CN115714675A - Verification method and generation method of offline password and intelligent door lock - Google Patents
Verification method and generation method of offline password and intelligent door lock Download PDFInfo
- Publication number
- CN115714675A CN115714675A CN202211394449.1A CN202211394449A CN115714675A CN 115714675 A CN115714675 A CN 115714675A CN 202211394449 A CN202211394449 A CN 202211394449A CN 115714675 A CN115714675 A CN 115714675A
- Authority
- CN
- China
- Prior art keywords
- password
- time
- offline
- administrator
- generation time
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Lock And Its Accessories (AREA)
Abstract
The application discloses a verification method and a generation method of an offline password, wherein the method comprises the following steps: acquiring an offline password input by a user, and decrypting the offline password to acquire an administrator password and password generation time; the password generation time is the current time of the server used when the server generates the offline password; verifying whether the administrator password is correct; if the password of the administrator is correct, comparing the password generation time with the local storage time of the intelligent device to be unlocked to obtain a comparison result; and determining an unlocking verification result matched with the comparison result. Through the mode, the problem that the accuracy of the validity period of the offline password is reduced after the intelligent device fails to update in time to cause local time errors can be solved.
Description
Technical Field
The application relates to the technical field of password verification of intelligent equipment, in particular to a verification method and a generation method of an offline password and an intelligent door lock.
Background
The password authentication technology is a technology commonly used in daily life, and the property safety and the information safety of a user can be protected to a great extent by a password authentication mode. For example, a door lock with password authentication function may be used to reduce the probability of theft, and a smart device, software, or web portal with password authentication function may also improve the security of user information.
In order to enable the intelligent device to work in a non-networking state, the intelligent device also has a function of verifying an offline password with a certain validity period. However, if the smart device is not networked, the local time preset inside the smart device may be different from the actual time, which may result in the smart device not being able to verify the validity period of the offline password well.
Disclosure of Invention
The embodiment of the application provides an offline password verification method, an offline password generation method and an intelligent door lock, and can solve the problem that in the prior art, the accuracy of the validity period of an offline password is reduced after local time is wrong due to the fact that intelligent equipment cannot be updated timely.
In a first aspect, an embodiment of the present application provides an offline password verification method, including: acquiring an offline password input by a user, and decrypting the offline password to acquire an administrator password and password generation time; the password generation time is the current local time of the server used when the server generates the offline password; verifying whether the administrator password is correct; if the password of the administrator is correct, comparing the password generation time with the local storage time of the intelligent device to be unlocked to obtain a comparison result; and determining an unlocking verification result matched with the comparison result.
In a second aspect, an embodiment of the present application provides a method for generating an offline password, where current local time of a server is obtained as password generation time, and an administrator password of an intelligent device to be unlocked is obtained; the method comprises the steps of encrypting at least an administrator password and password generation time to generate an offline password, sending the offline password to a user, decrypting the offline password to obtain the administrator password and the password generation time when the intelligent device to be unlocked receives the offline password input by the user, verifying whether the administrator password is correct, comparing the password generation time with the local storage time of the intelligent device to be unlocked when the administrator password is correct to obtain a comparison result, and determining an unlocking verification result matched with the comparison result.
In a third aspect, an embodiment of the present application provides an intelligent door lock, including a door lock body, a processor, and a memory, where the memory stores program instructions, and the processor is configured to execute the program instructions to implement an offline password authentication method.
The beneficial effect of this application is: different from the prior art, the current local time of the server is used as the password generation time of the offline password, and the password generation time and the local time of the intelligent device are compared in the morning and in the evening to verify the validity period of the password. Because the current local time of the server is synchronous with the actual time, even if the local time of the intelligent device is earlier than the actual time due to the fact that the intelligent device cannot be updated timely, the validity period of the offline password can be effectively verified, and the problem that the accuracy of verifying the validity period of the offline password is not high after the local time is wrong due to the fact that the intelligent device cannot be updated timely is solved.
Drawings
FIG. 1 is a schematic structural diagram of an embodiment of an intelligent door lock of the present application;
FIG. 2 is a schematic view of an embodiment of an intelligent door lock according to the present application;
FIG. 3 is a flowchart illustrating an embodiment of a method for generating an offline password according to the present application;
fig. 4 is a flowchart illustrating an embodiment of an offline password verification method according to the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The inventor of the present application has found through long-term research that during the verification process of the offline password, the device to be unlocked may cause the local storage time to be different from the actual time for some reasons (such as network disconnection). If the local time of the device to be unlocked is not accurate, the accuracy and timeliness of the verification offline password will be poor. In order to solve the above technical problem, the present application proposes the following embodiments.
The following embodiments of the intelligent door lock of the present application describe exemplary configurations of the intelligent door lock.
Referring to fig. 1, it includes a door lock body 11, a processor 12, and a memory 13. The memory 13 is used for storing program instructions. The processor 12 is configured to execute program instructions to implement a method for off-line password authentication. The processor 12 may be an integrated circuit chip having signal processing capabilities. The processor 12 may include a general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA), or other programmable logic device, discrete gate or transistor logic, discrete hardware components.
In some examples, the door lock body 11 may include a front panel, a lock body. Wherein the front panel mainly plays an interaction role, for example, a user can input an offline password or an administrator password through the front panel. The lock body can include spring bolt, parent and driving motor. Wherein the parent body can be connected with the door through the bolt. The lock body can be controlled to be in the unlocking and locking states through the lock bolt. The driving motor is used for applying action to the bolt when the lock body is in the locked state so as to prevent the bolt from being unlocked if the intelligent door lock 10 is not verified. When the processor 12 verifies the offline password or the administrator password passes, the drive motor may be controlled to deactivate the action applied to the latch.
Referring to fig. 2, the smart door lock 10 may verify an offline password input by a user. The offline password may be an offline password transmitted by the server 20 of the smart door lock 10 to the terminal 30 of the user. For example, the user may send a request instruction to the server 20 of the smart door lock 10 through the terminal 30, and the server 20 may feed back an offline password to the terminal 30 of the user in response to the request instruction. After the user enters the received offline password into the smart door lock 10, the processor 12 may execute program instructions to verify the offline password. In some examples, the offline password may also be referred to as a temporary password.
The step of generating the offline password by the server 20 can be referred to as the following embodiment of the method for generating the offline password of the present application. The following embodiments of the method for generating an offline password of the present application exemplarily describe a method for generating an offline password.
Referring to fig. 3, the method for generating an offline password may include: step S110: acquiring the current local time of the server as password generation time, and acquiring an administrator password of the intelligent device to be unlocked; step S120: encrypting at least the administrator password and the password generation time to generate an offline password, step S130: and sending the offline password to the user.
In step S110, since the server is in a networked state, the timeliness of the offline password can be improved by using the current local time of the server as the password generation time. The intelligent device to be unlocked may be the intelligent door lock 10. The administrator password may be a password set by the user during installation of the configuration smart door lock 10.
In some examples, step S120 may further include: acquiring equipment identity information of intelligent equipment to be unlocked and a secret key corresponding to the equipment identity information; the administrator password and the password generation time are encrypted by the device identification information and the key to generate an offline password.
The device identity information may be a Serial Number (SN) or a Media Access Control address (MAC) address. The key may be written to the device to be unlocked when the device leaves the factory. That is, the key and the device identity information are in one-to-one correspondence. In some examples, the key written to the device at the time of shipment of the device to be unlocked may be stored in the server 20 together with the corresponding device identity information to facilitate subsequent invocation by the server 20.
The administrator password and the password generation time are encrypted by the device identification information and the key to generate an offline password. This means that the offline password is at least associated with the administrator password. Since the administrator password is set by the user, the privacy of the offline password can be improved to some extent by encrypting the administrator password to generate the offline password. In addition, the offline password is also related to the password generation time (the current local time of the server), so the timeliness of the offline password is further improved by encrypting the password generation time to generate the offline password.
Referring to fig. 4, the steps of the smart door lock 10 verifying the offline password may be referred to as the following embodiments of the method for verifying the offline password of the present application. The embodiments of the method for verifying an offline password of the present application exemplarily describe a method for verifying an offline password.
The off-line password verification method can comprise the following steps: step S210: acquiring an offline password input by a user, and decrypting the offline password to acquire an administrator password and password generation time; step S220: verifying whether the administrator password is correct; if the password of the administrator is correct, comparing the password generation time with the local storage time of the intelligent device to be unlocked to obtain a comparison result; step S230: and determining an unlocking verification result matched with the comparison result.
In step S210, the password generation time is the current local time of the terminal 30 used when the terminal 30 generates the offline password.
In some examples, step S210 may further include: acquiring equipment identity information of intelligent equipment to be unlocked and a secret key corresponding to the equipment identity information; and decrypting the offline password through the equipment identity information and the secret key to obtain the administrator password and the password generation time. Whether the device to be unlocked (e.g., the smart door lock 10) decrypts the offline password to obtain the administrator password and the password generation time, or the server 20 encrypts the administrator password and the password generation time to generate the offline password, are set by the manufacturer, so the encryption and decryption methods are not limited herein.
In some examples, step S220 may further include: and if the password of the administrator is wrong, the unlocking verification result is unlocking verification failure.
In some examples, step S230 may further include: and if the comparison result is that the password generation time is not earlier than the local storage time, the unlocking verification result is that the unlocking verification is successful, otherwise, the unlocking verification is failed.
Specifically, if the comparison result is that the password generation time (i.e., the current local time of the server) is earlier than the local storage time of the device to be unlocked (e.g., the smart door lock 10), it means that the person attempting to unlock the lock may have used the expired offline password. That is, if the password generation time is earlier than the local storage time, which means that the offline password is expired, the unlocking verification result is a verification failure.
If the time of the device to be unlocked (e.g., the smart door lock 10) is not updated online in time, it may be earlier than the actual time, and the current local time of the server 20 may be regarded as the actual time. If the time of the device to be unlocked is updated in a timely networking manner, the local storage time of the device to be unlocked and the current local time of the server can be used as actual time. In this case, the current local time (actual time) of the server is not earlier than the local storage time of the device to be unlocked, regardless of whether the local storage time of the device to be unlocked is earlier than the actual time. Therefore, whether the local storage time of the device to be unlocked is correct or not, the offline password obtained by encrypting the current local time of the server should theoretically be verifiable. Therefore, the production and verification mode of the offline password can improve the accuracy of the aging verification of the device to be unlocked on the offline password.
Considering that the devices to be unlocked are also networked, it is possible that the local storage time is updated synchronously, which may be as accurate as minutes or hours in order to provide sufficient operating time for the user to enter the password. For example, the local storage time is 13 o 'clock at 1 month and 1 day of 2022, and the storage accuracy of the local time is 1 hour, in this case, before the local time storage time is updated to 14 o' clock at 1 month and 1 day of 2022, the offline password acquired by the user between 13 o 'clock at 1 month and 1 day of 2022 and 14 o' clock at 1 month and 1 day of 2022 can be verified.
If the security of the off-line password is improved, the storage precision of the local storage time can be improved. In this case, the offline password may also tend to be a one-time password. Specifically, since the offline password is related to the current local time of the server, and the current local time of the server is in a continuously updated state, the offline password acquired at different times is different. If the storage precision of the local storage time is higher and the local storage time is updated synchronously through networking, the validity period of the offline password acquired from the server and capable of being verified is correspondingly shortened.
Further, if the device to be unlocked is updated with time, the offline password will be invalidated even if it is not used. Thus, the security of offline password authentication can be improved.
In other examples, the offline password may be verified by combining the local storage time and the password validity period. Specifically, increasing the validity period of the password on the basis of the local storage time can acquire a period of time. For example, the local storage time is 13 o 'clock and 10 o' clock on 1 month and 1 day of 2022. The validity period can be 30 seconds before 10 minutes before 13 o 'clock 1 month 1 day 2022 to 30 seconds before 10 minutes before 13 o' clock 1 month 2022. And then, the offline password is decrypted to obtain the password generation time and the validity period, and the comparison offline password is verified. If the offline password falls within the validity period, the unlocking verification can be successful. By the method, certain operation time is reserved for the user while the timeliness and the safety of the offline password are considered.
In some examples, after the unlocking verification result is that the unlocking verification is successful, the password verification method may further include: step S240: and storing the password generation time as a local storage time to update the local storage time. In this case, if the device to be unlocked (e.g., the smart door lock 10) is not networked, the local storage time may be updated upon offline password entry.
In some examples, before comparing the password generation time with the local storage time of the smart device to be unlocked to obtain a comparison result, further comprising: judging whether the offline password is received for the first time; if yes, storing the password generation time as local storage time. And the unlocking verification is passed, or the unlocking verification is passed after the password generation time is compared with the local storage time.
In some examples, before comparing the password generation time with the local storage time of the smart device to be unlocked to obtain a comparison result, the method includes: judging whether the offline password is received for the first time; if yes, storing the password generation time, and acquiring local time when the password generation time is stored as local storage time.
Additionally, if the time of the device to be unlocked (e.g., the smart door lock 10) is not updated on-line in time, the locally stored time may be later than the actual time if in an updated state. In view of this, the local storage time may not be updated. Specifically, after the offline password is input last time, the device to be unlocked may decrypt the offline password to obtain the password generation time of the offline password, store the password generation time as the local storage time, and not update the local storage time. That is, the local storage time is always equal to the password generation time of the last offline password input before the offline password is input next time. And if the offline password is input again later, correspondingly storing the password generation time of the newly input offline password as the local storage time.
In other words, the authentication logic of the offline password may be: acquiring an offline password; and decrypting the offline password to obtain the administrator password and the password generation time. And verifying whether the password of the administrator is correct or not, if the password of the administrator is wrong, failing to unlock the verification, and if the password of the administrator is correct, further verifying the password generation time. And comparing the password generation time with the local storage time, if the password generation time is earlier than the local storage time, the unlocking verification fails, and if the password generation time is not earlier than the local storage time, the unlocking verification succeeds.
Further, the intelligent door lock 10 may perform an unlocking action or not according to the unlocking verification result recognized by the processor 12.
In summary, according to the method for verifying the offline password, the method for generating the offline password, and the smart door lock disclosed by the present application, the current local time of the server is used as the password generation time of the offline password, and the password generation time is compared with the local time of the smart device in order to verify the validity period of the password. Because the current local time of the server is synchronous with the actual time, even if the local time of the intelligent device is earlier than the actual time due to the fact that the intelligent device cannot be updated timely, the validity period of the offline password can be effectively verified, and the problem that the accuracy of verifying the validity period of the offline password is not high after the local time is wrong due to the fact that the intelligent device cannot be updated timely is solved.
The above description is only an example of the present application and is not intended to limit the scope of the present application, and all modifications of equivalent structures and equivalent processes, which are made by the contents of the specification and the drawings, or which are directly or indirectly applied to other related technical fields, are intended to be included within the scope of the present application.
Claims (10)
1. A method for verifying an offline password, comprising:
acquiring an offline password input by a user, and decrypting the offline password to acquire an administrator password and password generation time; the password generation time is the current local time of the server used when the server generates the offline password;
verifying whether the administrator password is correct;
if the administrator password is correct, comparing the password generation time with the local storage time of the intelligent device to be unlocked in the morning and evening to obtain a comparison result;
and determining an unlocking verification result matched with the comparison result.
2. The authentication method according to claim 1, wherein:
the determining the unlocking verification result matched with the comparison result comprises the following steps:
and if the comparison result is that the password generation time is not earlier than the local storage time, the unlocking verification result is that the unlocking verification is successful, otherwise, the unlocking verification is failed.
3. The authentication method according to claim 1, wherein:
after the unlocking verification result is that the unlocking verification is successful, the method comprises the following steps:
and storing the password generation time as the local storage time so as to update the local storage time.
4. The authentication method according to claim 1, wherein:
before the time for generating the password and the local storage time of the smart device to be unlocked are compared in the morning and in the evening to obtain a comparison result, the method further includes:
judging whether the offline password is received for the first time;
and if so, storing the password generation time as the local storage time.
5. The authentication method according to claim 1, wherein:
before the time for generating the password and the local storage time of the intelligent device to be unlocked are compared in the morning and evening to obtain a comparison result, the method comprises the following steps:
judging whether the offline password is received for the first time;
if yes, storing the password generation time, and acquiring local time when the password generation time is stored as the local storage time.
6. The authentication method according to claim 1, wherein:
the decrypting the offline password to obtain the administrator password and the password generation time further comprises:
acquiring equipment identity information of the intelligent equipment to be unlocked and a secret key corresponding to the equipment identity information;
and decrypting the offline password through the equipment identity information and the secret key to obtain the administrator password and the password generation time.
7. The authentication method according to claim 1, wherein:
the method further comprises: and if the administrator password is wrong, the unlocking verification result is unlocking verification failure.
8. A method for generating an offline password is characterized in that:
acquiring the current local time of the server as password generation time, and acquiring an administrator password of the intelligent device to be unlocked;
encrypting at least the administrator password and the password generation time to generate an offline password, sending the offline password to a user, so that when the intelligent device to be unlocked receives the offline password input by the user, the offline password is decrypted to obtain the administrator password and the password generation time, verifying whether the administrator password is correct, and when the administrator password is correct, comparing the password generation time with the local storage time of the intelligent device to be unlocked in the morning and evening to obtain a comparison result, and further determining an unlocking verification result matched with the comparison result.
9. The generation method according to claim 8, characterized in that:
the encrypting at least the administrator password and the password generation time to generate an offline password comprises:
acquiring equipment identity information of the intelligent equipment to be unlocked and a secret key corresponding to the equipment identity information;
encrypting the administrator password and the password generation time through the device identity information and the key to generate the offline password.
10. An intelligent door lock, comprising a door lock body, a processor and a memory, the memory storing program instructions, the processor being configured to execute the program instructions to implement the authentication method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211394449.1A CN115714675A (en) | 2022-11-08 | 2022-11-08 | Verification method and generation method of offline password and intelligent door lock |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211394449.1A CN115714675A (en) | 2022-11-08 | 2022-11-08 | Verification method and generation method of offline password and intelligent door lock |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115714675A true CN115714675A (en) | 2023-02-24 |
Family
ID=85232514
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211394449.1A Pending CN115714675A (en) | 2022-11-08 | 2022-11-08 | Verification method and generation method of offline password and intelligent door lock |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115714675A (en) |
-
2022
- 2022-11-08 CN CN202211394449.1A patent/CN115714675A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9836906B2 (en) | Time synchronization | |
| EP1500226B1 (en) | System and method for storage and retrieval of a cryptographic secret from a plurality of network enabled clients | |
| US20110083161A1 (en) | Vehicle, maintenance device, maintenance service system, and maintenance service method | |
| US20050166051A1 (en) | System and method for certification of a secure platform | |
| US6948061B1 (en) | Method and device for performing secure transactions | |
| US20080114982A1 (en) | Method and arrangement for generation of a secret session key | |
| CN108616504B (en) | Sensor node identity authentication system and method based on Internet of things | |
| GB2561689A (en) | End-to-end vehicle secure ECU unlock in a semi-offline environment | |
| CN101816140A (en) | Token-based management system for PKI personalization process | |
| CN111159656A (en) | Method, device, equipment and storage medium for preventing software from being used without authorization | |
| CN107958513A (en) | A kind of offline authorization method and system of electronic lock | |
| CN113656775A (en) | Offline password verification method and system with expiration date and intelligent lock | |
| WO2024007993A1 (en) | Software upgrade method, and device and storage medium | |
| EP3595237B1 (en) | Reloading of cryptographic program instructions | |
| JPH1131131A (en) | Service providing system, authentication device and medium recording authentication program | |
| US20230318823A1 (en) | Vehicle Diagnostic System, Method, and Apparatus | |
| CN115714675A (en) | Verification method and generation method of offline password and intelligent door lock | |
| CN114785532B (en) | Security chip communication method and device based on bidirectional signature authentication | |
| CN113766450A (en) | Vehicle virtual key sharing method, mobile terminal, server and vehicle | |
| WO2022110688A1 (en) | Field bus-based data transmission method and system, and field bus-based identity verification method and system | |
| CN112182551B (en) | PLC equipment identity authentication system and PLC equipment identity authentication method | |
| CN1716850B (en) | Method and system for secure verification of a set-top-box chip | |
| CN113626770A (en) | Authorization control method, device, equipment and storage medium for application program | |
| US10999074B2 (en) | Dual-token authentication for electronic devices | |
| CN113343203A (en) | Digital car key processing method, equipment and platform system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |