CN115643033A - Communication method, communication device, electronic equipment and computer-readable storage medium - Google Patents
Communication method, communication device, electronic equipment and computer-readable storage medium Download PDFInfo
- Publication number
- CN115643033A CN115643033A CN202211327734.1A CN202211327734A CN115643033A CN 115643033 A CN115643033 A CN 115643033A CN 202211327734 A CN202211327734 A CN 202211327734A CN 115643033 A CN115643033 A CN 115643033A
- Authority
- CN
- China
- Prior art keywords
- controller
- computing device
- trusted computing
- sent
- sending
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
The application provides a communication method, a communication device, electronic equipment and a computer-readable storage medium. The method is applied to a controller and comprises the following steps: receiving transmission data sent by a trusted computing device; sending the transmission data to a cloud server, and sending a challenge request to a third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to carry out integrity measurement on the transmission data; and after receiving the information which is sent by the third-party auditing agency and used for representing the completeness of the transmission data, sending information which represents the success of communication to the trusted computing device. By the method, the transmitted data can be verified in the communication process of the controller and the trusted computing device, so that the received transmitted data can be ensured not to be falsified in the communication process, and the communication safety can be improved.
Description
Technical Field
The present application relates to the field of communications technologies, and in particular, to a communication method, an apparatus, an electronic device, and a computer-readable storage medium.
Background
The trusted communication technology is used for guaranteeing the communication security and the credibility from the aspects of hardware and software and guaranteeing the security and the credibility of the internal and external information of the control system. The control system communication technology in the trusted communication mainly adopts a trusted computing chip added on system hardware as a trusted core, which is used as a trusted base point of the whole trusted communication technology to ensure the security of a trusted communication interface and a link so as to ensure the reliable and reliable transmission of data.
Currently, location-based authenticity protection techniques are commonly used in trusted communication technologies. The authenticity protection technology based on the position mainly realizes the reverse verification of the authenticity of the source address by means of a routing table. However, the above-mentioned location-based authenticity protection technology is lack of validity check of an address source, and thus cannot cover all scenarios of IP address spoofing, so that the security of trusted communication using the location-based authenticity protection technology is not high.
Disclosure of Invention
An object of the embodiments of the present application is to provide a communication method, an apparatus, an electronic device, and a computer-readable storage medium, so as to improve security of communication.
The invention is realized by the following steps:
in a first aspect, an embodiment of the present application provides a communication method, which is applied to a controller, and the method includes: receiving transmission data sent by a trusted computing device; sending the transmission data to a cloud server, and sending a challenge request to a third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to carry out integrity measurement on the transmission data; and after receiving the information which is sent by the third-party auditing agency and used for representing the completeness of the transmission data, sending information which represents the success of communication to the trusted computing device.
In this embodiment of the application, after receiving the transmission data sent by the trusted computing device, the controller may perform third-party verification on the transmission data, that is, initiate a challenge request for performing integrity measurement on the transmission data to a third-party auditing agency, and if the third-party auditing agency verifies that the transmission data is complete, it indicates that the communication is successful. By the method, the transmitted data can be verified in the communication process, so that the received transmitted data can be ensured not to be tampered in the communication process, and the communication safety can be improved.
With reference to the technical solution provided by the first aspect, in some possible implementations, before the receiving transmission data sent by the trusted computing device, the method further includes: after receiving the identity information sent by the trusted computing device and verifying that the identity information sent by the trusted computing device is correct, sending system state data to the cloud server and sending a challenge request to the third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to carry out integrity measurement on the system state data, and the system state data are data corresponding to various states of the controller in a starting stage; and after receiving the information which is sent by the third-party auditing mechanism and is used for representing the completeness of the system state data, sending identity information of the trusted computing device to the trusted computing device.
In this embodiment of the application, after receiving the identity information sent by the trusted computing device and verifying that the identity information sent by the trusted computing device is correct, the third-party verification is performed on the system state data of the controller itself, and if the system state data is complete, it indicates that the system state data is not tampered, that is, the controller itself has no problem and is trusted, and at this time, the controller may send the identity information to the trusted communication device for identity verification. In this way, it can be ensured that the controller is authentic, i.e. has not been tampered with by others, before receiving the transmission data sent by the trusted computing device, so that the security of the communication between the trusted computing device and the controller can be further improved.
With reference to the technical solution provided by the first aspect, in some possible implementations, before the receiving transmission data sent by the trusted computing device, the method further includes: after receiving identity information and encryption information sent by the trusted computing device and verifying that the identity of the trusted computing device is correct according to the identity information, sending system state data to the cloud server and sending a challenge request to the third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to carry out integrity measurement on the system state data, and the system state data are data corresponding to various states of the controller in a starting stage; after receiving information which is sent by the third-party auditing agency and represents that the system state data is complete, sending identity information and encryption information of the trusted computing device to the trusted computing device; receiving a signature sent by the trusted computing device, wherein the signature is a signature of the trusted computing device on a self serial number by using a platform identity certificate after the trusted computing device determines that the identity information of the controller is correct; upon verifying that the signature is correct, sending a signature of itself to the trusted computing device.
In this embodiment of the application, after receiving the identity information and the encryption information sent by the trusted computing device and verifying that the identity information sent by the trusted computing device is correct, the third party verifies the system state data of the controller itself, and if the system state data is complete, it indicates that the system state data is not tampered, that is, the controller itself has no problem and is trusted, and at this time, the controller can send the identity information and the encryption information to the trusted communication device for identity verification. After the trusted computing device verifies that the identity information sent by the controller is correct, the trusted computing device may send its signature to the controller, so that the controller sends its signature to the trusted computing device after verifying that the signature is correct. In this way, the system state data of the controller can be verified by a third party auditing agency before the trusted computing device transmits data to the controller to ensure that the data of the controller itself has not been tampered with. And after the identity of the other party is verified to be legal, the signature of the other party is verified, so that privacy disclosure caused by monitoring a transmission process by an intruder can be avoided, and the communication safety can be further improved.
With reference to the technical solution provided by the first aspect, in some possible implementations, before sending the identity information and the encryption information of the trusted computing apparatus to the trusted computing apparatus, the method further includes: comparing the received hash value sent by the third-party auditing mechanism with a hash value calculated by the third-party auditing mechanism according to the system state data, wherein the hash value sent by the third-party auditing mechanism is the hash value calculated by the third-party auditing mechanism according to the system state data; and determining that the hash value sent by the third-party auditing mechanism is the same as the calculated hash value.
In the embodiment of the application, the hash value sent by the third-party auditing mechanism is compared with the hash value calculated by the controller according to the system state data, so that whether the third-party auditing mechanism is credible or not can be verified, namely, if the hash value sent by the third-party auditing mechanism is the same as the calculated hash value, the third-party auditing mechanism is credible, at the moment, the complete information of the system state data sent by the third-party auditing mechanism can be judged to be credible, and the subsequent steps can be carried out. Through the mode, the integrity result sent by the third-party auditing mechanism can be ensured to be correct, so that the communication safety can be further improved.
With reference to the technical solution provided by the first aspect, in some possible implementations, after the sending the signature of the trusted computing device to the trusted computing device, the method further includes: after the trusted computing device determines that the signature of the controller is correct and sends a public key corresponding to the temporary key generated by the trusted computing device to the controller, receiving the public key sent by the trusted computing device; a temporary key is generated and a public key corresponding to the temporary key is sent to the trusted computing device.
In the embodiment of the application, through the above manner, before the trusted computing device sends the transmission data to the controller, the transmission data can be encrypted by using the newly generated key, that is, the transmission data is not encrypted by using the commonly used key, so that after the encrypted transmission data is stolen by others, the transmission data can be prevented from being decrypted by using the previous key, so that the transmission data is stolen, and further, the security of communication can be further improved.
In a second aspect, an embodiment of the present application provides a communication method, which is applied to a trusted computing apparatus, where the method includes: transmitting transmission data to a controller, so that the controller transmits the transmission data to a cloud server after receiving the transmission data, and sends a challenge request to a third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to perform integrity measurement on the transmission data; after receiving the information which represents the completeness of the transmission data and is sent by the third-party auditing mechanism, the controller sends information which represents the success of communication to the trusted computing device; and receiving the information which is sent by the controller and represents the successful communication.
In this embodiment of the application, after the trusted computing device sends the transmission data to the controller, the controller may perform third party verification on the transmission data, that is, initiate a challenge request for performing integrity measurement on the transmission data to a third party auditing agency, and if the third party auditing agency verifies that the transmission data is complete, the communication is successful. By the mode, the transmitted data can be verified in the communication process, so that the received transmitted data can be ensured not to be tampered in the communication process, and the communication safety can be improved.
With reference to the technical solution provided by the second aspect, in some possible implementations, before sending transmission data to the controller, the method further includes: sending system state data to the cloud server, and sending a challenge request to the third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to carry out integrity measurement on the system state data, and the system state data are data corresponding to various states of a system in which the trusted computing device is located at a starting stage; after receiving information which is sent by the third-party auditing mechanism and used for representing the completeness of the system state data, sending identity information of the controller to the controller; and receiving the identity information sent by the controller, and verifying the identity of the controller to be correct according to the identity information.
In the embodiment of the application, before the transmission data is sent to the controller, the trusted communication device can perform third-party verification on the system state data of the trusted communication device, if the system state data is complete, it indicates that the system state data is not tampered, that is, the trusted communication device has no problem, and at this time, the identity information can be sent to the controller for identity verification. And after the controller verifies that the identity of the trusted communication device is correct, the identity information sent by the controller can be received, and after the identity of the controller is verified to be correct according to the identity information, the transmission data can be sent to the controller. By the method, the system state data of the controller can be verified by the third-party auditing mechanism before the transmission data are sent to the controller, so that the data of the controller are not tampered. And after the two parties verify that the identity of the other party is correct, the trusted computing device sends transmission data to the controller, so that the communication safety can be further improved.
With reference to the technical solution provided by the second aspect, in some possible implementations, before sending transmission data to the controller, the method further includes: sending system state data to the cloud server, and sending a challenge request to the third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to carry out integrity measurement on the system state data, and the system state data are data corresponding to various states of a system in which the trusted computing device is located in a starting stage; after receiving information which is sent by the third-party auditing mechanism and represents that the system state data is complete, sending identity information and encryption information of the controller to the controller; receiving identity information and encrypted information sent by the controller; after the identity information sent by the controller is verified to be correct, sending a self signature to the controller, wherein the signature is a signature of a self serial number by using a platform identity certificate after the trusted computing device determines that the identity information of the controller is correct; and receiving the signature sent by the controller and verifying that the signature is correct.
In the embodiment of the application, before the transmission data is sent to the controller, whether the system state data of the controller is correct is verified by a third-party auditing mechanism, and after the system state data is correct, the identity information and the encryption information of the controller are sent to the controller. After the controller verifies that the identity of the trusted computing device is correct, the identity information and the encrypted information of the trusted computing device are sent to the controller, and the trusted computing device can verify whether the identity of the controller is correct according to the received identity information of the controller. After the identity of the controller is verified to be correct, the two parties can send signatures to each other. In this way, the system state data of the trusted computing device can be verified by a third party audit authority before the transmission data is sent to the controller to ensure that the controller's own data has not been tampered with. And after the identity of the other party is verified to be legal, the signature of the other party is verified, so that privacy disclosure caused by the fact that an intruder monitors the transmission process can be avoided, and the safety of communication can be further improved.
With reference to the technical solution provided by the second aspect, in some possible implementations, before sending the identity information and the encryption information of the controller to the controller, the method further includes: comparing the received hash value sent by the third-party auditing mechanism with a hash value calculated by the third-party auditing mechanism according to the system state data, wherein the hash value sent by the third-party auditing mechanism is the hash value calculated by the cloud server according to the system state data; and determining that the hash value sent by the third-party auditing mechanism is the same as the calculated hash value.
In the embodiment of the application, the hash value sent by the third-party auditing mechanism is compared with the hash value calculated by the trusted computing device according to the system state data, so that whether the third-party auditing mechanism is trusted or not can be verified, namely, if the hash value sent by the third-party auditing mechanism is the same as the calculated hash value, the third-party auditing mechanism is trusted, at the moment, the complete information of the system state data sent by the third-party auditing mechanism can be judged to be trusted, and then the subsequent steps can be carried out. Through the mode, the integrity result sent by the third-party auditing mechanism can be ensured to be correct, so that the communication safety can be further improved.
With reference to the technical solution provided by the second aspect, in some possible implementations, after the verifying that the signature is correct, the method further includes: generating a temporary secret key and sending a public key corresponding to the temporary secret key to the controller; and receiving a public key corresponding to the controller sent by the controller, wherein the transmission data is data encrypted by using a private key corresponding to the temporary key generated by the trusted computing device.
In the embodiment of the application, through the above manner, before the trusted computing device sends the transmission data to the controller, the transmission data can be encrypted by using the newly generated key, that is, the transmission data is not encrypted by using the commonly used key, so that after the encrypted transmission data is stolen by others, the transmission data can be prevented from being decrypted by using the previous key, the transmission data is stolen, and the security of communication can be further improved.
In a third aspect, an embodiment of the present application provides a communication apparatus, which is applied to a controller, and the apparatus includes: the receiving module is used for receiving transmission data sent by the trusted computing device; the communication module is used for sending the transmission data to a cloud server and sending a challenge request to a third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to carry out integrity measurement on the transmission data; and if the information which represents that the transmission data is complete and is sent by the third-party auditing mechanism is received, the information which represents that the communication is successful is sent to the trusted computing device.
In a fourth aspect, an embodiment of the present application provides a communication apparatus, applied to a trusted computing apparatus, the apparatus including: the sending module is used for sending transmission data to a controller so that the controller sends the transmission data to a cloud server after receiving the transmission data and sends a challenge request to a third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to carry out integrity measurement on the transmission data; after receiving the information which represents that the transmission data is complete and is sent by the third-party auditing mechanism, the controller sends information which represents that the communication is successful to the trusted computing device; and the receiving module is used for receiving the information which is sent by the controller and represents the successful communication.
In a fifth aspect, an embodiment of the present application provides an electronic device, including: an apparatus body and a controller for performing the method as provided in the above first aspect embodiment and/or in connection with some possible implementations of the above first aspect embodiment, the controller being disposed on the apparatus body.
In a sixth aspect, an embodiment of the present application provides an electronic device, including: a device body and a trusted computing arrangement for performing the method as provided in the second aspect embodiment described above and/or in connection with some possible implementations of the second aspect embodiment described above, the trusted computing arrangement being provided on the device body.
In a seventh aspect, an embodiment of the present application provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, performs the method as provided in the foregoing first aspect embodiment and/or in combination with some possible implementations of the foregoing first aspect embodiment, or performs the method as provided in the foregoing second aspect embodiment and/or in combination with some possible implementations of the foregoing second aspect embodiment.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments of the present application will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and that those skilled in the art can also obtain other related drawings based on the drawings without inventive efforts.
Fig. 1 is a flowchart illustrating steps of a communication method according to an embodiment of the present disclosure.
Fig. 2 is a flowchart illustrating steps of another communication method according to an embodiment of the present disclosure.
Fig. 3 is a flowchart illustrating steps of another communication method according to an embodiment of the present application.
Fig. 4 is a block diagram of a communication device according to an embodiment of the present disclosure.
Fig. 5 is a block diagram of another communication device according to an embodiment of the present disclosure.
Fig. 6 is a block diagram of an electronic device according to an embodiment of the present disclosure.
Fig. 7 is a block diagram of another electronic device according to an embodiment of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.
In view of the fact that in the trusted communication technology, the commonly used location-based authenticity protection technology cannot cover all scenarios of IP address spoofing, thereby making the security of trusted communication using the location-based authenticity protection technology low. The inventors of the present application have studied and found that the following examples are proposed to improve the above-mentioned problems.
The following describes a specific flow and steps of a communication method with reference to fig. 1. The embodiment of the present application provides a communication method, which can be applied to communication between a Controller and a trusted computing device, where the Controller may be a PLC (Programmable Logic Controller), and the trusted computing device may be a trusted cryptographic module, for example: TCM (Trusted Cryptography Module) Module.
It should be noted that the communication method provided in the embodiment of the present application is not limited to the sequence shown in fig. 1 and below.
Step S101: the trusted computing device sends the transfer data to the controller.
Before the trusted computing device sends the transfer data to the controller, the trusted computing device may establish a communication connection with the controller, such as: a TCP (Transmission Control Protocol) connection, and the like. After the communication connection between the trusted computing device and the controller is established, the trusted computing device may send transmission data to the controller, where the transmission data may be set according to actual conditions.
After the trusted computing device sends the transfer data to the controller, the method may proceed to step S102.
Step S102: the controller receives transmission data sent by the trusted computing device.
After the trusted computing device sends the transfer data to the controller, the controller may receive the transfer data. And after receiving the transmission data, the method may proceed to step S103.
Step S103: and the controller sends the transmission data to the cloud server and sends a challenge request to a third-party auditing agency.
The challenge request is used for enabling a third-party auditing mechanism to carry out integrity measurement on transmission data. A Third Party auditing agency (TPA) can select a corresponding auditing agency according to actual conditions.
The sending, by the controller, the transmission data to the cloud server may specifically include: dividing the transmission data into n blocks, and respectively sending the n blocks of data to a cloud server, wherein n is any positive integer.
After the controller sends the transmission data to the cloud server and sends a challenge request to the third-party auditing agency, the third-party auditing agency can receive the challenge request, and the challenge request carries the controller information. Then, the third-party auditing mechanism can send a request for acquiring the transmission data of the controller to the cloud server based on the controller information, so as to acquire the transmission data. After receiving transmission data sent by the cloud server, the third-party auditing mechanism can determine a hash function and an initial hash value, sequentially calculate the hash value for each data block until a final hash value is generated, determine whether the transmission data is complete according to the final hash value, namely determine whether the transmission data is tampered, and if the transmission data is complete, represent that the transmission data is not tampered. And determining whether the transmission data is complete or not according to the final hash value at a third-party auditing mechanism, and feeding back a corresponding result to the controller.
The hash function may be selected according to actual conditions, for example: a SHA-2 function may be used that may calculate a hash value for the next data block based on the hash value calculated for the previous data block. It will be appreciated that different hash functions may correspond to different initial hash values.
It should be noted that, the specific principle of the third-party audit organization for performing integrity measurement on data by using the hash function may refer to the principle in the prior art, and is not described herein for avoiding repeated description.
After the controller issues a challenge request to a third party audit authority, the method may proceed to step S104.
Step S104: and after receiving the information which represents that the transmission data is complete and is sent by the third-party auditing mechanism, the controller sends information which represents that the communication is successful to the trusted computing device.
And if the controller receives the information which is sent by the third-party auditing agency and represents that the transmission data is not tampered, namely the transmission data is credible, the controller can use the transmission data. At this point, the controller may send information to the trusted computing device characterizing the success of the communication.
After the controller sends information to the trusted computing device that the communication was successful, the method may proceed to step S105.
Step S105: the trusted computing device receives information sent by the controller characterizing the success of the communication.
After the trusted device receives the information sent by the controller and indicating that the communication is successful, the communication can be ended.
In this embodiment of the application, after receiving the transmission data sent by the trusted computing device, the controller may perform third-party verification on the transmission data, that is, initiate a challenge request for performing integrity measurement on the transmission data to a third-party auditing agency, and if the third-party auditing agency verifies that the transmission data is complete, it indicates that the communication is successful. By the mode, the transmitted data can be verified in the communication process, so that the received transmitted data can be ensured not to be tampered in the communication process, and the communication safety can be improved.
Optionally, if the controller receives information that represents that transmission data sent by the third-party audit authority is complete, sending information that represents input data to the trusted computing device may specifically include: and if the controller receives the final hash value sent by the third-party auditing agency, the hash value calculated by the controller according to the transmission data is compared with the final hash value, and if the final hash value is the same as the hash value calculated by the controller, a verification result is sent to the trusted computing device, wherein the verification result can be information representing that the final hash value is the same as the hash value calculated by the controller. Accordingly, the trusted computing device receives the verification result sent by the controller.
In an embodiment of the application, the third party auditing mechanism may send the final hash value to the controller after determining that the transmitted data is complete, thereby indicating that it has determined that the transmitted data is complete. After the controller receives the final hash value, the hash value calculated according to the transmission data can be compared with the final hash value, so that whether the third-party audit mechanism is credible or not is verified, namely if the final hash value is different from the hash value calculated by the controller, the third-party audit mechanism is possibly tampered by others, namely the third-party audit mechanism is not credible; at the moment, the information that the transmission data sent by the third-party auditing mechanism is complete can be judged to be not credible, and the communication between the third-party auditing mechanism and the credible computing device can be interrupted; correspondingly, if the final hash value is the same as the hash value calculated by the third party auditing agency, the third party auditing agency is trusted, at the moment, the complete information of the transmission data sent by the third party auditing agency can be judged to be trusted, and the verification result can be sent to the trusted computing device, so that the successful communication is indicated.
Through the mode, the verification of the third-party auditing mechanism can be realized in the communication process, so that the result of the related transmission data sent by the third-party auditing mechanism can be judged on the basis of the third-party auditing mechanism, and the communication safety can be further improved.
Optionally, referring to fig. 2, before the trusted computing device sends the transmission data to the controller, the communication method may further include:
step S201: the trusted computing device sends the system state data to the cloud server, and sends a challenge request to the third-party auditing agency, wherein the challenge request is used for enabling the third-party auditing agency to carry out integrity measurement on the system state data, and the system state data are data corresponding to various states of a system where the trusted computing device is located in a starting stage.
Step S202: and after receiving the information which is sent by the third-party auditing agency and indicates that the system state data is complete, the trusted computing device sends the identity information of the trusted computing device to the controller.
Step S203: the controller receives identity information sent by the trusted computing device, verifies the identity of the trusted computing device to be correct according to the identity information, sends system state data to the cloud server, and sends a challenge request to a third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to carry out integrity measurement on the system state data of the controller, and the system state data are data corresponding to various states of the controller in a starting stage.
Step S204: and after receiving the information which is sent by the third-party auditing agency and represents the complete system state data, the controller sends the identity information of the controller to the trusted computing device.
Step S205: the trusted computing device receives the identity information sent by the controller and verifies that the identity of the controller is correct according to the identity information.
The identity information may be a platform identity certificate.
The sending, by the trusted computing device, the system state data to the cloud server may specifically include: dividing the system state data into n blocks, and respectively sending the n blocks of data to a cloud server, wherein n is any positive integer. The sending, by the controller, the system state data to the cloud server may specifically include: dividing the system state data into n blocks, and respectively sending the n blocks of data to a cloud server, wherein n is any positive integer. In addition, the process of the third-party auditing mechanism for performing integrity measurement on the system data can refer to the process of the third-party auditing mechanism for performing integrity measurement on the input data in the foregoing embodiment, which is avoided to be repeated, and is not described here again.
It will be appreciated that the above-described process of performing integrity measurement on the system state data of the trusted computing device and the controller may be performed after the trusted computing device and the controller establish a communication connection.
In the embodiment of the application, before the trusted communication device sends the transmission data to the controller, the trusted communication device can perform third-party verification on the system state data of the trusted communication device, if the system state data is complete, it indicates that the system state data is not tampered, that is, the trusted communication device has no problem and is trusted, and at this time, the identity information can be sent to the controller for identity verification. After the controller receives the identity information sent by the trusted communication device, whether the identity of the trusted communication device is correct or not can be verified according to the identity information, if the identity of the trusted communication device is correct, third-party verification can be performed on system state data of the controller, and if the system state data is complete, the system state data is not tampered, namely the controller has no problem and is trusted, and at the moment, the controller can send the identity information to the trusted communication device for identity verification. After the trusted computing device receives the identity information sent by the controller, and after verifying that the identity of the controller is correct based on the identity information, then transmission data may be sent to the controller.
Through the mode, the system state data of the trusted computing device can be verified through the third-party auditing mechanism before the trusted computing device transmits the data to the controller, so that the data of the trusted computing device and the controller are not tampered. After the data of the two parties are determined not to be tampered and the two parties verify that the identity of the other party is correct, the trusted computing device sends transmission data to the controller, and therefore the communication safety can be further improved.
In addition, it should be noted that, if the trusted computing device verifies that the identity of the controller is incorrect, or the system state data of the trusted computing device is incomplete, or the controller verifies that the identity of the trusted computing device is incorrect, or the system state data of the controller is incomplete, the party who found the problem interrupts communication, thereby ensuring the security of communication between the two parties.
Optionally, referring to fig. 3, before the trusted computing device sends the transmission data to the controller, the communication method may further include:
step S301: the trusted computing device sends the system state data to the cloud server and sends a challenge request to a third-party audit authority. The challenge request is used for enabling a third-party auditing mechanism to carry out integrity measurement on system state data, and the system state data are data corresponding to various states of a system where the trusted computing device is located in a starting stage.
Step S302: and after receiving the information which is sent by the third-party auditing agency and represents the completeness of the system state data, the trusted computing device sends the identity information and the encryption information of the trusted computing device to the controller.
Step S303: the controller receives the identity information and the encryption information sent by the trusted computing device, and sends the system state data to the cloud server and sends a challenge request to a third-party auditing agency after verifying that the identity information sent by the trusted computing device is correct. The challenge request is used for enabling a third-party auditing mechanism to carry out integrity measurement on system state data, and the system state data are data corresponding to various states of the controller in a starting stage.
Step S304: and after receiving the information which is sent by the third-party auditing agency and represents the complete system state data, the controller sends the identity information and the encryption information of the controller to the trusted computing device.
Step S305: the trusted computing device receives the identity information and the encrypted information sent by the controller; after the identity information sent by the controller is verified to be correct, the signature of the trusted computing device is sent to the controller, and the signature is the signature of the trusted computing device on the serial number of the trusted computing device by using the platform identity certificate after the identity information of the controller is determined to be correct.
Step S306: the control device receives a signature sent by the trusted computing device, wherein the signature is a signature of the trusted computing device on a self serial number by using a platform identity certificate after the identity information of the controller is determined to be correct; after verifying that the signature is correct, the signature of itself is sent to the trusted computing device.
Step S307: the trusted computing device receives the signature sent by the controller and verifies that the signature is correct.
Wherein, the identity information can be a platform identity certificate; the encryption information may be a platform encryption certificate.
It should be noted that the sending of the identity information and the encryption information of the sender is to send encrypted identity information. When the encrypted identity information is verified, the stored public key can be used to decrypt the identity information, and then the identity verification is performed according to the decrypted information, such as: after receiving the identity information and the encrypted information sent by the trusted computing device, the controller can decrypt the encrypted identity information by using the public key of the trusted computing device stored locally, and then verify whether the identity information sent by the trusted computing device is correct or not according to the decrypted information.
For a specific process of sending the system state data to the cloud server by the trusted computing device and the controller, reference may be made to a process of sending the system state data to the cloud server by the trusted computing device and the controller in the foregoing embodiment, so as to avoid repeated description, and description is not repeated here. In addition, the process of the third-party auditing mechanism for performing integrity measurement on the system data can refer to the process of the third-party auditing mechanism for performing integrity measurement on the input data in the foregoing embodiment, which is avoided to be repeated, and is not described here again.
It will be appreciated that the above-described process of performing integrity measurements on the system state data of the trusted computing device and the controller may be performed after the trusted computing device and the controller establish a communication connection.
In the embodiment of the application, before the trusted computing device sends the transmission data to the controller, the trusted computing device may perform third-party verification on the system state data, and if the system state data is complete, it indicates that the system state data is not tampered, that is, the trusted computing device has no problem, and at this time, the identity information and the encryption information may be sent to the controller for identity verification. After the controller receives the identity information and the encryption information sent by the trusted communication device, whether the identity of the trusted communication device is correct or not can be verified according to the identity information, if the identity of the trusted communication device is correct, third-party verification can be performed on system state data of the controller, and if the system state data is complete, the system state data is not tampered, namely the controller has no problem and is trusted, and at the moment, the controller can send the identity information and the encryption information to the trusted communication device for identity verification.
After the trusted computing device receives the identity information and the encrypted information sent by the controller and verifies that the identity information sent by the controller is correct, sending a self signature to the controller; after the controller verifies that the signature is correct, the signature of the controller is sent to the trusted computing device, so that mutual signature verification between the trusted computing device and the controller is achieved.
By the mode, before the trusted computing device transmits data to the controller, the system state data of the trusted computing device can be verified through the third-party auditing mechanism, so that the data of the trusted computing device and the controller are not tampered. And after the data of the two parties are determined not to be falsified and the identities of the two parties verify that the two parties are legal, the two parties sign each other, so that privacy disclosure caused by monitoring the transmission process by an intruder can be avoided, and the safety of communication can be further improved.
In addition, it should be noted that if the trusted computing device verifies that the identity of the controller is incorrect, or the system state data of the trusted computing device is incomplete, or the trusted computing device verifies that the signature of the controller is incorrect, or the controller verifies that the identity of the trusted computing device is incorrect, or the system state data of the controller is incomplete, or the signature of the trusted computing device is incorrect, the party who found the problem interrupts the communication, thereby securing the previous communication between the two parties.
Further, before the trusted computing device sends its own identity information and encryption information to the controller, the communication method may further include: comparing the received hash value sent by the third-party auditing mechanism with a hash value calculated by the third-party auditing mechanism according to the system state data, wherein the hash value sent by the third-party auditing mechanism is a hash value calculated by the cloud server according to the system state data; and determining that the hash value sent by the third-party auditing mechanism is the same as the calculated hash value.
In the embodiment of the application, the hash value sent by the third-party audit organization is compared with the hash value calculated by the trusted calculation device according to the system state data, so that whether the third-party audit organization is trusted or not can be verified, namely, if the hash value sent by the third-party audit organization is different from the calculated hash value, the third-party audit organization is possibly tampered by others, namely, the third-party audit organization is not trusted; at the moment, the information that the system state data sent by the third-party auditing mechanism is complete can be judged to be not credible, and the communication between the current time and the credible computing device can be interrupted; correspondingly, if the hash value sent by the third-party audit organization is the same as the calculated hash value, the third-party audit organization is credible, at the moment, the complete information of the system state data sent by the third-party audit organization can be judged to be credible, and then the subsequent steps can be carried out. Through the mode, the integrity result sent by the third-party auditing mechanism can be ensured to be correct, so that the communication safety can be further improved.
Further, before the controller sends its identity information and encryption information to the trusted computing device, the communication method may further include: comparing the received hash value sent by the third-party auditing mechanism with a hash value calculated by the third-party auditing mechanism according to the system state data, wherein the hash value sent by the third-party auditing mechanism is the hash value calculated by the third-party auditing mechanism according to the system state data; and determining that the hash value sent by the third-party auditing mechanism is the same as the calculated hash value.
In the embodiment of the application, the hash value sent by the third-party audit organization is compared with the hash value calculated by the controller according to the system state data, so that whether the third-party audit organization is credible or not can be verified, namely, if the hash value sent by the third-party audit organization is different from the calculated hash value, the third-party audit organization is possibly tampered by others, namely, the third-party audit organization is not credible; at the moment, the information that the system state data sent by the third-party auditing mechanism is complete can be judged to be not credible, and the communication between the third-party auditing mechanism and the credible computing device can be interrupted; correspondingly, if the hash value sent by the third-party audit organization is the same as the calculated hash value, the third-party audit organization is credible, at the moment, the complete information of the system state data sent by the third-party audit organization can be judged to be credible, and then the subsequent steps can be carried out. Through the mode, the integrity result sent by the third-party auditing mechanism can be ensured to be correct, so that the communication safety can be further improved.
Optionally, after the trusted computing device verifies that the signature sent by the controller is correct, the communication method may further include:
step S401: the trusted computing device generates a temporary key and sends a public key corresponding to the temporary key to the controller.
Step S402: the controller receives a public key sent by the trusted computing device.
Step S403: the controller generates a temporary key and sends a public key corresponding to the temporary key to the trusted computing device.
Step S404: the trusted computing device receives a public key corresponding thereto sent by the controller.
The transmission data is data encrypted by using a private key corresponding to a temporary secret key generated by the trusted computing device. The principle of the trusted computing device and the controller generating the temporary key may refer to the principle in the prior art, and will not be described herein.
In the embodiment of the application, after the trusted computing device and the controller send the signatures to each other and verify that the signatures of the two parties are correct, the public keys of the temporary keys generated by the trusted computing device and the controller send each other, so that the trusted computing device can subsequently use the private key of the newly generated temporary key to encrypt transmission data, and correspondingly, the controller can subsequently use the received public key of the optional computing device to decrypt the encrypted transmission data to obtain the transmission data. By the mode, the transmission data can be encrypted by using the newly generated key before the trusted computing device sends the transmission data to the controller, namely the transmission data is not encrypted by using the commonly used key, so that the transmission data can be prevented from being decrypted by using the previous key after the encrypted transmission data is stolen by others, the transmission data can be stolen, and the communication safety can be further improved.
Furthermore, it is understood that, since the controller and the trusted computing device both receive the public key corresponding to the temporary key of the other, the controller may transmit the transmission data to the trusted computing device based on the methods of the foregoing embodiments, that is, the controller and the trusted computing device may transmit information to each other based on the methods of the foregoing embodiments.
Referring to fig. 4, based on the same inventive concept, an embodiment of the present application further provides a communication apparatus 100 applied to a controller, where the apparatus 100 includes: a receiving module 101 and a communication module 102.
The receiving module 101 is configured to receive transmission data sent by the trusted computing device.
The communication module 102 is configured to send the transmission data to the cloud server, and send a challenge request to a third-party auditing agency, where the challenge request is used for enabling the third-party auditing agency to perform integrity measurement on the transmission data; and after receiving the information which represents the complete transmission data and is sent by the third-party auditing mechanism, sending the information which represents the successful communication to the trusted computing device.
Optionally, before receiving the transmission data sent by the trusted computing device, the receiving module 101 is further configured to, after receiving the identity information sent by the trusted computing device and verifying that the identity information sent by the trusted computing device is correct, send system state data to the cloud server, and send a challenge request to the third-party auditing mechanism, where the challenge request is used to enable the third-party auditing mechanism to perform integrity measurement on the system state data, and the system state data is data corresponding to various states of the controller at a start stage; and after receiving the information which is sent by the third-party auditing agency and used for representing the completeness of the system state data, sending the identity information of the trusted computing device to the trusted computing device.
Optionally, before receiving transmission data sent by the trusted computing device, the receiving module 101 is further configured to send system state data to the cloud server after receiving the identity information and the encryption information sent by the trusted computing device and verifying that the identity of the trusted computing device is correct according to the identity information, and send a challenge request to the third-party auditing mechanism, where the challenge request is used for the third-party auditing mechanism to perform integrity measurement on the system state data, and the system state data is data corresponding to various states of the controller at a starting stage; after receiving information which is sent by a third-party auditing agency and represents that system state data is complete, sending identity information and encryption information of the trusted computing device to the trusted computing device; receiving a signature sent by the trusted computing device, wherein the signature is a signature of the trusted computing device on a self serial number by using a platform identity certificate after the identity information of the controller is determined to be correct; after verifying that the signature is correct, the signature of itself is sent to the trusted computing device.
Optionally, before sending the identity information and the encryption information of the third party to the trusted computing device, the receiving module 101 is further configured to compare the received hash value sent by the third-party auditing mechanism with a hash value calculated by the third-party auditing mechanism according to the system state data, where the hash value sent by the third-party auditing mechanism is the hash value calculated by the third-party auditing mechanism according to the system state data; and determining that the hash value sent by the third-party auditing mechanism is the same as the calculated hash value.
Optionally, after sending the signature of the receiving module 101 to the trusted computing device, the receiving module is further configured to receive a public key sent by the trusted computing device after the trusted computing device determines that the signature of the controller is correct and sends a public key corresponding to the temporary key generated by the trusted computing device to the controller; a temporary key is generated and a public key corresponding to the temporary key is sent to the trusted computing device.
Referring to fig. 5, based on the same inventive concept, an embodiment of the present application further provides a communication apparatus 200 applied to a trusted computing apparatus, where the apparatus 200 includes: a sending module 201 and a receiving module 202.
The sending module 201 is configured to send transmission data to the controller, so that the controller sends the transmission data to the cloud server after receiving the transmission data, and sends a challenge request to a third-party auditing agency, where the challenge request is used for enabling the third-party auditing agency to perform integrity measurement on the transmission data; and the controller is enabled to send information representing successful communication to the trusted computing device after receiving the information representing complete transmission data sent by the third-party auditing agency.
And a receiving module 202, configured to receive the information that indicates that the communication is successful and is sent by the controller.
Optionally, before sending the transmission data to the controller, the sending module 201 is further configured to send the system state data to the cloud server, and send a challenge request to the third-party auditing agency, where the challenge request is used for enabling the third-party auditing agency to perform integrity measurement on the system state data, and the system state data is data corresponding to various states of a system in which the trusted computing device is located at a starting stage; after receiving information which is sent by a third-party auditing mechanism and represents that system state data is complete, sending identity information of the third-party auditing mechanism to a controller; and receiving the identity information sent by the controller, and verifying the identity of the controller to be correct according to the identity information.
Optionally, before sending the transmission data to the controller, the sending module 201 is further configured to send the system state data to the cloud server, and send a challenge request to the third-party auditing agency, where the challenge request is used for enabling the third-party auditing agency to perform integrity measurement on the system state data, and the system state data is data corresponding to various states of a system in which the trusted computing device is located at a starting stage; after receiving information which is sent by a third party auditing mechanism and represents the complete system state data, sending self identity information and encryption information to a controller; receiving identity information and encrypted information sent by a controller; after the identity information sent by the controller is verified to be correct, sending a self signature to the controller, wherein the signature is a signature of the trusted computing device on a self serial number by using a platform identity certificate after the identity information of the controller is determined to be correct; and receiving the signature sent by the controller and verifying that the signature is correct.
Optionally, before sending the identity information and the encryption information of the cloud server to the controller, the sending module 201 is further configured to compare the received hash value sent by the third-party auditing mechanism with a hash value calculated by the third-party auditing mechanism according to the system state data, where the hash value sent by the third-party auditing mechanism is a hash value calculated by the cloud server according to the system state data; and determining that the hash value sent by the third-party auditing mechanism is the same as the calculated hash value.
Optionally, after verifying that the signature is correct, the sending module 201 is further configured to generate a temporary key, and send a public key corresponding to the temporary key to the controller; and receiving the public key corresponding to the transmission data sent by the controller, wherein the transmission data is encrypted by using a private key corresponding to the temporary secret key generated by the trusted computing device.
Referring to fig. 6, based on the same inventive concept, an embodiment of the present application provides a schematic block diagram of an electronic device 300, where the electronic device includes a device body 301 and a controller 302 for implementing the communication method, and the controller 302 is disposed on the device body 301.
It should be understood that the structure shown in fig. 6 is merely an illustration, and the electronic device 300 provided in the embodiments of the present application may have fewer or more components than those shown in fig. 6, or may have a different configuration than that shown in fig. 6. Further, the components shown in fig. 6 may be implemented by software, hardware, or a combination thereof.
Referring to fig. 7, based on the same inventive concept, an exemplary structural block diagram of an electronic device 400 provided in the embodiment of the present application includes a device body 401 and a trusted computing apparatus 402 that implements the above-mentioned communication method, where the trusted computing apparatus 402 is disposed on the device body 401.
It should be understood that the structure shown in fig. 7 is merely an illustration, and the electronic device 400 provided in the embodiment of the present application may have fewer or more components than those shown in fig. 7, or may have a different configuration than that shown in fig. 7. Further, the components shown in fig. 7 may be implemented by software, hardware, or a combination thereof.
It should be noted that, as those skilled in the art can clearly understand, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
Based on the same inventive concept, embodiments of the present application further provide a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed, the computer program performs the methods provided in the above embodiments.
The storage medium may be any available medium that can be accessed by a computer or a data storage device including one or more integrated servers, data centers, and the like. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid State Disk (SSD)), among others.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described apparatus embodiments are merely illustrative, and for example, the division of the units into only one type of logical function may be implemented in other ways, and for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not implemented. In addition, the shown or discussed coupling or direct coupling or communication connection between each other may be through some communication interfaces, indirect coupling or communication connection between devices or units, and may be in an electrical, mechanical or other form.
In addition, units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional modules in the embodiments of the present application may be integrated together to form an independent part, or each module may exist alone, or two or more modules may be integrated to form an independent part.
The above description is only an example of the present application and is not intended to limit the scope of the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application.
Claims (15)
1. A communication method applied to a controller, the method comprising:
receiving transmission data sent by a trusted computing device;
sending the transmission data to a cloud server, and sending a challenge request to a third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to carry out integrity measurement on the transmission data;
and after receiving the information which is sent by the third-party auditing agency and represents that the transmission data is complete, sending information which represents that the communication is successful to the trusted computing device.
2. The method of claim 1, wherein prior to the receiving the transmission data sent by the trusted computing device, the method further comprises:
after receiving the identity information sent by the trusted computing device and verifying that the identity information sent by the trusted computing device is correct, sending system state data to the cloud server and sending a challenge request to the third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to carry out integrity measurement on the system state data, and the system state data are data corresponding to various states of the controller in a starting stage;
and after receiving the information which is sent by the third-party auditing mechanism and is used for representing the completeness of the system state data, sending identity information of the trusted computing device to the trusted computing device.
3. The method of claim 1, wherein prior to the receiving the transmission data sent by the trusted computing device, the method further comprises:
after receiving identity information and encryption information sent by the trusted computing device and verifying that the identity of the trusted computing device is correct according to the identity information, sending system state data to the cloud server and sending a challenge request to the third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to carry out integrity measurement on the system state data, and the system state data are data corresponding to various states of the controller in a starting stage;
after receiving information which is sent by the third-party auditing agency and represents that the system state data is complete, sending identity information and encryption information of the trusted computing device to the trusted computing device;
receiving a signature sent by the trusted computing device, wherein the signature is a signature of the trusted computing device on a self serial number by using a platform identity certificate after the trusted computing device determines that the identity information of the controller is correct;
upon verifying that the signature is correct, sending a signature of itself to the trusted computing device.
4. The method of claim 3, wherein prior to said sending identity information and encryption information of itself to the trusted computing device, the method further comprises:
comparing the received hash value sent by the third-party auditing mechanism with a hash value calculated by the third-party auditing mechanism according to the system state data, wherein the hash value sent by the third-party auditing mechanism is the hash value calculated by the third-party auditing mechanism according to the system state data;
and determining that the hash value sent by the third-party auditing mechanism is the same as the calculated hash value.
5. The method of claim 3 or 4, wherein after said sending the signature of itself to the trusted computing device, the method further comprises:
after the trusted computing device determines that the signature of the controller is correct and sends a public key corresponding to the temporary key generated by the trusted computing device to the controller, receiving the public key sent by the trusted computing device;
a temporary key is generated and a public key corresponding to the temporary key is sent to the trusted computing device.
6. A method of communication, applied to a trusted computing device, the method comprising:
transmitting transmission data to a controller, so that the controller transmits the transmission data to a cloud server after receiving the transmission data, and sends a challenge request to a third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to perform integrity measurement on the transmission data; after receiving the information which represents that the transmission data is complete and is sent by the third-party auditing mechanism, the controller sends information which represents that the communication is successful to the trusted computing device;
and receiving the information which is sent by the controller and represents the successful communication.
7. The method of claim 6, wherein prior to said sending transmission data to said controller, said method further comprises:
sending system state data to the cloud server, and sending a challenge request to the third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to carry out integrity measurement on the system state data, and the system state data are data corresponding to various states of a system in which the trusted computing device is located at a starting stage;
after receiving information which is sent by the third-party auditing mechanism and used for representing the completeness of the system state data, sending identity information of the controller to the controller;
and receiving the identity information sent by the controller, and verifying the identity of the controller to be correct according to the identity information.
8. The method of claim 6, wherein prior to said sending transmission data to said controller, said method further comprises:
sending system state data to the cloud server, and sending a challenge request to the third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to carry out integrity measurement on the system state data, and the system state data are data corresponding to various states of a system in which the trusted computing device is located in a starting stage;
after receiving information which is sent by the third-party auditing mechanism and represents that the system state data is complete, sending identity information and encryption information of the controller to the controller;
receiving identity information and encrypted information sent by the controller;
after the identity information sent by the controller is verified to be correct, sending a self signature to the controller, wherein the signature is a signature of a self serial number by using a platform identity certificate after the trusted computing device determines that the identity information of the controller is correct;
and receiving the signature sent by the controller, and verifying that the signature is correct.
9. The method of claim 8, wherein before said sending identity information and encryption information of itself to the controller, the method further comprises:
comparing the received hash value sent by the third-party auditing mechanism with a hash value calculated by the third-party auditing mechanism according to the system state data, wherein the hash value sent by the third-party auditing mechanism is the hash value calculated by the cloud server according to the system state data;
and determining that the hash value sent by the third-party auditing mechanism is the same as the calculated hash value.
10. The method according to claim 8 or 9, wherein after said verifying that the signature is correct, the method further comprises:
generating a temporary secret key and sending a public key corresponding to the temporary secret key to the controller;
and receiving a public key corresponding to the controller sent by the controller, wherein the transmission data is data encrypted by using a private key corresponding to the temporary key generated by the trusted computing device.
11. A communication apparatus, applied to a controller, the apparatus comprising:
the receiving module is used for receiving transmission data sent by the trusted computing device;
the communication module is used for sending the transmission data to a cloud server and sending a challenge request to a third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to carry out integrity measurement on the transmission data; and after receiving the information which is sent by the third-party auditing mechanism and represents that the transmission data is complete, sending information which represents that the communication is successful to the trusted computing device.
12. A communications device, for use with a trusted computing device, the device comprising:
the sending module is used for sending transmission data to a controller so that the controller sends the transmission data to a cloud server after receiving the transmission data and sends a challenge request to a third-party auditing mechanism, wherein the challenge request is used for enabling the third-party auditing mechanism to carry out integrity measurement on the transmission data; after receiving the information which represents that the transmission data is complete and is sent by the third-party auditing mechanism, the controller sends information which represents that the communication is successful to the trusted computing device;
and the receiving module is used for receiving the information which is sent by the controller and represents the successful communication.
13. An electronic device, comprising: an apparatus body and a controller that executes the communication method according to any one of claims 1 to 5, the controller being provided on the apparatus body.
14. An electronic device, comprising: a device body and a trusted computing device arranged on the device body to perform the communication method according to any one of claims 6 to 10.
15. A computer-readable storage medium, having stored thereon a computer program which, when executed by a computer, performs the method of any one of claims 1-5, or performs the method of any one of claims 6-10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211327734.1A CN115643033A (en) | 2022-10-26 | 2022-10-26 | Communication method, communication device, electronic equipment and computer-readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211327734.1A CN115643033A (en) | 2022-10-26 | 2022-10-26 | Communication method, communication device, electronic equipment and computer-readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115643033A true CN115643033A (en) | 2023-01-24 |
Family
ID=84946173
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211327734.1A Pending CN115643033A (en) | 2022-10-26 | 2022-10-26 | Communication method, communication device, electronic equipment and computer-readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115643033A (en) |
-
2022
- 2022-10-26 CN CN202211327734.1A patent/CN115643033A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11128477B2 (en) | Electronic certification system | |
| CN112651037B (en) | Out-of-chain data access method and system for block chain system | |
| JP4638912B2 (en) | Method for transmitting a direct proof private key in a signed group to a device using a distribution CD | |
| US20050187966A1 (en) | Data communicating apparatus, data communicating method, and program | |
| US12132839B2 (en) | Decentralised authentication | |
| KR20200013764A (en) | Method for mutual symmetric authentication between first application and second application | |
| US11424915B2 (en) | Terminal registration system and terminal registration method with reduced number of communication operations | |
| CN101241528A (en) | Terminal access trusted PDA method and access system | |
| CN109361508A (en) | Data transmission method, electronic equipment and computer readable storage medium | |
| EP2747377A2 (en) | Trusted certificate authority to create certificates based on capabilities of processes | |
| CN110635901A (en) | Local Bluetooth dynamic authentication method and system for Internet of things equipment | |
| WO2023151427A1 (en) | Quantum key transmission method, device and system | |
| CN114338091B (en) | Data transmission method, device, electronic equipment and storage medium | |
| CN115473655A (en) | Terminal authentication method, device and storage medium for access network | |
| CN110611679A (en) | Data transmission method, device, equipment and system | |
| US11570008B2 (en) | Pseudonym credential configuration method and apparatus | |
| WO2021008490A1 (en) | Remote attestation method and apparatus | |
| CN114553566B (en) | Data encryption method, device, equipment and storage medium | |
| CN113783846B (en) | Trusted data transmission system and method | |
| CN107241341B (en) | Access control method and device | |
| KR101256114B1 (en) | Message authentication code test method and system of many mac testserver | |
| CN115643033A (en) | Communication method, communication device, electronic equipment and computer-readable storage medium | |
| CN118432826B (en) | Group device registration and identity authentication method, system, device and storage medium | |
| CN110225011B (en) | Authentication method and device for user node and computer readable storage medium | |
| CN110048837B (en) | Method and system for copying cipher machine equipment and cipher machine equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |