KR102577260B1 - Unmanned delivery system based on user certification method and user certification - Google Patents

Abstract

The user authentication method performed in an unmanned delivery system including a server, an ordering customer device, a delivery person customer device, and an autonomous delivery vehicle of the present invention includes the server providing a session key based on order information received from the ordering customer device. Generating and transmitting the generated session key to the delivery person customer device and the ordering customer device; An OTP generation step in which the delivery person customer device generates an OTP (One-Time Password) based on the session key; A first application step in which the delivery person customer device applies a hash function to the OTP a preset number of times; A second application step in which the delivery person customer device additionally applies the hash function to the OTP generated in the first application step a preset number of times; It includes a first QR code generation step in which the delivery person customer device generates a first QR code based on the OTP generated in the second application step.

Description

User authentication method and unmanned delivery system based on user authentication {UNMANNED DELIVERY SYSTEM BASED ON USER CERTIFICATION METHOD AND USER CERTIFICATION}

The present invention relates to a user authentication method and an unmanned delivery system based on user authentication. More specifically, it relates to a user authentication method and an unmanned delivery system based on user authentication that can prevent hacking.

Due to COVID-19, a social atmosphere is being created to avoid face-to-face contact. Accordingly, delivery methods are also changing, and in particular, demand for autonomous delivery systems is increasing to minimize unnecessary contact between customers and delivery workers and improve delivery convenience.

Accordingly, unmanned delivery vehicles that can perform delivery are being developed, but conventional self-driving delivery vehicles use an authentication system that retrieves the goods after entering the last 4 digits of the user's mobile phone number or a password designated by the user. .

However, this method has the problem that anyone who knows the user's mobile phone number can receive the goods, so there is a risk of hacking (man-in-the-middle attack) and convenience is not guaranteed.

Korean Patent Publication No. 10-2020-0132431

The present invention was created to solve the above problems, and the purpose of the present invention is to provide unmanned user authentication based on strengthened user authentication using OTP (One Time Password), hash, encryption algorithm, etc. in an indoor autonomous delivery system. By configuring the delivery system, we provide a user authentication method that can prevent the risk of hacking (man-in-the-middle attack) and an unmanned delivery system based on user authentication.

Another purpose of the present invention is to utilize a different key value each time by eliminating the reusability and redundancy of the key value by using the time-based OTP (One Time Password) method, and to use a hash function with guaranteed security for hacking (man-in-the-middle attack). ) is to provide a user authentication method for unmanned delivery and an unmanned delivery system based on user authentication that can guarantee the integrity of data by preventing reverse calculations even if the data is compromised.

In addition, another purpose of the present invention is to increase the security of data through encryption and decryption using private keys between users, and to enable users to more simply and quickly authenticate themselves and purchase goods based on the QR authentication method. It provides a user authentication method for receiving and an unmanned delivery system based on user authentication.

A user authentication method performed in an unmanned delivery system including a server, an ordering customer device, a deliveryman customer device, and an autonomous delivery vehicle according to an embodiment of the present invention to achieve the above object includes the server, the ordering customer device A session key transmission step of generating a session key based on order information received from and transmitting the generated session key to the delivery person customer device and the ordering customer device; An OTP generation step in which the delivery person customer device generates an OTP (One-Time Password) based on the session key; A first application step in which the delivery person customer device applies a hash function to the OTP a preset number of times; A second application step in which the delivery person customer device additionally applies the hash function to the OTP generated in the first application step a preset number of times; And a first QR code generation step in which the delivery person customer device generates a first QR code based on the OTP generated in the second application step.

Here, a secret key generation step in which the delivery person customer device encrypts the OTP generated in the first application step to generate a secret key; And it may further include a secret key transmission step in which the delivery person customer device transmits the generated secret key to the ordering customer device through the server.

In addition, the ordering customer device may further include a second QR code generation step of decrypting the encrypted secret key using the session key to generate a second QR code different from the first QR code.

In addition, the self-driving delivery vehicle may further include a user authentication step in which the first QR code and the second QR code are recognized and whether they match is determined.

And the user authentication step includes a third application step in which the self-driving delivery vehicle additionally applies the hash function a preset number of times to the OTP generated in the first application step and included in the second QR code. It may be a step of comparing the OTP generated in the third application step and the OTP included in the first QR code to determine whether they match.

Meanwhile, an unmanned delivery system based on user authentication including a server, an ordering customer device, a delivery person customer device, and a self-driving delivery vehicle according to an embodiment of the present invention to achieve the above other object is an order received from the ordering customer device. A server that generates a session key based on information and transmits the generated session key to the ordering customer device and the delivery person customer device; a delivery customer device that generates a first QR code based on the session key and recognizes the generated first QR code in the autonomous delivery vehicle; an ordering customer device that generates a second QR code different from the first QR code based on the session key; and an autonomous delivery vehicle that autonomously drives to the destination based on the destination coordinates included in the first QR code, recognizes the second QR code from the ordering customer device, and opens the door when user authentication is completed.

Here, the delivery customer device generates an OTP (One-Time Password) based on the session key, applies a hash function to the OTP N times, and generates a secret key that encrypts the OTP applied to the hash function N times. This can be transmitted to the ordering customer device through the server.

And, the delivery person customer device may additionally apply the OTP applied to the hash function N times, M times, and generate the first QR code based on the OTP additionally applied to the hash function M times. .

Additionally, the ordering customer device may generate the second QR code by decrypting the encrypted secret key using the session key.

And the self-driving delivery vehicle can perform user authentication by determining whether the first QR code and the second QR code match.

Here, the autonomous delivery vehicle applies the OTP applied N times to the hash function included in the second QR code, additionally applies the OTP M times to the hash function, and applies the OTP additionally applied M times to the hash function and the first OTP. You can compare the OTP included in the QR code to determine whether they match.

By using the user authentication method and user authentication-based unmanned delivery system according to the present invention described above, an unmanned delivery system based on user authentication that is strengthened using OTP (One Time Password), Hash, encryption algorithm, etc. is constructed in an indoor autonomous delivery system. This can prevent the risk of hacking (man-in-the-middle attack).

In addition, the user authentication method and user authentication-based unmanned delivery system according to the present invention uses a time-based OTP (One Time Password) method to eliminate reusability and redundancy of key values, utilizing different key values each time, and improving security. In this guaranteed Hash function, the integrity of the data can be guaranteed by preventing reverse calculations even if hacked (man-in-the-middle attack) occurs.

In addition, the user authentication method and the user authentication-based unmanned delivery system according to the present invention improve data security through encryption and decryption using private keys between users, and enable users to use the QR authentication method more simply and quickly. You can verify your identity and easily receive the goods.

1 is a schematic diagram of an unmanned delivery system based on user authentication according to an embodiment of the present invention;
Figure 2 is a block diagram for explaining the configuration of a server according to an embodiment of the present invention;
Figure 3 is a block diagram for explaining the configuration of a delivery man customer device according to an embodiment of the present invention;
Figure 4 is a block diagram for explaining the configuration of a customer ordering device according to an embodiment of the present invention;
Figure 5 is a block diagram for explaining the configuration of an autonomous delivery vehicle according to an embodiment of the present invention;
Figure 6 is a schematic diagram illustrating a secret key transmitted and received in an unmanned delivery system based on user authentication according to an embodiment of the present invention, and
Figure 7 is a flowchart of a user authentication method performed in an unmanned delivery system based on user authentication according to an embodiment of the present invention.

The detailed description of the present invention described below refers to the accompanying drawings, which show by way of example specific embodiments in which the present invention may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention. It should be understood that the various embodiments of the present invention are different from one another but are not necessarily mutually exclusive. For example, specific shapes, structures and characteristics described herein may be implemented in one embodiment without departing from the spirit and scope of the invention. Additionally, it should be understood that the location or arrangement of individual components within each disclosed embodiment may be changed without departing from the spirit and scope of the invention. Accordingly, the detailed description that follows is not intended to be taken in a limiting sense, and the scope of the invention is limited only by the appended claims, together with all equivalents to what those claims assert, if properly described. Similar reference numbers in the drawings refer to identical or similar functions across various aspects.

Hereinafter, preferred embodiments of the present invention will be described in more detail with reference to the drawings.

1 is a schematic diagram of an unmanned delivery system based on user authentication according to an embodiment of the present invention.

The components according to the present invention are components defined by functional division rather than physical division, and can be defined by the functions each performs. Each component may be implemented as hardware or program code and processing units that perform each function, and the functions of two or more components may be included and implemented in one component. Therefore, the names given to the components in the following embodiments are not intended to physically distinguish each component, but are given to suggest the representative function performed by each component, and the names of the components refer to the present invention. It should be noted that the technical idea is not limited.

The unmanned delivery system based on user authentication according to this embodiment is designed to enable safe product delivery by preventing the risk of man-in-the-middle attacks, that is, hacking, through strengthened user authentication.

To this end, this user authentication-based unmanned delivery system is prepared including a server 100, an order customer device 300, a delivery person customer device 200, and an autonomous delivery vehicle 400. Software (application) for performing a user authentication method may be installed and executed on these server 100, order customer device 300, delivery person customer device 200, and self-driving delivery vehicle 400, respectively. The configuration of each device can be controlled by software to perform a user authentication method.

First, the server 100 is linked with the ordering customer device 300, the delivery man customer device 200, and the self-driving delivery vehicle 400 through a network, and based on the order information received from the ordering customer device 300, A delivery customer device 200 that can provide goods to be delivered can be designated.

And when the delivery person customer device 200 to provide the goods is designated, the server 100 can cause the autonomous delivery vehicle 400 to move to the location of the delivery person using the delivery person customer device 200. Additionally, the server 100 may store and manage identification information identifying a plurality of self-driving delivery vehicles 400 and monitor the locations of the plurality of self-driving delivery vehicles 400.

And when order information is received from the customer order device 300, the server 100 may generate a session key based on the time the order information was received. Detailed information about this server 100 will be described later with reference to FIG. 2 .

Meanwhile, the delivery person customer device 200 is a terminal carried by the delivery person who delivers the goods ordered by the order customer device 300, and can receive identification information that can identify the delivery person. And when the delivery person customer device 200 receives order information through the server 100, it can generate order confirmation information including a check message confirming completion of receipt of the order information and transmit it to the server 100.

Additionally, the delivery person customer device 200 can generate a first QR code based on the session key received from the server 100 and cause the autonomous delivery vehicle 400 to recognize the generated first QR code. Through this, the self-driving delivery vehicle 400 can check the ordering customer device 300 that can receive stored goods, making safe delivery of goods possible. Specific details about this delivery person customer device 200 will be described later with reference to FIG. 3 .

Meanwhile, the ordering customer device 300 is a device possessed by a customer who orders a product, and can receive identification information that can identify the ordering customer. In addition, the ordering customer device 300 can transmit the ordering information to the server 100 when the ordering customer inputs ordering information for the delivery product he or she wishes to receive.

And the customer ordering device 300 can generate a second QR code based on the session key received from the server 100 and recognize the generated second QR code on the autonomous delivery vehicle 400, through which It is possible to receive goods stored in the self-driving delivery vehicle 400.

Additionally, the ordering customer device 300 can receive delivery status information of the delivered product, such as the delivery start time and estimated arrival time of the delivered product, from the server 100. Specific details about the customer order device 300 will be described later in FIG. 4.

Meanwhile, the self-driving delivery vehicle 400 is managed by the server 100, stores goods provided by a delivery person holding a delivery person customer device 200, and the stored goods are ordered by a customer having an order customer device 300. It is designed to move to the customer's destination so that the ordering customer can receive the goods.

To this end, the self-driving delivery vehicle 400 stores the first QR code recognized by the delivery person customer device 200, and stores the second QR code recognized by the order customer device 300 and the delivery person customer device 200 at the destination. Once recognized, user authentication is performed by comparing the stored first QR code to determine whether it matches.

And when the self-driving delivery vehicle 400 confirms that the first and second QR codes match each other, the self-driving delivery vehicle 400 can open the door so that the ordering customer can receive the product.

This self-driving delivery vehicle 400 may include a space for storing goods and a door for opening and closing the space, and the self-driving delivery vehicle 400 may be provided as a car as shown, but is limited thereto. It may not be a mobile device, but may be a movable device including a robot, cart, shelf, etc. that can move items.

Since order information is received from the ordering customer through this server 100, a delivery person is specified according to the received order information, and the specific delivery of moving the goods provided by the delivery person can be sufficiently inferred using general technology, in this embodiment Detailed explanation will be omitted.

In the present invention, we will focus on explaining the authentication method between the server 100, the delivery person customer device 200, the order customer device 300, and the autonomous delivery vehicle 400, which constitute the user authentication-based unmanned delivery system.

Figure 2 is a block diagram for explaining the configuration of the server 100 according to an embodiment of the present invention.

As described above, the server 100 is linked with the ordering customer device 300, the delivery person customer device 200, and the self-driving delivery vehicle 400, and acts as an intermediary between the ordering customer device 300 and the delivery person customer device 200. It is designed to safely transmit data.

In addition, the server 100 can match the ordering customer device 300 and the delivery person customer device 200 on a one-to-one basis based on the order information received from the ordering customer device 300.

For this purpose, the server 100 is provided including a communication unit 110, a management unit 130, and a database unit 120.

The communication unit 110 is provided to transmit and receive various information through a network with the order customer device 300, the delivery person customer device 200, and the self-driving delivery vehicle 400, and the information received through the communication unit 110 is stored in a database. It can be stored in unit 120.

And the communication unit 110 can transmit the session key generated in the session key management unit 133 to the ordering customer device 300 and the delivery person customer device 200, and when the encrypted secret key is received from the delivery person customer device 200 , the received secret key can be transmitted to the ordering customer device 300.

Meanwhile, the database unit 120 is provided to store information that the server 100 transmits and receives with the order customer device 300, the delivery person customer device 200, and the self-driving delivery vehicle 400. This database unit 120 At least one of ordering customer identification information that can identify the ordering customer, delivery person identification information that can identify the delivery person, self-driving delivery vehicle identification information that can identify the self-driving delivery vehicle 400, and map information will be stored. You can.

In addition, the database unit 120 may store and manage order information, delivery status, and information about delivery from at least one of the order customer device 300 and the delivery person customer device 200.

Additionally, the database unit 120 may store software (application) for performing a user authentication method, and may also store a secret key received from the delivery person customer device 200.

The management unit 130 is provided to generate and control information transmitted and received with the order customer device 300, the delivery person customer device 200, and the self-driving delivery vehicle 400, and the customer management unit 131 and session key management unit 133 ) may include.

When order information is received from the order customer device 300, the customer management unit 131 specifies the delivery person customer device 200 that can provide the goods included in the received order information and connects the order customer device 300 and the delivery person customer. Device 200 can be matched.

The customer management unit 131 transmits the order information to the delivery person customer device 200 located closest to the location of the ordering customer included in the received order information, and receives order information from the delivery person customer device 200 that transmitted the order information. Upon receiving a check message confirming receipt of and order confirmation information including the address of the ordering customer, the corresponding delivery person customer device 200 and the ordering customer device 300 are matched.

And the customer management unit 131 specifies the autonomous delivery vehicle 400 waiting at the location closest to the location of the matched delivery customer device 200, and the specified autonomous delivery vehicle 400 is connected to the delivery customer device 200. ) can also be moved to the location.

Meanwhile, the session key management unit 133 is provided to generate a session key. When matching between the delivery person customer device 200 and the order customer device 300 is completed, the session key management unit 133 may randomly generate a session key based on the order time included in the order information. And the session key generated in this way can be transmitted to the customer ordering device 300 and the customer delivery device 200 through the communication unit 110, respectively.

The method by which the session key management unit 133 generates a session key can be defined as follows [pseudo code 1].

[pseudocode 1]

And when the session key management unit 133 receives the encrypted secret key from the delivery person customer device 200, the secret key can be transmitted to the ordering customer device 300 matched with the delivery person customer device 200 that transmitted the secret key. The communication unit 110 can be controlled so that

Meanwhile, Figure 3 is a block diagram for explaining the configuration of the delivery man customer device 200 according to an embodiment of the present invention.

The delivery person customer device 200 is a device carried by the delivery person to provide the goods included in the order information received from the server 100, so that the goods can be safely provided to the ordering customer through the self-driving delivery vehicle 400. It can be prepared to generate a secret key. To this end, the delivery person customer device 200 may be provided including a delivery communication unit 210, a delivery storage unit 220, a delivery control unit 230, and a delivery input/output unit 240.

The delivery communication unit 210 is provided to transmit and receive various information with the server 100, and can allow information transmitted and received through the delivery communication unit 210 to be stored in the delivery storage unit 220.

Additionally, the delivery storage unit 220 may store identification information for identifying the delivery person, the delivery person's address, and software (application) for performing a user authentication method. Additionally, the delivery storage unit 220 contains information for generating an OTP value based on the session key received from the server 100, information on a hash function applied to the generated OTP value, and information for encrypting the OTP to which the hash function is applied. Information can be stored.

Meanwhile, the delivery control unit 230 is provided to generate order confirmation information and generate a first QR code based on the session key received from the server 100, and includes an order confirmation unit 221 and an OTP generation unit 223. ), an encryption unit 225, and a first QR code generation unit 227.

This delivery control unit 230 can be controlled according to the application stored in the delivery storage unit 220, and a login button along with a blank space for the delivery person to enter the delivery person's ID and password is provided in the delivery input/output unit. It can be output at (240).

Additionally, the delivery control unit 230 can transmit the delivery person's information to the server 100 when the corresponding ID and password are entered by the delivery person through the delivery input/output unit 240 and the login button is clicked. Afterwards, the delivery control unit 230 can control the delivery input/output unit 240 to output the delivery person's address input field, order details confirmation button, and authentication button when the delivery person's login is completed. The delivery person's address input field can be set to automatically input the delivery person's address previously stored in the delivery storage unit 220.

Meanwhile, the order confirmation unit 221 is provided to generate order confirmation information including a check message confirming receipt of the order information and the address of the delivery person when order information is received from the server 100. Such order confirmation information can be generated when the delivery person clicks the order details confirmation button on the screen printed on the delivery input/output unit 240. And the order confirmation unit 221 causes the generated order confirmation information to be transmitted to the server 100.

The OTP generator 223 is provided to generate an OTP. When the session key generated by the server 100 is received, it can generate an OTP value based on the received session key.

This OTP value can be generated when the delivery person clicks the authenticate button output from the delivery input/output unit 240 after the delivery person customer device 200 receives the session key from the server 100. The OTP value generated in this way by the OTP generation unit 223 is an OTP seed value, and the generated OTP value can be transmitted to the encryption unit 225.

Meanwhile, the encryption unit 225 applies the hash function (SHA-256) stored in the delivery storage unit 220 to the OTP value generated by the OTP generation unit 223 N times, which is a preset number of times. And the encryption unit 225 generates an encrypted secret key by applying a symmetric key encryption algorithm to the OTP value to which the hash function has been applied N times, which is a preset number of times, and the generated secret key is sent to the order customer device ( 300). For example, the encryption unit 225 may use the Vigenere encryption algorithm to generate a secret key, but is not limited to this.

Additionally, after the secret key is transmitted to the server 100, the encryption unit 225 may additionally apply the hash function M times, which is a preset number of times, to the OTP value to which the hash function has been applied N times. And the encryption unit 225 may transmit the OTP value to which the hash function has been applied N+M times to the first QR code generator 227.

Here, N and M are both integers of 1 or more, and N and M may be set in advance in the delivery storage unit 220. If we assume that N and M are 1, the encryption unit 225 applies a hash function once to the OTP value generated by the OTP generation unit 223, and then encrypts the OTP value to which the hash function has been applied once. A secret key is generated and transmitted to the server 100. After that, the encryption unit 225 applies the hash function again to the OTP value to which the hash function has been applied one more time, and the OTP value to which the hash function has been applied a total of two times is sent to the first QR code generator (227) without additional encryption. ) may be transmitted.

Therefore, the encryption unit 225 can generate an OTP value by applying a hash function to the OTP seed value N times and an OTP value by applying the hash function N+M times.

The first QR code generator 227 is provided to generate a first QR code to be recognized by the autonomous delivery vehicle 400. The first QR code generator 227 uses a hash function in the encryption unit 225. The OTP value to which the hash function has been applied N+M times is received, and the first QR code can be generated using the OTP value to which the hash function has been applied N+M times. And the first QR code generator 227 may transmit the generated first QR code to the delivery input/output unit 240. In the above example, the first QR code is generated using the OTP value to which the hash function has been applied twice. This first QR code may include address information to which the product is delivered and an OTP seed value, and destination information, which is address information to which the product is delivered, may be arranged in the first four digits of the first QR code data.

Meanwhile, the delivery input/output unit 240 may output the first QR code received from the first QR code generator 227, and the delivery person may use the first QR code output from the delivery input/output unit 240 to use the self-driving delivery vehicle. It can be sensed by a web camera provided in 400 and recognized by the self-driving delivery vehicle 400.

Additionally, the delivery input/output unit 240 may be provided to receive various types of information from the delivery person or to output information received through the delivery communication unit 210 and the delivery control unit 230. To this end, the delivery input/output unit 240 may be implemented as a touch screen that can perform input and output simultaneously, but is not limited to this, and an input unit and an output unit may be provided separately.

As described above, the delivery input/output unit 240 is controlled by the delivery control unit 230, and a login button may be output along with a blank space for entering the delivery person's ID and password. And when the ID and password are entered and the login button is clicked to complete login, the delivery person's address input field, order details confirmation button, and authentication button may be displayed. The screen displayed on the delivery input/output unit 240 may be output based on the user interface (UI) included in the application.

Meanwhile, Figure 4 is a block diagram for explaining the configuration of the customer ordering device 300 according to an embodiment of the present invention.

The ordering customer device 300 is a device possessed by the ordering customer and is provided to order the product the ordering customer wants to receive and generate a second QR code for receiving the product from the self-driving delivery vehicle 400. This order customer device 300 may include an order communication unit 310, an order storage unit 320, an order control unit, and an order input/output unit 340.

The order communication unit 310 may be provided to transmit and receive various information with the server 100.

The order storage unit 320 may store identification information for identifying the ordering customer, the address of the ordering customer, and may store information received from the order communication unit 310, and may store software for performing a user authentication method. there is.

Additionally, the order storage unit 320 may store a session key received from the server 100 and a secret key received from the server 100.

Meanwhile, the order control unit 330 is provided to generate order information based on information input from the ordering customer and generate a second QR code required when receiving the delivered product, and the order control unit 330 is an order unit ( 331), a decoding unit 333, and a second QR code generating unit 335.

The order control unit 330 can be controlled according to the application stored in the order storage unit 320, and a login button is output from the order input/output unit 340 along with a blank space for the ordering customer to enter the ordering customer's ID and password. It can be done as much as possible.

In addition, the order control unit 330 can transmit the ordering customer's information to the server 100 when the ordering customer enters the corresponding ID and password through the order input/output unit 340 and the login button is clicked. Afterwards, the order control unit 330 can control the order customer's address input field, order button, and authentication button to be output from the order input/output unit 340 when the order customer's login is completed. The order input field of the ordering customer can be set to automatically input the address of the ordering customer pre-stored in the order storage unit 320, and the automatically entered address of the ordering customer may be modified and entered by the ordering customer as necessary. Of course it exists.

The order unit 331 is provided to generate order information including information about the product needed by the ordering customer and the address of the ordering customer entered by the ordering customer through the order input/output unit 340. This order information can be generated when the ordering customer clicks the order button on the screen output from the order input/output unit 340 by running the application (software). And the order unit 331 causes the generated order information to be transmitted to the server 100.

After the order information generated in the order unit 331 is transmitted to the server 100, the order control unit 330 waits until it receives the session key from the server 100, and when it receives the session key from the server 100, the order control unit 330 waits. The received session key may be transmitted to the decryption unit 333. This session key is used as a key to decrypt the secret key received from the delivery person customer device 200.

In addition, the order control unit 330 may wait until receiving an arrival notification message from the server 100 after receiving the session key, and generate the arrival notification message from the delivery person customer device 200 at the same time as receiving the arrival notification message from the server 100. The encrypted packet, that is, the secret key, can be delivered through the server 100. Here, the arrival notification message may be a notification such as “The delivery item will arrive in 5 minutes,” and this arrival notification message is generated by the server 100 based on the order confirmation information received from the delivery person customer device 200. It may be a message, but is not limited to this, and the delivery person customer device 200 may include the estimated arrival time entered by the delivery person in the order confirmation information and transmit it to the server 100, and the server 100 may only deliver the message.

The decryption unit 333 is provided to decrypt the secret key. Specifically, after receiving the secret key from the server 100, when the ordering customer clicks the authenticate button output through the order input/output unit 340, the decryption unit 333 uses the session key received from the server 100. Decryption of the private key can be performed. The OTP value to which the hash function decrypted in the decryption unit 333 has been applied N times may be transmitted to the second QR code generator 335.

The second QR code generator 335 is provided to generate a second QR code that is recognized by the autonomous delivery vehicle 400. The second QR code generator 335 uses a hash function in the decoder 333. The OTP value to which the hash function has been applied N times is received, and a second QR code can be generated using the OTP value to which the hash function has been applied N times.

That is, the second QR code is a QR code based on the OTP value to which the hash function has been applied N times, and the first QR code is a QR code based on the OTP value to which the hash function has been applied N+M times. The first QR code and the second QR code are are different QR codes. As a result, the original data of the delivery person's first QR code and the ordering customer's second QR code are the same, but have different forms due to the different number of times the hash function is applied, so it may be possible to prevent hacking (man-in-the-middle attack).

And the second QR code generator 335 may transmit the generated second QR code to the order input/output unit 340. This second QR code may include address information and an OTP seed value, and the first four digits of the second QR code data include the home address to which the self-driving delivery vehicle 400 should be moved after completing delivery. Home information, which is information, can be arranged.

Meanwhile, the order input/output unit 340 can output the second QR code received from the second QR code generator 335, and the ordering customer autonomously delivers the second QR code output from the order input/output unit 340. It can be sensed by a web camera provided in the vehicle 400 and recognized by the self-driving delivery vehicle 400.

Additionally, the order input/output unit 340 may be provided to receive various information from ordering customers or to output information received through the order communication unit 310 and the order control unit 330. To this end, the order input/output unit 340 may be implemented as a touch screen that can perform input and output simultaneously, but is not limited to this, and an input unit and an output unit may be provided separately.

The order input/output unit 340 is controlled by the order control unit 330 as described above, and a login button may be output along with a blank space for entering the ordering customer's ID and password. And when the ID and password are entered and the login button is clicked to complete login, the ordering customer's address input field, order button, and authentication button may be displayed. The screen displayed on the order input/output unit 340 may be output based on the user interface (UI) included in the application.

Figure 5 is a block diagram for explaining the configuration of an autonomous delivery vehicle 400 according to an embodiment of the present invention. The self-driving delivery vehicle 400 according to this embodiment may be prepared to deliver goods provided to the delivery person to the location where the ordering customer is located. This self-driving delivery vehicle 400 may be provided with a space for loading delivered goods and a door that opens and closes using a motor. This autonomous delivery vehicle 400 may be provided including a vehicle communication unit 410, a vehicle sensor unit 420, a vehicle storage unit 430, and a vehicle control unit 440. In addition, although not shown in the drawing, a door that allows entry and exit of goods may be further included.

The vehicle communication unit 410 is provided to transmit and receive various information with the server 100, and can allow information transmitted and received through the vehicle communication unit 410 to be stored in the vehicle storage unit 430.

The vehicle sensor unit 420 is provided to recognize the first QR code generated by the delivery person customer device 200 or the second QR code generated by the order customer device 300, and the vehicle sensor unit 420 of this embodiment ) may be provided as a web camera, but is not limited to this.

When the first QR code or the second QR code is recognized, the vehicle sensor unit 420 can transmit it to the vehicle control unit 440.

Meanwhile, the vehicle storage unit 430 may store identification information for identifying the self-driving delivery vehicle 400, map information, and software (application) for performing a user authentication method. And in this vehicle storage unit 430, information about the hash function stored in the delivery person customer device 200 may be equally stored in order to check whether the first QR code matches the second QR code.

The vehicle control unit 440 performs user authentication so that the goods delivered by the self-driving delivery vehicle 400 can be delivered correctly, and if it is the customer who ordered the stored goods, it opens the door so that the customer can receive the goods. The vehicle control unit 440 may be provided to include a user authentication unit 441 and an opening/closing device control unit 443.

The user authentication unit 441 may be provided to compare the first QR code and the second QR code recognized by the vehicle sensor unit 420 to determine whether they match. To this end, the user authentication unit 441 compares the second QR code recognized from the ordering customer device 300 after arriving at the destination with the first QR code recognized from the delivery person customer device 200 before delivery begins.

At this time, the user authentication unit 441 may apply the hash function M more times to the OTP value to which the hash function included in the second QR code has been applied N times using the hash function stored in the vehicle storage unit 430. You can.

And the user authentication unit 441 compares the OTP value obtained by applying the M hash function to the second QR code and the OTP value applied by the N+M hash function included in the first QR code received from the delivery person customer device 200. Thus, it is possible to determine whether there is a match between the data. Accordingly, if the user authentication unit 441 determines that the two data match, it can generate an opening/closing signal and transmit it to the opening/closing device control unit 443.

Meanwhile, the opening and closing device control unit 443 is provided to control the opening and closing device provided in the autonomous delivery vehicle 400, that is, the door for opening and closing the door. When the opening/closing device control unit 443 receives an opening/closing signal from the user authentication unit 441, it can control the motor based on the opening/closing signal to open or close the door.

The vehicle control unit 440 including the user authentication unit 441 and the switch control unit 443 can perform autonomous driving based on address information included in the first QR code or the second QR code.

When the first QR code is recognized by the delivery person customer device 200, the vehicle control unit 440 retrieves the destination information included in the first four digits of the first QR code data, and stores the destination information in the vehicle storage unit 430. ), you can obtain the destination coordinates and control the vehicle to start driving to that location.

And after the second QR code is recognized by the delivery person customer device 200 and the product is finally provided to the ordering customer, the vehicle control unit 440 retrieves the home information included in the first four digits of the second QR code data. After coming, the home information can be searched on the map stored in the vehicle storage unit 430, and the home coordinate value can be obtained and controlled to start driving to the corresponding location. Also, unlike this, the vehicle control unit 440 includes home information in the second QR code when basic location information, which is the place where the autonomous delivery vehicle 400 should return, is stored in advance in the vehicle storage unit 430. Regardless of this, driving to the corresponding location may be performed based on preset basic location information.

FIG. 6 is a schematic diagram illustrating a secret key transmitted and received in an unmanned delivery system based on user authentication according to an embodiment of the present invention. In FIG. 6, a detailed description of each component among the contents described in FIGS. 2 to 5 is provided. will be omitted, and only the configuration in which the secret key is transmitted and received between the server 100, the delivery person customer device 200, the order customer device 300, and the autonomous delivery vehicle 400 will be described.

First, when the delivery person customer device 200 and the order customer device 300 are matched, the server 100 generates a session key (Session key (Ks)) and generates a session key (Ks) Each session key ((Session key(Ks)) is transmitted.

Thereafter, the delivery person customer device 200 generates an OTP value based on the received session key (Session key (Ks)) and applies a hash function to the generated OTP value N times. At this time, the value applied to the hash function is the OTP Seed value, and this OTP Seed value can be defined as follows.

<Equation 1>

Seed=Nonce||Time

Here, Nonce is a random number that does not overlap.

Afterwards, the delivery customer device 200 encrypts the OTP value by applying the N hash function and transmits the encrypted secret key (Ks(h ^N (Seed))) to the server 100.

Additionally, the delivery person customer device 200 additionally applies the hash function M times to the OTP value to which the N hash function has been applied. In this way, the OTP value (h ^N+M (Seed)) to which the hash function has been applied N+M times is transmitted to the autonomous delivery vehicle 400. At this time, the OTP value (h ^N+M (Seed)) to which the hash function has been applied N+M times is converted into the form of a QR code as described above and can be recognized by the autonomous delivery vehicle 400 as the first QR code. .

Meanwhile, the server 100 transmits the encrypted secret key (Ks(h ^N (Seed))) received from the delivery customer device 200 to the ordering customer device 300.

Then, the ordering customer device 300 can decrypt the encrypted secret key (Ks(h ^N (Seed))) received from the server 100 using a session key (Session key (Ks)). And the OTP value (h ^N (Seed)) to which the decrypted hash function has been applied N times can be transmitted to the autonomous delivery vehicle 400. At this time, the OTP value (h ^N (Seed)) to which the decrypted hash function has been applied N times is converted into the form of a QR code as described above and can be recognized by the autonomous delivery vehicle 400 as data of the second QR code.

Afterwards, the self-driving delivery vehicle 400 receives the OTP value (h ^N+M (Seed)) to which the hash function received from the delivery customer device 200 has been applied N+M times and the decrypted hash received from the ordering customer device 300. You can compare the OTP value (h ^N (Seed)) where the function is applied N times.

Specifically, the autonomous delivery vehicle 400 additionally applies the hash function M times to the OTP value (h ^N (Seed)) to which the decrypted hash function received from the ordering customer device 300 has been applied N times. It is determined whether h ^M (h ^N (Seed)) generated in this way and the hash function received from the delivery customer device 200 match the OTP value (h ^{N + M} (Seed)) applied N + M times.

That is, in the user authentication-based unmanned delivery system according to this embodiment, the first QR code of the delivery person customer device 200 and the second QR code of the ordering customer device 300 are different, so a third party other than the delivery person or ordering customer Even if an intermediary intercepts the QR code, you will not be able to receive the delivery, and ultimately, hacking (man-in-the-middle attack) will not be possible, and since these QR codes are one-time and generated in a different form each time, there is also a risk of reusability and redundancy. does not exist.

Meanwhile, Figure 7 is a flowchart of a user authentication method performed in an unmanned delivery system based on user authentication according to an embodiment of the present invention. In Figure 7, the content that can be sufficiently inferred or overlapped with Figures 2 to 5 described above is Decided to omit it.

The user authentication method according to this embodiment includes a session key transmission step (S710), an OTP generation step (S720), a first application step (S730), a second application step (S760), and a first QR code generation step (S770). may include.

In the session key transmission step (S770), the server 100 generates a session key based on the order information received from the ordering customer device 300, and sends the generated session key to the delivery person customer device 200 and the ordering customer device 300. ) may be the step of transmitting to.

As described above, when the server 100 receives order information from the customer order device 300, it can randomly generate a session key based on the time included in the order information. Thereafter, the session key generated in this way can be transmitted to the delivery person customer device 200 and the order customer device 300, respectively.

The OTP generation step (S720) may be a step in which the delivery person customer device 200 generates an OTP (One-Time Password) based on the session key. The generation of this OTP can be performed by clicking the authentication button by the delivery person on the delivery person customer device 200.

And the first application step (S730) may be a step in which the delivery person customer device 200 applies a pre-stored hash function to the OTP generated in the OTP generation step (S720) a preset number of times.

At this time, the user authentication method according to this embodiment may further include a secret key generation step (S740) and a secret key transmission step (S750).

The secret key generation step (S740) is a step in which the delivery person customer device 200 generates a secret key by encrypting the OTP generated in the first application step (S730). The encrypted secret key is used in the first application step (S760). It can be generated by encrypting the generated OTP by applying a symmetric key encryption algorithm.

Afterwards, in the secret key transmission step (S750), the encrypted secret key generated in the secret key generation step (S740) can be transmitted to the ordering customer device 300 through the server 100.

Meanwhile, the second application step (S760) may be a step in which the delivery person customer device 200 additionally applies a hash function to the OTP generated in the first application step (S730) a preset number of times. Specifically, as described above, the hash function is additionally applied a preset number of times, M, to the OTP to which the hash function has been applied a preset number of times, N times.

And the first QR code generation step (S770) may be a step in which the delivery person customer device 200 generates a first QR code based on the OTP generated in the second application step (S760). The first QR code generated in this way can be recognized by the web camera of the self-driving delivery vehicle 400 in the first QR code recognition step (S780), and the self-driving delivery vehicle 400 in the first QR code recognition step (S780) ) The first QR code recognized can be used for user authentication.

Additionally, the user authentication method according to this embodiment may further include a second QR code generation step (S790) and a user authentication step (S820).

The second QR code generation step (S790) is a step in which the ordering customer device 300 decrypts the encrypted secret key using the session key received from the server 100 to generate a second QR code different from the first QR code. It can be. Specifically, the encrypted secret key includes the OTP generated in the first application step (S730). Therefore, the second QR code includes information about the OTP to which the hash function has been applied a preset number of times. On the other hand, since the first QR code includes the OTP generated in the second application step (S760), the first QR code and the second QR code may be generated in different code forms.

And after the second QR code generation step (S790), a second QR code recognition step (S800) is performed in which the second QR code output on the ordering customer device 300 is recognized by the web camera of the autonomous delivery vehicle 400. It can be.

Meanwhile, the user authentication step (S820) may be a step in which the self-driving delivery vehicle 400 recognizes the first QR code and the second QR code and determines whether they match. This user authentication step (S820) may include a third application step (S810).

The third application step (S810) is a step in which the autonomous delivery vehicle 400 additionally applies a hash function to the OTP generated in the first application step (S730) included in the second QR code a preset number of times.

After performing this third application step (S810), in the user authentication step (S820), the OTP generated in the third application step (S810) is compared with the OTP included in the first QR code to determine whether they match, If the original data included in the first and second QR codes are identical, the process of opening the door can be performed once the authentication is completed.

Through this, the user authentication method according to this embodiment is autonomous even if someone's QR code is intercepted in the middle because the first QR code of the delivery person customer device 200 and the second QR code of the order customer device 300 are different from each other. The driving delivery vehicle 400 cannot receive the goods being delivered. Additionally, in the case of QR codes, there is no risk of reusability or redundancy because a different QR code is generated each time as a one-time use. In addition, data that guarantees reliability can be delivered by exchanging data through the secure channel server 100, and the delivery person or ordering customer only needs to recognize the QR code on the web camera of the self-driving delivery vehicle 400, so it can be easily and conveniently processed. It has the advantage of being able to store or receive delivered goods.

The user authentication method for unmanned delivery of the present invention can be implemented in the form of program instructions that can be executed through various computer components and recorded on a computer-readable recording medium. The computer-readable recording medium may include program instructions, data files, data structures, etc., singly or in combination.

The program instructions recorded on the computer-readable recording medium may be those specifically designed and configured for the present invention, or may be known and usable by those skilled in the computer software field.

Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks and magnetic tapes, optical recording media such as CD-ROMs and DVDs, and magneto-optical media such as flOTPical disks. media), and hardware devices specifically configured to store and perform program instructions, such as ROM, RAM, flash memory, etc.

Examples of program instructions include not only machine language code such as that created by a compiler, but also high-level language code that can be executed by a computer using an interpreter or the like. The hardware device may be configured to operate as one or more software modules to perform processing according to the invention and vice versa.

Although various embodiments of the present invention have been shown and described above, the present invention is not limited to the specific embodiments described above, and may be used in the technical field to which the invention pertains without departing from the gist of the invention as claimed in the claims. Of course, various modifications can be made by those skilled in the art, and these modifications should not be understood individually from the technical idea or perspective of the present invention.

100: Server 200: Order customer device
300: Delivery person customer device 400: Self-driving delivery vehicle

Claims (11)

In the user authentication method performed in an unmanned delivery system including a server, order customer device, delivery person customer device, and autonomous delivery vehicle,
A session key transmission step in which the server generates a session key based on order information received from the ordering customer device and transmits the generated session key to the delivery person customer device and the ordering customer device;
An OTP generation step in which the delivery person customer device generates an OTP (One-Time Password) based on the session key;
A first application step in which the delivery person customer device applies a hash function to the OTP a preset number of times;
A second application step in which the delivery person customer device additionally applies the OTP generated in the first application step to a hash function a preset number of times;
A first QR code generation step in which the delivery person customer device generates a first QR code based on the OTP generated in the second application step,
Recognizing, by the delivery person customer device, the generated first QR code to the self-driving delivery vehicle;
A second QR code generation step in which the ordering customer device generates a second QR code different from the first QR code based on the session key; and
A user authentication method further comprising the step of autonomously driving the self-driving delivery vehicle to a destination based on destination coordinates included in the first QR code.
In paragraph 1
A secret key generation step in which the delivery person customer device encrypts the OTP generated in the first application step to generate a secret key; and
A user authentication method further comprising a secret key transmission step in which the delivery person customer device transmits the generated secret key to the ordering customer device through the server.
According to paragraph 2,
In the second QR code generation step,
A user authentication method characterized in that the ordering customer device decrypts the encrypted secret key using the session key to generate the second QR code.
According to paragraph 3,
A user authentication method further comprising a user authentication step in which the self-driving delivery vehicle recognizes the first QR code and the second QR code and determines whether they match.
According to paragraph 4,
The user authentication step is,
A third application step in which the self-driving delivery vehicle additionally applies the OTP generated in the first application step and included in the second QR code to the hash function a preset number of times; and
A user authentication method comprising comparing the OTP generated in the third application step and the OTP included in the first QR code to determine whether they match.
In an unmanned delivery system based on user authentication that includes a server, order customer device, delivery person customer device, and self-driving delivery vehicle,
A server that generates a session key based on the order information received from the ordering customer device and transmits the generated session key to the ordering customer device and the delivery person customer device;
a delivery customer device that generates a first QR code based on the session key and recognizes the generated first QR code in the autonomous delivery vehicle;
an ordering customer device that generates a second QR code different from the first QR code based on the session key; and
User authentication including a self-driving delivery vehicle that autonomously drives to a destination based on the destination coordinates included in the first QR code, recognizes the second QR code from the ordering customer device, and opens the door when user authentication is completed. based unmanned delivery system.
According to clause 6,
The delivery person customer device is,
Generate an OTP (One-Time Password) based on the session key, apply a hash function to the OTP N times, generate a secret key that encrypts the OTP to which the hash function has been applied N times, and place the order through the server. A user authentication-based unmanned delivery system characterized by transmission to customer devices.
In clause 7,
The delivery person customer device is,
Unmanned delivery based on user authentication, characterized by additionally applying the hash function M times to an OTP to which the hash function has been applied N times, and generating the first QR code based on the OTP to which the hash function has been additionally applied M times. system.
According to clause 8,
The order customer device is,
An unmanned delivery system based on user authentication, characterized in that the second QR code is generated by decrypting the encrypted secret key using the session key.
According to clause 9,
The self-driving delivery vehicle,
An unmanned delivery system based on user authentication, characterized in that user authentication is performed by determining whether the first QR code and the second QR code match.
According to clause 10,
The self-driving delivery vehicle,
The hash function is additionally applied M times to the OTP included in the second QR code, to which the hash function has been applied N times,
An unmanned delivery system based on user authentication, characterized in that it compares the OTP to which the hash function is additionally applied M times and the OTP included in the first QR code to determine whether they match.

Images