WO2013134927A1 - Procédé d'émission de clé basée sur la sécurité de couche transport, terminal de lecture de compteur intelligent et serveur - Google Patents

Procédé d'émission de clé basée sur la sécurité de couche transport, terminal de lecture de compteur intelligent et serveur Download PDF

Info

Publication number
WO2013134927A1
WO2013134927A1 PCT/CN2012/072274 CN2012072274W WO2013134927A1 WO 2013134927 A1 WO2013134927 A1 WO 2013134927A1 CN 2012072274 W CN2012072274 W CN 2012072274W WO 2013134927 A1 WO2013134927 A1 WO 2013134927A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
server
random number
meter reading
seed key
Prior art date
Application number
PCT/CN2012/072274
Other languages
English (en)
Chinese (zh)
Inventor
涂校明
Original Assignee
华为终端有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为终端有限公司 filed Critical 华为终端有限公司
Priority to CN201280000277.3A priority Critical patent/CN102742250B/zh
Priority to PCT/CN2012/072274 priority patent/WO2013134927A1/fr
Publication of WO2013134927A1 publication Critical patent/WO2013134927A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Definitions

  • the invention relates to the field of intelligent meter reading, in particular to a key transfer method based on transport layer security, an intelligent meter reading terminal and a server.
  • Background of the invention :
  • the existing smart meter reading system mainly uses the mechanism defined by the SSWG (Smart Specification Working Group) to complete the interaction between the smart meter reading terminal and the energy provider's server.
  • the SSWG currently mainly adopts the Transport Layer Security (TLS) protocol as a specification for data link establishment.
  • TLS Transport Layer Security
  • One of the authentication methods in the TLS protocol uses a Pre-Shared Key as the basis for encryption.
  • the pre-shared key in the TLS protocol is preset, which is not conducive to updating and maintenance, and reduces security.
  • the embodiment of the invention discloses a key transfer method based on the transport layer security, an intelligent meter reading terminal and a server, so that the pre-shared key of the data encryption system based on the transport layer security protocol is dynamically allocated, thereby improving the overall system. Maintainability and safety.
  • the embodiment of the invention discloses a key delivery method based on the security of the transport layer, comprising: the smart meter reading terminal receiving the push message from the first server, the push message containing the first ciphertext, the first ciphertext Obtaining, after the second ciphertext and the second seed key are encrypted by using the first key, the second ciphertext is obtained by encrypting the second seed key by using the second seed key, The first key is generated by the first seed key and the first random number, The first seed key and the first random number are preset on the first server, and the second seed key is generated by the first server;
  • the smart meter reading terminal decrypts the first ciphertext using the first key to obtain the second ciphertext and the second seed key, and decrypts the second secret by using the obtained second seed key Obtaining a second second seed key, where the first key is generated by the first seed key and the first random number, and the first seed key and the first random number are preset in the smart meter reading On the terminal;
  • the second seed key and the first random number are used to encrypt the response normally received by the second seed key, and the response is sent to the First server;
  • the smart meter reading terminal and the first server use the second seed key as a pre-shared key in a transport layer security protocol, and establish a data link between the smart meter reading terminal and the first server. .
  • the embodiment of the invention discloses a smart meter reading terminal, which comprises a processing unit, a storage unit and an uplink communication unit, wherein
  • the storage unit is configured to store a first seed key and a first random number
  • the uplink communication unit is configured to communicate with the first server
  • the processing unit is configured to receive, by the uplink communications unit, a push message from the first server, where the push message includes a first ciphertext, and the first ciphertext uses a first key pair second secret
  • the second ciphertext is obtained by encrypting the second seed key by using the second seed key, and the first key is obtained by the first Generating the seed key and the first random number, the first seed key and the first random number are preset on the first server, and the second seed key is generated by the first server;
  • the processing unit is further configured to read the first seed key and the first random number from the storage unit, and generate the first secret by using the first seed key and the first random number Decrypting the first ciphertext using the first key to obtain the second ciphertext and the second seed key, and decrypting the second ciphertext using the obtained second seed key to obtain a secondary cipher Two seed key;
  • the processing unit is further configured to compare the obtained second seed key and the second second seed key, and if they are the same, use the second seed key and the first random number to encrypt the second seed key to receive the response normally.
  • the processing unit 501 is further configured to store the second seed key in the storage unit, and use the second seed
  • the key is used as a pre-shared key in the transport layer security protocol to establish a data link between the smart meter reading terminal and the first server.
  • the embodiment of the invention further discloses a key delivery method based on the security of the transport layer, comprising: sending, by the first server, a push message to the smart meter reading terminal, where the push message includes a first ciphertext, the first ciphertext Obtaining, after the second ciphertext and the second seed key are encrypted by using the first key, the second ciphertext is obtained by encrypting the second seed key by using the second seed key, The first key is generated by the first seed key and the first random number, and the first seed key and the first random number are preset on the first server, and the second seed key is Is generated by the first server;
  • the first server and the smart meter reading terminal use the second seed key as a pre-shared key in a transport layer security protocol, and establish a data link between the smart meter reading terminal and the first server. .
  • the embodiment of the invention further discloses a server, comprising a processing unit, a storage unit and a first communication unit, wherein
  • the first communication unit is configured to communicate with a smart meter reading terminal
  • the processing unit is configured to generate a second seed key, and send a push message to the smart meter reading terminal by using the first communication unit, where the push message includes a first ciphertext, and the first ciphertext is the
  • the processing unit obtains the second ciphertext and the second seed key by using the first key, and the second ciphertext is obtained by encrypting the second seed key by using the second seed key.
  • the first key is generated by the first seed key and the first random number;
  • the storage unit is configured to store the first seed key and the first random number;
  • the processing unit is further configured to receive, by using the first communication unit, a response that is received by the second seed key of the smart meter reading terminal, and the second seed key is normally received by using the second seed key.
  • the key and the first random number are encrypted.
  • the processing unit is further configured to establish, by using the first communication unit and the smart meter reading terminal, the second seed key as a pre-shared key in a transport layer security protocol, to establish the smart meter reading terminal and the A data link between the servers.
  • the pre-shared key in the TLS protocol can be dynamically allocated in the smart meter reading system, thereby improving the smart meter reading system. Security and maintainability.
  • FIG. 1 is a schematic diagram of a key transfer method based on transport layer security disclosed in an embodiment of the present invention
  • FIG. 2 is a schematic diagram of a method for a server to wake up a smart meter reading terminal according to an embodiment of the present invention
  • FIG. 3 is a schematic diagram of a method for a smart meter reading terminal to wake up a server according to an embodiment of the present invention
  • FIG. 4 is a schematic diagram of a method for updating a seed key according to an embodiment of the present invention
  • FIG. 5 is a schematic structural diagram of a smart meter reading terminal according to an embodiment of the present invention
  • FIG. 6 is a server disclosed in an embodiment of the present invention
  • the smart meter reading terminal described in the embodiments of the present invention includes, but is not limited to, a smart meter reading gateway or a smart meter, such as an intelligent power gateway, a smart meter, a smart water meter or a smart gas meter, etc.; This includes, but is not limited to, the measurement of the measured substance, such as electricity consumption, water consumption, etc., or data including the unit price of the valuation.
  • an embodiment of the present invention provides a key transfer method based on transport layer security, including the following steps:
  • Step 101 The smart meter reading terminal receives the push message from the first server, where the push message includes a first ciphertext, and the first ciphertext uses the first key pair to the second ciphertext and the second seed key. Obtained after the encryption is performed, the second ciphertext is obtained by encrypting the second seed key by using the second seed key, where the first key is a first seed key and a first random number The first seed key and the first random number are preset on the first server, and the second seed key is generated by the first server.
  • the first server may be a server of an energy provider's Head End System (HES), which is mainly used to manage a smart meter reading terminal under its jurisdiction, for example, a power supplier's HES can be used to manage its jurisdiction. Smart power gateway for customers.
  • HES Head End System
  • the storage device can be used to store software or data of the first server at the same time, or can be a specific storage device dedicated to storing the first seed key, such as a special seed key storage chip.
  • the generating, by the first seed key and the first random number, the first key may be, for example, arranging characters of the first seed key and the first random number according to a certain regularity Generating the first key, or generating the first key according to an established algorithm by using the first seed key and the first random number, and the predetermined algorithm may be any existing algorithm. Or an algorithm suitable for these two types of parameters in an algorithm developed after the present invention. However, it is required to ensure that the first server and the smart meter reading terminal are simultaneously configured with the algorithm.
  • the first ciphertext is obtained, and specifically, the first key may be used, according to an established
  • the algorithm encrypts the second ciphertext and the second seed key.
  • the predetermined algorithm may be an algorithm suitable for both types of parameters in any existing algorithm or algorithm developed later in the present invention, but the key supported by the algorithm should include the first key.
  • the algorithm can be the AES256 algorithm in the TLS protocol.
  • the encrypting the second seed key by using the second seed key to obtain the second ciphertext may be performed by using the second seed key according to a predetermined algorithm.
  • the second seed key is encrypted.
  • the predetermined algorithm may be any existing algorithm or an algorithm suitable for this parameter in an algorithm developed after the present invention, but the key supported by the algorithm should include the second seed key.
  • the algorithm can be the AES256 algorithm in the TLS protocol.
  • the algorithm for generating the first ciphertext may be the same as or different from the algorithm for generating the second ciphertext, but should be configured on the first server and the smart meter reading terminal.
  • Step 102 The smart meter reading terminal decrypts the first ciphertext by using the first key to obtain the second ciphertext and the second seed key, and decrypts the second ciphertext by using the second seed key. Obtaining a second second seed key, where the first key is generated by the first seed key and the first random number, where the first seed key and the first random number are preset in the smart meter reading terminal on.
  • the storage device can be used to store software or data of the smart meter reading terminal at the same time, or can be a specific storage device dedicated to storing the first seed key, such as a special seed key storage chip.
  • the generating, by the first seed key and the first random number, the first key may be, for example, arranging the characters of the first seed key and the first random number according to a certain regularity Generating the first key, or generating the first key by using the first seed key and the first random number according to an established algorithm, and the predetermined algorithm may be any existing algorithm Or an algorithm suitable for these two types of parameters in an algorithm developed after the present invention.
  • the first server generates the first key, and the manner in which the smart meter reading terminal generates the first key should be the same.
  • Step 103 If the second seed key is the same as the second second seed key, encrypt the response normally received by the second seed key by using the second seed key and the first random number, and send the response To the first server.
  • Step 104 The smart meter reading terminal and the first server use the second seed key as a pre-shared key in the TLS protocol to establish data between the smart meter reading terminal and the first server. link.
  • the pre-shared key in the TLS protocol can be dynamically allocated by the first server, and the second seed key in the embodiment of the present invention is used as the pre-shared key, thereby improving the adoption pre-emption in the TLS protocol.
  • the method further includes: the smart meter reading terminal generates a second random number, and the second random number is carried in the device installation request message and sent to the first server, where The device installation request message is sent as a short message. Determining, by the first server, whether the sending number of the short message is legal, for example, is the number of the smart meter reading terminal under the jurisdiction of the first server, and if it is legal, generating a third random number, and the second random number The number and the third random number are sent to the smart meter reading terminal through a short message.
  • the smart meter reading terminal verifies the number of the short message sent by the first server and the legality of the second random number, and if it is legal, generates the second key by using the third random number and the first seed key. And encrypting the terminal identification information of the smart meter reading terminal with the second key, and sending the information to the first server.
  • the first server generates a second key by using the third random number and the first seed key, and decrypts the data sent by the smart meter reading terminal with the second key to obtain a terminal of the smart meter reading terminal. Identification information, and verifying the legitimacy of the terminal identification information, if If it is legal, the second seed key is generated.
  • the first server verifies that the number of the short message sent by the smart meter reading terminal is invalid, or the smart table lookup terminal verifies that the first server sends the number of the short message or returns a second random number. If any one is illegal, all information interactions can be terminated.
  • the method may further include: before the step 101, the smart meter reading terminal generates the first key by using the first random number and the first seed key, using the first key
  • the terminal identification information of the smart meter reading terminal is encrypted and carried in a device installation request message sent to the first server.
  • the first server generates the first key by using the first random number and the first seed key, and decrypts the data sent by the smart meter reading terminal with the first key to obtain the smart copy
  • the terminal identification information of the terminal is verified, and the validity of the terminal identification information is verified. If the terminal is legal, the second seed key is generated.
  • the terminal identification information may be IMEI (International Mobile Equipment Identity, International Mobile Equipment Identity) of the terminal, IMSI (International Mobile Subscriber Identification Number , only the second international mobile subscriber code 1 J) and MAC (Media At least one of the Access Control, Media Access Control) addresses.
  • IMEI International Mobile Equipment Identity, International Mobile Equipment Identity
  • IMSI International Mobile Subscriber Identification Number , only the second international mobile subscriber code 1 J
  • MAC Media At least one of the Access Control, Media Access Control
  • the first server verifies that the terminal identification information of the smart meter reading terminal is invalid, the first key may be used to encrypt the response of the authentication failure and sent to the smart meter reading terminal.
  • the first key may be used for encryption and decryption, and the The second seed key and the first random number generate a third key, and the third key is used for encryption and decryption.
  • the second random number and the third random number are exchanged between the smart meter reading terminal and the first server before the step 101, the second key may be used for encryption and decryption.
  • the smart meter reading terminal may send a second seed key request to the first server.
  • the second seed key request message may be encrypted or decrypted using the first key, or if the second is exchanged between the smart meter reading terminal and the first server before the step 101
  • the random number and the third random number may also be encrypted and decrypted using the second key or the sixth key.
  • the second sub-key request message may limit the maximum number of transmissions, for example, 2 times, to avoid meaningless repetition.
  • the first seed key and the first random number are preset in the smart meter reading terminal and the first server. This preset can be done during the production of the smart meter reading terminal.
  • the first seed key and the first random number may be obtained by the smart meter reading terminal from a second server and stored in a memory of the smart meter reading terminal.
  • the second server is a server of the manufacturer of the smart meter reading terminal.
  • the first seed key and the first random number may be generated by the second server, and the smart meter reading terminal acquires the first seed from the second server.
  • the key specificity may be: the smart meter reading terminal reports the terminal identification information to the second server; the smart meter reading terminal receives the first seed key and the first random number from the second server, The first seed key is generated by the terminal identification information.
  • the first seed key and the first random number may be generated by a first key server.
  • the smart meter reading terminal may obtain the first seed key and the first random number from the second server, where the smart meter reading terminal reports the terminal identity information to the second server.
  • the second server sends the terminal identification information reported by the smart meter reading terminal Forwarding to the first key server, and writing the first seed key and the first random number delivered by the first key server to the smart meter reading terminal, where the smart meter reading terminal
  • the second server receives the first seed key and the first random number.
  • the second random number is generated by the first key server.
  • the first key server may only generate the first seed key, and the second server generates the first random number.
  • the first key server may be a server controlled by an energy provider that subscribes to the batch of smart meter reading terminals.
  • the first seed key and the first random number need to be imported into the first server. If the first seed key and the first random number are directly generated by the second server, or generated by a first key server controlled by a manufacturer of the smart meter reading terminal, The controller of the second server, that is, the manufacturer of the smart meter reading terminal, needs to transmit the first seed key to the manager of the first server, optionally, may also constitute the first seed.
  • the terminal identification information of the smart meter reading terminal of the key is also transmitted to the manager of the first server, and the manager of the first server imports the first server. The transmission may be performed by any one of the data transmission methods, and the present invention is not limited thereto.
  • the first seed key is generated by a dedicated first key server, and the first key server is a server controlled by an energy provider who subscribes to the batch smart meter reading terminal, it can be understood
  • the first key server is the same entity as the administrator of the first server, that is, an energy provider. At this time, the energy provider needs to import the first key from the first key server to the first server.
  • the first key server and the first server may also be the same server, but this embodiment does not recommend this practice for security reasons.
  • the terminal identity identification information of the smart meter reading terminal constituting the first seed key may also be imported into the first server.
  • the process of acquiring the first seed key from the second server by the smart meter reading terminal is completed in the production process of the smart meter reading terminal.
  • the method further includes: sending, by the second server, the smart meter reading terminal to query the smart meter reading terminal Request for terminal identification information. If the first seed key is generated by the first key server, the method may further include: the second server requesting the first key server to deliver the first seed key, The first key server requests the second server to report the terminal identity identification information of the corresponding smart meter reading terminal.
  • the second server may further send the first random number to the first key server.
  • the method further includes: sending, by the smart meter reading terminal, the first seed key and the The response of the first random number successfully written.
  • the smart meter reading terminal interacts with the first server (ServerHdlo) message and the terminal call (ClientHdlo) message to negotiate an algorithm set.
  • the algorithm set may be AES256.
  • the smart meter reading terminal uses the second seed key as a preset key, sends a client key exchange (ClientKeyExchange) message to the first server, and uses the second seed key as a preset key
  • the key generates a session key (Session Key) and sends an ExchangClipherSpec message to the first server to notify the first server to start encrypting and decrypting using the session key.
  • the first server changes its own security state to perform symmetric encryption using the session key, and sends an ExchangClipherSpec message to the smart meter reading terminal. Thereafter, the exchanged data is encrypted and decrypted by the first server and the smart meter reading terminal using the session key until the data exchange is completed.
  • step 104 is only an example of a single ticket.
  • PSK Algorithm for TLS (“PSK Ciphersuites for TLS", December 2005) published in December 2005.
  • the representation of the PSK key exchange algorithm and related parts The application of the present invention is not described in detail herein.
  • the first server and the smart meter reading terminal do not always maintain data links.
  • one end is needed to wake up the other end.
  • the smart meter reading terminal is awakened by the first server, or by the smart The meter reading terminal wakes up the first server.
  • Two optional wake-up modes are described below. If the smart meter reading terminal is awakened by the first server, reference may be made to FIG. 2.
  • Step 202 The smart meter reading terminal verifies the validity of the sending number of the short message, and if it is legal, encrypts the smart by using one of the third key, the fourth key or the fifth key.
  • the terminal identification information of the meter reading terminal and the fourth random number are sent to the first server as a response to the wake-up message, so that the first server verifies the smart meter reading terminal.
  • the response can be sent as a push message.
  • the verifying, by the first server, the smart meter reading terminal may be: the first server uses one of the third key, the fourth key, or the fifth key (should be the smart The same one of the encryption keys of the meter reading terminal decrypts the terminal identification information and the fourth random number, and verifies the terminal identification information and the legality of the fourth random number.
  • the interaction may be terminated directly.
  • Step 301 The smart meter reading terminal uses one of the third key, the fourth key, or the fifth key to encrypt the service that needs to be reported, and sends the service to the first server.
  • the first server Decrypting using one of the third key, the fourth key, or the fifth key (which should be the same as the encryption key of the smart meter reading terminal) to obtain the reported service.
  • the reported service may be, for example, the power consumption of the month.
  • Step 302 The smart meter reading terminal receives a wake-up reason code sent by the first server, where the wake-up reason code is one of the third key, the fourth key, or the fifth key used by the first server. Encrypted.
  • Step 303 The smart meter reading terminal decrypts using one of the third key, the fourth key or the fifth key (should be the same one as the encryption key of the smart meter reading terminal)
  • the reason code is awakened to confirm that the reported service is correctly received by the first server.
  • the wake reason code is a reason code corresponding to the reported service.
  • the smart meter reading terminal may report the service data to the first server by using a wake-up manner.
  • the reporting may be performed immediately after the first server wakes up the smart meter reading terminal, or may be performed within a predetermined period of time.
  • a TLS link can also be established for delivery if needed.
  • the way to establish a TLS link can use the TLS standard protocol for TLS link recovery. The embodiments of the present invention are not described in detail herein.
  • the process of updating the seed key is described below. It can be understood that in the embodiment of the present invention, the seed key can be updated at any time.
  • the embodiment of the present invention recommends that in the step 103 of the method flow shown in FIG. 1, after the TLS link is established, the seed key is updated.
  • the specific update manner may be that the first server generates a third seed key, and delivers the third seed key to the smart meter reading terminal through a TLS link.
  • the smart meter reading terminal is to the first The server responded successfully that the seed key was received.
  • the TLS link between the first server and the smart meter reading terminal is disconnected, and the TLS link is established again using the third seed key.
  • the smart meter reading terminal and the first server may establish a TLS link by using the second seed key, where the smart meter reading terminal The first server requests the third seed key and then retry to establish a TLS link using the third seed key.
  • one of the third key, the fourth key, or the fifth key used in the above-described wakeup process should be replaced with the third seed key.
  • a method for updating a seed key disclosed in the embodiment of the present invention can refer to FIG. 4. It should be noted that, in this embodiment, the updated seed key is represented by the fourth seed key, and the current seed key of the smart meter reading terminal is represented by the third seed key, but the illustrated update process is not indicated. It must be the first key update of the smart meter reading terminal in use.
  • the seed key update procedure of the embodiment of the present invention can be applied to any update of the seed key.
  • the update of the seed key is initiated by the first server. When the first server detects the set conditional achievement of updating the seed key of the smart meter reading terminal, the seed key update process is initiated.
  • Step 401 The first server requests a second seed key from the second key server, where the request includes the identity identification information of the smart meter reading terminal that needs to use the fourth seed key.
  • the identity identification information may be at least one of an IMEI, an IMSI, and a MAC address of the terminal.
  • Step 402 The first server receives a fourth seed key delivered by the second key server.
  • the fourth seed key is generated by the terminal identification information.
  • Step 403 The first server wakes up the smart meter reading terminal.
  • the chronological order of the step 403 and the step 401 and the step 402 may not be limited.
  • the reason code may be to notify the smart meter reading terminal to perform seed key update.
  • Step 404 The first server establishes a communication connection with the smart meter reading terminal by using a third seed key.
  • Step 405 The first server sends the fourth seed key to the smart meter reading terminal. After the smart meter reading terminal acquires the fourth seed key, the fourth seed key is stored.
  • Step 406 The first server receives a response from the fourth meter key of the smart meter reading terminal.
  • the first server may establish a TLS link with the smart meter reading by using the third seed key, and send the TLS link to the smart meter reading terminal. Resending the fourth seed key and then retrying to establish a TLS link using the fourth seed key.
  • the third seed key may continue to be used until the next time the seed key is updated. Alternatively, you can repeat the update process periodically until the update is successful.
  • first server may be the same server as the second key server, or may be a different server. If it is the same server, the flow shown in Figure 4 is the internal communication flow of the server.
  • the embodiment of the present invention recommends that the two servers be separated, but all are under the management of an energy provider. It can be understood that the foregoing first key server and the second key server may be different key servers, or may be the same key server.
  • the seed key of the smart meter reading terminal can be remotely updated.
  • This convenient, energy-controlled seed key update method, and can dynamically update the seed key is conducive to improving the security of the system.
  • the first server sends a fifth random number to the smart meter reading terminal, and the smart meter reading terminal sends a sixth random number to the first server.
  • one of the third key, the fourth key, or the fifth key used should be replaced with one of the current seed key and the key generated by the fifth or sixth random number. .
  • the fifth or sixth random number may be the same random number. If the fifth or sixth random number is different, the message sent by the first server is encrypted by using the current seed key and the key generated by the sixth random number, and the message sent by the smart meter reading terminal is used. Encryption is performed using the current seed key and the key generated by the fifth random number. It can be understood that the first server and the smart meter reading terminal update the fifth and sixth random numbers before the TLS link is disconnected again.
  • the first, second, third, and fourth seed keys may be 64 bits, and the first, second, third, and fourth random numbers may be 16 bits, the fifth and sixth random numbers, may be 32 bits.
  • the encryption and decryption key of the wake-up process can be dynamically updated, further increasing the security of the system.
  • the embodiment of the invention also discloses a smart meter reading terminal.
  • the structure of the smart meter reading terminal is shown in Figure 5.
  • the smart meter reading terminal can be used in the foregoing method embodiments, and the functions not described in the device embodiment part can be referred to the method embodiment part.
  • the smart meter reading terminal includes a processing unit 501, a storage unit 502, and an upstream communication unit 503.
  • the storage unit 502 is configured to store the first seed key and the first random number.
  • the uplink communication unit 503 is configured to communicate with the first server.
  • the processing unit 501 is configured to receive, by using the uplink communications unit 503, a push message from the first server, where the push message includes a first ciphertext, and the first ciphertext is a first key pair.
  • generating, by the first random number, the first seed key and the first random number are preset on the first server, and the second seed key is generated by the first server.
  • the processing unit 501 is further configured to read the first seed key and the first random number from the storage unit 502, and generate the first number by using the first seed key and the first random number. Decrypting the first ciphertext using the first key to obtain the second ciphertext and the second seed key, and decrypting the second ciphertext using the obtained second seed key Sub-second seed key.
  • the processing unit 501 is further configured to compare the obtained second seed key and the second second seed key, if the same, use the second seed key and the first random number to encrypt the second seed key to be normally received. In response, the response is sent to the first server through the upstream communication unit 503.
  • the processing unit 501 is further configured to store the second seed key in the storage unit 502, and use the second seed key as a pre-shared key in a transport layer security protocol to establish the smart A data link between the meter reading terminal and the first month server.
  • the smart meter reading terminal may verify the identity of the first server before updating the second seed key.
  • the processing unit 501 is further configured to generate a second random number, and the second random number is carried in the device installation request message by the uplink communication unit 503, and sent to the first server, where the device installation request is sent. The message is sent as a short message.
  • the processing unit 501 is further configured to receive, by using the uplink communication unit 503, a short message from the first server, where the short message carries the second random number and a third random number, where the third random number The number is generated by the first server.
  • the processing unit 501 is further configured to verify that the first server sends the number of the short message and the validity of the second random number, and if it is legal, generate the third random number and the first seed key. And a second key, the terminal identification information of the smart meter reading terminal is encrypted by the second key, and sent to the first server by the uplink communication unit 503.
  • processing unit 501 is further configured to use the first random number and the first seed key Generating the first key, encrypting the terminal identification information of the smart meter reading terminal with the first key, and carrying the information in the device installation request message to the first server by using the uplink communication unit 503 .
  • the smart meter reading terminal is further configured to update the second seed key during the installation process
  • the processing unit 501 is further configured to use the uplink communication unit 503 to establish a transmission with the first server.
  • the layer secure link receives a third seed key from the first server, the third seed key being generated by the first server.
  • the processing unit 501 is further configured to respond to the first server by using the uplink communication unit 503 to successfully receive the seed key.
  • the processing unit 501 is further configured to generate a fifth random number, and send the fifth random number to the first server by using the uplink communication unit 503.
  • the processing unit 501 is further configured to receive a sixth random number from the first server by using the uplink communication unit 503, and store the fifth random number and the sixth random number to the storage unit 502.
  • the processing unit 501 is further configured to establish, by using the third seed key, a transport layer secure link between the smart meter reading terminal and the first server by using the uplink communication unit 503, if successful, Before the transport layer secure link is opened, the fifth random number is updated, and the updated fifth random number is sent to the first server by using the uplink communication unit 503.
  • the processing unit 501 is further configured to receive, by the uplink communication unit 503, an updated sixth random number from the first server, and the third seed key and the updated fifth random number, the sixth random number. The number is stored in the storage unit 502.
  • the smart meter reading terminal is further configured to wake up the first server, and the processing unit 501 is further configured to use the third seed key and the key generated by the fifth random number to encrypt the report that needs to be reported.
  • the service is sent to the first server by the uplink communication unit 503.
  • the processing unit 501 is further configured to receive, by using the uplink communication unit 503, a wake-up reason code sent by the first server, where the wake-up reason code is that the first server uses the third seed key and the first Six random numbers generated by the key are encrypted.
  • the processing unit 501 is further configured to obtain, by using the third seed key and the key generated by the sixth random number, the wake-up reason code, where the wake-up original is obtained.
  • the code is the reason code with the reported service response.
  • the smart meter reading terminal is further awake by the first server, and the processing unit 501 is further configured to receive, by using the uplink communication unit 503, a wakeup message from the first server, where the wakeup The message carries a fourth random number, and the wake-up message is sent by means of a short message.
  • the processing unit 501 is further configured to verify validity of the sending number of the short message, and if valid, encrypt the smart meter reading terminal by using the third seed key and the key generated by the fifth random number.
  • the terminal identification information and the fourth random number are sent to the first server by the uplink communication unit 503 as a response to the wake-up message.
  • the processing unit 501 is further configured to receive, by using the uplink communication unit 503, a wake-up reason code sent by the first server, where the wake-up reason code is that the first server uses the third seed key and the first Six random numbers generated by the key are encrypted.
  • the processing unit 501 is further configured to obtain the wake-up reason code by using the third seed key and the key generated by the sixth random number.
  • the smart meter reading terminal may further update the seed key during use.
  • the processing unit 501 is further configured to establish, by using the uplink communication unit 503, the transport layer security link with the first server by using the third seed key.
  • the processing unit 501 is further configured to receive a fourth seed key from the first server by using the uplink communication unit 503, and send a fourth seed key to the first server by using the uplink communication unit 503.
  • the fourth seed key is generated by the terminal identification information.
  • the processing unit 501 is further configured to establish, by using the fourth seed key, a transport layer secure link between the smart meter reading terminal and the first server by using the uplink communication unit 503, if successful, Before the transport layer secure link is disconnected, the fifth random number is updated, and the updated fifth random number is sent to the first server by the uplink communication unit 503.
  • the processing unit 501 is further configured to receive, by the uplink communication unit 503, an updated sixth random number from the first server, and send the fourth seed key and the updated fifth random number, the sixth random number.
  • the number is stored in the storage unit 502. It can be understood that the smart meter reading terminal can be a power gateway.
  • the embodiment of the invention also discloses a server.
  • the structure of the server is shown in Figure 6.
  • the server includes a processing unit 601, a storage unit 602, and a first communication unit 603.
  • the first communication unit 603 is for communicating with a smart meter reading terminal.
  • the processing unit 601 is configured to generate a second seed key, and send a push message to the smart meter reading terminal by using the first communication unit 603, where the push message includes a first ciphertext, and the first ciphertext is The processing unit 601 obtains the second ciphertext and the second seed key by using the first key, and the second ciphertext is to use the second seed key to the second seed key. Obtained, the first key is generated by the first seed key and the first random number.
  • the storage unit 602 is configured to store the first seed key and the first random number.
  • the processing unit 601 is further configured to receive, by using the first communication unit 603, a response that is received by the second seed key of the smart meter reading terminal, and the second seed key receives the response normally by using the second The seed key and the first random number are encrypted.
  • the processing unit 601 is further configured to establish, by using the first communication unit 603 and the smart meter reading terminal, the second seed key as a pre-shared key in a transport layer security protocol, to establish the smart meter reading terminal. A data link with the server.
  • the legality of the smart meter reading terminal may also be verified before the second seed key is allocated.
  • the processing unit 601 is further configured to receive, by using the first communication unit 603, a device installation request message from the smart meter reading terminal, where the device installation request message includes a second random number, and the device installation request message is As the short message is sent, the second random number is generated by the smart meter reading terminal.
  • the processing unit 601 verifies whether the sending number of the short message is legal. If it is legal, generates a third random number, and passes the second random number and the third random number to the first communication unit 603. The short message is sent to the smart meter reading terminal.
  • the processing unit 601 receives, by the first communication unit 603, the smart meter reading terminal End terminal identification information, the terminal identification information is encrypted by using the third random number and the second key generated by the first seed key.
  • the processing unit 601 generates a second key by using the third random number and the first seed key, and decrypts the data sent by the smart meter reading terminal with the second key to obtain the terminal of the smart meter reading terminal. And identifying the legality of the terminal identification information, and if so, generating the second seed key.
  • the processing unit 601 receives, by the first communication unit 603, a device installation request message from the smart meter reading terminal, where the device installation request message carries terminal identity identification information, and the terminal identity identification information Encrypted using the first key generated by the first random number and the first seed key.
  • the processing unit 601 generates the first key by using the first random number and the first seed key, and decrypts the data sent by the smart meter reading terminal with the first key to obtain the smart copy
  • the terminal identification information of the terminal is verified, and the validity of the terminal identification information is verified. If the terminal is legal, the second seed key is generated.
  • the server may deliver a new seed key during the installation of the smart meter reading terminal.
  • the processing unit 601 After the processing unit 601 establishes a secure link through the transport layer between the first communication unit 603 and the smart meter reading terminal, the processing unit 601 generates a third seed key, and passes the first communication. The unit 603 sends the third seed key to the smart meter reading terminal.
  • the processing unit 601 receives a seed key receiving success response from the smart meter reading terminal; before the transport layer secure link is disconnected, the processing unit 601 generates a fifth random number, and passes the first communication
  • the unit 603 sends the fifth random number to the smart meter reading terminal, and the processing unit 601 further passes the first communication unit 603 and receives a sixth random number from the smart meter reading terminal, where the processing unit
  • the 601 is further configured to store the fifth random number and the sixth random number into the storage unit 602.
  • the processing unit 601 is further configured to establish, by using the third seed key, a transport layer secure link with the server by using the first communication unit 603, and if successful, disconnecting the transport layer secure link
  • the processing unit 601 generates an updated fifth random number, and sends the updated fifth random number to the smart meter reading terminal by using the first communication unit 603, where the processing is performed.
  • the unit 601 also passes the first communication unit 603 and receives an updated sixth random number from the smart meter reading terminal, and the processing unit 601 is further configured to use the third seed key and the updated The five random numbers and the updated sixth random number are stored in the storage unit 602.
  • the server may further wake up the smart meter reading terminal, and the processing unit 601 is further configured to send, by using the first communication unit 603, a wakeup message to the smart meter reading terminal, where the wakeup message carries There is a fourth random number, the wake-up message is sent by means of a short message; the processing unit 601 is further configured to receive, by the first communication unit 603, a wake-up message response from the smart meter reading terminal, the wake-up message The response is that the smart meter reading terminal encrypts the terminal identification information of the smart meter reading terminal and the fourth random number by using the third seed key and the key generated by the fifth random number;
  • the processing unit 601 is further configured to decrypt the wake-up message response by using the third seed key and the key generated by the fifth random number, and perform the terminal identification information and the fourth random number. If the card passes, generating a wake-up reason code, and sending, by the first communication unit 603, a wake-up reason code to the smart meter reading terminal, where the wake-up reason code is that the processing unit 601 uses the third The seed key and the key generated by the sixth random number are encrypted.
  • the server may update the seed key of the smart meter reading terminal by using a wake-up manner, and the wake-up reason code is a seed key update notification.
  • the processing unit 601 establishes a transport layer secure link with the smart meter reading terminal by using the third seed key by the first communication unit 603; the processing unit 601 generates a fourth seed key, and passes the The first communication unit 603 sends the fourth seed key to the smart meter reading terminal, where the fourth seed key is generated by the terminal identity identification information; the processing unit 601 passes the first communication Unit 603 receives a response from the smart meter reading terminal that the fourth seed key was successfully received.
  • the processing unit 601 is further configured to establish, by using the fourth seed key, the transport layer secure link between the smart meter reading terminal and the smart meter reading terminal, and if successful, disconnect Before the transport layer secure link, the processing unit 601 generates an updated fifth random number, and sends the updated fifth random to the smart meter reading terminal by using the first communication unit 603.
  • the processing unit 601 further passes the first communication unit 603 and receives an updated sixth random number from the smart meter reading terminal, and the processing unit 601 is further configured to use the fourth seed key and The updated fifth random number and the updated sixth random number are stored in the storage unit 602.
  • the second communication unit 604 may be further included to communicate with the second key server.
  • the processing unit 601 is further configured to request, by the second communication unit 604, a fourth seed key to the second key server, where the request includes the identity of the smart meter reading terminal that needs to use the fourth seed key.
  • the processing unit 601 is further configured to receive, by using the second communication unit 604, a fourth seed key that is sent by the second key server.
  • the server is further awake by the smart meter reading terminal, and the processing unit 601 is further configured to receive the reported service from the smart meter reading terminal, where the reported service uses a third seed.
  • the key and the key generated by the fifth random number are encrypted; the processing unit 601 is further configured to decrypt the reported service by using a third seed key and a key generated by the fifth random number, and generate Wake up the reason code, send, by the first communication unit 603, a wake-up reason code to the smart meter reading terminal, where the wake-up reason code is that the first server uses the third seed key and the sixth random number
  • the generated key is encrypted.
  • the seed key and the random number can be dynamically allocated to the smart meter reading terminal, thereby effectively improving the security of the system.
  • the first communication unit 603 can be a wireless communication unit, such as a GPRS unit, or a 3G or 4G communication unit, and its communication mode should correspond to the uplink communication unit 303 of the smart meter reading terminal.
  • the second communication unit 604 can be a wired or wireless communication unit.
  • the server is the first server referred to in the above method and apparatus embodiment, which may be, for example, an energy provider's HES server.
  • the invention can be implemented by means of software plus a necessary general hardware platform, and of course also by hardware, but in many cases the former is a better implementation.
  • the computer software product is stored in a readable storage medium, such as a floppy disk, a hard disk or an optical disk of a computer, and includes a plurality of instructions for causing a computer device (which may be a personal computer)
  • the server, or network device, etc. performs the methods described in various embodiments of the present invention.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)
  • Arrangements For Transmission Of Measured Signals (AREA)
  • Storage Device Security (AREA)
  • Selective Calling Equipment (AREA)

Abstract

Des modes de réalisation de la présente invention concernent le domaine de la lecture de compteur intelligent, et plus particulièrement un procédé d'émission de clé basée sur la sécurité de couche transport, un terminal de lecture de compteur intelligent et un serveur. Le procédé comporte : la réception par un terminal de lecture de compteur intelligent d'un message push depuis un premier serveur, le message push contenant un premier cryptogramme, le premier cryptogramme étant obtenu en cryptant un deuxième cryptogramme et un deuxième sous-indicatif à l'aide d'une première clé, et le deuxième cryptogramme étant obtenu en cryptant le deuxième sous-indicatif à l'aide du deuxième sous-indicatif ; l'utilisation de la première clé pour décrypter le premier cryptogramme pour obtenir le deuxième cryptogramme et le deuxième sous-indicatif, et l'utilisation du deuxième sous-indicatif obtenu pour décrypter le deuxième cryptogramme pour obtenir un deuxième sous-indicatif subsidiaire ; si le deuxième sous-indicatif est identique au deuxième sous-indicatif subsidiaire, l'utilisation du deuxième sous-indicatif et d'un premier nombre aléatoire pour crypter une réponse indiquant que le deuxième sous-indicatif a été reçu correctement, et l'envoi de la réponse au premier serveur ; et l'utilisation du deuxième sous-indicatif comme clé pré-partagée dans le protocole de sécurité de la couche transport, et l'établissement d'une liaison de données entre le terminal de lecture de compteur intelligent et le premier serveur.
PCT/CN2012/072274 2012-03-13 2012-03-13 Procédé d'émission de clé basée sur la sécurité de couche transport, terminal de lecture de compteur intelligent et serveur WO2013134927A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201280000277.3A CN102742250B (zh) 2012-03-13 2012-03-13 基于传输层安全的密钥传递方法、智能抄表终端及服务器
PCT/CN2012/072274 WO2013134927A1 (fr) 2012-03-13 2012-03-13 Procédé d'émission de clé basée sur la sécurité de couche transport, terminal de lecture de compteur intelligent et serveur

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2012/072274 WO2013134927A1 (fr) 2012-03-13 2012-03-13 Procédé d'émission de clé basée sur la sécurité de couche transport, terminal de lecture de compteur intelligent et serveur

Publications (1)

Publication Number Publication Date
WO2013134927A1 true WO2013134927A1 (fr) 2013-09-19

Family

ID=46995197

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/072274 WO2013134927A1 (fr) 2012-03-13 2012-03-13 Procédé d'émission de clé basée sur la sécurité de couche transport, terminal de lecture de compteur intelligent et serveur

Country Status (2)

Country Link
CN (1) CN102742250B (fr)
WO (1) WO2013134927A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109756526A (zh) * 2017-11-01 2019-05-14 杭州沃朴物联科技有限公司 基于区块链技术的鸡养殖追溯系统及方法
CN114286331A (zh) * 2021-12-03 2022-04-05 国网浙江省电力有限公司宁波供电公司 适用于电力物联网5g数据终端的身份认证方法及系统

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104283675A (zh) * 2013-07-10 2015-01-14 中兴通讯股份有限公司 集中器、电表及其消息处理方法
CN104239783A (zh) 2014-09-19 2014-12-24 东软集团股份有限公司 一种特定信息安全输入系统及方法
CN105704101B (zh) * 2014-11-27 2019-10-18 华为技术有限公司 一种用于推送消息的方法及设备
CN108183553B (zh) * 2015-09-15 2021-04-06 宁夏隆基宁光仪表股份有限公司 一种数据测试和采集监控装置、智能电网及其用户端
CN107767568A (zh) * 2017-09-26 2018-03-06 新智数字科技有限公司 一种燃气计量表数据交互方法及装置
CN108183795A (zh) * 2017-12-29 2018-06-19 新开普电子股份有限公司 一卡通密钥管理方法
CN109995739B (zh) * 2018-01-02 2021-06-15 中国移动通信有限公司研究院 一种信息传输方法、客户端、服务器及存储介质
CN108712390B (zh) * 2018-04-23 2021-08-31 深圳和而泰数据资源与云技术有限公司 数据处理方法、服务器、智能设备及存储介质
CN110401530A (zh) * 2019-07-25 2019-11-01 金卡智能集团股份有限公司 一种燃气表的安全通信方法、系统、设备和存储介质
CN110430218B (zh) * 2019-08-23 2021-08-13 深圳数联天下智能科技有限公司 数据传输安全控制方法及装置、计算机设备和物联网系统
CN110636392B (zh) * 2019-09-23 2021-12-10 宁波三星医疗电气股份有限公司 抄表方法、电力采集终端及电表
CN114124160B (zh) * 2021-10-29 2023-03-28 宁波三星智能电气有限公司 适用于plc载波安全的一表一psk适配方法

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1620005A (zh) * 2003-11-18 2005-05-25 华为技术有限公司 一种安全发送传输密钥的方法
CN101360101A (zh) * 2008-09-09 2009-02-04 宁波三星电气股份有限公司 远程抄表系统的数据传输方法
CN101581591A (zh) * 2008-12-30 2009-11-18 无锡虹叶腾文电子科技有限公司 煤气远程抄表系统

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5638442A (en) * 1995-08-23 1997-06-10 Pitney Bowes Inc. Method for remotely inspecting a postage meter
US6192473B1 (en) * 1996-12-24 2001-02-20 Pitney Bowes Inc. System and method for mutual authentication and secure communications between a postage security device and a meter server
CN101677269B (zh) * 2008-09-17 2012-01-25 比亚迪股份有限公司 密钥传输的方法及系统

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1620005A (zh) * 2003-11-18 2005-05-25 华为技术有限公司 一种安全发送传输密钥的方法
CN101360101A (zh) * 2008-09-09 2009-02-04 宁波三星电气股份有限公司 远程抄表系统的数据传输方法
CN101581591A (zh) * 2008-12-30 2009-11-18 无锡虹叶腾文电子科技有限公司 煤气远程抄表系统

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109756526A (zh) * 2017-11-01 2019-05-14 杭州沃朴物联科技有限公司 基于区块链技术的鸡养殖追溯系统及方法
CN114286331A (zh) * 2021-12-03 2022-04-05 国网浙江省电力有限公司宁波供电公司 适用于电力物联网5g数据终端的身份认证方法及系统
CN114286331B (zh) * 2021-12-03 2023-09-12 国网浙江省电力有限公司宁波供电公司 适用于电力物联网5g数据终端的身份认证方法及系统

Also Published As

Publication number Publication date
CN102742250B (zh) 2015-01-28
CN102742250A (zh) 2012-10-17

Similar Documents

Publication Publication Date Title
WO2013134927A1 (fr) Procédé d'émission de clé basée sur la sécurité de couche transport, terminal de lecture de compteur intelligent et serveur
US9015065B2 (en) Method, system, and device for implementing network banking service
CN105050081B (zh) 网络接入设备接入无线网络接入点的方法、装置和系统
JP5123209B2 (ja) モバイルネットワークに基づくエンドツーエンド通信での認証の方法、システム、および認証センタ
US8107630B2 (en) Apparatus and method for managing stations associated with WPA-PSK wireless network
CN101772024B (zh) 一种用户身份确定方法及装置和系统
US11736304B2 (en) Secure authentication of remote equipment
WO2010064666A1 (fr) Système de distribution de clef
US20070089163A1 (en) System and method for controlling security of a remote network power device
JP2016082597A (ja) セキュアセッションの確立と暗号化データ交換のためのコンピュータ利用システム及びコンピュータ利用方法
TWI581599B (zh) 金鑰生成系統、資料簽章與加密系統和方法
KR20200044117A (ko) 디지털 인증서 관리 방법 및 장치
WO2012083828A1 (fr) Procédé, station de base et système de mise en œuvre de trafic d'acheminement local
CN102685739B (zh) 安卓企业应用的鉴权方法及系统
CN103533539A (zh) 虚拟sim卡参数管理方法及装置
EP2843873B1 (fr) Procédé, dispositif et système d'application automatique de certificat numérique
CN108769986A (zh) 一种gprs远传燃气表加密通信方法
WO2015003512A1 (fr) Concentrateur, ampèremètre et procédé de traitement de messages associé
CN109962781B (zh) 一种数字证书分发装置
WO2009074092A1 (fr) Procédé et système allégés d'authentification d'accès
KR20190040443A (ko) 스마트미터의 보안 세션 생성 장치 및 방법
CN114422118A (zh) 一种工业控制器多播通讯密钥分发方法及系统
WO2010127545A1 (fr) Procédé de gestion et d'utilisation d'un certificat d'utilisateur et terminal mobile
KR20130051636A (ko) M2m 환경에서의 상호 인증 및 보안 방법
CN104539428B (zh) 一种集群加密通信中动态重组方法

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 201280000277.3

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12871592

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12871592

Country of ref document: EP

Kind code of ref document: A1