CN116684870A - Access authentication method, device and system of electric power 5G terminal - Google Patents
Access authentication method, device and system of electric power 5G terminal Download PDFInfo
- Publication number
- CN116684870A CN116684870A CN202310971433.0A CN202310971433A CN116684870A CN 116684870 A CN116684870 A CN 116684870A CN 202310971433 A CN202310971433 A CN 202310971433A CN 116684870 A CN116684870 A CN 116684870A
- Authority
- CN
- China
- Prior art keywords
- hash value
- terminal
- probability
- security chip
- authentication data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 78
- 238000012795 verification Methods 0.000 claims abstract description 89
- 238000012545 processing Methods 0.000 claims abstract description 39
- 238000004891 communication Methods 0.000 claims abstract description 19
- 239000011159 matrix material Substances 0.000 claims description 263
- 238000000354 decomposition reaction Methods 0.000 claims description 32
- 238000004422 calculation algorithm Methods 0.000 claims description 31
- 238000006467 substitution reaction Methods 0.000 claims description 13
- 230000000903 blocking effect Effects 0.000 claims description 10
- 238000007726 management method Methods 0.000 description 79
- 238000003860 storage Methods 0.000 description 14
- 239000013598 vector Substances 0.000 description 10
- 238000004590 computer program Methods 0.000 description 9
- 238000010586 diagram Methods 0.000 description 9
- 238000009826 distribution Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 7
- 238000000638 solvent extraction Methods 0.000 description 5
- 238000012937 correction Methods 0.000 description 3
- 238000013524 data verification Methods 0.000 description 2
- 230000003247 decreasing effect Effects 0.000 description 2
- 230000008014 freezing Effects 0.000 description 2
- 238000007710 freezing Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012806 monitoring device Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/40—Security arrangements using identity modules
- H04W12/42—Security arrangements using identity modules using virtual identity modules
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention belongs to the field of communication and discloses an access authentication method, device and system of an electric power 5G terminal, wherein the access authentication method, device and system comprises the steps that when the serial number of terminal equipment passes verification, a terminal management and control platform generates an adjustment quantity and sends the adjustment quantity to the electric power 5G terminal, and an eSIM security chip identity authentication data hash value is updated according to the adjustment quantity to obtain an updated eSIM security chip identity authentication data hash value; the electric 5G terminal updates the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity, obtains the hash value of the identity authentication data of the eSIM security chip, performs block processing, obtains a plurality of hash value blocks and sends the hash value blocks to the terminal management and control platform; the terminal management and control platform receives a plurality of hash value blocks and verifies according to the hash value of the identity authentication data of the updated eSIM security chip, and after verification is passed, access authentication passing information of the electric power 5G terminal is sent to the electric power 5G terminal, so that access failure caused by violent attack is avoided, and the probability of successful attack is reduced.
Description
Technical Field
The invention belongs to the field of communication, and relates to an access authentication method, device and system of a power 5G terminal.
Background
With the development of new power systems, more and more power service terminals need to be connected to a private network or a public network. In the terminal device of the electric power physical network, an eSIM (Embedded-SIM) security chip is a unique identifier of identity recognition of terminal access to the network, and if the eSIM security chip is stolen, it is generally difficult to immediately find the terminal, such as an electric meter, a power transmission line monitoring device, a distributed photovoltaic device terminal of the internet of things, and the like. If the terminal equipment is damaged or attacked by people, the network access authentication module of the eSIM security chip is stolen and illegally used or tampered, if the eSIM security chip cannot be found and prevented in time, meanwhile, the terminal management and control platform is attacked or tampered, a certain danger is provided, and potential safety hazards are possibly brought to service terminal use and power grid operation. Therefore, how to improve the access security of the power 5G terminal is a problem to be solved.
At present, a mode generally adopted when the electric power 5G terminal is accessed is that based on a CERT_DVS certificate preset by the terminal equipment, the eSIM security chip is preset with the CERT_ESIM certificate in advance, and then a verification technology of binding the eSIM security chip and the terminal equipment is realized. The binding method is that the terminal equipment and the eSIM security chip establish a session channel through a data interface, and mutually verify the validity of the CERT_ESIM certificate and the CERT_DVS certificate. If the certificate is not rule-based, the algorithm is exited. If the mutual authentication credentials are legal, the eSIM security chip generates a temporary public key and a temporary private key. The eSIM security chip sends the temporary public key to the terminal equipment, the terminal equipment receives the temporary public key and stores the temporary public key, and the session key 1 is generated by using the temporary public key. The eSIM security chip uses the temporary private key to generate a session key 2. The eSIM security chip generates a random number, and encrypts and transmits the random number and self unique identification information to the terminal equipment through the session key 2. After the terminal equipment uses the session key 1 to decrypt, the unique identification information of the eSIM security chip is obtained and stored in the backup area, and the random number and the unique identification information of the terminal are encrypted by the session key 1 and sent to the eSIM security chip. The eSIM security chip obtains the random number through the decryption message of the session key 2, checks whether the random number is consistent with the random number sent before, and if the random number is consistent with the random number, the eSIM security chip stores the unique identification information of the terminal equipment, so as to finish the mutual binding.
However, the eSIM security chip adopted in the above method first backs up the unique identification information of the terminal device, and in order to prevent the occurrence of two situations that the eSIM security chip and the terminal device are not successfully backed up and the eSIM security chip is successfully backed up and bound but the terminal device fails to be backed up, a temporary backup area is used in the terminal device. After receiving the successful instruction sent by the eSIM security chip, the terminal equipment can backup and bind the unique identification information of the eSIM security chip, which results in low access success rate and inflexibility. Meanwhile, for the mode of completing verification by only depending on the serial number and the password of the terminal equipment, or the mode of further improving the security by setting a randomly generated verification code on the basis of the serial number and the password of the terminal equipment, a necessary security unified system is lacking, the transmitted information is easy to attack and tamper, the real terminal equipment cannot access the network due to violent attack, and the security access of the terminal equipment is affected.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provide an access authentication method, device and system of a power 5G terminal.
In order to achieve the purpose, the invention is realized by adopting the following technical scheme:
The invention provides an access authentication method of a power 5G terminal, which is applied to an access authentication system of the power 5G terminal, wherein the access authentication system of the power 5G terminal comprises the power 5G terminal and a terminal management and control platform which are in communication connection;
the access authentication method of the power 5G terminal comprises the following steps:
the electric 5G terminal obtains a terminal equipment serial number hash value and an eSIM security chip identity authentication data hash value and sends the values to a terminal management and control platform;
the terminal management and control platform receives a terminal equipment serial number hash value and an eSIM security chip identity authentication data hash value sent by the electric 5G terminal, and verifies the terminal equipment serial number according to the terminal equipment serial number hash value; when the serial number verification of the terminal equipment is passed, generating an adjustment amount and sending the adjustment amount to the electric 5G terminal; updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the updated hash value of the identity authentication data of the eSIM security chip;
the electric power 5G terminal receives the adjustment quantity sent by the terminal management and control platform, and updates the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the hash value of the identity authentication data of the eSIM security chip; the updated hash value of the identity authentication data of the eSIM security chip is subjected to block processing, a plurality of hash value blocks are obtained, and the hash value blocks are sent to a terminal management and control platform;
The terminal management and control platform receives a plurality of hash value blocks sent by the electric 5G terminal, and verifies the hash value blocks according to the updated eSIM security chip identity authentication data hash value; when each hash value block passes the verification, or when at least one hash value block passes the verification, and at least one hash value block passes the verification in the access authentication of the electric power 5G terminal continuously preset number of times, generating access authentication passing information of the electric power 5G terminal and sending the access authentication passing information to the electric power 5G terminal;
and the electric power 5G terminal receives the access authentication passing information of the electric power 5G terminal sent by the terminal management and control platform.
Optionally, when the terminal equipment serial number verification passes, generating the adjustment amount and sending the adjustment amount to the power 5G terminal includes:
and acquiring a hash value of the history record data of the power 5G terminal, and sending the hash value to the power 5G terminal as an adjustment quantity.
Optionally, updating the eSIM security chip identity authentication data hash value according to the adjustment amount, and obtaining the updated eSIM security chip identity authentication data hash value includes:
acquiring the number m of the information source symbol categories of the adjustment quantity and the initial probability value of the m-type information source symbols, and arranging the m-type information source symbols in a descending order according to the initial probability value of the m-type information source symbols to obtain an adjustment sequence;
Acquiring the number n of the source symbol categories of the hash value of the eSIM security chip identity authentication data and the initial probability value of n-type source symbols, and arranging the n-type source symbols in a descending order according to the initial probability value of the n-type source symbols to obtain a probability replaced sequence;
when m is greater than n, extracting the first n elements of the adjustment sequence to obtain a probability substitution sequence; replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
when m=n, replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence;
when m is less than n, replacing probability values of the first m elements in the probability replaced sequence by adopting probability values of corresponding position elements of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
traversing each element in the probability replaced sequence, and adjusting the nearest element of the current element in the hash value of the eSIM security chip identity authentication data to be the current element when the current probability value of the current element is larger than the initial probability value; when the number of the nearest elements is two, the left nearest element is adjusted to be the current element;
And after traversing, obtaining the updated hash value of the identity authentication data of the eSIM security chip.
Optionally, the partitioning the updated eSIM security chip identity authentication data hash value to obtain a plurality of hash value blocks includes:
dividing the updated eSIM security chip identity authentication data hash value into a plurality of blocks to obtain a plurality of local hash values;
decomposing the updated eSIM security chip identity authentication data hash value by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each local hash value to obtain each local hash matrix;
decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule, and multiplying each local hash matrix by the second dictionary matrix corresponding to each local hash matrix to obtain each hash value block;
and verifying a plurality of hash value blocks according to the updated eSIM security chip identity authentication data hash value comprises:
decomposing the hash value of the identity authentication data of the updated eSIM security chip by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each hash value block to obtain a local hash matrix and a local dictionary matrix of each hash value block;
Decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule;
and traversing each hash value block, and when the second dictionary matrix corresponding to the local hash matrix of the current hash value block is the same as the local dictionary matrix of the current hash value block, verifying the current hash value block.
The invention provides an access authentication method of a power 5G terminal, which is applied to the power 5G terminal of an access authentication system of the power 5G terminal, wherein the access authentication system of the power 5G terminal comprises the power 5G terminal and a terminal management and control platform which are in communication connection;
the access authentication method of the power 5G terminal comprises the following steps:
acquiring a serial number hash value of the terminal equipment and an eSIM security chip identity authentication data hash value and sending the hash value to a terminal management and control platform; the terminal equipment serial number hash value and the eSIM security chip identity authentication data hash value are used for triggering the terminal management and control platform to verify the terminal equipment serial number according to the terminal equipment serial number hash value; when the serial number verification of the terminal equipment is passed, generating an adjustment amount and sending the adjustment amount to the electric 5G terminal; updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the updated hash value of the identity authentication data of the eSIM security chip;
Receiving an adjustment quantity sent by a terminal management and control platform, and updating the identity authentication data hash value of the eSIM security chip according to the adjustment quantity to obtain an updated identity authentication data hash value of the eSIM security chip; the updated hash value of the identity authentication data of the eSIM security chip is subjected to block processing, a plurality of hash value blocks are obtained, and the hash value blocks are sent to a terminal management and control platform; the terminal management and control platform is used for updating the eSIM security chip identity authentication data hash values according to the authentication data hash values, and verifying the hash value blocks; when each hash value block passes the verification, or when at least one hash value block passes the verification, and at least one hash value block passes the verification in the access authentication of the electric power 5G terminal continuously preset number of times, generating access authentication passing information of the electric power 5G terminal and sending the access authentication passing information to the electric power 5G terminal;
and receiving access authentication passing information of the electric power 5G terminal sent by the terminal management and control platform.
Optionally, updating the eSIM security chip identity authentication data hash value according to the adjustment amount, and obtaining the updated eSIM security chip identity authentication data hash value includes:
acquiring the number m of the information source symbol categories of the adjustment quantity and the initial probability value of the m-type information source symbols, and arranging the m-type information source symbols in a descending order according to the initial probability value of the m-type information source symbols to obtain an adjustment sequence;
Acquiring the number n of the source symbol categories of the hash value of the eSIM security chip identity authentication data and the initial probability value of n-type source symbols, and arranging the n-type source symbols in a descending order according to the initial probability value of the n-type source symbols to obtain a probability replaced sequence;
when m is greater than n, extracting the first n elements of the adjustment sequence to obtain a probability substitution sequence; replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
when m=n, replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence;
when m is less than n, replacing probability values of the first m elements in the probability replaced sequence by adopting probability values of corresponding position elements of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
traversing each element in the probability replaced sequence, and adjusting the nearest element of the current element in the hash value of the eSIM security chip identity authentication data to be the current element when the current probability value of the current element is larger than the initial probability value; when the number of the nearest elements is two, the left nearest element is adjusted to be the current element;
And after traversing, obtaining the updated hash value of the identity authentication data of the eSIM security chip.
Optionally, the partitioning the updated eSIM security chip identity authentication data hash value to obtain a plurality of hash value blocks includes:
dividing the updated eSIM security chip identity authentication data hash value into a plurality of blocks to obtain a plurality of local hash values;
decomposing the updated eSIM security chip identity authentication data hash value by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each local hash value to obtain each local hash matrix;
decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule, and multiplying each local hash matrix by the second dictionary matrix corresponding to each local hash matrix to obtain each hash value block;
and verifying a plurality of hash value blocks according to the updated eSIM security chip identity authentication data hash value comprises:
decomposing the hash value of the identity authentication data of the updated eSIM security chip by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each hash value block to obtain a local hash matrix and a local dictionary matrix of each hash value block;
Decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule;
and traversing each hash value block, and when the second dictionary matrix corresponding to the local hash matrix of the current hash value block is the same as the local dictionary matrix of the current hash value block, verifying the current hash value block.
The invention provides an access authentication method of a power 5G terminal, which is applied to a terminal management and control platform of an access authentication system of the power 5G terminal, wherein the access authentication system of the power 5G terminal comprises the power 5G terminal and the terminal management and control platform which are in communication connection;
the access authentication method of the power 5G terminal comprises the following steps:
receiving a terminal equipment serial number hash value and an eSIM security chip identity authentication data hash value sent by a power 5G terminal, and verifying the terminal equipment serial number according to the terminal equipment serial number hash value; when the serial number verification of the terminal equipment is passed, generating an adjustment amount and sending the adjustment amount to the electric 5G terminal; updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the updated hash value of the identity authentication data of the eSIM security chip; the adjustment quantity is used for triggering the electric 5G terminal to update the identity authentication data hash value of the eSIM security chip according to the adjustment quantity, so as to obtain an updated identity authentication data hash value of the eSIM security chip; the updated hash value of the identity authentication data of the eSIM security chip is subjected to block processing, a plurality of hash value blocks are obtained, and the hash value blocks are sent to a terminal management and control platform;
Receiving a plurality of hash value blocks sent by the electric 5G terminal, and verifying the hash value blocks according to the updated eSIM security chip identity authentication data hash value; and when each hash value block passes the verification, or when at least one hash value block passes the verification, and at least one hash value block passes the verification in the access authentication of the electric power 5G terminal continuously preset number of times, generating access authentication passing information of the electric power 5G terminal and sending the access authentication passing information to the electric power 5G terminal.
Optionally, when the terminal equipment serial number verification passes, generating the adjustment amount and sending the adjustment amount to the power 5G terminal includes:
acquiring a hash value of historical record data of the electric power 5G terminal, and sending the hash value to the electric power 5G terminal as an adjustment quantity;
updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity, wherein the obtaining the hash value of the identity authentication data of the eSIM security chip comprises the following steps:
acquiring the number m of the information source symbol categories of the adjustment quantity and the initial probability value of the m-type information source symbols, and arranging the m-type information source symbols in a descending order according to the initial probability value of the m-type information source symbols to obtain an adjustment sequence;
acquiring the number n of the source symbol categories of the hash value of the eSIM security chip identity authentication data and the initial probability value of n-type source symbols, and arranging the n-type source symbols in a descending order according to the initial probability value of the n-type source symbols to obtain a probability replaced sequence;
When m is greater than n, extracting the first n elements of the adjustment sequence to obtain a probability substitution sequence; replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
when m=n, replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence;
when m is less than n, replacing probability values of the first m elements in the probability replaced sequence by adopting probability values of corresponding position elements of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
traversing each element in the probability replaced sequence, and adjusting the nearest element of the current element in the hash value of the eSIM security chip identity authentication data to be the current element when the current probability value of the current element is larger than the initial probability value; when the number of the nearest elements is two, the left nearest element is adjusted to be the current element;
And after traversing, obtaining the updated hash value of the identity authentication data of the eSIM security chip.
Optionally, the partitioning the updated eSIM security chip identity authentication data hash value to obtain a plurality of hash value blocks includes:
dividing the updated eSIM security chip identity authentication data hash value into a plurality of blocks to obtain a plurality of local hash values;
decomposing the updated eSIM security chip identity authentication data hash value by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each local hash value to obtain each local hash matrix;
decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule, and multiplying each local hash matrix by the second dictionary matrix corresponding to each local hash matrix to obtain each hash value block;
and verifying a plurality of hash value blocks according to the updated eSIM security chip identity authentication data hash value comprises:
decomposing the hash value of the identity authentication data of the updated eSIM security chip by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each hash value block to obtain a local hash matrix and a local dictionary matrix of each hash value block;
Decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule;
and traversing each hash value block, and when the second dictionary matrix corresponding to the local hash matrix of the current hash value block is the same as the local dictionary matrix of the current hash value block, verifying the current hash value block.
The fourth aspect of the invention provides an access authentication device of a power 5G terminal, which is applied to the power 5G terminal of an access authentication system of the power 5G terminal, wherein the access authentication system of the power 5G terminal comprises the power 5G terminal and a terminal management and control platform which are in communication connection;
the access authentication device of the power 5G terminal comprises:
the terminal information acquisition module is used for acquiring a terminal equipment serial number hash value and an eSIM security chip identity authentication data hash value and transmitting the hash value to the terminal management and control platform; the terminal equipment serial number hash value and the eSIM security chip identity authentication data hash value are used for triggering the terminal management and control platform to verify the terminal equipment serial number according to the terminal equipment serial number hash value; when the serial number verification of the terminal equipment is passed, generating an adjustment amount and sending the adjustment amount to the electric 5G terminal; updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the updated hash value of the identity authentication data of the eSIM security chip;
The terminal processing module is used for receiving the adjustment quantity sent by the terminal management and control platform, updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity, and obtaining the hash value of the identity authentication data of the eSIM security chip; the updated hash value of the identity authentication data of the eSIM security chip is subjected to block processing, a plurality of hash value blocks are obtained, and the hash value blocks are sent to a terminal management and control platform; the terminal management and control platform is used for updating the eSIM security chip identity authentication data hash values according to the authentication data hash values, and verifying the hash value blocks; when each hash value block passes the verification, or when at least one hash value block passes the verification, and at least one hash value block passes the verification in the access authentication of the electric power 5G terminal continuously preset number of times, generating access authentication passing information of the electric power 5G terminal and sending the access authentication passing information to the electric power 5G terminal;
and the terminal receiving module is used for receiving the access authentication passing information of the electric power 5G terminal sent by the terminal management and control platform.
Optionally, updating the eSIM security chip identity authentication data hash value according to the adjustment amount, and obtaining the updated eSIM security chip identity authentication data hash value includes:
acquiring the number m of the information source symbol categories of the adjustment quantity and the initial probability value of the m-type information source symbols, and arranging the m-type information source symbols in a descending order according to the initial probability value of the m-type information source symbols to obtain an adjustment sequence;
Acquiring the number n of the source symbol categories of the hash value of the eSIM security chip identity authentication data and the initial probability value of n-type source symbols, and arranging the n-type source symbols in a descending order according to the initial probability value of the n-type source symbols to obtain a probability replaced sequence;
when m is greater than n, extracting the first n elements of the adjustment sequence to obtain a probability substitution sequence; replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
when m=n, replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence;
when m is less than n, replacing probability values of the first m elements in the probability replaced sequence by adopting probability values of corresponding position elements of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
traversing each element in the probability replaced sequence, and adjusting the nearest element of the current element in the hash value of the eSIM security chip identity authentication data to be the current element when the current probability value of the current element is larger than the initial probability value; when the number of the nearest elements is two, the left nearest element is adjusted to be the current element;
And after traversing, obtaining the updated hash value of the identity authentication data of the eSIM security chip.
Optionally, the partitioning the updated eSIM security chip identity authentication data hash value to obtain a plurality of hash value blocks includes:
dividing the updated eSIM security chip identity authentication data hash value into a plurality of blocks to obtain a plurality of local hash values;
decomposing the updated eSIM security chip identity authentication data hash value by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each local hash value to obtain each local hash matrix;
decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule, and multiplying each local hash matrix by the second dictionary matrix corresponding to each local hash matrix to obtain each hash value block;
and verifying a plurality of hash value blocks according to the updated eSIM security chip identity authentication data hash value comprises:
decomposing the hash value of the identity authentication data of the updated eSIM security chip by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each hash value block to obtain a local hash matrix and a local dictionary matrix of each hash value block;
Decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule;
and traversing each hash value block, and when the second dictionary matrix corresponding to the local hash matrix of the current hash value block is the same as the local dictionary matrix of the current hash value block, verifying the current hash value block.
The fifth aspect of the invention provides an access authentication device of a power 5G terminal, which is applied to a terminal management and control platform of an access authentication system of the power 5G terminal, wherein the access authentication system of the power 5G terminal comprises the power 5G terminal and the terminal management and control platform which are in communication connection;
the access authentication device of the power 5G terminal comprises:
the first verification module is used for receiving a terminal equipment serial number hash value and an eSIM security chip identity authentication data hash value sent by the electric 5G terminal, and verifying the terminal equipment serial number according to the terminal equipment serial number hash value; when the serial number verification of the terminal equipment is passed, generating an adjustment amount and sending the adjustment amount to the electric 5G terminal; updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the updated hash value of the identity authentication data of the eSIM security chip; the adjustment quantity is used for triggering the electric 5G terminal to update the identity authentication data hash value of the eSIM security chip according to the adjustment quantity, so as to obtain an updated identity authentication data hash value of the eSIM security chip; the updated hash value of the identity authentication data of the eSIM security chip is subjected to block processing, a plurality of hash value blocks are obtained, and the hash value blocks are sent to a terminal management and control platform;
The second verification module is used for receiving a plurality of hash value blocks sent by the electric 5G terminal and verifying the hash value blocks according to the updated eSIM security chip identity authentication data hash value; and when each hash value block passes the verification, or when at least one hash value block passes the verification, and at least one hash value block passes the verification in the access authentication of the electric power 5G terminal continuously preset number of times, generating access authentication passing information of the electric power 5G terminal and sending the access authentication passing information to the electric power 5G terminal.
Optionally, when the terminal equipment serial number verification passes, generating the adjustment amount and sending the adjustment amount to the power 5G terminal includes:
acquiring a hash value of historical record data of the electric power 5G terminal, and sending the hash value to the electric power 5G terminal as an adjustment quantity;
updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity, wherein the obtaining the hash value of the identity authentication data of the eSIM security chip comprises the following steps:
acquiring the number m of the information source symbol categories of the adjustment quantity and the initial probability value of the m-type information source symbols, and arranging the m-type information source symbols in a descending order according to the initial probability value of the m-type information source symbols to obtain an adjustment sequence;
acquiring the number n of the source symbol categories of the hash value of the eSIM security chip identity authentication data and the initial probability value of n-type source symbols, and arranging the n-type source symbols in a descending order according to the initial probability value of the n-type source symbols to obtain a probability replaced sequence;
When m is greater than n, extracting the first n elements of the adjustment sequence to obtain a probability substitution sequence; replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
when m=n, replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence;
when m is less than n, replacing probability values of the first m elements in the probability replaced sequence by adopting probability values of corresponding position elements of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
traversing each element in the probability replaced sequence, and adjusting the nearest element of the current element in the hash value of the eSIM security chip identity authentication data to be the current element when the current probability value of the current element is larger than the initial probability value; when the number of the nearest elements is two, the left nearest element is adjusted to be the current element;
And after traversing, obtaining the updated hash value of the identity authentication data of the eSIM security chip.
Optionally, the partitioning the updated eSIM security chip identity authentication data hash value to obtain a plurality of hash value blocks includes:
dividing the updated eSIM security chip identity authentication data hash value into a plurality of blocks to obtain a plurality of local hash values;
decomposing the updated eSIM security chip identity authentication data hash value by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each local hash value to obtain each local hash matrix;
decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule, and multiplying each local hash matrix by the second dictionary matrix corresponding to each local hash matrix to obtain each hash value block;
and verifying a plurality of hash value blocks according to the updated eSIM security chip identity authentication data hash value comprises:
decomposing the hash value of the identity authentication data of the updated eSIM security chip by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each hash value block to obtain a local hash matrix and a local dictionary matrix of each hash value block;
Decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule;
and traversing each hash value block, and when the second dictionary matrix corresponding to the local hash matrix of the current hash value block is the same as the local dictionary matrix of the current hash value block, verifying the current hash value block.
The sixth aspect of the invention provides an access authentication system of a power 5G terminal, which comprises the power 5G terminal and a terminal management and control platform which are in communication connection;
the electric power 5G terminal is internally provided with an access authentication device of the electric power 5G terminal applied to the access authentication system of the electric power 5G terminal;
and the terminal management and control platform is internally provided with the access authentication device of the electric power 5G terminal applied to the terminal management and control platform of the access authentication system of the electric power 5G terminal.
Compared with the prior art, the invention has the following beneficial effects:
according to the access authentication method of the electric power 5G terminal, a communication channel is obtained through verification of the serial number of the terminal equipment, then the terminal management and control platform generates the adjustment quantity and sends the adjustment quantity to the electric power 5G terminal, dynamic correction of the hash value of the identity authentication data of the eSIM security chip is carried out according to the obtained adjustment quantity, a plurality of hash value blocks are generated according to the updated hash value of the identity authentication data of the eSIM security chip and sent to the terminal management and control platform for verification, so that the hash value blocks sent by the electric power 5G terminal each time are different in data, and attack difficulty is increased. Meanwhile, each hash value block can represent the information of the hash value of the identity authentication data of the integral eSIM security chip, even if an attacker breaks the encryption of part of the hash value blocks in a short time to obtain the values of the part of the hash value blocks, after the rest of the hash value blocks are received by the terminal management and control platform, the part of the hash value blocks can also represent the information of the hash value of the identity authentication data of the integral eSIM security chip, so that the access authentication of the electric 5G terminal can be realized based on the part of the hash value blocks, the purpose of tamper resistance is achieved, and the normal login of the terminal equipment can be ensured when the attack of the attacker is violent.
Drawings
Fig. 1 is a flowchart of an access authentication method of a power 5G terminal applied to an access authentication system of a power 5G terminal according to an embodiment of the present invention.
Fig. 2 is a flowchart of an access authentication method of a power 5G terminal applied to the power 5G terminal according to an embodiment of the present invention.
Fig. 3 is a flowchart of an access authentication method of a power 5G terminal applied to a terminal management and control platform according to an embodiment of the present invention.
Fig. 4 is a block diagram of an access authentication device of a power 5G terminal applied to the power 5G terminal according to an embodiment of the present invention.
Fig. 5 is a block diagram of an access authentication device of an electric power 5G terminal applied to a terminal management and control platform according to an embodiment of the present invention.
Fig. 6 is a block diagram of an access authentication system of a power 5G terminal according to an embodiment of the present invention.
Detailed Description
In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
The invention is described in further detail below with reference to the attached drawing figures:
referring to fig. 1, in an embodiment of the present invention, an access authentication method for a power 5G terminal is provided, especially an access authentication method for a lightweight power 5G terminal, which is applicable to secure access of a 5G network, and can effectively avoid that a real terminal device logs in to the network due to violent attack, and reduce probability of obtaining eSIM secure chip identity authentication data through the attack. Specifically, the access authentication method of the electric power 5G terminal is applied to an access authentication system of the electric power 5G terminal, the access authentication system of the electric power 5G terminal comprises an electric power 5G terminal and a terminal management and control platform which are in communication connection, and the access authentication method of the electric power 5G terminal comprises the following steps:
S1: the electric power 5G terminal obtains a terminal equipment serial number hash value and an eSIM security chip identity authentication data hash value and sends the hash value to the terminal management and control platform.
S2: the terminal management and control platform receives a terminal equipment serial number hash value and an eSIM security chip identity authentication data hash value sent by the electric 5G terminal, and verifies the terminal equipment serial number according to the terminal equipment serial number hash value; when the serial number verification of the terminal equipment is passed, generating an adjustment amount and sending the adjustment amount to the electric 5G terminal; and updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the updated hash value of the identity authentication data of the eSIM security chip.
S3: the electric power 5G terminal receives the adjustment quantity sent by the terminal management and control platform, and updates the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the hash value of the identity authentication data of the eSIM security chip; and carrying out blocking processing on the updated hash value of the identity authentication data of the eSIM security chip to obtain a plurality of hash value blocks and sending the hash value blocks to a terminal management and control platform.
S4: the terminal management and control platform receives a plurality of hash value blocks sent by the electric 5G terminal, and verifies the hash value blocks according to the updated eSIM security chip identity authentication data hash value; and when each hash value block passes the verification, or when at least one hash value block passes the verification, and at least one hash value block passes the verification in the access authentication of the electric power 5G terminal continuously preset number of times, generating access authentication passing information of the electric power 5G terminal and sending the access authentication passing information to the electric power 5G terminal.
S5: and the electric power 5G terminal receives the access authentication passing information of the electric power 5G terminal sent by the terminal management and control platform.
According to the access authentication method of the electric power 5G terminal, a communication channel is obtained through verification of the serial number of the terminal equipment, then the terminal management and control platform generates the adjustment quantity and sends the adjustment quantity to the electric power 5G terminal, dynamic correction of the hash value of the identity authentication data of the eSIM security chip is carried out according to the obtained adjustment quantity, a plurality of hash value blocks are generated according to the updated hash value of the identity authentication data of the eSIM security chip and sent to the terminal management and control platform for verification, so that the hash value blocks sent by the electric power 5G terminal each time are different in data, and attack difficulty is increased. Meanwhile, each hash value block can represent the information of the hash value of the identity authentication data of the integral eSIM security chip, even if an attacker breaks the encryption of part of the hash value blocks in a short time to obtain the values of the part of the hash value blocks, after the rest of the hash value blocks are received by the terminal management and control platform, the part of the hash value blocks can also represent the information of the hash value of the identity authentication data of the integral eSIM security chip, so that the access authentication of the electric 5G terminal can be realized based on the part of the hash value blocks, the purpose of tamper resistance is achieved, and the normal login of the terminal equipment can be ensured when the attack of the attacker is violent.
In one possible implementation manner, the terminal device serial number hash value and the eSIM security chip identity authentication data hash value may be generally obtained by respectively encrypting the terminal device serial number information and the eSIM security chip identity authentication data through SM3 (a cryptographic hash function standard), and the terminal device serial number hash value may be used as an authentication request to trigger the terminal management and control platform to perform terminal device serial number authentication.
Optionally, when the electric 5G terminal sends the terminal device serial number hash value and the eSIM security chip identity authentication data hash value to the terminal management and control platform, the terminal device serial number hash value and the eSIM security chip identity authentication data hash value are encrypted first, and then sent to the terminal management and control platform.
The step of verifying the serial number of the terminal equipment according to the hash value of the serial number of the terminal equipment comprises the following steps: the terminal management and control platform receives and decrypts the encrypted terminal equipment serial number hash value to obtain a transmitted terminal equipment serial number hash value, compares the transmitted terminal equipment serial number hash value with the terminal equipment serial number hash value of each electric 5G terminal which can be communicated in advance, and when the consistent terminal equipment serial number hash value exists in each electric 5G terminal which can be communicated, the terminal equipment serial number verification is successful and the existence of a communication channel is proved.
Optionally, when the serial number of the terminal equipment is verified, the method also can comprise eSIM security chip identity authentication data verification, namely, the hash value of the eSIM security chip identity authentication data sent by the current power 5G terminal is compared with the hash value of the eSIM security chip identity authentication data of the pre-stored communicable power 5G terminal, and when the two hash values are the same, the eSIM security chip identity authentication data verification is successful.
In one possible implementation, the generating and sending the adjustment amount to the power 5G terminal when the terminal equipment serial number verification passes includes: and acquiring a hash value of the history record data of the power 5G terminal, and sending the hash value to the power 5G terminal as an adjustment quantity. The history data of the power 5G terminal may be a terminal device type, firmware version information, an online time, delay jitter monitoring data, signal quality, data traffic, location information, and the like. The data are processed through a preset hash algorithm to obtain a hash value of the historical record data, and the hash value is used as an adjustment quantity.
In one possible implementation manner, the updating the eSIM security chip identity authentication data hash value according to the adjustment amount, and obtaining the updated eSIM security chip identity authentication data hash value includes: acquiring the number m of the information source symbol categories of the adjustment quantity and the initial probability value of the m-type information source symbols, and arranging the m-type information source symbols in a descending order according to the initial probability value of the m-type information source symbols to obtain an adjustment sequence; acquiring the number n of the source symbol categories of the hash value of the eSIM security chip identity authentication data and the initial probability value of the n-type source symbols, and arranging the n-type source symbols in a descending order according to the initial probability value of the n-type source symbols to obtain a probability replaced sequence. Then, the sizes of m and n are compared:
When m is greater than n, extracting the first n elements of the adjustment sequence to obtain a probability substitution sequence; replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence; and updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element.
When m=n, the probability value of each element of the probability replaced sequence is replaced by the probability value of the corresponding position element of the adjustment sequence.
When m is less than n, replacing probability values of the first m elements in the probability replaced sequence by adopting probability values of corresponding position elements of the adjustment sequence; and updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element. The probability distribution of the adjusting sequence is adopted to replace the probability distribution of the first m elements in the probability replaced sequence, and the probability value of the first m elements in the probability replaced sequence obtains new probability distribution; the probability values of (n-m) after the probability values in the replaced sequence are ranked still use the original probability values.
It should be noted that, in the ideal case, the number m of source symbol categories of the adjustment amount is the same as the number n of source symbol categories of the hash value of the eSIM security chip identity authentication data, the source symbol probability distribution of the probability replaced sequence can be directly replaced by the source symbol probability distribution corresponding to the adjustment sequence, and then the blocking processing of the hash value of the updated eSIM security chip identity authentication data is implemented according to the obtained hash value of the updated eSIM security chip identity authentication data.
Then, the hash value of the identity authentication data of the eSIM security chip is adjusted: traversing each element in the probability replaced sequence, and adjusting the nearest element of the current element in the hash value of the eSIM security chip identity authentication data to be the current element when the current probability value of the current element is larger than the initial probability value; when the number of the nearest elements is two, the left nearest element is adjusted to be the current element; and after traversing, obtaining the updated hash value of the identity authentication data of the eSIM security chip.
Optionally, the specific adjustment process includes: starting from the first bit of the hash value of the identity authentication data of the eSIM security chip, probability adjustment is carried out on elements with probability values from high to low respectively, the elements which need to be adjusted currently are called target elements, the new probability values of the target elements are compared with the original probability values, and when the new probability values of the target elements are larger than the original probability values, the nearest elements of the target elements are adjusted to be target elements. Since the new probability value and the original probability value of the target element are possibly equal, increased or decreased in size, the element does not need to be adjusted if equal or decreased; if the probability is increased, selecting the element with the new probability value smaller than the original probability value, and adjusting the element nearest to the target element, namely modifying the corresponding element into the target element. And when the nearest elements of the target element are two, namely, the left side is used as the priority, the corresponding elements are replaced.
Specifically, taking abbaa1 as an example, where the target elements are a, b, and 1, the initial probability distribution is [1/2,1/3,/6 ], and the final probability distribution is [1/3,1/3 ], where the target element a:1/3 is less than 1/2, no adjustment is needed, target element b: 1/3=1/3, no adjustment is required; target element 1:1/6<1/3, and the adjustment is required, and in this case, the adjustment is performed by selecting the nearest 1 among the elements a, thereby obtaining abba11.
It should be noted that, the specific process of updating the eSIM security chip identity authentication data hash value according to the adjustment amount to obtain the updated eSIM security chip identity authentication data hash value is performed in both the electric 5G terminal and the terminal management and control platform, and both the electric 5G terminal and the terminal management and control platform can adopt the processing processes.
In one possible implementation manner, the performing a blocking process on the updated hash value of the eSIM security chip identity authentication data to obtain a plurality of hash value blocks includes: dividing the updated eSIM security chip identity authentication data hash value into a plurality of blocks to obtain a plurality of local hash values; decomposing the updated eSIM security chip identity authentication data hash value by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each local hash value to obtain each local hash matrix; decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode; and obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule, and multiplying each local hash matrix by the second dictionary matrix corresponding to each local hash matrix to obtain each hash value block.
Specifically, the most commonly used method for obtaining the hash value in the prior art is an SM3 method, the hash result of the SM3 method is generally 256 bits, and the SM3 result is 16 bits, namely, the maximum number of the blocks is 16, so that if the blocks are calculated according to the number of the source symbols, the minimum number of the blocks is 16, in the embodiment, 16 is selected as the number of the blocks by default, namely, when the blocks are formed, the 256-bit updated eSIM security chip identity authentication data hash value can be divided into 16 partial hash values according to the format that 16 bits are used as one data block.
The method for obtaining the first dictionary matrix comprises the steps of adopting a K-SVD dictionary learning algorithm to decompose the hash value of the identity authentication data of the updated eSIM security chip, and obtaining the first dictionary matrix comprises the following steps: converting the updated hash value (256 bits) of the eSIM security chip identity authentication data into a matrix of 16 x 16, wherein the corresponding position element in the matrix is the decimal value of the corresponding position element of the updated hash value of the eSIM security chip identity authentication data, so as to obtain a password hash matrix, and then decomposing the password hash matrix into a first dictionary matrix of 16 x 16 and a first sparse matrix of 16 x 16 through K-SVD.
The decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode comprises the following steps: grid decomposition is carried out on the first dictionary matrix of 16 x 16, and the first dictionary matrix is decomposed into second dictionary matrices of 16 4*4; the second dictionary matrix is numbered in a left to right, top to bottom order, numbered 1-16.
Wherein, adopt K-SVD dictionary learning algorithm, decompose each local hash value, obtain each local hash matrix including: and converting each 16-bit local hash value into a 10-system number to obtain a 4*4 matrix, and then decomposing the 4*4 matrix through K-SVD to obtain a local hash matrix and a local sparse matrix.
The preset matching rule refers to a corresponding relation between the local hash matrix and the second dictionary matrix, and can be formulated freely in advance. For example: the local hash matrix of the first block of local hash values corresponds to a second dictionary matrix numbered 1 and so on.
Optionally, when sending each hash value block to the terminal management and control platform, each hash value block is first converted into a vector, and then encrypted and sent to the terminal management and control platform. Based on the above, each hash value block received by the terminal management and control platform is also in a vector form, and can be converted into a matrix form after decryption. Also, since each hash value block of the obtained vector can be converted into a matrix while also being a part of the first dictionary matrix obtained by K-SVD decomposition, the entire information can be represented, that is, the partial can be made to represent the entire by the same dictionary matrix.
Where K-SVD (K singular value decomposition) is a dictionary learning algorithm for sparse representation that uses SVD for K iterations. K-SVD is a dictionary representation method, and the principle is that an original image matrix is decomposed into a product of a dictionary matrix and a sparse coding matrix. The dictionary matrix represents the features of the image, and the sparse coding matrix represents how the information in the image is obtained by combining different features. For example, three-dimensional coordinate systems (three unit vectors of X, Y and Z) can be used for representing the three-dimensional vectors, and the three vectors can be combined to represent all three-dimensional vectors, namely a dictionary, and then the three-dimensional vectors can be restored to the three-dimensional vectors by being matched with an X, Y and Z combination mode (sparse coding) of each three-dimensional vector. In the process of performing the K-SVD decomposition, all parameters such as the number of iterations should be kept consistent.
It should be noted that, the first dictionary matrix represents all the features of the hash value of the identity authentication data of the eSIM security chip that is updated integrally, including character type features, character combination features, character sequence features, and the like. The second dictionary matrix is part of the first dictionary matrix and represents local character type features, character combination features, character sequence features and the like. Thus, each local hash value block can represent the characteristics of the hash value of the identity authentication data of the whole updated eSIM security chip.
Optionally, the verifying the plurality of hash value blocks according to the updated eSIM security chip identity authentication data hash value includes: decomposing the hash value of the identity authentication data of the updated eSIM security chip by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each hash value block to obtain a local hash matrix and a local dictionary matrix of each hash value block; decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode; obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule; and traversing each hash value block, and when the second dictionary matrix corresponding to the local hash matrix of the current hash value block is the same as the local dictionary matrix of the current hash value block, verifying the current hash value block.
The specific process of decomposing the updated eSIM security chip identity authentication data hash values and each hash value block and the specific process of decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode can be seen from the specific processing process in the electric 5G terminal.
Specifically, because the local hash value blocks can represent the information of the hash value of the identity authentication data of the whole updated eSIM security chip, an attacker can completely realize the tampering of the hash value of the identity authentication data of the updated eSIM security chip only after obtaining the encrypted ciphertext of all the local hash value blocks and realizing decryption; and as long as a hash value block is not tampered, the terminal equipment can be successfully authenticated, login is realized, and the access authentication security of the electric power 5G terminal is greatly improved.
Specifically, when verifying a plurality of hash value blocks according to the updated hash value of the identity authentication data of the eSIM security chip, if the local dictionary matrix of all the hash value blocks in the single verification of the terminal management and control platform can be completely matched with the second dictionary matrix at the corresponding position of the first dictionary matrix, the direct authentication is successful, and login is allowed. If only partial dictionary matrixes of all the hash value blocks in the single verification of the terminal management and control platform can be completely matched with the second dictionary matrix at the corresponding position of the first dictionary matrix, multiple complete matches are calculated, and if partial hash value blocks in the multiple matches can be completely matched, login is allowed. If no complete match exists in the multiple matches, temporarily freezing the account number, and allowing login again after a period of time.
It should be noted that, the perfect match in the foregoing means that the local dictionary matrix of a certain hash value block and the second dictionary matrix corresponding to the first dictionary matrix are identical. This may allow login as long as it occurs continuously. Therefore, the scheme of the invention can ensure that the terminal management and control platform determines the permission of logging in or temporary freezing of the electric 5G terminal through single or multiple times of verification.
In summary, in the access authentication method of the electric power 5G terminal, the communication channel is obtained through verification of the serial number of the terminal device, then the adjustment quantity is sent through the terminal management and control platform, after the electric power 5G terminal receives the adjustment quantity, dynamic correction and blocking processing of the hash value of the eSIM security chip identity authentication data are performed according to the obtained adjustment quantity, the corrected hash value blocks are sent to the terminal management and control platform, because each corrected hash value block can represent the integral information of the hash value of the eSIM security chip identity authentication data, even if an attacker breaks encryption of the hash value blocks of part of the blocks in a short time, part of the hash value blocks are obtained, and after the rest of the hash value blocks are received by the terminal management and control platform, the corresponding part of the hash value blocks can still be obtained through decryption. Meanwhile, the dynamic update of the adjustment quantity is realized through the dynamic update of the historical record data, so that the adjustment quantity is different each time, the data of the hash value block sent by the electric power 5G terminal is different each time, and the attack difficulty is increased. Meanwhile, each hash value block can represent the information of the hash value of the identity authentication data of the integral eSIM security chip, but only probability distribution information is represented at the same time, and the actual arrangement information can be realized only by a large amount of exhaustive calculation, so that normal login can be ensured under the condition of violent attack, the purpose of tamper resistance is achieved, and meanwhile, the security is ensured. When the login is not on, the password recovery and other operations are not needed through complicated modes such as mobile phone verification codes and identity cards, and the login can be repeated only by continuous attempts.
Referring to fig. 2, in still another embodiment of the present invention, there is provided an access authentication method of a power 5G terminal, applied to a power 5G terminal of an access authentication system of the power 5G terminal, the access authentication method of the power 5G terminal including:
s101: acquiring a serial number hash value of the terminal equipment and an eSIM security chip identity authentication data hash value and sending the hash value to a terminal management and control platform; the terminal equipment serial number hash value and the eSIM security chip identity authentication data hash value are used for triggering the terminal management and control platform to verify the terminal equipment serial number according to the terminal equipment serial number hash value; when the serial number verification of the terminal equipment is passed, generating an adjustment amount and sending the adjustment amount to the electric 5G terminal; and updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the updated hash value of the identity authentication data of the eSIM security chip.
S102: receiving an adjustment quantity sent by a terminal management and control platform, and updating the identity authentication data hash value of the eSIM security chip according to the adjustment quantity to obtain an updated identity authentication data hash value of the eSIM security chip; the updated hash value of the identity authentication data of the eSIM security chip is subjected to block processing, a plurality of hash value blocks are obtained, and the hash value blocks are sent to a terminal management and control platform; the terminal management and control platform is used for updating the eSIM security chip identity authentication data hash values according to the authentication data hash values, and verifying the hash value blocks; and when each hash value block passes the verification, or when at least one hash value block passes the verification, and at least one hash value block passes the verification in the access authentication of the electric power 5G terminal continuously preset number of times, generating access authentication passing information of the electric power 5G terminal and sending the access authentication passing information to the electric power 5G terminal.
S103: and receiving access authentication passing information of the electric power 5G terminal sent by the terminal management and control platform.
The specific process of updating the hash value of the eSIM security chip identity authentication data according to the adjustment amount to obtain the updated hash value of the eSIM security chip identity authentication data, the specific process of performing block processing on the updated hash value of the eSIM security chip identity authentication data to obtain a plurality of hash value blocks, and the specific process of verifying a plurality of hash value blocks according to the updated hash value of the eSIM security chip identity authentication data can be the processing manner in the embodiment shown in fig. 1, which is not described herein.
Referring to fig. 3, in still another embodiment of the present invention, there is provided an access authentication method of a power 5G terminal, which is applied to a terminal management platform of an access authentication system of the power 5G terminal, the access authentication method of the power 5G terminal includes:
s201: receiving a terminal equipment serial number hash value and an eSIM security chip identity authentication data hash value sent by a power 5G terminal, and verifying the terminal equipment serial number according to the terminal equipment serial number hash value; when the serial number verification of the terminal equipment is passed, generating an adjustment amount and sending the adjustment amount to the electric 5G terminal; updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the updated hash value of the identity authentication data of the eSIM security chip; the adjustment quantity is used for triggering the electric 5G terminal to update the identity authentication data hash value of the eSIM security chip according to the adjustment quantity, so as to obtain an updated identity authentication data hash value of the eSIM security chip; and carrying out blocking processing on the updated hash value of the identity authentication data of the eSIM security chip to obtain a plurality of hash value blocks and sending the hash value blocks to a terminal management and control platform.
S202: receiving a plurality of hash value blocks sent by the electric 5G terminal, and verifying the hash value blocks according to the updated eSIM security chip identity authentication data hash value; and when each hash value block passes the verification, or when at least one hash value block passes the verification, and at least one hash value block passes the verification in the access authentication of the electric power 5G terminal continuously preset number of times, generating access authentication passing information of the electric power 5G terminal and sending the access authentication passing information to the electric power 5G terminal.
The specific process of updating the hash value of the eSIM security chip identity authentication data according to the adjustment amount to obtain the updated hash value of the eSIM security chip identity authentication data, the specific process of performing block processing on the updated hash value of the eSIM security chip identity authentication data to obtain a plurality of hash value blocks, and the specific process of verifying a plurality of hash value blocks according to the updated hash value of the eSIM security chip identity authentication data can be the processing manner in the embodiment shown in fig. 1, which is not described herein.
The following are device embodiments of the present invention that may be used to perform method embodiments of the present invention. For details not disclosed in the apparatus embodiments, please refer to the method embodiments of the present invention.
Referring to fig. 4, in still another embodiment of the present invention, an access authentication device for a power 5G terminal is provided, where the power 5G terminal applied to an access authentication system for a power 5G terminal can be used to implement the above access authentication method for a power 5G terminal, and specifically, the access authentication device for a power 5G terminal includes a terminal information acquisition module, a terminal processing module, and a terminal receiving module.
The terminal information acquisition module is used for acquiring a terminal equipment serial number hash value and an eSIM security chip identity authentication data hash value and transmitting the hash value to the terminal management and control platform; the terminal equipment serial number hash value and the eSIM security chip identity authentication data hash value are used for triggering the terminal management and control platform to verify the terminal equipment serial number according to the terminal equipment serial number hash value; when the serial number verification of the terminal equipment is passed, generating an adjustment amount and sending the adjustment amount to the electric 5G terminal; updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the updated hash value of the identity authentication data of the eSIM security chip; the terminal processing module is used for receiving the adjustment quantity sent by the terminal management and control platform, updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity, and obtaining the hash value of the identity authentication data of the updated eSIM security chip; the updated hash value of the identity authentication data of the eSIM security chip is subjected to block processing, a plurality of hash value blocks are obtained, and the hash value blocks are sent to a terminal management and control platform; the terminal management and control platform is used for updating the eSIM security chip identity authentication data hash values according to the authentication data hash values, and verifying the hash value blocks; when each hash value block passes the verification, or when at least one hash value block passes the verification, and at least one hash value block passes the verification in the access authentication of the electric power 5G terminal continuously preset number of times, generating access authentication passing information of the electric power 5G terminal and sending the access authentication passing information to the electric power 5G terminal; the terminal receiving module is used for receiving access authentication passing information of the electric power 5G terminal sent by the terminal management and control platform.
In one possible implementation manner, the updating the eSIM security chip identity authentication data hash value according to the adjustment amount, and obtaining the updated eSIM security chip identity authentication data hash value includes: acquiring the number m of the information source symbol categories of the adjustment quantity and the initial probability value of the m-type information source symbols, and arranging the m-type information source symbols in a descending order according to the initial probability value of the m-type information source symbols to obtain an adjustment sequence; acquiring the number n of the source symbol categories of the hash value of the eSIM security chip identity authentication data and the initial probability value of n-type source symbols, and arranging the n-type source symbols in a descending order according to the initial probability value of the n-type source symbols to obtain a probability replaced sequence; when m is greater than n, extracting the first n elements of the adjustment sequence to obtain a probability substitution sequence; replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element; when m=n, replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence; when m is less than n, replacing probability values of the first m elements in the probability replaced sequence by adopting probability values of corresponding position elements of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element; traversing each element in the probability replaced sequence, and adjusting the nearest element of the current element in the hash value of the eSIM security chip identity authentication data to be the current element when the current probability value of the current element is larger than the initial probability value; when the number of the nearest elements is two, the left nearest element is adjusted to be the current element; and after traversing, obtaining the updated hash value of the identity authentication data of the eSIM security chip.
In one possible implementation manner, the performing a blocking process on the updated hash value of the eSIM security chip identity authentication data to obtain a plurality of hash value blocks includes: dividing the updated eSIM security chip identity authentication data hash value into a plurality of blocks to obtain a plurality of local hash values; decomposing the updated eSIM security chip identity authentication data hash value by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each local hash value to obtain each local hash matrix; decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode; and obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule, and multiplying each local hash matrix by the second dictionary matrix corresponding to each local hash matrix to obtain each hash value block. And verifying a plurality of hash value blocks according to the updated eSIM security chip identity authentication data hash value comprises: decomposing the hash value of the identity authentication data of the updated eSIM security chip by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each hash value block to obtain a local hash matrix and a local dictionary matrix of each hash value block; decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode; obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule; and traversing each hash value block, and when the second dictionary matrix corresponding to the local hash matrix of the current hash value block is the same as the local dictionary matrix of the current hash value block, verifying the current hash value block.
Referring to fig. 5, in still another embodiment of the present invention, an access authentication device for a power 5G terminal is provided, which is applied to a terminal management platform of an access authentication system for a power 5G terminal and can be used to implement the above access authentication method for a power 5G terminal, and in particular, the access authentication device for a power 5G terminal includes a first authentication module and a second authentication module.
The first verification module is used for receiving a terminal equipment serial number hash value and an eSIM security chip identity authentication data hash value sent by the electric 5G terminal, and verifying the terminal equipment serial number according to the terminal equipment serial number hash value; when the serial number verification of the terminal equipment is passed, generating an adjustment amount and sending the adjustment amount to the electric 5G terminal; updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the updated hash value of the identity authentication data of the eSIM security chip; the adjustment quantity is used for triggering the electric 5G terminal to update the identity authentication data hash value of the eSIM security chip according to the adjustment quantity, so as to obtain an updated identity authentication data hash value of the eSIM security chip; the updated hash value of the identity authentication data of the eSIM security chip is subjected to block processing, a plurality of hash value blocks are obtained, and the hash value blocks are sent to a terminal management and control platform; the second verification module is used for receiving a plurality of hash value blocks sent by the electric 5G terminal and verifying the hash value blocks according to the updated eSIM security chip identity authentication data hash value; and when each hash value block passes the verification, or when at least one hash value block passes the verification, and at least one hash value block passes the verification in the access authentication of the electric power 5G terminal continuously preset number of times, generating access authentication passing information of the electric power 5G terminal and sending the access authentication passing information to the electric power 5G terminal.
In one possible implementation, the generating and sending the adjustment amount to the power 5G terminal when the terminal equipment serial number verification passes includes: acquiring a hash value of historical record data of the electric power 5G terminal, and sending the hash value to the electric power 5G terminal as an adjustment quantity; updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity, wherein the obtaining the hash value of the identity authentication data of the eSIM security chip comprises the following steps: acquiring the number m of the information source symbol categories of the adjustment quantity and the initial probability value of the m-type information source symbols, and arranging the m-type information source symbols in a descending order according to the initial probability value of the m-type information source symbols to obtain an adjustment sequence; acquiring the number n of the source symbol categories of the hash value of the eSIM security chip identity authentication data and the initial probability value of n-type source symbols, and arranging the n-type source symbols in a descending order according to the initial probability value of the n-type source symbols to obtain a probability replaced sequence; when m is greater than n, extracting the first n elements of the adjustment sequence to obtain a probability substitution sequence; replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element; when m=n, replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence; when m is less than n, replacing probability values of the first m elements in the probability replaced sequence by adopting probability values of corresponding position elements of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element; traversing each element in the probability replaced sequence, and adjusting the nearest element of the current element in the hash value of the eSIM security chip identity authentication data to be the current element when the current probability value of the current element is larger than the initial probability value; when the number of the nearest elements is two, the left nearest element is adjusted to be the current element; and after traversing, obtaining the updated hash value of the identity authentication data of the eSIM security chip.
In one possible implementation manner, the performing a blocking process on the updated hash value of the eSIM security chip identity authentication data to obtain a plurality of hash value blocks includes: dividing the updated eSIM security chip identity authentication data hash value into a plurality of blocks to obtain a plurality of local hash values; decomposing the updated eSIM security chip identity authentication data hash value by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each local hash value to obtain each local hash matrix; decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode; and obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule, and multiplying each local hash matrix by the second dictionary matrix corresponding to each local hash matrix to obtain each hash value block. And verifying a plurality of hash value blocks according to the updated eSIM security chip identity authentication data hash value comprises: decomposing the hash value of the identity authentication data of the updated eSIM security chip by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each hash value block to obtain a local hash matrix and a local dictionary matrix of each hash value block; decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode; obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule; and traversing each hash value block, and when the second dictionary matrix corresponding to the local hash matrix of the current hash value block is the same as the local dictionary matrix of the current hash value block, verifying the current hash value block.
Referring to fig. 6, in still another embodiment of the present invention, an access authentication system for a power 5G terminal is provided, including a power 5G terminal and a terminal management platform that are communicatively connected; an access authentication device of the electric power 5G terminal in the embodiment shown in fig. 4 is arranged in the electric power 5G terminal; the terminal management and control platform is internally provided with an access authentication device of the electric power 5G terminal in the embodiment shown in fig. 5.
All relevant contents of each step related to the foregoing embodiment of the access authentication method of the electric 5G terminal may be cited to the functional description of the functional module corresponding to the access authentication device of the electric 5G terminal in the embodiment of the present invention, which is not described herein.
The division of the modules in the embodiments of the present invention is schematically only one logic function division, and there may be another division manner in actual implementation, and in addition, each functional module in each embodiment of the present invention may be integrated in one processor, or may exist separately and physically, or two or more modules may be integrated in one module. The integrated modules may be implemented in hardware or in software functional modules.
In yet another embodiment of the present invention, a computer device is provided that includes a processor and a memory for storing a computer program including program instructions, the processor for executing the program instructions stored by the computer storage medium. The processor may be a central processing unit (Central Processing Unit, CPU), but may also be other general purpose processor, digital signal processor (Digital Signal Processor, DSP), application specific integrated circuit (Application Specific Integrated Circuit, ASIC), off-the-shelf Programmable gate array (FPGA) or other Programmable logic device, discrete gate or transistor logic device, discrete hardware components, etc., which are the computational core and control core of the terminal adapted to implement one or more instructions, in particular to load and execute one or more instructions in a computer storage medium to implement the corresponding method flow or corresponding functions; the processor provided by the embodiment of the invention can be used for the operation of the access authentication method of the power 5G terminal.
In yet another embodiment of the present invention, a storage medium, specifically a computer readable storage medium (Memory), is a Memory device in a computer device, for storing a program and data. It is understood that the computer readable storage medium herein may include both built-in storage media in a computer device and extended storage media supported by the computer device. The computer-readable storage medium provides a storage space storing an operating system of the terminal. Also stored in the memory space are one or more instructions, which may be one or more computer programs (including program code), adapted to be loaded and executed by the processor. The computer readable storage medium herein may be a high-speed RAM memory or a non-volatile memory (non-volatile memory), such as at least one magnetic disk memory. One or more instructions stored in a computer-readable storage medium may be loaded and executed by a processor to implement the respective steps of the access authentication method for a power 5G terminal in the above embodiments.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Finally, it should be noted that: the above embodiments are only for illustrating the technical aspects of the present invention and not for limiting the same, and although the present invention has been described in detail with reference to the above embodiments, it should be understood by those of ordinary skill in the art that: modifications and equivalents may be made to the specific embodiments of the invention without departing from the spirit and scope of the invention, which is intended to be covered by the claims.
Claims (17)
1. The access authentication method of the electric power 5G terminal is characterized by being applied to an access authentication system of the electric power 5G terminal, wherein the access authentication system of the electric power 5G terminal comprises the electric power 5G terminal and a terminal management and control platform which are in communication connection;
the access authentication method of the power 5G terminal comprises the following steps:
the electric 5G terminal obtains a terminal equipment serial number hash value and an eSIM security chip identity authentication data hash value and sends the values to a terminal management and control platform;
the terminal management and control platform receives a terminal equipment serial number hash value and an eSIM security chip identity authentication data hash value sent by the electric 5G terminal, and verifies the terminal equipment serial number according to the terminal equipment serial number hash value; when the serial number verification of the terminal equipment is passed, generating an adjustment amount and sending the adjustment amount to the electric 5G terminal; updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the updated hash value of the identity authentication data of the eSIM security chip;
the electric power 5G terminal receives the adjustment quantity sent by the terminal management and control platform, and updates the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the hash value of the identity authentication data of the eSIM security chip; the updated hash value of the identity authentication data of the eSIM security chip is subjected to block processing, a plurality of hash value blocks are obtained, and the hash value blocks are sent to a terminal management and control platform;
The terminal management and control platform receives a plurality of hash value blocks sent by the electric 5G terminal, and verifies the hash value blocks according to the updated eSIM security chip identity authentication data hash value; when each hash value block passes the verification, or when at least one hash value block passes the verification, and at least one hash value block passes the verification in the access authentication of the electric power 5G terminal continuously preset number of times, generating access authentication passing information of the electric power 5G terminal and sending the access authentication passing information to the electric power 5G terminal;
and the electric power 5G terminal receives the access authentication passing information of the electric power 5G terminal sent by the terminal management and control platform.
2. The access authentication method of a power 5G terminal according to claim 1, wherein generating and transmitting the adjustment amount to the power 5G terminal when the terminal device serial number verification is passed comprises:
and acquiring a hash value of the history record data of the power 5G terminal, and sending the hash value to the power 5G terminal as an adjustment quantity.
3. The access authentication method of the power 5G terminal of claim 2, wherein updating the eSIM security chip identity authentication data hash value according to the adjustment amount, the obtaining the updated eSIM security chip identity authentication data hash value comprises:
acquiring the number m of the information source symbol categories of the adjustment quantity and the initial probability value of the m-type information source symbols, and arranging the m-type information source symbols in a descending order according to the initial probability value of the m-type information source symbols to obtain an adjustment sequence;
Acquiring the number n of the source symbol categories of the hash value of the eSIM security chip identity authentication data and the initial probability value of n-type source symbols, and arranging the n-type source symbols in a descending order according to the initial probability value of the n-type source symbols to obtain a probability replaced sequence;
when m is greater than n, extracting the first n elements of the adjustment sequence to obtain a probability substitution sequence; replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
when m=n, replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence;
when m is less than n, replacing probability values of the first m elements in the probability replaced sequence by adopting probability values of corresponding position elements of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
traversing each element in the probability replaced sequence, and adjusting the nearest element of the current element in the hash value of the eSIM security chip identity authentication data to be the current element when the current probability value of the current element is larger than the initial probability value; when the number of the nearest elements is two, the left nearest element is adjusted to be the current element;
And after traversing, obtaining the updated hash value of the identity authentication data of the eSIM security chip.
4. The method for access authentication of a power 5G terminal according to claim 1, wherein the performing a block processing on the updated hash value of the eSIM security chip identity authentication data to obtain a plurality of hash value blocks includes:
dividing the updated eSIM security chip identity authentication data hash value into a plurality of blocks to obtain a plurality of local hash values;
decomposing the updated eSIM security chip identity authentication data hash value by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each local hash value to obtain each local hash matrix;
decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule, and multiplying each local hash matrix by the second dictionary matrix corresponding to each local hash matrix to obtain each hash value block;
and verifying a plurality of hash value blocks according to the updated eSIM security chip identity authentication data hash value comprises:
decomposing the hash value of the identity authentication data of the updated eSIM security chip by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each hash value block to obtain a local hash matrix and a local dictionary matrix of each hash value block;
Decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule;
and traversing each hash value block, and when the second dictionary matrix corresponding to the local hash matrix of the current hash value block is the same as the local dictionary matrix of the current hash value block, verifying the current hash value block.
5. The access authentication method of the electric power 5G terminal is characterized by being applied to the electric power 5G terminal of an access authentication system of the electric power 5G terminal, wherein the access authentication system of the electric power 5G terminal comprises the electric power 5G terminal and a terminal management and control platform which are in communication connection;
the access authentication method of the power 5G terminal comprises the following steps:
acquiring a serial number hash value of the terminal equipment and an eSIM security chip identity authentication data hash value and sending the hash value to a terminal management and control platform; the terminal equipment serial number hash value and the eSIM security chip identity authentication data hash value are used for triggering the terminal management and control platform to verify the terminal equipment serial number according to the terminal equipment serial number hash value; when the serial number verification of the terminal equipment is passed, generating an adjustment amount and sending the adjustment amount to the electric 5G terminal; updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the updated hash value of the identity authentication data of the eSIM security chip;
Receiving an adjustment quantity sent by a terminal management and control platform, and updating the identity authentication data hash value of the eSIM security chip according to the adjustment quantity to obtain an updated identity authentication data hash value of the eSIM security chip; the updated hash value of the identity authentication data of the eSIM security chip is subjected to block processing, a plurality of hash value blocks are obtained, and the hash value blocks are sent to a terminal management and control platform; the terminal management and control platform is used for updating the eSIM security chip identity authentication data hash values according to the authentication data hash values, and verifying the hash value blocks; when each hash value block passes the verification, or when at least one hash value block passes the verification, and at least one hash value block passes the verification in the access authentication of the electric power 5G terminal continuously preset number of times, generating access authentication passing information of the electric power 5G terminal and sending the access authentication passing information to the electric power 5G terminal;
and receiving access authentication passing information of the electric power 5G terminal sent by the terminal management and control platform.
6. The method for access authentication of a power 5G terminal according to claim 5, wherein updating the eSIM security chip identity authentication data hash value according to the adjustment amount, the obtaining the updated eSIM security chip identity authentication data hash value comprises:
acquiring the number m of the information source symbol categories of the adjustment quantity and the initial probability value of the m-type information source symbols, and arranging the m-type information source symbols in a descending order according to the initial probability value of the m-type information source symbols to obtain an adjustment sequence;
Acquiring the number n of the source symbol categories of the hash value of the eSIM security chip identity authentication data and the initial probability value of n-type source symbols, and arranging the n-type source symbols in a descending order according to the initial probability value of the n-type source symbols to obtain a probability replaced sequence;
when m is greater than n, extracting the first n elements of the adjustment sequence to obtain a probability substitution sequence; replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
when m=n, replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence;
when m is less than n, replacing probability values of the first m elements in the probability replaced sequence by adopting probability values of corresponding position elements of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
traversing each element in the probability replaced sequence, and adjusting the nearest element of the current element in the hash value of the eSIM security chip identity authentication data to be the current element when the current probability value of the current element is larger than the initial probability value; when the number of the nearest elements is two, the left nearest element is adjusted to be the current element;
And after traversing, obtaining the updated hash value of the identity authentication data of the eSIM security chip.
7. The method for access authentication of a power 5G terminal according to claim 5, wherein the performing a block processing on the updated hash value of the eSIM security chip identity authentication data to obtain a plurality of hash value blocks includes:
dividing the updated eSIM security chip identity authentication data hash value into a plurality of blocks to obtain a plurality of local hash values;
decomposing the updated eSIM security chip identity authentication data hash value by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each local hash value to obtain each local hash matrix;
decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule, and multiplying each local hash matrix by the second dictionary matrix corresponding to each local hash matrix to obtain each hash value block;
and verifying a plurality of hash value blocks according to the updated eSIM security chip identity authentication data hash value comprises:
decomposing the hash value of the identity authentication data of the updated eSIM security chip by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each hash value block to obtain a local hash matrix and a local dictionary matrix of each hash value block;
Decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule;
and traversing each hash value block, and when the second dictionary matrix corresponding to the local hash matrix of the current hash value block is the same as the local dictionary matrix of the current hash value block, verifying the current hash value block.
8. The access authentication method of the electric power 5G terminal is characterized by being applied to a terminal management and control platform of an access authentication system of the electric power 5G terminal, wherein the access authentication system of the electric power 5G terminal comprises the electric power 5G terminal and the terminal management and control platform which are in communication connection;
the access authentication method of the power 5G terminal comprises the following steps:
receiving a terminal equipment serial number hash value and an eSIM security chip identity authentication data hash value sent by a power 5G terminal, and verifying the terminal equipment serial number according to the terminal equipment serial number hash value; when the serial number verification of the terminal equipment is passed, generating an adjustment amount and sending the adjustment amount to the electric 5G terminal; updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the updated hash value of the identity authentication data of the eSIM security chip; the adjustment quantity is used for triggering the electric 5G terminal to update the identity authentication data hash value of the eSIM security chip according to the adjustment quantity, so as to obtain an updated identity authentication data hash value of the eSIM security chip; the updated hash value of the identity authentication data of the eSIM security chip is subjected to block processing, a plurality of hash value blocks are obtained, and the hash value blocks are sent to a terminal management and control platform;
Receiving a plurality of hash value blocks sent by the electric 5G terminal, and verifying the hash value blocks according to the updated eSIM security chip identity authentication data hash value; and when each hash value block passes the verification, or when at least one hash value block passes the verification, and at least one hash value block passes the verification in the access authentication of the electric power 5G terminal continuously preset number of times, generating access authentication passing information of the electric power 5G terminal and sending the access authentication passing information to the electric power 5G terminal.
9. The access authentication method of a power 5G terminal according to claim 8, wherein generating and transmitting the adjustment amount to the power 5G terminal when the terminal device serial number verification is passed comprises:
acquiring a hash value of historical record data of the electric power 5G terminal, and sending the hash value to the electric power 5G terminal as an adjustment quantity;
updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity, wherein the obtaining the hash value of the identity authentication data of the eSIM security chip comprises the following steps:
acquiring the number m of the information source symbol categories of the adjustment quantity and the initial probability value of the m-type information source symbols, and arranging the m-type information source symbols in a descending order according to the initial probability value of the m-type information source symbols to obtain an adjustment sequence;
acquiring the number n of the source symbol categories of the hash value of the eSIM security chip identity authentication data and the initial probability value of n-type source symbols, and arranging the n-type source symbols in a descending order according to the initial probability value of the n-type source symbols to obtain a probability replaced sequence;
When m is greater than n, extracting the first n elements of the adjustment sequence to obtain a probability substitution sequence; replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
when m=n, replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence;
when m is less than n, replacing probability values of the first m elements in the probability replaced sequence by adopting probability values of corresponding position elements of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
traversing each element in the probability replaced sequence, and adjusting the nearest element of the current element in the hash value of the eSIM security chip identity authentication data to be the current element when the current probability value of the current element is larger than the initial probability value; when the number of the nearest elements is two, the left nearest element is adjusted to be the current element;
And after traversing, obtaining the updated hash value of the identity authentication data of the eSIM security chip.
10. The method for access authentication of a power 5G terminal according to claim 8, wherein the performing the blocking processing on the updated eSIM security chip identity authentication data hash value to obtain a plurality of hash value blocks includes:
dividing the updated eSIM security chip identity authentication data hash value into a plurality of blocks to obtain a plurality of local hash values;
decomposing the updated eSIM security chip identity authentication data hash value by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each local hash value to obtain each local hash matrix;
decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule, and multiplying each local hash matrix by the second dictionary matrix corresponding to each local hash matrix to obtain each hash value block;
and verifying a plurality of hash value blocks according to the updated eSIM security chip identity authentication data hash value comprises:
decomposing the hash value of the identity authentication data of the updated eSIM security chip by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each hash value block to obtain a local hash matrix and a local dictionary matrix of each hash value block;
Decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule;
and traversing each hash value block, and when the second dictionary matrix corresponding to the local hash matrix of the current hash value block is the same as the local dictionary matrix of the current hash value block, verifying the current hash value block.
11. The access authentication device of the electric power 5G terminal is characterized by being applied to the electric power 5G terminal of an access authentication system of the electric power 5G terminal, wherein the access authentication system of the electric power 5G terminal comprises the electric power 5G terminal and a terminal management and control platform which are in communication connection;
the access authentication device of the power 5G terminal comprises:
the terminal information acquisition module is used for acquiring a terminal equipment serial number hash value and an eSIM security chip identity authentication data hash value and transmitting the hash value to the terminal management and control platform; the terminal equipment serial number hash value and the eSIM security chip identity authentication data hash value are used for triggering the terminal management and control platform to verify the terminal equipment serial number according to the terminal equipment serial number hash value; when the serial number verification of the terminal equipment is passed, generating an adjustment amount and sending the adjustment amount to the electric 5G terminal; updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the updated hash value of the identity authentication data of the eSIM security chip;
The terminal processing module is used for receiving the adjustment quantity sent by the terminal management and control platform, updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity, and obtaining the hash value of the identity authentication data of the eSIM security chip; the updated hash value of the identity authentication data of the eSIM security chip is subjected to block processing, a plurality of hash value blocks are obtained, and the hash value blocks are sent to a terminal management and control platform; the terminal management and control platform is used for updating the eSIM security chip identity authentication data hash values according to the authentication data hash values, and verifying the hash value blocks; when each hash value block passes the verification, or when at least one hash value block passes the verification, and at least one hash value block passes the verification in the access authentication of the electric power 5G terminal continuously preset number of times, generating access authentication passing information of the electric power 5G terminal and sending the access authentication passing information to the electric power 5G terminal;
and the terminal receiving module is used for receiving the access authentication passing information of the electric power 5G terminal sent by the terminal management and control platform.
12. The access authentication device of the power 5G terminal of claim 11, wherein updating the eSIM security chip identity authentication data hash value according to the adjustment amount, the obtaining the updated eSIM security chip identity authentication data hash value comprises:
Acquiring the number m of the information source symbol categories of the adjustment quantity and the initial probability value of the m-type information source symbols, and arranging the m-type information source symbols in a descending order according to the initial probability value of the m-type information source symbols to obtain an adjustment sequence;
acquiring the number n of the source symbol categories of the hash value of the eSIM security chip identity authentication data and the initial probability value of n-type source symbols, and arranging the n-type source symbols in a descending order according to the initial probability value of the n-type source symbols to obtain a probability replaced sequence;
when m is greater than n, extracting the first n elements of the adjustment sequence to obtain a probability substitution sequence; replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
when m=n, replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence;
when m is less than n, replacing probability values of the first m elements in the probability replaced sequence by adopting probability values of corresponding position elements of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
Traversing each element in the probability replaced sequence, and adjusting the nearest element of the current element in the hash value of the eSIM security chip identity authentication data to be the current element when the current probability value of the current element is larger than the initial probability value; when the number of the nearest elements is two, the left nearest element is adjusted to be the current element;
and after traversing, obtaining the updated hash value of the identity authentication data of the eSIM security chip.
13. The access authentication device of the power 5G terminal of claim 11, wherein the performing the blocking processing on the updated eSIM security chip identity authentication data hash value to obtain a plurality of hash value blocks includes:
dividing the updated eSIM security chip identity authentication data hash value into a plurality of blocks to obtain a plurality of local hash values;
decomposing the updated eSIM security chip identity authentication data hash value by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each local hash value to obtain each local hash matrix;
decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule, and multiplying each local hash matrix by the second dictionary matrix corresponding to each local hash matrix to obtain each hash value block;
And verifying a plurality of hash value blocks according to the updated eSIM security chip identity authentication data hash value comprises:
decomposing the hash value of the identity authentication data of the updated eSIM security chip by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each hash value block to obtain a local hash matrix and a local dictionary matrix of each hash value block;
decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule;
and traversing each hash value block, and when the second dictionary matrix corresponding to the local hash matrix of the current hash value block is the same as the local dictionary matrix of the current hash value block, verifying the current hash value block.
14. The access authentication device of the electric power 5G terminal is characterized by being applied to a terminal management and control platform of an access authentication system of the electric power 5G terminal, wherein the access authentication system of the electric power 5G terminal comprises the electric power 5G terminal and the terminal management and control platform which are in communication connection;
the access authentication device of the power 5G terminal comprises:
the first verification module is used for receiving a terminal equipment serial number hash value and an eSIM security chip identity authentication data hash value sent by the electric 5G terminal, and verifying the terminal equipment serial number according to the terminal equipment serial number hash value; when the serial number verification of the terminal equipment is passed, generating an adjustment amount and sending the adjustment amount to the electric 5G terminal; updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity to obtain the updated hash value of the identity authentication data of the eSIM security chip; the adjustment quantity is used for triggering the electric 5G terminal to update the identity authentication data hash value of the eSIM security chip according to the adjustment quantity, so as to obtain an updated identity authentication data hash value of the eSIM security chip; the updated hash value of the identity authentication data of the eSIM security chip is subjected to block processing, a plurality of hash value blocks are obtained, and the hash value blocks are sent to a terminal management and control platform;
The second verification module is used for receiving a plurality of hash value blocks sent by the electric 5G terminal and verifying the hash value blocks according to the updated eSIM security chip identity authentication data hash value; and when each hash value block passes the verification, or when at least one hash value block passes the verification, and at least one hash value block passes the verification in the access authentication of the electric power 5G terminal continuously preset number of times, generating access authentication passing information of the electric power 5G terminal and sending the access authentication passing information to the electric power 5G terminal.
15. The access authentication apparatus of a power 5G terminal according to claim 14, wherein the generating and transmitting the adjustment amount to the power 5G terminal when the terminal device serial number verification is passed comprises:
acquiring a hash value of historical record data of the electric power 5G terminal, and sending the hash value to the electric power 5G terminal as an adjustment quantity;
updating the hash value of the identity authentication data of the eSIM security chip according to the adjustment quantity, wherein the obtaining the hash value of the identity authentication data of the eSIM security chip comprises the following steps:
acquiring the number m of the information source symbol categories of the adjustment quantity and the initial probability value of the m-type information source symbols, and arranging the m-type information source symbols in a descending order according to the initial probability value of the m-type information source symbols to obtain an adjustment sequence;
Acquiring the number n of the source symbol categories of the hash value of the eSIM security chip identity authentication data and the initial probability value of n-type source symbols, and arranging the n-type source symbols in a descending order according to the initial probability value of the n-type source symbols to obtain a probability replaced sequence;
when m is greater than n, extracting the first n elements of the adjustment sequence to obtain a probability substitution sequence; replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
when m=n, replacing the probability value of each element of the probability replaced sequence by adopting the probability value of the corresponding position element of the adjustment sequence;
when m is less than n, replacing probability values of the first m elements in the probability replaced sequence by adopting probability values of corresponding position elements of the adjustment sequence; updating the probability value of each element in the probability replaced sequence according to the ratio of the current probability value of each element in the probability replaced sequence to the sum of the current probability values of each element;
traversing each element in the probability replaced sequence, and adjusting the nearest element of the current element in the hash value of the eSIM security chip identity authentication data to be the current element when the current probability value of the current element is larger than the initial probability value; when the number of the nearest elements is two, the left nearest element is adjusted to be the current element;
And after traversing, obtaining the updated hash value of the identity authentication data of the eSIM security chip.
16. The access authentication device of the power 5G terminal of claim 14, wherein the performing the blocking processing on the updated eSIM security chip identity authentication data hash value to obtain a plurality of hash value blocks includes:
dividing the updated eSIM security chip identity authentication data hash value into a plurality of blocks to obtain a plurality of local hash values;
decomposing the updated eSIM security chip identity authentication data hash value by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each local hash value to obtain each local hash matrix;
decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule, and multiplying each local hash matrix by the second dictionary matrix corresponding to each local hash matrix to obtain each hash value block;
and verifying a plurality of hash value blocks according to the updated eSIM security chip identity authentication data hash value comprises:
decomposing the hash value of the identity authentication data of the updated eSIM security chip by adopting a K-SVD dictionary learning algorithm to obtain a first dictionary matrix, and decomposing each hash value block to obtain a local hash matrix and a local dictionary matrix of each hash value block;
Decomposing the first dictionary matrix into a plurality of second dictionary matrices by adopting a grid decomposition mode;
obtaining a second dictionary matrix corresponding to each local hash matrix according to a preset matching rule;
and traversing each hash value block, and when the second dictionary matrix corresponding to the local hash matrix of the current hash value block is the same as the local dictionary matrix of the current hash value block, verifying the current hash value block.
17. The access authentication system of the electric power 5G terminal is characterized by comprising the electric power 5G terminal and a terminal management and control platform which are in communication connection;
an access authentication device of the electric 5G terminal according to any one of claims 11 to 13 is provided in the electric 5G terminal;
an access authentication device of the electric power 5G terminal according to any one of claims 14 to 16 is arranged in the terminal management and control platform.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310971433.0A CN116684870B (en) | 2023-08-03 | 2023-08-03 | Access authentication method, device and system of electric power 5G terminal |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310971433.0A CN116684870B (en) | 2023-08-03 | 2023-08-03 | Access authentication method, device and system of electric power 5G terminal |
Publications (2)
Publication Number | Publication Date |
---|---|
CN116684870A true CN116684870A (en) | 2023-09-01 |
CN116684870B CN116684870B (en) | 2023-10-20 |
Family
ID=87787732
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310971433.0A Active CN116684870B (en) | 2023-08-03 | 2023-08-03 | Access authentication method, device and system of electric power 5G terminal |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116684870B (en) |
Citations (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20040106098A (en) * | 2003-06-10 | 2004-12-17 | 홍상선 | Ubiquitous Personal Mutual authentication method |
CN101160887A (en) * | 2005-12-28 | 2008-04-09 | 华为技术有限公司 | Wireless access method, device and system |
CN101834867A (en) * | 2010-05-07 | 2010-09-15 | 杭州华三通信技术有限公司 | Client security protection method and device |
CN101867473A (en) * | 2010-01-27 | 2010-10-20 | 南京大学 | Connection establishment method and access authentication system for blocking-attacking resistant shared media terminal |
CN110267270A (en) * | 2019-05-07 | 2019-09-20 | 国网浙江省电力有限公司电力科学研究院 | A kind of substation's inner sensor terminal access Border Gateway authentication intelligence contract |
CN111386674A (en) * | 2017-08-28 | 2020-07-07 | 迈锐奥塔企业有限公司 | Terminal identity protection method in communication system |
CN112218294A (en) * | 2020-09-08 | 2021-01-12 | 深圳市燃气集团股份有限公司 | 5G-based access method and system for Internet of things equipment and storage medium |
CN112311553A (en) * | 2020-08-24 | 2021-02-02 | 山东卓文信息科技有限公司 | Equipment authentication method based on challenge response |
CN112312393A (en) * | 2020-11-13 | 2021-02-02 | 国网安徽省电力有限公司信息通信分公司 | 5G application access authentication method and 5G application access authentication network architecture |
CN112883111A (en) * | 2020-08-20 | 2021-06-01 | 王红根 | Information management method, system and platform based on block chain digital currency finance |
CN113329397A (en) * | 2021-07-06 | 2021-08-31 | 国网上海市电力公司 | Power terminal security access authentication method, device and system in 5G communication environment |
CN113569223A (en) * | 2021-06-30 | 2021-10-29 | 珠海晶通科技有限公司 | Safety authentication method for off-line equipment |
CN114139123A (en) * | 2021-09-10 | 2022-03-04 | 南方电网数字电网研究院有限公司 | Intelligent electric meter safety access method and system based on ECC accumulator |
CN114363884A (en) * | 2021-11-30 | 2022-04-15 | 国网安徽省电力有限公司信息通信分公司 | Terminal distributed cross-domain authentication method and system under transformer substation edge network environment |
CN115150109A (en) * | 2021-03-29 | 2022-10-04 | 中移(上海)信息通信科技有限公司 | Authentication method, device and related equipment |
CN115694966A (en) * | 2022-10-27 | 2023-02-03 | 南阳师范学院 | Access authentication method and device for intelligent household terminal equipment |
CN115987655A (en) * | 2022-12-28 | 2023-04-18 | 北京上元信安技术有限公司 | Remote access method, system and equipment based on user identity deep recognition |
CN116015807A (en) * | 2022-12-15 | 2023-04-25 | 广东电网有限责任公司 | Lightweight terminal security access authentication method based on edge calculation |
-
2023
- 2023-08-03 CN CN202310971433.0A patent/CN116684870B/en active Active
Patent Citations (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20040106098A (en) * | 2003-06-10 | 2004-12-17 | 홍상선 | Ubiquitous Personal Mutual authentication method |
CN101160887A (en) * | 2005-12-28 | 2008-04-09 | 华为技术有限公司 | Wireless access method, device and system |
CN101867473A (en) * | 2010-01-27 | 2010-10-20 | 南京大学 | Connection establishment method and access authentication system for blocking-attacking resistant shared media terminal |
CN101834867A (en) * | 2010-05-07 | 2010-09-15 | 杭州华三通信技术有限公司 | Client security protection method and device |
CN111386674A (en) * | 2017-08-28 | 2020-07-07 | 迈锐奥塔企业有限公司 | Terminal identity protection method in communication system |
CN110267270A (en) * | 2019-05-07 | 2019-09-20 | 国网浙江省电力有限公司电力科学研究院 | A kind of substation's inner sensor terminal access Border Gateway authentication intelligence contract |
CN112883111A (en) * | 2020-08-20 | 2021-06-01 | 王红根 | Information management method, system and platform based on block chain digital currency finance |
CN112311553A (en) * | 2020-08-24 | 2021-02-02 | 山东卓文信息科技有限公司 | Equipment authentication method based on challenge response |
CN112218294A (en) * | 2020-09-08 | 2021-01-12 | 深圳市燃气集团股份有限公司 | 5G-based access method and system for Internet of things equipment and storage medium |
CN112312393A (en) * | 2020-11-13 | 2021-02-02 | 国网安徽省电力有限公司信息通信分公司 | 5G application access authentication method and 5G application access authentication network architecture |
CN115150109A (en) * | 2021-03-29 | 2022-10-04 | 中移(上海)信息通信科技有限公司 | Authentication method, device and related equipment |
CN113569223A (en) * | 2021-06-30 | 2021-10-29 | 珠海晶通科技有限公司 | Safety authentication method for off-line equipment |
CN113329397A (en) * | 2021-07-06 | 2021-08-31 | 国网上海市电力公司 | Power terminal security access authentication method, device and system in 5G communication environment |
CN114139123A (en) * | 2021-09-10 | 2022-03-04 | 南方电网数字电网研究院有限公司 | Intelligent electric meter safety access method and system based on ECC accumulator |
CN114363884A (en) * | 2021-11-30 | 2022-04-15 | 国网安徽省电力有限公司信息通信分公司 | Terminal distributed cross-domain authentication method and system under transformer substation edge network environment |
CN115694966A (en) * | 2022-10-27 | 2023-02-03 | 南阳师范学院 | Access authentication method and device for intelligent household terminal equipment |
CN116015807A (en) * | 2022-12-15 | 2023-04-25 | 广东电网有限责任公司 | Lightweight terminal security access authentication method based on edge calculation |
CN115987655A (en) * | 2022-12-28 | 2023-04-18 | 北京上元信安技术有限公司 | Remote access method, system and equipment based on user identity deep recognition |
Also Published As
Publication number | Publication date |
---|---|
CN116684870B (en) | 2023-10-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8752165B2 (en) | Provisioning secrets in an unsecured environment | |
CN111435913B (en) | Identity authentication method and device for terminal of Internet of things and storage medium | |
CN101926188B (en) | Security policy distribution to communication terminal | |
CN115396121B (en) | Security authentication method for security chip OTA data packet and security chip device | |
CN111181723B (en) | Method and device for offline security authentication between Internet of things devices | |
CN112311533B (en) | Terminal identity authentication method, system and storage medium | |
CN104836784A (en) | Information processing method, client, and server | |
CN109005184A (en) | File encrypting method and device, storage medium, terminal | |
CN115065472A (en) | Multi-key encryption and decryption-based security chip encryption and decryption method and device | |
CN112202556A (en) | Security authentication method, device and system | |
CN111931533A (en) | Authentication method for multiple owner RFID tags | |
CN111818087B (en) | Block chain node access method, device, equipment and readable storage medium | |
CN111490874B (en) | Distribution network safety protection method, system, device and storage medium | |
CN114765543A (en) | Encryption communication method and system of quantum cryptography network expansion equipment | |
CN116684870B (en) | Access authentication method, device and system of electric power 5G terminal | |
CN114745114B (en) | Key agreement method, device, equipment and medium based on password derivation | |
CN109951417B (en) | Identity authentication method, system and terminal equipment | |
CN113746642B (en) | Method and system for communication between computers | |
CN114500064B (en) | Communication security verification method and device, storage medium and electronic equipment | |
CN112182551B (en) | PLC equipment identity authentication system and PLC equipment identity authentication method | |
CN116155483A (en) | Block chain signing machine safety design method and signing machine | |
CN114372241A (en) | Internet of things terminal identity authentication method, system, device and storage medium | |
CN113448527A (en) | Data synchronization method and device, computer equipment and storage medium | |
CN109104393B (en) | Identity authentication method, device and system | |
EP3200388B1 (en) | User permission check system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |