CN117609965A - Upgrade data packet acquisition method of intelligent device, intelligent device and storage medium - Google Patents
Upgrade data packet acquisition method of intelligent device, intelligent device and storage medium Download PDFInfo
- Publication number
- CN117609965A CN117609965A CN202410083587.0A CN202410083587A CN117609965A CN 117609965 A CN117609965 A CN 117609965A CN 202410083587 A CN202410083587 A CN 202410083587A CN 117609965 A CN117609965 A CN 117609965A
- Authority
- CN
- China
- Prior art keywords
- data packet
- key
- intelligent device
- user
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 63
- 238000003860 storage Methods 0.000 title claims abstract description 21
- 238000004422 calculation algorithm Methods 0.000 claims description 121
- 238000006243 chemical reaction Methods 0.000 claims description 16
- 238000004590 computer program Methods 0.000 claims description 11
- 230000002159 abnormal effect Effects 0.000 claims description 8
- 238000012545 processing Methods 0.000 claims description 7
- 238000005516 engineering process Methods 0.000 abstract description 6
- 238000004458 analytical method Methods 0.000 description 7
- 238000001514 detection method Methods 0.000 description 7
- 238000000605 extraction Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 6
- 230000005540 biological transmission Effects 0.000 description 5
- 239000000284 extract Substances 0.000 description 5
- 238000012549 training Methods 0.000 description 5
- 238000004891 communication Methods 0.000 description 4
- 238000013135 deep learning Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 238000005336 cracking Methods 0.000 description 3
- 230000002441 reversible effect Effects 0.000 description 3
- 238000001228 spectrum Methods 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 230000005856 abnormality Effects 0.000 description 2
- 238000013478 data encryption standard Methods 0.000 description 2
- 230000005284 excitation Effects 0.000 description 2
- 230000001815 facial effect Effects 0.000 description 2
- 238000001727 in vivo Methods 0.000 description 2
- 238000005457 optimization Methods 0.000 description 2
- 238000000513 principal component analysis Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 230000002194 synthesizing effect Effects 0.000 description 2
- 230000001755 vocal effect Effects 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008094 contradictory effect Effects 0.000 description 1
- 238000013527 convolutional neural network Methods 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 230000000670 limiting effect Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000012806 monitoring device Methods 0.000 description 1
- 238000010606 normalization Methods 0.000 description 1
- 238000012856 packing Methods 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 230000002829 reductive effect Effects 0.000 description 1
- 230000011218 segmentation Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000007619 statistical method Methods 0.000 description 1
- 238000012706 support-vector machine Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V40/00—Recognition of biometric, human-related or animal-related patterns in image or video data
- G06V40/10—Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
- G06V40/16—Human faces, e.g. facial parts, sketches or expressions
- G06V40/168—Feature extraction; Face representation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/062—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying encryption of the keys
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Multimedia (AREA)
- Signal Processing (AREA)
- Technology Law (AREA)
- Oral & Maxillofacial Surgery (AREA)
- Computing Systems (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Human Computer Interaction (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application relates to a data identification technology, and discloses an upgrade data packet acquisition method of intelligent equipment, which comprises the following steps: when the intelligent equipment receives a first data packet from the service end, acquiring a face image and user voice; acquiring a first key based on the face image, and decrypting the first data packet by using the first key to obtain a second data packet; acquiring a second key based on the user voice, and decrypting the second data packet by using the second key to obtain a third data packet; and acquiring a third secret key based on the serial number corresponding to the intelligent equipment, and decrypting the third data packet by using the third secret key to obtain an upgrade data packet, wherein the service end sequentially encrypts the upgrade data packet to generate a first data packet. The application also discloses an intelligent device and a computer readable storage medium. The method and the device aim at improving the safety of online acquisition of the upgrade data packet of the intelligent equipment and preventing illegal hijacking and tampering of the upgrade data packet so as to protect the safety of the intelligent equipment.
Description
Technical Field
The present disclosure relates to the field of data identification technologies, and in particular, to an upgrade data packet obtaining method of an intelligent device, the intelligent device, and a computer readable storage medium.
Background
With the popularization of internet technology, nowadays, intelligent devices (such as smart phones, digital television set-top boxes, various video playing boxes, learning machines, game machines, video conference machines, various monitoring devices, etc.) are often updated and upgraded remotely by the intelligent devices through a server (i.e. cloud service) in an iterative manner. The updating iterative mode enables the intelligent equipment to acquire new functions, performance optimization and security patches timely and conveniently.
However, when the existing intelligent device is subjected to remote upgrading, the obtained upgrading data packet is easy to hijack and tamper illegally in the process of obtaining the upgrading data packet from the server, so that the intelligent device of the user is easy to infect viruses and trojans, and the security of the intelligent device is extremely challenging.
The foregoing is merely provided to facilitate an understanding of the principles of the present application and is not admitted to be prior art.
Disclosure of Invention
The main purpose of the application is to provide an upgrade data packet acquisition method of an intelligent device, an upgrade data packet acquisition device of the intelligent device, the intelligent device and a computer readable storage medium, aiming at improving the safety of online upgrade data packet acquisition of the intelligent device and preventing illegal hijacking and tampering of the upgrade data packet.
In order to achieve the above objective, the present application provides a method for obtaining an upgrade data packet of an intelligent device, including the following steps:
when the intelligent equipment receives a first data packet from a service end, acquiring user data, wherein the user data comprises a face image and user voice;
acquiring a first key based on the face image, and decrypting the first data packet by using the first key to obtain a second data packet;
acquiring a second key based on the user voice, and decrypting the second data packet by using the second key to obtain a third data packet;
and acquiring a third key based on the serial number corresponding to the intelligent equipment, and decrypting the third data packet by using the third key to obtain an upgrade data packet, wherein the server side sequentially encrypts the upgrade data packet by using the pre-stored user data and the key corresponding to the serial number to generate a first data packet.
Optionally, the user data further includes a user fingerprint; the step of acquiring the first key based on the face image comprises the following steps:
acquiring a face characteristic value based on the face image and acquiring a fingerprint characteristic value based on the user fingerprint;
generating a first characteristic value according to the face characteristic value and the fingerprint characteristic value;
And generating a first key based on a key generation algorithm agreed with the server and the first characteristic value.
Optionally, the user data further includes a user fingerprint; the step of obtaining a second key based on the user's voice comprises:
acquiring a voiceprint feature value based on the user voice, and acquiring a fingerprint feature value based on the user fingerprint;
generating a second characteristic value according to the voiceprint characteristic value and the fingerprint characteristic value;
and generating a second key based on a key generation algorithm agreed with the server and the second characteristic value.
Optionally, the step of generating the second feature value according to the voiceprint feature value and the fingerprint feature value includes:
generating a second characteristic value according to the voiceprint characteristic value, the fingerprint characteristic value and a preset hash value;
the server encrypts the generation time stamp of the third data packet and the second data packet to obtain the first data packet; and the intelligent equipment decrypts the first data packet, obtains the second data packet and the generation time stamp, adopts a hash algorithm agreed with the server, and calculates the preset hash value based on the generation time stamp.
Optionally, before the step of collecting the user data when the intelligent device receives the first data packet from the server, the method further includes:
after the intelligent equipment acquires the reference data corresponding to the user data, uploading the reference data and the serial numbers corresponding to the intelligent equipment to a server;
and the server generates the user data and the secret key corresponding to the serial number by adopting a secret key generation algorithm agreed with the intelligent equipment based on the reference data and the serial number respectively.
Optionally, the method for acquiring the upgrade data packet of the intelligent device further includes:
after the intelligent equipment collects the reference user voice in the reference data, voice print conversion processing is carried out on the reference user voice by adopting a voice print conversion algorithm, and converted reference user voice is obtained;
after the server receives the converted reference user voice uploaded by the intelligent device, a restoration algorithm corresponding to the voiceprint conversion algorithm is adopted to restore the reference user voice, and the second key is generated by adopting the key generation algorithm based on the restored reference user voice.
Optionally, the key generation algorithms agreed by the intelligent device and the server are multiple, and the intelligent device and the server select at least one key generation algorithm from the multiple key generation algorithms according to the version number corresponding to the upgrade data packet, so as to generate the corresponding key.
Optionally, after the step of collecting the user data when the intelligent device receives the first data packet from the server, the method further includes:
if the intelligent device cannot decrypt any one of the second data packet, the third data packet and the upgrade data packet, abnormal alarm is carried out.
To achieve the above object, the present application further provides an intelligent device, including: the system comprises a memory, a processor and a computer program stored in the memory and capable of running on the processor, wherein the computer program realizes the steps of the method for acquiring the upgrade data packet of the intelligent device when being executed by the processor.
To achieve the above object, the present application further provides a computer readable storage medium having a computer program stored thereon, which when executed by a processor, implements the steps of the method for acquiring an upgrade data packet of the above-mentioned smart device.
According to the method for acquiring the upgrade data packet of the intelligent device, the intelligent device and the computer readable storage medium, the server side encrypts the upgrade data packet by using the user data and the related serial numbers of the intelligent device and then issues the upgrade data packet, and the intelligent device needs to acquire the user data again and acquire the upgrade data packet by using the serial numbers in a mode of decrypting by using the multiple secret keys after acquiring the encrypted data packet, so that the safety of the intelligent device for acquiring the upgrade data packet online is improved, illegal hijacking and tampering of the upgrade data packet are prevented, and the safety of the intelligent device is protected.
Drawings
Fig. 1 is a schematic diagram of steps of an upgrade data packet obtaining method of an intelligent device according to an embodiment of the present application;
fig. 2 is a schematic diagram of steps of an upgrade data packet obtaining method of the intelligent device according to another embodiment of the present application;
fig. 3 is a schematic block diagram of an internal structure of a smart device according to an embodiment of the present application.
The realization, functional characteristics and advantages of the present application will be further described with reference to the embodiments, referring to the attached drawings.
Detailed Description
Embodiments of the present application are described in detail below, examples of which are illustrated in the accompanying drawings, wherein the same or similar reference numerals refer to the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the drawings are exemplary and intended to explain the present application and should not be construed as limiting the present application, and all other embodiments obtained by persons of ordinary skill in the art without creative efforts based on the embodiments in the present application are within the scope of protection of the present application.
Furthermore, the description of "first," "second," and the like, when referred to in this application, is for descriptive purposes only (e.g., to distinguish between identical or similar elements) and is not to be construed as indicating or implying a relative importance or an implicit indication of the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include at least one such feature. In addition, the technical solutions of the embodiments may be combined with each other, but it is necessary to base that the technical solutions can be realized by those skilled in the art, and when the technical solutions are contradictory or cannot be realized, the combination of the technical solutions should be regarded as not exist and not within the protection scope of the present application.
Referring to fig. 1, in an embodiment, the method for obtaining an upgrade data packet of the smart device includes:
step S10, when the intelligent equipment receives a first data packet from a server, user data are collected, wherein the user data comprise face images and user voices;
step S20, acquiring a first key based on the face image, and decrypting the first data packet by using the first key to obtain a second data packet;
step S30, acquiring a second key based on the user voice, and decrypting the second data packet by using the second key to obtain a third data packet;
and S40, acquiring a third key based on the serial number corresponding to the intelligent equipment, and decrypting the third data packet by using the third key to obtain an upgrade data packet, wherein the server side sequentially encrypts the upgrade data packet by using the pre-stored user data and the key corresponding to the serial number to generate a first data packet.
In this embodiment, the execution terminal of the embodiment may be an intelligent device, or may be another device or apparatus (such as a virtual control apparatus) for controlling the intelligent device.
Step S10, a server responsible for issuing an upgrade data packet of the intelligent device stores a key related to user data and a key corresponding to a serial number of the intelligent device in advance. The user data comprises a face image and user voice; the serial number may be a unique device identification number (such as SN (Serial Number)) of the smart device, or may be CPU (Central Processing Unit) serial number of the smart device, serial number of the audio chip, or the like.
Optionally, a key corresponding to the face image is marked as a first key, a key corresponding to the voice of the user is marked as a second key, and a key corresponding to the serial number of the intelligent device is marked as a third key.
Optionally, when the server needs to issue the upgrade data packet, the upgrade data packet is encrypted by using a third key to generate a third data packet; then encrypting the third data packet using the second key to generate a second data packet; and finally, encrypting the second data packet by using the first key to generate a first data packet. And the first data packet finally generated is the data packet issued for all legal devices.
Optionally, when the intelligent device acquires the first data packet from the server through the network communication service, the intelligent device may collect user data on site, where the user data includes at least a face image and user voice. These user data will be used in subsequent key acquisition and decryption processes.
Optionally, the intelligent device collects face image data of the user in real time through the corresponding camera.
Optionally, the intelligent device collects voice data of the user through a built-in microphone or other voice collection device.
As described in step S20, the intelligent device may process the collected face image by using a face recognition algorithm, and extract a face feature value in the face image. These feature values may include information such as the contours of the face, the key point locations, etc.
For example, a face detection algorithm or a face detection model is used to find a face region in an image, which may be implemented by using a method such as a face recognition algorithm composed of Haar feature operators+cascades detectors, an image recognition algorithm composed of HOG directional gradient features+svm support vector machines, a convolutional neural network, and the like. Then, a face key point detection algorithm is used to mark some key feature points (such as eyes, mouth, nose, etc.) in the face region, and then the extracted key feature points are converted into a vector or feature descriptor with a fixed length as a face feature value, which can be implemented by using algorithms such as principal component analysis (Principal Component Analysis, PCA), linear discriminant analysis (Linear Discriminant Analysis, LDA), local binary pattern (Local Binary Pattern, LBP), etc.
Optionally, the face feature value extracted from the face image is processed and converted to generate a first feature value. This process may be implemented using a feature encoding algorithm, a feature extraction algorithm, or a hashing algorithm.
Optionally, the intelligent device may generate the corresponding first key using a key generation algorithm agreed with the server and the first feature value as inputs. The agreed key generation algorithm refers to a key generation algorithm adopted by the intelligent device, and is consistent with a key generation algorithm adopted when a key stored by a server is generated.
Optionally, if the server adopts a symmetric encryption mode, the first key generated by the intelligent device is consistent with the first key used by the server; if the server side adopts an asymmetric encryption mode, the intelligent device also adopts an asymmetric encryption algorithm to generate a first key, and the generated first key comprises a private key and a public key, wherein the public key in the first key used by the server side is used for encrypting data, and the private key in the first key is used for decrypting data by the intelligent device.
Alternatively, the key generation algorithm adopted in the symmetric encryption mode may be DES (Data Encryption Standard) algorithm, AES (Advanced Encryption Standard) algorithm, RC4 (Rivest Cipher 4) algorithm, or the like; the key generation algorithm adopted by the asymmetric encryption mode can be an RSA (Rivest-Shamir-Adleman) algorithm, an elliptic curve cryptography algorithm and the like.
Optionally, the intelligent device uses the obtained first key to decrypt the received first data packet, and the data packet obtained after decryption is the second data packet.
Optionally, if the intelligent device has a plurality of front cameras, one of the front cameras may be used to collect a complete face of the user as a face image for generating the first key later; meanwhile, other high-precision front cameras are used for collecting local texture images of the face, and before a first secret key is generated, the texture images are used for carrying out living body analysis. Thus, the collection efficiency of the whole face image and the efficiency of living body analysis can be ensured at the same time.
Optionally, after extracting the texture features based on the texture image, a living body algorithm is applied to analyze the texture features to determine whether the texture image is from a real living body. Common living body algorithms include texture analysis-based methods, deep learning-based methods, and the like.
For example, a model of living body detection is established by means of deep learning and model training by using a large number of real living bodies and attack samples, and verification and optimization are performed. This model can help determine whether the acquired texture image belongs to a real living body.
Optionally, according to the output result of the living body detection model, judging whether the acquired texture image belongs to a real living body. If the in-vivo detection is successful, a subsequent operation such as generation of a first key based on a face image acquired in synchronization with the texture image, or the like may be performed.
Alternatively, if the in-vivo detection is not passed, the remaining step of decrypting the first data packet may not be performed, so that fraudulent attacks such as facial photos and facial masks may be effectively prevented.
In step S30, the intelligent device processes the collected user voice by using a voice recognition technology, and extracts a voiceprint feature value in the voice. The extraction of the voiceprint feature value may use an acoustic feature analysis method, such as short-time energy, frequency profile, tone profile, and spectrogram analysis, to convert the corresponding voice signal into a numerical feature related to the voiceprint of the user.
Optionally, the voiceprint feature value extracted from the speech is encoded. The purpose of encoding is to convert the voiceprint features into a string of fixed length digital representations, facilitating subsequent processing.
Optionally, the encoding of the voiceprint feature values is further processed to generate second feature values. This process may involve some mathematical and statistical analysis technique (e.g., vector conversion, dimension reduction, normalization, etc.), or a hashing algorithm to compute a corresponding hash value as the second feature value.
Optionally, the smart device uses a key generation algorithm agreed with the server to take the second feature value as input to generate the second key. Wherein the second key is associated with the voiceprint feature value of the user and is used to decrypt the second data packet.
Optionally, if the server adopts a symmetric encryption mode, the second key generated by the intelligent device is consistent with the second key used by the server; if the server side adopts an asymmetric encryption mode, the intelligent device also adopts an asymmetric encryption algorithm to generate a second key, and the generated second key comprises a private key and a public key, wherein the public key in the second key used by the server side is used for encrypting data, and the private key in the second key is used for decrypting data by the intelligent device.
Optionally, the intelligent device uses the obtained second key to decrypt the second data packet obtained by previous decryption again, and the data packet obtained after decryption is the third data packet.
As described in step S40, the smart device may directly use the corresponding serial number as the third feature value, or use a hashing algorithm to calculate a hash value corresponding to the serial number as the third feature value.
Optionally, the smart device uses a key generation algorithm agreed with the server to take the third feature value as input to generate a third key.
Optionally, if the server adopts a symmetric encryption mode, the third key generated by the intelligent device is consistent with the third key used by the server; if the server side adopts an asymmetric encryption mode, the intelligent device also adopts an asymmetric encryption algorithm to generate a third key, and the generated third key comprises a private key and a public key, wherein the public key in the third key used by the server side is used for encrypting data, and the private key in the third key is used for decrypting data by the intelligent device.
Optionally, the intelligent device uses the obtained third key to decrypt the third data packet obtained by previous decryption again, and the data packet obtained after decryption is the upgrade data packet.
Optionally, to ensure the integrity of the obtained upgrade data packet, the smart device may also perform integrity check on the upgrade data packet before using the upgrade data packet for upgrade. Once the verification is passed, the upgrade data packet can be used for upgrade operation, and after the upgrade is completed, an upgrade log is uploaded to the server side, so that the server side can know the equipment upgrade condition conveniently.
Optionally, the intelligent device performs integrity check on the received upgrade data packet by using a agreed data integrity check algorithm. The check result indicates whether the upgrade data packet is tampered with or whether part of the data is lost, thereby judging whether the upgrade data packet is reliable.
Optionally, once the integrity check of the upgrade data packet is successful, the intelligent device may use the upgrade data packet to perform an upgrade operation of the device. After the upgrade is completed, the intelligent device may also upload an upgrade log to the server. The upgrade log contains specific information of equipment upgrade, such as upgrade time, upgrade result, error information, etc. By uploading the upgrade log, the server can know the upgrade condition of the equipment, and the statistical data analyzes the success rate, failure rate and other information of the equipment upgrade, so that the server can optimize and improve the upgrade process.
Optionally, before step S10, the smart device may collect, in advance, reference data corresponding to the user data. The intelligent device can generate the secret keys corresponding to the user data and the serial numbers according to the collected reference data and the serial numbers, and upload the secret keys to the server for storage.
Or the intelligent device directly uploads the acquired reference data and the serial number to the server, and the server generates and stores the user data and the secret key corresponding to the serial number by adopting a secret key generation algorithm agreed with the intelligent device based on the reference data and the serial number respectively.
In an embodiment, the server encrypts the upgrade data packet with multiple keys by using the serial numbers related to the user data and the intelligent device, and then issues the upgrade data packet, so that the intelligent device needs to acquire the user data again and acquire the upgrade data packet by using the serial numbers after obtaining the encrypted data packet and acquire the upgrade data packet in a multiple key decryption manner, thereby improving the security of online acquisition of the upgrade data packet by the intelligent device, preventing illegal hijacking and tampering of the upgrade data packet, and protecting the security of the intelligent device.
Moreover, the encrypted data packet needs to acquire the user data again by the intelligent device to generate a corresponding key for decryption, so that the decryption process is strongly bound with specific equipment and users, and only legal equipment used by legal users can generate a correct key for decryption, thereby further protecting the security and privacy of the data packet.
And, by encrypting the upgrade data package in a particular order using multiple keys, it is ensured that only legitimate devices can know the order of decryption. This way, the difficulty of decrypting the key sequence is increased, and the security of the decryption process is improved. Such measures may prevent unauthorized devices or attackers from attempting to crack the data packets using an invalid decryption order.
In an embodiment, based on the above embodiment, the user data further includes a user fingerprint; the step of acquiring the first key based on the face image comprises the following steps:
acquiring a face characteristic value based on the face image and acquiring a fingerprint characteristic value based on the user fingerprint;
generating a first characteristic value according to the face characteristic value and the fingerprint characteristic value;
and generating a first key based on a key generation algorithm agreed with the server and the first characteristic value.
In this embodiment, a face image obtained by the intelligent device through the camera is extracted from a feature value in the face image through a face recognition algorithm or a deep learning technology, so as to obtain a face feature value.
Optionally, the intelligent device obtains a fingerprint image of the user through the fingerprint sensor, and obtains the fingerprint of the user. And then the key features (such as minutiae feature points or ridge lines) are extracted from the user fingerprint by using a fingerprint identification algorithm and then converted into fingerprint feature values. For example, the extracted fingerprint feature is converted into a comparable feature code form, so that the fingerprint feature can be converted into a digital or binary sequence, resulting in a fingerprint feature value.
Optionally, the face feature value and the fingerprint feature value are respectively converted into a hash value through a hash function, and then added to obtain a first feature value (or the face feature value and the fingerprint feature value are combined, and then the hash function is used to convert the combined result into a unique feature value as the first feature value).
Optionally, the intelligent device may generate the corresponding first key using a key generation algorithm agreed with the server and the first feature value as inputs.
Accordingly, the first key used by the server side when encrypting the second data packet is also generated based on the face image and the user fingerprint in the reference data, and the specific generation mode refers to the mode that the intelligent device generates the first key based on the face image and the user fingerprint, which is not described herein again.
In an embodiment, the face feature value, the fingerprint feature value and a key generation algorithm agreed with the server are used for generating the first key related to the face of the user, so that the authentication accuracy and the security of key generation are further improved, and only legal equipment and legal users (namely users with legal faces and legal fingerprints) can generate the correct first key for decrypting the first data packet.
In some optional embodiments, after obtaining the reference data, the server may generate a first type of first key by adopting a key generation algorithm agreed with the intelligent device based on the face image in the reference data; and generating a second type of first key by adopting a key generation algorithm agreed with the intelligent device based on the face image and the user fingerprint in the reference data.
Then, when pushing the upgrade data packets of different versions, the server side can perform one-out-of-two based on a random algorithm (the random algorithm can be realized based on a pseudo-random number generator or a true random number generator), and one of the two first keys is used for encrypting the corresponding second data packet so as to generate the first data packet. When the server generates the first data packet, the second first key is adopted, and the server sends the first data packet to the intelligent device and simultaneously sends a fingerprint acquisition notice, so that after the intelligent device receives the first data packet, the acquired user data further comprises the user fingerprint, and the intelligent device can generate the first key based on the currently acquired face image and the user fingerprint and is used for decrypting the first data packet.
Alternatively, an implementation example of the random algorithm is as follows:
a random number generator, either a pseudo random number generator or a true random number generator, is defined and provides two options to be selected. Randomly generating a fraction (e.g., 0.523) between 0 and 1, and selecting the first option if the fraction is less than 0.5; otherwise, the second option is selected. And returning the selected option, namely, a random result.
Therefore, when the first data packet is generated, the server randomly selects a first key for encryption, so that the security of the data packet and the diversity of data encryption are increased. Therefore, even if an attacker obtains a key, all data packets cannot be decrypted by using the same key, and the anti-attack capability of the whole system is improved.
In an embodiment, on the basis of the above embodiment, the user data further includes a user fingerprint; the step of obtaining a second key based on the user's voice comprises:
acquiring a voiceprint feature value based on the user voice, and acquiring a fingerprint feature value based on the user fingerprint;
generating a second characteristic value according to the voiceprint characteristic value and the fingerprint characteristic value;
And generating a second key based on a key generation algorithm agreed with the server and the second characteristic value.
In this embodiment, the intelligent device acquires the voice of the user through the microphone, and extracts the feature value in the voice as the voiceprint feature value through the voiceprint recognition algorithm or the deep learning technology.
Optionally, the intelligent device acquires the user fingerprint through the fingerprint sensor, and extracts the corresponding fingerprint characteristic value from the user fingerprint by using a fingerprint identification algorithm.
Optionally, the voiceprint feature value and the fingerprint feature value are respectively converted into a hash value through a hash function, and then added to obtain a second feature value (or after the voiceprint feature value and the fingerprint feature value are combined, the hash function is used to convert the combined result into a unique feature value as the second feature value).
Optionally, the intelligent device may generate the corresponding second key using a key generation algorithm agreed with the server and the second feature value as inputs.
Correspondingly, the second key used by the server side when encrypting the third data packet is also generated based on the user voice and the user fingerprint in the reference data, and the specific generation mode refers to the mode of generating the second key by the intelligent device based on the user voice and the user fingerprint, which is not described herein again.
In an embodiment, the second key related to the user identity is generated according to the voiceprint feature value, the fingerprint feature value and a key generation algorithm agreed with the server, so that the identity verification accuracy and the security of the second key generation are further improved, and only legal equipment and legal users, namely users with legal voiceprints and legal fingerprints, can generate the correct second key for decrypting the second data packet.
In some alternative embodiments, after obtaining the reference data, the server may generate the first second key by using a key generation algorithm agreed with the intelligent device based on the user voice in the reference data; and generating a second type of second key by adopting a key generation algorithm agreed with the intelligent device based on the user voice and the user fingerprint in the reference data.
Then, when pushing the upgrade data packets of different versions, the server side can select one of the upgrade data packets based on a random algorithm, and one of the two second keys is used for encrypting the corresponding third data packet so as to generate a second data packet. When the server generates the second data packet, a second type second key (a second type first key is also used when the first data packet is generated), and the server sends the first data packet to the intelligent device and also sends a fingerprint acquisition notice, so that after the intelligent device receives the first data packet, the acquired user data further comprises the user fingerprint, and the intelligent device can generate the second key based on the currently acquired user voice and the user fingerprint for decrypting the second data packet (the intelligent device also generates the second type first key for decrypting the first data packet to obtain the second data packet).
Therefore, when the second data packet is generated, the server randomly selects one second key for encryption, so that the security of the data packet and the diversity of data encryption are increased. Thus, even if an attacker obtains a key, all data packets cannot be decrypted by using the same key, and the anti-attack capability of the system is improved.
In an embodiment, on the basis of the foregoing embodiment, the step of generating the second feature value according to the voiceprint feature value and the fingerprint feature value includes:
generating a second characteristic value according to the voiceprint characteristic value, the fingerprint characteristic value and a preset hash value;
the server encrypts the generation time stamp of the third data packet and the second data packet to obtain the first data packet; and the intelligent equipment decrypts the first data packet, obtains the second data packet and the generation time stamp, adopts a hash algorithm agreed with the server, and calculates the preset hash value based on the generation time stamp.
In this embodiment, during the process of encrypting and generating the first data packet, the server encrypts the upgrade data packet based on the third key to obtain the third data packet and the generation timestamp corresponding to the third data packet. And then the server calculates a preset hash value based on the generation time stamp of the third data packet by using a hash algorithm agreed with the intelligent device.
After the server obtains the preset hash value, the corresponding voiceprint characteristic value and fingerprint characteristic value are obtained (the characteristic values can be extracted by the intelligent device based on the reference data corresponding to the user data and uploaded to the server for storage, or the characteristic values can be extracted by the server based on the reference data corresponding to the user data uploaded by the intelligent device), the hash values corresponding to the voiceprint characteristic value and the fingerprint characteristic value are calculated (the hash algorithm adopted for calculating the hash values can be the same as or different from the hash algorithm adopted for calculating the preset hash value), preferably, different hash algorithms (as long as the intelligent device can adopt the hash algorithm consistent with the hash algorithm adopted when calculating the hash value by the server when calculating the corresponding hash value) are adopted, so that the cracking difficulty of the second characteristic value is improved, and finally the second characteristic value is generated (such as adding the characteristic values) according to the hash value corresponding to the voiceprint characteristic value and the fingerprint characteristic value and the preset hash value.
After the server obtains the second characteristic value, the second characteristic value is used as input of a key generation algorithm based on a key generation algorithm agreed with the intelligent equipment so as to generate a second key. And encrypting the third data packet by using the second key to obtain a second data packet. And then, the server side uses the first key to carry out packing encryption on the generation time stamps of the second data packet and the third data packet to obtain a first data packet.
Optionally, after obtaining the first data packet, the intelligent device generates a first key and decrypts the first data packet, so as to obtain the generating timestamps of the second data packet and the third data packet. Then, the intelligent device performs hash calculation based on the generation time stamp of the third data packet by utilizing a hash algorithm agreed with the server side while acquiring the voiceprint characteristic value and the fingerprint characteristic value to obtain a preset hash value.
After the intelligent device calculates the hash values corresponding to the voiceprint feature value and the fingerprint feature value, the hash values corresponding to the voiceprint feature value and the fingerprint feature value are combined (e.g., added) with the preset hash values in the same manner as the server side, so as to generate a second feature value. And then, the intelligent device uses a key generation algorithm agreed with the server side and the second characteristic value as inputs to generate a second key, and decrypts the second data packet by using the second key to obtain a third data packet. And finally, decrypting the third data packet by using the third key to obtain an upgrade data packet.
Therefore, only legal equipment can generate a correct preset hash value, and a second key is generated based on the preset hash value, the voiceprint and the fingerprint of the legal user so as to successfully decrypt the second data packet (namely, even if the illegal equipment can crack to obtain the second data packet and generate a timestamp, the second key is difficult to generate so as to successfully decrypt the second data packet), the cracking difficulty of the second key is further increased, the security of the upgrading data packet acquisition is further improved through the multiple protection measures, and unauthorized equipment or users are further prevented from accessing and decrypting to obtain the upgrading data packet.
In an embodiment, referring to fig. 2, before the step of collecting the user data when the smart device receives the first data packet from the server, the method further includes:
step S50, after the intelligent equipment collects the reference data corresponding to the user data, uploading the reference data and the serial numbers corresponding to the intelligent equipment to a server; and the server generates the user data and the secret key corresponding to the serial number by adopting a secret key generation algorithm agreed with the intelligent equipment based on the reference data and the serial number respectively.
In this embodiment, after the intelligent device collects the reference data corresponding to the user data, the reference data and the serial number corresponding to the intelligent device are uploaded to the server. The reference data at least comprises a reference face image and a reference user voice, and can further comprise a reference user fingerprint.
Optionally, the server side processes the received reference data and the sequence number by adopting a key generation algorithm agreed with the intelligent device. The reference data is used for generating a first key and a second key, and the serial number is used for generating a third key.
Therefore, compared with the scheme that the intelligent device directly uploads the key for the server to store, the situation that the key is hijacked in the transmission process can be prevented, and even if the reference data and the serial number are hijacked in the transmission process, the corresponding key cannot be generated on the premise that the illegal device cannot obtain a key generation algorithm pre-agreed by the server and legal device, so that the risk of key leakage is reduced, and the security of the intelligent device for acquiring the upgrade data packet is further improved.
In an embodiment, based on the foregoing embodiment, the method for obtaining an upgrade data packet of the smart device further includes:
after the intelligent equipment collects the reference user voice in the reference data, voice print conversion processing is carried out on the reference user voice by adopting a voice print conversion algorithm, and converted reference user voice is obtained;
after the server receives the converted reference user voice uploaded by the intelligent device, a restoration algorithm corresponding to the voiceprint conversion algorithm is adopted to restore the reference user voice, and the second key is generated by adopting the key generation algorithm based on the restored reference user voice.
In this embodiment, when the smart device collects the reference data, the smart device may acquire the reference user voice as a part of the reference data. Then, the intelligent device performs voiceprint conversion processing on the reference user voice by using a voiceprint conversion algorithm (for example, cycleGAN Voice Conversion (CycleGANVC)) to obtain converted reference user voice.
Optionally, the intelligent device uploads the converted reference user voice to the server. After receiving the converted reference user voice uploaded by the intelligent equipment, the server uses a restoration algorithm corresponding to the voiceprint conversion algorithm to restore the reference user voice. This restoration process restores the converted reference user speech back to its original speech form.
Optionally, based on the restored reference user voice, the server may extract a corresponding voiceprint feature value, obtain a second feature value based on the voiceprint feature value (may further include other required parameters, such as a fingerprint feature value and a preset hash value), and then generate a second key by using a key generation algorithm previously agreed with the intelligent device.
Thus, even if the voice of the reference user is hijacked in the transmission process, an attacker can only obtain the converted voiceprint characteristics, but cannot obtain the original voice signal content. Therefore, leakage and threat of sound data can be avoided, effective guarantee is provided for privacy and data safety of users, and difficulty in cracking the second secret key is further improved.
It should be noted that the CycleGANVC algorithm is used to convert the voice of the source speaker into the voice of the target speaker. Accordingly, the restoration algorithm is used to reconvert the converted target speaker speech back to the original source speaker speech.
The following is the basic steps of the CycleGANVC algorithm:
(1) Data preparation: a paired speech data set of the source speaker and the target speaker is collected, wherein the paired speech data set comprises speech recordings of sentences respectively spoken by the source speaker and the target speaker.
(2) Pretreatment: the voice data is preprocessed, such as to remove silence segments, segmentation, etc.
(3) Feature extraction: the feature representation is extracted from the speech signal using an acoustic feature extraction algorithm, such as MFCC (Mel Frequency Cepstral Coefficients, mel-frequency cepstral coefficient) or mel-frequency spectrum (mel-spectrum).
(4) Training a CycleGAN model: and training a CycleGAN model by using the voice features of the source speaker and the voice features of the target speaker as training sets. The CycleGAN includes two generators, one generator converting the features of the source speaker into the features of the target speaker and the other generator converting the features of the target speaker into the features of the source speaker, and two discriminators for discriminating the generated features and the real features, respectively.
(5) Feature conversion: and inputting the voice characteristics of the source speaker into a corresponding generator by using the trained CycleGAN model, and generating the voice characteristics of the target speaker.
(6) Synthesizing voice: the voice characteristics of the target speaker are combined with the vocal tract characteristics (such as fundamental frequency and excitation source) of the source speaker, and the final target speaker voice is synthesized by using the vocoder.
The basic steps of the corresponding restoration algorithm are as follows:
(a) Feature extraction: feature representations are extracted from the converted target speaker's speech using the same acoustic feature extraction algorithm as the training CycleGAN model, such as MFCC or mel spectrum.
(b) Restoration algorithm: and re-converting the voice characteristics of the converted target speaker back to the voice characteristics of the source speaker by using a restoration algorithm. The restoration algorithm may employ different methods, such as reverse conversion using a reverse CycleGAN model, or use some reverse mapping method to restore the voice characteristics of the source speaker.
(c) Synthesizing voice: the voice characteristics of the source speaker after the restoration are combined with the vocal tract characteristics of the target speaker, such as fundamental frequency, excitation source and the like, and the final voice of the source speaker is synthesized by using a vocoder.
In an embodiment, on the basis of the foregoing embodiment, there are multiple key generation algorithms agreed by the intelligent device and the server, where the intelligent device and the server select at least one key generation algorithm from the multiple key generation algorithms according to the version number corresponding to the upgrade data packet, and the key generation algorithm is used for generating a corresponding key.
In this embodiment, the intelligent device and the server agree on a series of key generation algorithms in advance, and different key generation algorithms may use different combinations of parameters such as encryption algorithm and key length. This is done to increase the security of the system, making it difficult for an attacker to guess the key generation algorithm that is actually used.
Optionally, each upgrade data packet has a unique version number when it is produced, and the server publishes the version number together when it publishes the upgrade data packet.
Optionally, after receiving the reference data and the serial number uploaded by the intelligent device, the server stores the data. When the server side pushes an upgrade data packet, at least one key generation algorithm is selected from the multiple key generation algorithms according to the version number of the upgrade data packet to be pushed so as to generate keys corresponding to the reference data and the serial number respectively.
After receiving the first data packet, the intelligent device also selects at least one key generation algorithm from the multiple key generation algorithms according to the version number of the upgrade data packet so as to generate keys corresponding to the reference data and the serial number respectively.
For example, if there are two candidate key generation algorithms, one of the key generation algorithms corresponds to a version number with a mantissa of singular number, and the other key generation algorithm corresponds to a version number with a mantissa of double number; if there are ten candidate key generation algorithms, the ten key generation algorithms correspond to version numbers with mantissas of 0 to 9, respectively.
In an embodiment, the server and the intelligent device may select a corresponding key generation algorithm according to the version number, and independently generate the reference data and the key corresponding to the serial number. Therefore, even if the key of a certain key generation algorithm is acquired, an attacker still cannot acquire keys of other versions, so that the security and confidentiality of the system are improved, and the security of the intelligent device for acquiring the upgrade data packet is further improved.
In an embodiment, on the basis of the foregoing embodiment, after the step of collecting the user data when the smart device receives the first data packet from the server, the method further includes:
if the intelligent device cannot decrypt any one of the second data packet, the third data packet and the upgrade data packet, abnormal alarm is carried out.
In this embodiment, when the intelligent device decrypts the first data packet based on the first key, if the second data packet cannot be obtained by decryption, an abnormal alarm is performed.
Or when the intelligent device decrypts the second data packet based on the second key, if the third data packet cannot be obtained through decryption, abnormal alarming is conducted.
Or when the intelligent device decrypts the third data packet based on the third key, if the third data packet cannot be decrypted to obtain the upgrade data packet, an abnormal alarm is carried out.
Optionally, the intelligent device can remind relevant personnel or the server to pay attention and perform corresponding processing by performing abnormal alarm. Thus, potential security problems (such as illegal devices or illegal users attempting to crack the data packet) and abnormal data transmission (such as tampering with the data packet) can be effectively prevented.
If the data packet is tampered with during transmission, or an illegal device or an illegal user tries to crack the data packet, the data packet cannot be correctly decrypted and processed. By adding the abnormality alarm in the decryption process, the abnormalities can be found in time so as to ensure the security of the upgrade data packet and the equipment.
In addition, the embodiment of the application also provides an intelligent device, and the internal structure of the intelligent device can be shown in fig. 3. The intelligent device comprises a processor, a memory, a communication interface and a database which are connected through a system bus. Wherein the processor is configured to provide computing and control capabilities. The memory of the intelligent device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the intelligent device is used for storing data called by the computer program. The communication interface of the intelligent device is used for carrying out data communication with an external terminal. The input device of the intelligent device is used for receiving signals input by the external device. The computer program, when executed by a processor, implements an upgrade data packet acquisition method for a smart device as described in the above embodiments.
Those skilled in the art will appreciate that the structure shown in fig. 3 is merely a block diagram of a portion of the structure related to the present application and does not constitute a limitation of the smart device to which the present application is applied.
Furthermore, the present application also proposes a computer readable storage medium comprising a computer program which, when executed by a processor, implements the steps of the method for acquiring an upgrade data packet of a smart device as described in the above embodiments. It is understood that the computer readable storage medium in this embodiment may be a volatile readable storage medium or a nonvolatile readable storage medium.
In summary, in the method for acquiring the upgrade data packet of the intelligent device, the intelligent device and the computer readable storage medium provided in the embodiments of the present application, the server performs multiple key encryption on the upgrade data packet by using the serial numbers related to the user data and the intelligent device, and then issues the upgrade data packet, so that after the intelligent device obtains the encrypted data packet, the user data needs to be acquired again and the upgrade data packet needs to be acquired by using the serial numbers in a multiple key decryption manner, thereby improving the security of online acquisition of the upgrade data packet by the intelligent device, preventing illegal hijacking and tampering of the upgrade data packet, and protecting the security of the intelligent device.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium provided herein and used in embodiments may include non-volatile and/or volatile memory. The nonvolatile memory can include Read Only Memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), dual speed data rate SDRAM (SSRSDRAM), enhanced SDRAM (ESDRAM), synchronous Link DRAM (SLDRAM), memory bus direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), among others.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, apparatus, article, or method that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, apparatus, article, or method. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, apparatus, article or method that comprises the element.
The foregoing description is only of the preferred embodiments of the present application and is not intended to limit the scope of the claims, and all equivalent structures or equivalent processes using the descriptions and drawings of the present application, or direct or indirect application in other related technical fields are included in the scope of the claims of the present application.
Claims (10)
1. The method for acquiring the upgrade data packet of the intelligent equipment is characterized by comprising the following steps of:
when the intelligent equipment receives a first data packet from a service end, acquiring user data, wherein the user data comprises a face image and user voice;
Acquiring a first key based on the face image, and decrypting the first data packet by using the first key to obtain a second data packet;
acquiring a second key based on the user voice, and decrypting the second data packet by using the second key to obtain a third data packet;
and acquiring a third key based on the serial number corresponding to the intelligent equipment, and decrypting the third data packet by using the third key to obtain an upgrade data packet, wherein the server side sequentially encrypts the upgrade data packet by using the pre-stored user data and the key corresponding to the serial number to generate a first data packet.
2. The method for obtaining an upgrade data packet of an intelligent device according to claim 1, wherein the user data further comprises a user fingerprint; the step of acquiring the first key based on the face image comprises the following steps:
acquiring a face characteristic value based on the face image and acquiring a fingerprint characteristic value based on the user fingerprint;
generating a first characteristic value according to the face characteristic value and the fingerprint characteristic value;
and generating a first key based on a key generation algorithm agreed with the server and the first characteristic value.
3. The method for obtaining an upgrade data packet of an intelligent device according to claim 1, wherein the user data further comprises a user fingerprint; the step of obtaining a second key based on the user's voice comprises:
Acquiring a voiceprint feature value based on the user voice, and acquiring a fingerprint feature value based on the user fingerprint;
generating a second characteristic value according to the voiceprint characteristic value and the fingerprint characteristic value;
and generating a second key based on a key generation algorithm agreed with the server and the second characteristic value.
4. The method for obtaining an upgrade data packet of an intelligent device according to claim 3, wherein the step of generating a second feature value according to the voiceprint feature value and the fingerprint feature value comprises:
generating a second characteristic value according to the voiceprint characteristic value, the fingerprint characteristic value and a preset hash value;
the server encrypts the generation time stamp of the third data packet and the second data packet to obtain the first data packet; and the intelligent equipment decrypts the first data packet, obtains the second data packet and the generation time stamp, adopts a hash algorithm agreed with the server, and calculates the preset hash value based on the generation time stamp.
5. The method for obtaining an upgrade data packet of an intelligent device according to claim 1, wherein, before the step of collecting user data when the intelligent device receives the first data packet from the server, the method further comprises:
After the intelligent equipment acquires the reference data corresponding to the user data, uploading the reference data and the serial numbers corresponding to the intelligent equipment to a server;
and the server generates the user data and the secret key corresponding to the serial number by adopting a secret key generation algorithm agreed with the intelligent equipment based on the reference data and the serial number respectively.
6. The method for obtaining an upgrade data packet of an intelligent device according to claim 5, wherein the method for obtaining an upgrade data packet of an intelligent device further comprises:
after the intelligent equipment collects the reference user voice in the reference data, voice print conversion processing is carried out on the reference user voice by adopting a voice print conversion algorithm, and converted reference user voice is obtained;
after the server receives the converted reference user voice uploaded by the intelligent device, a restoration algorithm corresponding to the voiceprint conversion algorithm is adopted to restore the reference user voice, and the second key is generated by adopting the key generation algorithm based on the restored reference user voice.
7. The method for obtaining an upgrade data packet of an intelligent device according to any one of claims 2-6, wherein the intelligent device and the server have multiple key generation algorithms agreed with each other, and the intelligent device and the server select at least one key generation algorithm from the multiple key generation algorithms according to a version number corresponding to the upgrade data packet, so as to generate a corresponding key.
8. The method for obtaining an upgrade data packet of an intelligent device according to claim 1, wherein after the step of collecting user data when the intelligent device receives the first data packet from the server, the method further comprises:
if the intelligent device cannot decrypt any one of the second data packet, the third data packet and the upgrade data packet, abnormal alarm is carried out.
9. A smart device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, which when executed by the processor, implements the steps of the method for acquiring an upgrade data package of a smart device according to any one of claims 1 to 8.
10. A computer readable storage medium, characterized in that the computer readable storage medium has stored thereon a computer program which, when executed by a processor, implements the steps of the method for acquiring an upgrade data package of a smart device according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410083587.0A CN117609965A (en) | 2024-01-19 | 2024-01-19 | Upgrade data packet acquisition method of intelligent device, intelligent device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410083587.0A CN117609965A (en) | 2024-01-19 | 2024-01-19 | Upgrade data packet acquisition method of intelligent device, intelligent device and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117609965A true CN117609965A (en) | 2024-02-27 |
Family
ID=89951986
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410083587.0A Pending CN117609965A (en) | 2024-01-19 | 2024-01-19 | Upgrade data packet acquisition method of intelligent device, intelligent device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117609965A (en) |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20120072906A (en) * | 2010-12-24 | 2012-07-04 | 주식회사 케이티 | Method for performing and requesting authenticaiton using plurality of authentication methods |
| US20140012587A1 (en) * | 2012-07-03 | 2014-01-09 | Samsung Electronics Co., Ltd. | Method and apparatus for connecting service between user devices using voice |
| CN109214168A (en) * | 2018-08-27 | 2019-01-15 | 阿里巴巴集团控股有限公司 | Firmware upgrade method and device |
| US10454677B1 (en) * | 2016-02-24 | 2019-10-22 | United Services Automobile Associate (USAA) | Cryptographic key generation from biometric data |
| CN111431917A (en) * | 2020-03-31 | 2020-07-17 | 上海涵润汽车电子有限公司 | Upgrade package encryption method and device and upgrade package decryption method and device |
| CN111478917A (en) * | 2016-10-25 | 2020-07-31 | 雷飏 | Background system for providing network service for access control device and user terminal |
| CN112800477A (en) * | 2021-04-02 | 2021-05-14 | 西安慧博文定信息技术有限公司 | Data encryption and decryption system and method based on biological characteristic value |
| WO2021114891A1 (en) * | 2019-12-11 | 2021-06-17 | 中兴通讯股份有限公司 | Key encryption method and decryption method, and, data encryption method and decryption method |
| US20210377013A1 (en) * | 2020-05-28 | 2021-12-02 | David Kye Liang Lee | Generation of encryption keys using biometrics |
| CN113890736A (en) * | 2021-11-22 | 2022-01-04 | 国网四川省电力公司成都供电公司 | Mobile terminal identity authentication method and system based on SM9 cryptographic algorithm |
| CN114266056A (en) * | 2021-11-23 | 2022-04-01 | 华人运通(上海)云计算科技有限公司 | Multiple key generation method, and communication method and device based on multiple keys |
| CN115333813A (en) * | 2022-08-02 | 2022-11-11 | 中国电信股份有限公司 | Data encryption transmission method and device, electronic equipment and storage medium |
-
2024
- 2024-01-19 CN CN202410083587.0A patent/CN117609965A/en active Pending
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20120072906A (en) * | 2010-12-24 | 2012-07-04 | 주식회사 케이티 | Method for performing and requesting authenticaiton using plurality of authentication methods |
| US20140012587A1 (en) * | 2012-07-03 | 2014-01-09 | Samsung Electronics Co., Ltd. | Method and apparatus for connecting service between user devices using voice |
| US10454677B1 (en) * | 2016-02-24 | 2019-10-22 | United Services Automobile Associate (USAA) | Cryptographic key generation from biometric data |
| CN111478917A (en) * | 2016-10-25 | 2020-07-31 | 雷飏 | Background system for providing network service for access control device and user terminal |
| CN109214168A (en) * | 2018-08-27 | 2019-01-15 | 阿里巴巴集团控股有限公司 | Firmware upgrade method and device |
| WO2021114891A1 (en) * | 2019-12-11 | 2021-06-17 | 中兴通讯股份有限公司 | Key encryption method and decryption method, and, data encryption method and decryption method |
| CN111431917A (en) * | 2020-03-31 | 2020-07-17 | 上海涵润汽车电子有限公司 | Upgrade package encryption method and device and upgrade package decryption method and device |
| US20210377013A1 (en) * | 2020-05-28 | 2021-12-02 | David Kye Liang Lee | Generation of encryption keys using biometrics |
| CN112800477A (en) * | 2021-04-02 | 2021-05-14 | 西安慧博文定信息技术有限公司 | Data encryption and decryption system and method based on biological characteristic value |
| CN113890736A (en) * | 2021-11-22 | 2022-01-04 | 国网四川省电力公司成都供电公司 | Mobile terminal identity authentication method and system based on SM9 cryptographic algorithm |
| CN114266056A (en) * | 2021-11-23 | 2022-04-01 | 华人运通(上海)云计算科技有限公司 | Multiple key generation method, and communication method and device based on multiple keys |
| CN115333813A (en) * | 2022-08-02 | 2022-11-11 | 中国电信股份有限公司 | Data encryption transmission method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110557376B (en) | Electronic contract signing method, electronic contract signing device, computer equipment and storage medium | |
| US11108546B2 (en) | Biometric verification of a blockchain database transaction contributor | |
| JP4938678B2 (en) | Secure calculation of similarity measures | |
| US9361440B2 (en) | Secure off-chip processing such as for biometric data | |
| EP3132368B1 (en) | Method and apparatus of verifying usability of biological characteristic image | |
| Maiorana | Biometric cryptosystem using function based on-line signature recognition | |
| CN111815833A (en) | Hotel access control authentication system based on intelligent identification and encryption technology | |
| CN112948795A (en) | Identity authentication method and device for protecting privacy | |
| Nematollahi et al. | Multi-factor authentication model based on multipurpose speech watermarking and online speaker recognition | |
| Gomez-Barrero et al. | Variable-length template protection based on homomorphic encryption with application to signature biometrics | |
| JP2006262333A (en) | Living body authentication system | |
| CN114547589A (en) | Privacy-protecting user registration and user authentication method and device | |
| CN112132996A (en) | Door lock control method, mobile terminal, door control terminal and storage medium | |
| EP3316162B1 (en) | Method and system for creating an electronic signature of a document associated to a person by means of the voice print of the person, and corresponding method for verifying the electronic signature | |
| Conti et al. | Fingerprint traits and RSA algorithm fusion technique | |
| US20220078020A1 (en) | Biometric acquisition system and method | |
| KR20110076375A (en) | Method of generating chaff points and fuzzy vault of the chaff points inserted | |
| Maiorana et al. | Secure biometric authentication system architecture using error correcting codes and distributed cryptography | |
| WO2017207998A1 (en) | Method of associating a person with a digital object | |
| CN117609965A (en) | Upgrade data packet acquisition method of intelligent device, intelligent device and storage medium | |
| Liu et al. | Biohashing for human acoustic signature based on random projection | |
| KR20150010542A (en) | Creation and authentication of biometric information | |
| Li et al. | Data hiding in fingerprint minutiae template for privacy protection | |
| JP2000306090A (en) | Device and method for authenticating individual and recording medium | |
| Inthavisas et al. | Speech cryptographic key regeneration based on password |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |