CN118488443A - Encryption communication method and system for unmanned aerial vehicle - Google Patents
Encryption communication method and system for unmanned aerial vehicle Download PDFInfo
- Publication number
- CN118488443A CN118488443A CN202410625942.2A CN202410625942A CN118488443A CN 118488443 A CN118488443 A CN 118488443A CN 202410625942 A CN202410625942 A CN 202410625942A CN 118488443 A CN118488443 A CN 118488443A
- Authority
- CN
- China
- Prior art keywords
- aerial vehicle
- unmanned aerial
- control station
- ground control
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000006854 communication Effects 0.000 title claims abstract description 78
- 238000004891 communication Methods 0.000 title claims abstract description 72
- 238000000034 method Methods 0.000 title claims abstract description 59
- 230000007246 mechanism Effects 0.000 claims abstract description 7
- 239000000284 extract Substances 0.000 claims description 6
- 238000004806 packaging method and process Methods 0.000 claims description 4
- 238000012795 verification Methods 0.000 claims description 3
- 230000005540 biological transmission Effects 0.000 description 16
- 238000012545 processing Methods 0.000 description 13
- 230000008569 process Effects 0.000 description 10
- 230000006870 function Effects 0.000 description 7
- 238000010586 diagram Methods 0.000 description 6
- 238000004590 computer program Methods 0.000 description 5
- 230000000694 effects Effects 0.000 description 5
- 230000003287 optical effect Effects 0.000 description 5
- 230000003068 static effect Effects 0.000 description 4
- 230000001360 synchronised effect Effects 0.000 description 4
- RZVHIXYEVGDQDX-UHFFFAOYSA-N 9,10-anthraquinone Chemical compound C1=CC=C2C(=O)C3=CC=CC=C3C(=O)C2=C1 RZVHIXYEVGDQDX-UHFFFAOYSA-N 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000013461 design Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000011084 recovery Methods 0.000 description 3
- 238000003491 array Methods 0.000 description 2
- 235000019800 disodium phosphate Nutrition 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 101100272279 Beauveria bassiana Beas gene Proteins 0.000 description 1
- 240000007651 Rubus glaucus Species 0.000 description 1
- 235000011034 Rubus glaucus Nutrition 0.000 description 1
- 235000009122 Rubus idaeus Nutrition 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 239000000470 constituent Substances 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000005265 energy consumption Methods 0.000 description 1
- 230000011664 signaling Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention relates to the technical field of communication encryption, in particular to an encryption communication method and system for an unmanned aerial vehicle. The method comprises the following steps: the ground control station generates a public-private key pair, and the unmanned aerial vehicle generates the public-private key pair; based on the authentication mechanism, the ground control station exchanges public keys with the unmanned aerial vehicle; the unmanned aerial vehicle generates a random character string, and the unmanned aerial vehicle and the ground control station complete identity authentication according to the random character string; the ground control station generates a shared secret key according to the time seeds and transmits the shared secret key to the unmanned aerial vehicle; the unmanned aerial vehicle encrypts the data to be transmitted based on the shared key, and sends the encrypted data packet to the ground control station; and when the ground control station receives the encrypted data packet sent by the unmanned aerial vehicle, decrypting the encrypted data packet based on the shared secret key. By adopting the method and the device, the identities of both sides of the encrypted communication can be verified, and the attack of a third party man-in-the-middle can be effectively prevented.
Description
Technical Field
The invention relates to the technical field of communication encryption, in particular to an encryption communication method and system for an unmanned aerial vehicle.
Background
The safety flight problem of unmanned aerial vehicle cannot be ignored, the safety transmission problem of the communication data of unmanned aerial vehicle is very important to the safety flight of unmanned aerial vehicle, unmanned aerial vehicle needs to transmit many data, and these data can be very different based on different application scenes, but generally speaking, data transmission between unmanned aerial vehicle and the ground control station has two kinds of picture transmission and data transmission, and the picture transmission transmits real-time video data, and data transmission transmits control command and unmanned aerial vehicle flight state information. The unmanned aerial vehicle accessing the network has more application directions by means of network characteristics and is also extremely easy to suffer network attack, for example, a certain control instruction issued by a ground control station to the unmanned aerial vehicle is intercepted by an intermediate person and modified, and the unmanned aerial vehicle receives an error instruction, so that serious consequences are caused. Therefore, the problem of password communication between the ground control station and the unmanned aerial vehicle is solved, and the safe transmission of data is guaranteed to have very strong practical significance.
In order to solve this problem, there are many schemes for encrypting unmanned aerial vehicle transmission in the prior art, for example, patent document 1 (publication No. CN117082517 a: publication No. 2023, 11, 17) discloses a method for transmitting 5G internet-connected unmanned aerial vehicle video data, and the unmanned aerial vehicle image data is transmitted in a 5G network environment using an asymmetric key.
However, these existing unmanned aerial vehicle transmission encryption schemes have several problems:
1. Resource overhead problem: conventional encryption algorithms may consume significant computing resources when executed on resource constrained devices such as drones, resulting in reduced performance or increased energy consumption.
2. Identity authentication problem: in unmanned aerial vehicle communication, it is important to ensure identity authenticity of both communication parties. In the prior art, only the communication data is encrypted, and the authentication process of both parties is not concerned.
Disclosure of Invention
In order to solve the technical problems of high resource expense and no identity authentication of both parties in the prior art, the embodiment of the invention provides an encryption communication method and system for an unmanned aerial vehicle. The technical scheme is as follows:
In one aspect, there is provided an encrypted communication method for a drone, the method implemented by an encrypted communication device, the method comprising:
the encryption communication method for the unmanned aerial vehicle is realized by an encryption communication system for the unmanned aerial vehicle, and the encryption communication for the unmanned aerial vehicle comprises a ground control station, the unmanned aerial vehicle and a certification authority;
The method comprises the following steps:
S1, the ground control station generates a ground SM2 public key-private key pair, and the unmanned aerial vehicle generates an unmanned aerial vehicle SM2 public key-private key pair;
s2, based on the authentication mechanism, the ground control station acquires an SM2 public key of the unmanned aerial vehicle, and the unmanned aerial vehicle acquires the SM2 public key of the ground;
S3, the unmanned aerial vehicle generates a random character string, and the unmanned aerial vehicle and the ground control station complete identity authentication according to the random character string, an SM3 algorithm, a ground SM2 private key and a ground SM2 public key;
S4, the ground control station generates a shared secret key according to the time seeds, and encrypts and transmits the shared secret key to the unmanned aerial vehicle through an SM2 algorithm;
s5, when the unmanned aerial vehicle reads video stream data to be transmitted from the TAP equipment, encrypting the video stream data to be transmitted based on a shared key, and sending an encrypted video stream data packet to a ground control station;
S6, when the ground control station receives the encrypted video stream data packet sent by the unmanned aerial vehicle, decrypting the encrypted video stream data packet based on the shared secret key;
S7, when the unmanned aerial vehicle reads MAVLink data packets from the TAP equipment, encrypting MAVLink data packets based on a shared secret key, determining integrity check data based on an SM3 algorithm and the shared secret key, and sending the encrypted MAVLink data packets and the integrity check data to a ground control station;
And S8, when the ground control station receives the encrypted MAVLink data packet and the integrity check data sent by the unmanned aerial vehicle, carrying out data integrity check based on the integrity check data, and decrypting the encrypted MAVLink data packet based on the shared key after the verification is passed.
In another aspect, an encrypted communication system for a drone is provided, the encrypted communication system for a drone being configured to implement an encrypted communication method for a drone as described above, the encrypted communication for a drone including a ground control station, a drone, and a certification authority; wherein:
The ground control station is used for generating a ground SM2 public key-private key pair, generating a shared key according to the time seeds, and encrypting and transmitting the shared key to the unmanned aerial vehicle through an SM2 algorithm; when an encrypted video stream data packet sent by the unmanned aerial vehicle is received, decrypting the encrypted video stream data packet based on the shared key; when receiving the encrypted MAVLink data packet and the integrity check data sent by the unmanned aerial vehicle, performing data integrity check based on the integrity check data, and decrypting the encrypted MAVLink data packet based on a shared key after the data integrity check is passed;
The unmanned aerial vehicle is used for: generating an unmanned plane SM2 public key-private key pair; acquiring a ground SM2 public key; generating a random character string, and completing identity authentication with the ground control station according to the random character string, an SM3 algorithm, a ground SM2 private key and a ground SM2 public key; when video stream data to be transmitted is read from the TAP equipment, encrypting the video stream data to be transmitted based on the shared key, and sending the encrypted video stream data packet to the ground control station; when MAVLink data packets are read from the TAP equipment, encrypting the MAVLink data packets based on the shared key, determining integrity check data based on an SM3 algorithm and the shared key, and transmitting the encrypted MAVLink data packets and the integrity check data to a ground control station;
The authentication mechanism is used for assisting the ground control station to acquire the public key of the unmanned aerial vehicle SM2, and the unmanned aerial vehicle acquires the public key of the ground SM 2.
In another aspect, there is provided an encrypted communication apparatus including: a processor; a memory having stored thereon computer readable instructions which, when executed by the processor, implement any one of the above-described methods of encrypting communications for a drone.
In another aspect, a computer readable storage medium having stored therein at least one instruction loaded and executed by a processor to implement any of the above-described methods of encrypting communications for a drone is provided.
The technical scheme provided by the embodiment of the invention has the beneficial effects that at least:
First, in conventional encrypted communication systems, only the communicated data is often encrypted. The system of the invention uses the SM2 algorithm digital signature technology to verify the identity of both sides of the encrypted communication, thereby effectively preventing the attack of a third party.
Secondly, on the encryption of flight control data and image transmission data, an SM4 encryption algorithm using a CTR mode is selected, so that the influence on information recovery under the conditions of information error code and the like in the communication process is greatly reduced under the condition of ensuring the encryption effect and efficiency, and the robustness of the system is greatly improved. The white-box piccolo algorithm used in the other mode can enable an external attacker not to directly acquire the key information of the algorithm under the condition that the unmanned aerial vehicle body is lost. Thus, the key can be prevented from being revealed or broken, and the security of the data is further protected.
Thirdly, in the conventional encryption communication process of the shared key, the fixed shared key is easy to leak, and a great security hole is generated.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flowchart of an encryption communication method for a unmanned aerial vehicle according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a ground control station exchanging public keys with an unmanned aerial vehicle according to an embodiment of the present invention;
Fig. 3 is a transmission signaling diagram of identity authentication between a ground control station and an unmanned aerial vehicle according to an embodiment of the present invention;
FIG. 4 is a flow chart of updating a shared key provided by an embodiment of the present invention;
Fig. 5 is a block diagram of an encryption communication system for a unmanned aerial vehicle according to an embodiment of the present invention;
Fig. 6 is a schematic structural diagram of an encryption communication device according to an embodiment of the present invention.
Detailed Description
The technical scheme of the invention is described below with reference to the accompanying drawings.
In embodiments of the invention, words such as "exemplary," "such as" and the like are used to mean serving as an example, instance, or illustration. Any embodiment or design described herein as "exemplary" is not necessarily to be construed as preferred or advantageous over other embodiments or designs. Rather, the term use of an example is intended to present concepts in a concrete fashion. Furthermore, in embodiments of the present invention, the meaning of "and/or" may be that of both, or may be that of either, optionally one of both.
In the embodiments of the present invention, "image" and "picture" may be sometimes used in combination, and it should be noted that the meaning of the expression is consistent when the distinction is not emphasized. "of", "corresponding (corresponding, relevant)" and "corresponding (corresponding)" are sometimes used in combination, and it should be noted that the meaning of the expression is consistent when the distinction is not emphasized.
In embodiments of the present invention, sometimes a subscript such as W 1 may be written in a non-subscript form such as W1, and the meaning of the expression is consistent when de-emphasizing the distinction.
In order to make the technical problems, technical solutions and advantages to be solved more apparent, the following detailed description will be given with reference to the accompanying drawings and specific embodiments.
The embodiment of the invention provides an encryption communication method for a unmanned aerial vehicle, which can be realized by encryption communication equipment, wherein the encryption communication equipment can be a terminal or a server. As shown in fig. 1, the flow chart of the encryption communication method for the unmanned aerial vehicle may include the following steps:
the encryption communication method for the unmanned aerial vehicle is realized by an encryption communication system for the unmanned aerial vehicle, and the encryption communication for the unmanned aerial vehicle comprises a ground control station, the unmanned aerial vehicle and a certification authority;
The method comprises the following steps:
S1, a ground control station generates a ground SM2 public key-private key pair, and an unmanned aerial vehicle generates an unmanned aerial vehicle SM2 public key-private key pair.
In a possible implementation, the ground control station uses the SM2 algorithm to locally generate a ground SM2 public key-private key pair, referred to as a ground SM2 public key and a ground SM2 private key, respectively.
The unmanned aerial vehicle generates an unmanned aerial vehicle SM2 public key-private key pair on its onboard computer raspberry serving using an SM2 algorithm, which are referred to as an unmanned aerial vehicle SM2 public key and an unmanned aerial vehicle SM2 private key, respectively.
S2, based on the authentication mechanism, the ground control station acquires the public key of the unmanned aerial vehicle SM2, and the unmanned aerial vehicle acquires the public key of the ground SM 2.
Alternatively, as shown in fig. 2, the specific operation steps of S2 may include the following steps S21 to S23:
S21, the ground control station registers a ground SM2 public key with a certification authority (which can be called CA), and the unmanned aerial vehicle registers an unmanned aerial vehicle SM2 public key with the certification authority.
S22, the ground control station applies for the unmanned aerial vehicle digital certificate to the certification authority, wherein the unmanned aerial vehicle digital certificate comprises the unmanned aerial vehicle SM2 public key and the digital signature of the certification authority.
The unmanned aerial vehicle applies for the ground control station digital certificate to the certification authority, wherein the ground control station digital certificate comprises a ground SM2 public key and a digital signature of the certification authority.
S23, the ground control station takes out the public key of the unmanned aerial vehicle SM2 from the applied unmanned aerial vehicle digital certificate, and the unmanned aerial vehicle takes out the public key of the ground SM2 from the applied ground control station digital certificate.
In a possible implementation manner, through the steps, the ground control station and the unmanned aerial vehicle have the SM2 public key of the other party besides the SM2 public private key pair generated by the ground control station and the unmanned aerial vehicle, and are ready for the following authentication key negotiation.
S3, the unmanned aerial vehicle generates a random character string, and the unmanned aerial vehicle and the ground control station complete identity authentication according to the random character string, the SM3 algorithm, the ground SM2 private key and the ground SM2 public key.
Optionally, as shown in fig. 3, the specific operation steps of S3 may include the following steps S31 to S35:
and S31, the unmanned aerial vehicle generates and stores a random character string, and the random character string is sent to the ground control station.
In a possible implementation manner, the ground control station sends hello data packets to the unmanned aerial vehicle to start identity authentication. The drone generates a random string UavRandomString that is stored locally and sent to the ground control station.
S32, after receiving the random character string, the ground control station carries out hash operation on the random character string by using an SM3 algorithm to obtain a first random hash value, encrypts the first random hash value by using a ground SM2 private key to obtain a random character string ciphertext, and sends the random character string ciphertext to the unmanned aerial vehicle.
In a possible implementation manner, the ground control station receives the random string UavRandomString sent by the unmanned aerial vehicle, and performs hash operation on the random string by using an SM3 algorithm to obtain a hash valueAnd then willAs plaintext, using the private key of the ground control stationEncrypting it to obtain ciphertextThen the ciphertext is processedAnd sending the information to the unmanned aerial vehicle.
And S33, after the unmanned aerial vehicle receives the random character string ciphertext, decrypting the random character string ciphertext by using the extracted ground SM2 public key to obtain a random character string plaintext.
S34, the unmanned aerial vehicle performs hash operation on the stored random character strings by using an SM3 algorithm to obtain a second random hash value.
And S35, comparing the plaintext of the random character string with a second random hash value by the unmanned aerial vehicle, and completing identity authentication when the plaintext of the random character string is consistent with the second random hash value.
In a feasible implementation mode, the unmanned aerial vehicle receives ciphertext transmitted by the ground control stationUsing a ground-control-station public key extracted from a CA-applied ground-control-station digital certificateFor a pair ofDecrypting to obtain plaintextThen for the original generated random character stringPerforming hash operation to obtain hash valueComparison ofAnd (3) withIf the two ground control stations are consistent, the identity of the opposite ground control station can be confirmed and the opposite ground control station can be sent to the ground control stationAnd (5) data packets.
It should be noted that, the above process completes the identity authentication of the unmanned aerial vehicle to the ground control station, and the ground control station does not describe the identity authentication process of the unmanned aerial vehicle in the same way.
S4, the ground control station generates a shared key according to the time seeds, and encrypts and transmits the shared key to the unmanned aerial vehicle through an SM2 algorithm.
Optionally, the specific operation steps of S4 may include the following steps S41 to S42:
s41, the ground control station acquires the current system time as a system time random seed.
S42, inputting the system time random seed into an SM3 algorithm, and determining the obtained output value as a shared key.
In a possible implementation manner, the method for generating the shared key is a one-way hash function method, and an SM3 hash cryptographic algorithm is adopted, so that the current system time is firstly acquiredAs system time random seed, then using the system time random seed as input of SM3 algorithm to obtain output valueWill beAs a shared key.
It should be noted that, after the shared key is generated through the above steps, the shared key may be updated, as shown in fig. 4, the updating method may be:
The ground control station sets an update time or an update period, when the update time or the update period is detected, the ground control station takes out the current shared key, uses an SM3 algorithm to operate the current shared key to obtain a new shared key, and uses an SM2 algorithm to encrypt and transmit the new shared key to the unmanned aerial vehicle to finish updating the shared key.
And S5, when the unmanned aerial vehicle reads the video data to be transmitted from the TAP equipment, encrypting the video data to be transmitted based on the shared secret key, and sending the encrypted video data packet to the ground control station.
Alternatively, the specific operation procedure of S5 may include S51 to S52:
s51, encrypting video stream data to be transmitted by using a shared key based on a first preset algorithm to obtain a first ciphertext;
s55, packaging the first ciphertext into a first data packet and sending the first data packet to the ground control station, wherein the first data packet carries a video stream message identifier.
The first preset algorithm is an SM4 algorithm or a white box piccolo algorithm.
In a possible implementation, a packet is read from the TAP device, it is determined whether the packet is a video stream packet, and if so, the packet is taken as plaintext 。
Plaintext using SM4 algorithmEncrypting to obtain ciphertext as. Or use white box piccolo algorithm to plaintextEncrypting to obtain ciphertext。
Ciphertext is sent toEncapsulated as a data portion into a data packet for transmission to a ground control station.
And S6, when the ground control station receives the encrypted video data packet sent by the unmanned aerial vehicle, decrypting the encrypted video data packet based on the shared secret key.
Alternatively, the specific operation steps of S6 may be as follows:
When the ground control station receives the first data packet and extracts the video stream message identifier from the first data packet, extracting a data part in the first data packet to obtain a first ciphertext, and decrypting the first ciphertext by using a first preset algorithm and a shared key to obtain the transmitted video stream data.
In one possible implementation manner, whether the data portion of the ciphertext data packet is a video stream data packet is determined according to the message identifier added in the processing process of the received data packet, and if so, the data portion of the ciphertext data packet is taken as the ciphertext。
Ciphertext using SM4 algorithmDecrypting to obtain plaintext. Or using the algorithm piccolo of white-box to encrypt the ciphertextDecrypting to obtain plaintext。
Will be plaintextThe video stream data packet in the system is transmitted into ground control station software, and is further analyzed by the ground control station software.
When the data is encrypted and decrypted, the SM4 algorithm is used as the first preset algorithm to encrypt, and the first preset algorithm during decryption is also the SM4 algorithm; when the white box piccolo algorithm is used as the first preset algorithm for encryption, the first preset algorithm for decryption also needs to be the white box piccolo.
And S7, when the unmanned aerial vehicle reads MAVLink data packets from the TAP equipment, encrypting MAVLink data packets based on the shared secret key, determining integrity check data based on an SM3 algorithm and the shared secret key, and sending the encrypted MAVLink data packets and the integrity check data to the ground control station.
Alternatively, the specific operation steps of S7 may include the following S71-S73:
s71, encrypting MAVLink data packets by using a shared key based on a second preset algorithm to obtain a second ciphertext;
s72, performing MAC operation on the second ciphertext by using an SM3 algorithm and a shared key to obtain a first MAC value;
and S73, splicing the second ciphertext with the first MAC value, packaging the spliced data into a second data packet, and sending the second data packet to the ground control station, wherein the second data packet carries MAVLink message identifiers.
The second preset algorithm is an SM4 algorithm or a white box piccolo algorithm.
In one possible embodiment, the data packet is read from the TAP device, and it is determined whether the data packet is MAVLink data packets, if yes, it is confirmed that the data packet is control command and flight status data, and the MAVLink data packet is used as plaintext。
Plaintext using SM4 algorithmEncrypting to obtain ciphertextOr using the white box piccolo algorithm to plaintextEncrypting to obtain ciphertext。
Ciphertext using SM3 algorithmPerforming MAC operation to obtain MAC value。
Ciphertext is sent toAnd MAC valueSpliced intoEncapsulated as a data portion into a data packet for transmission to a ground control station.
And S8, when the ground control station receives the encrypted MAVLink data packet and the integrity check data sent by the unmanned aerial vehicle, carrying out data integrity check based on the integrity check data, and decrypting the encrypted MAVLink data packet based on the shared key after the data integrity check is passed.
Optionally, the specific operation procedure of S8 may include S81-S82:
S81, when a ground control station receives a second data packet sent by an unmanned aerial vehicle and extracts MAVLink message identifications from the second data packet, extracting a data part in the second data packet and extracting a second ciphertext and a first MAC value from the data part;
S82, performing MAC operation on the second ciphertext by using an SM3 algorithm and a shared key to obtain a second MAC value, comparing the first MAC value with the second MAC value, and if the first MAC value is consistent with the second MAC value, judging that the data integrity check is passed, and decrypting the second ciphertext by using a second preset algorithm and the shared key to obtain a transmitted MAVLink data packet.
In one possible implementation manner, whether the data portion of the ciphertext data packet is MAVLink data packets is judged according to the message identifier added in the processing process of the received data packet, and if so, the data portion of the ciphertext data packet is taken as ciphertext。
Ciphertext using SM3 algorithmPerforming MAC operation to obtain MAC value。
Comparing the locally calculated MAC value with the received MAC value, if the locally calculated MAC value is consistent with the received MAC value, confirming MAVLink that the data packet is not modified by an attacker in the transmission process, receiving the data packet, and otherwise discarding the data packet.
Ciphertext using SM4 algorithmDecrypting to obtain plaintext。
When the data is encrypted and decrypted, the second preset algorithm is also the SM4 algorithm when the SM4 algorithm is used as the second preset algorithm for encryption; when the white box piccolo algorithm is used as the second preset algorithm for encryption, the second preset algorithm for decryption also needs to be the white box piccolo.
It should be noted that, except that the unmanned aerial vehicle in the above process sends data to the ground control station, the ground control station may also send control data to the unmanned aerial vehicle, where the step of encrypting the control data by the ground control station is consistent with the step of encrypting MAVLink data packets by the unmanned aerial vehicle and generating integrity check data, and the processing procedure of steps S71-S73 may be referred to; the steps of receiving control data, checking and decrypting the data integrity of the control data by the unmanned aerial vehicle are consistent with the steps of processing the encrypted MAVLink data packet by the ground control station, and reference may be made to the processing procedures of the steps S81-S82, and the embodiments of the present invention are not described herein.
In the embodiment of the invention, in the traditional encryption communication system, only the communication data is always encrypted. The system of the invention uses the SM2 algorithm digital signature technology to verify the identity of both sides of the encrypted communication, thereby effectively preventing the attack of a third party. In addition, in the encryption of the flight control data and the image transmission data, an SM4 encryption algorithm using a CTR mode is selected, so that the influence on information recovery under the conditions of information error codes and the like in the communication process is greatly reduced under the condition of ensuring the encryption effect and the encryption efficiency, and the robustness of the system is greatly improved. The white-box piccolo algorithm used in the other mode can enable an external attacker not to directly acquire the key information of the algorithm under the condition that the unmanned aerial vehicle body is lost. Thus, the key can be prevented from being revealed or broken, and the security of the data is further protected. In addition, in the traditional encryption communication process of the shared key, the fixed shared key is easy to leak, and a great security hole is generated.
Fig. 5 is a block diagram illustrating an encrypted communication system for a drone for implementing an encrypted communication method for a drone, according to an example embodiment. Referring to fig. 5, the system includes:
The ground control station is used for generating a ground SM2 public key-private key pair, generating a shared key according to the time seeds, and encrypting and transmitting the shared key to the unmanned aerial vehicle through an SM2 algorithm; when an encrypted video stream data packet sent by the unmanned aerial vehicle is received, decrypting the encrypted video stream data packet based on the shared key; when receiving the encrypted MAVLink data packet and the integrity check data sent by the unmanned aerial vehicle, performing data integrity check based on the integrity check data, and decrypting the encrypted MAVLink data packet based on a shared key after the data integrity check is passed;
The unmanned aerial vehicle is used for: generating an unmanned plane SM2 public key-private key pair; acquiring a ground SM2 public key; generating a random character string, and completing identity authentication with the ground control station according to the random character string, an SM3 algorithm, a ground SM2 private key and a ground SM2 public key; when video stream data to be transmitted is read from the TAP equipment, encrypting the video stream data to be transmitted based on the shared key, and sending the encrypted video stream data packet to the ground control station; when MAVLink data packets are read from the TAP equipment, encrypting the MAVLink data packets based on the shared key, determining integrity check data based on an SM3 algorithm and the shared key, and transmitting the encrypted MAVLink data packets and the integrity check data to a ground control station;
The authentication mechanism is used for assisting the ground control station to acquire the public key of the unmanned aerial vehicle SM2, and the unmanned aerial vehicle acquires the public key of the ground SM 2.
Optionally, the ground control station is configured to:
Registering a ground SM2 public key with the certification authority;
Applying for a digital certificate of the unmanned aerial vehicle from the certification authority; the unmanned aerial vehicle digital certificate comprises a public key of the unmanned aerial vehicle SM2 and a digital signature of a certification authority;
taking out the public key of the unmanned aerial vehicle SM2 from the applied unmanned aerial vehicle digital certificate;
The unmanned aerial vehicle is used for:
Registering an unmanned aerial vehicle SM2 public key with the certification authority;
Applying for a ground control station digital certificate from the certification authority; the ground control station digital certificate comprises a ground SM2 public key and a digital signature of a certification authority;
And taking out the ground SM2 public key from the applied ground control station digital certificate.
Optionally, the unmanned aerial vehicle is configured to:
Generating and storing a random string, and transmitting the random string to the ground control station;
After receiving the random string ciphertext, decrypting the random string ciphertext by using the extracted ground SM2 public key to obtain a random string plaintext;
Performing hash operation on the stored random character strings by using an SM3 algorithm to obtain a second random hash value;
Comparing the random string plaintext with the second random hash value, and completing identity authentication when the random string plaintext is consistent with the second random hash value;
The ground control station is used for:
After the random character string is received, carrying out hash operation on the random character string by using an SM3 algorithm to obtain a first random hash value, encrypting the first random hash value by using a ground SM2 private key to obtain a random character string ciphertext, and sending the random character string ciphertext to the unmanned aerial vehicle.
Optionally, the ground control station is configured to:
Acquiring the current system time as a system time random seed;
And inputting the system time random seed into an SM3 algorithm, and determining the obtained output value as a shared key.
Optionally, the unmanned aerial vehicle is configured to:
s51, encrypting video stream data to be transmitted by using a shared key based on a first preset algorithm to obtain a first ciphertext;
s55, the first ciphertext is packaged into a first data packet and sent to the ground control station, and the first data packet carries a video stream message identifier.
Optionally, the ground control station is configured to:
when the ground control station receives a first data packet and extracts a video stream message identifier from the first data packet, extracting a data part in the first data packet to obtain the first ciphertext, and decrypting the first ciphertext by using the first preset algorithm and a shared key to obtain transmitted video stream data;
the first preset algorithm is an SM4 algorithm or a white box piccolo algorithm.
Optionally, the unmanned aerial vehicle is configured to:
s71, encrypting MAVLink data packets by using a shared key based on a second preset algorithm to obtain a second ciphertext;
s72, performing MAC operation on the second ciphertext by using an SM3 algorithm and a shared key to obtain a first MAC value;
And S73, splicing the second ciphertext with the first MAC value, packaging the spliced data into a second data packet, and sending the second data packet to the ground control station, wherein the second data packet carries MAVLink message identifiers.
Optionally, the ground control station is configured to:
S81, when the ground control station receives a second data packet sent by the unmanned aerial vehicle and extracts MAVLink message identifiers from the second data packet, extracting a data part in the second data packet and extracting a second ciphertext and a first MAC value from the data part;
S82, performing MAC operation on a second ciphertext by using an SM3 algorithm and a shared key to obtain a second MAC value, comparing the first MAC value with the second MAC value, and if the first MAC value is consistent with the second MAC value, judging that the data integrity check is passed, and decrypting the second ciphertext by using the second preset algorithm and the shared key to obtain a transmitted MAVLink data packet;
The second preset algorithm is an SM4 algorithm or a white box piccolo algorithm.
In the embodiment of the invention, in the traditional encryption communication system, only the communication data is always encrypted. The system of the invention uses the SM2 algorithm digital signature technology to verify the identity of both sides of the encrypted communication, thereby effectively preventing the attack of a third party. In addition, in the encryption of the flight control data and the image transmission data, an SM4 encryption algorithm using a CTR mode is selected, so that the influence on information recovery under the conditions of information error codes and the like in the communication process is greatly reduced under the condition of ensuring the encryption effect and the encryption efficiency, and the robustness of the system is greatly improved. The white-box piccolo algorithm used in the other mode can enable an external attacker not to directly acquire the key information of the algorithm under the condition that the unmanned aerial vehicle body is lost. Thus, the key can be prevented from being revealed or broken, and the security of the data is further protected. In addition, in the traditional encryption communication process of the shared key, the fixed shared key is easy to leak, and a great security hole is generated.
Fig. 6 is a schematic structural diagram of an encryption communication device according to an embodiment of the present invention, where, as shown in fig. 6, the encryption communication device may include the encryption communication system for a drone shown in fig. 5. Optionally, the encrypted communication device 610 may include a first processor 2001.
Optionally, the encrypted communication device 610 may also include a memory 2002 and a transceiver 2003.
The first processor 2001 may be connected to the memory 2002 and the transceiver 2003, for example, via a communication bus.
The following describes the respective constituent elements of the encryption communication apparatus 610 in detail with reference to fig. 6:
the first processor 2001 is a control center of the encryption communication device 610, and may be one processor or a plurality of processing elements. For example, the first processor 2001 is one or more central processing units (central processing unit, CPU), may be an Application SPECIFIC INTEGRATED Circuit (ASIC), or may be one or more integrated circuits configured to implement embodiments of the present invention, such as: one or more microprocessors (DIGITAL SIGNAL processors, DSPs), or one or more field programmable gate arrays (field programmable GATE ARRAY, FPGAs).
Alternatively, the first processor 2001 may perform various functions of the encrypted communication device 610 by running or executing a software program stored in the memory 2002, and invoking data stored in the memory 2002.
In a specific implementation, first processor 2001 may include one or more CPUs, such as CPU0 and CPU1 shown in fig. 6, as an example.
In a specific implementation, as an embodiment, the encryption communication device 610 may also include a plurality of processors, such as the first processor 2001 and the second processor 2004 shown in fig. 6. Each of these processors may be a single-core processor (single-CPU) or a multi-core processor (multi-CPU). A processor herein may refer to one or more devices, circuits, and/or processing cores for processing data (e.g., computer program instructions).
The memory 2002 is used for storing a software program for executing the solution of the present invention, and is controlled by the first processor 2001 to execute the solution, and the specific implementation may refer to the above method embodiment, which is not described herein.
Alternatively, memory 2002 may be a read-only memory (ROM) or other type of static storage device that can store static information and instructions, a random access memory (random access memory, RAM) or other type of dynamic storage device that can store information and instructions, or an electrically erasable programmable read-only memory (ELECTRICALLY ERASABLE PROGRAMMABLE READ-only memory, EEPROM), compact disc read-only memory (compact disc read-only memory) or other optical disk storage, optical disk storage (including compact disc, laser disc, optical disc, digital versatile disc, blu-ray disc, etc.), magnetic disk storage media or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, without limitation. The memory 2002 may be integrated with the first processor 2001, may be present separately, and may be coupled to the first processor 2001 through an interface circuit (not shown in fig. 6) of the encryption communication device 610, which is not specifically limited by the embodiment of the present invention.
A transceiver 2003 for communicating with a network device or with a terminal device.
Alternatively, transceiver 2003 may include a receiver and a transmitter (not separately shown in fig. 6). The receiver is used for realizing the receiving function, and the transmitter is used for realizing the transmitting function.
Alternatively, the transceiver 2003 may be integrated with the first processor 2001, or may exist separately, and be coupled to the first processor 2001 through an interface circuit (not shown in fig. 6) of the encryption communication device 610, which is not specifically limited by the embodiment of the present invention.
It should be noted that the structure of the encryption communication device 610 shown in fig. 6 is not limited to this router, and an actual knowledge structure recognition device may include more or less components than those shown, or may combine some components, or may be a different arrangement of components.
In addition, the technical effects of the encryption communication device 610 may refer to the technical effects of the encryption communication method for the unmanned aerial vehicle described in the above-mentioned method embodiment, and are not described herein.
It is to be appreciated that the first processor 2001 in embodiments of the invention may be a central processing unit (central processing unit, CPU) which may also be other general purpose processors, digital signal processors (DIGITAL SIGNAL processors, DSPs), application Specific Integrated Circuits (ASICs), off-the-shelf programmable gate arrays (field programmable GATE ARRAY, FPGAs) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
It should also be appreciated that the memory in embodiments of the present invention may be either volatile memory or nonvolatile memory, or may include both volatile and nonvolatile memory. The nonvolatile memory may be a read-only memory (ROM), a Programmable ROM (PROM), an erasable programmable ROM (erasable PROM), an electrically erasable programmable EPROM (EEPROM), or a flash memory. The volatile memory may be random access memory (random access memory, RAM) which acts as external cache memory. By way of example, and not limitation, many forms of random access memory (random access memory, RAM) are available, such as static random access memory (STATIC RAM, SRAM), dynamic Random Access Memory (DRAM), synchronous Dynamic Random Access Memory (SDRAM), double data rate synchronous dynamic random access memory (double DATA RATE SDRAM, DDR SDRAM), enhanced synchronous dynamic random access memory (ENHANCED SDRAM, ESDRAM), synchronous link dynamic random access memory (SYNCHLINK DRAM, SLDRAM), and direct memory bus random access memory (direct rambus RAM, DR RAM).
The above embodiments may be implemented in whole or in part by software, hardware (e.g., circuitry), firmware, or any other combination. When implemented in software, the above-described embodiments may be implemented in whole or in part in the form of a computer program product. The computer program product comprises one or more computer instructions or computer programs. When the computer instructions or computer program are loaded or executed on a computer, the processes or functions described in accordance with embodiments of the present invention are produced in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable system. The computer instructions may be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be transmitted from one website site, computer, server, or data center to another website site, computer, server, or data center by wired (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains one or more sets of available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium. The semiconductor medium may be a solid state disk.
It should be understood that the term "and/or" is merely an association relationship describing the associated object, and means that three relationships may exist, for example, a and/or B may mean: there are three cases, a alone, a and B together, and B alone, wherein a, B may be singular or plural. In addition, the character "/" herein generally indicates that the associated object is an "or" relationship, but may also indicate an "and/or" relationship, and may be understood by referring to the context.
In the present invention, "at least one" means one or more, and "a plurality" means two or more. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one (one) of a, b, or c may represent: a, b, c, a-b, a-c, b-c, or a-b-c, wherein a, b, c may be single or plural.
It should be understood that, in various embodiments of the present invention, the sequence numbers of the foregoing processes do not mean the order of execution, and the order of execution of the processes should be determined by the functions and internal logic thereof, and should not constitute any limitation on the implementation process of the embodiments of the present invention.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
It will be clearly understood by those skilled in the art that, for convenience and brevity of description, specific working procedures of the apparatus, system and unit described above may refer to corresponding procedures in the foregoing method embodiments, which are not repeated herein.
In the several embodiments provided by the present invention, it should be understood that the disclosed apparatus, system, and method may be implemented in other ways. For example, the system embodiments described above are merely illustrative, e.g., the division of the elements is merely a logical functional division, and there may be additional divisions when actually implemented, e.g., multiple elements or components may be combined or integrated into another device, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some interface, system or unit indirect coupling or communication connection, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a read-only memory (ROM), a random access memory (random access memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing is merely illustrative of the present invention, and the present invention is not limited thereto, and any person skilled in the art will readily recognize that variations or substitutions are within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. An encryption communication method for an unmanned aerial vehicle is characterized in that the encryption communication method for the unmanned aerial vehicle is realized by an encryption communication system for the unmanned aerial vehicle, and the encryption communication for the unmanned aerial vehicle comprises a ground control station, the unmanned aerial vehicle and a certification authority;
The method comprises the following steps:
S1, the ground control station generates a ground SM2 public key-private key pair, and the unmanned aerial vehicle generates an unmanned aerial vehicle SM2 public key-private key pair;
s2, based on the authentication mechanism, the ground control station acquires an SM2 public key of the unmanned aerial vehicle, and the unmanned aerial vehicle acquires the SM2 public key of the ground;
S3, the unmanned aerial vehicle generates a random character string, and the unmanned aerial vehicle and the ground control station complete identity authentication according to the random character string, an SM3 algorithm, a ground SM2 private key and a ground SM2 public key;
S4, the ground control station generates a shared secret key according to the time seeds, and encrypts and transmits the shared secret key to the unmanned aerial vehicle through an SM2 algorithm;
s5, when the unmanned aerial vehicle reads video stream data to be transmitted from the TAP equipment, encrypting the video stream data to be transmitted based on a shared key, and sending an encrypted video stream data packet to a ground control station;
S6, when the ground control station receives the encrypted video stream data packet sent by the unmanned aerial vehicle, decrypting the encrypted video stream data packet based on the shared secret key;
S7, when the unmanned aerial vehicle reads MAVLink data packets from the TAP equipment, encrypting MAVLink data packets based on a shared secret key, determining integrity check data based on an SM3 algorithm and the shared secret key, and sending the encrypted MAVLink data packets and the integrity check data to a ground control station;
And S8, when the ground control station receives the encrypted MAVLink data packet and the integrity check data sent by the unmanned aerial vehicle, carrying out data integrity check based on the integrity check data, and decrypting the encrypted MAVLink data packet based on the shared key after the verification is passed.
2. The encrypted communication method for a drone according to claim 1, wherein the step of S2, based on the certification authority, the ground control station obtaining a drone SM2 public key, the drone obtaining a ground SM2 public key, comprises:
s21, the ground control station registers a ground SM2 public key with the certification authority, and the unmanned aerial vehicle registers an unmanned aerial vehicle SM2 public key with the certification authority;
S22, the ground control station applies for the unmanned aerial vehicle digital certificate from the certification authority, wherein the unmanned aerial vehicle digital certificate comprises an unmanned aerial vehicle SM2 public key and a digital signature of the certification authority;
The unmanned aerial vehicle applies for a ground control station digital certificate to the certification authority, wherein the ground control station digital certificate comprises a ground SM2 public key and a digital signature of the certification authority;
s23, the ground control station takes out the public key of the unmanned aerial vehicle SM2 from the applied unmanned aerial vehicle digital certificate, and the unmanned aerial vehicle takes out the public key of the ground SM2 from the applied ground control station digital certificate.
3. The encrypted communication method for a drone according to claim 1, wherein the drone of S3 generates a random string, and the drone completes identity authentication with the ground control station according to the random string, SM3 algorithm, ground SM2 private key, ground SM2 public key, comprising:
s31, the unmanned aerial vehicle generates and stores a random character string, and the random character string is sent to the ground control station;
S32, after receiving the random character string, the ground control station performs hash operation on the random character string by using an SM3 algorithm to obtain a first random hash value, encrypts the first random hash value by using a ground SM2 private key to obtain a random character string ciphertext, and sends the random character string ciphertext to the unmanned aerial vehicle;
S33, after receiving the random string ciphertext, the unmanned aerial vehicle decrypts the random string ciphertext by using the extracted ground SM2 public key to obtain a random string plaintext;
S34, the unmanned aerial vehicle performs hash operation on the stored random character strings by using an SM3 algorithm to obtain a second random hash value;
And S35, comparing the random string plaintext with the second random hash value by the unmanned aerial vehicle, and completing identity authentication when the random string plaintext is consistent with the second random hash value.
4. The method of claim 1, wherein the ground control station of S4 generates a shared key from a time seed, comprising:
s41, the ground control station acquires the current system time as a system time random seed;
S42, inputting the system time random seed into an SM3 algorithm, and determining the obtained output value as a shared key.
5. The method for encrypting communication for a drone according to claim 1, wherein the encrypting the video stream data to be transmitted based on the shared key of S5, and transmitting the encrypted video stream data packet to the ground control station, comprises:
s51, encrypting video stream data to be transmitted by using a shared key based on a first preset algorithm to obtain a first ciphertext;
s55, the first ciphertext is packaged into a first data packet and sent to the ground control station, and the first data packet carries a video stream message identifier.
6. The method according to claim 5, wherein S6, when the ground control station receives the encrypted video stream data packet transmitted by the unmanned aerial vehicle, decrypts the encrypted video stream data packet based on the shared key;
when the ground control station receives a first data packet and extracts a video stream message identifier from the first data packet, extracting a data part in the first data packet to obtain the first ciphertext, and decrypting the first ciphertext by using the first preset algorithm and a shared key to obtain transmitted video stream data;
the first preset algorithm is an SM4 algorithm or a white box piccolo algorithm.
7. The method of claim 1, wherein S7 encrypts MAVLink the data packet based on the shared key, determines integrity check data based on the SM3 algorithm and the shared key, and transmits the encrypted MAVLink data packet and the integrity check data to the ground control station, comprising:
s71, encrypting MAVLink data packets by using a shared key based on a second preset algorithm to obtain a second ciphertext;
s72, performing MAC operation on the second ciphertext by using an SM3 algorithm and a shared key to obtain a first MAC value;
And S73, splicing the second ciphertext with the first MAC value, packaging the spliced data into a second data packet, and sending the second data packet to the ground control station, wherein the second data packet carries MAVLink message identifiers.
8. The method according to claim 7, wherein S8, when the ground control station receives the encrypted MAVLink data packet and the integrity check data sent by the unmanned aerial vehicle, performs data integrity check based on the integrity check data, and decrypts the encrypted MAVLink data packet based on the shared key after the verification, includes:
S81, when the ground control station receives a second data packet sent by the unmanned aerial vehicle and extracts MAVLink message identifiers from the second data packet, extracting a data part in the second data packet and extracting a second ciphertext and a first MAC value from the data part;
S82, performing MAC operation on a second ciphertext by using an SM3 algorithm and a shared key to obtain a second MAC value, comparing the first MAC value with the second MAC value, and if the first MAC value is consistent with the second MAC value, judging that the data integrity check is passed, and decrypting the second ciphertext by using the second preset algorithm and the shared key to obtain a transmitted MAVLink data packet;
The second preset algorithm is an SM4 algorithm or a white box piccolo algorithm.
9. An encrypted communication system for a drone for implementing an encrypted communication method for a drone according to any one of claims 1 to 8, characterized in that the encrypted communication for a drone comprises a ground control station, a drone, and a certification authority; wherein:
The ground control station is used for generating a ground SM2 public key-private key pair, generating a shared key according to the time seeds, and encrypting and transmitting the shared key to the unmanned aerial vehicle through an SM2 algorithm; when an encrypted video stream data packet sent by the unmanned aerial vehicle is received, decrypting the encrypted video stream data packet based on the shared key; when receiving the encrypted MAVLink data packet and the integrity check data sent by the unmanned aerial vehicle, performing data integrity check based on the integrity check data, and decrypting the encrypted MAVLink data packet based on a shared key after the data integrity check is passed;
The unmanned aerial vehicle is used for: generating an unmanned plane SM2 public key-private key pair; acquiring a ground SM2 public key; generating a random character string, and completing identity authentication with the ground control station according to the random character string, an SM3 algorithm, a ground SM2 private key and a ground SM2 public key; when video stream data to be transmitted is read from the TAP equipment, encrypting the video stream data to be transmitted based on the shared key, and sending the encrypted video stream data packet to the ground control station; when MAVLink data packets are read from the TAP equipment, encrypting the MAVLink data packets based on the shared key, determining integrity check data based on an SM3 algorithm and the shared key, and transmitting the encrypted MAVLink data packets and the integrity check data to a ground control station;
The authentication mechanism is used for assisting the ground control station to acquire the public key of the unmanned aerial vehicle SM2, and the unmanned aerial vehicle acquires the public key of the ground SM 2.
10. A computer readable storage medium having stored therein program code which is callable by a processor to perform the method of any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410625942.2A CN118488443A (en) | 2024-05-20 | 2024-05-20 | Encryption communication method and system for unmanned aerial vehicle |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410625942.2A CN118488443A (en) | 2024-05-20 | 2024-05-20 | Encryption communication method and system for unmanned aerial vehicle |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN118488443A true CN118488443A (en) | 2024-08-13 |
Family
ID=92195076
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410625942.2A Pending CN118488443A (en) | 2024-05-20 | 2024-05-20 | Encryption communication method and system for unmanned aerial vehicle |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN118488443A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104735068A (en) * | 2015-03-24 | 2015-06-24 | 江苏物联网研究发展中心 | SIP security authentication method based on commercial passwords |
| CN116614804A (en) * | 2023-05-16 | 2023-08-18 | 宁波市电力设计院有限公司 | Method and device for encrypting communication link of unmanned aerial vehicle and unmanned aerial vehicle |
| CN117081745A (en) * | 2023-08-03 | 2023-11-17 | 中国人民解放军32806部队 | Task-oriented unmanned trunking communication confidentiality method, device and system |
| CN117278214A (en) * | 2023-10-31 | 2023-12-22 | 南方电网科学研究院有限责任公司 | Network safety communication method for power system |
| CN117879924A (en) * | 2023-12-29 | 2024-04-12 | 西交网络空间安全研究院 | Special simple network safety communication method based on national cryptographic algorithm |
-
2024
- 2024-05-20 CN CN202410625942.2A patent/CN118488443A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104735068A (en) * | 2015-03-24 | 2015-06-24 | 江苏物联网研究发展中心 | SIP security authentication method based on commercial passwords |
| CN116614804A (en) * | 2023-05-16 | 2023-08-18 | 宁波市电力设计院有限公司 | Method and device for encrypting communication link of unmanned aerial vehicle and unmanned aerial vehicle |
| CN117081745A (en) * | 2023-08-03 | 2023-11-17 | 中国人民解放军32806部队 | Task-oriented unmanned trunking communication confidentiality method, device and system |
| CN117278214A (en) * | 2023-10-31 | 2023-12-22 | 南方电网科学研究院有限责任公司 | Network safety communication method for power system |
| CN117879924A (en) * | 2023-12-29 | 2024-04-12 | 西交网络空间安全研究院 | Special simple network safety communication method based on national cryptographic algorithm |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101684076B1 (en) | A secure Data Communication system between IoT smart devices and a Network gateway under Internet of Thing environment | |
| CN105530238B (en) | Computer-implemented system and method for secure session establishment and encrypted exchange of data | |
| US9838870B2 (en) | Apparatus and method for authenticating network devices | |
| US10454917B2 (en) | Enabling single sign-on authentication for accessing protected network services | |
| CN109428867A (en) | A kind of message encipher-decipher method, network equipment and system | |
| US20200195446A1 (en) | System and method for ensuring forward & backward secrecy using physically unclonable functions | |
| CN108599926B (en) | HTTP-Digest improved AKA identity authentication system and method based on symmetric key pool | |
| CN109309566B (en) | Authentication method, device, system, equipment and storage medium | |
| US20180013832A1 (en) | Health device, gateway device and method for securing protocol using the same | |
| CN111614621A (en) | Internet of things communication method and system | |
| CN113132087A (en) | Internet of things, identity authentication and secret communication method, chip, equipment and medium | |
| US9438569B2 (en) | Secured embedded data encryption systems | |
| CN113141333B (en) | Communication method, device, server, system and storage medium of network access device | |
| US11240661B2 (en) | Secure simultaneous authentication of equals anti-clogging mechanism | |
| US8356175B2 (en) | Methods and apparatus to perform associated security protocol extensions | |
| CN108966214A (en) | Authentication method, the wireless network safety communication method and device of wireless network | |
| CN111836260B (en) | Authentication information processing method, terminal and network equipment | |
| CN115314284B (en) | Public key authentication searchable encryption method and system based on trusted execution environment | |
| US12058257B2 (en) | Data storage method, data read method, electronic device, and program product | |
| CN114553557B (en) | Key calling method, device, computer equipment and storage medium | |
| KR102539418B1 (en) | Apparatus and method for mutual authentication based on physical unclonable function | |
| CN118488443A (en) | Encryption communication method and system for unmanned aerial vehicle | |
| CN114285557A (en) | Communication encryption method, system and device | |
| CN114329522A (en) | Private key protection method, device, system and storage medium | |
| JP5932709B2 (en) | Transmission side device and reception side device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |