CN116912985B - Door lock control method, device, system, equipment and medium based on dynamic password - Google Patents

Door lock control method, device, system, equipment and medium based on dynamic password Download PDF

Info

Publication number
CN116912985B
CN116912985B CN202311182234.8A CN202311182234A CN116912985B CN 116912985 B CN116912985 B CN 116912985B CN 202311182234 A CN202311182234 A CN 202311182234A CN 116912985 B CN116912985 B CN 116912985B
Authority
CN
China
Prior art keywords
door lock
dynamic password
sensitive information
unlocking request
unlocking
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202311182234.8A
Other languages
Chinese (zh)
Other versions
CN116912985A (en
Inventor
李海红
吴谨妙
胡晓霞
蓝建春
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Dinghyun Commercial Code Evaluation Technology Shenzhen Co ltd
Original Assignee
Dinghyun Commercial Code Evaluation Technology Shenzhen Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dinghyun Commercial Code Evaluation Technology Shenzhen Co ltd filed Critical Dinghyun Commercial Code Evaluation Technology Shenzhen Co ltd
Priority to CN202311182234.8A priority Critical patent/CN116912985B/en
Publication of CN116912985A publication Critical patent/CN116912985A/en
Application granted granted Critical
Publication of CN116912985B publication Critical patent/CN116912985B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00571Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/00412Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal being encrypted
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/0042Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal containing a code which is changed
    • G07C2009/00476Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal containing a code which is changed dynamically
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/08Randomization, e.g. dummy operations or using noise
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Abstract

The embodiment of the application provides a door lock control method, device, system, equipment and medium based on a dynamic password, and relates to the technical field of door lock unlocking. The method comprises the following steps: responding to an unlocking request of a user, generating sensitive information based on the unlocking request and sending the sensitive information to a cloud server password machine, so that the cloud server password machine generates a first dynamic password according to the random information and the sensitive information and sends the first dynamic password to a target mobile terminal corresponding to the unlocking request; and receiving an unlocking instruction sent by the target mobile terminal based on the first dynamic password, generating a second dynamic password according to the random information and the sensitive information, and verifying the unlocking instruction based on the second dynamic password so as to perform door lock control according to a verification result. According to the method and the device for unlocking the door, the random information is generated when the unlocking request is responded each time, and the dynamic password is generated according to the random information to be used for verifying unlocking, so that the randomness of the unlocking process is improved, the unlocking process is not easy to crack and copy, and the reliability and the safety of door access unlocking are improved.

Description

Door lock control method, device, system, equipment and medium based on dynamic password
Technical Field
The application relates to the technical field of door lock unlocking, in particular to a door lock control method, device, system, equipment and medium based on a dynamic password.
Background
At present, most of intelligent door locks are unlocked by adopting the modes of passwords, fingerprints, faces, access cards and keys, but because the data of the passwords, the fingerprints, the faces and the like are preset and fixedly stored locally, the access is unlocked by adopting the modes, the randomness is weaker, and the intelligent door locks are easier to crack and copy, so that the reliability and the safety of the intelligent door locks are not high.
Disclosure of Invention
The embodiment of the application aims to provide a door lock control method, device, system, equipment and medium based on a dynamic password, which are used for improving the reliability and safety of an intelligent door lock.
In a first aspect, an embodiment of the present application provides a door lock control method based on a dynamic password, which is executed by an intelligent door lock, including:
responding to an unlocking request of a user, generating sensitive information based on the unlocking request and sending the sensitive information to a cloud server password machine, so that the cloud server password machine generates a first dynamic password according to random information and the sensitive information and sends the first dynamic password to a target mobile terminal corresponding to the unlocking request;
receiving an unlocking instruction sent by the target mobile terminal based on the first dynamic password, generating a second dynamic password according to the random information and the sensitive information, and verifying the unlocking instruction based on the second dynamic password so as to perform door lock control according to a verification result;
the random information is generated when the intelligent door lock responds to an unlocking request and is sent to the cloud server password machine, or the random information is generated when the cloud server password machine receives the sensitive information and is sent to the intelligent door lock.
In the embodiment of the application, the random information is generated when the unlocking request is responded each time, and the dynamic password is generated according to the random information to verify the unlocking, so that the randomness of the unlocking process is improved, the unlocking and the copying are not easy to be cracked, and the reliability and the safety of the door control unlocking are improved.
In some possible embodiments, before the generating the sensitive information based on the unlocking request and sending the sensitive information to a cloud server crypto engine, the method further includes:
responding to an unlocking request of a user, negotiating with a cloud server cipher machine to generate a session key corresponding to the unlocking request;
after the negotiation with the cloud server crypto-engine to generate the session key corresponding to the unlocking request, the door lock control method based on the dynamic password further comprises the following steps:
and data encryption transmission is carried out between the intelligent door lock and the cloud server cipher machine and between the cloud server cipher machine and the target mobile terminal by adopting the session key corresponding to the unlocking request.
In the embodiment of the application, the session key of one-time pad is negotiated and generated when the unlocking request is responded, so that data transmission between the intelligent door lock and the cloud server password and between the cloud server password machine and the mobile terminal is encrypted, the randomness of the session key is enhanced, the safety of the data transmission is improved, and the reliability and the safety of door control unlocking are further improved.
In some possible embodiments, the sensitive information includes at least one of: the intelligent door lock comprises an IP address of the intelligent door lock, a mobile phone number carried by the unlocking request and a timestamp corresponding to the unlocking request.
In the embodiment of the application, the sensitive information comprises at least one of IP address, mobile phone number, time stamp and the like, so that the randomness of the finally generated dynamic password is further improved, and the reliability and safety of door control unlocking are further improved.
In some possible embodiments, the cloud server crypto-engine generates a first dynamic password according to the random information and the sensitive information, specifically:
the cloud server crypto machine splices at least one of the random information and the sensitive information based on a preset splicing sequence to obtain a first token, and converts the first token through a preset conversion algorithm to generate the first dynamic password;
the second dynamic password is generated according to the random information and the sensitive information, specifically:
and splicing at least one of the random information and the sensitive information based on the preset splicing sequence to obtain a second token, and converting the second token through the preset conversion algorithm to generate the second dynamic password.
In the embodiment of the application, at least one of the random information and the sensitive information is spliced through the preset splicing sequence, and a preset conversion algorithm (comprising an encryption algorithm) is adopted for conversion to generate the dynamic password, so that the randomness and the safety of the dynamic password are further improved, and the reliability and the safety of door control unlocking are further improved.
In some possible embodiments, the responding to the unlocking request of the user, generating sensitive information based on the unlocking request and sending the sensitive information to the cloud server crypto-engine includes:
judging whether the mobile phone number input by the user is matched with a pre-stored mobile phone number library;
if yes, responding to an unlocking request of a user, generating sensitive information based on the unlocking request, and sending the sensitive information to a cloud server cipher machine;
if not, rejecting the unlocking request of the user.
In the embodiment of the application, a verification process is additionally arranged before the unlocking request is responded, whether the subsequent unlocking processing step is carried out is judged by verifying whether the mobile phone number input by the user is correct or not, and the reliability and the safety of the door control unlocking are further improved.
In some possible embodiments, the sensitive information and the random information are both transmitted after being converted into corresponding encrypted messages; wherein the encrypted message includes ciphertext and a message authentication code.
In the embodiment of the application, for the transmission of the sensitive information and the random information, the encryption transmission is carried out in a mode of being converted into the encryption message, so that the safety of data transmission is further improved, and the reliability and safety of door control unlocking are further improved.
In a second aspect, an embodiment of the present application provides a door lock control device based on a dynamic password, which is applied to an intelligent door lock, and includes:
the unlocking response module is used for responding to an unlocking request of a user, generating sensitive information based on the unlocking request and sending the sensitive information to the cloud server password machine, so that the cloud server password machine generates a first dynamic password according to random information and the sensitive information and sends the first dynamic password to a target mobile terminal corresponding to the unlocking request;
the unlocking control module is used for receiving an unlocking instruction sent by the target mobile terminal based on the first dynamic password, generating a second dynamic password according to the random information and the sensitive information, and verifying the unlocking instruction based on the second dynamic password so as to perform door lock control according to a verification result;
the random information is generated when the intelligent door lock responds to an unlocking request and is sent to the cloud server password machine, or the random information is generated when the cloud server password machine receives the sensitive information and is sent to the intelligent door lock.
In a third aspect, an embodiment of the present application provides a door lock control system based on a dynamic password, including an intelligent door lock and a cloud server crypto engine; wherein:
the intelligent door lock is used for responding to an unlocking request of a user, generating sensitive information based on the unlocking request and sending the sensitive information to the cloud server cipher machine;
the cloud server cipher machine is used for generating a first dynamic password according to the random information and the sensitive information and sending the first dynamic password to the target mobile terminal corresponding to the unlocking request;
the intelligent door lock is further used for receiving an unlocking instruction sent by the target mobile terminal based on the first dynamic password, generating a second dynamic password according to the random information and the sensitive information, verifying the unlocking instruction based on the second dynamic password, and controlling the door lock according to a verification result;
the random information is generated when the intelligent door lock responds to an unlocking request and is sent to the cloud server password machine, or the random information is generated when the cloud server password machine receives the sensitive information and is sent to the intelligent door lock.
In a fourth aspect, embodiments of the present application provide a computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the method according to any of the embodiments of the first aspect.
In a fifth aspect, embodiments of the present application provide a computer program product, where the computer program product includes a computer program, where the computer program when executed by a processor may implement a method according to any one of the embodiments of the first aspect.
In a sixth aspect, an embodiment of the present application provides an electronic device, including a memory, a processor, and a computer program stored on the memory and capable of running on the processor, where the processor executes the program to implement the method according to any one of the embodiments of the first aspect.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments of the present application will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and should not be considered as limiting the scope, and other related drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic flow chart of a door lock control method based on a dynamic password according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a door lock control device based on a dynamic password according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.
It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further definition or explanation thereof is necessary in the following figures. Meanwhile, in the description of the present application, the terms "first", "second", and the like are used only to distinguish the description, and are not to be construed as indicating or implying relative importance.
As shown in fig. 1, the embodiment of the present application provides a door lock control method based on a dynamic password, which is executed by an intelligent door lock and may include the steps of:
s1, responding to an unlocking request of a user, generating sensitive information based on the unlocking request and sending the sensitive information to a cloud server password machine, so that the cloud server password machine generates a first dynamic password according to random information and the sensitive information and sends the first dynamic password to a target mobile terminal corresponding to the unlocking request;
s2, receiving an unlocking instruction sent by the target mobile terminal based on the first dynamic password, generating a second dynamic password according to the random information and the sensitive information, and verifying the unlocking instruction based on the second dynamic password so as to perform door lock control according to a verification result;
the random information is generated when the intelligent door lock responds to an unlocking request and is sent to the cloud server password machine, or the random information is generated when the cloud server password machine receives sensitive information and is sent to the intelligent door lock.
It should be noted that, when the user wants to unlock the door control, the user may initiate an unlocking request to the intelligent door lock, where the manner of initiating the unlocking request includes, but is not limited to, the following several ways: 1. initiating an unlocking request by triggering an unlocking component (which can be a button or a handle and the like) of the intelligent door lock; 2. initiating an unlocking request by inputting a mobile phone number (which can be input by a touch screen or a physical key and the like) to the intelligent door lock; 3. an unlocking signal (which can comprise a mobile phone number) is sent to the intelligent door lock in a short range through the mobile phone to trigger an unlocking request. When the intelligent door lock receives an unlocking request triggered by a user, corresponding sensitive information is generated based on the unlocking request triggered currently, the sensitive information can comprise one or more combinations of time for requesting unlocking, user ID (which can be identified by fingerprints, faces, mobile phone numbers and the like) for requesting unlocking, mobile phone numbers and the like, and the sensitive information is sent to a cloud server cipher machine.
After receiving the sensitive information, the cloud server cipher machine generates a first dynamic password according to the sensitive information and random information corresponding to the unlocking request, and sends the first dynamic password to the corresponding target mobile terminal. The random information may be one or more combinations of numbers, letters, and symbols; the random information is in a one-time-pad form, namely unique random information is generated once every unlocking, and the random information can be generated when the intelligent door lock responds to an unlocking request or can be generated when a cloud server cipher device receives sensitive information. In the cloud server cipher machine, one or more mobile phone numbers which are bound corresponding to the intelligent door lock can be stored, a target mobile terminal of a user who sends an unlocking request currently is matched according to the mobile phone number carried in the sensitive information or the mark information, and the first dynamic password is sent to the target mobile terminal. And then, the user can check the first dynamic password through the target mobile terminal, and input an unlocking instruction to the intelligent door lock according to the first dynamic password, so that the intelligent door lock can verify and unlock the unlocking instruction. It should be noted that, the user may directly input the first dynamic password as the unlocking command, or may change the input sequence of the characters or numbers according to a preset rule according to the first dynamic password, for example, input the unlocking command according to the reverse sequence of the first dynamic password.
After receiving an unlocking instruction input by a user, the intelligent door lock generates a second dynamic password according to the previously generated sensitive information corresponding to the current unlocking request and the previously generated random information corresponding to the current unlocking request (or generated and transmitted by the cloud server password), then verifies whether the unlocking instruction input by the user is consistent with the second dynamic password, if so, the door lock is controlled to be unlocked, and if not, the unlocking request of the user is refused. It should be noted that, the user may directly input the first dynamic password as an unlocking instruction, and at this time, the manner of generating the second dynamic password by the intelligent door lock is consistent with the manner of generating the first dynamic password by the cloud server cryptographic engine; the user can input the unlocking command according to other preset modes, for example, the first dynamic password is input in a reverse order, and then the intelligent door lock can generate a dynamic password according to the random information and the sensitive information and obtain the second dynamic password after the reverse order conversion. The specific mode can be set according to actual demands, so that the randomness of the verification unlocking instruction is further improved.
In the embodiment of the application, the random information is generated when the unlocking request is responded each time, and the dynamic password is generated according to the random information to verify the unlocking, so that the randomness of the unlocking process is improved, the unlocking and the copying are not easy to be cracked, and the reliability and the safety of the door control unlocking are improved.
In some possible embodiments, before generating the sensitive information based on the unlocking request and sending the sensitive information to the cloud server crypto-engine, further comprising:
responding to an unlocking request of a user, negotiating with a cloud server cipher machine to generate a session key corresponding to the unlocking request;
after negotiating with the cloud server crypto-engine to generate the session key corresponding to the unlocking request, the door lock control method based on the dynamic password further comprises the following steps:
and data encryption transmission is carried out between the intelligent door lock and the cloud server cipher machine and between the cloud server cipher machine and the target mobile terminal by adopting a session key corresponding to the unlocking request.
When the intelligent door lock responds to the unlocking request, a data transmission safety channel can be established with the cloud server cipher machine, a session key is generated through negotiation and is used for data transmission (including encryption and decryption processes) between the intelligent door lock and the cloud server cipher machine and between the cloud server cipher machine and the target mobile terminal, and the safety of the data transmission is improved. It should be noted that, the session key is in a form of one-time pad, that is, a unique session key is generated each time when the unlocking request is responded, so that the randomness of the door control unlocking process is further improved.
In the embodiment of the application, the session key of one-time pad is negotiated and generated when the unlocking request is responded, so that data transmission between the intelligent door lock and the cloud server password and between the cloud server password machine and the mobile terminal is encrypted, the randomness of the session key is enhanced, the safety of the data transmission is improved, and the reliability and the safety of door control unlocking are further improved.
In some possible embodiments, the sensitive information includes at least one of: IP address of intelligent door lock, mobile phone number carried by unlocking request, timestamp corresponding to unlocking request.
It should be noted that the sensitive information may include one or more information, for example, including an IP address of the smart door lock, a mobile phone number carried by the unlocking request, a timestamp corresponding to the unlocking request, and so on. In addition, the types and the amounts of the generated sensitive information can be different when the unlocking request is responded each time, for example, when the unlocking request is responded for the nth time, the generated sensitive information comprises two kinds of information including a mobile phone number carried by the unlocking request and a time stamp corresponding to the unlocking request, and when the unlocking request is responded for the (n+1) th time, the generated sensitive information comprises three kinds of information including an IP address of the intelligent door lock, the mobile phone number carried by the unlocking request and the time stamp corresponding to the unlocking request. By the configuration, the randomness of the dynamic password generation is further improved, and therefore the reliability and safety of door control unlocking are further improved.
In some possible embodiments, the cloud server crypto-engine generates a first dynamic password according to the random information and the sensitive information, specifically:
the cloud server cipher machine splices at least one of the random information and the sensitive information based on a preset splicing sequence to obtain a first token, and converts the first token through a preset conversion algorithm to generate a first dynamic password;
generating a second dynamic password according to the random information and the sensitive information, wherein the second dynamic password is specifically:
and splicing at least one of the random information and the sensitive information based on a preset splicing sequence to obtain a second token, and converting the second token through a preset conversion algorithm to generate a second dynamic password.
It should be noted that, when the first dynamic password is generated, one or more kinds of information of the random information and the sensitive information may be spliced based on a preset splicing sequence. For example, assuming that the random information is denoted as R, when the sensitive information includes three information including an IP address (denoted as IP) of the smart door lock, a mobile phone number (denoted as TEL) carried by the unlocking request, and a timestamp (denoted as T1) corresponding to the unlocking request, the first token may be spliced by R, IP, TEL, T1 or the like in any order, for example, IP-T1-R-TEL. Correspondingly, the intelligent door lock generates the second dynamic password based on the random information and the sensitive information in the same way as the process. At least one of the random information and the sensitive information is spliced according to a preset splicing sequence, and a preset conversion algorithm (comprising an encryption algorithm) is adopted for conversion to generate a dynamic password, so that the randomness and the safety of the dynamic password are further improved, and the reliability and the safety of door control unlocking are further improved.
In some possible embodiments, in response to an unlocking request by a user, generating and transmitting sensitive information to a cloud server cryptographic engine based on the unlocking request, comprising:
judging whether the mobile phone number input by the user is matched with a pre-stored mobile phone number library;
if yes, responding to an unlocking request of a user, generating sensitive information based on the unlocking request, and sending the sensitive information to a cloud server cipher machine;
if not, rejecting the unlocking request of the user.
Before responding to the unlocking request of the user, it may be first determined whether the mobile phone number input by the user is matched with the pre-stored mobile phone number library, that is, whether the pre-stored mobile phone number library has the same number as the mobile phone number input by the user, if so, the subsequent unlocking verification step is continued, and if not, the unlocking request of the user is directly refused. Whether the user is a legal unlocking user or not is rapidly verified, whether the subsequent unlocking step is carried out or not is judged, unlocking verification efficiency is improved, and calculation pressure of the system for illegal unlocking verification is reduced. Meanwhile, the unlocking legitimacy is ensured through a plurality of verification programs, and the reliability and safety of the door control unlocking are further improved.
In some possible embodiments, the sensitive information and the random information are transmitted after being converted into corresponding encrypted messages; wherein the encrypted message includes ciphertext and a message authentication code.
In this embodiment, for the transmission of the sensitive information and the random information, the encrypted transmission is performed by converting the sensitive information and the random information into an encrypted message, where the encrypted message includes a ciphertext and a message authentication code, and the ciphertext is obtained by calculating the sensitive information or the random information based on a preset encryption algorithm (such as a hash algorithm), and the message authentication code may be a message authentication code MAC or a message authentication code HMAC with a key. Because the encrypted message has uniqueness and encryption, the situation that data are intercepted or copied is further avoided, so that the safety of data transmission is improved, and the reliability and safety of door control unlocking are further improved.
By way of example, the embodiments of the present application are described in detail below:
in the embodiment of the application, the related hardware device includes: intelligent door locks, cloud server crypto-sets, mobile terminals (cell phones, ipad, smartwatches, etc.);
the unlocking process may include the steps of:
1. the user inputs a mobile phone number (equivalent to initiating an unlocking request) on the intelligent door lock;
2. the intelligent door lock firstly compares whether the input mobile phone number is consistent with the mobile phone number stored in a pre-binding way;
3. if the Key is consistent, the intelligent door lock and the cloud server cipher machine establish a safety channel and negotiate to generate a one-time-pad session Key, otherwise, the unlocking request of the user is refused;
4. the intelligent door lock encrypts and calculates an encrypted message (message authentication code (MAC) or a message authentication code (HMAC) with a secret Key) of sensitive information (M) of the intelligent door lock by utilizing a session Key (Key) negotiated by a security channel, and sends the encrypted message to a cipher machine of a cloud server, so that confidentiality and integrity of data in a transmission process are ensured; the sensitive information M of the intelligent door lock comprises an IP address, a mobile phone number TEL and a time stamp T1;
5. after the cloud server cipher machine receives the information, decrypting the ciphertext of the sensitive information M by using the session Key Key, and verifying the integrity of the sensitive information M;
6. the cloud server cipher machine generates a random number R (random information of a number string type), encrypts the random number R by using a session Key Key and calculates an encrypted message (a message authentication code MAC or a message authentication code HMAC with a Key) of R, and sends the encrypted message to the intelligent door lock;
7. after the intelligent door receives the encrypted message of the random number R, the intelligent door decrypts and verifies the integrity of the random number R by using the session key;
8. the cloud server cipher machine splices the random number R and the sensitive information M of the intelligent door lock to generate a first token: token1=T1|IP||TEL|R, then the session Key is used, encryption calculation is carried out on Token1 by adopting SM3 and SM4 algorithms, acquiring a first dynamic password P1, and sending the first dynamic password P1 to a corresponding mobile terminal;
9. the user inputs a first dynamic password P1 (used as an unlocking instruction) acquired by the mobile terminal into the intelligent door lock;
10. after the intelligent door lock receives the unlocking command P1, the second dynamic password P2 is calculated and obtained in the same mode as the 8 th step, whether the values of P1 and P2 are consistent is compared, if so, the intelligent door lock passes verification, the door lock is controlled to unlock, otherwise, the verification fails, and the unlocking request of the user is refused.
Referring to fig. 2, fig. 2 is a block diagram illustrating a door lock control device based on a dynamic password according to some embodiments of the present application. It should be understood that the dynamic password-based door lock control apparatus corresponds to the above-described method embodiment of fig. 1, and is capable of performing the steps involved in the above-described method embodiment, and specific functions of the dynamic password-based door lock control apparatus may be referred to the above description, and detailed descriptions thereof are omitted herein as appropriate to avoid redundancy.
The dynamic password-based door lock control device of fig. 2 includes at least one software function module which can be stored in a memory in the form of software or firmware or solidified in the dynamic password-based door lock control device, and the dynamic password-based door lock control device is applied to an intelligent door lock, and comprises:
the unlocking response module 210 is configured to respond to an unlocking request of a user, generate sensitive information based on the unlocking request, and send the sensitive information to the cloud server crypto-engine, so that the cloud server crypto-engine generates a first dynamic password according to the random information and the sensitive information and sends the first dynamic password to a target mobile terminal corresponding to the unlocking request;
the unlocking control module 220 is configured to receive an unlocking instruction sent by the target mobile terminal based on the first dynamic password, generate a second dynamic password according to the random information and the sensitive information, and verify the unlocking instruction based on the second dynamic password, so as to perform door lock control according to a verification result;
the random information is generated when the intelligent door lock responds to an unlocking request and is sent to the cloud server password machine, or the random information is generated when the cloud server password machine receives sensitive information and is sent to the intelligent door lock.
It can be understood that the embodiment of the device item corresponds to the embodiment of the method item of the present invention, and the door lock control device based on the dynamic password provided by the embodiment of the present invention may implement the door lock control method based on the dynamic password provided by any one of the embodiments of the method item of the present invention.
It will be clear to those skilled in the art that, for convenience and brevity of description, reference may be made to the corresponding procedure in the foregoing method for the specific working procedure of the apparatus described above, and this will not be repeated here.
The embodiment of the application provides a door lock control system based on a dynamic password, which comprises an intelligent door lock and a cloud server cipher machine; wherein:
the intelligent door lock is used for responding to an unlocking request of a user, generating sensitive information based on the unlocking request and sending the sensitive information to the cloud server cipher machine;
the cloud server cipher machine is used for generating a first dynamic password according to the random information and the sensitive information and sending the first dynamic password to the target mobile terminal corresponding to the unlocking request;
the intelligent door lock is further used for receiving an unlocking instruction sent by the target mobile terminal based on the first dynamic password, generating a second dynamic password according to the random information and the sensitive information, verifying the unlocking instruction based on the second dynamic password, and controlling the door lock according to a verification result;
the random information is generated when the intelligent door lock responds to an unlocking request and is sent to the cloud server password machine, or the random information is generated when the cloud server password machine receives the sensitive information and is sent to the intelligent door lock.
As shown in fig. 3, some embodiments of the present application provide an electronic device 300, the electronic device 300 comprising: memory 310, processor 320, and a computer program stored on memory 310 and executable on processor 320, wherein processor 320, when reading the program from memory 310 via bus 330 and executing the program, may implement the method of any of the embodiments as included in the dynamic password-based door lock control method described above.
Processor 320 may process digital signals and may include various computing structures. Such as a complex instruction set computer architecture, a reduced instruction set computer architecture, or an architecture that implements a combination of instruction sets. In some examples, processor 320 may be a microprocessor.
Memory 310 may be used for storing instructions to be executed by processor 320 or data related to execution of the instructions. Such instructions and/or data may include code to implement some or all of the functions of one or more modules described in embodiments of the present application. The processor 320 of the disclosed embodiments may be configured to execute instructions in the memory 310 to implement the methods shown above. Memory 310 includes dynamic random access memory, static random access memory, flash memory, optical memory, or other memory known to those skilled in the art.
Some embodiments of the present application also provide a computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the method of the method embodiment.
Some embodiments of the present application also provide a computer program product which, when run on a computer, causes the computer to perform the method described by the method embodiments.
It should be noted that, in the present specification, each embodiment is described in a progressive manner, and each embodiment is mainly described as different from other embodiments, and identical and similar parts between the embodiments are all enough to be referred to each other. For the apparatus class embodiments, the description is relatively simple as it is substantially similar to the method embodiments, and reference is made to the description of the method embodiments for relevant points.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. The apparatus embodiments described above are merely illustrative, for example, flow diagrams and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, the functional modules in the embodiments of the present application may be integrated together to form a single part, or each module may exist alone, or two or more modules may be integrated to form a single part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing is merely exemplary embodiments of the present application and is not intended to limit the scope of the present application, and various modifications and variations may be suggested to one skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principles of the present application should be included in the protection scope of the present application. It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further definition or explanation thereof is necessary in the following figures.
The foregoing is merely specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the present application, and the changes and substitutions are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

Claims (8)

1. A door lock control method based on a dynamic password, which is executed by an intelligent door lock, comprising:
responding to an unlocking request of a user, generating sensitive information based on the unlocking request and sending the sensitive information to a cloud server password machine, so that the cloud server password machine generates a first dynamic password according to random information and the sensitive information and sends the first dynamic password to a target mobile terminal corresponding to the unlocking request; the sensitive information includes at least one of: the IP address of the intelligent door lock, the mobile phone number carried by the unlocking request and the timestamp corresponding to the unlocking request are different from the type or the quantity of information contained in the sensitive information generated when the intelligent door lock responds to the unlocking request of a user each time;
receiving an unlocking instruction sent by the target mobile terminal based on the first dynamic password, generating a second dynamic password according to the random information and the sensitive information, and verifying the unlocking instruction based on the second dynamic password so as to perform door lock control according to a verification result;
the random information is generated when the intelligent door lock responds to an unlocking request and is sent to the cloud server password machine, or the random information is generated when the cloud server password machine receives the sensitive information and is sent to the intelligent door lock;
the responding to the unlocking request of the user, generating sensitive information based on the unlocking request and sending the sensitive information to the cloud server cipher machine, comprises the following steps:
judging whether the mobile phone number input by the user is matched with a pre-stored mobile phone number library;
if yes, responding to an unlocking request of a user, generating sensitive information based on the unlocking request, and sending the sensitive information to a cloud server cipher machine;
if not, rejecting the unlocking request of the user.
2. The dynamic password-based door lock control method according to claim 1, further comprising, before the generating of the sensitive information based on the unlocking request and transmitting to a cloud server crypto engine:
responding to an unlocking request of a user, negotiating with a cloud server cipher machine to generate a session key corresponding to the unlocking request;
after the negotiation with the cloud server crypto-engine to generate the session key corresponding to the unlocking request, the door lock control method based on the dynamic password further comprises the following steps:
and data encryption transmission is carried out between the intelligent door lock and the cloud server cipher machine and between the cloud server cipher machine and the target mobile terminal by adopting the session key corresponding to the unlocking request.
3. The door lock control method based on the dynamic password according to claim 2, wherein the cloud server crypto-engine generates a first dynamic password according to random information and the sensitive information, specifically:
the cloud server crypto machine splices at least one of the random information and the sensitive information based on a preset splicing sequence to obtain a first token, and converts the first token through a preset conversion algorithm to generate the first dynamic password;
the second dynamic password is generated according to the random information and the sensitive information, specifically:
and splicing at least one of the random information and the sensitive information based on the preset splicing sequence to obtain a second token, and converting the second token through the preset conversion algorithm to generate the second dynamic password.
4. A door lock control method based on dynamic password according to any one of claims 1 to 3, wherein the sensitive information and the random information are transmitted after being converted into corresponding encrypted messages; wherein the encrypted message includes ciphertext and a message authentication code.
5. Door lock control device based on dynamic password, characterized in that is applied to intelligent door lock, includes:
the unlocking response module is used for responding to an unlocking request of a user, generating sensitive information based on the unlocking request and sending the sensitive information to the cloud server password machine, so that the cloud server password machine generates a first dynamic password according to random information and the sensitive information and sends the first dynamic password to a target mobile terminal corresponding to the unlocking request; the sensitive information includes at least one of: the IP address of the intelligent door lock, the mobile phone number carried by the unlocking request and the timestamp corresponding to the unlocking request are different from the type or the quantity of information contained in the sensitive information generated when the intelligent door lock responds to the unlocking request of a user each time;
the unlocking control module is used for receiving an unlocking instruction sent by the target mobile terminal based on the first dynamic password, generating a second dynamic password according to the random information and the sensitive information, and verifying the unlocking instruction based on the second dynamic password so as to perform door lock control according to a verification result;
the random information is generated when the intelligent door lock responds to an unlocking request and is sent to the cloud server password machine, or the random information is generated when the cloud server password machine receives the sensitive information and is sent to the intelligent door lock;
the unlocking response module is specifically used for:
judging whether the mobile phone number input by the user is matched with a pre-stored mobile phone number library;
if yes, responding to an unlocking request of a user, generating sensitive information based on the unlocking request, and sending the sensitive information to a cloud server cipher machine;
if not, rejecting the unlocking request of the user.
6. The door lock control system based on the dynamic password is characterized by comprising an intelligent door lock and a cloud server cipher machine; wherein:
the intelligent door lock is used for responding to an unlocking request of a user, generating sensitive information based on the unlocking request and sending the sensitive information to the cloud server cipher machine; the sensitive information includes at least one of: the IP address of the intelligent door lock, the mobile phone number carried by the unlocking request and the timestamp corresponding to the unlocking request are different from the type or the quantity of information contained in the sensitive information generated when the intelligent door lock responds to the unlocking request of a user each time;
the cloud server cipher machine is used for generating a first dynamic password according to the random information and the sensitive information and sending the first dynamic password to the target mobile terminal corresponding to the unlocking request;
the intelligent door lock is further used for receiving an unlocking instruction sent by the target mobile terminal based on the first dynamic password, generating a second dynamic password according to the random information and the sensitive information, verifying the unlocking instruction based on the second dynamic password, and controlling the door lock according to a verification result;
the random information is generated when the intelligent door lock responds to an unlocking request and is sent to the cloud server password machine, or the random information is generated when the cloud server password machine receives the sensitive information and is sent to the intelligent door lock;
the intelligent door lock is specifically used for:
judging whether the mobile phone number input by the user is matched with a pre-stored mobile phone number library;
if yes, responding to an unlocking request of a user, generating sensitive information based on the unlocking request, and sending the sensitive information to a cloud server cipher machine;
if not, rejecting the unlocking request of the user.
7. An electronic device comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor, when executing the program, implements the dynamic password-based door lock control method of any one of claims 1-4.
8. A computer readable storage medium, wherein a computer program is stored on the computer readable storage medium, and when the computer program is executed by a processor, the computer program performs the dynamic password-based door lock control method according to any one of claims 1 to 4.
CN202311182234.8A 2023-09-14 2023-09-14 Door lock control method, device, system, equipment and medium based on dynamic password Active CN116912985B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311182234.8A CN116912985B (en) 2023-09-14 2023-09-14 Door lock control method, device, system, equipment and medium based on dynamic password

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311182234.8A CN116912985B (en) 2023-09-14 2023-09-14 Door lock control method, device, system, equipment and medium based on dynamic password

Publications (2)

Publication Number Publication Date
CN116912985A CN116912985A (en) 2023-10-20
CN116912985B true CN116912985B (en) 2023-12-19

Family

ID=88367355

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311182234.8A Active CN116912985B (en) 2023-09-14 2023-09-14 Door lock control method, device, system, equipment and medium based on dynamic password

Country Status (1)

Country Link
CN (1) CN116912985B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101127133A (en) * 2007-09-11 2008-02-20 中国移动通信集团湖北有限公司 Door access remote management method
CN103679883A (en) * 2013-12-02 2014-03-26 大连智慧城科技有限公司 Inductive door control system based on WIFI
CN106603241A (en) * 2016-12-11 2017-04-26 乐视控股(北京)有限公司 Unlocking method, apparatus and electronic device
CN109300208A (en) * 2018-09-03 2019-02-01 李扬渊 Method for unlocking, unlocking apparatus, lock system, lock device and storage medium
CN109993858A (en) * 2017-12-29 2019-07-09 国民技术股份有限公司 A kind of unlocking authentication method, smart lock and server
CN114758433A (en) * 2022-02-23 2022-07-15 珠海汇金科技股份有限公司 Cloud-based dynamic password generation method and system and intelligent lock
CN115171245A (en) * 2022-06-09 2022-10-11 郑州信大捷安信息技术股份有限公司 HCE-based door lock security authentication method and system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101127133A (en) * 2007-09-11 2008-02-20 中国移动通信集团湖北有限公司 Door access remote management method
CN103679883A (en) * 2013-12-02 2014-03-26 大连智慧城科技有限公司 Inductive door control system based on WIFI
CN106603241A (en) * 2016-12-11 2017-04-26 乐视控股(北京)有限公司 Unlocking method, apparatus and electronic device
CN109993858A (en) * 2017-12-29 2019-07-09 国民技术股份有限公司 A kind of unlocking authentication method, smart lock and server
CN109300208A (en) * 2018-09-03 2019-02-01 李扬渊 Method for unlocking, unlocking apparatus, lock system, lock device and storage medium
CN114758433A (en) * 2022-02-23 2022-07-15 珠海汇金科技股份有限公司 Cloud-based dynamic password generation method and system and intelligent lock
CN115171245A (en) * 2022-06-09 2022-10-11 郑州信大捷安信息技术股份有限公司 HCE-based door lock security authentication method and system

Also Published As

Publication number Publication date
CN116912985A (en) 2023-10-20

Similar Documents

Publication Publication Date Title
US8775794B2 (en) System and method for end to end encryption
US8930700B2 (en) Remote device secure data file storage system and method
US7024690B1 (en) Protected mutual authentication over an unsecured wireless communication channel
KR100979576B1 (en) Methods for remotely changing a communications password
US6732270B1 (en) Method to authenticate a network access server to an authentication server
CN108471352B (en) Processing method, system, computer equipment and storage medium based on distributed private key
CN109981562B (en) Software development kit authorization method and device
WO2016026031A1 (en) Methods and systems for client-enhanced challenge-response authentication
WO2009140663A1 (en) Mobile device assisted secure computer network communications
WO2009158086A2 (en) Techniques for ensuring authentication and integrity of communications
US8423766B2 (en) Authentication method, authentication apparatus, and computer product
CN109981665B (en) Resource providing method and device, and resource access method, device and system
CN110659467A (en) Remote user identity authentication method, device, system, terminal and server
EP3513539B1 (en) User sign-in and authentication without passwords
CN111327629B (en) Identity verification method, client and server
CN112241527B (en) Secret key generation method and system of terminal equipment of Internet of things and electronic equipment
CN111800378A (en) Login authentication method, device, system and storage medium
CN112769789B (en) Encryption communication method and system
JP7250960B2 (en) User authentication and signature device using user biometrics, and method thereof
JP5622668B2 (en) Application authentication system, application authentication method
CN116912985B (en) Door lock control method, device, system, equipment and medium based on dynamic password
KR20000039411A (en) Authorization method using coding mechanism and disposable password
CN116866093B (en) Identity authentication method, identity authentication device, and readable storage medium
CN115242471B (en) Information transmission method, information transmission device, electronic equipment and computer readable storage medium
CN115834077B (en) Control method, control system, electronic device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant