configured, the step c) further includes: and the at least one to-be-distributed network device acquires a third encryption ciphertext from the mobile terminal, wherein the third encryption ciphertext is a ciphertext obtained by encrypting the distribution network information acquired by the mobile terminal by using the distribution network key updated according to the private key and the distribution network key.
Further optionally, if at least one device to be configured with encrypted admission is configured, step e) further includes: and the at least one to-be-distributed network device decrypts the third encrypted ciphertext according to the private key and the distribution network key so as to obtain distribution network information.
Optionally, the configuration information further includes address information of the device to be configured.
Further optionally, the method further comprises: f) And at least one device to be distributed feeds back a result of distribution according to the distribution network information to the mobile terminal.
Optionally, the first encrypted ciphertext further includes ciphertext obtained by encrypting, according to the first shared key, address information of at least one to-be-distributed network device that does not obtain the distribution network key.
Optionally, after the at least one device to be distributed decrypts the first encrypted ciphertext according to the first shared key to obtain the distribution network key and address information of the at least one device to be distributed without obtaining the distribution network key, the following steps are performed to distribute the distribution network key to the at least one device to be distributed without obtaining the distribution network key:
(a) At least one device to be distributed with the distribution network key not obtained negotiates with at least one device to be distributed with the distribution network key obtained to obtain a corresponding first shared key;
(b) The method comprises the steps that at least one device to be distributed, which does not obtain a distribution network key, obtains a corresponding first encryption ciphertext from the at least one device to be distributed, which obtains the distribution network key through encryption according to a corresponding first shared key;
(c) And at least one device to be distributed with the network key which is obtained decrypts the corresponding first encrypted ciphertext according to the corresponding first shared key to obtain the network key.
Optionally, the at least one device to be distributed and the anchoring master device obtain the first shared key through asymmetric key negotiation.
Optionally, the plurality of devices to be networked and/or the plurality of devices to be networked and the mobile terminal communicate with each other through a Wi-Fi aware frame.
Example four
According to a fourth aspect of the present disclosure, a Wi-Fi aware-based network distribution method is disclosed, which is performed in a proximity-aware network cluster formed by networking a plurality of to-be-distributed network devices, one of which is selected as an anchoring master device, as shown in fig. 7, and the method includes:
a) The anchoring main equipment negotiates with at least one network equipment to be configured to obtain a first shared key;
b) The anchoring main equipment sends a first encryption ciphertext to at least one to-be-distributed network equipment, wherein the first encryption ciphertext is a ciphertext obtained by encrypting a distribution network key generated by the anchoring main equipment according to a first shared key;
c) The anchoring main equipment and the mobile terminal negotiate to obtain a second shared key;
d) And the anchoring main equipment sends a second encrypted ciphertext to the mobile terminal, wherein the second encrypted ciphertext is a ciphertext obtained by encrypting the distribution network key according to the second shared key.
Optionally, step a) further comprises: the anchoring main device obtains configuration information from at least one device to be configured, wherein the configuration information indicates whether the at least one device to be configured is configured with encryption admission.
Optionally, step d) further comprises: and the anchoring main equipment sends a second encrypted ciphertext to the mobile terminal, wherein the second encrypted ciphertext is a ciphertext obtained by encrypting the configuration information and the distribution network key according to a second shared key.
Optionally, the configuration information further includes configuration information obtained by the anchoring master device from other devices to be connected to the network in the proximity-aware network cluster.
EXAMPLE five
According to a fifth aspect of the present disclosure, a Wi-Fi awareness-based network distribution method is disclosed, which is performed in a proximity-aware network cluster formed by networking a plurality of devices to be distributed, one of the plurality of devices to be distributed being selected as an anchor master device, as shown in fig. 8, the method includes:
a) The mobile terminal and the anchoring main equipment negotiate to obtain a second shared key;
b) The mobile terminal acquires a second encrypted ciphertext from the anchoring main device, wherein the second encrypted ciphertext is a ciphertext obtained by encrypting the distribution network key according to a second shared key;
c) The mobile terminal decrypts the second encrypted ciphertext according to the second shared key to obtain a distribution network key;
d) And the mobile terminal sends a third encryption ciphertext to the at least one to-be-distributed network device, wherein the third encryption ciphertext is a ciphertext obtained by encrypting the distribution network information obtained by the mobile terminal according to the distribution network key.
Optionally, step b) further comprises: the mobile terminal acquires a second encrypted ciphertext from the anchoring main device, wherein the second encrypted ciphertext is a ciphertext obtained by encrypting the configuration information and the distribution network key according to a second shared key; the configuration information indicates whether at least one device to be distributed is configured with encryption admission, wherein if the at least one device to be distributed is configured with the encryption admission, the at least one device to be distributed is configured with a private key.
Optionally, step c) further comprises: and the mobile terminal decrypts the second encrypted ciphertext according to the second shared key to acquire the configuration information and the distribution network key.
Further optionally, if at least one device to be configured with encrypted admission is configured, the step d) further includes: the mobile terminal acquires a private key of the equipment to be distributed, and calculates the private key and the distribution network key to acquire an updated distribution network key; and encrypting the distribution network information according to the updated distribution network key to obtain a third encryption ciphertext.
Further optionally, the mobile terminal obtains the private key of the device to be networked by scanning the two-dimensional code on the device to be networked or inputting the private key on the mobile terminal by a user or by anchoring the main device.
EXAMPLE six
As shown in fig. 9, there is shown a device to be networked 900, comprising: a receiving module 902, a sending module 904, a key negotiation module 906, a storage module 908, an encryption and decryption module 910, and a parsing module 912.
The receiving module is used for discovering Wi-Fi sensing services in a wireless environment and receiving Wi-Fi sensing frames from other devices to be networked, an anchoring main device or a mobile terminal. The sending module is used for enabling other devices in the adjacent perception network cluster to discover the device to be networked by sending the Wi-Fi perception frame, and sending the Wi-Fi perception frame to the other devices to be networked, the anchoring main device or the mobile terminal. For example, after the information about the network to be configured acquires the information about the network configuration, the distribution result may be fed back to the mobile terminal through the sending module. The key negotiation module is used for executing shared key negotiation in an asymmetric encryption interaction process between the device to be networked and other devices (such as an anchoring main device and a mobile terminal) to obtain a corresponding shared key. The storage module is used for storing the acquired shared key, the distribution network information and the like. The encryption and decryption module is used for encrypting the ciphertext or decrypting the ciphertext, for example, encrypting the distribution network key according to the first shared key to obtain a first encrypted ciphertext, or decrypting the first encrypted ciphertext according to the first shared key to obtain the distribution network key. The analysis module is used for analyzing the received beacon frame, the Wi-Fi sensing frame and the like so as to obtain the information carried by the payload part.
As previously described, by way of example and not limitation, one of the plurality of devices to be networked in the proximity-aware network cluster is selected as the anchoring master device. In the process that a plurality of devices to be distributed are distributed, other devices to be distributed can be selected as the anchoring main device, and the method is not limited to the method of pushing fixed devices to be distributed as the anchoring main device.
By way of example and not limitation, the device to be networked may include an intelligent device without a human-computer interaction interface, such as an intelligent network camera, an intelligent television box, an intelligent sound box, or other intelligent devices with a human-computer interaction interface.
EXAMPLE seven
As shown in fig. 10, a hardware structure of a device to be networked 1000 is shown, which includes: a processor 1002, a wireless communication interface 1004, a universal serial bus interface 1006, a memory 1008, and a communication bus for enabling communication connections between these components.
Wherein, optionally, the wireless communication interface may provide Wi-Fi, bluetooth (BT), etc. wireless communication. The device to be distributed receives and sends the Wi-Fi sensing frame through the wireless communication module.
Optionally, the universal serial bus interface is an interface conforming to a USB standard specification, and may specifically be any one of a Mini USB interface, a Micro USB interface, a USB Type C interface, and the like, and the universal serial bus interface may be used to implement functions such as data transmission with a peripheral device.
Optionally, the device to be networked may further include an auxiliary hardware component such as a Radio Frequency (RF) circuit, a sensor, and a power management module.
Example eight
According to an eighth aspect of the present disclosure, there is provided a computer-readable storage medium which, when run by a computer program, causes an apparatus to perform the method as described in embodiment three, or causes an apparatus to perform the method as described in embodiment four, or causes an apparatus to perform the method as described in embodiment five.
Computer-readable storage media, including both non-transitory and non-transitory, removable and non-removable media, may implement any method or technology for storage of information. Examples of computer storage media include, but are not limited to: phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technologies, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, may be used to store information that may be accessed by a computing device.
It should be noted that the present invention may be implemented in software and/or in a combination of software and hardware, for example, as an Application Specific Integrated Circuit (ASIC), a general purpose computer or any other similar hardware device. In some embodiments, the methods of the present invention may be performed by a processor to perform the above steps or functions. Further, some of the steps or functions of the present invention may be implemented in hardware, for example, as circuitry that cooperates with the processor to perform various steps or functions.
Example nine
According to a ninth aspect of the present disclosure, there is provided an embedded chip system, comprising: a processor for calling and running the computer program from the memory so that the communication device with the embedded chip system installed thereon executes the method described in the third embodiment; or causing the communication apparatus mounted with the embedded chip system to execute the method as described in the fourth embodiment; or cause a communication apparatus in which the embedded chip system is installed to execute the method as described in embodiment five.
It is to be understood that the naming of the modules and the selection of the interaction modules within the present disclosure are for illustrative purposes only, and that nodes adapted to perform any of the methods described above may be configured in a number of alternative ways so as to be able to perform the suggested process actions.
It should also be noted that the units described in this disclosure are to be regarded as logical entities and not necessarily as separate physical entities.
Certain aspects of the inventive concept have mainly been described above with reference to a few embodiments. However, as is readily appreciated by a person skilled in the art, embodiments other than the ones disclosed above are equally possible and within the scope of the inventive concept. Similarly, while many different combinations have been discussed, not all possible combinations are disclosed. Those skilled in the art will appreciate that other combinations exist and are within the scope of the inventive concept. Moreover, as understood by the skilled person, the embodiments disclosed herein are equally applicable to other standards and communication systems, and any feature from a particular figure disclosed in connection with other features may be applicable to any other figure and/or combined with different features.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof, and it is intended that all such modifications and variations within the scope of the appended claims and their equivalents be embraced by the present application and are intended to be included therein without any reference to the following claims.
According to the distribution network method based on Wi-Fi perception, the characteristics that Wi-Fi perception service discovers equipment and performs communication among the equipment through Wi-Fi perception frames are utilized, all equipment to be distributed can obtain a distribution network key in a safe and reliable mode, a ciphertext containing distribution network information is decrypted according to the distribution network key and finally connected to a wireless router, and therefore the safety of the equipment to be distributed in the distribution network process can be improved.
On the other hand, for the to-be-distributed network equipment which is not provided with the encrypted access, the technical scheme can realize that a large amount of to-be-distributed network equipment is distributed in batches, so that the network distribution process is convenient and simple, the operation complexity of a single device in a network distribution or in a batch network distribution is reduced, and the network distribution time is greatly shortened. In addition, due to the characteristic of efficient transmission of the Wi-Fi sensing frame and the utilization of a timely feedback mechanism of the equipment to be distributed after the equipment to be distributed acquires the distribution network information, the success rate of batch distribution of the equipment to be distributed is greatly improved.
The technical scheme of the distribution network transmission method and the distribution network transmission device is verified by experiments, is completely feasible, can successfully transmit the Wi-Fi distribution network information under the conditions of serious interference and high packet loss rate, and can more quickly finish the transmission of the information under the conditions of less interference and low packet loss rate.

Claims (22)

1. A Wi-Fi aware-based network distribution method performed in a proximity-aware network cluster formed by networking a plurality of devices to be distributed, one of the plurality of devices to be distributed being selected as an anchoring master device, the method comprising:
a) The at least one device to be distributed negotiates with the anchoring main device to obtain a first shared key;
b) The at least one to-be-distributed network device acquires a first encryption ciphertext from the anchoring main device, wherein the first encryption ciphertext comprises a ciphertext obtained by encrypting a distribution network key generated by the anchoring main device according to the first shared key;
c) The at least one device to be distributed with the network acquires a third encrypted ciphertext from the mobile terminal, wherein the third encrypted ciphertext is a ciphertext obtained by encrypting the distribution network information acquired by the mobile terminal according to the distribution network key;
d) The at least one device to be distributed with the network decrypts the first encrypted ciphertext according to the first shared key to obtain the distribution network key;
e) And the at least one device to be distributed decrypts the third encrypted ciphertext according to the distribution network key to acquire the distribution network information.
2. The method of claim 1,
the step a) further comprises: the at least one device to be distributed sends configuration information to the anchoring main device, wherein the configuration information indicates whether the at least one device to be distributed is configured with encryption admission.
3. The method of claim 2,
and if the at least one device to be distributed is configured with encryption access, the at least one device to be distributed is configured with a private key, and the private key is obtained by scanning a two-dimensional code on the device to be distributed by the mobile terminal or input on the mobile terminal by a user or obtained by the anchoring main device.
4. The method of claim 3,
if the at least one device to be configured with encrypted admission is configured with encrypted admission, step c) further comprises: and the at least one device to be distributed with the network acquires a third encrypted ciphertext from the mobile terminal, wherein the third encrypted ciphertext is a ciphertext obtained by encrypting the distribution network information acquired by the mobile terminal by using the updated distribution network key obtained by calculating according to the private key and the distribution network key.
5. The method of claim 3,
if the at least one device to be configured with encrypted admission is configured with encrypted admission, step e) further comprises: and the at least one device to be distributed with the network decrypts the third encrypted ciphertext according to the private key and the distribution network key to obtain the distribution network information.
6. The method of claim 2,
the configuration information also comprises address information of the equipment to be networked.
7. The method according to any one of claims 1-6, wherein the method further comprises:
f) And the at least one device to be distributed feeds back a distribution result according to the distribution network information to the mobile terminal.
8. The method according to any one of claims 1 to 6,
the first encryption ciphertext further comprises ciphertext obtained by encrypting address information of at least one to-be-distributed network device which does not obtain a distribution network key according to the first shared key.
9. The method according to claim 7,
after the at least one device to be distributed decrypts the first encrypted ciphertext according to the first shared key to obtain a distribution network key and address information of the at least one device to be distributed without obtaining the distribution network key, executing the following steps to distribute the distribution network key to the at least one device to be distributed without obtaining the distribution network key:
the at least one device to be distributed without the distribution network key and the at least one device to be distributed with the distribution network key obtained negotiate to obtain a corresponding first shared key;
the at least one to-be-distributed network device which does not obtain the distribution network key obtains a corresponding first encryption ciphertext from the at least one to-be-distributed network device which obtains the distribution network key, wherein the corresponding first encryption ciphertext is a ciphertext obtained by encrypting the distribution network key according to the corresponding first shared key;
and the at least one device to be distributed with the distribution network key obtained decrypts the corresponding first encrypted ciphertext according to the corresponding first shared key to obtain the distribution network key.
10. The method according to any one of claims 1 to 6,
the at least one device to be distributed and the anchoring main device acquire a first shared key through asymmetric key negotiation.
11. The method according to any one of claims 1 to 6,
and the plurality of devices to be distributed and/or the plurality of devices to be distributed and the mobile terminal are communicated through Wi-Fi sensing frames.
12. A Wi-Fi aware-based network distribution method performed in a proximity-aware network cluster formed by networking a plurality of devices to be distributed, one of the plurality of devices to be distributed being selected as an anchoring master device, the method comprising:
a) The anchoring main device and the at least one device to be distributed negotiate to obtain a first shared key;
b) The anchoring main device sends a first encryption ciphertext to at least one device to be networked, wherein the first encryption ciphertext is a ciphertext obtained by encrypting a distribution network key generated by the anchoring main device according to the first shared key;
c) The anchoring main equipment and the mobile terminal negotiate to obtain a second shared key;
d) And the anchoring main equipment sends a second encryption ciphertext to the mobile terminal, wherein the second encryption ciphertext is a ciphertext obtained by encrypting the distribution network key according to the second shared key.
13. The method of claim 11,
step a) further comprises: the anchoring main device acquires configuration information from the at least one device to be distributed, wherein the configuration information indicates whether the at least one device to be distributed is configured with encryption admission.
14. The method of claim 12,
step d) further comprises: and the anchoring main equipment sends a second encrypted ciphertext to the mobile terminal, wherein the second encrypted ciphertext is a ciphertext obtained by encrypting the configuration information and the distribution network key according to the second shared key.
15. The method of claim 12,
the configuration information further includes configuration information obtained by the anchoring master device from other devices to be distributed in the proximity-aware network cluster.
16. A Wi-Fi aware-based network distribution method performed in a proximity-aware network cluster formed by networking a plurality of devices to be distributed, one of the plurality of devices to be distributed being selected as an anchoring master device, the method comprising:
a) The mobile terminal and the anchoring main equipment negotiate to obtain a second shared key;
b) The mobile terminal acquires a second encryption ciphertext from the anchoring main device, wherein the second encryption ciphertext is a ciphertext obtained by encrypting the distribution network key according to the second shared key;
c) The mobile terminal decrypts the second encrypted ciphertext according to the second shared key to obtain the distribution network key;
d) And the mobile terminal sends a third encryption ciphertext to at least one device to be distributed, wherein the third encryption ciphertext is a ciphertext obtained by encrypting the distribution network information obtained by the mobile terminal according to the distribution network key.
17. The method of claim 15,
step b) further comprises: the mobile terminal acquires a second encrypted ciphertext from the anchoring main device, wherein the second encrypted ciphertext is a ciphertext obtained by encrypting the configuration information and the distribution network key according to the second shared key; the configuration information indicates whether the at least one to-be-distributed network device is configured with encryption access, wherein if the at least one to-be-distributed network device is configured with encryption access, the at least one to-be-distributed network device is configured with a private key.
18. The method of claim 16,
step c) further comprises: and the mobile terminal decrypts the second encrypted ciphertext according to the second shared key to acquire the configuration information and the distribution network key.
19. The method of claim 17,
if the at least one device to be configured with encrypted admission is configured with encrypted admission, the step d) further comprises: the mobile terminal acquires a private key of the equipment to be networked, and calculates the private key and the distribution network key to acquire an updated distribution network key; and encrypting the distribution network information according to the updated distribution network key to obtain a third encryption ciphertext.
20. The method of claim 18,
and the mobile terminal obtains the private key of the equipment to be networked by scanning the two-dimensional code on the equipment to be networked or inputting the private key on the mobile terminal by a user or by the anchoring main equipment.
21. A computer-readable storage medium, comprising,
the computer-readable storage medium has stored thereon a computer program which, when executed,
cause an apparatus to perform a method as claimed in any one of claims 1 to 10, or
Cause an apparatus to perform a method as claimed in any of claims 11 to 14, or
Causing an apparatus to perform the method of any one of claims 15 to 19.
22. An embedded chip system, characterized in that,
the method comprises the following steps: a processor for calling and running the computer program from the memory,
causing a communication device in which the embedded chip system is installed to perform the method of any one of claims 1 to 10; or
Causing a communication device in which the embedded chip system is installed to perform the method of any one of claims 11 to 14; or alternatively
Causing a communication device in which the embedded chip system is installed to perform the method of any one of claims 14 to 19.
CN202211298116.9A 2022-10-21 2022-10-21 Network distribution method based on Wi-Fi perception, embedded chip system and medium Pending CN115604700A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202211298116.9A CN115604700A (en) 2022-10-21 2022-10-21 Network distribution method based on Wi-Fi perception, embedded chip system and medium
PCT/CN2023/125721 WO2024083235A1 (en) 2022-10-21 2023-10-20 Network configuration method based on wi-fi sensing, embedded chip system, and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211298116.9A CN115604700A (en) 2022-10-21 2022-10-21 Network distribution method based on Wi-Fi perception, embedded chip system and medium

Publications (1)

Publication Number Publication Date
CN115604700A true CN115604700A (en) 2023-01-13

Family

ID=84849656

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211298116.9A Pending CN115604700A (en) 2022-10-21 2022-10-21 Network distribution method based on Wi-Fi perception, embedded chip system and medium

Country Status (2)

Country Link
CN (1) CN115604700A (en)
WO (1) WO2024083235A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116667972A (en) * 2023-08-01 2023-08-29 南京朗立微集成电路有限公司 WiFi frame structure for sensing and WiFi detection method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116667972A (en) * 2023-08-01 2023-08-29 南京朗立微集成电路有限公司 WiFi frame structure for sensing and WiFi detection method
CN116667972B (en) * 2023-08-01 2023-12-12 南京朗立微集成电路有限公司 WiFi frame structure for sensing and WiFi detection method

Also Published As

Publication number Publication date
WO2024083235A1 (en) 2024-04-25

Similar Documents

Publication Publication Date Title
US11576023B2 (en) Method and apparatus for providing a secure communication in a self-organizing network
US10885198B2 (en) Bootstrapping without transferring private key
CA2750814C (en) Authentication for a multi-tier wireless home mesh network
JP5000648B2 (en) Direct wireless client-to-client communication
US11317348B2 (en) Communication apparatus and communication method for low power event monitoring
KR101504447B1 (en) Systems and methods for implementing ad hoc wireless networking
US8964634B2 (en) Wireless home mesh network bridging adaptor
CN104205933B (en) Seamless transition of cellular phone from cellular communication to Wi-Fi communication
CN108886685B (en) Terminal matching method and device
CN104137618A (en) Shared network access via a peer-to-peer link
EP4008118B1 (en) Secure path discovery in a mesh network
CN113132983B (en) Network disconnection reconnection method for intelligent terminal
CN113068181B (en) Multi-type intelligent terminal safety network access method
WO2024083235A1 (en) Network configuration method based on wi-fi sensing, embedded chip system, and medium
CN113455026A (en) Access method and communication device
US20230379799A1 (en) Device network configuration method and first device
CN115622833B (en) Device management method, system, device and medium for cross-terminal communication based on bus
CN112654038A (en) Method, device and system for decrypting Mesh network data
CN112153599A (en) Message transmission method and device, Internet of vehicles equipment and management node
CN113132966A (en) Intelligent terminal fast network access method
WO2017169957A1 (en) Communication unit, extension, and base unit
CN113873505B (en) Method and system for automatically discovering distribution network by intelligent terminal
WO2022206701A1 (en) Access point candidate set establishment method and communication apparatus
WO2023143022A1 (en) Method and apparatus for data processing in random access process
CN115567923A (en) Method, device, equipment and storage medium for establishing multi-connection

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination