TWI638081B - Remote control electronic lock system and encrypting/decrypting method - Google Patents

Abstract

The present invention provides an electronic lock system including an electronic lock having a wireless receiving unit for wirelessly receiving an unlock signal, a storage unit for storing an unlocking identification code, and a processing unit including an identification module and a a timing module, and an actuation signal generating module; an unlocking actuator; and a setting input port. The invention also provides an encryption and decryption method that can be set by a user. By the electronic lock system and the password encryption and decryption method of the invention, a hidden multi-function remote electronic lock can be obtained by the user to construct an unlock password, which can provide an electronic lock which is safe and suitable for various purposes and applications, and can be used by itself. Set different levels of security, not limited by the manufacturer, and the controller can be reset by itself, and there will be no leakage or beating.

Description

Remote control electronic lock system and encryption and decryption method thereof

The present invention relates to an electronic lock system, and more particularly to a remote control electronic lock system with high security and user self-built system and a method for encrypting and decrypting the same.

With the advancement of technology, electronic locks have become more and more popular. For the sake of security, the password unlocking method of the electronic lock is also more diverse and complicated.

The common electronic locks on the market have electronic locks similar to key telephones. By inputting a set of passwords on the keys in turn, if the password is the same as the internal preset password, the mechanical switch is controlled to unlock. There is also an electronic lock that uses induction, but you need to carry an extra magnetic card when you go out, and the magnetic card is easy to copy. Furthermore, in the case of a safe, although the password can be set by the user, the input device is exposed, and the thief is easily destroyed by the outside, and the setting of the password is artificially determined and easily hacked. Taking the proximity inductive electronic door lock as an example, the sensor must also be exposed outside the door, which is easily damaged by the outside by the thief, and the proximity card is easily copied.

Moreover, the current electronic door lock can basically set a password, and the password is stored in a non-volatile storage device in the lock body, hereinafter referred to as a fixed password; each time the lock is unlocked, the password is entered, the entered password is stored in the non-volatile The passwords in the sexual storage device are compared and unlocked when they match. This approach makes it easy to see the password from the input interface and is inconvenient for casual users. If the user is not in the lock, the temporary user needs to open the door lock, the user needs to inform the temporary user of the fixed password; after the temporary user is used, the user generally needs to change the password in time, otherwise the password is easily leaked, so the scope of application is not large.

In order to solve this problem, in the prior art, there is a method of authorizing a temporary user through a mobile phone APP. The drawback of this method is that it requires a complete authorization solution for the door lock. At present, most of the products are designed to make the door lock networked, and realize the control of the lock through the network, which increases the cost on the one hand and brings security on the other hand. Hidden troubles; on the other hand, temporary users are required to use the mobile phone with the APP installed. The mobile phone also needs to receive authorization information on the network. For users who cannot install APP or do not install the corresponding APP, and users whose network environment is not very good, this kind of The method is powerless.

Another method is a dynamic password lock system whose password changes with date or time as proposed by the patent number CN102168509 B, but when the password is changed with the date or time, the password lock manager inputs the fixed password F and the date D. To calculate the password, this means that the password is related to the date, and the password can be used within one day of the same date. The passwords of different dates are dynamically changed; the user cannot set the time period, and cannot set the number of uses, different dates. A different password is required to unlock the lock, which is inconvenient to use.

In view of the above-mentioned prior art and problems, it is an object of the present invention to provide a concealed multi-function remote electronic lock that is constructed by the user to unlock the password. In particular, the first object is to provide a self-built remote control electronic lock system in which a user can generate a password in a random manner to set a password for an electronic lock without using a password, and can change the original password when the user needs it. .

It is a further object of the present invention to provide a high security electronic lock, which can have multiple sets of unlock codes, and needs to be identified within a certain time, and can change the number of unlocking code groups and the identification time setting, and can provide multiple levels of security. Sexual settings for multiple functions.

It is still a further object of the present invention to provide an electronic lock system that can be separately authorized to unlock, so that a plurality of second-order personnel can be unlocked at the same time, and an electronic lock system that can record the unlocker is provided.

It is still another object of the present invention to provide a novel power shortage warning device that enables the electronic lock to retain the minimum power to provide an unlocking function and to remind the user to replace the battery power.

Still another object of the present invention is to provide an electronic lock system capable of preventing thieves from recording and simultaneously unlocking multiple unlocking controllers, and providing an unlocking code encryption and decryption method

In order to achieve the above object, the present invention provides an electronic lock system including an electronic lock, and the electronic lock has: a wireless receiving unit for wirelessly receiving an unlock signal; and a storage unit for storing at least two sets of unlocking identification codes a processing unit, comprising: an identification module for receiving the unlocking signal, and comparing the at least two sets of unlocking identification codes; and an actuating signal generating module for comparing the at least When two sets of corresponding identification codes are sent, an actuation signal is sent to the unlocking actuator; an unlocking actuator is used for unlocking when the actuation signal is received; and a setting input is provided for the user to The at least two sets of unlocking identification codes are variably set, and at least one of the at least two sets of unlocking identification codes is a random number generated by a user operation.

With the above technology, the user can construct the password by himself, and when the unlock controller is lost, the user can re-program the unlocking identifier of the electronic lock and enter the new electronic lock and unlock controller via the setting input. Unlock the identification code setting without replacing the entire set of electronic locks, just add the unlock controller, and don't worry about the lost unlocking controller being unlocked.

In addition, in order to achieve the above object, the electronic lock further includes a timing module for starting timing after receiving the unlocking signal, and the actuation signal generating module compares the at least two groups of phases in a specific time. The actuation signal is sent when the identification code is corresponding. In this way, it will be possible to prevent the thief from using the frequency sweeping method to solve the unlocking password.

In addition, in order to achieve the above object, the processing unit of the electronic lock system of the present invention further has a security level setting module for changing the length of the specific time or the number of unlocking identification codes to be recognized by the identification module. . In this way, each user can change the security level by changing the number of identification groups or the receiving time limit according to the needs of the installation situation, and by adding the identification code in a random manner, it can provide a suitable use. A variety of multi-function electronic locks that are actually installed or secured.

Moreover, in order to achieve the above object, the present invention provides an electronic lock system in which a set of unlocking identification codes is a specific unlocking controller identification code for identifying at least one unlocking controller. Thereby, in addition to increasing safety, a specific unlockable user can be recorded.

In addition, in order to achieve the above object, the present invention provides an electronic lock system, wherein one of the at least two unlocking identification codes is a power replacement confirmation code, and wherein the electronic lock further includes a power warning module for When the power has a certain value remaining, the sleep mode is entered and the unlock signal is stopped, and when the sleep mode is entered, the sleep is stopped only when the power exchange confirmation code is received.

In addition, in order to achieve the above object, the present invention provides an electronic lock system, wherein the storage unit stores a keystore, the keystore includes at least one key; and the unlock signal received by the wireless receiving unit includes a base number and a An encryption unlocking code obtained by encrypting a set of unlock codes by at least one of the keys; and the processing unit further includes a decryption module, configured to use the key to extract from the encrypted unlocking code received At least one of the cardinality and the set of unlock codes is provided for comparison with one of the sets of unlocking identifiers.

In addition, in order to achieve the above object, the present invention provides an electronic lock system, wherein the processing unit further includes a cardinality comparison module, and the base is a count, and the base is stored every time the base is decrypted, and the base is The previous stored base number is compared, and the decryption can be achieved when the difference is within a certain range. The electronic lock is further configured to store a counting library recorded with a plurality of counts corresponding to the majority of the unlocking controllers, and the unlocking signal received by the wireless receiving unit includes a controller identification code corresponding to each unlocking controller. And the base number decrypted by the cardinality comparison module is compared with the existing count corresponding to the received controller identification code. Thereby, it is possible to prevent the encrypted unlock code from being recorded side by side and to recognize different unlocking controllers.

In addition, in order to achieve the above object, the electronic lock system of the present invention further includes an unlocking controller having a storage unit for storing at least one of the at least two sets of unlocking identification codes; and an emission control unit, And transmitting an unlocking signal containing at least one of the at least two sets of unlocking identification codes to the electronic lock during the specific time. Thereby, the unlocking code can be unlocked by one person alone or the two unlocking codes can be respectively authorized to be transmitted by the two unlocking controllers, and can be unlocked when the two unlocking controllers are simultaneously operated.

Moreover, the unlocking controller has a power replacement confirmation module for issuing a power replacement confirmation code when being operated. Therefore, if the user still insists on not replacing the battery when the power is insufficient, the complicated operation is required every time the unlocking is performed until the power is completely lost.

In addition, in order to achieve the above object, the present invention further provides a password encryption and decryption method, the password is stored in a storage unit, and the storage unit further stores a key database, the key database contains at least one key; the method includes Retrieving a dynamic base for each encryption request; extracting the at least one key to encrypt the base, and generating an encrypted base digital for transmission; and, according to at least one of the at least one key and the base Generating a dynamic key, encrypting the password with the dynamic key, and generating an encrypted password for transmission. The password decryption method is applied in a device, the device has a storage unit for storing a key database, and the key database contains at least one key; the method comprises: receiving an encrypted dynamic base digital number obtained by encrypting a dynamic base number And encrypting and encrypting a password; extracting the at least one key, decrypting the encrypted dynamic base digital to obtain the base; and decrypting at least one of the base and the at least one key Generating a dynamic key; and, using the dynamic key, decrypting the encrypted password to obtain the password.

In summary, according to the above various aspects of the present invention, since both the lock and the antenna can be installed inside the door, even in the door panel, and the external unlocking effective distance is more than 10 m, the internal unlocking effective distance is 50 m or more, so that it can be provided that the door can not be seen outside. The electronic lock system can achieve the above various purposes by going to any lock position fittings and the like to avoid being damaged. In particular, the user can set a very secure unlock code by himself, and can set different levels of security by himself, without the manufacturer's specification at the factory, there will be no leakage of password information, and there will be no problem. You must remember the unlock code and have the problem of forgetting or leaking the password. Moreover, the electronic lock disclosed in the present invention can be remotely unlocked without using a wireless network architecture, and there is no security problem of the network hacker. Moreover, one of the identification codes can be set as the controller code, which can store different personnel to open the record, and can perform subrogation authorization unlock management. Therefore, the electronic lock disclosed in the present invention can provide a hidden multi-function electronic lock that is constructed by the user to unlock the password, and can provide an electronic lock that is safe and suitable for various purposes and applications in a simple architecture.

Hereinafter, the components and the efficacies of the electronic lock system disclosed in the present invention will be clearly and completely described in conjunction with the preferred embodiments of the drawings. However, the described embodiments are a part of the embodiments of the invention, and not all of the embodiments. The elements in the various figures are only used to illustrate the technical features of the present invention and are not intended to limit the invention.

The electronic lock system according to the first embodiment of the present invention comprises an electronic lock 100 and an unlocking controller 200. Since the electronic lock itself can also be a system, the electronic lock system can also be referred to as only an electronic lock. 100 itself.

As shown in FIG. 1 , the electronic lock 100 disclosed in this embodiment mainly includes: a wireless receiving unit 110, a storage unit 120, a processing unit 130, an unlocking actuator 140, and a setting input port 150. In a preferred embodiment, the electronic lock 00 further includes a position sensor 160 and a power warning unit 170. The wireless receiving unit 110 is configured to receive an unlocking signal wirelessly. The storage unit 120 is configured to store at least two sets of unlocking identification codes; the power of the components may be from a battery that is not displayed, or a home power line. The unlocking signal may be a wireless signal including various unlocking codes UC, for example, may include a signal type code, a control code, or an identification code IP, etc., and may be in the form of a fixed code, a rolling code, or a password, etc.; The code IP may be an electronic lock identification code RXID, an unlocking controller identification code TXID, or a group code GID.

The processing unit 130 mainly includes: an identification module 132, configured to identify whether the received unlocking signal meets the at least two sets of unlocking identification codes IP; a timing module 134 for timing the time of identifying the received unlocking signal; And an actuation signal generating module 136, configured to send an actuation signal to the unlocking actuator 140 to unlock when the unlocking signal matching the at least two sets of unlocking identification codes IP is recognized within a specific time period. In a preferred embodiment, the processing unit 130 further includes a security level setting module 135 for changing the length of the specific time or the number of unlocking identification codes to be recognized by the identification module, so that the user can respond The password level you want for the security level you want.

The unlocking actuator 140 is configured to retract the lock tongue or unlock the lock when the actuation signal is received, and unlock the lock. Of course, it can also be designed to be controlled to be locked when receiving the actuation signal, which may be determined according to whether the control code entrained in the received unlock signal is a lock or unlock command. Therefore, the so-called unlocking or unlocking is merely a representative term, and may actually include locking/unlocking, or various opening actions and the like. The setting input port 150 is configured for the user to input the at least two sets of unlocking identification codes IP, and the at least two sets of unlocking identification codes are generated by the user in a random manner, and can be changed by the user, and the It is a wired input or a wireless input. The position sensor 160 is configured to sense that the electronic lock has returned to the closed position, or the locking tongue has returned to the position of the tongue, and the locking tongue is automatically extended and locked.

The power warning unit 170 is configured to enter the sleep mode to stop receiving the unlock signal when the power has a certain value remaining, and when entering the sleep mode, only when receiving the power replacement confirmation code PC from the unlock controller 200, The sleep is stopped and the unlock signal is received.

As shown in FIG. 2, the unlocking controller 200 of the present embodiment mainly includes: a wireless transmitting unit 210, a storage unit 220, a control unit 230, an operation interface 240, and a setting output/input 250; The control unit 230 includes a power replacement confirmation module 232. The power to these components comes from a battery that is not shown.

The storage unit 220 is configured to store at least one of at least two sets of unlock identification codes IP corresponding to the electronic lock 100. The control unit 230 and the wireless transmitting unit 210 are collectively referred to as an emission control unit for transmitting a set of unlock codes UC containing at least one of the at least two sets of unlocking identification codes IP to the electronic lock 100 during the specific time. The operation interface 240 is used for the user to input an unlocking action. The output/input port 250 is set for the user to input or output various set unlock codes UC, and the various unlock codes UC are stored in the storage unit. The power replacement confirmation module 232 is configured to provide a multi-layer control mechanism for the user to have a set of procedures and reminders when the power of the electronic lock 100 is insufficient, and issue a power replacement confirmation code PC to temporarily cancel the sleep of the electronic lock 100. The state, the details of which are described later.

Hereinafter, the details of the electronic lock 100 disclosed in the embodiment will be further described. First, the unlocking action will be explained. The identification module 132 is configured to process at least five sets of unlocking codes UC. The identification module 132 can continuously and simultaneously determine a set of unlocking codes UC, and according to the setting of the security level setting module 138, control how many groups of unlocking are to be determined. code. Each set of unlocking codes UC may include an electronic lock identification code RXID or an unlocking controller identification code TXID, and various motion control codes and the like. When the electronic lock 100 receives a wireless RF unlock signal from the unlock controller 200 via the wireless receiving unit 110, it is recognized by the identification module 132. At this time, the identification module 132 may send a timing signal to the timing module 134 when receiving the unlocking signal, or may send a timing signal to the timing module 134 after identifying the first group of unlocking identification codes. Timing, the timing module 134 issues a timeout signal after a set time after the start of the timer. After the identification module 132 recognizes the correct unlock identification code of the set number of groups, an identification pass signal is transmitted to the actuation signal generation module 136. At this time, the actuation signal generation module 136 refers to the signal from the timing module 134. If the timeout signal is received when the identification pass signal is received, the actuation signal is not sent; if the timeout has not been received yet The signal can then send an actuation signal to the unlock actuator 140 to unlock it.

Next, explain the security level setting. In the above case, the user can set the number of unlocking identification codes that he wants to set and the recognition time limit of the number of the groups to set different levels of security. Of course, the setting of the unlocking identification code IP is also required, that is, when the user initially sets the unlocking identification code IP, it is determined how many sets of unlocking codes UC are to be unlocked, and it is understood that the unlocking codes UC are recognized. The module 132 identifies the time required to perform the setting of the security level setting module 135. By designing the identification within a certain period of time, it will prevent the thief from cracking the unlocking code UC by scanning code, because the scanning code takes a longer time. With the changeable setting of the security level, the coding rules of the electronic lock 100 will be more changed, and the functions that can be applied are more changed, and it is more difficult for the thief to guess the password.

For example, depending on the security, it can be divided into the following levels, and the user can set the medium/high security lock according to the application requirements. For example, low security: use a set of unlock codes; medium security: use two sets of unlock codes; high security: need to receive (within 1 second) two sets of unlock codes or identify two sets of unlock codes Unlocked; ultra-high security (treasury level): you need to receive (within 1 second) three sets of unlock codes or identify two sets of unlock identification codes to unlock.

As for the setting of the unlocking identification code, especially when setting the electronic lock identification code RXID or the group code GID, in a preferred embodiment, the user uses a computer and the code setting application installed therein to make the computer randomly coded. The mode sets the unlock identification code IP. Then, the unlock identification code IP is stored in the storage unit 120 of the electronic lock 100 through the setting input port 150. At the same time, the unlocking identification code IP is also stored in the storage unit 220 of the unlocking controller 200 through the setting output/input 250 of the unlocking controller 200. In a modified example, the setting of the unlocking identification code IP may also be performed by the user from an unlocking controller loaded with an unlocking identification code setting module (not shown), and then the user unlocks the controller. The unlock identification code IP is output to the electronic lock 100 via the setting output port 250 and the setting input port 150. In this way, by setting the random number of random codes to, for example, 16 bits, it is possible to generate up to more than 65,000 sets of unlocking identification codes, and when higher security is required, the unlocking identification code can be set to 64. One bit. Wherein, both the electronic lock 100 and the unlocking controller 200 are input with the same pairing unlocking identification code IP, and the user does not have to remember the unlocking code, so there is no problem of forgetting the password or being stolen because of the record. A set of unlock codes is quite complicated. When two or more sets of unlock codes are used and they are decrypted within a certain time, it is even more difficult to steal.

Moreover, since the unlocking identification code IP is set by the user, the electronic lock 100 and the unlocking controller 200 will not be limited by the electronic lock manufacturer's code pairing. When the unlocking controller 200 is inadvertently lost, the user only needs to purchase an unlocking controller 200 for resetting, and re-write the new unlocking identification code IP into the electronic lock and the unlocking controller without replacing the entire set of electronic components. Lock system. Moreover, since there is no button at all on the electronic lock, it is not known that the password is set and unlocked by the button on the electronic lock, there will be no trace of the residual unlock button, and the position of the electronic lock will not be visible outside the door. There is no easy situation to be destroyed.

Also, in the present embodiment, unlocking is performed using two sets of unlock codes. In a variant, one set of unlock codes may include an identification code of the unlock controller 200 itself for identification. That is, when an unlock controller 200 is used to unlock more than two electronic locks 100, or more than two unlock controllers 200 are used to unlock an electronic lock 100, the two electronic locks 100 can be scheduled to receive One of the two sets of unlocking codes is set to include the identification code TXID of the unlocking controller 200. At this time, the unlocking controller identification code TXID may be a serial number and/or a name designated by the user, or may be It is generated in a random manner and recorded for use in pairing of multiple electronic locks 100. In this way, the corresponding identification code of another set of individual electronic locks or shared electronic locks can be transmitted together according to the selection, and the authorized electronic lock can be opened. Therefore, by setting one of the unlock identification codes IP to be recognized by the electronic lock 100, the unlocking controller identification code TXID is set, except that one unlocking controller 200 can be used to open multiple electronic locks, or multiple unlocking controllers can be used. 200 to open an electronic lock, or many to many, you can also use the electronic lock 100 to record each unlocking controller 200 that has been unlocked, for example, ten times, or more than a thousand times, will be further used as management and For supervision purposes.

Further, in another modification, three or more sets of unlocking identification codes IP may be set, and two sets of unlocking identification codes IP may be associated with the two unlocking controller identification codes TXID. In this way, it can be set to require two users who store different unlocking controllers 200 to be present at the same time to be opened. That is, each unlocking controller 200 includes a separate unlocking controller identification code TXID, and a common set of electronic lock identification codes RXID. Similarly, in another modification, the two sets of identification codes IP may be stored only in the electronic lock 100, and the two sets of identification codes IP are set to be the unlocking controller identification codes TXID of the two unlocking controllers 200, That is, each unlocking controller 200 is configured to transmit one of the unlocking identification codes IP, so that the electronic lock 100 needs to be unlocked when the two unlocking controllers 200 are simultaneously unlocked.

Therefore, in still another modification, the electronic lock 100 can also be set to require four sets of unlock identification codes IP, wherein two sets of two unlocking controller identification codes TXID, two sets of unlocking identification codes RXID related to the electronic locks, respectively It is sent by the two unlock controllers 200. In this way, when different people maintain different unlocking controllers 200, a more rigorous unlocking mechanism can be provided. Moreover, contrary to the above unlockable situation, when one of the unlocking identification codes IP is set as the unlocking controller identification code TXID, by deleting the unlocking controller identification code TXID, for example, it is prohibited to be stolen or stolen. The unlocking controller 200 performs an unlocking operation, that is, an unlocking controller that is not unlockable.

Therefore, in combination with various application examples, the present invention sets the electronic lock 100 in the disclosed electronic lock system to be capable of recognizing at least two sets of unlock identification codes, and sets the unlock controller 200 to transmit the at least two sets of unlock identification. At least one of the codes will achieve a variety of different applications and functions.

Hereinafter, the details of the operation of the power alert unit 170 will be further described. In this embodiment, when the battery is used as the power source of the electronic lock 100, the power warning unit 170 performs battery power monitoring, and when the power is 15% remaining, an LED light (not shown) is turned on red. And/or a buzzer (not shown) is called every 1 hour. When the power is 5% remaining, the electronic lock 100 is stopped from receiving the unlock signal, and the unlocking action goes to sleep. At this time, even if the unlocking controller 200 issues a correct unlocking signal, the electronic lock 100 will not unlock. The user must first replace the battery module 透过 through the power replacement confirmation module 232 of the unlock controller 200, for example, in the power shortage item in the setting item of the unlocking controller 200, and let the unlock controller 200 emit a power. After the confirmation code PC is replaced, the electronic lock 100 can temporarily release the sleep state to receive the unlock code UC, and perform a normal recognition process on the unlock signal. After that, if the user still does not change the battery after unlocking, the electronic lock 100 will continue to enter the sleep state, so that when the unlocking controller 200 is to be unlocked again, a complicated clicking action is still required to prompt the user to replace the battery until The battery is really dead.

In summary, the electronic lock disclosed in the present invention can provide a hidden multi-function electronic lock that is constructed by the user to unlock the password, and can provide an electronic lock that is safe and suitable for various purposes and applications in a simple architecture.

Moreover, in the present embodiment, the unlocking controller 200 transmits the unlocking code UC in an RF manner, and does not need to be performed through the Internet, thereby reducing maintenance costs and avoiding network hacking attacks. As for the mode of transmission, it may be a well-known way of directly transmitting the unlocking code of each element of the unlocking code, a method of rolling the unlocking code, or an encrypted transmission mode, and then decoding by the identification module of the electronic lock 100. Decryption and identification. Regarding the encryption transmission mode, a second embodiment will be further described with the composition of the first embodiment, and a secure encryption code transmission and decoding mode will be described. According to the electronic lock system disclosed in the second embodiment of the present invention, most of the components of the electronic lock and the unlocking controller are the same as those of the first embodiment, and the same components and reference numerals are used for the description, and the description of the same components is briefly made. □

As shown in FIG. 3, in the embodiment, the control unit 230 of the unlocking controller 200 further has a cardinality generating module 234, an encryption module 236, and a control time defining module 238, and the storage unit 220 is The stored electronic lock identification code RXID is stored as a unlock identification code IP, and also stores a key database containing at least one cryptographic key. A key may be a key such as 64 bits, which may be generated by random numbers. Devices (not shown) are randomly generated, and the number of keys may vary depending on the application requirements of the entire system, and may be up to, for example, 100. In this embodiment, the keys are set in the unlocking controller 200 at the time of shipment, but in a variant embodiment, the user may also generate the number in a random manner through a computer program, and then the user sets the key. Good key inputs are entered into the unlock controller 200. In a further variant embodiment, the storage unit 220 also stores an unlocking controller identification code TXID representing the unlocking controller itself for use as an unlocking unlocking controller 200.

The cardinality generation module 234 is configured to generate a dynamic base or a secret base, which may be a random number or a count for counting. When the cardinality generation module 234 is implemented by a counter, that is, each time the unlocking controller 200 issues an unlock code UC containing the cardinality and the unlocking identification code IP, the counter is accumulated by a specific value of, for example, 1 and stored. Value for subsequent delivery. The encryption module 236 includes a first encryption sub-module, a second encryption sub-module, and a decision sub-module (not shown). Used to encrypt at least the unlock identification code IP. The control time limiting module 238 is used to define the time at which the unlocking controller 200 can perform unlocking control.

Hereinafter, an encryption method in which the unlock controller 200 transmits the unlock code UC will be described with reference to FIG. First, the cardinality generation module 234 generates a base X; then the control unit 230 determines to obtain a first key in the key pool of the storage unit as the initial key K0, for example, the first of the 100 keys. Then, the key encryption key ENSD is generated by the first encryption sub-module (not shown) in the encryption module 236 by using the key K0 and the base X. Then, according to the encryption base number ENSD, a second key to be selected in the key pool of the storage unit 220 is determined via a determination submodule (not shown) in the encryption module 236, for example, the 33rd. Keys, as the dynamic encryption key KE. The first encryption sub-module and the determination sub-module may be a hardware structure or a software program.

In a variant embodiment, the second key or the dynamic encryption key to be determined by the determining sub-module at this time may also be generated by the program according to the base X and the initial key K0, or separately according to the base X. Not generated based on the encryption base digital ENSD. In short, it can be generated directly or indirectly from the base X.

In another variant embodiment, 100 keys are not stored in the key repository, and the decision module is not used to determine which key to select from the keystore as the second key or dynamic encryption. The key KE directly generates the second key or the dynamic encryption key KE directly by the base X and the initial key K0, or by the base X alone. In this way, it is not necessary to store a large number of keys in the unlock controller 200.

In still another modification, the dynamic encryption key KE may also be randomly generated in random numbers, and is not necessarily generated by the base X re-transmission program. When encrypting, the cardinality X and the dynamic encryption key KE can be distinguished into a good bit position, and the encrypted base digital ENSD is encrypted together through the initial key K0 and the encryption program. When decrypting, according to the position of the bit, the cardinality X is taken out, and the dynamic encryption key KE is taken out by the remaining part.

In still another modified embodiment, before determining the dynamic encryption key KE, the initial key K0 and the base X may be used to generate at least one intermediate key, and then the at least one intermediate key is used. The dynamic encryption key KE is generated, that is, a multi-level intermediate key is generated to increase the encryption complexity. In detail, for example, after the second key is generated according to the initial key K0 and the base X, a third key is generated according to the second key and the base X; and then, according to the third key and the base X, through the decision module, generates a fourth key as the dynamic encryption key KE; and so on, wherein the second and third keys are intermediate keys.

It can be seen from the various modified embodiments that the dynamic encryption key KE can be generated in many different ways, and the encryption base digital ENSD can also contain only the base X component, or the cover base number X and the dynamic encryption key KE are encrypted together, as long as There is a corresponding design fit between the electronic lock 100 and the unlocking controller 200.

Then, after the dynamic encryption key KE is generated, the dynamic encryption key KE and the set unlock identification code IP stored in the storage unit 220 are transmitted through one of the second encryption submodules of the encryption module 236. A group (not shown) produces a set of encrypted unlock codes ENFD. Thereafter, the control unit 230 can send the encrypted base digital ENSD and the encrypted unlock code ENFD to the wireless transmitting unit 210, and transmit an unlocking signal to the electronic lock for receiving. The second encryption sub-module may be a hardware structure or a software program.

In a further modified embodiment, as described above, the storage unit 220 also stores an unlocking controller identification code TXID representing the unlocking controller itself. The code may be an identification code similar to a key level, or may be only A serial number; it can be user-customized, or the key that is encoded at the time of shipment, and the serial number is given for selection. While transmitting the encrypted base digital ENSD and the encrypted unlocking code ENFD, the controller identification code can also be issued at the same time after being encrypted or unencrypted for unlocking identification of various applications. In the modified embodiment, an encryption controller identification code ENTX is generated according to the controller identification code TXID and one of the initial keys K0 in the key pool via the encryption module 236. In another modification, when the controller identification code TXID itself is also a key, the encryption controller identification code ENTX may also be generated via the encryption module 236 according to the controller identification code TXID and the base number X. Further, in another modification, the controller identification code may be directly transmitted along with the encryption base number ENSD and the encryption unlock code ENFD without encryption.

Also, in a variant embodiment, the unlocking controller 200 can have a sub-master unlocking controller by storing a plurality of unlocking controller identification codes in the unlocking controller. When the electronic lock 100 can be remotely controlled by the newly added sub-lock controller 200, or when the unlock controller 200 is lost and the sub-lock controller 200 is to be added, the newly added sub-lock controller 200 can only At least one of the unlocking controller identification codes is obtained in the female unlocking controller, and only one unlocking controller identification code obtained from the female unlocking controller is used, and can not be divided into other sub-unlocking controllers. After the identification codes in the mother unlock controller are used, they can no longer be reused. This has the advantage of controlling the number of unlocking controllers relative to the electronic locks. The quantity and identification code are stored in the mother unlocking controller. The female unlocking controller can send one of the set majority identification codes to the sub-locking controller, but the sub-unlocking controller can no longer be copied to other sub-unlocking controllers. Thereby, it is used to facilitate the setting of the control password, the identification setting of the electronic lock, and the regulation of the unlocking controller.

Also, in a variant, the sub-unlocking controller is set to have as many unlocking controller identification codes TXID as the female unlocking controller, but is limited to be copied to other sub-unlocking controllers. In this example, the unlocking controller identification code TXID can be just a serial number or a different key, which can be programmed by the user or set at the time of shipment.

Moreover, when the parental unlocking controller authorizes the control to the child unlocking controller, the control time limiting module 238 can simultaneously set the time period for which each of the sublocking controllers is authorized to unlock. In an example with a limited authorization time, the preset number of controllers in the master unlock controller can be set to be used by the sub-lock controller, as long as the time is staggered. In this way, the application can be extended, for example, only open to a person holding the sub-locking controller to unlock at a certain time.

Moreover, there is only one key library stored in the unlocking controller, and each unlocking controller has a plurality of serial numbers, and the encryption method is used as an unlocking controller identification code TXID for selecting or limiting the allocation. It can also be advanced as follows. In this variant embodiment, each key in the keystore may be set before the product leaves the factory, or may be set by the user, or generated by random numbers. Taking 20 keys as an example, the unlocking controller identification code TXID is numbered TX1~TX20, and there will be a shared initial key K0 and a dynamic encryption key K1-K20 for distribution to different sub-locking controllers, or Use for different electronic locks. And each unlocking controller identification code TXID is set to correspond to one of the keys in the key pool. It is conceivable that in a variant, the key library corresponding to each unlocking controller identification code may also be a separate key database, which is different from the key database for encryption.

As shown in FIG. 4, in this example, before starting the encryption, when the user initially sets an unlock controller, it is necessary to specify which serial number to use as the unlocking controller identification code TXID, for example, the second TX2. . When the signal is to be transmitted and the encryption is started, the selected serial number TX2 is first encrypted with an initial key K0 to generate an ENTX. Then, the base X is encrypted by using the key corresponding to the selected serial number, for example, K2, as the new initial key NK0, to generate an encrypted base number ENSD as described above. The subsequent encryption action can be encrypted with the new initial key or encrypted with the dynamic encryption key KE as described above. Compared with the foregoing embodiment, when the initial key K0 is uniformly set when the product is shipped from the factory, the key for encrypting the base X in the present modification is not the fixed K0 described above, but The new initial key NK0, which is changed according to the user's settings, has the advantage that the variability of the encryption key can be increased, and it is less likely to be decoded, and can be applied to the number of unlocking controllers.

Hereinafter, another aspect of the electronic lock 100 will be described. As shown in FIG. 5, the processing unit 130 of the electronic lock 100 of the present embodiment further has a decryption module 138. The decryption module 138 includes first and second decryption submodules that are set corresponding to the unlock controller 200. (not shown), and a decision sub-module (not shown). In addition to storing the set unlocking identification code for comparison, the storage unit 120 is also configured to store a same key database as the key database stored in the unlocking controller 200, that is, including multiple cryptographic keys. Each key can be a 64-bit key, and the number of keys can be arbitrarily set up to 100. However, in a variant embodiment, the keystore in the storage unit 120 does not store a key similar to the keystore in the unlock controller 200, but only stores the same protocol initial as the unlock controller 200. The key K0 can be.

Hereinafter, the decoding process of the electronic lock 100 will be described with reference to FIG. When the electronic lock 100 receives the transmission code ENSD and ENFD, the identification module 132 first determines which code is to determine how many codes to solve. Then, since the electronic lock 100 also stores a key database of, for example, 100 sets of keys, and the setting of the unlocking controller is also determined that the first key is the initial key K0, the electronic lock 100 receives the transmission. When the RF signal is received, the first decryption sub-module in the decryption module 138 is decrypted by the initial key K0, and the base generation module of the unlock controller 200 is deduced. The base X produced by 234. Then, the decrypted module X is passed through the decryption module 138, and has a decision sub-module (not shown) having the same logic design as the unlock controller 200, and determines a second key in the key library. The second key at this time is the same as the dynamic encryption key KE in the unlock controller 200. Therefore, the second key thus obtained is also referred to as a dynamic encryption key KE.

Also, as previously described, when the storage unit 120 stores the same keystore as the unlock controller 200, it is found by selecting the selected dynamic encryption key KE from the keystore. However, in a variant embodiment, when the keystore in the unlock controller 200 does not store a lot of keys, but is randomly generated according to the base X, the storage unit 120 of the electronic lock 100 does not need to be stored as much or The same key, as long as the decryption module 138 solves the base number X, in conjunction with the logic setting in the unlock controller 200, directly solves the dynamic encryption key KE. The decryption sub-module, the decision sub-module, and the like may also be a hardware structure or a software program.

Also, in another variant embodiment, when the unlock controller 200 is designed to have at least one intermediate key for encryption, the electronic lock 100 is also designed in the decryption module 138 to resolve the at least one intermediate key. That is, when at least one intermediate key is provided between the initial key K0 and the encryption key KE, the second key solved by the initial key K0 is an intermediate key, and at this time, the intermediate gold is further used. The key and the pre-base number X solve a third key as the dynamic encryption key KE. When there are two intermediate keys, and so on.

Then, the received encryption unlock code ENFD is decrypted by the second decryption sub-module (not shown) and the previously-dissolved dynamic encryption key KE to obtain the transmitted unlock code UC, and the decryption action is completed. . Then, the identification module 132 can determine whether the unlocking operation is performed by comparing the decrypted unlocking code UC with the unlocking identification code stored in the storage unit 120.

Moreover, in a modified embodiment, the processing unit 130 further includes a cardinality comparison module 139. Each time the cardinal number X is decrypted, the cardinal number X is stored, and the cardinal number X is compared with the previous stored base number. Decryption can be achieved when the difference is within a certain range of values, or not at the same time. In particular, when the unlocking controller 200 counts as the base X, the electronic lock 100 also stores the decrypted new cardinality, which can only be unlocked if the new cardinality matches the old cardinality or differs by a certain range of values. In this way, even if the wireless signal is recorded sideways, it cannot be reused, and the electronic lock 100 is not unlocked because it is being recorded. Especially when counting up to hundreds of thousands, it must take many years to repeat, which shows the advantage of counting as a base.

Moreover, in this embodiment, even if the decryption module 138 of the electronic lock 100 solves the count as a base, the dynamic encryption key KE is further solved by the base X, and the dynamic encryption key KE is further used. The encryption unlock code ENFD is decrypted to solve the unlock code UC, which is more difficult to be decoded by the thief.

In still another variant embodiment, when the electronic lock 100 is controlled by the majority of the unlocking controller 200 and the unlocking count is used as the base X, the storage unit 120 stores a record having a majority of the counts corresponding to the majority of the unlocking controllers. Counting library. In this embodiment, the electronic lock 100 receives the encrypted or unencrypted controller identification code ENTX or TXID at the same time when receiving the encrypted base digital ENSD and the encrypted unlocking code ENFD. When the electronic lock 100 recognizes which signal is issued by the unlocking controller 200, the controller identification code TXID is obtained, and the corresponding previously unlocked count is obtained as a basis for judging whether the counting meets the unlocking condition, and The newly received count is stored in the count library in a position corresponding to the unlock controller number. In this embodiment, up to 100 sets of counts can be stored depending on the size of the memory.

Moreover, in an advanced embodiment of this modification, when the electronic lock 100 obtains the TXID, in addition to finding a corresponding count, the electronic lock 100 can also find a modification of the unlocking controller 200 as described above. The new initial key NK0 in the middle, and then the received initial base key NK0 decrypts the received encrypted base number ENSD to obtain the base value X. In this example, the electronic lock 100 stores a same keystore as the keystore in the unlock controller 200, and causes each key in the keystore to have its own corresponding unlock controller identification code TXID. When the electronic lock 100 receives the encryption controller identification code ENTX, the shared initial key K0 is used to solve the selected serial number of the unlocking controller 200, for example, TX2, and then the key corresponding to TX2, for example, K2. As the new initial key NK0, it is used to decrypt the base X. Other subsequent decryption mechanisms after decrypting the base X are the same as those described in the previous embodiment and will not be repeated.

Moreover, in this second embodiment, the timing at which the timing module starts counting may be started when the decryption module 138 receives the unlock signal.

Moreover, in a preferred embodiment, the processing unit 130 of the electronic lock 100 also has a defense mechanism (not shown). That is, when the signal having the same base X is continuously received more than a certain number of times in a certain period of time, or when the base number X of a certain serial number is continuously erroneously more than a certain number of times, for example, 30 times or more, the electronic lock 100 will sleep for one hour. To burglary by the anti-theft thief. Moreover, it can be further set that once the legal unlocking controller 200 is to be unlocked, the unlocking controller 200 must first issue an identity confirmation signal to wake up to cancel the sleep, and then it is not restricted to sleep for 1 hour and cannot be unlocked. The identification signal of the time is also preferably encrypted by, for example, a specific key agreed upon by both parties.

In addition, before the unlocking controller 200 transmits the encrypted base digital ENSD and the encrypted unlocking code ENFD, it may also check the decoding mode of the electronic lock 100 to confirm that the two codes ENSD and ENFD are indeed unlocked. The code corresponds.

Further, the above embodiment illustrates the encryption method in the case of setting a two-layer key. In a variant embodiment, the encryption method may not be configured with a layer 2 key as described above, but may be a layer of a key. That is, only one key is stored in the key database, and the base and the unlock identification code IP are encrypted by using one key. In particular, when the unlocking controller identification code TXID itself is in the form of a key, and is set by the user or randomly set, and the pairing status with the electronic lock is simple, the identification code TXID can be directly used as the base number. The X and the unlock identification code IP are respectively encrypted or decrypted together to form a simple encryption method.

According to the above encryption method, when a set of unlock codes UC is transmitted, there are various combinations. For example, only the fixed code or the rolling code of the unlocking code UC may be sent as described in the first embodiment; the fixed code of the partial unlocking code UC may be sent, plus the encrypted base digital ENSD and the encrypted unlocking code ENFD; or, only the sending The encryption base digital ENSD and the encryption unlock code ENFD; or the encryption unlock code encrypted with the base number and the unlock code. Therefore, preferably, there is a code identification element before each code, so that the electronic lock receiving unit can identify how many codes the received signal contains, and then perform different decoding steps. When the fixed code of the partial unlocking code UC is simultaneously transmitted, and the encrypted base digital ENSD and the encrypted unlocking code ENFD are added, there is an advantage that the unlocking code UC can be decrypted after the unlocking code UC is decrypted, and compared with the fixed code transmitted at the same time. In order to further prevent the pirate from infiltrating the encrypted signal due to noise, the decoding is successful.

Further, in the above embodiment, the advantage of using the dynamic base X in the encryption unlock code is that the base X can make the encryption unlock code different for each transmission regardless of whether it is a count or a random number, and the unlock code is prevented from being Side-by-side for repeated unlocking. That is, the count varies with the number of times the signal is transmitted, in addition to increasing the difficulty of decoding, and can be sent to the decryption end for comparison, in a normal way of defining the gap in the forward direction, preventing the unlock signal from being dubbed and then repeated. To unlock. If the cardinality is a random number, the difficulty of decoding may be increased, and a negative table specification method of repeatedly prohibiting unlocking may be added to the decryption end to prevent the unlocking signal from being repeatedly recorded for unlocking after being recorded. In the example in which the dynamic encryption key KE is generated by using the base number and the unlock code UC is encrypted by the dynamic encryption key KE, and the encrypted unlock code ENFD is sent, it is more difficult to be decoded by the thief.

In summary, the present invention expands the function by using two sets of user-created identification codes, and can provide a hidden multi-function remote electronic lock that is constructed by the user to unlock the password, and provides a user. A remote-controlled electronic lock system that can independently build a security level, and then securely encrypt and transmit the unlock code, can make the security of the entire electronic lock stronger, prevent the unlock code from being stolen, and obtain a kind of purpose that can achieve the above various purposes. Electronic lock system.

The above is only the embodiment of the present invention, and is not intended to limit the scope of the invention, and the equivalent structure or equivalent process transformation of the present invention and the contents of the drawings may be directly or indirectly applied to other related technologies. The fields are all included in the scope of patent protection of the present invention.

100‧‧‧Electronic lock

110‧‧‧Wire receiving unit

120‧‧‧ storage unit

130‧‧‧Processing unit

132‧‧‧ Identification module

134‧‧‧Timekeeping Module

135‧‧‧Security Level Setting Module

136‧‧‧ actuation signal generation module

138‧‧‧ decryption module

139‧‧‧ base comparison module

140‧‧‧Unlocking actuator

150‧‧‧Setting input埠

160‧‧‧ position sensor

170‧‧‧Power Alert Unit

200‧‧‧ unlock controller

210‧‧‧Wireless transmitting unit

220‧‧‧ storage unit

230‧‧‧Control unit

232‧‧‧Power Replacement Confirmation Module

234‧‧‧Base generation module

236‧‧‧Encryption Module

238‧‧‧Control time limit module

240‧‧‧Operator interface

BRIEF DESCRIPTION OF THE DRAWINGS Figure 1 is a schematic view of the components of an electronic lock in accordance with a first embodiment of the present invention. 2 is a schematic diagram of components of an unlocking controller in accordance with a first embodiment of the present invention. 3 is a schematic view of components of an electronic lock in accordance with a second embodiment of the present invention. 4 is a flow chart of an encryption method in accordance with a second embodiment of the present invention. Figure 5 is a block diagram of an unlocking controller in accordance with a second embodiment of the present invention. 6 is a flow chart of a decryption method in accordance with a second embodiment of the present invention.

Claims (22)

An electronic lock system includes an electronic lock having: a setting input port for the user to variably set at least two sets of unlocking identification codes, and at least one of the at least two sets of unlocking identification codes a random number automatically generated by the user by using a computer; a storage unit for storing at least two sets of unlocking identification codes; a wireless receiving unit for wirelessly receiving an unlocking signal; and a processing unit connected to the wireless receiving unit And the storage unit, and comprising: an identification module for identifying the unlocking signal, and comparing whether the at least two sets of unlocking identification codes are met; and an actuation signal generating module for comparing Corresponding to at least two sets of corresponding identification codes, an actuation signal is sent; and an unlocking actuator is used to unlock when receiving the actuation signal. The electronic lock system of claim 1, further comprising a timing module, configured to start timing after receiving the unlocking signal, and the actuation signal generating module correspondingly identifies the at least two groups in a specific time. The action signal is sent when the code is coded. The electronic lock system of claim 2, wherein the processing unit further comprises a security level setting module for changing the length of the specific time or the number of unlocking identification codes to be recognized by the identification module. The electronic lock system of claim 1, wherein at least one of the unlocking identification codes is an unlocking controller identification code, and the unlocking controller identification code is automatically generated by a user using a computer. The electronic lock system of claim 1, wherein one of the at least two unlocking identification codes is a power replacement confirmation code, and wherein the electronic lock further comprises a power warning unit for remaining power At the next specific value, the sleep mode is entered and the stop code signal is stopped, and when the sleep mode is entered, the sleep is stopped only when the power exchange confirmation code is received. The electronic lock system of claim 1, wherein the storage unit stores a keystore, the keystore includes at least one key; and the unlock signal received by the wireless receiving unit includes a base number and the key An encryption unlocking code obtained by encrypting at least one of the unlocking codes; and the processing unit further includes a decryption module, configured to use the key to extract the cardinal number and the At least one of the group unlock codes is for comparison with one of the set of unlock identification codes. The electronic lock system of claim 6, wherein the decryption module further utilizes at least one of the at least one key and the base, generates a dynamic encryption key through an encryption logic, and then uses the dynamic encryption Key, solve the set of unlock codes. The electronic lock system of claim 6, wherein the base is a count, and the processing unit further comprises a base comparison module for comparing the base with the previous unlocked base after decrypting the base Unlocking can only be achieved when the difference is within a certain range of values. The electronic lock system of claim 8, wherein the unlocking signal received by the wireless receiving unit comprises an unlocking controller identification code corresponding to each unlocking controller, and the electronic lock is configured to store a counting library, wherein the recording has Each corresponds to a majority of the counts of the majority of the unlock controllers, and the cardinality compares the base number decrypted by the module with the existing count corresponding to the received controller identification code. The electronic lock system of claim 6 or 9, wherein the key store stores a key corresponding to a different unlocking controller identification code, and first controls the unlocking of the encryption by using an initial key in a key database. The device identification code is decrypted, and after the unlocking controller identification code is obtained, the key corresponding to the unlocking controller identification code is used as a new initial key, and the encrypted unlocking code is subsequently decrypted. The electronic lock system of claim 6, wherein the processing unit further comprises a defense mechanism for causing the electronic lock to enter a sleep when the unlock signal having the same base is continuously received more than a certain number of times or the base number is consecutively incorrectly more than a certain number of times status. The electronic lock system of claim 1, further comprising at least one unlocking controller having: a storage unit storing at least one of the at least two sets of unlocking identification codes; and an emission control unit for An unlocking signal containing at least one of the at least two sets of unlocking identification codes is transmitted to the electronic lock within a specific time. The electronic lock system of claim 12, wherein the unlocking controller further has a power replacement confirmation module for causing the unlocking controller to issue a power replacement confirmation code when being actuated. The electronic lock system of claim 12, wherein the storage unit of the unlock controller stores a keystore, the keystore includes at least one key; the control unit further includes a base generation module and an encryption module The cardinality generating module is configured to generate a cardinality; the cryptographic module is configured to generate a pair of unlocking codes according to the cardinality and at least one of the keys in the keying library. A set of encrypted unlock codes for the wireless transmitting unit to transmit an unlock signal containing the set of encrypted unlock codes. The electronic lock system of claim 14, wherein the encryption module further comprises: at least one dynamic encryption key is generated according to at least one of a key of the key library and the base, and then The dynamic encryption key encrypts the set of unlock codes to generate the encrypted unlock code. The electronic lock system of claim 14, wherein the unlock controller is configured with an unlock controller identifier and is matched with a key in one of the key pools; and wherein the encryption module is different from The initial key of the matched key is encrypted by the unlocking controller identification code, and an encryption controller identification code is generated for transmission, and the key matched by the unlocking controller identification code is used as the unlocking The key to encrypt the code. The electronic lock system of any one of claims 12 to 16, comprising a female unlocking controller and at least one sub-locking controller, wherein the storage unit of the female unlocking controller stores a plurality of unlocking controller identification codes; the sub-unlocking control The device stores at least one of the plurality of unlocking controller identification codes, and the at least one unlocking controller identification code can no longer be assigned to the other sub-unlocking controllers. The electronic lock system of claim 12, wherein the unlocking controller further comprises a control time limiting module for limiting the unlocking controller to be used only for a specified time. A password encryption method, the password is stored in a storage unit, and the storage unit further stores a key database, the key database contains at least one key; the method comprises: obtaining a dynamic base number according to each encryption requirement; Extracting the at least one key to encrypt the base, and generating an encrypted base digital for transmission; and generating a dynamic key according to at least one of the at least one key and the base, and then using the dynamic key The password is encrypted and an encrypted password is generated for transmission. The method of claim 19, wherein one of the keystores is set to an initial key, the method further comprising: using the initial key, for a user selected by the user corresponding to the other gold in the keystore The serial number of the key is encrypted, and an encrypted serial number is output for transmission; and wherein the step of encrypting the base is encrypted by using a key corresponding to the serial number; and the dynamic key uses the corresponding key And at least one of the base numbers is generated. A password decryption method is applied to a device, the device has a storage unit for storing a key database, and the key database contains at least one key; the method comprises: receiving an encrypted dynamic base by encrypting a dynamic base a base code and an encrypted password encrypted by a password; extracting the at least one key, decrypting the encrypted dynamic base digital to obtain the base; using at least one of the base and the at least one key Decrypting a dynamic key; and decrypting the encrypted password using the dynamic key to obtain the password. The method of claim 21, wherein one of the key stores is set as an initial key; and the method further comprises: receiving an encrypted serial number encrypted by a one-to-one serial number; and extracting the initial key, Decrypting the serial number; and wherein the step of decrypting the encrypted base digital number is performed by using a key corresponding to the key in the keystore; and the dynamic key uses the corresponding key and the base At least one of the two is produced.